发布求助
文献互助 智能选刊 最新文献

2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS)最新文献

筛选
英文 中文
Multi agent systems on military networks 军事网络中的多代理系统
2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS) Pub Date : 2011-04-11 DOI: 10.1109/CICYBS.2011.5949411
David L. Hancock, G. Lamont
{"title":"Multi agent systems on military networks","authors":"David L. Hancock, G. Lamont","doi":"10.1109/CICYBS.2011.5949411","DOIUrl":"https://doi.org/10.1109/CICYBS.2011.5949411","url":null,"abstract":"Trends in computing and networking, in terms of physical capability, attack surface, and attacker sophistication, call for automated, fault-tolerant response systems. Military networks present such environments with unique authorities, critical systems, and threats. Within such environments, multi agent systems may make special contributions regarding recognisance and attack scenarios. We survey three multi agent systems designed for cyber operations, with particular emphasis on our classifier for flow-based attacks, which demonstrates the effectiveness of reputation for distributing classifying agents effectively.","PeriodicalId":436263,"journal":{"name":"2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS)","volume":"88 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126429746","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Modeling Cyber Knowledge uncertainty 网络知识不确定性建模
2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS) Pub Date : 2011-04-11 DOI: 10.1109/CICYBS.2011.5949390
Dean Lee, S. Hamilton, W. L. Hamilton
{"title":"Modeling Cyber Knowledge uncertainty","authors":"Dean Lee, S. Hamilton, W. L. Hamilton","doi":"10.1109/CICYBS.2011.5949390","DOIUrl":"https://doi.org/10.1109/CICYBS.2011.5949390","url":null,"abstract":"Sensor data can be used to provide a snapshot of the state of a mission critical network. However, sensor data and the conclusions derived from it (Cyber Knowledge) will often contain conflicting values for a given conclusion. In this paper we present a new method for representing and combining cyber knowledge that maintains accuracy even in the face of multiple conflicting inputs.","PeriodicalId":436263,"journal":{"name":"2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122265132","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
An approach to the automated determination of host information value 一种自动确定主机信息值的方法
2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS) Pub Date : 2011-04-11 DOI: 10.1109/CICYBS.2011.5949398
Justin M. Beaver, R. Patton, T. Potok
{"title":"An approach to the automated determination of host information value","authors":"Justin M. Beaver, R. Patton, T. Potok","doi":"10.1109/CICYBS.2011.5949398","DOIUrl":"https://doi.org/10.1109/CICYBS.2011.5949398","url":null,"abstract":"Enterprise networks are comprised of thousands of interconnected computer hosts, each of which is capable of creating, removing, and exchanging data according to the needs of their users. Thus, the distribution of high-value, sensitive, and proprietary information across enterprise networks is poorly managed and understood. A significant technology gap in information security is the inability to automatically quantify the value of the information contained on each host in a network. Such insight would allow an enterprise to scale its defenses, react intelligently to an intrusion, manage its configuration audits, and understand the leak potential in the event that a host is compromised. This paper outlines a novel approach to the automated determination of the value of the information contained on a host computer. It involves the classification of each text document on the host machine using the frequency of the document's terms and phrases. A host information value is computed using an enterprise-defined weighting schema and applying it to a host's document distribution. The method is adaptable to specific organizational information needs, requires manual intervention only during schema creation, and is repeatable and consistent regardless of changes in information on the host machines.","PeriodicalId":436263,"journal":{"name":"2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123945597","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Profiling file repository access patterns for identifying data exfiltration activities 分析文件存储库访问模式,以识别数据泄露活动
2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS) Pub Date : 2011-04-11 DOI: 10.1109/CICYBS.2011.5949404
Y. Hu, Charles E. Frank, J. Walden, E. Crawford, D. Kasturiratna
{"title":"Profiling file repository access patterns for identifying data exfiltration activities","authors":"Y. Hu, Charles E. Frank, J. Walden, E. Crawford, D. Kasturiratna","doi":"10.1109/CICYBS.2011.5949404","DOIUrl":"https://doi.org/10.1109/CICYBS.2011.5949404","url":null,"abstract":"Studies show that a significant number of employees steal data when changing jobs. Insider attackers who have the authorization to access the best-kept secrets of organizations pose a great challenge for organizational security. Although increasing efforts have been spent on identifying insider attacks, little research concentrates on detecting data exfiltration activities. This paper proposes a model for identifying data exfiltration activities by insiders. It uses statistical methods to profile legitimate uses of file repositories by authorized users. By analyzing legitimate file repository access logs, user access profiles are created and can be employed to detect a large set of data exfiltration activities. The effectiveness of the proposed model was tested with file access histories from the subversion logs of the popular open source project KDE.","PeriodicalId":436263,"journal":{"name":"2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122987046","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Security fusion based on state machine compositions 基于状态机组合的安全融合
2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS) Pub Date : 2011-04-11 DOI: 10.1109/CICYBS.2011.5949402
Omar Al-Ibrahim, S. Nair
{"title":"Security fusion based on state machine compositions","authors":"Omar Al-Ibrahim, S. Nair","doi":"10.1109/CICYBS.2011.5949402","DOIUrl":"https://doi.org/10.1109/CICYBS.2011.5949402","url":null,"abstract":"Security fusion is a new paradigm in security for resource-constrained environments [20]. Following this paradigm, strong system-level security is achieved by combining weak primitives from multiple nodes. In this paper, we describe a fusion methodology based on state machine compositions. From the properties of compositions, we devise a challenge-response system that composes low-entropy state machines at individual nodes into one with higher entropy. We use built-in digital logic such as Physical Unclonable Functions (PUFs) to efficiently mass generate and distribute keys. In addition, we draw on the properties of compositions to reduce the key storage complexity at the infrastructure-level, with high coverage and early detectability at the system-level.","PeriodicalId":436263,"journal":{"name":"2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS)","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132671177","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
A host based DES approach for detecting ARP spoofing 用于检测ARP欺骗的基于主机的DES方法
2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS) Pub Date : 2011-04-11 DOI: 10.1109/CICYBS.2011.5949401
F. Barbhuiya, S. Biswas, N. Hubballi, Sukumar Nandi
{"title":"A host based DES approach for detecting ARP spoofing","authors":"F. Barbhuiya, S. Biswas, N. Hubballi, Sukumar Nandi","doi":"10.1109/CICYBS.2011.5949401","DOIUrl":"https://doi.org/10.1109/CICYBS.2011.5949401","url":null,"abstract":"Address Resolution Protocol (ARP) based attacks are caused by compromised hosts in the LAN and mainly involve spoofing with falsified IP-MAC pairs. Since ARP is a stateless protocol such attacks are possible. Neither there are signatures available for these attacks nor any significant statistical behavior change can be observed. So existing signature or anomaly intrusion detection systems are unable to detect these type of attacks. Several schemes have been proposed in the literature to circumvent these attacks, however, these techniques either make IP-MAC pairing static, modify the existing ARP, violate network layering architecture etc. In this paper a host based Discrete Event System (DES) approach is proposed for detecting ARP spoofing attacks. This approach does not require any extra constraint like static IP-MAC, changing the ARP or violation of network layering architecture.","PeriodicalId":436263,"journal":{"name":"2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS)","volume":"2 10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124196305","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 28
Wireless security situation awareness with attack identification decision support 具有攻击识别决策支持的无线安全态势感知
2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS) Pub Date : 2011-04-11 DOI: 10.1109/CICYBS.2011.5949399
Paul K. Harmer, Ryan W. Thomas, B. Christel, Richard K. Martin, Clifton Watson
{"title":"Wireless security situation awareness with attack identification decision support","authors":"Paul K. Harmer, Ryan W. Thomas, B. Christel, Richard K. Martin, Clifton Watson","doi":"10.1109/CICYBS.2011.5949399","DOIUrl":"https://doi.org/10.1109/CICYBS.2011.5949399","url":null,"abstract":"Wireless networks are a common point of entry for computer network attacks. Due to high traffic volumes, network mission assurance requires tools that can usefully display network traffic data, automatically detect, and identify attacks to provide increased situational awareness to a network administrator. Many metrics used to analyze wireless network traffic and security depend on full access to all nodes. This is impractical in fielded networks. To address these issues, we propose a new set of metrics based on wireless network packet interarrival times. These metrics are displayed in a novel way to provide administrators with a mechanism for identifying possible attacks and their impact on the network. The performance of this visualizer is validated by the use of a linear classifier system, which shows that the chosen metrics can be used to accurately identify attacks. We further argue that the classifier could be used in conjunction with the visualizer as an effective decision support system to aid in maintaining mission assurance.","PeriodicalId":436263,"journal":{"name":"2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131793271","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Exploring the state space of an application protocol: A case study of SMTP 探索应用协议的状态空间:以SMTP为例
2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS) Pub Date : 2011-04-11 DOI: 10.1109/CICYBS.2011.5949387
P. LaRoche, A. N. Zincir-Heywood, M. Heywood
{"title":"Exploring the state space of an application protocol: A case study of SMTP","authors":"P. LaRoche, A. N. Zincir-Heywood, M. Heywood","doi":"10.1109/CICYBS.2011.5949387","DOIUrl":"https://doi.org/10.1109/CICYBS.2011.5949387","url":null,"abstract":"In this work, we explore the state space of a network application protocol by employing genetic programming techniques. To this end, we target Simple Mail Transfer Protocol (SMTP), which is a well-known and open protocol on the Internet. In order to achieve our goal, we aim to evolve the payload such that solution individuals result in an email being sent successfully through the targeted server. The proposed system implements an archive paradigm where, upon completion of the evolutionary process, a collection (archive) of solutions are presented. Specifically, they can all achieve the goal, but each does so in a unique manner. This collection allows us to examine the state space of the application protocol, giving us the ability to verify that these variations are either intended by the protocol, or should be addressed for security reasons.","PeriodicalId":436263,"journal":{"name":"2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS)","volume":"11 5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130225081","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Location privacy protection on social networks 社交网络中的位置隐私保护
2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS) Pub Date : 2011-03-29 DOI: 10.1109/CICYBS.2011.5949410
J. Zhan, Xing Fang, Naveen Bandaru
{"title":"Location privacy protection on social networks","authors":"J. Zhan, Xing Fang, Naveen Bandaru","doi":"10.1109/CICYBS.2011.5949410","DOIUrl":"https://doi.org/10.1109/CICYBS.2011.5949410","url":null,"abstract":"Location information is considered as private in many scenarios. Location information protection on social networks has not been paid much attention. In this paper, we extend our previous proposed location privacy protection approach on the basis of user messages in social networks. Our approach grants flexibility to users by offering them multiple protecting options. The extension includes performance evaluation towards our approach.","PeriodicalId":436263,"journal":{"name":"2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-03-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125937011","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Symposium on Computational Intelligence in Cyber Security (IEEE CICS 2011) 网络安全计算智能研讨会(IEEE CICS 2011)
2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS) Pub Date : 1900-01-01 DOI: 10.1109/cicybs.2011.5949418
Justin Zhan, Marco Carvalho, Gerry V. Dozier, Murat Kantarcioglu, G. B. Lamont, Usa C Veni Madhavan, Andrzej Rucinski, Frederick Sheldon, Mario Strasser, Eth Zürich, Shamik Switzerland, Sural, Alexander Tarakanov, St Petersburg, Qishi Wu, Nan Zhang
{"title":"Symposium on Computational Intelligence in Cyber Security (IEEE CICS 2011)","authors":"Justin Zhan, Marco Carvalho, Gerry V. Dozier, Murat Kantarcioglu, G. B. Lamont, Usa C Veni Madhavan, Andrzej Rucinski, Frederick Sheldon, Mario Strasser, Eth Zürich, Shamik Switzerland, Sural, Alexander Tarakanov, St Petersburg, Qishi Wu, Nan Zhang","doi":"10.1109/cicybs.2011.5949418","DOIUrl":"https://doi.org/10.1109/cicybs.2011.5949418","url":null,"abstract":"Computational Intelligence constitutes an umbrella of techniques, has proven to be flexible in decision making in dynamic environment. These techniques typically include Fuzzy Logic, Evolutionary Computation, Intelligent Agent Systems, Neural Networks, Cellular Automata, Artificial Immune Systems and other similar computational models. The use of these techniques allowed building efficient online monitoring tools and robust decision support modules, providing cross-linking solutions to different cyber security applications.","PeriodicalId":436263,"journal":{"name":"2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134333958","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信