-
Quantifying Cybersecurity Effectiveness of Dynamic Network Diversity
Authors:
Huashan Chen,
Hasan Cam,
Shouhuai Xu
Abstract:
The deployment of monoculture software stacks can have devastating consequences because a single attack can compromise all of the vulnerable computers in cyberspace. This one-vulnerability-affects-all phenomenon will continue until after software stacks are diversified, which is well recognized by the research community. However, existing studies mainly focused on investigating the effectiveness o…
▽ More
The deployment of monoculture software stacks can have devastating consequences because a single attack can compromise all of the vulnerable computers in cyberspace. This one-vulnerability-affects-all phenomenon will continue until after software stacks are diversified, which is well recognized by the research community. However, existing studies mainly focused on investigating the effectiveness of software diversity at the building-block level (e.g., whether two independent implementations indeed exhibit independent vulnerabilities); the effectiveness of enforcing network-wide software diversity is little understood, despite its importance in possibly hel** justify investment in software diversification. As a first step towards ultimately tackling this problem, we propose a systematic framework for modeling and quantifying the cybersecurity effectiveness of network diversity, including a suite of cybersecurity metrics. We also present an agent-based simulation to empirically demonstrate the usefulness of the framework. We draw a number of insights, including the surprising result that proactive diversity is effective under very special circumstances, but reactive-adaptive diversity is much more effective in most cases.
△ Less
Submitted 14 December, 2021;
originally announced December 2021.
-
Earthquake Prediction With Artificial Neural Network Method: The Application Of West Anatolian Fault In Turkey
Authors:
Handan Cam,
Osman Duman
Abstract:
A method that exactly knows the earthquakes beforehand and can generalize them cannot still been developed. However, earthquakes are tried to be predicted through numerous methods. One of these methods, artificial neural networks give appropriate outputs to different patterns by learning the relationship between the determined inputs and outputs. In this study, a feedforward back propagation artif…
▽ More
A method that exactly knows the earthquakes beforehand and can generalize them cannot still been developed. However, earthquakes are tried to be predicted through numerous methods. One of these methods, artificial neural networks give appropriate outputs to different patterns by learning the relationship between the determined inputs and outputs. In this study, a feedforward back propagation artificial neural network that is connected to Gutenberg-Richter relationship and that bases on b value used in earthquake predictions was developed. The artificial neural network was trained employing earthquake data belonging to four different regions which have intensive seismic activity in the west of Turkey. After the training process, the earthquake data belonging to later dates of the same regions were used for testing and the performance of the network was put forward. When the prediction results of the developed network are examined, the prediction results that the network predicts that an earthquake is not going to occur are quite high in all regions. Furthermore, the earthquake prediction results that the network predicts that an earthquake is going to occur are different to some extent for the studied regions.
△ Less
Submitted 26 May, 2019;
originally announced July 2019.
-
More or Less? Predict the Social Influence of Malicious URLs on Social Media
Authors:
Chun-Ming Lai,
Xiaoyun Wang,
Jon W. Chapman,
Yu-Cheng Lin,
Yu-Chang Ho,
S. Felix Wu,
Patrick McDaniel,
Hasan Cam
Abstract:
Users of Online Social Networks (OSNs) interact with each other more than ever. In the context of a public discussion group, people receive, read, and write comments in response to articles and postings. In the absence of access control mechanisms, OSNs are a great environment for attackers to influence others, from spreading phishing URLs, to posting fake news. Moreover, OSN user behavior can be…
▽ More
Users of Online Social Networks (OSNs) interact with each other more than ever. In the context of a public discussion group, people receive, read, and write comments in response to articles and postings. In the absence of access control mechanisms, OSNs are a great environment for attackers to influence others, from spreading phishing URLs, to posting fake news. Moreover, OSN user behavior can be predicted by social science concepts which include conformity and the bandwagon effect. In this paper, we show how social recommendation systems affect the occurrence of malicious URLs on Facebook. We exploit temporal features to build a prediction framework, having greater than 75% accuracy, to predict whether the following group users' behavior will increase or not. Included in this work, we demarcate classes of URLs, including those malicious URLs classified as creating critical damage, as well as those of a lesser nature which only inflict light damage such as aggressive commercial advertisements and spam content. It is our hope that the data and analyses in this paper provide a better understanding of OSN user reactions to different categories of malicious URLs, thereby providing a way to mitigate the influence of these malicious URL attacks.
△ Less
Submitted 7 December, 2018;
originally announced December 2018.
-
Two Can Play That Game: An Adversarial Evaluation of a Cyber-alert Inspection System
Authors:
Ankit Shah,
Arunesh Sinha,
Rajesh Ganesan,
Sushil Jajodia,
Hasan Cam
Abstract:
Cyber-security is an important societal concern. Cyber-attacks have increased in numbers as well as in the extent of damage caused in every attack. Large organizations operate a Cyber Security Operation Center (CSOC), which form the first line of cyber-defense. The inspection of cyber-alerts is a critical part of CSOC operations. A recent work, in collaboration with Army Research Lab, USA proposed…
▽ More
Cyber-security is an important societal concern. Cyber-attacks have increased in numbers as well as in the extent of damage caused in every attack. Large organizations operate a Cyber Security Operation Center (CSOC), which form the first line of cyber-defense. The inspection of cyber-alerts is a critical part of CSOC operations. A recent work, in collaboration with Army Research Lab, USA proposed a reinforcement learning (RL) based approach to prevent the cyber-alert queue length from growing large and overwhelming the defender. Given the potential deployment of this approach to CSOCs run by US defense agencies, we perform a red team (adversarial) evaluation of this approach. Further, with the recent attacks on learning systems, it is even more important to test the limits of this RL approach. Towards that end, we learn an adversarial alert generation policy that is a best response to the defender inspection policy. Surprisingly, we find the defender policy to be quite robust to the best response of the attacker. In order to explain this observation, we extend the earlier RL model to a game model and show that there exists defender policies that can be robust against any adversarial policy. We also derive a competitive baseline from the game theory model and compare it to the RL approach. However, we go further to exploit assumptions made in the MDP in the RL model and discover an attacker policy that overwhelms the defender. We use a double oracle approach to retrain the defender with episodes from this discovered attacker policy. This made the defender robust to the discovered attacker policy and no further harmful attacker policies were discovered. Overall, the adversarial RL and double oracle approach in RL are general techniques that are applicable to other RL usage in adversarial environments.
△ Less
Submitted 13 October, 2018;
originally announced October 2018.
-
Attacking Strategies and Temporal Analysis Involving Facebook Discussion Groups
Authors:
Chun-Ming Lai,
Xiaoyun Wang,
Yunfeng Hong,
Yu-Cheng Lin,
S. Felix Wu,
Patrick McDaniel,
Hasan Cam
Abstract:
Online social network (OSN) discussion groups are exerting significant effects on political dialogue. In the absence of access control mechanisms, any user can contribute to any OSN thread. Individuals can exploit this characteristic to execute targeted attacks, which increases the potential for subsequent malicious behaviors such as phishing and malware distribution. These kinds of actions will a…
▽ More
Online social network (OSN) discussion groups are exerting significant effects on political dialogue. In the absence of access control mechanisms, any user can contribute to any OSN thread. Individuals can exploit this characteristic to execute targeted attacks, which increases the potential for subsequent malicious behaviors such as phishing and malware distribution. These kinds of actions will also disrupt bridges among the media, politicians, and their constituencies.
For the concern of Security Management, blending malicious cyberattacks with online social interactions has introduced a brand new challenge. In this paper we describe our proposal for a novel approach to studying and understanding the strategies that attackers use to spread malicious URLs across Facebook discussion groups. We define and analyze problems tied to predicting the potential for attacks focused on threads created by news media organizations. We use a mix of macro static features and the micro dynamic evolution of posts and threads to identify likely targets with greater than 90% accuracy. One of our secondary goals is to make such predictions within a short (10 minute) time frame. It is our hope that the data and analyses presented in this paper will support a better understanding of attacker strategies and footprints, thereby develo** new system management methodologies in handing cyber attacks on social networks.
△ Less
Submitted 13 February, 2018;
originally announced February 2018.
-
Biexciton as a Feshbach resonance and Bose-Einstein condensation of paraexcitons in Cu$_{2}$O
Authors:
Hoang Ngoc Cam
Abstract:
Paraexcitons, the lowest energy exciton states in Cu$_{2}$O, have been considered a good system for realizing exciton Bose-Einstein condensation (BEC). The fact that their BEC has not been attained so far is attributed to a collision-induced loss, whose nature remains unclear. To understand collisional properties of cold paraexcitons governing their BEC, we perform here a microscopic consideration…
▽ More
Paraexcitons, the lowest energy exciton states in Cu$_{2}$O, have been considered a good system for realizing exciton Bose-Einstein condensation (BEC). The fact that their BEC has not been attained so far is attributed to a collision-induced loss, whose nature remains unclear. To understand collisional properties of cold paraexcitons governing their BEC, we perform here a microscopic consideration of the s-wave paraexciton-paraexciton scattering. We show its two-channel character with incoming paraexcitons coupled to a biexciton, which is a Feshbach resonance producing a paraexciton loss and a diminution of their background scattering length. The former elucidates the mechanism of the long-observed paraexciton loss, which turns out to be inefficient at temperatures near one Kelvin and below, whereas the latter makes the paraexciton scattering length in strain-induced traps negative under stress exceeding a critical value. Our rough estimates give this value of order of one kilobar, hence already moderate stress creates a serious obstacle to attaining a stable paraexciton BEC. Thus our results indicate that BEC of trapped paraexcitons might be achieved at a subkelvin temperature, but only under low stress.
△ Less
Submitted 1 February, 2018;
originally announced February 2018.