发布求助
文献互助 智能选刊 最新文献

2017 IEEE International Conference on Intelligence and Security Informatics (ISI)最新文献

筛选
英文 中文
Hacking social network data mining 破解社交网络数据挖掘
2017 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2017-07-22 DOI: 10.1109/ISI.2017.8004874
Y. Alufaisan, Yan Zhou, Murat Kantarcioglu, B. Thuraisingham
{"title":"Hacking social network data mining","authors":"Y. Alufaisan, Yan Zhou, Murat Kantarcioglu, B. Thuraisingham","doi":"10.1109/ISI.2017.8004874","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004874","url":null,"abstract":"Over the years social network data has been mined to predict individuals' traits such as intelligence and sexual orientation. While mining social network data can provide many beneficial services to the user such as personalized experiences, it can also harm the user when used in making critical decisions such as employment. In this work, we investigate the reliability of applying data mining techniques on social network data to predict various individual traits. In spite of the preliminary success of such data mining applications, in this paper, we demonstrate the vulnerabilities of existing state of the art social network data mining techniques when they are facing malicious attacks. Our results indicate that making critical decisions, such as employment or credit approval, based solely on social network data mining results is still premature at this stage. Specifically, we explore Facebook likes data for predicting the traits of a Facebook user, including their political views and sexual orientation. We perform several types of malicious attacks on the predictive models to measure and understand their potential vulnerabilities. We find that existing predictive models built on social network data can be easily manipulated and suggest some countermeasures to prevent some of the proposed attacks.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"53 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126636296","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Identifying vulnerabilities of consumer Internet of Things (IoT) devices: A scalable approach 识别消费者物联网(IoT)设备的漏洞:可扩展的方法
2017 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2017-07-22 DOI: 10.1109/ISI.2017.8004904
Richard Ryan Williams, Emma McMahon, S. Samtani, Mark W. Patton, Hsinchun Chen
{"title":"Identifying vulnerabilities of consumer Internet of Things (IoT) devices: A scalable approach","authors":"Richard Ryan Williams, Emma McMahon, S. Samtani, Mark W. Patton, Hsinchun Chen","doi":"10.1109/ISI.2017.8004904","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004904","url":null,"abstract":"The Internet of Things becomes more defined year after year. Companies are looking for novel ways to implement various smart capabilities into their products that increase interaction between users and other network devices. While many smart devices offer greater convenience and value, they also present new security vulnerabilities that can have a detrimental effect on consumer privacy. Given the societal impact of IoT device vulnerabilities, this study aims to perform a large-scale vulnerability assessment of consumer IoT devices exposed on the Internet. Specifically, Shodan is used to collect a large testbed of consumer IoT devices which are then passed through Nessus to determine whether potential vulnerabilities exist. Results of this study indicate that a significant number of consumer IoT devices are vulnerable to exploits that can compromise user information and privacy.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125800883","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 79
Identifying mobile malware and key threat actors in online hacker forums for proactive cyber threat intelligence 在在线黑客论坛中识别移动恶意软件和主要威胁参与者,以获得主动网络威胁情报
2017 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2017-07-22 DOI: 10.1109/ISI.2017.8004867
J. Grisham, S. Samtani, Mark W. Patton, Hsinchun Chen
{"title":"Identifying mobile malware and key threat actors in online hacker forums for proactive cyber threat intelligence","authors":"J. Grisham, S. Samtani, Mark W. Patton, Hsinchun Chen","doi":"10.1109/ISI.2017.8004867","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004867","url":null,"abstract":"Cyber-attacks are constantly increasing and can prove difficult to mitigate, even with proper cybersecurity controls. Currently, cyber threat intelligence (CTI) efforts focus on internal threat feeds such as antivirus and system logs. While this approach is valuable, it is reactive in nature as it relies on activity which has already occurred. CTI experts have argued that an actionable CTI program should also provide external, open information relevant to the organization. By finding information about malicious hackers prior to an attack, organizations can provide enhanced CTI and better protect their infrastructure. Hacker forums can provide a rich data source in this regard. This research aims to proactively identify mobile malware and associated key authors. Specifically, we use a state-of-the-art neural network architecture, recurrent neural networks, to identify mobile malware attachments followed by social network analysis techniques to determine key hackers disseminating the mobile malware. Results of this study indicate that many identified attachments are zipped Android apps made by threat actors holding administrative positions in hacker forums. Our identified mobile malware attachments are consistent with some of the emerging mobile malware concerns as highlighted by industry leaders.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125822027","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 37
A user-centric machine learning framework for cyber security operations center 面向网络安全运营中心的以用户为中心的机器学习框架
2017 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2017-07-22 DOI: 10.1109/ISI.2017.8004902
Charles Feng, Shuning Wu, Ningwei Liu
{"title":"A user-centric machine learning framework for cyber security operations center","authors":"Charles Feng, Shuning Wu, Ningwei Liu","doi":"10.1109/ISI.2017.8004902","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004902","url":null,"abstract":"To assure cyber security of an enterprise, typically SIEM (Security Information and Event Management) system is in place to normalize security events from different preventive technologies and flag alerts. Analysts in the security operation center (SOC) investigate the alerts to decide if it is truly malicious or not. However, generally the number of alerts is overwhelming with majority of them being false positive and exceeding the SOC's capacity to handle all alerts. Because of this, potential malicious attacks and compromised hosts may be missed. Machine learning is a viable approach to reduce the false positive rate and improve the productivity of SOC analysts. In this paper, we develop a user-centric machine learning framework for the cyber security operation center in real enterprise environment. We discuss the typical data sources in SOC, their work flow, and how to leverage and process these data sets to build an effective machine learning system. The paper is targeted towards two groups of readers. The first group is data scientists or machine learning researchers who do not have cyber security domain knowledge but want to build machine learning systems for security operations center. The second group of audiences are those cyber security practitioners who have deep knowledge and expertise in cyber security, but do not have machine learning experiences and wish to build one by themselves. Throughout the paper, we use the system we built in the Symantec SOC production environment as an example to demonstrate the complete steps from data collection, label creation, feature engineering, machine learning algorithm selection, model performance evaluations, to risk score generation.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130243698","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 51
Hierarchical network threat situation assessment method for DDoS based on D-S evidence theory 基于D-S证据理论的DDoS分层网络威胁态势评估方法
2017 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2017-07-22 DOI: 10.1109/ISI.2017.8004873
Liu Zihao, Zhang Bin, Zhuo Ning, Li Lixun
{"title":"Hierarchical network threat situation assessment method for DDoS based on D-S evidence theory","authors":"Liu Zihao, Zhang Bin, Zhuo Ning, Li Lixun","doi":"10.1109/ISI.2017.8004873","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004873","url":null,"abstract":"In order to effectively evaluate the impact on network situation under DDoS attacks, this paper proposes a hierarchical network threat situation assessment method based on D-S evidence theory for DDoS. It is divided into the basic data acquisition layer, the metric indexes extraction layer, the device threat assessment layer and the threat situation assessment layer. Firstly, we calculate indexes that represent degrees of host resources consumption and qualities of network from the basic running data. Next, the D-S evidence theory is used to fuse above indexes, which assesses impact on the network of each device caused by DDoS attacks. Then, on the basis of service importance principle, we calculate the weight value of each device in the network. Furthermore, the threat situation value is obtained through weighted algorithm. Finally, experimental results show that the proposed method can vividly reflect the impact of DDoS attacks on the network security threat situation. Keywords-component; DDoS attack; hierarchical; threat situation assessment; D-S theory; service importance principle","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129784911","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
A novel approach for analysis of attack graph 一种新的攻击图分析方法
2017 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2017-07-22 DOI: 10.1109/ISI.2017.8004866
M. Yousefi, Nhamo Mtetwa, Yan Zhang, H. Tianfield
{"title":"A novel approach for analysis of attack graph","authors":"M. Yousefi, Nhamo Mtetwa, Yan Zhang, H. Tianfield","doi":"10.1109/ISI.2017.8004866","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004866","url":null,"abstract":"Attack graph technique is a common tool for the evaluation of network security. However, attack graphs are generally too large and complex to be understood and interpreted by security administrators. This paper proposes an analysis framework for security attack graphs for a given IT infrastructure system. First, in order to facilitate the discovery of interconnectivities among vulnerabilities in a network, multi-host multi-stage vulnerability analysis (MulVAL) is employed to generate an attack graph for a given network topology. Then a novel algorithm is applied to refine the attack graph and generate a simplified graph called a transition graph. Next, a Markov model is used to project the future security posture of the system. Finally, the framework is evaluated by applying it on a typical IT network scenario with specific services, network configurations, and vulnerabilities.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126012624","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Information sharing & cyber threats 信息共享和网络威胁
2017 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2017-07-22 DOI: 10.1109/ISI.2017.8004880
Sonya H. Y. Hsu, S. Dick
{"title":"Information sharing & cyber threats","authors":"Sonya H. Y. Hsu, S. Dick","doi":"10.1109/ISI.2017.8004880","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004880","url":null,"abstract":"This manuscript intends to explore the application of a specific secure data environment within different prototypes of information sharing. It focuses on data management with confidence and agility for the exchange of information. Through discussion and examples, the paper explores the landscape surrounding sensitive data sets. In particular, the paper looks at the application of data sharing related to the Federal Statistical Research Data Centers (FSRDC). It outlines the security required for these facilities and the motivations it takes to create them. FSRDC creates a federal/private partnership to improve the quality of the data collection and output visualization. There is a necessary balance between the creation/protection of big data and the accessibility to utilize the assets created.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133510669","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Modeling online collective emotions through knowledge transfer 基于知识转移的网络集体情感建模
2017 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2017-07-01 DOI: 10.1109/ISI.2017.8004909
Saike He, Xiaolong Zheng, D. Zeng
{"title":"Modeling online collective emotions through knowledge transfer","authors":"Saike He, Xiaolong Zheng, D. Zeng","doi":"10.1109/ISI.2017.8004909","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004909","url":null,"abstract":"Online emotion diffusion is a compound process that involves interactions with multiple modalities. For instance, different behaviors influence the velocity and scale of emotion diffusion in online communities. Depicting and predicting massive online emotions helps to guide the trend of emotion evolution, thus avoiding unprecedented damages in crises. However, most existing work tries to depict and predict online emotions based on models not considering related modalities. There still lacks an efficient modeling framework that promotes performance by leveraging multi-modality knowledge, and quantifies the interactions among different modalities. In this paper, we elaborate a computational model to jointly depict online emotions and behaviors. By introducing a common structure, we can quantify how user emotions interact with the corresponding behaviors. To scale up to large dataset, we propose a hierarchical optimization algorithm to accelerate the convergence of the model. Evaluation on Sina Weibo dataset suggests that prediction error rate is lowered by 69 percent with the proposed model. In addition, the proposed model helps to explain how user emotions influence consequent behaviors in extreme situations.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115101737","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Large scale port scanning through tor using parallel Nmap scans to scan large portions of the IPv4 range 大规模端口扫描通过使用并行Nmap扫描扫描IPv4范围的大部分
2017 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2017-07-01 DOI: 10.1109/ISI.2017.8004906
Rodney R. Rohrmann, Vincent J. Ercolani, Mark W. Patton
{"title":"Large scale port scanning through tor using parallel Nmap scans to scan large portions of the IPv4 range","authors":"Rodney R. Rohrmann, Vincent J. Ercolani, Mark W. Patton","doi":"10.1109/ISI.2017.8004906","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004906","url":null,"abstract":"Performing port scans through Tor is a way to hide the source's IP address from the target. Researchers hoping to source their own scans benefit from a means of scanning that helps them to anonymize themselves from targets that may potentially retaliate as the result of being scanned. Though effective in providing anonymization during scanning, it is not scalable to the point of scanning the entire IPv4 Address space on multiple ports, as scans take considerably longer to execute through Tor. This paper specifically explores using a third-party data source to target specific areas of interest in the IPv4 range and then scanning those areas anonymously with parallelized scanners as an effective way to anonymously collect internet scan data. The results demonstrate the feasibility of this approach.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"194 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131923017","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Online event detection and tracking in social media based on neural similarity metric learning 基于神经相似性度量学习的社交媒体在线事件检测与跟踪
2017 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2017-07-01 DOI: 10.1109/ISI.2017.8004905
Guandan Chen, Qingchao Kong, W. Mao
{"title":"Online event detection and tracking in social media based on neural similarity metric learning","authors":"Guandan Chen, Qingchao Kong, W. Mao","doi":"10.1109/ISI.2017.8004905","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004905","url":null,"abstract":"The ever-growing number of users makes social media a valuable information source about recent events. Event detection and tracking plays an important role in decision-making and public management. Despite recent progress, the performance of event detection and tracking is still limited. The majority of existing work lacks an effective way to judge whether a text related to a certain event, due to the limitations of semantic representation and heuristic similarity metric. In this paper, we present an online event detection and tracking method based on similarity metric learning using neural network. Our method first trains a classification model to identify event related texts. To detect and track events, we adopt a clustering-based approach. Specifically, we use neural network to jointly learn a similarity metric and low dimension representation of events, and then use a memory module to store and update event representation. Experiments on Twitter dataset show the effectiveness of our proposed method.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126552417","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信