7,329 research outputs found
Spatiotemporal patterns and predictability of cyberattacks
A relatively unexplored issue in cybersecurity science and engineering is
whether there exist intrinsic patterns of cyberattacks. Conventional wisdom
favors absence of such patterns due to the overwhelming complexity of the
modern cyberspace. Surprisingly, through a detailed analysis of an extensive
data set that records the time-dependent frequencies of attacks over a
relatively wide range of consecutive IP addresses, we successfully uncover
intrinsic spatiotemporal patterns underlying cyberattacks, where the term
"spatio" refers to the IP address space. In particular, we focus on analyzing
{\em macroscopic} properties of the attack traffic flows and identify two main
patterns with distinct spatiotemporal characteristics: deterministic and
stochastic. Strikingly, there are very few sets of major attackers committing
almost all the attacks, since their attack "fingerprints" and target selection
scheme can be unequivocally identified according to the very limited number of
unique spatiotemporal characteristics, each of which only exists on a
consecutive IP region and differs significantly from the others. We utilize a
number of quantitative measures, including the flux-fluctuation law, the Markov
state transition probability matrix, and predictability measures, to
characterize the attack patterns in a comprehensive manner. A general finding
is that the attack patterns possess high degrees of predictability, potentially
paving the way to anticipating and, consequently, mitigating or even preventing
large-scale cyberattacks using macroscopic approaches
Spatiotemporal Patterns and Predictability of Cyberattacks
Y.C.L. was supported by Air Force Office of Scientific Research (AFOSR) under grant no. FA9550-10-1-0083 and Army Research Office (ARO) under grant no. W911NF-14-1-0504. S.X. was supported by Army Research Office (ARO) under grant no. W911NF-13-1-0141. The funders had no role in study design, data collection and analysis, decision to publish, or preparation of the manuscript.Peer reviewedPublisher PD
NEMESYS: Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem
As a consequence of the growing popularity of smart mobile devices, mobile
malware is clearly on the rise, with attackers targeting valuable user
information and exploiting vulnerabilities of the mobile ecosystems. With the
emergence of large-scale mobile botnets, smartphones can also be used to launch
attacks on mobile networks. The NEMESYS project will develop novel security
technologies for seamless service provisioning in the smart mobile ecosystem,
and improve mobile network security through better understanding of the threat
landscape. NEMESYS will gather and analyze information about the nature of
cyber-attacks targeting mobile users and the mobile network so that appropriate
counter-measures can be taken. We will develop a data collection infrastructure
that incorporates virtualized mobile honeypots and a honeyclient, to gather,
detect and provide early warning of mobile attacks and better understand the
modus operandi of cyber-criminals that target mobile devices. By correlating
the extracted information with the known patterns of attacks from wireline
networks, we will reveal and identify trends in the way that cyber-criminals
launch attacks against mobile devices.Comment: Accepted for publication in Proceedings of the 28th International
Symposium on Computer and Information Sciences (ISCIS'13); 9 pages; 1 figur
SADA: Semantic Adversarial Diagnostic Attacks for Autonomous Applications
One major factor impeding more widespread adoption of deep neural networks
(DNNs) is their lack of robustness, which is essential for safety-critical
applications such as autonomous driving. This has motivated much recent work on
adversarial attacks for DNNs, which mostly focus on pixel-level perturbations
void of semantic meaning. In contrast, we present a general framework for
adversarial attacks on trained agents, which covers semantic perturbations to
the environment of the agent performing the task as well as pixel-level
attacks. To do this, we re-frame the adversarial attack problem as learning a
distribution of parameters that always fools the agent. In the semantic case,
our proposed adversary (denoted as BBGAN) is trained to sample parameters that
describe the environment with which the black-box agent interacts, such that
the agent performs its dedicated task poorly in this environment. We apply
BBGAN on three different tasks, primarily targeting aspects of autonomous
navigation: object detection, self-driving, and autonomous UAV racing. On these
tasks, BBGAN can generate failure cases that consistently fool a trained agent.Comment: Accepted at AAAI'2
Computational analysis of a plant receptor interaction network
Trabajo fin de máster en Bioinformática y BiologĂa ComputacionalIn all organisms, complex protein-protein interactions (PPI) networks control major
biological functions yet studying their structural features presents a major analytical
challenge. In plants, leucine-rich-repeat receptor kinases (LRR-RKs) are key in sensing
and transmitting non-self as well as self-signals from the cell surface. As such, LRR-RKs
have both developmental and immune functions that allow plants to make the most of their
environments. In the model organism in plant molecular biology, Arabidopsis thaliana,
most LRR-RKs are still represented by biochemically and genetically uncharacterized
receptors. To fix this an LRR-based Cell Surface Interaction (CSI LRR ) network was
obtained in 2018, a protein-protein interaction network of the extracellular domain of 170
LRR-RKs that contains 567 bidirectional interactions. Several network analyses have been
performed with CSI LRR . However, these analyses have so far not considered the spatial and
temporal expression of its proteins. Neither has it been characterized in detail the role of
the extracellular domain (ECD) size in the network structure. Because of that, the objective
of the present work is to continue with more in depth analyses with the CSI LRR network.
This would provide important insights that will facilitate LRR-RKs function
characterization.
The first aim of this work is to test out the fit of the CSI LRR network to a scale-free
topology. To accomplish that, the degree distribution of the CSI LRR network was compared
with the degree distribution of the known network models of scale-free and random.
Additionally, three network attack algorithms were implemented and applied to these two
network models and the CSI LRR network to compare their behavior. However, since the
CSI LRR interaction data comes from an in vitro screening, there is no direct evidence
whether its protein-protein interactions occur inside the plant cells. To gain insight on how
the network composition changes depending on the transcriptional regulation, the
interaction data of the CSI LRR was integrated with 4 different RNA-Seq datasets related
with the network biological functions. To automatize this task a Python script was written.
Furthermore, it was evaluated the role of the LRR-RKs in the network structure depending
on the size of their extracellular domain (large or small). For that, centrality parameters
were measured, and size-targeted attacks performed. Finally, gene regulatory information
was integrated into the CSI LRR to classify the different network proteins according to the
function of the transcription factors that regulate its expression.
The results were that CSI LRR fits a power law degree distribution and approximates a scale-
free topology. Moreover, CSI LRR displays high resistance to random attacks and reduced
resistance to hub/bottleneck-directed attacks, similarly to scale-free network model. Also,
the integration of CSI LRR interaction data and RNA-Seq data suggests that the
transcriptional regulation of the network is more relevant for developmental programs than
for defense responses. Another result was that the LRR-RKs with a small ECD size have a
major role in the maintenance of the CSI LRR integrity. Lastly, it was hypothesized that the
integration of CSI LRR interaction data with predicted gene regulatory networks could shed
light upon the functioning of growth-immunity signaling crosstalk
- …