Visible to the public Biblio

Found 324 results

Filters: Keyword is Big Data  [Clear All Filters]
2021-09-08
Ali, Jehad, Roh, Byeong-hee, Lee, Byungkyu, Oh, Jimyung, Adil, Muhammad.  2020.  A Machine Learning Framework for Prevention of Software-Defined Networking Controller from DDoS Attacks and Dimensionality Reduction of Big Data. 2020 International Conference on Information and Communication Technology Convergence (ICTC). :515–519.
The controller is an indispensable entity in software-defined networking (SDN), as it maintains a global view of the underlying network. However, if the controller fails to respond to the network due to a distributed denial of service (DDoS) attacks. Then, the attacker takes charge of the whole network via launching a spoof controller and can also modify the flow tables. Hence, faster, and accurate detection of DDoS attacks against the controller will make the SDN reliable and secure. Moreover, the Internet traffic is drastically increasing due to unprecedented growth of connected devices. Consequently, the processing of large number of requests cause a performance bottleneck regarding SDN controller. In this paper, we propose a hierarchical control plane SDN architecture for multi-domain communication that uses a statistical method called principal component analysis (PCA) to reduce the dimensionality of the big data traffic and the support vector machine (SVM) classifier is employed to detect a DDoS attack. SVM has high accuracy and less false positive rate while the PCA filters attribute drastically. Consequently, the performance of classification and accuracy is improved while the false positive rate is reduced.
2021-08-31
Vonitsanos, Gerasimos, Dritsas, Elias, Kanavos, Andreas, Mylonas, Phivos, Sioutas, Spyros.  2020.  Security and Privacy Solutions associated with NoSQL Data Stores. 2020 15th International Workshop on Semantic and Social Media Adaptation and Personalization (SMA). :1—5.
Technologies such as cloud computing and big data management, have lately made significant progress creating an urgent need for specific databases that can safely store extensive data along with high availability. Specifically, a growing number of companies have adopted various types of non-relational databases, commonly referred to as NoSQL databases. These databases provide a robust mechanism for the storage and retrieval of large amounts of data without using a predefined schema. NoSQL platforms are superior to RDBMS, especially in cases when we are dealing with big data and parallel processing, and in particular, when there is no need to use relational modeling. Sensitive data is stored daily in NoSQL Databases, making the privacy problem more serious while raising essential security issues. In our paper, security and privacy issues when dealing with NoSQL databases are introduced and in following, security mechanisms and privacy solutions are thoroughly examined.
2021-08-18
Jha, Pallavi, Zorkta, Haythem Yosef, Allawi, Dahham, Al-Nakkar, Maher Riad.  2020.  Improved Lightweight Encryption Algorithm (ILEA). 2020 International Conference for Emerging Technology (INCET). :1—4.
Lightweight cryptography concept has been a very hot topic for the last few years and considered as a new domain of encryption suitable for big data networks, small devices, phones, cards and embedded systems. These systems require low latency security and low power consuming [1]. An improved lightweight encryption algorithm ILEA is proposed in this paper. ILEA is based on PRINCE lightweight algorithm as his main core with two defacing balanced mixing layers added. ILEA presented in two programming languages: PYTHON, C++ with a comparative study with original PRINCE results and some of another lightweight algorithms.
2021-08-17
Chen, Congwei, Elsayed, Marwa A., Zulkernine, Mohammad.  2020.  HBD-Authority: Streaming Access Control Model for Hadoop. 2020 IEEE 6th International Conference on Dependability in Sensor, Cloud and Big Data Systems and Application (DependSys). :16–25.
Big data analytics, in essence, is becoming the revolution of business intelligence around the world. This momentum has given rise to the hype around analytic technologies, including Apache Hadoop. Hadoop was not originally developed with security in mind. Despite the evolving efforts to integrate security in Hadoop through developing new tools (e.g., Apache Sentry and Ranger) and employing traditional mechanisms (e.g., Kerberos and LDAP), they mainly focus on providing encryption and authentication features, albeit with limited authorization support. Existing solutions in the literature extended these evolving efforts. However, they suffer from limitations, hindering them from providing robust authorization that effectively meets the unique requirements of big data environments. Towards covering this gap, this paper proposes a hybrid authority (HBD-Authority) as a formal attribute-based access control model with context support. This model is established on a novel hybrid approach of authorization transparency that pertains to three fundamental properties of accuracy: correctness, security, and completeness. The model leverages streaming data analytics to foster distributed parallel processing capabilities that achieve multifold benefits: a) efficiently managing the security policies and promptly updating the privileges assigned to a high number of users interacting with the analytic services; b) swiftly deciding and enforcing authorization of requests over data characterized by the 5Vs; and c) providing dynamic protection for data which is frequently updated. The implementation details and experimental evaluation of the proposed model are presented, demonstrating its performance efficiency.
Zhang, Conghui, Li, Yi, Sun, Wenwen, Guan, Shaopeng.  2020.  Blockchain Based Big Data Security Protection Scheme. 2020 IEEE 5th Information Technology and Mechatronics Engineering Conference (ITOEC). :574–578.
As the key platform to deal with big data, Hadoop cannot fully protect data security of users by relying on a single Kerberos authentication mechanism. In addition, the single Namenode has disadvantages such as single point failure, performance bottleneck and poor scalability. To solve these problems, a big data security protection scheme is proposed. In this scheme, blockchain technology is adopted to deploy distributed Namenode server cluster to take joint efforts to safeguard the metadata and to allocate access tasks of users. We also improved the heartbeat model to collect user behavior so as to make a faster response to Datanode failure. The smart contract conducts reasonable allocation of user role through the judgment of user tag and risk value. It also establishes a tracking chain of risk value to monitor user behavior in real time. Experiments show that this scheme can better protect data security in Hadoop. It has the advantage of metadata decentralization and the data is hard to be tampered.
2021-07-07
Hussain, Rashid.  2020.  Peripheral View of IoT based Miniature Devices Security Paradigm. 2020 Global Conference on Wireless and Optical Technologies (GCWOT). :1–7.
Tunnel approach to the security and privacy aspects of communication networks has been an issue since the inception of networking technologies. Neither the technology nor the regulatory and legal frame works proactively play a significant role towards addressing the ever escalating security challenges. As we have move to ubiquitous computing paradigm where information secrecy and privacy is coupled with new challenges of human to machine and machine to machine interfaces, a transformational model for security should be visited. This research is attempted to highlight the peripheral view of IoT based miniature device security paradigm with focus on standardization, regulations, user adaptation, software and applications, low computing resources and power consumption, human to machine interface and privacy.
2021-06-30
Liu, Donglan, Wang, Rui, Zhang, Hao, Ma, Lei, Liu, Xin, Huang, Hua, Chang, Yingxian.  2020.  Research on Data Security Protection Method Based on Big Data Technology. 2020 12th International Conference on Communication Software and Networks (ICCSN). :79—83.
The construction of power Internet of things is an important development direction of power grid enterprises in the future. Big data not only brings economic and social benefits to the power system industry, but also brings many information security problems. Therefore, in the case of accelerating the construction of ubiquitous electric Internet of things, it is urgent to standardize the data security protection in the ubiquitous electric Internet of things environment. By analyzing the characteristics of big data in power system, this paper discusses the security risks faced by big data in power system. Finally, we propose some methods of data security protection based on the defects of big data security in current power system. By building a data security intelligent management and control platform, it can automatically discover and identify the types and levels of data assets, and build a classification and grading information base of dynamic data assets. And through the detection and identification of data labels and data content characteristics, tracking the use of data flow process. So as to realize the monitoring of data security state. By protecting sensitive data against leakage based on the whole life cycle of data, the big data security of power grid informatization can be effectively guaranteed and the safety immunity of power information system can be improved.
Xu, Hui, Zhang, Wei, Gao, Man, Chen, Hongwei.  2020.  Clustering Analysis for Big Data in Network Security Domain Using a Spark-Based Method. 2020 IEEE 5th International Symposium on Smart and Wireless Systems within the Conferences on Intelligent Data Acquisition and Advanced Computing Systems (IDAACS-SWS). :1—4.
Considering the problem of network security under the background of big data, the clustering analysis algorithms can be utilized to improve the correctness of network intrusion detection models for security management. As a kind of iterative clustering analysis algorithm, K-means algorithm is not only simple but also efficient, so it is widely used. However, the traditional K-means algorithm cannot well solve the network security problem when facing big data due to its high complexity and limited processing ability. In this case, this paper proposes to optimize the traditional K-means algorithm based on the Spark platform and deploy the optimized clustering analysis algorithm in the distributed architecture, so as to improve the efficiency of clustering algorithm for network intrusion detection in big data environment. The experimental result shows that, compared with the traditional K-means algorithm, the efficiency of the optimized K-means algorithm using a Spark-based method is significantly improved in the running time.
2021-06-28
Hannum, Corey, Li, Rui, Wang, Weitian.  2020.  Trust or Not?: A Computational Robot-Trusting-Human Model for Human-Robot Collaborative Tasks 2020 IEEE International Conference on Big Data (Big Data). :5689–5691.
The trust of a robot in its human partner is a significant issue in human-robot interaction, which is seldom explored in the field of robotics. This study addresses a critical issue of robots' trust in humans during the human-robot collaboration process based on the data of human motions, past interactions of the human-robot pair, and the human's current performance in the co-carry task. The trust level is evaluated dynamically throughout the collaborative task that allows the trust level to change if the human performs false positive actions, which can help the robot avoid making unpredictable movements and causing injury to the human. Experimental results showed that the robot effectively assisted the human in collaborative tasks through the proposed computational trust model.
2021-06-24
Dmitrievich, Asyaev Grigorii, Nikolaevich, Sokolov Aleksandr.  2020.  Automated Process Control Anomaly Detection Using Machine Learning Methods. 2020 Ural Symposium on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT). :0536–0538.
The paper discusses the features of the automated process control system, defines the algorithm for installing critical updates. The main problems in the administration of a critical system have been identified. The paper presents a model for recognizing anomalies in the network traffic of an industrial information system using machine learning methods. The article considers the network intrusion dataset (raw TCP / IP dump data was collected, where the network was subjected to multiple attacks). The main parameters that affect the recognition of abnormal behavior in the system are determined. The basic mathematical models of classification are analyzed, their basic parameters are reviewed and tuned. The mathematical model was trained on the considered (randomly mixed) sample using cross-validation and the response was predicted on the control (test) sample, where the model should determine the anomalous behavior of the system or normal as the output. The main criteria for choosing a mathematical model for the problem to be solved were the number of correctly recognized (accuracy) anomalies, precision and recall of the answers. Based on the study, the optimal algorithm for recognizing anomalies was selected, as well as signs by which this anomaly can be recognized.
2021-05-13
Hu, Xiaoyi, Wang, Ke.  2020.  Bank Financial Innovation and Computer Information Security Management Based on Artificial Intelligence. 2020 2nd International Conference on Machine Learning, Big Data and Business Intelligence (MLBDBI). :572—575.
In recent years, with the continuous development of various new Internet technologies, big data, cloud computing and other technologies have been widely used in work and life. The further improvement of data scale and computing capability has promoted the breakthrough development of artificial intelligence technology. The generalization and classification of financial science and technology not only have a certain impact on the traditional financial business, but also put forward higher requirements for commercial banks to operate financial science and technology business. Artificial intelligence brings fresh experience to financial services and is conducive to increasing customer stickiness. Artificial intelligence technology helps the standardization, modeling and intelligence of banking business, and helps credit decision-making, risk early warning and supervision. This paper first discusses the influence of artificial intelligence on financial innovation, and on this basis puts forward measures for the innovation and development of bank financial science and technology. Finally, it discusses the problem of computer information security management in bank financial innovation in the era of artificial intelligence.
2021-05-05
Singh, Sukhpreet, Jagdev, Gagandeep.  2020.  Execution of Big Data Analytics in Automotive Industry using Hortonworks Sandbox. 2020 Indo – Taiwan 2nd International Conference on Computing, Analytics and Networks (Indo-Taiwan ICAN). :158—163.

The market landscape has undergone dramatic change because of globalization, shifting marketing conditions, cost pressure, increased competition, and volatility. Transforming the operation of businesses has been possible because of the astonishing speed at which technology has witnessed the change. The automotive industry is on the edge of a revolution. The increased customer expectations, changing ownership, self-driving vehicles and much more have led to the transformation of automobiles, applications, and services from artificial intelligence, sensors, RFID to big data analysis. Large automobiles industries have been emphasizing the collection of data to gain insight into customer's expectations, preferences, and budgets alongside competitor's policies. Statistical methods can be applied to historical data, which has been gathered from various authentic sources and can be used to identify the impact of fixed and variable marketing investments and support automakers to come up with a more effective, precise, and efficient approach to target customers. Proper analysis of supply chain data can disclose the weak links in the chain enabling to adopt timely countermeasures to minimize the adverse effects. In order to fully gain benefit from analytics, the collaboration of a detailed set of capabilities responsible for intersecting and integrating with multiple functions and teams across the business is required. The effective role played by big data analysis in the automobile industry has also been expanded in the research paper. The research paper discusses the scope and challenges of big data. The paper also elaborates on the working technology behind the concept of big data. The paper illustrates the working of MapReduce technology that executes in the back end and is responsible for performing data mining.

2021-04-27
Khalid, O., Senthilananthan, S..  2020.  A review of data analytics techniques for effective management of big data using IoT. 2020 5th International Conference on Innovative Technologies in Intelligent Systems and Industrial Applications (CITISIA). :1—10.
IoT and big data are energetic technology of the world for quite a time, and both of these have become a necessity. On the one side where IoT is used to connect different objectives via the internet, the big data means having a large number of the set of structured, unstructured, and semi-structured data. The device used for processing based on the tools used. These tools help provide meaningful information used for effective management in different domains. Some of the commonly faced issues with the inadequate about the technologies are related to data privacy, insufficient analytical capabilities, and this issue is faced by in different domains related to the big data. Data analytics tools help discover the pattern of data and consumer preferences which is resulting in better decision making for the organizations. The major part of this work is to review different types of data analytics techniques for the effective management of big data using IoT. For the effective management of the ABD solution collection, analysis and control are used as the components. Each of the ingredients is described to find an effective way to manage big data. These components are considered and used in the validation criteria. The solution of effective data management is a stage towards the management of big data in IoT devices which will help the user to understand different types of elements of data management.
Yang, Y., Lu, K., Cheng, H., Fu, M., Li, Z..  2020.  Time-controlled Regular Language Search over Encrypted Big Data. 2020 IEEE 9th Joint International Information Technology and Artificial Intelligence Conference (ITAIC). 9:1041—1045.

The rapid development of cloud computing and the arrival of the big data era make the relationship between users and cloud closer. Cloud computing has powerful data computing and data storage capabilities, which can ubiquitously provide users with resources. However, users do not fully trust the cloud server's storage services, so lots of data is encrypted and uploaded to the cloud. Searchable encryption can protect the confidentiality of data and provide encrypted data retrieval functions. In this paper, we propose a time-controlled searchable encryption scheme with regular language over encrypted big data, which provides flexible search pattern and convenient data sharing. Our solution allows users with data's secret keys to generate trapdoors by themselves. And users without data's secret keys can generate trapdoors with the help of a trusted third party without revealing the data owner's secret key. Our system uses a time-controlled mechanism to collect keywords queried by users and ensures that the querying user's identity is not directly exposed. The obtained keywords are the basis for subsequent big data analysis. We conducted a security analysis of the proposed scheme and proved that the scheme is secure. The simulation experiment and comparison of our scheme show that the system has feasible efficiency.

Himthani, P., Dubey, G. P., Sharma, B. M., Taneja, A..  2020.  Big Data Privacy and Challenges for Machine Learning. 2020 Fourth International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC). :707—713.

The field of Big Data is expanding at an alarming rate since its inception in 2012. The excessive use of Social Networking Sites, collection of Data from Sensors for analysis and prediction of future events, improvement in Customer Satisfaction on Online S hopping portals by monitoring their past behavior and providing them information, items and offers of their interest instantaneously, etc had led to this rise in the field of Big Data. This huge amount of data, if analyzed and processed properly, can lead to decisions and outcomes that would be of great values and benefits to organizations and individuals. Security of Data and Privacy of User is of keen interest and high importance for individuals, industry and academia. Everyone ensure that their Sensitive information must be kept away from unauthorized access and their assets must be kept safe from security breaches. Privacy and Security are also equally important for Big Data and here, it is typical and complex to ensure the Privacy and Security, as the amount of data is enormous. One possible option to effectively and efficiently handle, process and analyze the Big Data is to make use of Machine Learning techniques. Machine Learning techniques are straightforward; applying them on Big Data requires resolution of various issues and is a challenging task, as the size of Data is too big. This paper provides a brief introduction to Big Data, the importance of Security and Privacy in Big Data and the various challenges that are required to overcome for applying the Machine Learning techniques on Big Data.

Sidhu, H. J. Singh, Khanna, M. S..  2020.  Cloud's Transformative Involvement in Managing BIG-DATA ANALYTICS For Securing Data in Transit, Storage And Use: A Study. 2020 Sixth International Conference on Parallel, Distributed and Grid Computing (PDGC). :297—302.

with the advent of Cloud Computing a new era of computing has come into existence. No doubt, there are numerous advantages associated with the Cloud Computing but, there is other side of the picture too. The challenges associated with it need a more promising reply as far as the security of data that is stored, in process and in transit is concerned. This paper put forth a cloud computing model that tries to answer the data security queries; we are talking about, in terms of the four cryptographic techniques namely Homomorphic Encryption (HE), Verifiable Computation (VC), Secure Multi-Party Computation (SMPC), Functional Encryption (FE). This paper takes into account the various cryptographic techniques to undertake cloud computing security issues. It also surveys these important (existing) cryptographic tools/techniques through a proposed Cloud computation model that can be used for Big Data applications. Further, these cryptographic tools are also taken into account in terms of CIA triad. Then, these tools/techniques are analyzed by comparing them on the basis of certain parameters of concern.

Syafalni, I., Fadhli, H., Utami, W., Dharma, G. S. A., Mulyawan, R., Sutisna, N., Adiono, T..  2020.  Cloud Security Implementation using Homomorphic Encryption. 2020 IEEE International Conference on Communication, Networks and Satellite (Comnetsat). :341—345.

With the advancement of computing and communication technologies, data transmission in the internet are getting bigger and faster. However, it is necessary to secure the data to prevent fraud and criminal over the internet. Furthermore, most of the data related to statistics requires to be analyzed securely such as weather data, health data, financial and other services. This paper presents an implementation of cloud security using homomorphic encryption for data analytic in the cloud. We apply the homomorphic encryption that allows the data to be processed without being decrypted. Experimental results show that, for the polynomial degree 26, 28, and 210, the total executions are 2.2 ms, 4.4 ms, 25 ms per data, respectively. The implementation is useful for big data security such as for environment, financial and hospital data analytics.

Kotturu, P. K., Kumar, A..  2020.  Data Mining Visualization with the Impact of Nature Inspired Algorithms in Big Data. 2020 4th International Conference on Trends in Electronics and Informatics (ICOEI)(48184). :664—668.

Data mining visualization is an important aspect of big data visualization and analysis. The impact of the nature-inspired algorithm along with the impact of computing traditions for the complete visualization of the storage and data communication needs have been studied. This paper also explores the possibilities of the hybridization of data mining in terms of association of cloud computing. It also explores the data analytical view in the exploration of these approaches in terms of data storage in big data. Based on these aspects the methodological advancement along with the problem statements has been analyzed. This will help in the exploration of computational capability along with the new insights in this domain.

Javid, T., Faris, M., Beenish, H., Fahad, M..  2020.  Cybersecurity and Data Privacy in the Cloudlet for Preliminary Healthcare Big Data Analytics. 2020 International Conference on Computing and Information Technology (ICCIT-1441). :1—4.

In cyber physical systems, cybersecurity and data privacy are among most critical considerations when dealing with communications, processing, and storage of data. Geospatial data and medical data are examples of big data that require seamless integration with computational algorithms as outlined in Industry 4.0 towards adoption of fourth industrial revolution. Healthcare Industry 4.0 is an application of the design principles of Industry 4.0 to the medical domain. Mobile applications are now widely used to accomplish important business functions in almost all industries. These mobile devices, however, are resource poor and proved insufficient for many important medical applications. Resource rich cloud services are used to augment poor mobile device resources for data and compute intensive applications in the mobile cloud computing paradigm. However, the performance of cloud services is undesirable for data-intensive, latency-sensitive mobile applications due increased hop count between the mobile device and the cloud server. Cloudlets are virtual machines hosted in server placed nearby the mobile device and offer an attractive alternative to the mobile cloud computing in the form of mobile edge computing. This paper outlines cybersecurity and data privacy aspects for communications of measured patient data from wearable wireless biosensors to nearby cloudlet host server in order to facilitate the cloudlet based preliminary and essential complex analytics for the medical big data.

Hongyan, W., Zengliang, M., Yong, W., Enyu, Z..  2020.  The Model of Big Data Cloud Computing Based on Extended Subjective Logic. 2020 IEEE International Conference on Power, Intelligent Computing and Systems (ICPICS). :619—622.

This paper has firstly introduced big data services and cloud computing model based on different process forms, and analyzed the authentication technology and security services of the existing big data to understand their processing characteristics. Operation principles and complexity of the big data services and cloud computing have also been studied, and summary about their suitable environment and pros and cons have been made. Based on the Cloud Computing, the author has put forward the Model of Big Data Cloud Computing based on Extended Subjective Logic (MBDCC-ESL), which has introduced Jφsang's subjective logic to test the data credibility and expanded it to solve the problem of the trustworthiness of big data in the cloud computing environment. Simulation results show that the model works pretty well.

Sasubilli, S. M., Dubey, A. K., Kumar, A..  2020.  Hybrid security analysis based on intelligent adaptive learning in Big Data. 2020 International Conference on Advances in Computing and Communication Engineering (ICACCE). :1—5.

Big data provides a way to handle and analyze large amount of data or complex set. It provides a systematic extraction also. In this paper a hybrid security analysis based on intelligent adaptive learning in big data has been discussed with the current trends. This paper also explores the possibility of cloud computing collaboration with big data. The advantages along with the impact for the overall platform evaluation has been discussed with the traditional trends. It has been useful in the analysis and the exploration of future research. This discussion also covers the computational variability and the connotation in terms of data reliability, availability and management in big data with data security aspects.

Reddy, C. b Manjunath, reddy, U. k, Brumancia, E., Gomathi, R. M., Indira, K..  2020.  Integrative Approach Of Big Data And Network Attacks Analysis In Cloud Environment. 2020 4th International Conference on Trends in Electronics and Informatics (ICOEI)(48184). :314—317.

Lately mining of information from online life is pulling in more consideration because of the blast in the development of Big Data. In security, Big Data manages an assortment of immense advanced data for investigating, envisioning and to draw the bits of knowledge for the expectation and anticipation of digital assaults. Big Data Analytics (BDA) is the term composed by experts to portray the art of dealing with, taking care of and gathering a great deal of data for future evaluation. Data is being made at an upsetting rate. The quick improvement of the Internet, Internet of Things (IoT) and other creative advances are the rule liable gatherings behind this proceeded with advancement. The data made is an impression of the earth, it is conveyed out of, along these lines can use the data got away from structures to understand the internal exercises of that system. This has become a significant element in cyber security where the objective is to secure resources. Moreover, the developing estimation of information has made large information a high worth objective. Right now, investigate ongoing exploration works in cyber security comparable to huge information and feature how Big information is secured and how huge information can likewise be utilized as a device for cyber security. Simultaneously, a Big Data based concentrated log investigation framework is actualized to distinguish the system traffic happened with assailants through DDOS, SQL Injection and Bruce Force assault. The log record is naturally transmitted to the brought together cloud server and big information is started in the investigation process.

Marabissi, D., Mucchi, L., Casini, S..  2020.  Physical-layer security metric for user association in ultra-dense networks. 2020 International Conference on Computing, Networking and Communications (ICNC). :487—491.
Network densification in future fifth generation wireless networks is considered a key technology to fulfill the challenging requirements in terms of requested capacity. In addition, the ultra dense network (UDN) can be a useful mean to increase the security in the wireless link, where a huge amount of sensitive and confidential data will be transmitted. In particular, the dense network deployment offers new opportunities for achieving security at physical layer because wireless channels are more random and the inter-cell interference can be beneficial. In this context, where each user equipment is under the coverage of several cells, the user association policy can be suitably designed to increase the physical-layer security. This paper investigates a new metric for the security-based user association in UDNs. In particular, since the position of the eavesdropper is typically not known, a measure of the secure area is introduced, and then a new association policy based on this metric is proposed and its performance is compared with that of the classical best quality-channel association. Numerical results show that this approach significantly outperforms the traditional one.
Wagner, T. J., Ford, T. C..  2020.  Metrics to Meet Security Privacy Requirements with Agile Software Development Methods in a Regulated Environment. 2020 International Conference on Computing, Networking and Communications (ICNC). :17—23.

This work examines metrics that can be used to measure the ability of agile software development methods to meet security and privacy requirements of communications applications. Many implementations of communication protocols, including those in vehicular networks, occur within regulated environments where agile development methods are traditionally discouraged. We propose a framework and metrics to measure adherence to security, quality and software effectiveness regulations if developers desire the cost and schedule benefits of agile methods. After providing an overview of specific challenges that a regulated environment imposes on communications software development, we proceed to examine the 12 agile principles and how they relate to a regulatory environment. From this review we identify two metrics to measure performance of three key regulatory attributes of software for communications applications, and then recommend an approach of either tools, agile methods or DevOps that is best positioned to satisfy its regulated environment attributes. By considering the recommendations in this paper, managers of software-dominant communications programs in a regulated environment can gain insight into leveraging the benefits of agile methods.

Piplai, A., Ranade, P., Kotal, A., Mittal, S., Narayanan, S. N., Joshi, A..  2020.  Using Knowledge Graphs and Reinforcement Learning for Malware Analysis. 2020 IEEE International Conference on Big Data (Big Data). :2626—2633.

Machine learning algorithms used to detect attacks are limited by the fact that they cannot incorporate the back-ground knowledge that an analyst has. This limits their suitability in detecting new attacks. Reinforcement learning is different from traditional machine learning algorithms used in the cybersecurity domain. Compared to traditional ML algorithms, reinforcement learning does not need a mapping of the input-output space or a specific user-defined metric to compare data points. This is important for the cybersecurity domain, especially for malware detection and mitigation, as not all problems have a single, known, correct answer. Often, security researchers have to resort to guided trial and error to understand the presence of a malware and mitigate it.In this paper, we incorporate prior knowledge, represented as Cybersecurity Knowledge Graphs (CKGs), to guide the exploration of an RL algorithm to detect malware. CKGs capture semantic relationships between cyber-entities, including that mined from open source. Instead of trying out random guesses and observing the change in the environment, we aim to take the help of verified knowledge about cyber-attack to guide our reinforcement learning algorithm to effectively identify ways to detect the presence of malicious filenames so that they can be deleted to mitigate a cyber-attack. We show that such a guided system outperforms a base RL system in detecting malware.