Visible to the public Biblio

Found 12055 results

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 
Giaretta, Alberto, De Donno, Michele, Dragoni, Nicola.  2018.  Adding Salt to Pepper: A Structured Security Assessment over a Humanoid Robot. Proceedings of the 13th International Conference on Availability, Reliability and Security. :22:1–22:8.
The rise of connectivity, digitalization, robotics, and artificial intelligence (AI) is rapidly changing our society and shaping its future development. During this technological and societal revolution, security has been persistently neglected, yet a hacked robot can act as an insider threat in organizations, industries, public spaces, and private homes. In this paper, we perform a structured security assessment of Pepper, a commercial humanoid robot. Our analysis, composed by an automated and a manual part, points out a relevant number of security flaws that can be used to take over and command the robot. Furthermore, we suggest how these issues could be fixed, thus, avoided in the future. The very final aim of this work is to push the rise of the security level of IoT products before they are sold on the public market.
Tojiboev, R., Lee, W., Lee, C. C..  2020.  Adding Noise Trajectory for Providing Privacy in Data Publishing by Vectorization. 2020 IEEE International Conference on Big Data and Smart Computing (BigComp). :432—434.

Since trajectory data is widely collected and utilized for scientific research and business purpose, publishing trajectory without proper privacy-policy leads to an acute threat to individual data. Recently, several methods, i.e., k-anonymity, l-diversity, t-closeness have been studied, though they tend to protect by reducing data depends on a feature of each method. When a strong privacy protection is required, these methods have excessively reduced data utility that may affect the result of scientific research. In this research, we suggest a novel approach to tackle this existing dilemma via an adding noise trajectory on a vector-based grid environment.

Hayward, Jake, Tomlinson, Andrew, Bryans, Jeremy.  2019.  Adding Cyberattacks To An Industry-Leading CAN Simulator. 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C). :9–16.
Recent years have seen an increase in the data usage in cars, particularly as they become more autonomous and connected. With the rise in data use have come concerns about automotive cyber-security. An in-vehicle network shown to be particularly vulnerable is the Controller Area Network (CAN), which is the communication bus used by the car's safety critical and performance critical components. Cyber attacks on the CAN have been demonstrated, leading to research to develop attack detection and attack prevention systems. Such research requires representative attack demonstrations and data for testing. Obtaining this data is problematical due to the expense, danger and impracticality of using real cars on roads or tracks for example attacks. Whilst CAN simulators are available, these tend to be configured for testing conformance and functionality, rather than analysing security and cyber vulnerability. We therefore adapt a leading, industry-standard, CAN simulator to incorporate a core set of cyber attacks that are representative of those proposed by other researchers. Our adaptation allows the user to configure the attacks, and can be added easily to the free version of the simulator. Here we describe the simulator and, after reviewing the attacks that have been demonstrated and discussing their commonalities, we outline the attacks that we have incorporated into the simulator.
Corneci, Vlad-Mihai, Carabas, Costin, Deaconescu, Razvan, Tapus, Nicolae.  2019.  Adding Custom Sandbox Profiles to iOS Apps. 2019 18th RoEduNet Conference: Networking in Education and Research (RoEduNet). :1–5.
The massive adoption of mobile devices by both individuals and companies is raising many security concerns. The fact that such devices are handling sensitive data makes them a target for attackers. Many attack prevention mechanisms are deployed with a last line of defense that focuses on the containment principle. Currently, iOS treats each 3rd party application alike which may lead to security flaws. We propose a framework in which each application has a custom sandboxed environment. We investigated the current confinement architecture used by Apple and built a solution on top of it.
Hyesook Lim, Kyuhee Lim, Nara Lee, Kyong-Hye Park.  2014.  On Adding Bloom Filters to Longest Prefix Matching Algorithms. Computers, IEEE Transactions on. 63:411-423.

High-speed IP address lookup is essential to achieve wire-speed packet forwarding in Internet routers. Ternary content addressable memory (TCAM) technology has been adopted to solve the IP address lookup problem because of its ability to perform fast parallel matching. However, the applicability of TCAMs presents difficulties due to cost and power dissipation issues. Various algorithms and hardware architectures have been proposed to perform the IP address lookup using ordinary memories such as SRAMs or DRAMs without using TCAMs. Among the algorithms, we focus on two efficient algorithms providing high-speed IP address lookup: parallel multiple-hashing (PMH) algorithm and binary search on level algorithm. This paper shows how effectively an on-chip Bloom filter can improve those algorithms. A performance evaluation using actual backbone routing data with 15,000-220,000 prefixes shows that by adding a Bloom filter, the complicated hardware for parallel access is removed without search performance penalty in parallel-multiple hashing algorithm. Search speed has been improved by 30-40 percent by adding a Bloom filter in binary search on level algorithm.

Yuan, Yaofeng, When, JieChang.  2019.  Adaptively Weighted Channel Feature Network of Mixed Convolution Kernel. 2019 15th International Conference on Computational Intelligence and Security (CIS). :87–91.
In the deep learning tasks, we can design different network models to address different tasks (classification, detection, segmentation). But traditional deep learning networks simply increase the depth and breadth of the network. This leads to a higher complexity of the model. We propose Adaptively Weighted Channel Feature Network of Mixed Convolution Kernel(SKENet). SKENet extract features from different kernels, then mixed those features by elementwise, lastly do sigmoid operator on channel features to get adaptive weightings. We did a simple classification test on the CIFAR10 amd CIFAR100 dataset. The results show that SKENet can achieve a better result in a shorter time. After that, we did an object detection experiment on the VOC dataset. The experimental results show that SKENet is far ahead of the SKNet[20] in terms of speed and accuracy.
Chae, Younghun, Katenka, Natallia, DiPippo, Lisa.  2019.  An Adaptive Threshold Method for Anomaly-based Intrusion Detection Systems. 2019 IEEE 18th International Symposium on Network Computing and Applications (NCA). :1–4.
Anomaly-based Detection Systems (ADSs) attempt to learn the features of behaviors and events of a system and/or users over a period to build a profile of normal behaviors. There has been a growing interest in ADSs and typically conceived as more powerful systems One of the important factors for ADSs is an ability to distinguish between normal and abnormal behaviors in a given period. However, it is getting complicated due to the dynamic network environment that changes every minute. It is dangerous to distinguish between normal and abnormal behaviors with a fixed threshold in a dynamic environment because it cannot guarantee the threshold is always an indication of normal behaviors. In this paper, we propose an adaptive threshold for a dynamic environment with a trust management scheme for efficiently managing the profiles of normal and abnormal behaviors. Based on the assumption of the statistical analysis-based ADS that normal data instances occur in high probability regions while malicious data instances occur in low probability regions of a stochastic model, we set two adaptive thresholds for normal and abnormal behaviors. The behaviors between the two thresholds are classified as suspicious behaviors, and they are efficiently evaluated with a trust management scheme.
Jialing Mo, Qiang He, Weiping Hu.  2014.  An adaptive threshold de-noising method based on EEMD. Signal Processing, Communications and Computing (ICSPCC), 2014 IEEE International Conference on. :209-214.

In view of the difficulty in selecting wavelet base and decomposition level for wavelet-based de-noising method, this paper proposes an adaptive de-noising method based on Ensemble Empirical Mode Decomposition (EEMD). The autocorrelation, cross-correlation method is used to adaptively find the signal-to-noise boundary layer of the EEMD in this method. Then the noise dominant layer is filtered directly and the signal dominant layer is threshold de-noised. Finally, the de-noising signal is reconstructed by each layer component which is de-noised. This method solves the problem of mode mixing in Empirical Mode Decomposition (EMD) by using EEMD and combines the advantage of wavelet threshold. In this paper, we focus on the analysis and verification of the correctness of the adaptive determination of the noise dominant layer. The simulation experiment results prove that this de-noising method is efficient and has good adaptability.

Nasser, B., Rabani, A., Freiling, D., Gan, C..  2018.  An Adaptive Telerobotics Control for Advanced Manufacturing. 2018 NASA/ESA Conference on Adaptive Hardware and Systems (AHS). :82—89.
This paper explores an innovative approach to the telerobotics reasoning architecture and networking, which offer a reliable and adaptable operational process for complex tasks. There are many operational challenges in the remote control for manufacturing that can be introduced by the network communications and Iatency. A new protocol, named compact Reliable UDP (compact-RUDP), has been developed to combine both data channelling and media streaming for robot teleoperation. The original approach ensures connection reliability by implementing a TCP-like sliding window with UDP packets. The protocol provides multiple features including data security, link status monitoring, bandwidth control, asynchronous file transfer and prioritizing transfer of data packets. Experiments were conducted on a 5DOF robotic arm where a cutting tool was mounted at its distal end. A light sensor was used to guide the robot movements, and a camera device to provide a video stream of the operation. The data communication reliability is evaluated using Round-Trip Time (RTT), and advanced robot path planning for distributed decision making between endpoints. The results show 88% correlation between the remotely and locally operated robots. The file transfers and video streaming were performed with no data loss or corruption on the control commands and data feedback packets.
Xiong Xu, Yanfei Zhong, Liangpei Zhang.  2014.  Adaptive Subpixel Mapping Based on a Multiagent System for Remote-Sensing Imagery. Geoscience and Remote Sensing, IEEE Transactions on. 52:787-804.

The existence of mixed pixels is a major problem in remote-sensing image classification. Although the soft classification and spectral unmixing techniques can obtain an abundance of different classes in a pixel to solve the mixed pixel problem, the subpixel spatial attribution of the pixel will still be unknown. The subpixel mapping technique can effectively solve this problem by providing a fine-resolution map of class labels from coarser spectrally unmixed fraction images. However, most traditional subpixel mapping algorithms treat all mixed pixels as an identical type, either boundary-mixed pixel or linear subpixel, leading to incomplete and inaccurate results. To improve the subpixel mapping accuracy, this paper proposes an adaptive subpixel mapping framework based on a multiagent system for remote-sensing imagery. In the proposed multiagent subpixel mapping framework, three kinds of agents, namely, feature detection agents, subpixel mapping agents and decision agents, are designed to solve the subpixel mapping problem. Experiments with artificial images and synthetic remote-sensing images were performed to evaluate the performance of the proposed subpixel mapping algorithm in comparison with the hard classification method and other subpixel mapping algorithms: subpixel mapping based on a back-propagation neural network and the spatial attraction model. The experimental results indicate that the proposed algorithm outperforms the other two subpixel mapping algorithms in reconstructing the different structures in mixed pixels.

Kin-Cleaves, Christy, Ker, Andrew D..  2018.  Adaptive Steganography in the Noisy Channel with Dual-Syndrome Trellis Codes. 2018 IEEE International Workshop on Information Forensics and Security (WIFS). :1–7.
Adaptive steganography aims to reduce distortion in the embedding process, typically using Syndrome Trellis Codes (STCs). However, in the case of non-adversarial noise, these are a bad choice: syndrome codes are fragile by design, amplifying the channel error rate into unacceptably-high payload error rates. In this paper we examine the fragility of STCs in the noisy channel, and consider how this can be mitigated if their use cannot be avoided altogether. We also propose an extension called Dual-Syndrome Trellis Codes, that combines error correction and embedding in the same Viterbi process, which slightly outperforms a straight-forward combination of standard forward error correction and STCs.
Ollesch, Julius.  2016.  Adaptive Steering of Cyber-physical Systems with Atomic Complex Event Processing Services: Doctoral Symposium. Proceedings of the 10th ACM International Conference on Distributed and Event-based Systems. :402–405.
Given the advent of cyber-physical systems (CPS), event-based control paradigms such as complex event processing (CEP) are vital enablers for adaptive analytical control mechanisms. CPS are becoming a high-profile research topic as they are key to disruptive digital innovations such as autonomous driving, industrial internet, smart grid and ambient assisted living. However, organizational and technological scalability of today's CEP approaches is limited by their monolithic architectures. This leads to the research idea for atomic CEP entities and the hypothesis that a network of small event-based control services is better suited for CPS development and operation than current centralised approaches. In addition, the paper summarizes preliminary results of the presented doctoral work and outlines questions for future research as well as an evaluation plan.
Li, F., Jiang, M., Zhang, Z..  2017.  An adaptive sparse representation model by block dictionary and swarm intelligence. 2017 2nd IEEE International Conference on Computational Intelligence and Applications (ICCIA). :200–203.

The pattern recognition in the sparse representation (SR) framework has been very successful. In this model, the test sample can be represented as a sparse linear combination of training samples by solving a norm-regularized least squares problem. However, the value of regularization parameter is always indiscriminating for the whole dictionary. To enhance the group concentration of the coefficients and also to improve the sparsity, we propose a new SR model called adaptive sparse representation classifier(ASRC). In ASRC, a sparse coefficient strengthened item is added in the objective function. The model is solved by the artificial bee colony (ABC) algorithm with variable step to speed up the convergence. Also, a partition strategy for large scale dictionary is adopted to lighten bee's load and removes the irrelevant groups. Through different data sets, we empirically demonstrate the property of the new model and its recognition performance.

Salehie, Mazeiar, Pasquale, Liliana, Omoronyia, Inah, Nuseibeh, Bashar.  2012.  Adaptive Security and Privacy in Smart Grids: A Software Engineering Vision. 2012 First International Workshop on Software Engineering Challenges for the Smart Grid (SE-SmartGrids). :46–49.

Despite the benefits offered by smart grids, energy producers, distributors and consumers are increasingly concerned about possible security and privacy threats. These threats typically manifest themselves at runtime as new usage scenarios arise and vulnerabilities are discovered. Adaptive security and privacy promise to address these threats by increasing awareness and automating prevention, detection and recovery from security and privacy requirements' failures at runtime by re-configuring system controls and perhaps even changing requirements. This paper discusses the need for adaptive security and privacy in smart grids by presenting some motivating scenarios. We then outline some research issues that arise in engineering adaptive security. We particularly scrutinize published reports by NIST on smart grid security and privacy as the basis for our discussions.

Fan, Renshi, Du, Gaoming, Xu, Pengfei, Li, Zhenmin, Song, Yukun, Zhang, Duoli.  2019.  An Adaptive Routing Scheme Based on Q-learning and Real-time Traffic Monitoring for Network-on-Chip. 2019 IEEE 13th International Conference on Anti-counterfeiting, Security, and Identification (ASID). :244—248.
In the Network on Chip (NoC), performance optimization has always been a research focus. Compared with the static routing scheme, dynamical routing schemes can better reduce the data of packet transmission latency under network congestion. In this paper, we propose a dynamical Q-learning routing approach with real-time monitoring of NoC. Firstly, we design a real-time monitoring scheme and the corresponding circuits to record the status of traffic congestion for NoC. Secondly, we propose a novel method of Q-learning. This method finds an optimal path based on the lowest traffic congestion. Finally, we dynamically redistribute network tasks to increase the packet transmission speed and balance the traffic load. Compared with the C-XY routing and DyXY routing, our method achieved improvement in terms of 25.6%-49.5% and 22.9%-43.8%.
Mfula, H., Nurminen, J. K..  2017.  Adaptive Root Cause Analysis for Self-Healing in 5G Networks. 2017 International Conference on High Performance Computing Simulation (HPCS). :136–143.

Root cause analysis (RCA) is a common and recurring task performed by operators of cellular networks. It is done mainly to keep customers satisfied with the quality of offered services and to maximize return on investment (ROI) by minimizing and where possible eliminating the root causes of faults in cellular networks. Currently, the actual detection and diagnosis of faults or potential faults is still a manual and slow process often carried out by network experts who manually analyze and correlate various pieces of network data such as, alarms, call traces, configuration management (CM) and key performance indicator (KPI) data in order to come up with the most probable root cause of a given network fault. In this paper, we propose an automated fault detection and diagnosis solution called adaptive root cause analysis (ARCA). The solution uses measurements and other network data together with Bayesian network theory to perform automated evidence based RCA. Compared to the current common practice, our solution is faster due to automation of the entire RCA process. The solution is also cheaper because it needs fewer or no personnel in order to operate and it improves efficiency through domain knowledge reuse during adaptive learning. As it uses a probabilistic Bayesian classifier, it can work with incomplete data and it can handle large datasets with complex probability combinations. Experimental results from stratified synthesized data affirmatively validate the feasibility of using such a solution as a key part of self-healing (SH) especially in emerging self-organizing network (SON) based solutions in LTE Advanced (LTE-A) and 5G.

Pal, Partha, Soule, Nathaniel, Lageman, Nate, Clark, Shane S., Carvalho, Marco, Granados, Adrian, Alves, Anthony.  2017.  Adaptive Resource Management Enabling Deception (ARMED). Proceedings of the 12th International Conference on Availability, Reliability and Security. :52:1–52:8.
Distributed Denial of Service (DDoS) attacks routinely disrupt access to critical services. Mitigation of these attacks often relies on planned over-provisioning or elastic provisioning of resources, and third-party monitoring, analysis, and scrubbing of network traffic. While volumetric attacks which saturate a victim's network are most common, non-volumetric, low and slow, DDoS attacks can achieve their goals without requiring high traffic volume by targeting vulnerable network protocols or protocol implementations. Non-volumetric attacks, unlike their noisy counterparts, require more sophisticated detection mechanisms, and typically have only post-facto and targeted protocol/application mitigations. In this paper, we introduce our work under the Adaptive Resource Management Enabling Deception (ARMED) effort, which is developing a network-level approach to automatically mitigate sophisticated DDoS attacks through deception-focused adaptive maneuvering. We describe the concept, implementation, and initial evaluation of the ARMED Network Actors (ANAs) that facilitate transparent interception, sensing, analysis, and mounting of adaptive responses that can disrupt the adversary's decision process.
Li, X., Smith, J. D., Thai, M. T..  2017.  Adaptive Reconnaissance Attacks with Near-Optimal Parallel Batching. 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS). :699–709.

In assessing privacy on online social networks, it is important to investigate their vulnerability to reconnaissance strategies, in which attackers lure targets into being their friends by exploiting the social graph in order to extract victims' sensitive information. As the network topology is only partially revealed after each successful friend request, attackers need to employ an adaptive strategy. Existing work only considered a simple strategy in which attackers sequentially acquire one friend at a time, which causes tremendous delay in waiting for responses before sending the next request, and which lack the ability to retry failed requests after the network has changed. In contrast, we investigate an adaptive and parallel strategy, of which attackers can simultaneously send multiple friend requests in batch and recover from failed requests by retrying after topology changes, thereby significantly reducing the time to reach the targets and greatly improving robustness. We cast this approach as an optimization problem, Max-Crawling, and show it inapproximable within (1 - 1/e + $ε$). We first design our core algorithm PM-AReST which has an approximation ratio of (1 - e-(1-1/e)) using adaptive monotonic submodular properties. We next tighten our algorithm to provide a nearoptimal solution, i.e. having a ratio of (1 - 1/e), via a two-stage stochastic programming approach. We further establish the gap bound of (1 - e-(1-1/e)2) between batch strategies versus the optimal sequential one. We experimentally validate our theoretical results, finding that our algorithm performs nearoptimally in practice and that this is robust under a variety of problem settings.

Lobato, A. G. P., Lopez, M. A., Sanz, I. J., Cárdenas, A. A., Duarte, O. C. M. B., Pujolle, G..  2018.  An Adaptive Real-Time Architecture for Zero-Day Threat Detection. 2018 IEEE International Conference on Communications (ICC). :1–6.

Attackers create new threats and constantly change their behavior to mislead security systems. In this paper, we propose an adaptive threat detection architecture that trains its detection models in real time. The major contributions of the proposed architecture are: i) gather data about zero-day attacks and attacker behavior using honeypots in the network; ii) process data in real time and achieve high processing throughput through detection schemes implemented with stream processing technology; iii) use of two real datasets to evaluate our detection schemes, the first from a major network operator in Brazil and the other created in our lab; iv) design and development of adaptive detection schemes including both online trained supervised classification schemes that update their parameters in real time and learn zero-day threats from the honeypots, and online trained unsupervised anomaly detection schemes that model legitimate user behavior and adapt to changes. The performance evaluation results show that proposed architecture maintains an excellent trade-off between threat detection and false positive rates and achieves high classification accuracy of more than 90%, even with legitimate behavior changes and zero-day threats.

Lv, Chengcheng, Zhang, Long, Zeng, Fanping, Zhang, Jian.  2019.  Adaptive Random Testing for XSS Vulnerability. 2019 26th Asia-Pacific Software Engineering Conference (APSEC). :63–69.
XSS is one of the common vulnerabilities in web applications. Many black-box testing tools may collect a large number of payloads and traverse them to find a payload that can be successfully injected, but they are not very efficient. And previous research has paid less attention to how to improve the efficiency of black-box testing to detect XSS vulnerability. To improve the efficiency of testing, we develop an XSS testing tool. It collects 6128 payloads and uses a headless browser to detect XSS vulnerability. The tool can discover XSS vulnerability quickly with the ART(Adaptive Random Testing) method. We conduct an experiment using 3 extensively adopted open source vulnerable benchmarks and 2 actual websites to evaluate the ART method. The experimental results indicate that the ART method can effectively improve the fuzzing method by more than 27.1% in reducing the number of attempts before accomplishing a successful injection.
Ding, Q., Peng, X., Zhang, X., Hu, X., Zhong, X..  2017.  Adaptive observer-based fault diagnosis for sensor in a class of MIMO nonlinear system. 2017 36th Chinese Control Conference (CCC). :7051–7058.

This paper presents a novel sensor parameter fault diagnosis method for generally multiple-input multiple-output (MIMO) affine nonlinear systems based on adaptive observer. Firstly, the affine nonlinear systems are transformed into the particular systems via diffeomorphic transformation using Lie derivative. Then, based on the techniques of high-gain observer and adaptive estimation, an adaptive observer structure is designed with simple method for jointly estimating the states and the unknown parameters in the output equation of the nonlinear systems. And an algorithm of the fault estimation is derived. The global exponential convergence of the proposed observer is proved succinctly. Also the proposed method can be applied to the fault diagnosis of generally affine nonlinear systems directly by the reversibility of aforementioned coordinate transformation. Finally, a numerical example is presented to illustrate the efficiency of the proposed fault diagnosis scheme.

Perner, Cora, Kinkelin, Holger, Carle, Georg.  2019.  Adaptive Network Management for Safety-Critical Systems. 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM). :25–30.
Present networks within safety-critical systems rely on complex and inflexible network configurations. New technologies such as software-defined networking are more dynamic and offer more flexibility, but due care needs to be exercised to ensure that safety and security are not compromised by incorrect configurations. To this end, this paper proposes the use of pre-generated and optimized configuration templates. These provide alternate routes for traffic considering availability, resilience and timing constraints where network components fail due to attacks or faults.To obtain these templates, two heuristics based on Dijkstra's algorithm and an optimization algorithm providing the maximum resilience were investigated. While the configurations obtained through optimization yield appropriate templates, the heuristics investigated are not suitable to obtain configuration templates, since they cannot fulfill all requirements.
Thu Trang Le, Atto, A.M., Trouvé, E., Nicolas, J.-M..  2014.  Adaptive Multitemporal SAR Image Filtering Based on the Change Detection Matrix. Geoscience and Remote Sensing Letters, IEEE. 11:1826-1830.

This letter presents an adaptive filtering approach of synthetic aperture radar (SAR) image times series based on the analysis of the temporal evolution. First, change detection matrices (CDMs) containing information on changed and unchanged pixels are constructed for each spatial position over the time series by implementing coefficient of variation (CV) cross tests. Afterward, the CDM provides for each pixel in each image an adaptive spatiotemporal neighborhood, which is used to derive the filtered value. The proposed approach is illustrated on a time series of 25 ascending TerraSAR-X images acquired from November 6, 2009 to September 25, 2011 over the Chamonix-Mont-Blanc test-site, which includes different kinds of change, such as parking occupation, glacier surface evolution, etc.

Lee, Won-Jong, Hwang, Seok Joong, Shin, Youngsam, Ryu, Soojung, Ihm, Insung.  2016.  Adaptive Multi-rate Ray Sampling on Mobile Ray Tracing GPU. SIGGRAPH ASIA 2016 Mobile Graphics and Interactive Applications. :3:1–3:6.
We present an adaptive multi-rate ray sampling algorithm targeting mobile ray-tracing GPUs. We efficiently combine two existing algorithms, adaptive supersampling and undersampling, into a single framework targeting ray-tracing GPUs and extend it to a new multi-rate sampling scheme by utilizing tile-based rendering and frame-to-frame coherency. The experimental results show that our implementation is a versatile solution for future ray-tracing GPUs as it provides up to 2.98 times better efficiency in terms of performance per Watt by reducing the number of rays to be fed into the dedicated hardware and minimizing the memory operations.
Chowdhary, Ankur, Sengupta, Sailik, Alshamrani, Adel, Huang, Dijiang, Sabur, Abdulhakim.  2019.  Adaptive MTD Security using Markov Game Modeling. 2019 International Conference on Computing, Networking and Communications (ICNC). :577–581.
Large scale cloud networks consist of distributed networking and computing elements that process critical information and thus security is a key requirement for any environment. Unfortunately, assessing the security state of such networks is a challenging task and the tools used in the past by security experts such as packet filtering, firewall, Intrusion Detection Systems (IDS) etc., provide a reactive security mechanism. In this paper, we introduce a Moving Target Defense (MTD) based proactive security framework for monitoring attacks which lets us identify and reason about multi-stage attacks that target software vulnerabilities present in a cloud network. We formulate the multi-stage attack scenario as a two-player zero-sum Markov Game (between the attacker and the network administrator) on attack graphs. The rewards and transition probabilities are obtained by leveraging the expert knowledge present in the Common Vulnerability Scoring System (CVSS). Our framework identifies an attacker's optimal policy and places countermeasures to ensure that this attack policy is always detected, thus forcing the attacker to use a sub-optimal policy with higher cost.