Guarding Networks Through Heterogeneous Mobile Guards

In this article, the issue of guarding multi-agent systems against a sequence of intruder attacks through mobile heterogeneous guards (guards with different ranges) is discussed. The article makes use of graph theoretic abstractions of such systems in which agents are the nodes of a graph and edges represent interconnections between agents. Guards represent specialized mobile agents on specific nodes with capabilities to successfully detect and respond to an attack within their guarding range. Using this abstraction, the article addresses the problem in the context of eternal security problem in graphs. Eternal security refers to securing all the nodes in a graph against an infinite sequence of intruder attacks by a certain minimum number of guards. This paper makes use of heterogeneous guards and addresses all the components of the eternal security problem including the number of guards, their deployment and movement strategies. In the proposed solution, a graph is decomposed into clusters and a guard with appropriate range is then assigned to each cluster. These guards ensure that all nodes within their corresponding cluster are being protected at all times, thereby achieving the eternal security in the graph.Comment: American Control Conference, Chicago, IL, 201

Discovering Ways to Increase Inclusivity for Dyslexic Students in Computing Education

The years accompanying entrance into the university system are often characterized by a period of great transformation. These years can also be wrought with difficulties for many students, difficulties which are often compounded in students with disabilities (SWD). Reports from the U.S. Department of Education show that as recently as 2015--16, 19% of undergraduate students experienced some form of disability1. Additionally, statistics show that SWD tend to have lower post secondary completion rates than their counterparts [3]. A review of pertinent literature has shown that there still exist gaps within the field of computing education (CE) for teaching cybersecurity concepts to SWD. This poster is a continuation of the author\u27s research into both the identification and analysis of the current educational methods in use within the field of CE for teaching concepts of cybersecurity to SWD. This poster aims at narrowing the scope of that research by performing a specific analysis of CE through the lens of the post secondary dyslexic SWD demographic

Removing the Veil: Shining Light on the Lack of Inclusivity in Cybersecurity Education for Students with Disabilities

There are currently over one billion people living with some form of disability worldwide. The continuous increase in new technologies in today\u27s society comes with an increased risk in security. A fundamental knowledge of cybersecurity should be a basic right available to all users of technology. A review of literature in the fields of cybersecurity, STEM, and computer science (CS) has revealed existent gaps regarding educational methods for teaching cybersecurity to students with disabilities (SWD\u27s). To date, SWD\u27s are largely left without equitable access to cybersecurity education. Our goal is to identify current educational methods being used to teach SWD\u27s concepts of cybersecurity, evaluate these methods, and classify the observed trends

A Survey and Evaluation of Android-Based Malware Evasion Techniques and Detection Frameworks

Android platform security is an active area of research where malware detection techniques continuously evolve to identify novel malware and improve the timely and accurate detection of existing malware. Adversaries are constantly in charge of employing innovative techniques to avoid or prolong malware detection effectively. Past studies have shown that malware detection systems are susceptible to evasion attacks where adversaries can successfully bypass the existing security defenses and deliver the malware to the target system without being detected. The evolution of escape-resistant systems is an open research problem. This paper presents a detailed taxonomy and evaluation of Android-based malware evasion techniques deployed to circumvent malware detection. The study characterizes such evasion techniques into two broad categories, polymorphism and metamorphism, and analyses techniques used for stealth malware detection based on the malware’s unique characteristics. Furthermore, the article also presents a qualitative and systematic comparison of evasion detection frameworks and their detection methodologies for Android-based malware. Finally, the survey discusses open-ended questions and potential future directions for continued research in mobile malware detection

Securing the Human: Broadening Diversity in Cybersecurity

Recent global demand for cybersecurity professionals is promising, with the U.S. job growth rate at 28%, three times the national average [1]. Lacking qualified applicants, many organizations struggle to fill open positions [2]. In a global survey, 2,300 security managers reported that 59% of their security positions were unfilled, although 82% anticipated cyberattacks to their systems [3]. At the same time, the cybersecurity field is broadening, not only in technical concepts but also in human factors, business processes, and international law. The field has not become culturally diversified, however. Professionals hired in 2018 included only 24.9% women, 12.3% African Americans, and 6.8% Latinos [4]. These facts create an opportunity for higher education: diversify the profession while increasing the numbers of skilled computer scientists. New and integrated methods of attracting student populations in the field of cybersecurity are needed. The working group goal is to evaluate the effectiveness of approaches used in higher education to diversify the cybersecurity field through literature review, analysis of the findings, and a surve

Towards a systematic threat modeling approach for cyber-physical systems

Abstract—Cyber-Physical Systems (CPS) are systems with seamless integration of physical, computational and networking components. These systems can potentially have an impact on the physical components, hence it is critical to safeguard them against a wide range of attacks. In this paper, it is argued that an effective approach to achieve this goal is to systematically identify the potential threats at the design phase of building such systems, commonly achieved via threat modeling. In this context, a tool to perform systematic analysis of threat modeling for CPS is proposed. A real-world wireless railway temperature monitoring system is used as a case study to validate the proposed approach. The threats identified in the system are subsequently mitigated using National Institute of Standards and Technology (NIST) standards

E-Learning Course Recommender System Using Collaborative Filtering Models

e-Learning is a sought-after option for learners during pandemic situations. In e-Learning platforms, there are many courses available, and the user needs to select the best option for them. Thus, recommender systems play an important role to provide better automation services to users in making course choices. It makes recommendations for users in selecting the desired option based on their preferences. This system can use machine intelligence (MI)-based techniques to carry out the recommendation mechanism. Based on the preferences and history, this system is able to know what the users like most. In this work, a recommender system is proposed using the collaborative filtering mechanism for e-Learning course recommendation. This work is focused on MI-based models such as K-nearest neighbor (KNN), Singular Value Decomposition (SVD) and neural network–based collaborative filtering (NCF) models. Here, one lakh of Coursera’s course review dataset is taken from Kaggle for analysis. The proposed work can help learners to select the e-Learning courses as per their preferences. This work is implemented using Python language. The performance of these models is evaluated using performance metrics such as hit rate (HR), average reciprocal hit ranking (ARHR) and mean absolute error (MAE). From the results, it is observed that KNN is able to perform better in terms of higher HR and ARHR and lower MAE values as compared to other models

Ensemble-based DDoS detection and mitigation model

This work-in-progress paper presents an ensemble-based model for detecting and mitigating Distributed Denial-of-Service (DDoS) attacks, and its partial implementation. The model utilises network traffic analysis and MIB (Management Information Base) server load analysis features for detecting a wide range of network and application layer DDoS attacks and distinguishing them from Flash Events. The proposed model will be evaluated against realistic synthetic network traffic generated using a software-based traffic generator that we have developed as part of this research. In this paper, we summarise our previous work, highlight the current work being undertaken along with preliminary results obtained and outline the future directions of our work

Modelling web-server flash events

A Flash Event (FE) represents a period of time when a web-server experiences a dramatic increase in incoming traffic, either following a newsworthy event that has prompted users to locate and access it, or as a result of redirection from other popular web or social media sites. This usually leads to network congestion and Quality-of-Service (QoS) degradation. These events can be mistaken for Distributed Denial-of-Service (DDoS) attacks aimed at disrupting the server. Accurate detection of FEs and their distinction from DDoS attacks is important, since different actions need to be undertaken by network administrators in these two cases. However, lack of public domain FE datasets hinders research in this area. In this paper we present a detailed study of flash events and classify them into three broad categories. In addition, the paper describes FEs in terms of three key components: the volume of incoming traffic, the related source IP-addresses, and the resources being accessed. We present such a FE model with minimal parameters and use publicly available datasets to analyse and validate our proposed model. The model can be used to generate different types of FE traffic, closely approximating real-world scenarios, in order to facilitate research into distinguishing FEs from DDoS attacks

Parametric differences between a real-world distributed denial-of-service attack and a flash event

Distributed Denial-of-Service (DDoS) attacks continue to be one of the most pernicious threats to the delivery of services over the Internet. Not only are DDoS attacks present in many guises, they are also continuously evolving as new vulnerabilities are exploited. Hence accurate detection of these attacks still remains a challenging problem and a necessity for ensuring high-end network security. An intrinsic challenge in addressing this problem is to effectively distinguish these Denial-of-Service attacks from similar looking Flash Events (FEs) created by legitimate clients. A considerable overlap between the general characteristics of FEs and DDoS attacks makes it difficult to precisely separate these two classes of Internet activity. In this paper we propose parameters which can be used to explicitly distinguish FEs from DDoS attacks and analyse two real-world publicly available datasets to validate our proposal. Our analysis shows that even though FEs appear very similar to DDoS attacks, there are several subtle dissimilarities which can be exploited to separate these two classes of events