3,196 research outputs found
A Framework for Data-Driven Physical Security and Insider Threat Detection
This paper presents PS0, an ontological framework and a methodology for
improving physical security and insider threat detection. PS0 can facilitate
forensic data analysis and proactively mitigate insider threats by leveraging
rule-based anomaly detection. In all too many cases, rule-based anomaly
detection can detect employee deviations from organizational security policies.
In addition, PS0 can be considered a security provenance solution because of
its ability to fully reconstruct attack patterns. Provenance graphs can be
further analyzed to identify deceptive actions and overcome analytical mistakes
that can result in bad decision-making, such as false attribution. Moreover,
the information can be used to enrich the available intelligence (about
intrusion attempts) that can form use cases to detect and remediate limitations
in the system, such as loosely-coupled provenance graphs that in many cases
indicate weaknesses in the physical security architecture. Ultimately,
validation of the framework through use cases demonstrates and proves that PS0
can improve an organization's security posture in terms of physical security
and insider threat detection.Comment: 8 pages, 4 figures, conference, workshop, snast, 4 sparql querie
Advanced Personnel Vetting Techniques in Critical Multi-Tennant Hosted Computing Environments
The emergence of cloud computing presents a strategic direction for critical
infrastructures and promises to have far-reaching effects on their systems and
networks to deliver better outcomes to the nations at a lower cost. However,
when considering cloud computing, government entities must address a host of
security issues (such as malicious insiders) beyond those of service cost and
flexibility. The scope and objective of this paper is to analyze, evaluate and
investigate the insider threat in cloud security in sensitive infrastructures
as well as to propose two proactive socio-technical solutions for securing
commercial and governmental cloud infrastructures. Firstly, it proposes
actionable framework, techniques and practices in order to ensure that such
disruptions through human threats are infrequent, of minimal duration,
manageable, and cause the least damage possible. Secondly, it aims for extreme
security measures to analyze and evaluate human threats related assessment
methods for employee screening in certain high-risk situations using cognitive
analysis technology, in particular functional magnetic Resonance Imaging
(fMRI). The significance of this research is also to counter human rights and
ethical dilemmas by presenting a set of ethical and professional guidelines.
The main objective of this work is to analyze related risks, identify
countermeasures and present recommendations to develop a security awareness
culture that will allow cloud providers to utilize effectively the benefits of
this advanced techniques without sacrificing system security
TRUFL: Distributed Trust Management framework in SDN
Software Defined Networking (SDN) has emerged as a revolutionary paradigm to
manage cloud infrastructure. SDN lacks scalable trust setup and verification
mechanism between Data Plane-Control Plane elements, Control Plane elements,
and Control Plane-Application Plane. Trust management schemes like Public Key
Infrastructure (PKI) used currently in SDN are slow for trust establishment in
a larger cloud environment. We propose a distributed trust mechanism - TRUFL to
establish and verify trust in SDN. The distributed framework utilizes
parallelism in trust management, in effect faster transfer rates and reduced
latency compared to centralized trust management. The TRUFL framework scales
well with the number of OpenFlow rules when compared to existing research
works.Comment: 6 page
MPSM: Multi-prospective PaaS Security Model
Cloud computing has brought a revolution in the field of information
technology and improving the efficiency of computational resources. It offers
computing as a service enabling huge cost and resource efficiency. Despite its
advantages, certain security issues still hinder organizations and enterprises
from it being adopted. This study mainly focused on the security of
Platform-as-a-Service (PaaS) as well as the most critical security issues that
were documented regarding PaaS infrastructure. The prime outcome of this study
was a security model proposed to mitigate security vulnerabilities of PaaS.
This security model consists of a number of tools, techniques and guidelines to
mitigate and neutralize security issues of PaaS. The security vulnerabilities
along with mitigation strategies were discussed to offer a deep insight into
PaaS security for both vendor and client that may facilitate future design to
implement secure PaaS platforms
A Survey on the Security of Pervasive Online Social Networks (POSNs)
Pervasive Online Social Networks (POSNs) are the extensions of Online Social
Networks (OSNs) which facilitate connectivity irrespective of the domain and
properties of users. POSNs have been accumulated with the convergence of a
plethora of social networking platforms with a motivation of bridging their
gap. Over the last decade, OSNs have visually perceived an altogether
tremendous amount of advancement in terms of the number of users as well as
technology enablers. A single OSN is the property of an organization, which
ascertains smooth functioning of its accommodations for providing a quality
experience to their users. However, with POSNs, multiple OSNs have coalesced
through communities, circles, or only properties, which make
service-provisioning tedious and arduous to sustain. Especially, challenges
become rigorous when the focus is on the security perspective of cross-platform
OSNs, which are an integral part of POSNs. Thus, it is of utmost paramountcy to
highlight such a requirement and understand the current situation while
discussing the available state-of-the-art. With the modernization of OSNs and
convergence towards POSNs, it is compulsory to understand the impact and reach
of current solutions for enhancing the security of users as well as associated
services. This survey understands this requisite and fixates on different sets
of studies presented over the last few years and surveys them for their
applicability to POSNs...Comment: 39 Pages, 10 Figure
Systematic Review on Security and Privacy Requirements in Edge Computing: State of the Art and Future Research Opportunities
Edge computing is a promising paradigm that enhances the capabilities of cloud computing. In order to continue patronizing the computing services, it is essential to conserve a good atmosphere free from all kinds of security and privacy breaches. The security and privacy issues associated with the edge computing environment have narrowed the overall acceptance of the technology as a reliable paradigm. Many researchers have reviewed security and privacy issues in edge computing, but not all have fully investigated the security and privacy requirements. Security and privacy requirements are the objectives that indicate the capabilities as well as functions a system performs in eliminating certain security and privacy vulnerabilities. The paper aims to substantially review the security and privacy requirements of the edge computing and the various technological methods employed by the techniques used in curbing the threats, with the aim of helping future researchers in identifying research opportunities. This paper investigate the current studies and highlights the following: (1) the classification of security and privacy requirements in edge computing, (2) the state of the art techniques deployed in curbing the security and privacy threats, (3) the trends of technological methods employed by the techniques, (4) the metrics used for evaluating the performance of the techniques, (5) the taxonomy of attacks affecting the edge network, and the corresponding technological trend employed in mitigating the attacks, and, (6) research opportunities for future researchers in the area of edge computing security and privacy
Adversarial Learning in Statistical Classification: A Comprehensive Review of Defenses Against Attacks
There is great potential for damage from adversarial learning (AL) attacks on
machine-learning based systems. In this paper, we provide a contemporary survey
of AL, focused particularly on defenses against attacks on statistical
classifiers. After introducing relevant terminology and the goals and range of
possible knowledge of both attackers and defenders, we survey recent work on
test-time evasion (TTE), data poisoning (DP), and reverse engineering (RE)
attacks and particularly defenses against same. In so doing, we distinguish
robust classification from anomaly detection (AD), unsupervised from
supervised, and statistical hypothesis-based defenses from ones that do not
have an explicit null (no attack) hypothesis; we identify the hyperparameters a
particular method requires, its computational complexity, as well as the
performance measures on which it was evaluated and the obtained quality. We
then dig deeper, providing novel insights that challenge conventional AL wisdom
and that target unresolved issues, including: 1) robust classification versus
AD as a defense strategy; 2) the belief that attack success increases with
attack strength, which ignores susceptibility to AD; 3) small perturbations for
test-time evasion attacks: a fallacy or a requirement?; 4) validity of the
universal assumption that a TTE attacker knows the ground-truth class for the
example to be attacked; 5) black, grey, or white box attacks as the standard
for defense evaluation; 6) susceptibility of query-based RE to an AD defense.
We also discuss attacks on the privacy of training data. We then present
benchmark comparisons of several defenses against TTE, RE, and backdoor DP
attacks on images. The paper concludes with a discussion of future work
SoK - Security and Privacy in the Age of Drones: Threats, Challenges, Solution Mechanisms, and Scientific Gaps
The evolution of drone technology in the past nine years since the first
commercial drone was introduced at CES 2010 has caused many individuals and
businesses to adopt drones for various purposes. We are currently living in an
era in which drones are being used for pizza delivery, the shipment of goods,
and filming, and they are likely to provide an alternative for transportation
in the near future. However, drones also pose a significant challenge in terms
of security and privacy within society (for both individuals and
organizations), and many drone related incidents are reported on a daily basis.
These incidents have called attention to the need to detect and disable drones
used for malicious purposes and opened up a new area of research and
development for academia and industry, with a market that is expected to reach
$1.85 billion by 2024. While some of the knowledge used to detect UAVs has been
adopted for drone detection, new methods have been suggested by industry and
academia alike to deal with the challenges associated with detecting the very
small and fast flying objects. In this paper, we describe new societal threats
to security and privacy created by drones, and present academic and industrial
methods used to detect and disable drones. We review methods targeted at areas
that restrict drone flights and analyze their effectiveness with regard to
various factors (e.g., weather, birds, ambient light, etc.). We present the
challenges arising in areas that allow drone flights, introduce the methods
that exist for dealing with these challenges, and discuss the scientific gaps
that exist in this area. Finally, we review methods used to disable drones,
analyze their effectiveness, and present their expected results. Finally, we
suggest future research directions
A Systemic IoT-Fog-Cloud Architecture for Big-Data Analytics and Cyber Security Systems: A Review of Fog Computing
Abstract--- With the rapid growth of the Internet of Things (IoT), current
Cloud systems face various drawbacks such as lack of mobility support,
location-awareness, geo-distribution, high latency, as well as cyber threats.
Fog/Edge computing has been proposed for addressing some of the drawbacks, as
it enables computing resources at the network's edges and it locally offers
big-data analytics rather than transmitting them to the Cloud. The Fog is
defined as a Cloud-like system having similar functions, including software-,
platform- and infrastructure-as services. The deployment of Fog applications
faces various security issues related to virtualisation, network monitoring,
data protection and attack detection. This paper proposes a systemic
IoT-Fog-Cloud architecture that clarifies the interactions between the three
layers of IoT, Fog and Cloud for effectively implementing big-data analytics
and cyber security applications. It also reviews security challenges, solutions
and future research directions in the architecture
Database Intrusion Detection Systems (DIDs): Insider Threat Detection via Behavioural-based Anomaly Detection Systems -- A Brief Survey of Concepts and Approaches
One of the data security and privacy concerns is of insider threats, where
legitimate users of the system abuse the access privileges they hold. The
insider threat to data security means that an insider steals or leaks sensitive
personal information. Database Intrusion detection systems, specifically
behavioural-based database intrusion detection systems, have been shown
effective in detecting insider attacks. This paper presents background concepts
on database intrusion detection systems in the context of detecting insider
threats and examines existing approaches in the literature on detecting
malicious accesses by an insider to Database Management Systems (DBMS).Comment: 24 page
- …