Nature-inspired survivability: Prey-inspired survivability countermeasures for cloud computing security challenges

As cloud computing environments become complex, adversaries have become highly sophisticated and unpredictable. Moreover, they can easily increase attack power and persist longer before detection. Uncertain malicious actions, latent risks, Unobserved or Unobservable risks (UUURs) characterise this new threat domain. This thesis proposes prey-inspired survivability to address unpredictable security challenges borne out of UUURs. While survivability is a well-addressed phenomenon in non-extinct prey animals, applying prey survivability to cloud computing directly is challenging due to contradicting end goals. How to manage evolving survivability goals and requirements under contradicting environmental conditions adds to the challenges. To address these challenges, this thesis proposes a holistic taxonomy which integrate multiple and disparate perspectives of cloud security challenges. In addition, it proposes the TRIZ (Teorija Rezbenija Izobretatelskib Zadach) to derive prey-inspired solutions through resolving contradiction. First, it develops a 3-step process to facilitate interdomain transfer of concepts from nature to cloud. Moreover, TRIZ’s generic approach suggests specific solutions for cloud computing survivability. Then, the thesis presents the conceptual prey-inspired cloud computing survivability framework (Pi-CCSF), built upon TRIZ derived solutions. The framework run-time is pushed to the user-space to support evolving survivability design goals. Furthermore, a target-based decision-making technique (TBDM) is proposed to manage survivability decisions. To evaluate the prey-inspired survivability concept, Pi-CCSF simulator is developed and implemented. Evaluation results shows that escalating survivability actions improve the vitality of vulnerable and compromised virtual machines (VMs) by 5% and dramatically improve their overall survivability. Hypothesis testing conclusively supports the hypothesis that the escalation mechanisms can be applied to enhance the survivability of cloud computing systems. Numeric analysis of TBDM shows that by considering survivability preferences and attitudes (these directly impacts survivability actions), the TBDM method brings unpredictable survivability information closer to decision processes. This enables efficient execution of variable escalating survivability actions, which enables the Pi-CCSF’s decision system (DS) to focus upon decisions that achieve survivability outcomes under unpredictability imposed by UUUR

Application of computational intelligence to explore and analyze system architecture and design alternatives

Systems Engineering involves the development or improvement of a system or process from effective need to a final value-added solution. Rapid advances in technology have led to development of sophisticated and complex sensor-enabled, remote, and highly networked cyber-technical systems. These complex modern systems present several challenges for systems engineers including: increased complexity associated with integration and emergent behavior, multiple and competing design metrics, and an expansive design parameter solution space. This research extends the existing knowledge base on multi-objective system design through the creation of a framework to explore and analyze system design alternatives employing computational intelligence. The first research contribution is a hybrid fuzzy-EA model that facilitates the exploration and analysis of possible SoS configurations. The second contribution is a hybrid neural network-EA in which the EA explores, analyzes, and evolves the neural network architecture and weights. The third contribution is a multi-objective EA that examines potential installation (i.e. system) infrastructure repair strategies. The final contribution is the introduction of a hierarchical multi-objective evolutionary algorithm (MOEA) framework with a feedback mechanism to evolve and simultaneously evaluate competing subsystem and system level performance objectives. Systems architects and engineers can utilize the frameworks and approaches developed in this research to more efficiently explore and analyze complex system design alternatives --Abstract, page iv

Secure collaboration in onboarding

The process of onboarding a company is characterized by inter-enterprise collaboration between the acquiring and the acquired companies. Multiple cross-functional teams are formed to assimilate and integrate the processes, products, data, customers, and partners of the company under acquisition. Dynamic access control management in such inter-enterprise collaboration is the subject of this thesis. A problem in inter-enterprise collaboration in onboarding is that information assets shared by collaborating teams are not adequately protected. As a result, there is potential for accidental or malicious leakage of sensitive business information like the intellectual property, product roadmaps and strategy, customer lists etc. Also, the statically defined access control policies are not sufficient to address access control requirements of dynamic collaboration where there is a constant change in people, processes, and information assets in collaboration repository. This research proposes a new approach and model to integrate security in onboarding collaboration process. Research methods such as, literature review, field studies including direct experiential projects in onboarding and interviews with experts in Mergers and Acquisitions, and detailed data collection and analysis through surveys are used to identify the issues that need to be addressed in the onboarding process. Literature review enabled the identification of access control requirements from the perspective of statically defined policies and the need to determine access dynamically. From the field studies, it was deciphered that there is a need for a well-defined onboarding collaboration process. The data analysis and interpretation from the survey results provided insights into the needs for integrating security in all phases of onboarding collaboration. All these research methods essentially enabled identification of two key issues that this research addresses: 1) well-defined onboarding collaboration process and 2) building security in all phases of onboarding collaboration. A new approach and model called SCODA is developed to integrate security in all phases of onboarding collaboration. Onboarding collaboration process consists of four phases: create, operate, dissolve, and archive. These phases provide the basis for systematically addressing security and access control when the collaboration team is formed, while it is operating, when the team is dissolved after completing its tasks, and when shared information assets are archived. The research adapts role based access control (RBAC) and formally defines the enterprise, functional, and collaboration roles for making access control management decisions. New ideas are developed in trustbased access control management in dynamic collaboration. The change management aspects are also discussed. The SCODA model is validated and the refinements incorporated accordingly. This research contributed to both theory and practice of information security in general and access control in particular in the context of dynamic collaboration. It proposed a new approach of building security in, i.e. to integrate security in all phases of collaboration. In order to build security in, a new onboarding collaboration process is developed that is adaptable and customizable. It has also developed a new approach for trust based dynamic access control based on the new concepts of strong and weak trust relationships. These trust relationships are also adaptable and customizable. Finally, this research has potential for future research work in the design and implementation of multi-paradigm based enterprise security frameworks and interenterprise collaboration

Deep Learning Based Malware Classification Using Deep Residual Network

The traditional malware detection approaches rely heavily on feature extraction procedure, in this paper we proposed a deep learning-based malware classification model by using a 18-layers deep residual network. Our model uses the raw bytecodes data of malware samples, converting the bytecodes to 3-channel RGB images and then applying the deep learning techniques to classify the malwares. Our experiment results show that the deep residual network model achieved an average accuracy of 86.54% by 5-fold cross validation. Comparing to the traditional methods for malware classification, our deep residual network model greatly simplify the malware detection and classification procedures, it achieved a very good classification accuracy as well. The dataset we used in this paper for training and testing is Malimg dataset, one of the biggest malware datasets released by vision research lab of UCSB

Sustainable supplier selection and order allocation for multinational enterprises considering supply disruption in COVID-19 era

The unprecedented outbreak of COVID-19 has left many multinational enterprises facing extremely severe supply disruptions. Besides considering triple-bottom-line requirements, managers now also have to consider supply disruption due to the pandemic more seriously. However, existing research does not take these two key objectives into account simultaneously. To bridge this research gap, based on the characteristics of COVID-19 and similar global emergency events, this paper proposes a model that aims to solve the problem of sustainable supplier selection and order allocation considering supply disruption in the COVID-19 era. It does so by using a multi-stage multi-objective optimization model applied to the different stages of development and spread of the pandemic. Then, a novel nRa-NSGA-II algorithm is proposed to solve the high-dimensional multi-objective optimization model. The applicability and effectiveness of the proposed model is illustrated in a well-known multinational producer of shortwave therapeutic instruments

Proceedings, MSVSCC 2019

Old Dominion University Department of Modeling, Simulation & Visualization Engineering (MSVE) and the Virginia Modeling, Analysis and Simulation Center (VMASC) held the 13th annual Modeling, Simulation & Visualization (MSV) Student Capstone Conference on April 18, 2019. The Conference featured student research and student projects that are central to MSV. Also participating in the conference were faculty members who volunteered their time to impart direct support to their students’ research, facilitated the various conference tracks, served as judges for each of the tracks, and provided overall assistance to the conference. Appreciating the purpose of the conference and working in a cohesive, collaborative effort, resulted in a successful symposium for everyone involved. These proceedings feature the works that were presented at the conference. Capstone Conference Chair: Dr. Yuzhong Shen Capstone Conference Student Chair: Daniel Pere

Multi-attribute tradespace exploration for survivability

Thesis (Ph. D.)--Massachusetts Institute of Technology, Engineering Systems Division, 2009.Cataloged from PDF version of thesis.Includes bibliographical references (p. 235-249).Survivability is the ability of a system to minimize the impact of a finite-duration disturbance on value delivery (i.e., stakeholder benefit at cost), achieved through (1) the reduction of the likelihood or magnitude of a disturbance, (2) the satisfaction of a minimally acceptable level of value delivery during and after a disturbance, and/or (3) a timely recovery. Traditionally specified as a requirement in military systems, survivability is an increasingly important consideration for all engineering systems given the proliferation of natural and artificial threats. Although survivability is an emergent system property that arises from interactions between a system and its environment, conventional approaches to survivability engineering are reductionist in nature. Furthermore, current methods neither accommodate dynamic threat environments nor facilitate stakeholder communication for conducting trade-offs among system lifecycle cost, mission utility, and operational survivability. Multi-Attribute Tradespace Exploration (MATE) for Survivability is introduced as a system analysis methodology to improve the generation and evaluation of survivable alternatives during conceptual design. MATE for Survivability applies decision theory to the parametric modeling of thousands of design alternatives across representative distributions of disturbance environments. To improve the generation of survivable alternatives, seventeen empirically-validated survivability design principles are introduced. The general set of design principles allows the consideration of structural and behavioral strategies for mitigating the impact of disturbances over the lifecycle of a given encounter.(cont.) To improve the evaluation of survivability, value-based metrics are introduced for the assessment of survivability as a dynamic, continuous, and path-dependent system property. Two of these metrics, time-weighted average utility loss and threshold availability, are used to evaluate survivability based on the relationship between stochastic utility trajectories of system state and stakeholder expectations across nominal and perturbed environments. Finally, the survivability "tear(drop)" tradespace is introduced to enable the identification of inherently survivable architectures that efficiently balance performance metrics of cost, utility, and survivability. The internal validity and prescriptive value of the design principles, metrics, and tradespaces comprising MATE for Survivability are established through applications to the designs of an orbital transfer vehicle and a satellite radar system.by Matthew G. Richards.Ph.D