Malware, or software designed with harmful intent, is an ever-evolving threat that can have drastic effects on both individuals and institutions. Neural network malware classification systems are key tools for combating these threats but are vulnerable to adversarial machine learning attacks. These attacks perturb input data to cause misclassification, bypassing protective systems. Existing defenses often rely on enhancing the training process, thereby increasing the model’s robustness to these perturbations, which is quantified using verification. While training improvements are necessary, we propose focusing on the verification process used to evaluate improvements to training. As such, we present a case study that evaluates a novel verification domain that will help to ensure tangible safeguards against adversaries and provide a more reliable means of evaluating the robustness and effectiveness of anti-malware systems. To do so, we describe malware classification and two types of common malware datasets (feature and image datasets), demonstrate the certified robustness accuracy of malware classifiers using the Neural Network Verification (NNV) and Neural Network Enumeration (nnenum) tools1, and outline the challenges and future considerations necessary for the improvement and refinement of the verification of malware classification. By evaluating this novel domain as a case study, we hope to increase its visibility, encourage further research and scrutiny, and ultimately enhance the resilience of digital systems against malicious attacks.
Authored by Preston Robinette, Diego Lopez, Serena Serbinowska, Kevin Leach, Taylor Johnson
Mobile malware is a malicious code specifically designed to target mobile devices to perform multiple types of fraud. The number of attacks reported each day is increasing constantly and is causing an impact not only at the end-user level but also at the network operator level. Malware like FluBot contributes to identity theft and data loss but also enables remote Command & Control (C2) operations, which can instrument infected devices to conduct Distributed Denial of Service (DDoS) attacks. Current mobile device-installed solutions are not effective, as the end user can ignore security warnings or install malicious software. This article designs and evaluates MONDEO-Tactics5G - a multistage botnet detection mechanism that does not require software installation on end-user devices, together with tactics for 5G network operators to manage infected devices. We conducted an evaluation that demonstrates high accuracy in detecting FluBot malware, and in the different adaptation strategies to reduce the risk of DDoS while minimising the impact on the clients satisfaction by avoiding disrupting established sessions.
Authored by Bruno Sousa, Duarte Dias, Nuno Antunes, Javier amara, Ryan Wagner, Bradley Schmerl, David Garlan, Pedro Fidalgo
This work focuses on the problem of hyper-parameter tuning (HPT) for robust (i.e., adversarially trained) models, shedding light on the new challenges and opportunities arising during the HPT process for robust models. To this end, we conduct an extensive experimental study based on three popular deep models and explore exhaustively nine (discretized) hyper-parameters (HPs), two fidelity dimensions, and two attack bounds, for a total of 19208 configurations (corresponding to 50 thousand GPU hours). Through this study, we show that the complexity of the HPT problem is further exacerbated in adversarial settings due to the need to independently tune the HPs used during standard and adversarial training: succeeding in doing so (i.e., adopting different HP settings in both phases) can lead to a reduction of up to 80% and 43% of the error for clean and adversarial inputs, respectively. We also identify new opportunities to reduce the cost of HPT for robust models. Specifically, we propose to leverage cheap adversarial training methods to obtain inexpensive, yet highly correlated, estimations of the quality achievable using more robust/expensive state-of-the-art methods. We show that, by exploiting this novel idea in conjunction with a recent multi-fidelity optimizer (taKG), the efficiency of the HPT process can be enhanced by up to 2.1x.
Authored by Pedro Mendes, Paolo Romano, David Garlan
Neural networks are often overconfident about their pre- dictions, which undermines their reliability and trustworthiness. In this work, we present a novel technique, named Error-Driven Un- certainty Aware Training (EUAT), which aims to enhance the ability of neural models to estimate their uncertainty correctly, namely to be highly uncertain when they output inaccurate predictions and low uncertain when their output is accurate. The EUAT approach oper- ates during the model’s training phase by selectively employing two loss functions depending on whether the training examples are cor- rectly or incorrectly predicted by the model. This allows for pursu- ing the twofold goal of i) minimizing model uncertainty for correctly predicted inputs and ii) maximizing uncertainty for mispredicted in- puts, while preserving the model’s misprediction rate. We evaluate EUAT using diverse neural models and datasets in the image recog- nition domains considering both non-adversarial and adversarial set- tings. The results show that EUAT outperforms existing approaches for uncertainty estimation (including other uncertainty-aware train- ing techniques, calibration, ensembles, and DEUP) by providing un- certainty estimates that not only have higher quality when evaluated via statistical metrics (e.g., correlation with residuals) but also when employed to build binary classifiers that decide whether the model’s output can be trusted or not and under distributional data shifts.
Authored by Pedro Mendes, Paolo Romano, David Garlan
This paper focuses on the problem of optimizing system utility of Machine-Learning (ML) based systems in the presence of ML mispredictions. This is achieved via the use of self-adaptive systems and through the execution of adaptation tactics, such as model retraining, which operate at the level of individual ML components. To address this problem, we propose a probabilistic modeling framework that reasons about the cost/benefit trade-offs associated with adapting ML components. The key idea of the proposed approach is to decouple the problems of estimating (i) the expected performance improvement after adaptation and (ii) the impact of ML adaptation on overall system utility. We apply the proposed framework to engineer a self-adaptive ML-based fraud-detection system, which we evaluate using a publicly-available, real fraud detection data-set. We initially consider a scenario in which information on model’s quality is immediately available. Next we relax this assumption by integrating (and extending) state-of-the-art techniques for estimating model’s quality in the proposed framework. We show that by predicting the system utility stemming from retraining a ML component, the probabilistic model checker can generate adaptation strategies that are significantly closer to the optimal, as compared against baselines such as periodic or reactive retraining.
Authored by Maria Casimiro, Diogo Soares, David Garlan, Luís Rodrigues, Paolo Romano
In 2017, the United States Department of Homeland Security designated elections equipment as critical infrastructure. Poll workers play a crucial role in safeguarding election security and integrity and are responsible for administering an election at the more than 100,000 polling places needed during an election cycle, oftentimes interacting with, and having unsupervised access to, elections equipment. This paper examines the utility of training poll workers to mitigate potential cyber, physical, and insider threats that may emerge during U.S. elections through an analysis of the relationship between poll worker training performance and their individual cybersecurity practices. Specifically, we measure a poll worker’s personal cybersecurity behavior using the Security Behaviors and Intentions Scale (SeBIS) and statistically examine this measure to their performance on three poll worker election security training modules, along with quizzes to assess poll workers' knowledge. The results indicate that a poll worker’s personal security behaviors related to Device Securement, Password Generation, and Proactive Awareness have a positive relationship with poll workers' knowledge of the threats related to election equipment and processes. k-means analysis shows that educated poll workers and those who have strong device security personal behaviors tend to score better on the poll worker training quizzes; Device Securement was also the greatest driver of the relationship between individual security behaviors and poll worker threat knowledge. These findings have implications for election security policies, emphasizing the need for election officials and managers to prioritize Device Securement and Proactive Awareness in poll worker training initiatives to enhance election security.
Authored by Abigail Kassel, Isabella Bloomquist, Natalie Scala, Josh Dehlinger
Improvements in information technology and developments in AI enable supply chain professionals to improve efficiencies. The digitization of supply chains facilitates integration of upstream and downstream resources but also increases the likelihood of cyber attacks. Existing literature reflects a rapid rise in cyber attacks targeting supply chains, with a significant number of data breaches attributed to employee errors. Therefore, as supply chain professionals pose an insider risk to supply chain cybersecurity, this research delves into their information security behaviors. The objective is to assess the security practices of supply chain professionals and identify strategies for improvement. To that end, we conducted a survey using Amazon Mechanical Turk with 763 usable responses, including 167 individuals from the field of supply chain management. The survey consisted of 27 Likert scale questions, with 16 drawn from the Security Behavior Intentions Scale (SeBIS) and 11 from the Human Aspects of Information Security Questionnaire (HAIS-Q), supplemented by 11 demographic-related queries. Utilizing principles from information theory for analysis, results of this preliminary research reveal significant inconsistency in information security behaviors among supply chain professionals, particularly with Password Generation, Device Securement, and Proactive Awareness. Ultimately, this research is part of a larger project that seeks to provide recommendations for training programs aimed at reducing the risk of incidents or breaches stemming from trusted insider professionals within the supply chain.
Authored by Hao Nguyen, Natalie Scala, Josh Dehlinger
Authored by Nicholas Potteiger, Ankita Samaddar, Hunter Bergstrom, Xenofon Koutsoukos
The rise in autonomous Unmanned Aerial Vehicles (UAVs) for objectives requiring long-term navigation in diverse environments is attributed to their compact, agile, and accessible nature. Specifically, problems exploring dynamic obstacle and collision avoidance are of increasing interest as UAVs become more popular for tasks such as transportation of goods, formation control, and search and rescue routines. Prioritizing safety in the design of autonomous UAVs is crucial to prevent costly collisions that endanger pedestrians, mission success, and property. Safety must be ensured in these systems whose behavior emerges from multiple software components including learning-enabled components. Learning-enabled components, optimized through machine learning (ML) or reinforcement learning (RL) require adherence to safety constraints while interacting with the environment during training and deployment, as well as adaptation to new unknown environments. In this paper, we safeguard autonomous UAV navigation by designing agents based on behavior trees with learning-enabled components, referred to as Evolving Behavior Trees (EBTs). We learn the structure of EBTs with explicit safety components, optimize learning-enabled components with safe hierarchical RL, deploy, and update specific components for transfer to unknown environments. Safe and successful navigation is evaluated using a realistic UAV simulation environment. The results demonstrate the design of an explainable learned EBT structure, incurring near-zero collisions during training and deployment, with safe time-efficient transfer to an unknown environment.
Authored by Nicholas Potteiger, Xenofon Koutsoukos
The purpose of this article is to explore the use of wireless communication technology for network connectivity in ocean liner environments, which is different from the data security system of wired networks. The key work is based on data security practices in the ocean liner environment, including building a data security classification system and developing different security strategies in data collection, storage, transmission, processing, and other aspects. In addition, machine learning methods are introduced into security warning strategies to intelligently analyze data security risks and make decisions.
Authored by He Jing, Chen Ming-jun
With increased connectivity and the application of intelligent technologies, intelligent and connected vehicles are evolving rapidly, which offers new opportunities for vehicle data security risks. However, there are currently insufficient studies to comprehensively map the security risks throughout the life cycle of intelligent and connected vehicle data. The object of this paper is to identify the main data security risks at different data life cycle phases in the field of intelligent and connected vehicles, and the data security problems those risks may bring. The following are some of the techniques used to protect the security of data against risks. The test verification is implemented by using functional reproduction and data packet capture analysis. The results indicate that there are vehicle data security risks to personal information, including location and biometric information. This paper is useful for intelligent and connected vehicle data processors in their targeted application of technical and managerial measures to mitigate data security risks in the whole data life cycle.
Authored by Yujia Li, Yueyou Wang, Jue Wang, Hanbing Wu, Xianzhao Xia
This paper proposes a secure data storage scheme for protecting network privacy. In the system hardware design, it is divided into interface module, basic service module and storage module. The three functional modules work together to improve the security of personal privacy data on the Internet. Establish a personal privacy database in software to ensure the security of personal privacy data. Asymmetric cryptography is used to encrypt and decrypt the data. Finally, the encrypted privacy information data is processed centrally to realize the combined storage of privacy information in the computer network. By comparing the safety and operation effect of the system, it is proved that the system has great advantages in safety and efficiency. The simulation results show that the method is effective.
Authored by Lanshuang Li, Yuzhen Feng, Yuanbao Feng, Zhihong Lu, Xiangyang Gao, Chuican Chen
Online Social Network is a network communication platform where users have profiles that can be uniquely identified by the content sent. This content can be produced, consumed, and interacted with by other users. To connect with other users on social media, users must register by providing Personally Identifiable Information (PII) to social media platforms. PII is specific information that can identify or track individuals directly. This specific information may include your name, address, social security number, or other identifying code numbers such as telephone numbers, email addresses, and others. Personal identifiable information leakage is a problem in data security. Basically, every individual does not want their personal data to be known by anyone. Utilizing a sample size of 50 respondents, this study aims to ascertain the percentage of individuals who are aware of PII security on social media. This research will use quantitative methods by distributing questionnaires. The questionnaire in this study uses a social media attribute design. The results of the survey indicate that many respondents are unaware of the security of their data and have a limited understanding of how their personal data is managed by technology companies, particularly the 80\% of non-IT respondents.
Authored by Gabriel Christie, Ivan, Javier Trevan, Said Achmad, Franz Junior, Nadia
Heterogeneous wireless networks (HWNs) have security risks and challenges, and traditional network security monitoring methods are difficult to meet the security needs. This paper analyzes and researches the security monitoring algorithm of HWNs based on big data intelligent information technology, analyzes the security monitoring algorithm of HWNs based on big data intelligent information technology, which is able to dig out potential security threats from the massive network data and carry out real-time monitoring and early warning through the use of big data correlation algorithm and network security management algorithm. The experimental tests on HWNs show that big data intelligent information technology can reduce the risk of HWN environment. the accuracy and precision of HWNs events are improved, the accuracy rate is increased by about 1.2\% and the precision rate is increased by about 1.1\%. The feasibility and effectiveness of the HWNs safety monitoring algorithm based on big data intelligent information technology is verified, which lays the foundation for more research in this field
Authored by Xiaomeng Duan, Yun Zhou, Jiabin Guan
Problems such as the increase in the number of private vehicles with the population, the rise in environmental pollution, the emergence of unmet infrastructure and resource problems, and the decrease in time efficiency in cities have put local governments, cities, and countries in search of solutions. These problems faced by cities and countries are tried to be solved in the concept of smart cities and intelligent transportation by using information and communication technologies in line with the needs. While designing intelligent transportation systems (ITS), beyond traditional methods, big data should be designed in a state-of-the-art and appropriate way with the help of methods such as artificial intelligence, machine learning, and deep learning. In this study, a data-driven decision support system model was established to help the business make strategic decisions with the help of intelligent transportation data and to contribute to the elimination of public transportation problems in the city. Our study model has been established using big data technologies and business intelligence technologies: a decision support system including data sources layer, data ingestion/ collection layer, data storage and processing layer, data analytics layer, application/presentation layer, developer layer, and data management/ data security layer stages. In our study, the decision support system was modeled using ITS data supported by big data technologies, where the traditional structure could not find a solution. This paper aims to create a basis for future studies looking for solutions to the problems of integration, storage, processing, and analysis of big data and to add value to the literature that is missing within the framework of the model. We provide both the lack of literature, eliminate the lack of models before the application process of existing data sets to the business intelligence architecture and a model study before the application to be carried out by the authors.
Authored by Kutlu Sengul, Cigdem Tarhan, Vahap Tecim
Intelligent Systems for Personal Data Cyber Security is a critical component of the Personal Information Management of Medicaid Enterprises. Intelligent Systems for Personal Data Cyber Security combines components of Cyber Security Systems with Human-Computer Interaction. It also uses the technology and principles applied to the Internet of Things. The use of software-hardware concepts and solutions presented in this report is, in the authors’ opinion, some step in the working-out of the Intelligent Systems for Personal Data Cyber Security in Medicaid Enterprises. These concepts may also be useful for developers of these types of systems.
Authored by Alexey Zalozhnev, Vasily Ginz, Anatoly Loktionov
The introductory part of the research mainly focuses on the importance of using block chain facilities by using the 5G Network that can be useful for data privacy and security. It can be said that the research mainly focuses on all the benefits of using block chain technology in order to protect all the access of relevant data by implementing intelligent contracts for enhancing the security framework related to the use of 5G networks on the data protection activities. The Literature review of the research mainly concentrates on the benefits and merits of applying the block chain facilities for enhancing both the growth as well as the development of data protection and data privacy. All the merits, as well as demerits of using the block chain facility, have been also discussed throughout the overall research paper. On the other hand, various methods, as well as strategies for applying the block chain facilities, also have been analyzed throughout the literature review section of this research paper. A survey was conducted in this particular scenario to get a clear comprehension of the situation. A survey was conducted with fifty one random people that enable the researches to get a clear picture of the trend while fetching some real life data in this particular scenario.
Authored by Prabhakara Kapula, Gnana Jeslin, Gururaj Hosamani, Prashant Vats, Chetan Shelke, Surendra Shukla
The data of the government and enterprises, as the production factors are facing risks and problems of security violations, such as data leakage, data abuse and data tampering during quick circulation. This paper studies the security supervision architecture of data circulation (exchange, sharing, transaction) from the perspective of the whole life cycle, proposes and constructs the security supervision metadata model, which is used to represent the changes of users, behavior, data lineage, etc. during the whole life cycle of data; For massive data, based on the metadata model of security supervision, innovates the key technologies such as data security monitoring, tracing and ownership authentication; Per the verification need, a set of security supervision prototype showing security situation, tracing performance, ownership construction/authentication and low-level visual explorer is developed.
Authored by Hui Yang, Yang Cao
This article proposes a technique that establishes the procedure for evaluating the level of efficiency of the information security department (an employee performing information security functions). The technique uses performance evaluation criteria based on the apparatus of fuzzy logic, the composition of fuzzy relations. The technique describes the procedure for evaluating the effectiveness of the information security department (information security officer) during audits in the area of "Organization and state of work on information protection", self-assessment of the effectiveness of work. The method of assessing the level of efficiency consists in presenting with the help of a set of measurements (both at the quantitative and qualitative level) the features collected to build a classification of the effectiveness of the information security department (information security officer). Based on a set of measurements of signs, the decision-maker must determine (classify) the effectiveness of work using the criteria for assessing the quality of their work. In the future, the methodology can be expanded for additional purposes of predicting the level of security of informatization objects.
Authored by Viktor Belov, Nadezhda Belova, Tamara Pestunova, Dmitry Kosov
Questions of video information resource security assessment are considered in case of the video conferencing organization in systems of public administration. Is shown that for an assessment of information security it is necessary to make the analysis of potential security risks, to construct model of threats and to execute an assessment for specific conditions of functioning of a video conferencing. The most significant security risks are defined.
Authored by Tatyana Belikova, Andrii Vlasov, Pavlo Hurzhii, Natalia Korolyova, Oleksandra Voitsekhivska, Mykhailo Babenko
In response to the advent of software defined world, this Fast Abstract introduces a new notion, information gravitation, with an attempt to unify and expand two related ones, information mass (related to the supposed fifth force) and data gravitation. This is motivated by the following question: is there a new kind of (gravitational) force between any two distinct pieces of information conveying messages. A possibly affirmative answer to this question of information gravitation, which is supposed to explore the theoretically and/or experimentally justified interplay between information and gravitation, might make significant sense for the software defined world being augmented with artificial intelligence and virtual reality in the age of information. Information induces gravitation. Information gravitation should be related to Newton s law of universal gravitation and Einstein s general theory of relativity, and even to gravitational waves and the unified theory of everything.
Authored by Kai-Yuan Cai
Chaotic cryptography is structurally related to the concepts of confusion and diffusion in traditional cryptography theory. Chaotic cryptography is formed by the inevitable connection between chaos theory and pure cryptography. In order to solve the shortcomings of the existing research on information encryption security system, this paper discusses the realization technology of information security, the design principles of encryption system and three kinds of chaotic mapping systems, and discusses the selection of development tools and programmable devices. And the information encryption security system based on chaos algorithm is designed and discussed, and the randomness test of three groups of encrypted files is carried out by the proposed algorithm and the AES (Advanced Encryption Standard) algorithm. Experimental data show that the uniformity of P-value value of chaos algorithm is 0.714 on average. Therefore, it is verified that the information encryption security system using chaos algorithm has high security.
Authored by Xiya Liu
The role of information security in network accounting is very important, but there is a problem of inaccurate outcome evaluation. The one-way hash encryption algorithm cannot solve the information security problem in network accounting, and the evaluation is unreasonable. Therefore, this paper proposes an AES algorithm for network accounting information security analysis. First, the business operation theory is used to integrate the data, and the indicators are divided according to the information security requirements to reduce network accounting information s security in the interfering factor. Then, the business operation theory is used to form a network accounting scheme and synthesize the AES algorithm analysis results. MBAZ shows that under certain evaluation criteria, the AES algorithm is safe for the accounting information of network accounting the accuracy and time are better than the one-way hash encryption algorithm.
Authored by Dan Hu
To date, there are a lot of research works related to the application of game theory to model the interaction between a cyber attacker and defender. At the same time there are some challenges that prevent development and practical application of such approaches. One of the challenges is that at each point in time, the cyber attacker and the defender do not have accurate information about the adversary’s strategy, which results in an uncertainty in choosing their own strategy. The paper considers the application of hypergame theory to process this uncertainty. The authors use the attack graph is used to determine the possible strategies of the cyber attacker, while the graph of dependencies between the assets of the information system is used to determine the gain when applying a particular strategy. Thus, the result of the research is a proposed approach to security analysis and decision support for security incidents response based on the hypergame theory.
Authored by Elena Fedorchenko, Igor Kotenko, Boying Given, Yin Li
With the help of a well-thought-out information security threat model, you can develop a protection plan that will be based on current threats. The task of creating the most effective system for assessing the state of asset protection of an enterprise is one of the main goals of modeling. They imply the universality of information security concepts. You should use various methodologies of this process with the necessary perspective and sufficient level of detail to describe the threat models. An approach using all possible threat implementations is constructed in the form of trees or attack graphs (GAT) with verification of their properties. The set of threats, connections and their parameters are determined by asset owners and information security specialists. The elimination of shortcomings in the security model with complete overlap became possible thanks to the use of such a data set and the described structure. In this article, we describe the creation of a software application for automating and formalizing the process of assessing the information security of information system assets and localization of information system security bottlenecks. A distinctive feature of the application is the use of the threat database of the FSTEC of Russia to simulate an attack tree. FSTEC of Russia is the state regulator in the field of information security. The developed software application saves time by simplifying the process of assessing the security of information systems, and also makes the process of threat modeling visual.
Authored by Ulyana Kuzmina, Oleg Kazakov, Bogdan Erushev