Visible to the public Biblio

Found 1514 results

Filters: Keyword is human factors  [Clear All Filters]
Ibrahim, Rosziati, Omotunde, Habeeb.  2017.  A Hybrid Threat Model for Software Security Requirement Specification - IEEE Conference Publication.

Security is often treated as secondary or a non- functional feature of software which influences the approach of vendors and developers when describing their products often in terms of what it can do (Use Cases) or offer customers. However, tides are beginning to change as more experienced customers are beginning to demand for more secure and reliable software giving priority to confidentiality, integrity and privacy while using these applications. This paper presents the MOTH (Modeling Threats with Hybrid Techniques) framework designed to help organizations secure their software assets from attackers in order to prevent any instance of SQL Injection Attacks (SQLIAs). By focusing on the attack vectors and vulnerabilities exploited by the attackers and brainstorming over possible attacks, developers and security experts can better strategize and specify security requirements required to create secure software impervious to SQLIAs. A live web application was considered in this research work as a case study and results obtained from the hybrid models extensively exposes the vulnerabilities deep within the application and proposed resolution plans for blocking those security holes exploited by SQLIAs.

[Anonymous].  2019.  PhishFarm: A Scalable Framework for Measuring the Effectiveness of Evasion Techniques against Browser Phishing Blacklists - IEEE Conference Publication.

Phishing attacks have reached record volumes in recent years. Simultaneously, modern phishing websites are growing in sophistication by employing diverse cloaking techniques to avoid detection by security infrastructure. In this paper, we present PhishFarm: a scalable framework for methodically testing the resilience of anti-phishing entities and browser blacklists to attackers' evasion efforts. We use PhishFarm to deploy 2,380 live phishing sites (on new, unique, and previously-unseen .com domains) each using one of six different HTTP request filters based on real phishing kits. We reported subsets of these sites to 10 distinct anti-phishing entities and measured both the occurrence and timeliness of native blacklisting in major web browsers to gauge the effectiveness of protection ultimately extended to victim users and organizations. Our experiments revealed shortcomings in current infrastructure, which allows some phishing sites to go unnoticed by the security community while remaining accessible to victims. We found that simple cloaking techniques representative of real-world attacks- including those based on geolocation, device type, or JavaScript- were effective in reducing the likelihood of blacklisting by over 55% on average. We also discovered that blacklisting did not function as intended in popular mobile browsers (Chrome, Safari, and Firefox), which left users of these browsers particularly vulnerable to phishing attacks. Following disclosure of our findings, anti-phishing entities are now better able to detect and mitigate several cloaking techniques (including those that target mobile users), and blacklisting has also become more consistent between desktop and mobile platforms- but work remains to be done by anti-phishing entities to ensure users are adequately protected. Our PhishFarm framework is designed for continuous monitoring of the ecosystem and can be extended to test future state-of-the-art evasion techniques used by malicious websites.

Conference Paper
Khan, JavedAkhtar.  2019.  2019 3rd International Conference on Computing Methodologies and Communication (ICCMC). 2019 3rd International Conference on Computing Methodologies and Communication (ICCMC). :619-623.

This paper proposes the implementation of progressive authentication service in smart android mobile phone. In this digital era, massive amount of work can be done in the digital form using the smart devices like smart phone , laptop, Tablets, etc. The number of smartphone users approx. reach to 299.24 million, as per the recent survey report [1] in 2019 this count will reach 2.7 billion and after 3 years, this count will increase up to 442.5 million. This article includes a cluster based progressive smart lock with a dependent combination that is short and more secure in nature. Android provides smart lock facilities with the combination of 9 dot, 6dot, 5dot, 4dot and 1-9 number. By using this mobile phone user will be able to generate pattern lock or number password for authentication. This is a single authentication system, this research paper includes a more secured multiple cluster based pattern match system.

Khakurel, U., Rawat, D., Njilla, L..  2019.  2019 IEEE International Conference on Industrial Internet (ICII). 2019 IEEE International Conference on Industrial Internet (ICII). :241—247.

FastChain is a simulator built in NS-3 which simulates the networked battlefield scenario with military applications, connecting tankers, soldiers and drones to form Internet-of-Battlefield-Things (IoBT). Computing, storage and communication resources in IoBT are limited during certain situations in IoBT. Under these circumstances, these resources should be carefully combined to handle the task to accomplish the mission. FastChain simulator uses Sharding approach to provide an efficient solution to combine resources of IoBT devices by identifying the correct and the best set of IoBT devices for a given scenario. Then, the set of IoBT devices for a given scenario collaborate together for sharding enabled Blockchain technology. Interested researchers, policy makers and developers can download and use the FastChain simulator to design, develop and evaluate blockchain enabled IoBT scenarios that helps make robust and trustworthy informed decisions in mission-critical IoBT environment.

Ly, Son Thai, Do, Nhu-Tai, Lee, Guee-Sang, Kim, Soo-Hyung, Yang, Hyung-Jeong.  2019.  A 3d Face Modeling Approach for in-The-Wild Facial Expression Recognition on Image Datasets. 2019 IEEE International Conference on Image Processing (ICIP). :3492—3496.

This paper explores the benefits of 3D face modeling for in-the-wild facial expression recognition (FER). Since there is limited in-the-wild 3D FER dataset, we first construct 3D facial data from available 2D dataset using recent advances in 3D face reconstruction. The 3D facial geometry representation is then extracted by deep learning technique. In addition, we also take advantage of manipulating the 3D face, such as using 2D projected images of 3D face as additional input for FER. These features are then fused with that of 2D FER typical network. By doing so, despite using common approaches, we achieve a competent recognition accuracy on Real-World Affective Faces (RAF) database and Static Facial Expressions in the Wild (SFEW 2.0) compared with the state-of-the-art reports. To the best of our knowledge, this is the first time such a deep learning combination of 3D and 2D facial modalities is presented in the context of in-the-wild FER.

Vakilinia, I., Tosh, D. K., Sengupta, S..  2017.  3-Way game model for privacy-preserving cybersecurity information exchange framework. MILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM). :829–834.

With the growing number of cyberattack incidents, organizations are required to have proactive knowledge on the cybersecurity landscape for efficiently defending their resources. To achieve this, organizations must develop the culture of sharing their threat information with others for effectively assessing the associated risks. However, sharing cybersecurity information is costly for the organizations due to the fact that the information conveys sensitive and private data. Hence, making the decision for sharing information is a challenging task and requires to resolve the trade-off between sharing advantages and privacy exposure. On the other hand, cybersecurity information exchange (CYBEX) management is crucial in stabilizing the system through setting the correct values for participation fees and sharing incentives. In this work, we model the interaction of organizations, CYBEX, and attackers involved in a sharing system using dynamic game. With devising appropriate payoff models for each player, we analyze the best strategies of the entities by incorporating the organizations' privacy component in the sharing model. Using the best response analysis, the simulation results demonstrate the efficiency of our proposed framework.

Bhatt, Smriti, Patwa, Farhan, Sandhu, Ravi.  2017.  ABAC with Group Attributes and Attribute Hierarchies Utilizing the Policy Machine. Proceedings of the 2Nd ACM Workshop on Attribute-Based Access Control. :17–28.

Attribute-Based Access Control (ABAC) has received significant attention in recent years, although the concept has been around for over two decades now. Many ABAC models, with different variations, have been proposed and formalized. Besides basic ABAC models, there are models designed with additional capabilities such as group attributes, group and attribute hierarchies and so on. Hierarchical relationship among groups and attributes enhances access control flexibility and facilitates attribute management and administration. However, implementation and demonstration of ABAC models in real-world applications is still lacking. In this paper, we present a restricted HGABAC (rHGABAC) model with user and object groups and group hierarchy. We then introduce attribute hierarchies in this model. We also present an authorization architecture for implementing rHGABAC utilizing the NIST Policy Machine (PM). PM allows to define attribute-based access control policies, however, the attributes in PM are different in nature than attributes in typical ABAC models as name-value pairs. We identify a policy configuration mechanism for our proposed model employing PM capabilities, and demonstrate use cases and their configuration and implementation in PM using our authorization architecture.

Qi, L. T., Huang, H. P., Wang, P., Wang, R. C..  2018.  Abnormal Item Detection Based on Time Window Merging for Recommender Systems. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :252–259.

CFRS (Collaborative Filtering Recommendation System) is one of the most widely used individualized recommendation systems. However, CFRS is susceptible to shilling attacks based on profile injection. The current research on shilling attack mainly focuses on the recognition of false user profiles, but these methods depend on the specific attack models and the computational cost is huge. From the view of item, some abnormal item detection methods are proposed which are independent of attack models and overcome the defects of user profiles model, but its detection rate, false alarm rate and time overhead need to be further improved. In order to solve these problems, it proposes an abnormal item detection method based on time window merging. This method first uses the small window to partition rating time series, and determine whether the window is suspicious in terms of the number of abnormal ratings within it. Then, the suspicious small windows are merged to form suspicious intervals. We use the rating distribution characteristics RAR (Ratio of Abnormal Rating), ATIAR (Average Time Interval of Abnormal Rating), DAR(Deviation of Abnormal Rating) and DTIAR (Deviation of Time Interval of Abnormal Rating) in the suspicious intervals to determine whether the item is subject to attacks. Experiment results on the MovieLens 100K data set show that the method has a high detection rate and a low false alarm rate.

Bilanová, Z., Perháč, J..  2019.  About possibilities of applying logical analysis of natural language in computer science. 2019 IEEE 13th International Symposium on Applied Computational Intelligence and Informatics (SACI). :251–256.
This paper deals with the comparison of the most popular methods of a logical analysis of natural language Montague intensional logic and Transparent intensional logic. At first, these logical apparatuses are compared in terms of their founding theoretical principles. Later, the selected sentence is examined through the logical analysis. The aim of the paper is to identify a more expressive logical method, which will be a suitable basis for the future design of an algorithm for the automated translation of the natural language into a formal representation of its meaning through a semantic machine.
Vanickis, R., Jacob, P., Dehghanzadeh, S., Lee, B..  2018.  Access Control Policy Enforcement for Zero-Trust-Networking. 2018 29th Irish Signals and Systems Conference (ISSC). :1-6.

The evolution of the enterprise computing landscape towards emerging trends such as fog/edge computing and the Industrial Internet of Things (IIoT) are leading to a change of approach to securing computer networks to deal with challenges such as mobility, virtualized infrastructures, dynamic and heterogeneous user contexts and transaction-based interactions. The uncertainty introduced by such dynamicity introduces greater uncertainty into the access control process and motivates the need for risk-based access control decision making. Thus, the traditional perimeter-based security paradigm is increasingly being abandoned in favour of a so called "zero trust networking" (ZTN). In ZTN networks are partitioned into zones with different levels of trust required to access the zone resources depending on the assets protected by the zone. All accesses to sensitive information is subject to rigorous access control based on user and device profile and context. In this paper we outline a policy enforcement framework to address many of open challenges for risk-based access control for ZTN. We specify the design of required policy languages including a generic firewall policy language to express firewall rules. We design a mechanism to map these rules to specific firewall syntax and to install the rules on the firewall. We show the viability of our design with a small proof-of-concept.

Datta, A., Kar, S., Sinopoli, B., Weerakkody, S..  2016.  Accountability in cyber-physical systems. 2016 Science of Security for Cyber-Physical Systems Workshop (SOSCYPS). :1–3.

Our position is that a key component of securing cyber-physical systems (CPS) is to develop a theory of accountability that encompasses both control and computing systems. We envision that a unified theory of accountability in CPS can be built on a foundation of causal information flow analysis. This theory will support design and analysis of mechanisms at various stages of the accountability regime: attack detection, responsibility-assignment (e.g., attack identification or localization), and corrective measures (e.g., via resilient control) As an initial step in this direction, we summarize our results on attack detection in control systems. We use the Kullback-Liebler (KL) divergence as a causal information flow measure. We then recover, using information flow analyses, a set of existing results in the literature that were previously proved using different techniques. These results cover passive detection, stealthy attack characterization, and active detection. This research direction is related to recent work on accountability in computational systems [1], [2], [3], [4]. We envision that by casting accountability theories in computing and control systems in terms of causal information flow, we can provide a common foundation to develop a theory for CPS that compose elements from both domains.

Noureddine, M. A., Marturano, A., Keefe, K., Bashir, M., Sanders, W. H..  2017.  Accounting for the Human User in Predictive Security Models. 2017 IEEE 22nd Pacific Rim International Symposium on Dependable Computing (PRDC). :329–338.

Given the growing sophistication of cyber attacks, designing a perfectly secure system is not generally possible. Quantitative security metrics are thus needed to measure and compare the relative security of proposed security designs and policies. Since the investigation of security breaches has shown a strong impact of human errors, ignoring the human user in computing these metrics can lead to misleading results. Despite this, and although security researchers have long observed the impact of human behavior on system security, few improvements have been made in designing systems that are resilient to the uncertainties in how humans interact with a cyber system. In this work, we develop an approach for including models of user behavior, emanating from the fields of social sciences and psychology, in the modeling of systems intended to be secure. We then illustrate how one of these models, namely general deterrence theory, can be used to study the effectiveness of the password security requirements policy and the frequency of security audits in a typical organization. Finally, we discuss the many challenges that arise when adopting such a modeling approach, and then present our recommendations for future work.

Uemura, Toshiaki, Kashiwabara, Yuta, Kawanuma, Daiki, Tomii, Takashi.  2016.  Accuracy Evaluation by GPS Data Correction for the EV Energy Consumption Database. Adjunct Proceedings of the 13th International Conference on Mobile and Ubiquitous Systems: Computing Networking and Services. :213–218.
Electric vehicles (EVs) are expected to be applicable to smart grids because they have large-capacity batteries. It is important that smart grid users be able to estimate surplus battery energy and/or surplus capacity in advance of deploying EVs. We constructed a database, the Energy COnsumption LOG (ECOLOG) Database System, to store vehicle daily logs acquired by smartphones placed in vehicles. The electrical energy consumption is estimated from GPS coordinate data using an EV energy-consumption model. This research specifically examines commuting with a vehicle used for same route every day. We corrected GPS coordinate data by map matching, and input the data to the EV energy consumption model. We regard the remaining battery capacity data acquired by the EV CAN as correct data. Then we evaluate the accuracy of driving energy consumption logs as estimated using the corrected GPS coordinate data.
Bindschaedler, Vincent, Rane, Shantanu, Brito, Alejandro E., Rao, Vanishree, Uzun, Ersin.  2017.  Achieving Differential Privacy in Secure Multiparty Data Aggregation Protocols on Star Networks. Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy. :115–125.

We consider the problem of privacy-preserving data aggregation in a star network topology, i.e., several untrusting participants connected to a single aggregator. We require that the participants do not discover each other's data, and the service provider remains oblivious to each participant's individual contribution. Furthermore, the final result is to be published in a differentially private manner, i.e., the result should not reveal the contribution of any single participant to a (possibly external) adversary who knows the contributions of all other participants. In other words, we require a secure multiparty computation protocol that also incorporates a differentially private mechanism. Previous solutions have resorted to caveats such as postulating a trusted dealer to distribute keys to the participants, or introducing additional entities to withhold the decryption key from the aggregator, or relaxing the star topology by allowing pairwise communication amongst the participants. In this paper, we show how to obtain a noisy (differentially private) aggregation result using Shamir secret sharing and additively homomorphic encryption without these mitigating assumptions. More importantly, while we assume semi-honest participants, we allow the aggregator to be stronger than semi-honest, specifically in the sense that he can try to reduce the noise in the differentially private result. To respect the differential privacy requirement, collusions of mutually untrusting entities need to be analyzed differently from traditional secure multiparty computation: It is not sufficient that such collusions do not reveal the data of honest participants; we must also ensure that the colluding entities cannot undermine differential privacy by reducing the amount of noise in the final result. Our protocols avoid this by requiring that no entity – neither the aggregator nor any participant – knows how much noise a participant contributes to the final result. We also ensure that if a cheating aggregator tries to influence the noise term in the differentially private output, he can be detected with overwhelming probability.

Burley, Diana, Bishop, Matt, Kaza, Siddharth, Gibson, David S., Hawthorne, Elizabeth, Buck, Scott.  2017.  ACM Joint Task Force on Cybersecurity Education. Proceedings of the 2017 ACM SIGCSE Technical Symposium on Computer Science Education. :683–684.
In this special session, members of the ACM Joint Task Force (JTF) on Cybersecurity Education will provide an overview of the task force mission, objectives, and release a draft of the curricular guidelines. After the overview, task force members will engage session participants in the curricular development process and solicit feedback on the draft guidelines.
Huang, Lulu, Matwin, Stan, de Carvalho, Eder J., Minghim, Rosane.  2017.  Active Learning with Visualization for Text Data. Proceedings of the 2017 ACM Workshop on Exploratory Search and Interactive Data Analytics. :69–74.

Labeled datasets are always limited, and oftentimes the quantity of labeled data is a bottleneck for data analytics. This especially affects supervised machine learning methods, which require labels for models to learn from the labeled data. Active learning algorithms have been proposed to help achieve good analytic models with limited labeling efforts, by determining which additional instance labels will be most beneficial for learning for a given model. Active learning is consistent with interactive analytics as it proceeds in a cycle in which the unlabeled data is automatically explored. However, in active learning users have no control of the instances to be labeled, and for text data, the annotation interface is usually document only. Both of these constraints seem to affect the performance of an active learning model. We hypothesize that visualization techniques, particularly interactive ones, will help to address these constraints. In this paper, we implement a pilot study of visualization in active learning for text classification, with an interactive labeling interface. We compare the results of three experiments. Early results indicate that visualization improves high-performance machine learning model building with an active learning algorithm.

Yap, B. L., Baskaran, V. M..  2016.  Active surveillance using depth sensing technology \#8212; Part I: Intrusion detection. 2016 IEEE International Conference on Consumer Electronics-Taiwan (ICCE-TW). :1–2.

In part I of a three-part series on active surveillance using depth-sensing technology, this paper proposes an algorithm to identify outdoor intrusion activities by monitoring skeletal positions from Microsoft Kinect sensor in real-time. This algorithm implements three techniques to identify a premise intrusion. The first technique observes a boundary line along the wall (or fence) of a surveilled premise for skeletal trespassing detection. The second technique observes the duration of a skeletal object within a region of a surveilled premise for loitering detection. The third technique analyzes the differences in skeletal height to identify wall climbing. Experiment results suggest that the proposed algorithm is able to detect trespassing, loitering and wall climbing at a rate of 70%, 85% and 80% respectively.

Villarreal-Vasquez, M., Bhargava, B., Angin, P..  2017.  Adaptable Safety and Security in V2X Systems. 2017 IEEE International Congress on Internet of Things (ICIOT). :17–24.

With the advances in the areas of mobile computing and wireless communications, V2X systems have become a promising technology enabling deployment of applications providing road safety, traffic efficiency and infotainment. Due to their increasing popularity, V2X networks have become a major target for attackers, making them vulnerable to security threats and network conditions, and thus affecting the safety of passengers, vehicles and roads. Existing research in V2X does not effectively address the safety, security and performance limitation threats to connected vehicles, as a result of considering these aspects separately instead of jointly. In this work, we focus on the analysis of the tradeoffs between safety, security and performance of V2X systems and propose a dynamic adaptability approach considering all three aspects jointly based on application needs and context to achieve maximum safety on the roads using an Internet of vehicles. Experiments with a simple V2V highway scenario demonstrate that an adaptive safety/security approach is essential and V2X systems have great potential for providing low reaction times.

Yagoub, Mohammed Amine, Laouid, Abdelkader, Kazar, Okba, Bounceur, Ahcène, Euler, Reinhardt, AlShaikh, Muath.  2018.  An Adaptive and Efficient Fully Homomorphic Encryption Technique. Proceedings of the 2Nd International Conference on Future Networks and Distributed Systems. :35:1–35:6.

The huge amount of generated data offers special advantages mainly in dynamic and scalable systems. In fact, the data generator entities need to share the generated data with each other which leads to the use of cloud services. A cloud server is considered as an untrusted entity that offers many advantages such as large storing space, computation speed... etc. Hence, there is a need to cope with how to protect the stored data in the cloud server by proposing adaptive solutions. The main objective is how to provide an encryption scheme allowing the user to maintains some functions such as addition, multiplication and to preserve the order on the encrypted cloud data. Many algorithms and techniques are designed to manipulate the stored encrypted cloud data. This paper presents an adaptive and efficient fully homomorphic encryption technique to protect the user's data stored in the cloud, where the cloud server executes simple operations.

Phan, N., Wu, X., Hu, H., Dou, D..  2017.  Adaptive Laplace Mechanism: Differential Privacy Preservation in Deep Learning. 2017 IEEE International Conference on Data Mining (ICDM). :385–394.

In this paper, we focus on developing a novel mechanism to preserve differential privacy in deep neural networks, such that: (1) The privacy budget consumption is totally independent of the number of training steps; (2) It has the ability to adaptively inject noise into features based on the contribution of each to the output; and (3) It could be applied in a variety of different deep neural networks. To achieve this, we figure out a way to perturb affine transformations of neurons, and loss functions used in deep neural networks. In addition, our mechanism intentionally adds "more noise" into features which are "less relevant" to the model output, and vice-versa. Our theoretical analysis further derives the sensitivities and error bounds of our mechanism. Rigorous experiments conducted on MNIST and CIFAR-10 datasets show that our mechanism is highly effective and outperforms existing solutions.

Yadollahi, Mohammad Mehdi, Shoeleh, Farzaneh, Serkani, Elham, Madani, Afsaneh, Gharaee, Hossein.  2019.  An Adaptive Machine Learning Based Approach for Phishing Detection Using Hybrid Features. 2019 5th International Conference on Web Research (ICWR). :281—286.

Nowadays, phishing is one of the most usual web threats with regards to the significant growth of the World Wide Web in volume over time. Phishing attackers always use new (zero-day) and sophisticated techniques to deceive online customers. Hence, it is necessary that the anti-phishing system be real-time and fast and also leverages from an intelligent phishing detection solution. Here, we develop a reliable detection system which can adaptively match the changing environment and phishing websites. Our method is an online and feature-rich machine learning technique to discriminate the phishing and legitimate websites. Since the proposed approach extracts different types of discriminative features from URLs and webpages source code, it is an entirely client-side solution and does not require any service from the third-party. The experimental results highlight the robustness and competitiveness of our anti-phishing system to distinguish the phishing and legitimate websites.

Pan, Y., He, F., Yu, H..  2018.  An Adaptive Method to Learn Directive Trust Strength for Trust-Aware Recommender Systems. 2018 IEEE 22nd International Conference on Computer Supported Cooperative Work in Design ((CSCWD)). :10–16.

Trust Relationships have shown great potential to improve recommendation quality, especially for cold start and sparse users. Since each user trust their friends in different degrees, there are numbers of works been proposed to take Trust Strength into account for recommender systems. However, these methods ignore the information of trust directions between users. In this paper, we propose a novel method to adaptively learn directive trust strength to improve trust-aware recommender systems. Advancing previous works, we propose to establish direction of trust strength by modeling the implicit relationships between users with roles of trusters and trustees. Specially, under new trust strength with directions, how to compute the directive trust strength is becoming a new challenge. Therefore, we present a novel method to adaptively learn directive trust strengths in a unified framework by enforcing the trust strength into range of [0, 1] through a mapping function. Our experiments on Epinions and Ciao datasets demonstrate that the proposed algorithm can effectively outperform several state-of-art algorithms on both MAE and RMSE metrics.

Ding, Q., Peng, X., Zhang, X., Hu, X., Zhong, X..  2017.  Adaptive observer-based fault diagnosis for sensor in a class of MIMO nonlinear system. 2017 36th Chinese Control Conference (CCC). :7051–7058.

This paper presents a novel sensor parameter fault diagnosis method for generally multiple-input multiple-output (MIMO) affine nonlinear systems based on adaptive observer. Firstly, the affine nonlinear systems are transformed into the particular systems via diffeomorphic transformation using Lie derivative. Then, based on the techniques of high-gain observer and adaptive estimation, an adaptive observer structure is designed with simple method for jointly estimating the states and the unknown parameters in the output equation of the nonlinear systems. And an algorithm of the fault estimation is derived. The global exponential convergence of the proposed observer is proved succinctly. Also the proposed method can be applied to the fault diagnosis of generally affine nonlinear systems directly by the reversibility of aforementioned coordinate transformation. Finally, a numerical example is presented to illustrate the efficiency of the proposed fault diagnosis scheme.

Pal, Partha, Soule, Nathaniel, Lageman, Nate, Clark, Shane S., Carvalho, Marco, Granados, Adrian, Alves, Anthony.  2017.  Adaptive Resource Management Enabling Deception (ARMED). Proceedings of the 12th International Conference on Availability, Reliability and Security. :52:1–52:8.
Distributed Denial of Service (DDoS) attacks routinely disrupt access to critical services. Mitigation of these attacks often relies on planned over-provisioning or elastic provisioning of resources, and third-party monitoring, analysis, and scrubbing of network traffic. While volumetric attacks which saturate a victim's network are most common, non-volumetric, low and slow, DDoS attacks can achieve their goals without requiring high traffic volume by targeting vulnerable network protocols or protocol implementations. Non-volumetric attacks, unlike their noisy counterparts, require more sophisticated detection mechanisms, and typically have only post-facto and targeted protocol/application mitigations. In this paper, we introduce our work under the Adaptive Resource Management Enabling Deception (ARMED) effort, which is developing a network-level approach to automatically mitigate sophisticated DDoS attacks through deception-focused adaptive maneuvering. We describe the concept, implementation, and initial evaluation of the ARMED Network Actors (ANAs) that facilitate transparent interception, sensing, analysis, and mounting of adaptive responses that can disrupt the adversary's decision process.
Salehie, Mazeiar, Pasquale, Liliana, Omoronyia, Inah, Nuseibeh, Bashar.  2012.  Adaptive Security and Privacy in Smart Grids: A Software Engineering Vision. 2012 First International Workshop on Software Engineering Challenges for the Smart Grid (SE-SmartGrids). :46–49.

Despite the benefits offered by smart grids, energy producers, distributors and consumers are increasingly concerned about possible security and privacy threats. These threats typically manifest themselves at runtime as new usage scenarios arise and vulnerabilities are discovered. Adaptive security and privacy promise to address these threats by increasing awareness and automating prevention, detection and recovery from security and privacy requirements' failures at runtime by re-configuring system controls and perhaps even changing requirements. This paper discusses the need for adaptive security and privacy in smart grids by presenting some motivating scenarios. We then outline some research issues that arise in engineering adaptive security. We particularly scrutinize published reports by NIST on smart grid security and privacy as the basis for our discussions.