86,867 research outputs found
Route Swarm: Wireless Network Optimization through Mobility
In this paper, we demonstrate a novel hybrid architecture for coordinating
networked robots in sensing and information routing applications. The proposed
INformation and Sensing driven PhysIcally REconfigurable robotic network
(INSPIRE), consists of a Physical Control Plane (PCP) which commands agent
position, and an Information Control Plane (ICP) which regulates information
flow towards communication/sensing objectives. We describe an instantiation
where a mobile robotic network is dynamically reconfigured to ensure high
quality routes between static wireless nodes, which act as source/destination
pairs for information flow. The ICP commands the robots towards evenly
distributed inter-flow allocations, with intra-flow configurations that
maximize route quality. The PCP then guides the robots via potential-based
control to reconfigure according to ICP commands. This formulation, deemed
Route Swarm, decouples information flow and physical control, generating a
feedback between routing and sensing needs and robotic configuration. We
demonstrate our propositions through simulation under a realistic wireless
network regime.Comment: 9 pages, 4 figures, submitted to the IEEE International Conference on
Intelligent Robots and Systems (IROS) 201
Detection of Early-Stage Enterprise Infection by Mining Large-Scale Log Data
Recent years have seen the rise of more sophisticated attacks including
advanced persistent threats (APTs) which pose severe risks to organizations and
governments by targeting confidential proprietary information. Additionally,
new malware strains are appearing at a higher rate than ever before. Since many
of these malware are designed to evade existing security products, traditional
defenses deployed by most enterprises today, e.g., anti-virus, firewalls,
intrusion detection systems, often fail at detecting infections at an early
stage.
We address the problem of detecting early-stage infection in an enterprise
setting by proposing a new framework based on belief propagation inspired from
graph theory. Belief propagation can be used either with "seeds" of compromised
hosts or malicious domains (provided by the enterprise security operation
center -- SOC) or without any seeds. In the latter case we develop a detector
of C&C communication particularly tailored to enterprises which can detect a
stealthy compromise of only a single host communicating with the C&C server.
We demonstrate that our techniques perform well on detecting enterprise
infections. We achieve high accuracy with low false detection and false
negative rates on two months of anonymized DNS logs released by Los Alamos
National Lab (LANL), which include APT infection attacks simulated by LANL
domain experts. We also apply our algorithms to 38TB of real-world web proxy
logs collected at the border of a large enterprise. Through careful manual
investigation in collaboration with the enterprise SOC, we show that our
techniques identified hundreds of malicious domains overlooked by
state-of-the-art security products
- …