3,002 research outputs found
SEPIA: Security through Private Information Aggregation
Secure multiparty computation (MPC) allows joint privacy-preserving
computations on data of multiple parties. Although MPC has been studied
substantially, building solutions that are practical in terms of computation
and communication cost is still a major challenge. In this paper, we
investigate the practical usefulness of MPC for multi-domain network security
and monitoring. We first optimize MPC comparison operations for processing high
volume data in near real-time. We then design privacy-preserving protocols for
event correlation and aggregation of network traffic statistics, such as
addition of volume metrics, computation of feature entropy, and distinct item
count. Optimizing performance of parallel invocations, we implement our
protocols along with a complete set of basic operations in a library called
SEPIA. We evaluate the running time and bandwidth requirements of our protocols
in realistic settings on a local cluster as well as on PlanetLab and show that
they work in near real-time for up to 140 input providers and 9 computation
nodes. Compared to implementations using existing general-purpose MPC
frameworks, our protocols are significantly faster, requiring, for example, 3
minutes for a task that takes 2 days with general-purpose frameworks. This
improvement paves the way for new applications of MPC in the area of
networking. Finally, we run SEPIA's protocols on real traffic traces of 17
networks and show how they provide new possibilities for distributed
troubleshooting and early anomaly detection
A Survey on the Security of Pervasive Online Social Networks (POSNs)
Pervasive Online Social Networks (POSNs) are the extensions of Online Social
Networks (OSNs) which facilitate connectivity irrespective of the domain and
properties of users. POSNs have been accumulated with the convergence of a
plethora of social networking platforms with a motivation of bridging their
gap. Over the last decade, OSNs have visually perceived an altogether
tremendous amount of advancement in terms of the number of users as well as
technology enablers. A single OSN is the property of an organization, which
ascertains smooth functioning of its accommodations for providing a quality
experience to their users. However, with POSNs, multiple OSNs have coalesced
through communities, circles, or only properties, which make
service-provisioning tedious and arduous to sustain. Especially, challenges
become rigorous when the focus is on the security perspective of cross-platform
OSNs, which are an integral part of POSNs. Thus, it is of utmost paramountcy to
highlight such a requirement and understand the current situation while
discussing the available state-of-the-art. With the modernization of OSNs and
convergence towards POSNs, it is compulsory to understand the impact and reach
of current solutions for enhancing the security of users as well as associated
services. This survey understands this requisite and fixates on different sets
of studies presented over the last few years and surveys them for their
applicability to POSNs...Comment: 39 Pages, 10 Figure
Privacy-Preserving DDoS Attack Detection Using Cross-Domain Traffic in Software Defined Networks
Existing distributed denial-of-service attack detection in software defined
networks (SDNs) typically perform detection in a single domain. In reality,
abnormal traffic usually affects multiple network domains. Thus, a cross-domain
attack detection has been proposed to improve detection performance. However,
when participating in detection, the domain of each SDN needs to provide a
large amount of real traffic data, from which private information may be
leaked. Existing multiparty privacy protection schemes often achieve privacy
guarantees by sacrificing accuracy or increasing the time cost. Achieving both
high accuracy and reasonable time consumption is a challenging task. In this
paper, we propose Predis, which is a privacypreserving cross-domain attack
detection scheme for SDNs. Predis combines perturbation encryption and data
encryption to protect privacy and employs a computationally simple and
efficient algorithm k-Nearest Neighbors (kNN) as its detection algorithm. We
also improve kNN to achieve better efficiency. Via theoretical analysis and
extensive simulations, we demonstrate that Predis is capable of achieving
efficient and accurate attack detection while securing sensitive information of
each domain
Evaluating and Improving Adversarial Robustness of Machine Learning-Based Network Intrusion Detectors
Machine learning (ML), especially deep learning (DL) techniques have been
increasingly used in anomaly-based network intrusion detection systems (NIDS).
However, ML/DL has shown to be extremely vulnerable to adversarial attacks,
especially in such security-sensitive systems. Many adversarial attacks have
been proposed to evaluate the robustness of ML-based NIDSs. Unfortunately,
existing attacks mostly focused on feature-space and/or white-box attacks,
which make impractical assumptions in real-world scenarios, leaving the study
on practical gray/black-box attacks largely unexplored.
To bridge this gap, we conduct the first systematic study of the
gray/black-box traffic-space adversarial attacks to evaluate the robustness of
ML-based NIDSs. Our work outperforms previous ones in the following aspects:
(i) practical-the proposed attack can automatically mutate original traffic
with extremely limited knowledge and affordable overhead while preserving its
functionality; (ii) generic-the proposed attack is effective for evaluating the
robustness of various NIDSs using diverse ML/DL models and non-payload-based
features; (iii) explainable-we propose an explanation method for the fragile
robustness of ML-based NIDSs. Based on this, we also propose a defense scheme
against adversarial attacks to improve system robustness. We extensively
evaluate the robustness of various NIDSs using diverse feature sets and ML/DL
models. Experimental results show our attack is effective (e.g., >97% evasion
rate in half cases for Kitsune, a state-of-the-art NIDS) with affordable
execution cost and the proposed defense method can effectively mitigate such
attacks (evasion rate is reduced by >50% in most cases).Comment: This article has been accepted for publication by IEEE JSA
Review of Smart Meter Data Analytics: Applications, Methodologies, and Challenges
The widespread popularity of smart meters enables an immense amount of
fine-grained electricity consumption data to be collected. Meanwhile, the
deregulation of the power industry, particularly on the delivery side, has
continuously been moving forward worldwide. How to employ massive smart meter
data to promote and enhance the efficiency and sustainability of the power grid
is a pressing issue. To date, substantial works have been conducted on smart
meter data analytics. To provide a comprehensive overview of the current
research and to identify challenges for future research, this paper conducts an
application-oriented review of smart meter data analytics. Following the three
stages of analytics, namely, descriptive, predictive and prescriptive
analytics, we identify the key application areas as load analysis, load
forecasting, and load management. We also review the techniques and
methodologies adopted or developed to address each application. In addition, we
also discuss some research trends, such as big data issues, novel machine
learning technologies, new business models, the transition of energy systems,
and data privacy and security.Comment: IEEE Transactions on Smart Grid, 201
Mitigating Data Exfiltration in Storage-as-a-Service Clouds
Existing processes and methods for incident handling are geared towards
infrastructures and operational models that will be increasingly outdated by
cloud computing. Research has shown that to adapt incident handling to cloud
computing environments, cloud customers must establish clarity about their
requirements on Cloud Service Providers (CSPs) for successful handling of
incidents and contract CSPs accordingly. Secondly, CSPs must strive to support
these requirements and mirror them in their Service Level Agreements. Intrusion
Detection Systems (IDS) have been used widely to detect malicious behaviors in
network communication and hosts. Facing new application scenarios in Cloud
Computing, the IDS approaches yield several problems since the operator of the
IDS should be the user, not the administrator of the Cloud infrastructure.
Cloud providers need to enable possibilities to deploy and configure IDS for
the user - which poses its own challenges. Current research and commercial
solutions primarily focus on protecting against Denial of Service attacks and
attacks against the Cloud's virtual infrastructure. To counter these
challenges, we propose a capability that aims to both detect and prevent the
potential of data exfiltration by using a novel deception-based methodology. We
also introduce a method of increasing the data protection level based on
various threat conditions
A Survey on Software-Defined VANETs: Benefits, Challenges, and Future Directions
The evolving of Fifth Generation (5G) networks isbecoming more readily
available as a major driver of the growthof new applications and business
models. Vehicular Ad hocNetworks (VANETs) and Software Defined Networking
(SDN)represent the key enablers of 5G technology with the developmentof next
generation intelligent vehicular networks and applica-tions. In recent years,
researchers have focused on the integrationof SDN and VANET, and look at
different topics related to thearchitecture, the benefits of software-defined
VANET servicesand the new functionalities to adapt them. However, securityand
robustness of the complete architecture is still questionableand have been
largely negleted. Moreover, the deployment andintegration of novel entities and
several architectural componentsdrive new security threats and
vulnerabilities.In this paper, first we survey the state-of-the-art SDN
basedVehicular ad-hoc Network (SDVN) architectures for their net-working
infrastructure design, functionalities, benefits, and chal-lenges. Then we
discuss these SDVN architectures against majorsecurity threats that violate the
key security services such asavailability, confidentiality, authentication, and
data integrity.We also propose different countermeasures to these
threats.Finally, we discuss the lessons learned with the directions offuture
research work towards provisioning stringent security andprivacy solutions in
future SDVN architectures. To the best of ourknowledge, this is the first
comprehensive work that presents sucha survey and analysis on SDVNs in the era
of future generationnetworks (e.g., 5G, and Information centric networking)
andapplications (e.g., intelligent transportation system, and IoT-enabled
advertising in VANETs).Comment: 17 pages, 2 figure
Exploratory study to explore the role of ICT in the process of knowledge management in an Indian business environment
In the 21st century and the emergence of a digital economy, knowledge and the knowledge base economy are rapidly growing. To effectively be able to understand the processes involved in the creating, managing and sharing of knowledge management in the business environment is critical to the success of an organization. This study builds on the previous research of the authors on the enablers of knowledge management by identifying the relationship between the enablers of knowledge management and the role played by information communication technologies (ICT) and ICT infrastructure in a business setting. This paper provides the findings of a survey collected from the four major Indian cities (Chennai, Coimbatore, Madurai and Villupuram) regarding their views and opinions about the enablers of knowledge management in business setting. A total of 80 organizations participated in the study with 100 participants in each city. The results show that ICT and ICT infrastructure can play a critical role in the creating, managing and sharing of knowledge in an Indian business environment
Deep Learning in Information Security
Machine learning has a long tradition of helping to solve complex information
security problems that are difficult to solve manually. Machine learning
techniques learn models from data representations to solve a task. These data
representations are hand-crafted by domain experts. Deep Learning is a
sub-field of machine learning, which uses models that are composed of multiple
layers. Consequently, representations that are used to solve a task are learned
from the data instead of being manually designed.
In this survey, we study the use of DL techniques within the domain of
information security. We systematically reviewed 77 papers and presented them
from a data-centric perspective. This data-centric perspective reflects one of
the most crucial advantages of DL techniques -- domain independence. If
DL-methods succeed to solve problems on a data type in one domain, they most
likely will also succeed on similar data from another domain. Other advantages
of DL methods are unrivaled scalability and efficiency, both regarding the
number of examples that can be analyzed as well as with respect of
dimensionality of the input data. DL methods generally are capable of achieving
high-performance and generalize well.
However, information security is a domain with unique requirements and
challenges. Based on an analysis of our reviewed papers, we point out
shortcomings of DL-methods to those requirements and discuss further research
opportunities
Data Leak Detection As a Service: Challenges and Solutions
We describe a network-based data-leak detection (DLD)
technique, the main feature of which is that the detection
does not require the data owner to reveal the content of the
sensitive data. Instead, only a small amount of specialized
digests are needed. Our technique – referred to as the fuzzy
fingerprint – can be used to detect accidental data leaks due
to human errors or application flaws. The privacy-preserving
feature of our algorithms minimizes the exposure of sensitive
data and enables the data owner to safely delegate the
detection to others.We describe how cloud providers can offer
their customers data-leak detection as an add-on service
with strong privacy guarantees.
We perform extensive experimental evaluation on the privacy,
efficiency, accuracy and noise tolerance of our techniques.
Our evaluation results under various data-leak scenarios
and setups show that our method can support accurate
detection with very small number of false alarms, even
when the presentation of the data has been transformed. It
also indicates that the detection accuracy does not degrade
when partial digests are used. We further provide a quantifiable
method to measure the privacy guarantee offered by our
fuzzy fingerprint framework
- …