-
A Gravitational Waveform Model for Detecting Accelerating Inspiraling Binaries
Authors:
Malcolm Lazarow,
Nathaniel Leslie,
Liang Dai
Abstract:
We present an analytic frequency-domain gravitational waveform model for an inspiraling binary whose center-of-mass undergoes a small acceleration, assumed to be constant during the detection, such as when it orbits a distant tertiary mass. The center-of-mass acceleration along the line of sight is incorporated as a new parameter that perturbs the standard TaylorF2 model. We calculate the wave pha…
▽ More
We present an analytic frequency-domain gravitational waveform model for an inspiraling binary whose center-of-mass undergoes a small acceleration, assumed to be constant during the detection, such as when it orbits a distant tertiary mass. The center-of-mass acceleration along the line of sight is incorporated as a new parameter that perturbs the standard TaylorF2 model. We calculate the wave phase to 3rd post-Newtonian order and first order in the acceleration. It is shown that acceleration most significantly modifies the wave phase in the low frequency portion of the signal, so ground-based detectors with a good sensitivity at low frequencies are the most effective at detecting this effect. We present a Fisher information calculation to quantify the detectability of this effect at advanced LIGO A Plus, Cosmic Explorer, and Einstein Telescope over the mass range of neutron stars and stellar-mass black holes, and discuss degeneracy between acceleration and other parameters. We also determine the parameter space where the acceleration is large enough that the wave phase model would have to be extended to nonlinear orders in the acceleration.
△ Less
Submitted 26 March, 2024; v1 submitted 8 January, 2024;
originally announced January 2024.
-
Optimal Decoy Resource Allocation for Proactive Defense in Probabilistic Attack Graphs
Authors:
Haoxiang Ma,
Shuo Han,
Nandi Leslie,
Charles Kamhoua,
Jie Fu
Abstract:
This paper investigates the problem of synthesizing proactive defense systems in which the defender can allocate deceptive targets and modify the cost of actions for the attacker who aims to compromise security assets in this system. We model the interaction of the attacker and the system using a formal security model -- a probabilistic attack graph. By allocating fake targets/decoys, the defender…
▽ More
This paper investigates the problem of synthesizing proactive defense systems in which the defender can allocate deceptive targets and modify the cost of actions for the attacker who aims to compromise security assets in this system. We model the interaction of the attacker and the system using a formal security model -- a probabilistic attack graph. By allocating fake targets/decoys, the defender aims to distract the attacker from compromising true targets. By increasing the cost of some attack actions, the defender aims to discourage the attacker from committing to certain policies and thereby improve the defense. To optimize the defense given limited decoy resources and operational constraints, we formulate the synthesis problem as a bi-level optimization problem, while the defender designs the system, in anticipation of the attacker's best response given that the attacker has disinformation about the system due to the use of deception. Though the general formulation with bi-level optimization is NP-hard, we show that under certain assumptions, the problem can be transformed into a constrained optimization problem. We proposed an algorithm to approximately solve this constrained optimization problem using a novel incentive-design method for projected gradient ascent. We demonstrate the effectiveness of the proposed method using extensive numerical experiments.
△ Less
Submitted 3 January, 2023;
originally announced January 2023.
-
Synthesizing Attack-Aware Control and Active Sensing Strategies under Reactive Sensor Attacks
Authors:
Sumukha Udupa,
Abhishek N. Kulkarni,
Shuo Han,
Nandi O. Leslie,
Charles A. Kamhoua,
Jie Fu
Abstract:
We consider the probabilistic planning problem for a defender (P1) who can jointly query the sensors and take control actions to reach a set of goal states while being aware of possible sensor attacks by an adversary (P2) who has perfect observations. To synthesize a provably-correct, attack-aware joint control and active sensing strategy for P1, we construct a stochastic game on graph with augmen…
▽ More
We consider the probabilistic planning problem for a defender (P1) who can jointly query the sensors and take control actions to reach a set of goal states while being aware of possible sensor attacks by an adversary (P2) who has perfect observations. To synthesize a provably-correct, attack-aware joint control and active sensing strategy for P1, we construct a stochastic game on graph with augmented states that include the actual game state (known only to the attacker), the belief of the defender about the game state (constructed by the attacker based on his knowledge of defender's observations). We present an algorithm to compute a belief-based, randomized strategy for P1 to ensure satisfying the reachability objective with probability one, under the worst-case sensor attack carried out by an informed P2. We prove the correctness of the algorithm and illustrate using an example.
△ Less
Submitted 29 November, 2022; v1 submitted 28 March, 2022;
originally announced April 2022.
-
Mode-by-mode Relative Binning: Fast Likelihood Estimation for Gravitational Waveforms with Spin-Orbit Precession and Multiple Harmonics
Authors:
Nathaniel Leslie,
Liang Dai,
Geraint Pratten
Abstract:
Faster likelihood evaluation enhances the efficiency of gravitational wave signal analysis. We present Mode-by-mode Relative Binning (MRB), a new method designed for obtaining fast and accurate likelihoods for advanced waveform models that include spin-orbit precession effects and multiple radiation harmonics from compact binary coalescence. Leveraging the "twisting-up" procedure of constructing p…
▽ More
Faster likelihood evaluation enhances the efficiency of gravitational wave signal analysis. We present Mode-by-mode Relative Binning (MRB), a new method designed for obtaining fast and accurate likelihoods for advanced waveform models that include spin-orbit precession effects and multiple radiation harmonics from compact binary coalescence. Leveraging the "twisting-up" procedure of constructing precessing waveform modes from non-precessing ones, the new method mitigates degrade of relative binning accuracy due to interference from superimposed modes. Additionally, we supplement algorithms for optimizing the choice of frequency bins specific to any given strain signal under analysis. Using the new method, we are able to evaluate the likelihood with up to an order of magnitude reduction in the number of waveform model calls per frequency compared to the previously used relative binning scheme, and achieve better likelihood accuracy than is sufficient for obtaining source parameter posterior distributions that are indistinguishable from the exact ones.
△ Less
Submitted 2 December, 2021; v1 submitted 20 September, 2021;
originally announced September 2021.
-
Qualitative Planning in Imperfect Information Games with Active Sensing and Reactive Sensor Attacks: Cost of Unawareness
Authors:
Abhishek N. Kulkarni,
Shuo Han,
Nandi O. Leslie,
Charles A. Kamhoua,
Jie Fu
Abstract:
We consider the probabilistic planning problem where the agent (called Player 1, or P1) can jointly plan the control actions and sensor queries in a sensor network and an attacker (called player 2, or P2) can carry out attacks on the sensors. We model such an adversarial interaction using a formal model -- a reachability game with partially controllable observation functions. The main contribution…
▽ More
We consider the probabilistic planning problem where the agent (called Player 1, or P1) can jointly plan the control actions and sensor queries in a sensor network and an attacker (called player 2, or P2) can carry out attacks on the sensors. We model such an adversarial interaction using a formal model -- a reachability game with partially controllable observation functions. The main contribution of this paper is to assess the cost of P1's unawareness: Suppose P1 misinterprets the sensor failures as probabilistic node failures due to unreliable network communication, and P2 is aware of P1's misinterpretation in addition to her partial observability. Then, from which states can P2 carry out sensor attacks to ensure, with probability one, that P1 will not be able to complete her reachability task even though, due to misinterpretation, P1 believes that she can almost-surely achieve her task. We develop an algorithm to solve the almost-sure winning sensor-attack strategy given P1's observation-based strategy. Our attack analysis could be used for attack detection in wireless communication networks and the design of provably secured attack-aware sensor allocation in decision-theoretic models for cyber-physical systems.
△ Less
Submitted 2 May, 2021; v1 submitted 31 March, 2021;
originally announced April 2021.
-
Pareto GAN: Extending the Representational Power of GANs to Heavy-Tailed Distributions
Authors:
Todd Huster,
Jeremy E. J. Cohen,
Zinan Lin,
Kevin Chan,
Charles Kamhoua,
Nandi Leslie,
Cho-Yu Jason Chiang,
Vyas Sekar
Abstract:
Generative adversarial networks (GANs) are often billed as "universal distribution learners", but precisely what distributions they can represent and learn is still an open question. Heavy-tailed distributions are prevalent in many different domains such as financial risk-assessment, physics, and epidemiology. We observe that existing GAN architectures do a poor job of matching the asymptotic beha…
▽ More
Generative adversarial networks (GANs) are often billed as "universal distribution learners", but precisely what distributions they can represent and learn is still an open question. Heavy-tailed distributions are prevalent in many different domains such as financial risk-assessment, physics, and epidemiology. We observe that existing GAN architectures do a poor job of matching the asymptotic behavior of heavy-tailed distributions, a problem that we show stems from their construction. Additionally, when faced with the infinite moments and large distances between outlier points that are characteristic of heavy-tailed distributions, common loss functions produce unstable or near-zero gradients. We address these problems with the Pareto GAN. A Pareto GAN leverages extreme value theory and the functional properties of neural networks to learn a distribution that matches the asymptotic behavior of the marginal distributions of the features. We identify issues with standard loss functions and propose the use of alternative metric spaces that enable stable and efficient learning. Finally, we evaluate our proposed approach on a variety of heavy-tailed datasets.
△ Less
Submitted 22 January, 2021;
originally announced January 2021.
-
Decoy Allocation Games on Graphs with Temporal Logic Objectives
Authors:
Abhishek N. Kulkarni,
Jie Fu,
Huan Luo,
Charles A. Kamhoua,
Nandi O. Leslie
Abstract:
We study a class of games, in which the adversary (attacker) is to satisfy a complex mission specified in linear temporal logic, and the defender is to prevent the adversary from achieving its goal. A deceptive defender can allocate decoys, in addition to defense actions, to create disinformation for the attacker. Thus, we focus on the problem of jointly synthesizing a decoy placement strategy and…
▽ More
We study a class of games, in which the adversary (attacker) is to satisfy a complex mission specified in linear temporal logic, and the defender is to prevent the adversary from achieving its goal. A deceptive defender can allocate decoys, in addition to defense actions, to create disinformation for the attacker. Thus, we focus on the problem of jointly synthesizing a decoy placement strategy and a deceptive defense strategy that maximally exploits the incomplete information the attacker about the decoy locations. We introduce a model of hypergames on graphs with temporal logic objectives to capture such adversarial interactions with asymmetric information. Using the hypergame model, we analyze the effectiveness of a given decoy placement, quantified by the set of deceptive winning states where the defender can prevent the attacker from satisfying the attack objective given its incomplete information about decoy locations. Then, we investigate how to place decoys to maximize the defender's deceptive winning region. Considering the large search space for all possible decoy allocation strategies, we incorporate the idea of compositional synthesis from formal methods and show that the objective function in the class of decoy allocation problem is monotone and non-decreasing. We derive the sufficient conditions under which the objective function for the decoy allocation problem is submodular, or supermodular, respectively. We show a sub-optimal allocation can be efficiently computed by iteratively composing the solutions of hypergames with a subset of decoys and the solution of a hypergame given a single decoy. We use a running example to illustrate the proposed method.
△ Less
Submitted 2 October, 2020;
originally announced October 2020.
-
Deceptive Labeling: Hypergames on Graphs for Stealthy Deception
Authors:
Abhishek N. Kulkarni,
Huan Luo,
Nandi O. Leslie,
Charles A. Kamhoua,
Jie Fu
Abstract:
With the increasing sophistication of attacks on cyber-physical systems, deception has emerged as an effective tool to improve system security and safety by obfuscating the attacker's perception. In this paper, we present a solution to the deceptive game in which a control agent is to satisfy a Boolean objective specified by a co-safe temporal logic formula in the presence of an adversary. The age…
▽ More
With the increasing sophistication of attacks on cyber-physical systems, deception has emerged as an effective tool to improve system security and safety by obfuscating the attacker's perception. In this paper, we present a solution to the deceptive game in which a control agent is to satisfy a Boolean objective specified by a co-safe temporal logic formula in the presence of an adversary. The agent intentionally introduces asymmetric information to create payoff misperception, which manifests as the misperception of the labeling function in the game model. Thus, the adversary is unable to accurately determine which logical formula is satisfied by a given outcome of the game. We introduce a model called hypergame on graph to capture the asymmetrical information with one-sided payoff misperception. Based on this model, we present the solution of such a hypergame and use the solution to synthesize stealthy deceptive strategies. Specifically, deceptive sure winning and deceptive almost-sure winning strategies are developed by reducing the hypergame to a two-player game and one-player stochastic game with reachability objectives. A running example is introduced to demonstrate the game model and the solution concept used for strategy synthesis.
△ Less
Submitted 9 June, 2020; v1 submitted 10 April, 2020;
originally announced April 2020.
-
Secure-by-synthesis network with active deception and temporal logic specifications
Authors:
Jie Fu,
Abhishek N. Kulkarni,
Huan Luo,
Nandi O. Leslie,
Charles A. Kamhoua
Abstract:
This paper is concerned with the synthesis of strategies in network systems with active cyber deception. Active deception in a network employs decoy systems and other defenses to conduct defensive planning against the intrusion of malicious attackers who have been confirmed by sensing systems. In this setting, the defender's objective is to ensure the satisfaction of security properties specified…
▽ More
This paper is concerned with the synthesis of strategies in network systems with active cyber deception. Active deception in a network employs decoy systems and other defenses to conduct defensive planning against the intrusion of malicious attackers who have been confirmed by sensing systems. In this setting, the defender's objective is to ensure the satisfaction of security properties specified in temporal logic formulas. We formulate the problem of deceptive planning with decoy systems and other defenses as a two-player games with asymmetrical information and Boolean payoffs in temporal logic. We use level-2 hypergame with temporal logic objectives to capture the incomplete/incorrect knowledge of the attacker about the network system as a payoff misperception. The true payoff function is private information of the defender. Then, we extend the solution concepts of $omega$-regular games to analyze the attacker's rational strategy given her incomplete information. By generalizing the solution of level-2 hypergame in the normal form to extensive form, we extend the solutions of games with safe temporal logic objectives to decide whether the defender can ensure security properties to be satisfied with probability one, given any possible strategy that is perceived to be rational by the attacker. Further, we use the solution of games with co-safe (reachability) temporal logic objectives to determine whether the defender can engage the attacker, by directing the attacker to a high-fidelity honeypot. The effectiveness of the proposed synthesis methods is illustrated with synthetic network systems with honeypots.
△ Less
Submitted 17 February, 2020;
originally announced February 2020.
-
Discovering a Regularity: the Case of An 800-year Law of Advances in Small-Arms Technologies
Authors:
Alexander Kott,
Philip Perconti,
Nandi Leslie
Abstract:
Considering a broad family of technologies where a measure of performance (MoP) is difficult or impossible to formulate, we seek an alternative measure that exhibits a regular pattern of evolution over time, similar to how a MoP may follow a Moore's law. In an empirical case study, we explore an approach to identifying such a composite measure called a Figure of Regularity (FoR). We use the propos…
▽ More
Considering a broad family of technologies where a measure of performance (MoP) is difficult or impossible to formulate, we seek an alternative measure that exhibits a regular pattern of evolution over time, similar to how a MoP may follow a Moore's law. In an empirical case study, we explore an approach to identifying such a composite measure called a Figure of Regularity (FoR). We use the proposed approach to identify a novel FoR for diverse classes of small arms - bows, crossbows, harquebuses, muskets, rifles, repeaters, and assault rifles - and show that this FoR agrees well with the empirical data. We identify a previously unreported regular trend in the FoR of an exceptionally long duration - from approximately 1200 CE to the present - and discuss how research managers can analyze long-term trends in conjunction with a portfolio of research directions.
△ Less
Submitted 9 August, 2019;
originally announced August 2019.
-
Learning and Planning in the Feature Deception Problem
Authors:
Zheyuan Ryan Shi,
Ariel D. Procaccia,
Kevin S. Chan,
Sridhar Venkatesan,
Noam Ben-Asher,
Nandi O. Leslie,
Charles Kamhoua,
Fei Fang
Abstract:
Today's high-stakes adversarial interactions feature attackers who constantly breach the ever-improving security measures. Deception mitigates the defender's loss by misleading the attacker to make suboptimal decisions. In order to formally reason about deception, we introduce the feature deception problem (FDP), a domain-independent model and present a learning and planning framework for finding…
▽ More
Today's high-stakes adversarial interactions feature attackers who constantly breach the ever-improving security measures. Deception mitigates the defender's loss by misleading the attacker to make suboptimal decisions. In order to formally reason about deception, we introduce the feature deception problem (FDP), a domain-independent model and present a learning and planning framework for finding the optimal deception strategy, taking into account the adversary's preferences which are initially unknown to the defender. We make the following contributions. (1) We show that we can uniformly learn the adversary's preferences using data from a modest number of deception strategies. (2) We propose an approximation algorithm for finding the optimal deception strategy given the learned preferences and show that the problem is NP-hard. (3) We perform extensive experiments to validate our methods and results. In addition, we provide a case study of the credit bureau network to illustrate how FDP implements deception on a real-world problem.
△ Less
Submitted 8 June, 2020; v1 submitted 12 May, 2019;
originally announced May 2019.
-
Maximal LELM Distinguishability of Qubit and Qutrit Bell States Using Projective and Non-Projective Measurements
Authors:
Nathaniel Leslie,
Julien Devin,
Theresa W. Lynn
Abstract:
Numerous quantum information protocols make use of maximally entangled two-particle states, or Bell states, in which information is stored in the correlations between the two particles rather than their individual properties. Retrieving information stored in this way means distinguishing between different Bell states, yet the well known no-go theorem establishes that projective linear evolution an…
▽ More
Numerous quantum information protocols make use of maximally entangled two-particle states, or Bell states, in which information is stored in the correlations between the two particles rather than their individual properties. Retrieving information stored in this way means distinguishing between different Bell states, yet the well known no-go theorem establishes that projective linear evolution and local measurement (LELM) detection schemes can only reliably distinguish three of the four qubit Bell states. We establish maximum distinguishability of the qutrit Bell states of bosons via projective LELM measurements; only three of the nine Bell states can be distinguished. Next, we extend to the case of non-projective measurements. We strengthen the no-go theorem by showing that general LELM measurements cannot reliably distinguish all four qubit Bell states. We also establish that at most five qutrit Bell states can be distinguished with generalized LELM measurements.
△ Less
Submitted 4 April, 2019; v1 submitted 6 March, 2019;
originally announced March 2019.
-
Statistical Models for the Number of Successful Cyber Intrusions
Authors:
Nandi O. Leslie,
Richard E. Harang,
Lawrence P. Knachel,
Alexander Kott
Abstract:
We propose several generalized linear models (GLMs) to predict the number of successful cyber intrusions (or "intrusions") into an organization's computer network, where the rate at which intrusions occur is a function of the following observable characteristics of the organization: (i) domain name server (DNS) traffic classified by their top-level domains (TLDs); (ii) the number of network securi…
▽ More
We propose several generalized linear models (GLMs) to predict the number of successful cyber intrusions (or "intrusions") into an organization's computer network, where the rate at which intrusions occur is a function of the following observable characteristics of the organization: (i) domain name server (DNS) traffic classified by their top-level domains (TLDs); (ii) the number of network security policy violations; and (iii) a set of predictors that we collectively call "cyber footprint" that is comprised of the number of hosts on the organization's network, the organization's similarity to educational institution behavior (SEIB), and its number of records on scholar.google.com (ROSG). In addition, we evaluate the number of intrusions to determine whether these events follow a Poisson or negative binomial (NB) probability distribution. We reveal that the NB GLM provides the best fit model for the observed count data, number of intrusions per organization, because the NB model allows the variance of the count data to exceed the mean. We also show that there are restricted and simpler NB regression models that omit selected predictors and improve the goodness-of-fit of the NB GLM for the observed data. With our model simulations, we identify certain TLDs in the DNS traffic as having significant impact on the number of intrusions. In addition, we use the models and regression results to conclude that the number of network security policy violations are consistently predictive of the number of intrusions.
△ Less
Submitted 14 January, 2019;
originally announced January 2019.
-
Approaches to Enhancing Cyber Resilience: Report of the North Atlantic Treaty Organization (NATO) Workshop IST-153
Authors:
Alexander Kott,
Benjamin Blakely,
Diane Henshel,
Gregory Wehner,
James Rowell,
Nathaniel Evans,
Luis Muñoz-González,
Nandi Leslie,
Donald W French,
Donald Woodard,
Kerry Krutilla,
Amanda Joyce,
Igor Linkov,
Carmen Mas-Machuca,
Janos Sztipanovits,
Hugh Harney,
Dennis Kergl,
Perri Nejib,
Edward Yakabovicz,
Steven Noel,
Tim Dudman,
Pierre Trepagnier,
Sowdagar Badesha,
Alfred Møller
Abstract:
This report summarizes the discussions and findings of the 2017 North Atlantic Treaty Organization (NATO) Workshop, IST-153, on Cyber Resilience, held in Munich, Germany, on 23-25 October 2017, at the University of Bundeswehr. Despite continual progress in managing risks in the cyber domain, anticipation and prevention of all possible attacks and malfunctions are not feasible for the current or fu…
▽ More
This report summarizes the discussions and findings of the 2017 North Atlantic Treaty Organization (NATO) Workshop, IST-153, on Cyber Resilience, held in Munich, Germany, on 23-25 October 2017, at the University of Bundeswehr. Despite continual progress in managing risks in the cyber domain, anticipation and prevention of all possible attacks and malfunctions are not feasible for the current or future systems comprising the cyber infrastructure. Therefore, interest in cyber resilience (as opposed to merely risk-based approaches) is increasing rapidly, in literature and in practice. Unlike concepts of risk or robustness - which are often and incorrectly conflated with resilience - resiliency refers to the system's ability to recover or regenerate its performance to a sufficient level after an unexpected impact produces a degradation of its performance. The exact relation among resilience, risk, and robustness has not been well articulated technically. The presentations and discussions at the workshop yielded this report. It focuses on the following topics that the participants of the workshop saw as particularly important: fundamental properties of cyber resilience; approaches to measuring and modeling cyber resilience; mission modeling for cyber resilience; systems engineering for cyber resilience, and dynamic defense as a path toward cyber resilience.
△ Less
Submitted 20 April, 2018;
originally announced April 2018.
-
Toward Intelligent Autonomous Agents for Cyber Defense: Report of the 2017 Workshop by the North Atlantic Treaty Organization (NATO) Research Group IST-152-RTG
Authors:
Alexander Kott,
Ryan Thomas,
Martin Drašar,
Markus Kont,
Alex Poylisher,
Benjamin Blakely,
Paul Theron,
Nathaniel Evans,
Nandi Leslie,
Rajdeep Singh,
Maria Rigaki,
S Jay Yang,
Benoit LeBlanc,
Paul Losiewicz,
Sylvain Hourlier,
Misty Blowers,
Hugh Harney,
Gregory Wehner,
Alessandro Guarino,
Jana Komárková,
James Rowell
Abstract:
This report summarizes the discussions and findings of the Workshop on Intelligent Autonomous Agents for Cyber Defence and Resilience organized by the NATO research group IST-152-RTG. The workshop was held in Prague, Czech Republic, on 18-20 October 2017. There is a growing recognition that future cyber defense should involve extensive use of partially autonomous agents that actively patrol the fr…
▽ More
This report summarizes the discussions and findings of the Workshop on Intelligent Autonomous Agents for Cyber Defence and Resilience organized by the NATO research group IST-152-RTG. The workshop was held in Prague, Czech Republic, on 18-20 October 2017. There is a growing recognition that future cyber defense should involve extensive use of partially autonomous agents that actively patrol the friendly network, and detect and react to hostile activities rapidly (far faster than human reaction time), before the hostile malware is able to inflict major damage, evade friendly agents, or destroy friendly agents. This requires cyber-defense agents with a significant degree of intelligence, autonomy, self-learning, and adaptability. The report focuses on the following questions: In what computing and tactical environments would such an agent operate? What data would be available for the agent to observe or ingest? What actions would the agent be able to take? How would such an agent plan a complex course of actions? Would the agent learn from its experiences, and how? How would the agent collaborate with humans? How can we ensure that the agent will not take undesirable destructive actions? Is it possible to help envision such an agent with a simple example?
△ Less
Submitted 20 April, 2018;
originally announced April 2018.
