发布求助
文献互助 智能选刊 最新文献

MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)最新文献

筛选
英文 中文
Domain Flux-based DGA Botnet Detection Using Feedforward Neural Network 基于域通量的前馈神经网络DGA僵尸网络检测
MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM) Pub Date : 2019-11-01 DOI: 10.1109/MILCOM47813.2019.9020730
Md. Ishtiaq Ashiq, Protick Bhowmick, Md. Shohrab Hossain, Husnu S. Narman
{"title":"Domain Flux-based DGA Botnet Detection Using Feedforward Neural Network","authors":"Md. Ishtiaq Ashiq, Protick Bhowmick, Md. Shohrab Hossain, Husnu S. Narman","doi":"10.1109/MILCOM47813.2019.9020730","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9020730","url":null,"abstract":"Botnets have been a major area of concern in the field of cybersecurity. There have been a lot of research works for detection of botnets. However, everyday cybercriminals are coming up with new ideas to counter the well-known detection methods. One such popular method is domain flux-based botnets in which a large number of domain names are produced using domain generation algorithm. In this paper, we have proposed a robust way of detecting DGA-based botnets using few novel features covering both syntactic and semantic viewpoints. We have used Area under ROC curve as our performance metric since it provides comprehensive information about the performance of binary classifiers at various thresholds. Results show that our approach performs significantly better than the baseline approach. Our proposed method can help in detecting established DGA bots (equipped with extensive features) as well as prospective advanced DGA bots imitating real-world domain names.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114796529","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
An Empirical Analysis of Plugin-Based Tor Traffic over SSH Tunnel 基于插件的SSH隧道Tor流量实证分析
MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM) Pub Date : 2019-11-01 DOI: 10.1109/MILCOM47813.2019.9020938
Zhong Guan, Gaopeng Gou, Yangyang Guan, Bingxu Wang
{"title":"An Empirical Analysis of Plugin-Based Tor Traffic over SSH Tunnel","authors":"Zhong Guan, Gaopeng Gou, Yangyang Guan, Bingxu Wang","doi":"10.1109/MILCOM47813.2019.9020938","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9020938","url":null,"abstract":"Tor is the most widely used system for anonymous low-latency communication. However, the anonymity of TOr is not invulnerable according to a large amount of researches, even with the traffic obfuscation provided by pluggable transports. Concerned about security issues such as identity leakage, users deploy fronting servers as proxies that forward traffic to the entry node of Tor, and encrypted tunneling services such as secure shell (SSH) protocol are commonly used to connect users with proxies. To quantitatively analyze the plugin-based Tor traffic over encrypted tunnels, experiments involving the traffic identification and correlation are performed. Identification aims at recognizing tunneled Tor flows among background traffic at the client side, while correlation associates outward flows of Tor at the server side with corresponding inward flows at the client side. We access to the self-built server through the SSH proxy and Tor successively, capturing data flows generated by different pluggable transports and upper applications. Then identification and correlation techniques based on various machine learning algorithms are used to break anonymity. The accuracy and F1 scores reach above 95% while false positive rates approach 0% under certain conditions. The result demonstrates that Tor traffic encrypted by tunneling protocols is also at risk of anonymity revealing when confronted with traffic analysis.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116936310","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
SATCOM Digital IF Stream Rate Considerations for Earth Segment Transport 卫星通信数字中频流率对地球段传输的考虑
MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM) Pub Date : 2019-11-01 DOI: 10.1109/MILCOM47813.2019.9020926
A. Vigil, Dahesh A. Khalil
{"title":"SATCOM Digital IF Stream Rate Considerations for Earth Segment Transport","authors":"A. Vigil, Dahesh A. Khalil","doi":"10.1109/MILCOM47813.2019.9020926","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9020926","url":null,"abstract":"Digital IF shows significant promise as a SATCOM Earth segment architecture, offering solutions for gateway congestion, Earth segment resilience and long term growth. One resilience aspect of Digital IF is the ability to transport IF long distances for the sake of redundant RF aperture locations. The ANSI/TIA-5041 FAST OSDI standard has been developed for universal adoption by SATCOM stakeholders as a common Digital IF protocol to ensure interoperability within the Digital IF Earth segment architecture. This standard is presently computationally efficient at the expense of transport efficiency. Sample rate and sample size are standardized to simplify implementation of computational functions at the expense of higher Digital IF stream rates. This presents an issue to terrestrial transport where higher Digital IF stream rates increase terrestrial WAN consumption. FAST OSDI stream rates are typically 50–100 times a carrier's symbol rate, corresponding to 8 to 100 times the data traffic rate at 1 to 6 bits per symbol. To reduce Digital IF stream rates, potential updates to the FAST OSDI standard are considered, first by reducing sample rate and sample size, then by analyzing waveform performance. Digital IF stream rate can be reduced, for purposes of terrestrial transport, by factors of 2 to 6 over these same 1–6 bits per symbol while preserving signal integrity for demodulation. Additional Digital IF transport considerations include transport of multiple carriers, reconstruction of uplink modulation spectra and adoption of Earth segment transport as an explicit Digital IF functional element.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131103396","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Multi-Domain Effects and the Internet of Battlefield Things 多域效应和战场物联网
MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM) Pub Date : 2019-11-01 DOI: 10.1109/MILCOM47813.2019.9020925
S. Russell, T. Abdelzaher, Niranjan Suri
{"title":"Multi-Domain Effects and the Internet of Battlefield Things","authors":"S. Russell, T. Abdelzaher, Niranjan Suri","doi":"10.1109/MILCOM47813.2019.9020925","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9020925","url":null,"abstract":"This paper reviews the definitions and characteristics of military effects, the Internet of Battlefield Things (IoBT), and their impact on decision processes in a Multi-Domain Operating environment (MDO). The aspects of contemporary military decision-processes are illustrated and an MDO Effect Loop decision process is introduced. We examine the concept of IoBT effects and their implications in MDO. These implications suggest that when considering the concept of MDO, as a doctrine, the technological advances of IoBTs empower enhancements in decision frameworks and increase the viability of novel operational approaches and options for military effects.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114590661","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
On the Application of Key-Based Physical Layer Security in 5G Heterogeneous Networks 基于密钥的物理层安全在5G异构网络中的应用
MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM) Pub Date : 2019-11-01 DOI: 10.1109/MILCOM47813.2019.9020882
Anil Kumar Yerrapragada, Patrick Ormond, B. Kelley
{"title":"On the Application of Key-Based Physical Layer Security in 5G Heterogeneous Networks","authors":"Anil Kumar Yerrapragada, Patrick Ormond, B. Kelley","doi":"10.1109/MILCOM47813.2019.9020882","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9020882","url":null,"abstract":"Concern for 5G security is driving interest in additional methods capable of exchanging secure information. This paper introduces a scheme for extending 5G with Physical Layer Security, an emerging Open Systems Interconnect Layer-1 security area that achieves perfect secrecy data transmission. The foundations for a Stochastic Geometry approach to Key based Physical Layer Security are established for 5G Heterogeneous Networks. This work also introduces realistic Time Division Duplex algorithms integrated with 5G-OFDM reference signals that enable the exchange of shared, private information. The resulting Physical Layer Security protocols map random secret key bits to precoders in a codebook through a Precoder Matrix Index. Analysis is presented for Key Bit Error rates under realistic stochastic geometry frameworks in MIMO Rayleigh fading, under various base station densities, interference profiles, and configurations. A Key Bit Error Rate of 1% and 3% for both 1 and 2 bit code books is achieved with a network base station density of 0.01 km−2 and 0.1 km−2respectively. The proffered Layer-1 protocols, which operate independently of existing higher layer network and transport layer security, can lead to significantly improved 5G security.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128024546","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
MARGOT: Dynamic IoT Resource Discovery for HADR Environments 针对HADR环境的动态物联网资源发现
MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM) Pub Date : 2019-11-01 DOI: 10.1109/MILCOM47813.2019.9021092
Lorenzo Campioni, Rita Lenzi, Filippo Poltronieri, Manas Pradhan, M. Tortonesi, C. Stefanelli, Niranjan Suri
{"title":"MARGOT: Dynamic IoT Resource Discovery for HADR Environments","authors":"Lorenzo Campioni, Rita Lenzi, Filippo Poltronieri, Manas Pradhan, M. Tortonesi, C. Stefanelli, Niranjan Suri","doi":"10.1109/MILCOM47813.2019.9021092","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9021092","url":null,"abstract":"Smart City services leverage sophisticated IT architectures whose assets are deployed in dynamic and heterogeneous computing and communication scenarios. Those services are particularly interesting for Humanitarian Assistance and Disaster Relief (HADR) operations in urban environments, which could improve Situation Awareness by exploiting the Smart City IT infrastructure. To this end, an enabling requirement is the discovery of the available Internet-of-Things (IoT) resources, including sensors, actuators, services, and computing resources, based on a variety of criteria, such as geographical location, proximity, type of device, type of capability, coverage, resource availability, and communication topology / quality of network links. To date, no single standard has emerged that has been widely adopted to solve the discovery challenge. Instead, a variety of different standards have been proposed and cities have either adopted one that is convenient or reinvented a new standard just for themselves. Therefore, enabling discovery across different standards and administrative domains is a fundamental requirement to enable HADR operations in Smart Cities. To address these challenges, we developed MARGOT (Multi-domain Asynchronous Gateway Of Things), a comprehensive solution for resource discovery in Smart City environments that implements a distributed and federated architecture and supports a wide range of discovery protocols.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"237 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132626092","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Are We There Yet?: Monitoring the Technical Deployment of the National Segments of the Internet 我们到了吗?:监测互联网国家部分的技术部署情况
MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM) Pub Date : 2019-11-01 DOI: 10.1109/MILCOM47813.2019.9020801
Veikko Siukonen, Mari Ristolainen, J. Nikkarila, Juha Kukkola
{"title":"Are We There Yet?: Monitoring the Technical Deployment of the National Segments of the Internet","authors":"Veikko Siukonen, Mari Ristolainen, J. Nikkarila, Juha Kukkola","doi":"10.1109/MILCOM47813.2019.9020801","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9020801","url":null,"abstract":"Global Internet governance is in turmoil. Several countries have either employed the concept of ‘sovereignty’ in their national cybersecurity strategies or even declared the aim to close or restrict their national network from the global Internet and become ‘digitally sovereign’. Russia seems to be one of the countries that is closing its ‘national segment of the Internet’ in a controlled manner and attempting something that has never been done before. By using the Russian national segment's closing process as an example, this paper develops a ‘accessibility matrix’ for monitoring the technical deployment of the national segments of the Internet.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131564076","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An Online System Dependency Graph Anomaly Detection based on Extended Weisfeiler-Lehman Kernel 基于扩展Weisfeiler-Lehman核的在线系统依赖图异常检测
MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM) Pub Date : 2019-11-01 DOI: 10.1109/MILCOM47813.2019.9020815
Y. Ben, Yanni Han, Ning Cai, W. An, Zhen Xu
{"title":"An Online System Dependency Graph Anomaly Detection based on Extended Weisfeiler-Lehman Kernel","authors":"Y. Ben, Yanni Han, Ning Cai, W. An, Zhen Xu","doi":"10.1109/MILCOM47813.2019.9020815","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9020815","url":null,"abstract":"Modern operating systems are typical multitasking systems: Running multiple tasks at the same time. Therefore, a large number of system calls belonging to different processes are invoked at the same time. By associating these invocations, one can construct the system dependency graph. In rapidly evolving system dependency graphs, how to quickly find outliers is an urgent issue for intrusion detection. Clustering analysis based on graph similarity will help solve this problem. In this paper, an extended Weisfeiler-Lehman(WL) kernel is proposed. Firstly, an embedded vector with indefinite dimensions is constructed based on the original dependency graph. Then, the vector is compressed with Simhash to generate a fingerprint. Finally, anomaly detection based on clustering is carried out according to these fingerprints. Our scheme can achieve prominent detection with high efficiency. For validation, we choose StreamSpot, a relevant prior work, to act as benchmark, and use the same data set as it to carry out evaluations. Experiments show that our scheme can achieve the highest detection precision of 98% while maintaining a perfect recall performance. Moreover, both quantitative and visual comparisons demonstrate the outperforming clustering effect of our scheme than StreamSpot.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131872768","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Adding an on Off Keying (OOK) Communications Signal to a Free Space Optical Beacon Pointing Focal Plane Array System 在自由空间光信标指向焦平面阵列系统中增加一个开关键控(OOK)通信信号
MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM) Pub Date : 2019-11-01 DOI: 10.1109/MILCOM47813.2019.9020857
Ryan C. Shoup, S. Michael, J. Glettler, P. Hopman
{"title":"Adding an on Off Keying (OOK) Communications Signal to a Free Space Optical Beacon Pointing Focal Plane Array System","authors":"Ryan C. Shoup, S. Michael, J. Glettler, P. Hopman","doi":"10.1109/MILCOM47813.2019.9020857","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9020857","url":null,"abstract":"In addition to the primary high rate communications signal, optical communications systems can include lower power beacon signals to aid in the pointing alignment between the transmitter and receiver. The beacon can be a simple always-on signal at a separate wavelength that the receiver can use for spatial tracking. The beacon signal may also be modulated at a low frequency for the purpose of discrimination between potentially multiple optical transmitting terminals. Applying data modulation to the beacon signal to form a low rate communications signal is also possible. The practical application of applying data modulation to a beacon signal along with associated system trades are discussed.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132931503","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Runtime Detection of Userspace Implants 用户空间植入的运行时检测
MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM) Pub Date : 2019-11-01 DOI: 10.1109/MILCOM47813.2019.9020783
J. Pendergrass, Nathan Hull, John Clemens, S. Helble, M. Thober, K. McGill, Machon B. Gregory, Peter Loscocco
{"title":"Runtime Detection of Userspace Implants","authors":"J. Pendergrass, Nathan Hull, John Clemens, S. Helble, M. Thober, K. McGill, Machon B. Gregory, Peter Loscocco","doi":"10.1109/MILCOM47813.2019.9020783","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9020783","url":null,"abstract":"Userspace integrity is a necessary and often-overlooked component of overall system integrity. We present the concept of userspace integrity measurement to validate the state of the system against a set of carefully chosen invariants based on the expected behavior of userspace and key behaviors of advanced malware. Userspace integrity measurement may be combined with existing filesystem and kernel integrity measurement approaches to both provide stronger guarantees that a platform is executing the expected software and that the software is in an expected state. We also introduce the Userspace Integrity Measurement (USIM) Toolkit, a preliminary set of integrity measurement tools to detect advanced malware threats, such as memory-only implants, that evade traditional defenses.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122177050","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信