75 research outputs found
Parallel Evolutionary Peer-to-Peer Networking in Realistic Environments
In the present paper we first conduct simulations of the parallel evolutionary peer-to-peer (P2P) networking technique (referred to as P-EP2P) that we previously proposed using models of realistic environments to examine if P-EP2P is practical. Environments are here represented by what users have and want in the network, and P-EP2P adapts the P2P network topologies to the present environment in an evolutionary manner. The simulation results show that P-EP2P is hard to adapt the network topologies to some realistic environments. Then, based on the discussions of the results, we propose a strategy for better adaptability of P-EP2P to the realistic environments. The strategy first judges if evolutionary adaptation of the network topologies is likely to occur in the present environment, and if it judges so, it actually tries to achieve evolutionary adaptation of the network topologies. Otherwise, it brings random change to the network topologies. The simulation results indicate that P-EP2P with the proposed strategy can better adapt the network topologies to the realistic environments. The main contribution of the study is to present such a promising way to realize an evolvable network in which the evolution direction is given by users
Business Intelligence for Expeditionary Advanced Base Operations (EABO) Shaping Flexible C2 Organizational Structure
NPS NRP Project Article17 USC 105 interim-entered record; under review.Distributed Marine Operations (DMO) or EABO initiatives require integration the USMC EABO organization into the Navy C2 hierarchy, but there is no consensus on the best EABO CONOPS organizational structure. The magnitude of organizational combinations between organizational elements from Joint Services/Agencies (Navy/USMC, Army, Undersea, Air Force, Space, Cyber, MDA, etc.) is huge. Hard-coded C2 point-to-point organizational structures as inflexible and non-extensible. The objective of this is to identify a flexible Command & Control tool with a model that is capable of flexibly representing a variety of different Joint Force organizations. We propose to apply business intelligence(BI) including such as Tableau, Microsoft power BI, data mining tools such as Orange, network analysis tool such as lexical link analysis (LLA) to address the research questions: Is information on âorganizationâ hierarchy with level details is available from authoritative USMC and Navy sources? What are these sources? How to prevent some critical organizations in the Navy and/or USMC, from being forgotten and excluded from the EABO vision? Will the proposed model be manageable to extend beyond the DoD to Intel and Coalition Partners? We planned three tasks. We will build a network of organizations from the existing tactical units of USMC and Navy C2 related to the operations of DMO or EABO. Each node in the network is an organization, containing the data attributes and content describing the organizationâs unit structures, skills, capability, equipment, geolocations, missions performed before, and lessons learned etc. The link between two nodes represents the similarity and dissimilarity in terms of shared skills, capabilities, distance of locations, and past collaborations/interactions. We will use the unit profiles to show how to match the future EBO and DMO operation concepts and requirements, discover gaps that might show the insights for reorganizing and shaping flexible C2 structures. We will apply the proposed tools to build multidimensional cubes, predictive models, and what if analysis. The deliverables include a report a demonstration, and a paper to publish approved by a sponsor.N2/N6 - Information WarfareThis research is supported by funding from the Naval Postgraduate School, Naval Research Program (PE 0605853N/2098). https://nps.edu/nrpChief of Naval Operations (CNO)Approved for public release. Distribution is unlimited.
Improving Social Odometry Robot Networks with Distributed Reputation Systems for Collaborative Purposes
The improvement of odometry systems in collaborative robotics remains an important challenge for several applications. Social odometry is a social technique which confers the robots the possibility to learn from the others. This paper analyzes social odometry and proposes and follows a methodology to improve its behavior based on cooperative reputation systems. We also provide a reference implementation that allows us to compare the performance of the proposed solution in highly dynamic environments with the performance of standard social odometry techniques. Simulation results quantitatively show the benefits of this collaborative approach that allows us to achieve better performances than social odometry
Enhancing trustability in MMOGs environments
Massively Multiplayer Online Games (MMOGs; e.g., World of Warcraft), virtual worlds
(VW; e.g., Second Life), social networks (e.g., Facebook) strongly demand for more
autonomic, security, and trust mechanisms in a way similar to humans do in the real
life world. As known, this is a difficult matter because trusting in humans and organizations
depends on the perception and experience of each individual, which is difficult to
quantify or measure. In fact, these societal environments lack trust mechanisms similar
to those involved in humans-to-human interactions. Besides, interactions mediated
by compute devices are constantly evolving, requiring trust mechanisms that keep the
pace with the developments and assess risk situations.
In VW/MMOGs, it is widely recognized that users develop trust relationships from their
in-world interactions with others. However, these trust relationships end up not being
represented in the data structures (or databases) of such virtual worlds, though they
sometimes appear associated to reputation and recommendation systems. In addition,
as far as we know, the user is not provided with a personal trust tool to sustain his/her
decision making while he/she interacts with other users in the virtual or game world.
In order to solve this problem, as well as those mentioned above, we propose herein a
formal representation of these personal trust relationships, which are based on avataravatar
interactions. The leading idea is to provide each avatar-impersonated player
with a personal trust tool that follows a distributed trust model, i.e., the trust data is
distributed over the societal network of a given VW/MMOG.
Representing, manipulating, and inferring trust from the user/player point of view certainly
is a grand challenge. When someone meets an unknown individual, the question
is âCan I trust him/her or not?â. It is clear that this requires the user to have access to
a representation of trust about others, but, unless we are using an open source VW/MMOG,
it is difficult ânot to say unfeasibleâ to get access to such data. Even, in an open
source system, a number of users may refuse to pass information about its friends, acquaintances,
or others. Putting together its own data and gathered data obtained from
others, the avatar-impersonated player should be able to come across a trust result
about its current trustee. For the trust assessment method used in this thesis, we use
subjective logic operators and graph search algorithms to undertake such trust inference
about the trustee. The proposed trust inference system has been validated using
a number of OpenSimulator (opensimulator.org) scenarios, which showed an accuracy
increase in evaluating trustability of avatars.
Summing up, our proposal aims thus to introduce a trust theory for virtual worlds, its
trust assessment metrics (e.g., subjective logic) and trust discovery methods (e.g.,
graph search methods), on an individual basis, rather than based on usual centralized
reputation systems. In particular, and unlike other trust discovery methods, our methods
run at interactive rates.MMOGs (Massively Multiplayer Online Games, como por exemplo, World of Warcraft),
mundos virtuais (VW, como por exemplo, o Second Life) e redes sociais (como por exemplo,
Facebook) necessitam de mecanismos de confiança mais autónomos, capazes de
assegurar a segurança e a confiança de uma forma semelhante à que os seres humanos
utilizam na vida real. Como se sabe, esta nĂŁo Ă© uma questĂŁo fĂĄcil. Porque confiar em
seres humanos e ou organizaçÔes depende da percepção e da experiĂȘncia de cada indivĂduo,
o que Ă© difĂcil de quantificar ou medir Ă partida. Na verdade, esses ambientes
sociais carecem dos mecanismos de confiança presentes em interacçÔes humanas presenciais.
Além disso, as interacçÔes mediadas por dispositivos computacionais estão em
constante evolução, necessitando de mecanismos de confiança adequados ao ritmo da
evolução para avaliar situaçÔes de risco.
Em VW/MMOGs, é amplamente reconhecido que os utilizadores desenvolvem relaçÔes
de confiança a partir das suas interacçÔes no mundo com outros. No entanto, essas relaçÔes
de confiança acabam por não ser representadas nas estruturas de dados (ou bases
de dados) do VW/MMOG especĂfico, embora Ă s vezes apareçam associados Ă reputação
e a sistemas de reputação. Além disso, tanto quanto sabemos, ao utilizador não lhe
é facultado nenhum mecanismo que suporte uma ferramenta de confiança individual
para sustentar o seu processo de tomada de decisĂŁo, enquanto ele interage com outros
utilizadores no mundo virtual ou jogo. A fim de resolver este problema, bem como
os mencionados acima, propomos nesta tese uma representação formal para essas relaçÔes
de confiança pessoal, baseada em interacçÔes avatar-avatar. A ideia principal
é fornecer a cada jogador representado por um avatar uma ferramenta de confiança
pessoal que segue um modelo de confiança distribuĂda, ou seja, os dados de confiança
sĂŁo distribuĂdos atravĂ©s da rede social de um determinado VW/MMOG.
Representar, manipular e inferir a confiança do ponto de utilizador/jogador, é certamente
um grande desafio. Quando alguĂ©m encontra um indivĂduo desconhecido, a
pergunta Ă© âPosso confiar ou nĂŁo nele?â. Ă claro que isto requer que o utilizador tenha
acesso a uma representação de confiança sobre os outros, mas, a menos que possamos
usar uma plataforma VW/MMOG de cĂłdigo aberto, Ă© difĂcil â para nĂŁo dizer impossĂvel
â obter acesso aos dados gerados pelos utilizadores. Mesmo em sistemas de cĂłdigo
aberto, um nĂșmero de utilizadores pode recusar partilhar informaçÔes sobre seus amigos,
conhecidos, ou sobre outros. Ao juntar seus prĂłprios dados com os dados obtidos de
outros, o utilizador/jogador representado por um avatar deve ser capaz de produzir uma
avaliação de confiança sobre o utilizador/jogador com o qual se encontra a interagir.
Relativamente ao método de avaliação de confiança empregue nesta tese, utilizamos
lógica subjectiva para a representação da confiança, e também operadores lógicos da
lĂłgica subjectiva juntamente com algoritmos de procura em grafos para empreender
o processo de inferĂȘncia da confiança relativamente a outro utilizador. O sistema de
inferĂȘncia de confiança proposto foi validado atravĂ©s de um nĂșmero de cenĂĄrios Open-Simulator (opensimulator.org), que mostrou um aumento na precisĂŁo na avaliação da
confiança de avatares.
Resumindo, a nossa proposta visa, assim, introduzir uma teoria de confiança para mundos
virtuais, conjuntamente com métricas de avaliação de confiança (por exemplo, a
lógica subjectiva) e em métodos de procura de caminhos de confiança (com por exemplo,
através de métodos de pesquisa em grafos), partindo de uma base individual, em
vez de se basear em sistemas habituais de reputação centralizados. Em particular, e ao
contrårio de outros métodos de determinação do grau de confiança, os nossos métodos
sĂŁo executados em tempo real
Holistic Network Defense: Fusing Host and Network Features for Attack Classification
This work presents a hybrid network-host monitoring strategy, which fuses data from both the network and the host to recognize malware infections. This work focuses on three categories: Normal, Scanning, and Infected. The network-host sensor fusion is accomplished by extracting 248 features from network traffic using the Fullstats Network Feature generator and from the host using text mining, looking at the frequency of the 500 most common strings and analyzing them as word vectors. Improvements to detection performance are made by synergistically fusing network features obtained from IP packet flows and host features, obtained from text mining port, processor, logon information among others. In addition, the work compares three different machine learning algorithms and updates the script required to obtain network features. Hybrid method results outperformed host only classification by 31.7% and network only classification by 25%. The new approach also reduces the number of alerts while remaining accurate compared with the commercial IDS SNORT. These results make it such that even the most typical users could understand alert classification messages
Intelligent Circuits and Systems
ICICS-2020 is the third conference initiated by the School of Electronics and Electrical Engineering at Lovely Professional University that explored recent innovations of researchers working for the development of smart and green technologies in the fields of Energy, Electronics, Communications, Computers, and Control. ICICS provides innovators to identify new opportunities for the social and economic benefits of society.ă This conference bridges the gap between academics and R&D institutions, social visionaries, and experts from all strata of society to present their ongoing research activities and foster research relations between them. It provides opportunities for the exchange of new ideas, applications, and experiences in the field of smart technologies and finding global partners for future collaboration. The ICICS-2020 was conducted in two broad categories, Intelligent Circuits & Intelligent Systems and Emerging Technologies in Electrical Engineering
A SOM+ Diagnostic System for Network Intrusion Detection
This research created a new theoretical Soft Computing (SC) hybridized network intrusion detection diagnostic system including complex hybridization of a 3D full color Self-Organizing Map (SOM), Artificial Immune System Danger Theory (AISDT), and a Fuzzy Inference System (FIS). This SOM+ diagnostic archetype includes newly defined intrusion types to facilitate diagnostic analysis, a descriptive computational model, and an Invisible Mobile Network Bridge (IMNB) to collect data, while maintaining compatibility with traditional packet analysis. This system is modular, multitaskable, scalable, intuitive, adaptable to quickly changing scenarios, and uses relatively few resources
Modélisation formelle des systÚmes de détection d'intrusions
LâĂ©cosystĂšme de la cybersĂ©curitĂ© Ă©volue en permanence en termes du nombre, de la diversitĂ©, et de la complexitĂ© des attaques. De ce fait, les outils de dĂ©tection deviennent inefficaces face Ă certaines attaques. On distingue gĂ©nĂ©ralement trois types de systĂšmes de dĂ©tection dâintrusions : dĂ©tection par anomalies, dĂ©tection par signatures et dĂ©tection hybride. La dĂ©tection par anomalies est fondĂ©e sur la caractĂ©risation du comportement habituel du systĂšme, typiquement de maniĂšre statistique. Elle permet de dĂ©tecter des attaques connues ou inconnues, mais gĂ©nĂšre aussi un trĂšs grand nombre de faux positifs. La dĂ©tection par signatures permet de dĂ©tecter des attaques connues en dĂ©finissant des rĂšgles qui dĂ©crivent le comportement connu dâun attaquant. Cela demande une bonne connaissance du comportement de lâattaquant. La dĂ©tection hybride repose sur plusieurs mĂ©thodes de dĂ©tection incluant celles sus-citĂ©es. Elle prĂ©sente lâavantage dâĂȘtre plus prĂ©cise pendant la dĂ©tection. Des outils tels que Snort et Zeek offrent des langages de bas niveau pour lâexpression de rĂšgles de reconnaissance dâattaques. Le nombre dâattaques potentielles Ă©tant trĂšs grand, ces bases de rĂšgles deviennent rapidement difficiles Ă gĂ©rer et Ă maintenir. De plus, lâexpression de rĂšgles avec Ă©tat dit stateful est particuliĂšrement ardue pour reconnaĂźtre une sĂ©quence dâĂ©vĂ©nements. Dans cette thĂšse, nous proposons une approche stateful basĂ©e sur les diagrammes dâĂ©tat-transition algĂ©briques (ASTDs) afin dâidentifier des attaques complexes. Les ASTDs permettent de reprĂ©senter de façon graphique et modulaire une spĂ©cification, ce qui facilite la maintenance et la comprĂ©hension des rĂšgles. Nous Ă©tendons la notation ASTD avec de nouvelles fonctionnalitĂ©s pour reprĂ©senter des attaques complexes. Ensuite, nous spĂ©cifions plusieurs attaques avec la notation Ă©tendue et exĂ©cutons les spĂ©cifications obtenues sur des flots dâĂ©vĂ©nements Ă lâaide dâun interprĂ©teur pour identifier des attaques. Nous Ă©valuons aussi les performances de lâinterprĂ©teur avec des outils industriels tels que Snort et Zeek. Puis, nous rĂ©alisons un compilateur afin de gĂ©nĂ©rer du code exĂ©cutable Ă partir dâune spĂ©cification ASTD, capable dâidentifier de façon efficiente les sĂ©quences dâĂ©vĂ©nements.Abstract : The cybersecurity ecosystem continuously evolves with the number, the diversity,
and the complexity of cyber attacks. Generally, we have three types of Intrusion
Detection System (IDS) : anomaly-based detection, signature-based detection, and
hybrid detection. Anomaly detection is based on the usual behavior description of
the system, typically in a static manner. It enables detecting known or unknown attacks
but also generating a large number of false positives. Signature based detection
enables detecting known attacks by defining rules that describe known attackerâs behavior.
It needs a good knowledge of attacker behavior. Hybrid detection relies on
several detection methods including the previous ones. It has the advantage of being
more precise during detection. Tools like Snort and Zeek offer low level languages to
represent rules for detecting attacks. The number of potential attacks being large,
these rule bases become quickly hard to manage and maintain. Moreover, the representation
of stateful rules to recognize a sequence of events is particularly arduous. In this thesis, we propose a stateful approach based on algebraic state-transition
diagrams (ASTDs) to identify complex attacks. ASTDs allow a graphical and modular
representation of a specification, that facilitates maintenance and understanding of
rules. We extend the ASTD notation with new features to represent complex attacks.
Next, we specify several attacks with the extended notation and run the resulting specifications
on event streams using an interpreter to identify attacks. We also evaluate
the performance of the interpreter with industrial tools such as Snort and Zeek. Then,
we build a compiler in order to generate executable code from an ASTD specification,
able to efficiently identify sequences of events
- âŠ