发布求助
文献互助 智能选刊 最新文献

Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense最新文献

筛选
英文 中文
A One-Year Perspective on Exposed In-memory Key-Value Stores 内存中暴露的键值存储的一年展望
Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense Pub Date : 2016-10-24 DOI: 10.1145/2994475.2994480
T. Fiebig, A. Feldmann, Matthias Junker-Petschick
{"title":"A One-Year Perspective on Exposed In-memory Key-Value Stores","authors":"T. Fiebig, A. Feldmann, Matthias Junker-Petschick","doi":"10.1145/2994475.2994480","DOIUrl":"https://doi.org/10.1145/2994475.2994480","url":null,"abstract":"Today's highly-scalable low-latency Web services rely on in-memory key-value stores. While they are essential to improve Web service performance they should not be exposed to the Internet. Security problems range from data leakage to remote code execution. In this paper we use a year long data set of exposed Redis and memcached instances to highlight the magnitude (about 200K) of the problem, document new transitive attacks, and explore misconfiguration patterns. We find that the number of exposed instances is constantly on the rise and that even severe problems only lead to temporal decreases. However, by correlating misconfiguration patterns we can explain significant changes in the number of exposed systems.","PeriodicalId":343057,"journal":{"name":"Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense","volume":"79 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130081278","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Session details: Keynote Addresses 会议详情:主题演讲
Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense Pub Date : 2016-10-24 DOI: 10.1145/3252795
Nicholas J. Multari
{"title":"Session details: Keynote Addresses","authors":"Nicholas J. Multari","doi":"10.1145/3252795","DOIUrl":"https://doi.org/10.1145/3252795","url":null,"abstract":"","PeriodicalId":343057,"journal":{"name":"Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127861676","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Towards Automated Verification of Active Cyber Defense Strategies on Software Defined Networks 软件定义网络主动网络防御策略的自动验证
Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense Pub Date : 2016-10-24 DOI: 10.1145/2994475.2994482
Mohammed Noraden Alsaleh, E. Al-Shaer
{"title":"Towards Automated Verification of Active Cyber Defense Strategies on Software Defined Networks","authors":"Mohammed Noraden Alsaleh, E. Al-Shaer","doi":"10.1145/2994475.2994482","DOIUrl":"https://doi.org/10.1145/2994475.2994482","url":null,"abstract":"Active Cyber Defense (ACD) reconfigures cyber systems (networks and hosts) in timely manner in order to automatically respond to cyber incidents and mitigate potential risks or attacks. However, to launch a successful cyber defense, ACD strategies need to be proven effective in neutralizing the threats and enforceable under the current state and capabilities of the network. In this paper, we present a bounded model checking framework based on SMT to verify that the network can support the given ACD strategies accurately and safely without jeopardizing cyber mission invariants. We abstract the ACD strategies as sets of serializable reconfigurations and provide user interfaces to define cyber mission invariants as reachability, security, and QoS properties. We then verify the satisfaction of these invariants under the given strategies. We implemented this system on OpenFlow-based Software Defined Networks and we evaluated the time complexity for verifying ACD strategies on OpenFlow networks of over two thousand nodes and thousands of rules.","PeriodicalId":343057,"journal":{"name":"Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense","volume":"53 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127233384","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Firewalling Scenic Routes: Preventing Data Exfiltration via Political and Geographic Routing Policies 防火墙风景路由:通过政治和地理路由策略防止数据泄露
Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense Pub Date : 2016-03-22 DOI: 10.1145/2994475.2994477
Kevin Benton, L. Camp
{"title":"Firewalling Scenic Routes: Preventing Data Exfiltration via Political and Geographic Routing Policies","authors":"Kevin Benton, L. Camp","doi":"10.1145/2994475.2994477","DOIUrl":"https://doi.org/10.1145/2994475.2994477","url":null,"abstract":"In this paper we describe a system that allows the real time creation of firewall rules in response to geographic and political changes in the control-plane. This allows an organization to mitigate data exfiltration threats by analyzing Border Gateway Protocol (BGP) updates and blocking packets from being routed through problematic jurisdictions. By inspecting the autonomous system paths and referencing external data sources about the autonomous systems, a BGP participant can infer the countries that traffic to a particular destination address will traverse. Based on this information, an organization can then define constraints on its egress traffic to prevent sensitive data from being sent via an untrusted region. In light of the many route leaks and BGP hijacks that occur today, this offers a new option to organizations willing to accept reduced availability over the risk to confidentiality. Similar to firewalls that allow organizations to block traffic originating from specific countries, our approach allows blocking outbound traffic from transiting specific jurisdictions. To illustrate the efficacy of this approach, we provide an analysis of paths to various financial services IP addresses over the course of a month from a single BGP vantage point that quantifies the frequency of path alterations resulting in the traversal of new countries. We conclude with an argument for the utility of country-based egress policies that do not require the cooperation of upstream providers.","PeriodicalId":343057,"journal":{"name":"Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense","volume":"156 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122138051","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信