Sponsored by the Rutgers Center for Information Assurance, CEISARE, Center of Excellence in Information Systems Assurance Research and Education, the University of Buffalo and DIMACS.
Title: A Utility-Aware and Holistic Approach for Privacy Preserving Distributed Mining with Worst Case Privacy Guarantee
Organizations often want to predict some attribute values collaboratively. However, they are often unwilling or not allowed to directly share their private data. Thus there is great need for distributed privacy preserving techniques. There exists a rich body of work based on Secure Multi-Party Computation techniques. However, most such techniques are tied to a specific mining algorithm and users have to run a different protocol for each mining algorithm. A holistic approach was proposed in which all parties first use a SMC protocol to generate a synthetic data set and then share this data for different mining algorithms. However, this approach has two major drawbacks: 1) it provides no worst case privacy guarantee, 2) parties involved in the mining process often know what attribute to predict, but the holistic approach does not take this into account. In this paper, we propose a method that addresses these shortcomings. Experimental results demonstrate the benefits of the proposed solution.
Title: An Evaluation of Privacy, Risks and Utility with Provenance
The web provides an open environment, where anyone can assert anything and publish it; therefore, it is important for users to be aware of the data quality in order to use the data appropriately. Many published databases are in fact legitimate and contain sensitive information that should not be disclosed to unauthorized users. To decide which databases have high quality data, we could use provenance information to accompany the information retrieved. Releasing provenance data, however, could have important privacy consequences. Therefore, we need to be careful in choosing what kind of provenance information to reveal. In our work, we propose a Semantic Web based inferencing framework that provides a risk-based approach to decide what kind of provenance information to release.
Title: Evaluation of Effectiveness of Cybersecurity Intervention Programs for Older Adults
This paper demonstrates the process through which security and privacy researchers have to go through to arrive at a questionnaire design for the evaluation of intervention programs. The choice of intervention for this study is a Cybersecurity Workshop and the audience chosen is the senior population (aged 55 and above). The purpose of the evaluation technique and instrument proposed here is to measure the effectiveness of the workshop on the awareness about and perceptions towards various aspects of Cybersecurity and the Internet in general among the senior population.
Title: Surviving in Cyberspace
In General T. Michael Moseley's CSAF White Paper, "The Nation's Guardians: America's 21st Century Air Force," (http://www.af.mil/shared/media/document/AFD-080207-048.pdf) he states that the Air Force's mission is to "deliver sovereign options for the defense of the United States of America and its global interests - to fly and fight in Air, Space, and Cyberspace." This talk purports to augment the last phrase by adding another capability within the cyberspace domain: to fly and fight and fight through. Here, fight-through carries the connotation of mission continuance even when damage is inflicted upon Air Force cyber assets, so the notion of fight-through stands upon the ability to sustain damage yet survive - a property referred to as survivability.
Approved for Public Release; Distribution Unlimited: 88ABW-2010-0811 date 24 Feb 10.
Title: Informed Route Selection in Ad-Hoc Wireless Networks Based on Trust and Behavior
We consider an environment-aware trust-based route selection framework for MWNs (Multi-hop Wireless Networks) that makes informed route-selection decisions by considering parameters such as network and link conditions. A malicious node that purports congestion affects route selection decisions and hampers network performance. Current trust models do not explicitly determine the reason for a node's misbehavior as either environmental factors or selfish motive and this discrimination is not used in trust updates. We show that this distinction is important to preclude the malicious node from participating in future route formations and also to ensure that honest nodes are not unduly penalized. The proposed scheme uses polling, supportive of Byzantine robustness, and node behavior analysis mechanisms to make the above distinction. NS2 simulation demonstrates throughput improvement over conventional multipath protocols under congestion, malicious nodes and route unreliability scenarios.
Title: Identifying Critical Data in Databases to Promote Improved Information Security: Experimental Results
In this work, we propose a solution that enables the automatic identification of critical data based upon usage characteristics and data dependency relationships. This automatic identification is necessary as modern, globally distributed systems contain a constantly shifting and growing agglomeration of data that may not be readily identifiable by non-experts as critical or not. By identifying the critical data automatically, security engineers can better focus their limited efforts and abilities on those items in the systems that are deemed to be mission critical for the operation of the organization. We present our algorithm and show several experimental results that validate our work. While little work has been done in the field of automatic identification of critical data, our results have shown that our method is quite effective at identifying critical data automatically with little input from expert users.
Title: Optimal Resource Allocation to Improve Distributed System Reliability
The failure of systems which provide essential services to our society will result in catastrophic consequences. Reliability has become a key requirement for such systems. This paper discusses the attacker-defender problem and analyzes how to allocate resources to maximize system reliability. In our model, the defender seeks to maintain maximum system reliability for a given period of time, and does so by distributing defensive resources according to these schemes: component protection enhancement, creation of redundant components, and camouflaged components deployment. We assume that the attacker cannot tell the difference between genuine components (including redundant components) and camouflaged components, so the attacker's only option is to randomly attack the system components. This paper formulates this attacker-defender problem through mathematical methods, and presents an algorithm to find the optimal resource allocation.
Title: Strategic Policies for Cyberdeterrence: A Game-Theoretic Framework
Cyberattacks have evolved and become more potent in their ability to exploit security vulnerabilities and to attack critical infrastructure. Large corporations are faced with decisions about the amount and type of investment to undertake in cybersecurity. We model security as a game between corporations and attackers in which corporations strategically decide on the amount and type of investment they undertake, and analyze the equilibrium outcomes in this game.
Our results show that in a game with pure defensive capabilities, there are parameters with "pooling'' equilibria where no one undertakes investment and attack is not deterred, as well as "separating'' equilibria where some firms undertake investment and deter attacks. In a game in which corporations have offensive capabilities, a third type of equilibrium where everyone invests and all attacks are completely deterred also emerges. We also explore the consequences of a declaratory policy, where firms are strategic about their announced policies. Joint work with Mangesh Gupte, Aaron Jaggard, Richard McLean, and S. Raj Rajagopalan.