August 21, 2017
Bahareh Khazaei, Javad Salimi Sartakhti, Mohammad Hossein Manshaei, Quanyan Zhu, Mehdi Sadeghi and Seyed Rasoul Mousavi
Understanding the dynamics of human immunodeficiency virus (HIV) is essential for depicting, developing, and investigating effective treatment strategies. HIV infects several types of immune cells, but its main target is to destroy helper T-cells. In the lymph nodes, the infected T-cells interact with each other and their environment to obtain more resources. According to infectivity and replicative capacity of T-cells in the HIV infection process, they can be divided into four phenotypes. Although genetic mutations in the reverse transcription that beget these phenotypes are random, the framework by which a phenotype become favored is affected by the environment and neighboring phenotypes. Moreover, the HIV disease has all components of an evolutionary process, including replication, mutation, and selection
August 17, 2017
Saffet Vatansever, Ahmet Emer Dirik and Nasir Memon
Electrical network frequency (ENF) instantaneously fluctuates around its nominal value (50/60 Hz) due to a continuous disparity between generated power and consumed power. Consequently, luminous intensity of a mains-powered light source varies depending on ENF fluctuations in the grid network. Variations in the luminance over time can be captured from video recordings and ENF can be estimated through content analysis of these recordings. In ENF-based video forensics, it is critical to check whether a given video file is appropriate for this type of analysis. That is, if ENF signal is not present in a given video, it would be useless to apply ENF-based forensic analysis. In this letter, an ENF signal presence detection method is introduced for videos. The proposed method is based on multiple ENF signal estimations from steady superpixels, i.e., pixels that are most likely uniform in color, brightness, and texture, and intra-class similarity of the estimated signals. Subsequently, consistency among these estimates is then used to determine the presence or absence of an ENF signal in a given video. The proposed technique can operate on video clips as short as 2 min and is independent of the camera sensor type, i.e., CCD or CMOS.
August 17, 2017
Rebecca S. Portnoff, Danny Yuxing Huang, Periwinkle Doerfler, Sadia Afroz and Damon McCoy
Sites for online classified ads selling sex are widely used by human traffickers to support their pernicious business. The sheer quantity of ads makes manual exploration and analysis unscalable. In addition, discerning whether an ad is advertising a trafficked victim or a independent sex worker is a very difficult task. Very little concrete ground truth (i.e., ads definitively known to be posted by a trafficker) exists in this space. In this work, we develop tools and techniques that can be used separately and in conjunction to group sex ads by their true owner (and not the claimed author in the ad). Specifically, we develop a machine learning classifier that uses stylometry to distinguish between ads posted by the same vs. different authors with 96% accuracy. We also design a linking technique that takes advantage of leakages from the Bitcoin mempool, blockchain and sex ad site, to link a subset of sex ads to Bitcoin public wallets and transactions. Finally, we demonstrate via a 4-week proof of concept using Backpage as the sex ad site, how an analyst can use these automated approaches to potentially find human traffickers.
August 15, 2017
Fei Chen, Gary Mac, and Nikhil Gupta
The additive manufacturing (AM) process chain relies heavily on cloud based resources and software programs that are connected to the internet. Cybersecurity has become a major concern for cloud based resources. While network security is important and is the responsibility of the information technology departments of corporations, a second line of defense is necessary if the cybersecurity is breached and the computer aided design (CAD) files are stolen. The stolen CAD files can be used to print components in exactly the same quality as the original component. The present work aims at developing design features in CAD models that can be used for the purpose of security against counterfeiting.
August 11, 2017
Yuan Liu, Jie Zhang, Quanyan Zhu and Xingwei Wang
In electronic commerce, buyers and sellers conduct transactions without physical interactions. In reputation systems, the trustworthiness of sellers is achieved by aggregating the ratings shared by other buyers with whom the sellers have ever conducted transactions. However, the ratings provided by buyers for evaluating the same seller could be diverse due to their different judgment criteria, which is referred as the subjectivity problem of reputation systems. It indicates that the ratings shared by some buyers may mislead other buyers with different personalities, making it challenging to aggregate the ratings properly in reputation systems. In this paper, in order to cope with the subjectivity problem, a hybrid architecture of reputation systems is proposed, which is based on coalition formation game theory. In the proposed module, buyers with the same subjectivity will automatically form a club, and share their ratings so as to build seller reputation within their club. The utility of a club is the profit created by the reputation system, which is further divided among the buyers of the club. Two utility allocation algorithms have been investigated, i.e., the proportional and Shapley allocations, respectively. Theoretical analysis and experimental results have shown that buyers with the same personality have the incentive to form a separate pure club if specific conditions are satisfied.
August 9, 2017
Samet Taspinar, Manoranjan Mohanty and Nasir Memon
Photo Response Non-Uniformity (PRNU) noisebased source attribution is a well known technique to verify the camera of an image or video. Researchers have proposed various countermeasures to prevent PRNU-based source camera attribution. Forced seam-carving is one such recently proposed counter forensics technique. This technique can disable PRNUbased source camera attribution by forcefully removing seams such that the size of most uncarved image blocks is less than 50 × 50 pixels. In this paper, we show that given multiple seamcarved images from the same camera, source attribution can still be possible even if the size of uncarved blocks in the image is less than the recommended size of 50 × 50 pixels. Theoretical analysis and experiments with multiple cameras demonstrate that the effectiveness of our scheme depends on the number of seams carved from an image and the randomness of the seam positions.
August 4, 2017
Randal Milch, Distinguished Fellow at the Center on Law and Security at NYU School of Law and the NYU Center for Cybersecurity, comments on the Internet of Things (IoT) Cybersecurity Improvements Act of 2017:
The bill seeks to use the federal government’s purchasing power to drive much-needed cybersecurity improvements in internet-connected devices. In addition, the bill would amend the Computer Fraud and Abuse Act and the Digital Millennium Copyright Act to encourage research on device vulnerabilities. These are important first steps in combating a large and growing menace from billions of poorly secured devices.
Large-Scale 3D Chips: Challenges and Solutions for Design Automation, Testing, and Trustworthy Integration
August 2, 2017
Johann Knechtel, Ozgur Sinanoglu, Ibrahim (Abe) M. Elfadel, Jens Lienig and Cliff C. N. Sze
Adaptive and Resilient Revenue Maximizing Resource Allocation and Pricing in Cloud Computing Environments
July 27, 2017
Muhammad Junaid Farooq, Quanyan Zhu
Cloud computing is becoming an essential component of modern computer and communication systems. The available resources at the cloud such as computing nodes, storage, databases, etc. are often packaged in the form of virtual machines (VMs) to be used by remotely located client applications for computational tasks. However, the cloud has a limited number of VMs available, which have to be efficiently utilized to generate higher productivity and subsequently generate maximum revenue. Client applications generate requests with computational tasks at random times with random complexity to be processed by the cloud. The cloud service provider (CSP) has to decide whether to allocate a VM to a task at hand or to wait for a higher complexity task in the future. We propose a threshold-based mechanism to optimally decide the allocation and pricing of VMs to sequentially arriving requests in order to maximize the revenue of the CSP over a finite time horizon. Moreover, we develop an adaptive and resilient framework based that can counter the effect of realtime changes in the number of available VMs at the cloud server, the frequency and nature of arriving tasks on the revenue of the CSP.
July 25, 2017
Jeffrey Pawlick, Thi Thu Hang Nguyen, Quanyan Zhu
Advanced persistent threats (APTs) are stealthy attacks which make use of social engineering and deception to give adversaries insider access to networked systems. Against APTs, active defense technologies aim to create and exploit information asymmetry for defenders. In this paper, we study a scenario in which a powerful defender uses honeypots for active defense in order to observe an attacker who has penetrated the network. Rather than immediately eject the attacker, the defender may elect to gather information. We introduce a Markov decision process on a continuous state space in order to model the defender’s problem. We find a threshold of information that the defender should gather about the attacker before ejecting him. Then we study the robustness of this policy using a Stackelberg game. Our results provide a quantitative foundation for studying optimal timing for attacker engagement in network defense.
July 25, 2017
Jeffrey Pawlick and Quanyan Zhu
Deception plays a critical role in many interactions in communication and network security. Game-theoretic models called “cheap talk signaling games” capture the dynamic and information asymmetric nature of deceptive interactions. But signaling games inherently model undetectable deception. In this paper, we investigate a model of signaling games in which the receiver can detect deception with some probability. This model nests traditional signaling games and complete information Stack- elberg games as special cases. We present the pure strategy perfect Bayesian Nash equilibria of the game. Then we illustrate these analytical results with an application to active network defense. The presence of evidence forces majority-truthful behavior and eliminates some pure strategy equilibria. It always benefits the deceived player, but surprisingly sometimes also benefits the deceiving player.
July 24, 2017
Hamza Anwar and Quanyan Zhu
Sensing in complex systems requires large-scale information exchange and on-the-go communications over heterogeneous networks and integrated processing platforms. Many networked cyber-physical systems exhibit hierarchical infrastructures of information flows, which naturally leads to a multi-level tree-like information structure in which each level corresponds to a particular scale of representation. This work focuses on the multiscale fusion of data collected at multiple levels of the system. We propose a multiscale state-space model to represent multi-resolution data over the hierarchical information system and formulate a multi-stage dynamic zero-sum game to design a multi-scale H∞ robust filter. We present numerical experiments for one and two-dimensional signals and provide a comparative analysis of the minimax filter with the standard Kalman filter to show the improvement in signal-to-noise ratio (SNR).
July 21, 2017
Juntao Chen, Corinne Touati, Quanyan Zhu
Infrastructure networks are vulnerable to both cyber and physical attacks. Building a secure and resilient networked system is essential for providing reliable and dependable services. To this end, we establish a two-player three-stage game framework to capture the dynamics in the infrastructure protection and recovery phases. Specifically, the goal of the infrastructure network designer is to keep the network connected before and after the attack, while the adversary aims to disconnect the network by compromising a set of links. With costs for creating and removing links, the two players aim to maximize their utilities while minimizing the costs. In this paper, we use the concept of subgame perfect equilibrium (SPE) to characterize the optimal strategies of the network defender and attacker. We derive the SPE explicitly in terms of system parameters. Finally, we use a case study of UAV-enabled communication networks for disaster recovery to corroborate the obtained analytical results.
July 21, 2017
July 20, 2017
The use of biometric data—an individual’s measurable physical and behavioral characteristics—isn’t new. Government and law enforcement agencies have long used it. … Using biometric data to access our personal devices is increasing as a way to get around the limitations of the commonly used password-based mechanism: it’s easier, more convenient, and (theoretically) more secure. But biometric data can also be stolen and used in malicious ways.
July 17, 2017
Yiwen Li, Brendan Dolan-Gavitt, Sam Weber, and Justin Cappos
Virtual machines (VMs) that try to isolate untrusted code are widely used in practice. However, it is often possible to trigger zero-day flaws in the host Operating System (OS) from inside of such virtualized systems. In this paper, we propose a new security metric showing strong correlation between “popular paths” and kernel vulnerabilities. We verify that the OS kernel paths accessed by popular applications in everyday use contain significantly fewer security bugs than less-used paths. We then demonstrate that this observation is useful in practice by building a prototype system which locks an application into using only popular OS kernel paths. By doing so, we demonstrate that we can prevent the triggering of zero-day kernel bugs significantly better than three other competing approaches, and argue that this is a practical approach to secure system design.
July 14, 2017
Toan Nguyen and Nasir Memon
Smartwatches are rapidly emerging to be the next generation of personal devices from the smartphone era due to their novel form factor and broad applications. However, their emergence also poses new challenges to securing user information. An important challenge is preventing unauthorized access to private information stored on the watch, for which a locking method is typically used. Due to smartwatches’ limited display, the performance of locking methods offered on smartwatches may suer from the fat-finger problem and is currently unknown. In this paper, we present the first study to evaluate different locking methods for smartwatches. We contribute to the ongoing research trend in authentication for smartwatches with a reference benchmark and interesting insights for future work.
July 14, 2017
Kevin Gallagher, Sameer Patil, Nasir Memon
Proper use of an anonymity system requires adequate understanding of how it functions. Yet, there is surprisingly little research that looks into user understanding and usage of anonymity software. Improper use stemming from a lack of sufficient knowledge of the system has the potential to lead to deanonymization, which may hold severe personal consequences for the user. We report on the understanding and the use of the Tor anonymity system. Via semistructured interviews with 17 individuals (6 experts and 11 non-experts) we found that experts and non-experts view, understand, and use Tor in notably different ways. Moreover, both groups exhibit behavior as well as gaps in understanding that could potentially compromise anonymity. Based on these findings, we provide several suggestions for improving the user experience of Tor to facilitate better user understanding of its operation, threat model, and limitations.