Visible to the public Biblio

Filters: Author is Zheng, G.  [Clear All Filters]
2019-02-14
Nateghi, S., Shtessel, Y., Barbot, J., Zheng, G., Yu, L..  2018.  Cyber-Attack Reconstruction via Sliding Mode Differentiation and Sparse Recovery Algorithm: Electrical Power Networks Application. 2018 15th International Workshop on Variable Structure Systems (VSS). :285-290.
In this work, the unknown cyber-attacks on cyber-physical systems are reconstructed using sliding mode differentiation techniques in concert with the sparse recovery algorithm, when only several unknown attacks out of a long list of possible attacks are considered non-zero. The approach is applied to a model of the electric power system, and finally, the efficacy of the proposed techniques is illustrated via simulations of a real electric power system.
2018-02-06
Eslami, M., Zheng, G., Eramian, H., Levchuk, G..  2017.  Anomaly Detection on Bipartite Graphs for Cyber Situational Awareness and Threat Detection. 2017 IEEE International Conference on Big Data (Big Data). :4741–4743.

Data from cyber logs can often be represented as a bipartite graph (e.g. internal IP-external IP, user-application, or client-server). State-of-the-art graph based anomaly detection often generalizes across all types of graphs — namely bipartite and non-bipartite. This confounds the interpretation and use of specific graph features such as degree, page rank, and eigencentrality that can provide a security analyst with rapid situational awareness of their network. Furthermore, graph algorithms applied to data collected from large, distributed enterprise scale networks require accompanying methods that allow them to scale to the data collected. In this paper, we provide a novel, scalable, directional graph projection framework that operates on cyber logs that can be represented as bipartite graphs. This framework computes directional graph projections and identifies a set of interpretable graph features that describe anomalies within each partite.

2018-02-02
Wu, Y., Lyu, Y., Fang, Q., Zheng, G., Yin, H., Shi, Y..  2017.  Protecting Outsourced Data in Semi-Trustworthy Cloud: A Hierarchical System. 2017 IEEE 37th International Conference on Distributed Computing Systems Workshops (ICDCSW). :300–305.

Data outsourcing in cloud is emerging as a successful paradigm that benefits organizations and enterprises with high-performance, low-cost, scalable data storage and sharing services. However, this paradigm also brings forth new challenges for data confidentiality because the outsourced are not under the physic control of the data owners. The existing schemes to achieve the security and usability goal usually apply encryption to the data before outsourcing them to the storage service providers (SSP), and disclose the decryption keys only to authorized user. They cannot ensure the security of data while operating data in cloud where the third-party services are usually semi-trustworthy, and need lots of time to deal with the data. We construct a privacy data management system appending hierarchical access control called HAC-DMS, which can not only assure security but also save plenty of time when updating data in cloud.

2018-01-23
Eslami, M., Zheng, G., Eramian, H., Levchuk, G..  2017.  Deriving cyber use cases from graph projections of cyber data represented as bipartite graphs. 2017 IEEE International Conference on Big Data (Big Data). :4658–4663.

Graph analysis can capture relationships between network entities and can be used to identify and rank anomalous hosts, users, or applications from various types of cyber logs. It is often the case that the data in the logs can be represented as a bipartite graph (e.g. internal IP-external IP, user-application, or client-server). State-of-the-art graph based anomaly detection often generalizes across all types of graphs — namely bipartite and non-bipartite. This confounds the interpretation and use of specific graph features such as degree, page rank, and eigencentrality that can provide a security analyst with situational awareness and even insights to potential attacks on enterprise scale networks. Furthermore, graph algorithms applied to data collected from large, distributed enterprise scale networks require accompanying methods that allow them to scale to the data collected. In this paper, we provide a novel, scalable, directional graph projection framework that operates on cyber logs that can be represented as bipartite graphs. We also present methodologies to further narrow returned results to anomalous/outlier cases that may be indicative of a cyber security event. This framework computes directional graph projections and identifies a set of interpretable graph features that describe anomalies within each partite.