Resource-aware Cyber Deception in Cloud-Native Environments

Cyber deception can be a valuable addition to traditional cyber defense mechanisms, especially for modern cloud-native environments with a fading security perimeter. However, pre-built decoys used in classical computer networks are not effective in detecting and mitigating malicious actors due to their inability to blend with the variety of applications in such environments. On the other hand, decoys cloning the deployed microservices of an application can offer a high-fidelity deception mechanism to intercept ongoing attacks within production environments. However, to fully benefit from this approach, it is essential to use a limited amount of decoy resources and devise a suitable cloning strategy to minimize the impact on legitimate services performance. Following this observation, we formulate a non-linear integer optimization problem that maximizes the number of attack paths intercepted by the allocated decoys within a fixed resource budget. Attack paths represent the attacker's movements within the infrastructure as a sequence of violated microservices. We also design a heuristic decoy placement algorithm to approximate the optimal solution and overcome the computational complexity of the proposed formulation. We evaluate the performance of the optimal and heuristic solutions against other schemes that use local vulnerability metrics to select which microservices to clone as decoys. Our results show that the proposed allocation strategy achieves a higher number of intercepted attack paths compared to these schemes while requiring approximately the same number of decoys

Intelligent multi-branch allocation of spectrum slices for inter-numerology interference minimization

Network slicing and mixed-numerology access schemes cover a central role to enable the flexible multi-service connectivity that characterizes 5G radio access networks (RAN). However, the interference generated by the simultaneous multiplexing of radio slices having heterogeneous subcarrier spacing can hinder the isolation of the different slices sharing the RAN and their effectiveness in meeting the application requirements. To overcome these issues, we design a radio resource allocation scheme that accounts for the inter-numerology interference and maximizes the aggregate network throughput. To overcome the computationally complexity of the optimal formulation, we leverage deep reinforcement learning (DRL) to design an agent capable of approximating the optimal solution exploiting a model-free environment formulation. We propose a multi-branch agent architecture, based on Branching Dueling Q-networks (BDQ), which ensures the agent scalability as the number of spectrum resources and network slices increases. In addition, we augment the agent learning performance by including an action mapping procedure designed to enforce the selection of feasible actions. We compare the agent performance to several benchmarks schemes. Results show that the proposed solution provides a good approximation of the optimal allocation in most scenarios

Predictors of emergency department referral in patients using out-of-hours primary care services

Out of hours (OOH) doctors could manage many cases limiting the inappropriate accesses to ED. However the possible determinants of referral to ED by OOH doctors are poorly studied. We aimed to characterize patients referred from the OOH to ED service in order to explore the gate-keeping role of OOH service for hospital emergency care and to facilitate future research in improving its cost-effectiveness. A retrospective study was made through data collection of 5217 contacts in a local OOH service in the North-East of Italy (from 10/01/2012 to 03/31/2013). Only 8.7% (=454 people) of the total contacts were referred to ED. In the multivariate analysis, the significant predictors of being sent to ED were: age; residence in nursing home (odds ratios (OR)=2.00, 95%CI: 1.30-3.10); being visited by a OOH physician (OR=2.64, 95%CI: 2.09-3.34). Taking infections as reference, cardiovascular diseases (OR=18.31, 95%CI: 12.01-27.90), traumas (OR=8.75, 95%CI: 5.36-14.26) and gastrointestinal conditions (OR=7.69, 95%CI: 4.70-11.91) increased the probability to be referred to ED. OOH service addresses several common medical conditions in community-dwelling and in nursing home context, supporting its filtering function for the ED access. The main reasons of ED referral, as shown by our study, could be a crucial aspect in general population education in order to avoid the overcrowding of the ED