8,289 research outputs found
Efficient intrusion detection scheme based on SVM
The network intrusion detection problem is the focus of current academic research. In this paper, we propose to use Support Vector Machine (SVM) model to identify and detect the network intrusion problem, and simultaneously introduce a new optimization search method, referred to as Improved Harmony Search (IHS) algorithm, to determine the parameters of the SVM model for better classification accuracy. Taking the general mechanism network system of a growing city in China between 2006 and 2012 as the sample, this study divides the mechanism into normal network system and crisis network system according to the harm extent of network intrusion. We consider a crisis network system coupled with two to three normal network systems as paired samples. Experimental results show that SVMs based on IHS have a high prediction accuracy which can perform prediction and classification of network intrusion detection and assist in guarding against network intrusion
Byzantine Attack and Defense in Cognitive Radio Networks: A Survey
The Byzantine attack in cooperative spectrum sensing (CSS), also known as the
spectrum sensing data falsification (SSDF) attack in the literature, is one of
the key adversaries to the success of cognitive radio networks (CRNs). In the
past couple of years, the research on the Byzantine attack and defense
strategies has gained worldwide increasing attention. In this paper, we provide
a comprehensive survey and tutorial on the recent advances in the Byzantine
attack and defense for CSS in CRNs. Specifically, we first briefly present the
preliminaries of CSS for general readers, including signal detection
techniques, hypothesis testing, and data fusion. Second, we analyze the spear
and shield relation between Byzantine attack and defense from three aspects:
the vulnerability of CSS to attack, the obstacles in CSS to defense, and the
games between attack and defense. Then, we propose a taxonomy of the existing
Byzantine attack behaviors and elaborate on the corresponding attack
parameters, which determine where, who, how, and when to launch attacks. Next,
from the perspectives of homogeneous or heterogeneous scenarios, we classify
the existing defense algorithms, and provide an in-depth tutorial on the
state-of-the-art Byzantine defense schemes, commonly known as robust or secure
CSS in the literature. Furthermore, we highlight the unsolved research
challenges and depict the future research directions.Comment: Accepted by IEEE Communications Surveys and Tutoiral
Honey Sheets: What Happens to Leaked Google Spreadsheets?
Cloud-based documents are inherently valuable, due to the volume and nature
of sensitive personal and business content stored in them. Despite the
importance of such documents to Internet users, there are still large gaps in
the understanding of what cybercriminals do when they illicitly get access to
them by for example compromising the account credentials they are associated
with. In this paper, we present a system able to monitor user activity on
Google spreadsheets. We populated 5 Google spreadsheets with fake bank account
details and fake funds transfer links. Each spreadsheet was configured to
report details of accesses and clicks on links back to us. To study how people
interact with these spreadsheets in case they are leaked, we posted unique
links pointing to the spreadsheets on a popular paste site. We then monitored
activity in the accounts for 72 days, and observed 165 accesses in total. We
were able to observe interesting modifications to these spreadsheets performed
by illicit accesses. For instance, we observed deletion of some fake bank
account information, in addition to insults and warnings that some visitors
entered in some of the spreadsheets. Our preliminary results show that our
system can be used to shed light on cybercriminal behavior with regards to
leaked online documents
Over-claiming as a Predictor of Insider Threat Activities in Individuals
Insiders can engage in malicious activities against organizations such as data theft and sabotage. Prior research on insider threat behavior indicates that once motivated to commit malicious activity, insiders seek opportunity where they can act without being detected. In this research we set up an experiment where we leverage this opportunistic behavior and present participants with messages signaling opportunity for data theft. In the experiment, students were engaged in routine tasks with a bonus based on their performance. While working on their assigned tasks, they were presented with opportunities (probes) to steal data that would increase their payout. Their pre and post probe behavior was observed to test if they engaged in behavior that was deemed suspicious when they received the probe. The goal of the project is to test whether the overclaiming personality trait is a predictor of malicious insider behavior and this was measured through the Over Claiming questionnaire developed by Paulhaus (Paulhaus et al. 2003) The results indicated that over claiming proved to be a strong predictor of malicious insider behavior
- …