Visible to the public Biblio

Found 135 results

Filters: Keyword is Analytical models  [Clear All Filters]
Zhang, Xianzhen, Chen, Zhanfang, Gong, Yue, Liu, Wen.  2019.  A Access Control Model of Associated Data Sets Based on Game Theory. 2019 International Conference on Machine Learning, Big Data and Business Intelligence (MLBDBI). :1–4.
With the popularity of Internet applications and rapid development, data using and sharing process may lead to the sensitive information divulgence. To deal with the privacy protection issue more effectively, in this paper, we propose the associated data sets protection model based on game theory from the point of view of realizing benefits from the access of privacy is about happen, quantify the extent to which visitors gain sensitive information, then compares the tolerance of the sensitive information owner and finally decides whether to allow the visitor to make an access request.
Zhang, Fan, Kodituwakku, Hansaka Angel Dias Edirisinghe, Hines, J. Wesley, Coble, Jamie.  2019.  Multilayer Data-Driven Cyber-Attack Detection System for Industrial Control Systems Based on Network, System, and Process Data. IEEE Transactions on Industrial Informatics. 15:4362—4369.
The growing number of attacks against cyber-physical systems in recent years elevates the concern for cybersecurity of industrial control systems (ICSs). The current efforts of ICS cybersecurity are mainly based on firewalls, data diodes, and other methods of intrusion prevention, which may not be sufficient for growing cyber threats from motivated attackers. To enhance the cybersecurity of ICS, a cyber-attack detection system built on the concept of defense-in-depth is developed utilizing network traffic data, host system data, and measured process parameters. This attack detection system provides multiple-layer defense in order to gain the defenders precious time before unrecoverable consequences occur in the physical system. The data used for demonstrating the proposed detection system are from a real-time ICS testbed. Five attacks, including man in the middle (MITM), denial of service (DoS), data exfiltration, data tampering, and false data injection, are carried out to simulate the consequences of cyber attack and generate data for building data-driven detection models. Four classical classification models based on network data and host system data are studied, including k-nearest neighbor (KNN), decision tree, bootstrap aggregating (bagging), and random forest (RF), to provide a secondary line of defense of cyber-attack detection in the event that the intrusion prevention layer fails. Intrusion detection results suggest that KNN, bagging, and RF have low missed alarm and false alarm rates for MITM and DoS attacks, providing accurate and reliable detection of these cyber attacks. Cyber attacks that may not be detectable by monitoring network and host system data, such as command tampering and false data injection attacks by an insider, are monitored for by traditional process monitoring protocols. In the proposed detection system, an auto-associative kernel regression model is studied to strengthen early attack detection. The result shows that this approach detects physically impactful cyber attacks before significant consequences occur. The proposed multiple-layer data-driven cyber-attack detection system utilizing network, system, and process data is a promising solution for safeguarding an ICS.
Pham-Thi-Dan, Ngoc, Do-Dac, Thiem, Ho-Van, Khuong, Vo-Que, Son, Pham-Ngoc, Son.  2019.  On Security Capability of Cooperative Communications in Energy Scavenging Cognitive Radio Networks. 2019 International Conference on Advanced Technologies for Communications (ATC). :89—93.
In this paper, secrecy outage probability (SOP) of cooperative communications in ESCRNs is numerically evaluated by the recommended precise closed-form formula which is corroborated by numerous computer simulations. Results expose that the relay's location, energy scavenging time, message recovering time, and power division for energy scavenging and message recovering dramatically impact the SOP of the cooperative communications in ESCRNs. Moreover, results infer that the SOP is constant either in energy scavenging non-cognitive networks (ES-nonCRNs) or in ESCRNs with infinite power transmitters.
Sureka, N., Gunaseelan, K..  2019.  Detection Defense against Primary User Emulation Attack in Dynamic Cognitive Radio Networks. 2019 Fifth International Conference on Science Technology Engineering and Mathematics (ICONSTEM). 1:505—510.
Cognitive radio is a promising technology that intends on solving the spectrum scarcity problem by allocating free spectrum dynamically to the unlicensed Secondary Users (SUs) in order to establish coexistence between the licensed Primary User (PU) & SUs, without causing any interference to the incumbent transmission. Primary user emulation attack (PUEA) is one such major threat posed on spectrum sensing, which decreases the spectrum access probability. Detection and defense against PUEA is realized using Yardstick based Threshold Allocation technique (YTA), by assigning threshold level to the base station thereby efficiently enhancing the spectrum sensing ability in a dynamic CR network. The simulation is performed using NS2 and analysis by using X-graph. The results shows minimum interference to primary transmissions by letting SUs spontaneously predict the prospective spectrum availability and aiding in effective prevention of potential emulation attacks along with proficient improvement of throughput in a dynamic cognitive radio environment.
Du, Jia, Wang, Zhe, Yang, Junqiang, Song, Xiaofeng.  2019.  Research on Cognitive Linkage of Network Security Equipment. 2019 International Conference on Robots Intelligent System (ICRIS). :296–298.
To solve the problems of weak linkage ability and low intellectualization of strategy allocation in existing network security devices, a new method of cognitive linkage of network security equipment is proposed by learning from human brain. Firstly, the basic connotation and cognitive cycle of cognitive linkage are expounded. Secondly, the main functions of cognitive linkage are clarified. Finally, the cognitive linkage system model is constructed, and the information process flow of cognitive linkage is described. Cognitive linkage of network security equipment provides a new way to effectively enhance the overall protection capability of network security equipment.
Shukla, Ankur, Katt, Basel, Nweke, Livinus Obiora.  2019.  Vulnerability Discovery Modelling With Vulnerability Severity. 2019 IEEE Conference on Information and Communication Technology. :1—6.
Web browsers are primary targets of attacks because of their extensive uses and the fact that they interact with sensitive data. Vulnerabilities present in a web browser can pose serious risk to millions of users. Thus, it is pertinent to address these vulnerabilities to provide adequate protection for personally identifiable information. Research done in the past has showed that few vulnerability discovery models (VDMs) highlight the characterization of vulnerability discovery process. In these models, severity which is one of the most crucial properties has not been considered. Vulnerabilities can be categorized into different levels based on their severity. The discovery process of each kind of vulnerabilities is different from the other. Hence, it is essential to incorporate the severity of the vulnerabilities during the modelling of the vulnerability discovery process. This paper proposes a model to assess the vulnerabilities present in the software quantitatively with consideration for the severity of the vulnerabilities. It is possible to apply the proposed model to approximate the number of vulnerabilities along with vulnerability discovery rate, future occurrence of vulnerabilities, risk analysis, etc. Vulnerability data obtained from one of the major web browsers (Google Chrome) is deployed to examine goodness-of-fit and predictive capability of the proposed model. Experimental results justify the fact that the model proposed herein can estimate the required information better than the existing VDMs.
Berady, Aimad, Viet Triem Tong, Valerie, Guette, Gilles, Bidan, Christophe, Carat, Guillaume.  2019.  Modeling the Operational Phases of APT Campaigns. 2019 International Conference on Computational Science and Computational Intelligence (CSCI). :96—101.
In the context of Advanced Persistent Threat (APT) attacks, this paper introduces a model, called Nuke, which tries to provide a more operational reading of the attackers' lifecycle in a compromised network. It allows to consider the notions of regression; and repetitiveness of final objectives achievement. By confronting this model with examples of recent attacks (Equifax data breach and TV5Monde sabotage), we emphasize the importance of the attack chronology in the Cyber Threat Intelligence (CTI) reports, as well as the Tactics, Techniques and Procedures (TTP) used by the attacker during his progression.
Zapirain, Esteban Aitor, Maris Massa, Stella.  2018.  Intellectual Property Management in Serious Games. 2018 IEEE Biennial Congress of Argentina (ARGENCON). :1—5.
The aim of this work is to perform an analysis on Technology Transfer strategies for the development of Serious Games at Public National Universities. The results can be extrapolated to other research topics and institutions. First of all, the University role as a producer of knowledge is studied, and possible scenarios for Technology Transfer to third-parties are considered. Moreover, the actors involved in the research and development processes and their corresponding Intellectual Property rights on the Research Results are identified and analysed. Finally, an Intellectual Property Rights protection analysis is undertaken to the different components of a Serious Game type of product, through the modalities of invention patents, utility models, industrial models and designs, brands and author rights. The work concludes that public universities are best fitted as knowledge factories, and the most promising scenario in Technology Transfer is that universities manage their Intellectual Property Rights and licence them to third-party institutions to handle commercialization, while keeping favorable conditions to finance subsequent research and ensuring that products derived from Research Results will be reachable by the society.
Chen, Jun, Zhu, Huijun, Chen, Zhixin, Cai, Xiaobo, Yang, Linnan.  2019.  A Security Evaluation Model Based on Fuzzy Hierarchy Analysis for Industrial Cyber-Physical Control Systems. 2019 IEEE International Conference on Industrial Internet (ICII). :62—65.
With the increasing security threats to the information of Industrial Cyber-physical Control Systems, the quantitative assessment of security risk becomes an important basis of information security research. Based on fuzzy hierarchy analysis, this paper constructs the hierarchical model of industrial control system safety risk evaluation, and obtains the exact value of risk. Experimental results show that the proposed method can effectively quantify the control system risk, which provides a basis for industrial control system risk management decision.
Zhang, Shisheng, Wang, Chencheng, Wang, Qishu.  2019.  Research on Time Concealed Channel Technology of Cloud Computing Platform Based on Shared Memory. 2019 IEEE 4th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). 1:904—909.

Security issues severely restrict the development and popularization of cloud computing. As a way of data leakage, covert channel greatly threatens the security of cloud platform. This paper introduces the types and research status of covert channels, and discusses the classical detection and interference methods of time-covert channels on cloud platforms for shared memory time covert channels.

Ma, Siyou, Feng, Gao, Yan, Yunqiang.  2019.  Study on Hybrid Collaborative Simulation Testing Method Towards CPS. 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C). :51—56.

CPS is generally complex to study, analyze, and design, as an important means to ensure the correctness of design and implementation of CPS system, simulation test is difficult to fully test, verify and evaluate the components or subsystems in the CPS system due to the inconsistent development progress of the com-ponents or subsystems in the CPS system. To address this prob-lem, we designed a hybrid P2P based collaborative simulation test framework composed of full physical nodes, hardware in the loop(HIL) nodes and full digital nodes to simulate the compo-nents or subsystems in the CPS system of different development progress, based on the framework, we then proposed collabora-tive simulation control strategy comprising sliding window based clock synchronization, dynamic adaptive time advancement and multi-priority task scheduling with preemptive time threshold. Experiments showed that the hybrid collaborative simulation testing method proposed in this paper can fully test CPS more effectively.

Paschalides, Demetris, Christodoulou, Chrysovalantis, Andreou, Rafael, Pallis, George, Dikaiakos, Marios D., Kornilakis, Alexandros, Markatos, Evangelos.  2019.  Check-It: A plugin for Detecting and Reducing the Spread of Fake News and Misinformation on the Web. 2019 IEEE/WIC/ACM International Conference on Web Intelligence (WI). :298–302.
Over the past few years, we have been witnessing the rise of misinformation on the Internet. People fall victims of fake news continuously, and contribute to their propagation knowingly or inadvertently. Many recent efforts seek to reduce the damage caused by fake news by identifying them automatically with artificial intelligence techniques, using signals from domain flag-lists, online social networks, etc. In this work, we present Check-It, a system that combines a variety of signals into a pipeline for fake news identification. Check-It is developed as a web browser plugin with the objective of efficient and timely fake news detection, while respecting user privacy. In this paper, we present the design, implementation and performance evaluation of Check-It. Experimental results show that it outperforms state-of-the-art methods on commonly-used datasets.
Fahrenkrog-Petersen, Stephan A., van der Aa, Han, Weidlich, Matthias.  2019.  PRETSA: Event Log Sanitization for Privacy-aware Process Discovery. 2019 International Conference on Process Mining (ICPM). :1—8.

Event logs that originate from information systems enable comprehensive analysis of business processes, e.g., by process model discovery. However, logs potentially contain sensitive information about individual employees involved in process execution that are only partially hidden by an obfuscation of the event data. In this paper, we therefore address the risk of privacy-disclosure attacks on event logs with pseudonymized employee information. To this end, we introduce PRETSA, a novel algorithm for event log sanitization that provides privacy guarantees in terms of k-anonymity and t-closeness. It thereby avoids disclosure of employee identities, their membership in the event log, and their characterization based on sensitive attributes, such as performance information. Through step-wise transformations of a prefix-tree representation of an event log, we maintain its high utility for discovery of a performance-annotated process model. Experiments with real-world data demonstrate that sanitization with PRETSA yields event logs of higher utility compared to methods that exploit frequency-based filtering, while providing the same privacy guarantees.

Tripathi, Dipty, Maurya, Ashish Kumar, Chaturvedi, Amrita, Tripathi, Anil Kumar.  2019.  A Study of Security Modeling Techniques for Smart Systems. 2019 International Conference on Machine Learning, Big Data, Cloud and Parallel Computing (COMITCon). :87–92.
The term “smart” has been used in many ways for describing systems and infrastructure such as smart city, smart home, smart grid, smart meter, etc. These systems may lie in the domain of critical security systems where security can be estimated in terms of confidentiality, integrity and some cases may involve availability for protection against the theft or damage of system resources as well as disruption of the system services. Although, in spite of, being a hot topic to enhance the quality of life, there is no concrete definition of what smart system is and what should be the characteristics of it. Thus, there is a need to identify what these systems actually are and how they can be designed securely. This work firstly attempts to describe attributes related to the smartness to define smart systems. Furthermore, we propose a secure smart system development life cycle, where the security is weaved at all the development phase of smart systems according to principles, guidelines, attack patterns, risk, vulnerability, exploits, and defined rules. Finally, the comparative study is performed for evaluation of traditional security modeling techniques for early assessment of threats and risks in smart systems.
Gorbachov, Valeriy, Batiaa, Abdulrahman Kataeba, Ponomarenko, Olha, Kotkova, Oksana.  2019.  Impact Evaluation of Embedded Security Mechanisms on System Performance. 2019 IEEE International Scientific-Practical Conference Problems of Infocommunications, Science and Technology (PIC S T). :407–410.
Experience in designing general-purpose systems that enforce security goals shows that achieving universality, security, and performance remains a very difficult challenge. As a result, two directions emerged in designing, one of which focused on universality and performance with limited security mechanisms, and another - on robust security with reasonable performance for limited sets of applications. In the first case, popular but unsecure systems were created, and various efforts were subsequently made to upgrade the protected infrastructure for such systems. In the work, the latter approach is considered. It is obvious that the inclusion of built-in security mechanisms leads to a decrease in system performance. The paper considers a reference monitor and the assessment of its impact on system performance. For this purpose, the functional structure of reference monitor is built and the analytical model of impact evaluation on system performance is proposed.
Sahabandu, Dinuka, Moothedath, Shana, Bushnell, Linda, Poovendran, Radha, Aller, Joey, Lee, Wenke, Clark, Andrew.  2019.  A Game Theoretic Approach for Dynamic Information Flow Tracking with Conditional Branching. 2019 American Control Conference (ACC). :2289–2296.
In this paper, we study system security against Advanced Persistent Threats (APTs). APTs are stealthy and persistent but APTs interact with system and introduce information flows in the system as data-flow and control-flow commands. Dynamic Information Flow Tracking (DIFT) is a promising detection mechanism against APTs which taints suspicious input sources in the system and performs online security analysis when a tainted information is used in unauthorized manner. Our objective in this paper is to model DIFT that handle data-flow and conditional branches in the program that arise from control-flow commands. We use game theoretic framework and provide the first analytical model of DIFT with data-flow and conditional-branch tracking. Our game model which is an undiscounted infinite-horizon stochastic game captures the interaction between APTs and DIFT and the notion of conditional branching. We prove that the best response of the APT is a maximal reachability probability problem and provide a polynomial-time algorithm to find the best response by solving a linear optimization problem. We formulate the best response of the defense as a linear optimization problem and show that an optimal solution to the linear program returns a deterministic optimal policy for the defense. Since finding Nash equilibrium for infinite-horizon undiscounted stochastic games is computationally difficult, we present a nonlinear programming based polynomial-time algorithm to find an E-Nash equilibrium. Finally, we perform experimental analysis of our algorithm on real-world data for NetRecon attack augmented with conditional branching.
van den Berg, Eric, Robertson, Seth.  2019.  Game-Theoretic Planning to Counter DDoS in NEMESIS. MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM). :1–6.
NEMESIS provides powerful and cost-effective defenses against extreme Distributed Denial of Service (DDos) attacks through a number of network maneuvers. However, selection of which maneuvers to deploy when and with what parameters requires great care to achieve optimal outcomes in the face of overwhelming attack. Analytical wargaming allows game theoretic optimal Courses of Action (COA) to be created real-time during live operations, orders of magnitude faster than packet-level simulation and with equivalent outcomes to even expert human hand-crafted COAs.
Briggs, Shannon, Perrone, Michael, Peveler, Matthew, Drozdal, Jaimie, Balagyozyan, Lilit, Su, Hui.  2019.  Multimodal, Multiuser Immersive Brainstorming and Scenario Planning for Intelligence Analysis. 2019 IEEE International Symposium on Technologies for Homeland Security (HST). :1—4.

This paper discusses two pieces of software designed for intelligence analysis, the brainstorming tool and the Scenario Planning Advisor. These tools were developed in the Cognitive Immersive Systems Lab (CISL) in conjunction with IBM. We discuss the immersive environment the tools are situated in, and the proposed benefit for intelligence analysis.

de Souza, Rick Lopes, Vigil, Martín, Custódio, Ricardo, Caullery, Florian, Moura, Lucia, Panario, Daniel.  2018.  Secret Sharing Schemes with Hidden Sets. 2018 IEEE Symposium on Computers and Communications (ISCC). :00713–00718.
Shamir's Secret Sharing Scheme is well established and widely used. It allows a so-called Dealer to split and share a secret k among n Participants such that at least t shares are needed to reconstruct k, where 0 \textbackslashtextbackslashtextless; t ≤ n. Nothing about the secret can be learned from less than t shares. To split secret k, the Dealer generates a polynomial f, whose independent term is k and the coefficients are randomly selected using a uniform distribution. A share is a pair (x, f(x)) where x is also chosen randomly using a uniform distribution. This scheme is useful, for example, to distribute cryptographic keys among different cloud providers and to create multi-factor authentication. The security of Shamir's Secret Sharing Scheme is usually analyzed using a threat model where the Dealer is trusted to split and share secrets as described above. In this paper, we demonstrate that there exists a different threat model where a malicious Dealer can compute shares such that a subset of less than t shares is allowed to reconstruct the secret. We refer to such subsets as hidden sets. We formally define hidden sets and prove lower bounds on the number of possible hidden sets for polynomials of degree t - 1. Yet, we show how to detect hidden sets given a set of n shares and describe how to create hidden sets while sharing a secret using a modification of Shamir's scheme.
Baruwal Chhetri, Mohan, Uzunov, Anton, Vo, Bao, Nepal, Surya, Kowalczyk, Ryszard.  2019.  Self-Improving Autonomic Systems for Antifragile Cyber Defence: Challenges and Opportunities. 2019 IEEE International Conference on Autonomic Computing (ICAC). :18–23.

Antifragile systems enhance their capabilities and become stronger when exposed to adverse conditions, stresses or attacks, making antifragility a desirable property for cyber defence systems that operate in contested military environments. Self-improvement in autonomic systems refers to the improvement of their self-* capabilities, so that they are able to (a) better handle previously known (anticipated) situations, and (b) deal with previously unknown (unanticipated) situations. In this position paper, we present a vision of using self-improvement through learning to achieve antifragility in autonomic cyber defence systems. We first enumerate some of the major challenges associated with realizing distributed self-improvement. We then propose a reference model for middleware frameworks for self-improving autonomic systems and a set of desirable features of such frameworks.

Chen, Jing, Tong, Wencan, Li, Xiaojian, Jiang, Yiyi, Zhu, Liyu.  2019.  A Survey of Time-varying Structural Modeling to Accountable Cloud Services. 2019 IEEE International Conference on Computation, Communication and Engineering (ICCCE). :9—12.

Cloud service has the computing characteristics of self-organizing strain on demand, which is prone to failure or loss of responsibility in its extensive application. In the prediction or accountability of this, the modeling of cloud service structure becomes an insurmountable priority. This paper reviews the modeling of cloud service network architecture. It mainly includes: Firstly, the research status of cloud service structure modeling is analyzed and reviewed. Secondly, the classification of time-varying structure of cloud services and the classification of time-varying structure modeling methods are summarized as a whole. Thirdly, it points out the existing problems. Finally, for cloud service accountability, research approach of time-varying structure modeling is proposed.

Wang, Shaolei, Zhou, Ying, Li, Yaowei, Guo, Ronghua, Du, Jiawei.  2018.  Quantitative Analysis of Network Address Randomization's Security Effectiveness. 2018 IEEE 18th International Conference on Communication Technology (ICCT). :906—910.

The quantitative security effectiveness analysis is a difficult problem for the research of network address randomization techniques. In this paper, a system model and an attack model are proposed based on general attacks' attack processes and network address randomization's technical principle. Based on the models, the network address randomization's security effectiveness is quantitatively analyzed from the perspective of the attacker's attack time and attack cost in both static network address and network address randomization cases. The results of the analysis show that the security effectiveness of network address randomization is determined by the randomization frequency, the randomization space, the states of hosts in the target network, and the capabilities of the attacker.

Yu, Dunyi.  2018.  Research on Anomaly Intrusion Detection Technology in Wireless Network. 2018 International Conference on Virtual Reality and Intelligent Systems (ICVRIS). :540–543.
In order to improve the security of wireless network, an anomaly intrusion detection algorithm based on adaptive time-frequency feature decomposition is proposed. This paper analyzes the types and detection principles of wireless network intrusion detection, it adopts the information statistical analysis method to detect the network intrusion, constructs the traffic statistical analysis model of the network abnormal intrusion, and establishes the network intrusion signal model by combining the signal fitting method. The correlation matching filter is used to filter the network intrusion signal to improve the output signal-to-noise ratio (SNR), the time-frequency analysis method is used to extract the characteristic quantity of the network abnormal intrusion, and the adaptive correlation spectrum analysis method is used to realize the intrusion detection. The simulation results show that this method has high accuracy and strong anti-interference ability, and it can effectively guarantee the network security.
Ming, Liang, Zhao, Gang, Huang, Minhuan, Kuang, Xiaohui, Li, Hu, Zhang, Ming.  2018.  Security Analysis of Intelligent Transportation Systems Based on Simulation Data. 2018 1st International Conference on Data Intelligence and Security (ICDIS). :184—187.
Modern vehicles in Intelligent Transportation Systems (ITS) can communicate with each other as well as roadside infrastructure units (RSUs) in order to increase transportation efficiency and road safety. For example, there are techniques to alert drivers in advance about traffic incidents and to help them avoid congestion. Threats to these systems, on the other hand, can limit the benefits of these technologies. Securing ITS itself is an important concern in ITS design and implementation. In this paper, we provide a security model of ITS which extends the classic layered network security model with transportation security and information security, and gives a reference for designing ITS architectures. Based on this security model, we also present a classification of ITS threats for defense. Finally a proof-of-concept example with malicious nodes in an ITS system is also given to demonstrate the impact of attacks. We analyzed the threat of malicious nodes and their effects to commuters, like increasing toll fees, travel distances, and travel times etc. Experimental results from simulations based on Veins shows the threats will bring about 43.40% more total toll fees, 39.45% longer travel distances, and 63.10% more travel times.
Rauscher, Julia, Bauer, Bernhard.  2018.  Safety and Security Architecture Analyses Framework for the Internet of Things of Medical Devices. 2018 IEEE 20th International Conference on e-Health Networking, Applications and Services (Healthcom). :1–3.
Internet of Things (IoT) is spreading increasingly in different areas of application. Accordingly, IoT also gets deployed in health care including ambient assisted living, telemedicine or medical smart homes. However, IoT also involves risks. Next to increased security issues also safety concerns are occurring. Deploying health care sensors and utilizing medical data causes a high need for IoT architectures free of vulnerabilities in order to identify weak points as early as possible. To address this, we are developing a safety and security analysis approach including a standardized meta model and an IoT safety and security framework comprising a customizable analysis language.