发布求助
文献互助 智能选刊 最新文献

2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing最新文献

筛选
英文 中文
Performance Metrics of Local Cloud Computing Architectures 本地云计算架构的性能指标
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.61
Travis Brummett, Pezhman Sheinidashtegol, Debadrita Sarkar, Jeffrey M. Galloway
{"title":"Performance Metrics of Local Cloud Computing Architectures","authors":"Travis Brummett, Pezhman Sheinidashtegol, Debadrita Sarkar, Jeffrey M. Galloway","doi":"10.1109/CSCloud.2015.61","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.61","url":null,"abstract":"Cloud Computing is a rapidly growing branch of distributed computing. There have been many proposed open source cloud architectures. The purpose of this paper is to look at three of the most popular open source architectures: Eucalyptus, OpenStack, and OpenNebula. These three architectures were compared by their ease of installation and performance. The benchmarks performed calculated CPU performance, Network performance, and I/O performance. The CPU performance was measured by a Python program that calculated Pi to a given digit and returned the time taken to complete the task. Our Network performance benchmark made use of two Virtual Machines (VMs) and the Iperf tool to send data over the network. The results were measured by network throughput between VMs. Finally, I/O performance made use of a MySQL table of 100,000 entries and the sysbench tool to benchmark varying amounts of threads by measuring the number of transactions per second. We also ran these benchmarks on a micro instance of Amazon's Elastic Compute Cloud (EC2) to compare results.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"113 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124315251","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Designing ARINC653 Partition Constrained Scheduling for Secure Real Time Embedded Avionics 安全实时嵌入式航空电子设备ARINC653分区约束调度设计
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.23
Xiang Tao, Yongxin Zhu, Yishu Mao, Han Song, Mengyun Liu, Xinyi Liu, Weiguang Sheng, Weiwei Shi
{"title":"Designing ARINC653 Partition Constrained Scheduling for Secure Real Time Embedded Avionics","authors":"Xiang Tao, Yongxin Zhu, Yishu Mao, Han Song, Mengyun Liu, Xinyi Liu, Weiguang Sheng, Weiwei Shi","doi":"10.1109/CSCloud.2015.23","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.23","url":null,"abstract":"Being a high end embedded system, an avionic system calls for stringent real time constraints as well as secure guarantees. In terms of logical architecture, avionic systems have recently grown into the form of Integrated Modular Avionics (IMA) from the traditional federated avionics system whose redundancy level is overwhelming for modern large aircrafts. The key idea of IMA system lies in the rules of time and space partitioning, which guarantees system predictability and reliability. However, existing industrial practices of IMA partition and priority settings usually incur significant waste of resources, which would eventually lower the performance of IMA tasks in terms of latency or throughput. This issue was not properly addressed by previous researchers who assumed settings of priority variances and fixed partitions, which differ from practical applications. In this paper, a secure real time scheduling scheme with partition readjustment is proposed with inputs of features exhibited by tasks under partition. In our scheme, the resource costs are reduced by merging and restructuring partitions without compromising hard real time constraints. The simulation results of actual flight missions show that significant improvement by our method in terms of the average response time of tasks as well as number of partitions.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"454 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125791381","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
An Efficiency Optimization Scheme for the On-the-Fly Statistical Randomness Test 动态统计随机性检验的效率优化方案
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.10
Jiahui Shen, Tianyu Chen, Lei Wang, Yuan Ma
{"title":"An Efficiency Optimization Scheme for the On-the-Fly Statistical Randomness Test","authors":"Jiahui Shen, Tianyu Chen, Lei Wang, Yuan Ma","doi":"10.1109/CSCloud.2015.10","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.10","url":null,"abstract":"The randomness of random number generators (RNGs) significantly influences the security of cryptographic systems. Although RNGs are allowed to adopt in practical systems only after strict analysis and security evaluation, the randomness of generated sequences may degrade due to aging effects of electronic devices, change of temperature and humidity, or even malicious attacks. Therefore, before the generated sequence being used (as a secret key or any other critical cryptography parameter), it is necessary to execute the on-the-fly statistical randomness test (on-the-fly test) on the candidate sequence to ensure the security. On-the-fly test should be finished efficiently; otherwise, it would impact the cryptographic systems' performance. In this paper, we propose a scheme to optimize the efficiency of randomness test suites, that is, provide an optimized order of the tests in the test suite, so that an unqualified sequence can be rejected as early as possible. We apply this optimization scheme on the NIST test suite (SP 800-22) [1] as an instance. Experimental results of 128- and 256- bit sequence, demonstrate that the optimized efficiency approximates to the theoretical optimum and the scheme can be quickly implemented.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126439911","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Next Generation of Impersonator Bots: Mimicking Human Browsing on Previously Unvisited Sites 下一代模拟机器人:模仿人类浏览以前未访问过的网站
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.93
Yang Yang, N. Vlajic, U. T. Nguyen
{"title":"Next Generation of Impersonator Bots: Mimicking Human Browsing on Previously Unvisited Sites","authors":"Yang Yang, N. Vlajic, U. T. Nguyen","doi":"10.1109/CSCloud.2015.93","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.93","url":null,"abstract":"The development of Web bots capable of exhibiting human-like browsing behavior has long been the goal of practitioners on both side of security spectrum - malicious hackers as well as security defenders. For malicious hackers such bots are an effective vehicle for bypassing various layers of system/network protection or for obstructing the operation of Intrusion Detection Systems (IDSs). For security defenders, the use of human-like behaving bots is shown to be of great importance in the process of system/network provisioning and testing. In the past, there have been many attempts at developing accurate models of human-like browsing behavior. However, most of these attempts/models suffer from one of following drawbacks: they either require that some previous history of actual human browsing on the target web-site be available (which often is not the case), or, they assume that 'think times' and 'page popularities' follow the well-known Poisson and Zipf distribution (an old hypothesis that does not hold well in the modern-day WWW). To our knowledge, our work is the first attempt at developing a model of human-like browsing behavior that requires no prior knowledge or assumption about human behavior on the target site. The model is founded on a more general theory that defines human behavior as an 'interest-driven' process. The preliminary simulation results are very encouraging - web bots built using our model are capable of mimicking real human browsing behavior 1000-fold better compared to bots that deploy random crawling strategy.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121999985","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Understanding Model Risk Management -- Model Rationalization in Financial Industry 理解模型风险管理——金融行业的模型合理化
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.68
Hevel Jean-Baptiste, Lixin Tao, Meikang Qiu, Keke Gai
{"title":"Understanding Model Risk Management -- Model Rationalization in Financial Industry","authors":"Hevel Jean-Baptiste, Lixin Tao, Meikang Qiu, Keke Gai","doi":"10.1109/CSCloud.2015.68","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.68","url":null,"abstract":"Building a good financial Model Risk Management (MRM) system requires advanced skills in technology, econometrics and financial businesses. Very often we have businesses that have different models with similar functionality. The question that we are trying to answer in the paper is how to rationalize different models within an Enterprise Risk Management (ERM) of in organization. It is a dilemma that Risk Management Practitioners are struggling with. Very often they are looking for someone who can understand their business ideas and transform them to technology solutions or come up with technology solutions to support their MRM ideas. While quantitative Analysts are very critical in this type of project, very often they fail in the software development skills that are required. We are witnesses these struggles where some model risk leaders fail to find some good technologists or econometricians to implement their risk management philosophy. Also we have cases where technologists or econometricians cannot receive proper requirements to implement the functionality that the business needs. Here we are trying to understand how we can rationalize on different models that have some common functionality. For example how to look at or consolidate the functionality of the following models, such as Probability of Default (PD), Loss Given Default (LGD), Allowance for Loan and Lease Losses (ALLL), Stress Testing (ST) and others Financial Models. In this paper, we will present a framework for Model Rationalization or how to consolidate models. Also we will present a methodology that can be used to test a model that has been consolidated through our framework, Model Rationalization.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132740353","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Game Theoretic Modeling to Enforce Security Information Sharing among Firms 加强企业安全信息共享的博弈论模型
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.81
Deepak K. Tosh, S. Sengupta, S. Mukhopadhyay, C. Kamhoua, K. Kwiat
{"title":"Game Theoretic Modeling to Enforce Security Information Sharing among Firms","authors":"Deepak K. Tosh, S. Sengupta, S. Mukhopadhyay, C. Kamhoua, K. Kwiat","doi":"10.1109/CSCloud.2015.81","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.81","url":null,"abstract":"Robust CYBersecurity information EXchange (CYBEX) infrastructure is envisioned to protect the firms from future cyber attacks via collaborative threat intelligence sharing, which might be difficult to achieve via sole effort. The executive order from the U. S. federal government clearly encourages the firms to share their cybersecurity breach and patch related information among other federal and private firms for strengthening their as well as nation's security infrastructure. In this paper, we present a game theoretic framework to investigate the economic benefits of cyber-threat information sharing and analyze the impacts and consequences of not participating in the game of information exchange. We model the information exchange framework as distributed non-cooperative game among the firms and investigate the implications of information sharing and security investments. The proposed incentive model ensures and self-enforces the firms to share their breach information truthfully for maximization of its gross utility. Theoretical analysis of the incentive framework has been conducted to find the conditions under which firms' net benefit for sharing security information and investment can be maximized. Numerical results verify that the proposed model promotes such sharing, which helps to relieve their total security technology investment too.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130204847","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 30
A Novel Anomaly Detection Approach for Mitigating Web-Based Attacks Against Clouds 一种新的基于web的云攻击异常检测方法
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.46
Simin Zhang, B. Li, Jianxin Li, Mingming Zhang, Yang Chen
{"title":"A Novel Anomaly Detection Approach for Mitigating Web-Based Attacks Against Clouds","authors":"Simin Zhang, B. Li, Jianxin Li, Mingming Zhang, Yang Chen","doi":"10.1109/CSCloud.2015.46","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.46","url":null,"abstract":"In recent years, web-based attacks increase and become the top threat in cloud environments. To detect unknown web-based attacks, many studies resort to anomaly detection through analyzing web logs. This paper presents an anomaly detection approach, which includes a transforming model and a classifier model. The transforming model converts every entry into a vector, and every value in vector is obtained by training extracted features in statistical techniques and Naive Bayes, which can analyze URI or URL without query in web logs and establish a unified normal standard for different websites. A big real-life dataset of about 50.1GB web logs has been used to verify the effectiveness of our approach, and the experimental results show that our approach can achieve detection rate over 98% and false alarm rate less than 1.5%.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131980095","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Two-Way Graphic Password for Mobile User Authentication 移动用户双向图形密码认证
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.45
Ming Jiang, A. He, Kuangyu Wang, Zhengyi Le
{"title":"Two-Way Graphic Password for Mobile User Authentication","authors":"Ming Jiang, A. He, Kuangyu Wang, Zhengyi Le","doi":"10.1109/CSCloud.2015.45","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.45","url":null,"abstract":"In this mobile era, people cannot live without smart phones. But how smart and trustworthy they are is still a problem. User authentication is one of the most important issues. The prevalent solutions are simple (4-digit) password, regular textbased password, pattern password and fingerprint. However, all of them are one-way authentication and each of them has its own limitations. This paper proposes a two-way authentication method which fuses knowledge-based secret and personal trait information. Two types of demos are implemented, Android and Web. The experiments and analysis prove our approach is stronger than existing ones.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"84 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130785867","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Detecting Malware for Android Platform: An SVM-Based Approach 基于svm的Android平台恶意软件检测方法
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.50
Wenjia Li, Jigang Ge, Guqian Dai
{"title":"Detecting Malware for Android Platform: An SVM-Based Approach","authors":"Wenjia Li, Jigang Ge, Guqian Dai","doi":"10.1109/CSCloud.2015.50","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.50","url":null,"abstract":"In recent years, Android has become one of the most popular mobile operating systems because of numerous mobile applications (apps) it provides. However, the malicious Android applications (malware) downloaded from third-party markets have significantly threatened users' security and privacy, and most of them remain undetected due to the lack of efficient and accurate malware detection techniques. In this paper, we study a malware detection scheme for Android platform using an SVM-based approach, which integrates both risky permission combinations and vulnerable API calls and use them as features in the SVM algorithm. To validate the performance of the proposed approach, extensive experiments have been conducted, which show that the proposed malware detection scheme is able to identify malicious Android applications effectively and efficiently.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122246322","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 71
Extending OWL to Support Custom Relations 扩展OWL以支持自定义关系
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.74
K. Patel, Ishaan Dube, Lixin Tao, Ning Jiang
{"title":"Extending OWL to Support Custom Relations","authors":"K. Patel, Ishaan Dube, Lixin Tao, Ning Jiang","doi":"10.1109/CSCloud.2015.74","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.74","url":null,"abstract":"Web Ontology Language (OWL) is used by domain experts to encode knowledge. OWL primarily only supports the subClassOf (is-a or inheritance) relation. Various other relations, such as partOf, are essential for representing information in various fields including all engineering disciplines. The current syntax of OWL does not support the declaration and usage of new custom relations. Workarounds to emulate custom relations do exist, but they add syntax burden to knowledge modelers and don't support accurate semantics for inference engines. This paper proposes minimal syntax extension to OWL for declaring custom relations with special attributes, and applying them in knowledge representation. Domain experts can apply custom relations intuitively and concisely as they do with the familiar built-in subClassOf relation. We present our additions to the OWL API for the declaration, application, and visualization of custom relations. We outline our revision and additions to the ontology editor Protégé so its users could visually declare, apply and remove custom relations according to our enriched OWL syntax. Work relating to our modification of the OWLViz plugin for custom relations visualization is also discussed.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114286445","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信