2022 IEEE International Symposium on Technologies for Homeland Security (HST)最新文献

{"title":"Efficient Clustering of Software Vulnerabilities using Self Organizing Map (SOM)","authors":"Khyati Panchal, Siddhartha Shankar Das, Luis De La Torre, John Miller, R. Rallo, M. Halappanavar","doi":"10.1109/HST56032.2022.10025443","DOIUrl":"https://doi.org/10.1109/HST56032.2022.10025443","url":null,"abstract":"The common vulnerabilities and exposures (CVE) database was created with a mission to “identify, define, and catalog publicly disclosed cybersecurity vulnerabilities”. This rich body of information can be used to enable rapid and efficient response to secure and defend cyber operations and protect critical cyber infrastructure. The main goal of this paper is to develop a visual analytic tool to enable deep analysis of CVEs using unsupervised clustering techniques. We enhance our analysis by first mapping CVEs to hierarchical-classes in Common Weakness Enumeration (CWE) using information in the National Vulnerability Database (NVD). Both the mapping and the numerical representation of CVEs are enabled by V2W-BERT, which uses natural language processing of the extensive information in NVD to generate a large tabular database of 137,226 CVE entries from 1999 to 2020, where each CVE is represented by a vector of 768 numerical features. The vectorized data is processed by Self-Organizing Maps (SOM), which is an unsupervised machine learning technique for dimensionality reduction, visual representation and clustering. Using a Torus map of 6417 units, we achieve 10-fold data compression of 140k CVEs using SOM. The trained map is further clustered using standard K-means clustering into 138 clusters of CVEs. We conducted a brief investigation of the rich mapping of CVEs to best-matching-units to K-means clusters, as well as CVEs to CWEs. For example, this novel mapping provided insight into the role of CWE-59 and CWE-264 in several CVEs that is otherwise hard to explore in the original data. We conclude that our this novel approach will not only enable deep analysis of the complex relationships between CVEs and CWEs, but also a mechanism to quickly respond to and design mitigation actions for rapidly evolving vulnerabilities that have not been mapped to existing CWEs.","PeriodicalId":162426,"journal":{"name":"2022 IEEE International Symposium on Technologies for Homeland Security (HST)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121819496","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Towards Automatic Mapping of Vulnerabilities to Attack Patterns using Large Language Models","authors":"Siddhartha Shankar Das, Ashutosh Dutta, Sumit Purohit, Edoardo Serra, M. Halappanavar, A. Pothen","doi":"10.1109/HST56032.2022.10025459","DOIUrl":"https://doi.org/10.1109/HST56032.2022.10025459","url":null,"abstract":"Cyber-attack surface of an enterprise continuously evolves due to the advent of new devices and applications with inherent vulnerabilities, and the emergence of novel attack techniques that exploit these vulnerabilities. Therefore, security management tools must assess the cyber-risk of an enterprise at regular intervals by comprehensively identifying associations among attack techniques, weaknesses, and vulnerabilities. How-ever, existing repositories providing such associations are incomplete (i.e., missing associations), which increases the likelihood of undermining the risk of specific set of attack techniques with missing information. Further, such associations often rely on manual interpretations that are slow compared to the speed of attacks, and therefore, ineffective in combating the ever increasing list of vulnerabilities and attack actions. Therefore, developing methodologies to associate vulnerabilities to all relevant attack techniques automatically and accurately is critically important. In this paper, we present a framework - Vulnerabilities and Weakness to Common Attack Pattern Mapping (VWC-MAP) - that can automatically identify all relevant attack techniques of a vulnerability via weakness based on their text descriptions, applying natural language process (NLP) techniques. VWC-MAP is enabled by a novel two-tiered classification approach, where the first tier classifies vulnerabilities to weakness, and the second tier classifies weakness to attack techniques. In this work, we improve the scalability of the current state-of-the-art tool to significantly speedup the mapping of vulnerabilities to weaknesses. We also present two novel automated approaches for mapping weakness to attack techniques by applying Text-to-Text and link prediction techniques. Our experimental results are cross-validated by cyber-security experts and demonstrate that VWC-MAP can associate vulnerabilities to weakness-types with up to 87% accuracy, and weaknesses to new attack patterns with up to 80% accuracy.","PeriodicalId":162426,"journal":{"name":"2022 IEEE International Symposium on Technologies for Homeland Security (HST)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130299944","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Military Uniform Identification for Search And Rescue (SAR) through Machine Learning","authors":"Benjamin Dubetsky, Kevin Fernandez, Garrett Christopher, Lakhan Singh, Jason Hughes, Jeremy Cole, M. Novitzky","doi":"10.1109/HST56032.2022.10025452","DOIUrl":"https://doi.org/10.1109/HST56032.2022.10025452","url":null,"abstract":"Object classification is a rapidly growing topic that is proving to serve many uses in both civilian and military professions. With continued development in this field, the Army and its units can accomplish tasks in more safe and efficient manners as unmanned drones and other technologies can carry out missions that have not been possible in the past. The purpose of this project is to develop a classifier model that can autonomously identify and track personnel during search and rescue (SAR) missions. The implementation of this technology would potentially improve the efficiency and reduce the risk of SAR missions in the Army by allowing soldiers to send out dispensable robots instead of risking indispensable lives.","PeriodicalId":162426,"journal":{"name":"2022 IEEE International Symposium on Technologies for Homeland Security (HST)","volume":"11 12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117007914","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Evaluation of Navigation and Trajectory-following Capabilities of Small Unmanned Aerial Systems","authors":"Edwin Meriaux, Kshitij Jerath","doi":"10.1109/HST56032.2022.10025455","DOIUrl":"https://doi.org/10.1109/HST56032.2022.10025455","url":null,"abstract":"Use cases for Small Unmanned Aerial Systems (sUAS) have expanded significantly over the past few years. One use case that is relevant to both civilian and defense missions is reliable operation in GPS-denied indoor and subterranean (subT) environments such as urban underground, tunnel systems, and cave networks. While many sUAS evaluation studies exist for outdoor environments, there have been limited studies to evaluate the characteristics of sUAS in GPS-denied indoor and subT environments. This paper attempts to resolve this knowledge gap by presenting a methodology for evaluating the navigation performance of sUAS in such environments, including operations such as waypoint navigation, path traversal, trajectory keeping, and navigation around corners. Specifically, we determine and present results for the navigation performance of five commercially available sUAS via the presented evaluation methodology.","PeriodicalId":162426,"journal":{"name":"2022 IEEE International Symposium on Technologies for Homeland Security (HST)","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132080958","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Operationalizing Resiliency among Childcare Providers during the COVID-19 Pandemic","authors":"J. Pardee, J. Schneider, Cindy Lam","doi":"10.1109/HST56032.2022.10025458","DOIUrl":"https://doi.org/10.1109/HST56032.2022.10025458","url":null,"abstract":"Childcare, a critical infrastructure, played an important role to create community resiliency during the COVID-19 pandemic. By finding pathways to remain open, or rapidly return to operations, the adaptive capacity of childcare providers to offer care in the face of unprecedented challenges functioned to promote societal level mitigation of the COVID-19 pandemic impacts, to assist families in their personal financial recoveries, and to provide consistent, caring, and meaningful educational experiences for society's youngest members. This paper assesses the operational adaptations of childcare centers as a key resource and critical infrastructure during the COVID-19 pandemic in the Greater Rochester, NY metropolitan region. Our findings evaluate the policy, provider mitigation, and response actions documenting the challenges they faced and the solutions they innovated. Implications for this research extend to climate-induced disruptions, including fires, water shortages, electric grid cyberattacks, and other disruptions where extended stay-at-home orders or service critical interventions are implemented.","PeriodicalId":162426,"journal":{"name":"2022 IEEE International Symposium on Technologies for Homeland Security (HST)","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116224342","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Edge-Based Infrared-Ultrasonic Anti-Collision Radar System for Robotic Navigation: *Applications of Cost-effective Bisensory System for Obstacle Detection, Tracking, and Avoidance","authors":"K. Nnoli, M. Benyeogor, Jones Ifeanyi Bolu, O. Olakanmi","doi":"10.1109/HST56032.2022.10024985","DOIUrl":"https://doi.org/10.1109/HST56032.2022.10024985","url":null,"abstract":"Significant progress has been made in the development of an edge computing system for the fusion, representation, and visualization of dual-sensor data for obstacle avoidance control of mobile robots. This involves the use of an error-filtering covariance and averaging algorithm to logically fuse distance measurements from a pair of infrared and ultrasonic sensors, which was instrumented into a robot and used to generate radar visuals to track the proximity of ambient obstacles within 180 degrees spanning ahead of the robot. Hands-on experiments were performed to evaluate the performance and applicability of the system in real-time. The results show that the developed system is viable and robust. In line with the emerging field of edge computing, this work is an efficient, portable, and cost-effective approach to developing mobile robotic systems.","PeriodicalId":162426,"journal":{"name":"2022 IEEE International Symposium on Technologies for Homeland Security (HST)","volume":"264 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133225952","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cost-Efficient Network Protection Games Against Uncertain Types of Cyber-Attackers","authors":"Zhifan Xu, M. Baykal-Gürsoy","doi":"10.1109/HST56032.2022.10025437","DOIUrl":"https://doi.org/10.1109/HST56032.2022.10025437","url":null,"abstract":"This paper considers network protection games for a heterogeneous network system with $N$ nodes against cyber-attackers of two different types of intentions. The first type tries to maximize damage based on the value of each net-worked node, while the second type only aims at successful infiltration. A defender, by applying defensive resources to networked nodes, can decrease those nodes' vulnerabilities. Meanwhile, the defender needs to balance the cost of using defensive resources and potential security benefits. Existing literature shows that, in a Nash equilibrium, the defender should adopt different resource allocation strategies against different types of attackers. However, it could be difficult for the defender to know the type of incoming cyber-attackers. A Bayesian game is investigated considering the case that the defender is uncertain about the attacker's type. We demonstrate that the Bayesian equilibrium defensive resource allocation strategy is a mixture of the Nash equilibrium strategies from the games against the two types of attackers separately.","PeriodicalId":162426,"journal":{"name":"2022 IEEE International Symposium on Technologies for Homeland Security (HST)","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131311103","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Impact-Driven Sampling Strategies for Hybrid Attack Graphs","authors":"Omer Subasi, Sumit Purohit, Arnab Bhattacharya, Samrat Chatterjee","doi":"10.1109/HST56032.2022.10025439","DOIUrl":"https://doi.org/10.1109/HST56032.2022.10025439","url":null,"abstract":"Cyber-Physical Systems (CPSs) have a large input space, with discrete and continuous elements across multiple layers. Hybrid Attack Graphs (HAGs) provide a flexible and efficient approach to generate attack sequences for a CPS. Analysis and testing of large-scale HAGs are prohibitively costly. To address scalability and analysis challenges of HAG generation, it is required to reduce the HAG size via sampling. Existing sampling techniques provide probabilistic sampling and do not consider the complete coverage of different types of vulnerabilities. Moreover, they do not consider the impact of successful attacks. In this work, we propose a sampling algorithm that is impact driven and coverage aware. In addition, we provide several sampling strategies for cyber-security experts to inquire about potential attacks. The experimental results performed on both synthetic and real-world graphs show that our sampling method reduces up to 50% of nodes and 86% edges while retaining all vulnerability types across different attack graph representations and graph generators.","PeriodicalId":162426,"journal":{"name":"2022 IEEE International Symposium on Technologies for Homeland Security (HST)","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121262463","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Half Title Page","authors":"","doi":"10.1109/hst56032.2022.10025453","DOIUrl":"https://doi.org/10.1109/hst56032.2022.10025453","url":null,"abstract":"","PeriodicalId":162426,"journal":{"name":"2022 IEEE International Symposium on Technologies for Homeland Security (HST)","volume":"91 3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127121401","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Low-cost multimodal integrated marine surveillance system","authors":"H. Salloum, A. Sutin, N. Sedunov, A. Sedunov, Daniel Kadyrov","doi":"10.1109/HST56032.2022.10025450","DOIUrl":"https://doi.org/10.1109/HST56032.2022.10025450","url":null,"abstract":"Detection of surface vessels, semisubmersibles, and underwater vehicles is required for several Maritime Law Enforcement missions, including drug and alien migrant interdiction, monitoring, control, and surveillance of illegal, unregulated, and unreported (IUU) fishing, as well as protection from maritime terrorism. Detection and monitoring of vessels involved in illegal activity occurs principally through the collection, analysis, and dissemination of tactical information and strategic intelligence combined with effective sensors operating from land, air, and surface assets. Stevens Institute of Technology (SIT) built and tested an experimental low-cost sensor suite dubbed the Boat Detection System (BDS) prototype that can work autonomously on the shore or at sea using available platforms. The suggested low-cost automated sensor system costs less than current land and air-based sensors and does not require a human in the loop for its operation. The experimental sensor suite uses low-cost COTS sensors including marine radar, optical and infrared cameras, and AIS receivers in conjunction with an underwater acoustic array, the Stevens Passive Acoustic System (SPADES-2) prototype, outfitted with Stevens custom-made lowcost hydrophones.","PeriodicalId":162426,"journal":{"name":"2022 IEEE International Symposium on Technologies for Homeland Security (HST)","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134357471","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}