Showing papers by "Charles A. Kamhoua published in 2019"

Exploring the Attack Surface of Blockchain: A Systematic Overview.

Abstract: In this paper, we systematically explore the attack surface of the Blockchain technology, with an emphasis on public Blockchains. Towards this goal, we attribute attack viability in the attack surface to 1) the Blockchain cryptographic constructs, 2) the distributed architecture of the systems using Blockchain, and 3) the Blockchain application context. To each of those contributing factors, we outline several attacks, including selfish mining, the 51% attack, Domain Name System (DNS) attacks, distributed denial-of-service (DDoS) attacks, consensus delay (due to selfish behavior or distributed denial-of-service attacks), Blockchain forks, orphaned and stale blocks, block ingestion, wallet thefts, smart contract attacks, and privacy attacks. We also explore the causal relationships between these attacks to demonstrate how various attack vectors are connected to one another. A secondary contribution of this work is outlining effective defense measures taken by the Blockchain technology or proposed by researchers to mitigate the effects of these attacks and patch associated vulnerabilities

Transfer learning for detecting unknown network attacks

Abstract: Network attacks are serious concerns in today’s increasingly interconnected society. Recent studies have applied conventional machine learning to network attack detection by learning the patterns of the network behaviors and training a classification model. These models usually require large labeled datasets; however, the rapid pace and unpredictability of cyber attacks make this labeling impossible in real time. To address these problems, we proposed utilizing transfer learning for detecting new and unseen attacks by transferring the knowledge of the known attacks. In our previous work, we have proposed a transfer learning-enabled framework and approach, called HeTL, which can find the common latent subspace of two different attacks and learn an optimized representation, which was invariant to attack behaviors’ changes. However, HeTL relied on manual pre-settings of hyper-parameters such as relativeness between the source and target attacks. In this paper, we extended this study by proposing a clustering-enhanced transfer learning approach, called CeHTL, which can automatically find the relation between the new attack and known attack. We evaluated these approaches by stimulating scenarios where the testing dataset contains different attack types or subtypes from the training set. We chose several conventional classification models such as decision trees, random forests, KNN, and other novel transfer learning approaches as strong baselines. Results showed that proposed HeTL and CeHTL improved the performance remarkably. CeHTL performed best, demonstrating the effectiveness of transfer learning in detecting new network attacks.

Countering Selfish Mining in Blockchains

Abstract: Selfish mining is a well known vulnerability in blockchains exploited by miners to steal block rewards. In this paper, we explore a new form of selfish mining attack that guarantees high rewards with low cost. We show the feasibility of this attack facilitated by recent developments in blockchain technology opening new attack avenues. By outlining the limitations of existing countermeasures, we highlight a need for new defense strategies to counter this attack, and leverage key system parameters in blockchain applications to propose an algorithm that enforces fair mining. We use the expected transaction confirmation height and block publishing height to detect selfish mining behavior and develop a network-wide defense mechanism to disincentivize selfish miners. Our design involves a simple modifications to transactions’ data structure in order to obtain a “truth state” used to catch the selfish miners and prevent honest miners from losing block rewards.

Mempool optimization for Defending Against DDoS Attacks in PoW-based Blockchain Systems

Abstract: In this paper, we present a new form of attack that can be carried out on the memory pools (mempools) of blockchain-based cryptocurrencies. Towards that end, we study such an attack on Bitcoin mempool and explore its effects on transactions fee paid by legitimate users. We also propose countermeasures to contain such an attack. Our countermeasures include fee-based and age-based designs, which optimize the mempool size and help in countering the effects of DDoS attacks. We further evaluate our designs by simulations and analyze their usefulness in varying attack conditions. Our analyses can be extended to other blockchain-based applications which use memory pools to cache network activities.

Data Provenance in the Cloud: A Blockchain-Based Approach

Abstract: Ubiquitous adoption of cloud computing and virtualization technology has necessitated the need for strong security mechanisms. Multiple entities are involved in creating, exchanging, and altering data objects in the cloud environment, making it challenging to track malicious activities and security violations. To address these issues, there is a need for a data provenance framework, with which each data object in the federated cloud environment can be tracked and recorded. Although log-based provenance provides the ability to track operations conducted on digital assets, the provenance data are not transparent and immutable. Blockchain technology offers a promising mechanism for building a tamper-proof information system backed by strong cryptographic primitives. In this article, we propose BlockCloud, a blockchain-empowered data provenance architecture for the cloud computing platform. In addition, we present a proof-of-stake (PoS) consensus mechanism for BlockCloud to alleviate the overhead of computational requirements that the traditional proof-of-work (PoW) consensus needs. Finally, we discuss several research challenges and vulnerabilities that need to be addressed to realize BlockCloud.

BlockTrail: A Scalable Multichain Solution for Blockchain-Based Audit Trails

Abstract: Blockchain-based audit trails provide a consensus-driven and tamper-proof trail of system events that are helpful in creating provenance in enterprise solutions However, taking into account the transaction bulk generated by these applications and the throughput limitations of existing blockchains, a single ledger for record keeping can be inefficient and costly To that end, we see an imperative need for a new blockchain design that is capable of addressing current challenges, without compromising security and provenance Hence, we propose BlockTrail, a scalable and efficient blockchain solution for auditing applications BlockTrail fragments the legacy blockchain systems into layers of co-dependent hierarchies, thereby reducing the time and space complexity, and increasing the throughput BlockTrail is prototyped on “Practical Byzantine Fault Tolerance” (PBFT) protocol with a custom-built blockchain Experiments with BlockTrail show that compared to the conventional schemes, BlockTrail is more efficient, and has less storage footprint

Thwarting Security Threats From Malicious FPGA Tools With Novel FPGA-Oriented Moving Target Defense

Abstract: The increasing usage and popularity of the field-programmable gate array (FPGA) systems bring in security concerns. Existing countermeasures are mostly based on the assumption that the computer-aided design (CAD) tools for FPGA configuration are trusted. Unfortunately, this assumption does not always hold. In this paper, we investigate the potential security threats originated from the untrusted CAD tools. Furthermore, we exploit the principle of moving target defense (MTD) to propose an FPGA-oriented MTD (FOMTD) method. The three defense lines in the FOMTD generate uncertainties, from the attacker’s point of view, to thwart hardware Trojan insertion attacks. The theoretical upper bound of the hardware Trojan hit rate for each defense line is provided in this paper. Experimental results show that the proposed defense line 2 and defense line 3 reduce the Trojan hit rate by up to 40% and 91%, respectively, for the scenario where the malicious CAD tool can insert Trojans in the occupied FPGA slices. The proposed gate replacement technique in the defense line 3 further improves the attack resilience and obtains 88% reduction on the Trojan hit rate. Compared to the static redundancy-based Trojan detection method, the proposed method achieves better resilience against Trojan insertions and consumes 50% less dynamic power.

A moving target defense against adversarial machine learning

Abstract: Adversarial Machine Learning has become the latest threat with the ubiquitous presence of machine learning. In this paper we propose a Moving Target Defense approach to defend against adversarial machine learning, i.e., instead of manipulating the machine learning algorithms, we suggest a switching scheme among machine learning algorithms to defend against adversarial attack. We model the problem as a Stackelberg game between the attacker and the defender. We propose a switching strategy which is the Stackelberg equilibrium of the game. We test our method against rational, and boundedly rational attackers. We show that designing a method against a rational attacker is enough in most scenarios. We show that even under very harsh constraints, e.g., no attack-cost, and availability of attacks which can bring down the accuracy to 0, it is possible to achieve reasonable accuracy in the context of classification. This work shows, that in addition to switching among algorithms, one can think of introducing randomness in tuning parameters, and model choices to achieve better defense against adversarial machine learning.

Compact Representation of Value Function in Partially Observable Stochastic Games

Abstract: Value methods for solving stochastic games with partial observability model the uncertainty about states of the game as a probability distribution over possible states. The dimension of this belief space is the number of states. For many practical problems, for example in security, there are exponentially many possible states which causes an insufficient scalability of algorithms for real-world problems. To this end, we propose an abstraction technique that addresses this issue of the curse of dimensionality by projecting high-dimensional beliefs to characteristic vectors of significantly lower dimension (e.g., marginal probabilities). Our two main contributions are (1) novel compact representation of the uncertainty in partially observable stochastic games and (2) novel algorithm based on this compact representation that is based on existing state-of-the-art algorithms for solving stochastic games with partial observability. Experimental evaluation confirms that the new algorithm over the compact representation dramatically increases the scalability compared to the state of the art.

A game-theoretic framework for dynamic cyber deception in internet of battlefield things

Abstract: Cyber deception techniques are crucial to protect networks in battlefield settings and combat malicious cyber attacks. Cyber deception can effectively disrupt the surveillance process outcome of an adversary. In this paper, we propose a novel approach for cyber deception to protect important nodes and trap the adversary. We present a sequential approach of honeypot placement to defend and protect the network vital nodes. We formulate a stochastic game to study the dynamic interactions between the network administrator and the attacker. The defender makes strategic decisions about where to place honeypots to introduce new vulnerabilities to the network. The attacker's goal is to develop an attack strategy to compromise the nodes of the network by exploiting a set of known vulnerabilities. To consider a practical threat model, we assume that the attacker can only observe a noisy version of the network state. To this end, both players solve a partially observable stochastic game (POSG). Finally, we present a discussion on existing techniques to solve the formulated game and possible approaches to reduce the game complexity as part of our ongoing and future research.

Towards Secure Software-Defined Networking Integrated Cyber-Physical Systems: Attacks and Countermeasures

Abstract: Cyber-physical system (CPS) refers to the next generation of an engineered system that requires tight integration of cyber world and the man-made physical world to achieve stability, security, reliability, robustness, and efficiency in the system. Emerging software-defined networking (SDN) can be integrated as the communication infrastructure with the critical physical infrastructure like smart power grid to accomplish such a system. This Chapter gives an overview of SDN, smart grid and SDN-based smart grid. SDN can provide security against various types of attacks by providing consistent access control, applying efficient and effective security policies, and managing and controlling the network through the use of a centralized SDN controller. Thus, it has security advantages due to its design nature. However, SDN does suffer from security shortcomings too as all the layers in SDN architecture are vulnerable to attacks. In the line of this, the chapter discusses various types of attacks related to SDN architecture and their countermeasures. It also demonstrates the applicability of SDN to provide security in smart grids. Finally, the Chapter categorizes different types of attacks and their countermeasures related to SDN based smart grids.

Identifying Stealthy Attackers in a Game Theoretic Framework Using Deception

Abstract: A great deal of effort is devoted to detecting the presence of cyber attacks, so that defenders can respond to protect the network and mitigate the damage of the attack. Going beyond detection, identifying in as much detail as possible what specific type of attacker the defender is facing (e.g., what their goals, capabilities, and tactics are) can lead to even better defensive strategies and may be able to help with eventual attribution of attacks. However, attackers may wish to avoid both detection and identification, blending in or appearing to be a different type of attacker. We present a game-theoretic approach for optimizing defensive deception actions (e.g., honeypots) with the specific goal of identifying specific attackers as early as possible in an attack. We present case studies showing how this approach works, and initial simulation results from a general model that captures this problem.

Online Cyber Deception System Using Partially Observable Monte-Carlo Planning Framework

Abstract: Cyber deception is an approach where the network administrators can deploy a network of decoy assets with the aim to expend adversaries’ resources and time and gather information about the adversaries’ strategies, tactics, capabilities, and intent. The key challenge in this cyber deception approach is the design and placement of network decoys to ensure maximal information uncertainty for the attackers. State-of-the-art approaches to address this design and placement problem assume a static environment and apriori strategies taken by the attacker. In this paper, we propose the design and placement of network decoys considering scenarios where defender’s action influence an attacker to change its strategies and tactics dynamically while maintaining the trade-off between availability and security. The defender maintains a belief consisting of security state and the resultant actions are modeled as Partially Observable Markov Decision Process (POMDP). Our simulation results illustrate the defender’s increasing ability to influence the attacker’s attack path to comprise of fake nodes and networks.

Radio frequency classification toolbox for drone detection

Abstract: There is a need for Radio Frequency Signal Classification (RF-Class) toolbox which can monitor, detect, and classify wireless signals. Rapid developments in the unmanned aerial systems (UAS) have made its usage in a variety of offensive as well as defensive applications especially in military, high priority and sensitive government sites. The ability to accurately classify over-the-air radio signals will provide insights into spectrum utilization, device fingerprinting and protocol identification. These insights can help the Warfighter to constantly be informed about adversarys transmitters capabilities without their knowledge. Recently, few researches have proposed feature-based machine learning techniques to classify RF signals. However, these researches are mostly evaluated on simulated environments, less accurate, and failed to explore advance machine learning techniques. In this research, we proposed a feature-engineering based signal classification (RF-class) toolbox which implements RF signal detection, Cyclostationary Features Extraction and Feature engineering, Automatic Modulation Recognition to automatically recognize modulation as well as sub-modulation types of the received signal. To demonstrate the feasibility and accuracy of our approach, we have evaluated the performance on a real environment with an UAS (Drone DJI Phantom 4). Our initial experimental result showed that we were able to detect presence of drone signal successfully when power on and transmitting. And further experiments are under progress.

Compact Representation of Value Function in Partially Observable Stochastic Games

Abstract: Value methods for solving stochastic games with partial observability model the uncertainty about states of the game as a probability distribution over possible states. The dimension of this belief space is the number of states. For many practical problems, for example in security, there are exponentially many possible states which causes an insufficient scalability of algorithms for real-world problems. To this end, we propose an abstraction technique that addresses this issue of the curse of dimensionality by projecting high-dimensional beliefs to characteristic vectors of significantly lower dimension (e.g., marginal probabilities). Our two main contributions are (1) novel compact representation of the uncertainty in partially observable stochastic games and (2) novel algorithm based on this compact representation that is based on existing state-of-the-art algorithms for solving stochastic games with partial observability. Experimental evaluation confirms that the new algorithm over the compact representation dramatically increases the scalability compared to the state of the art.

An Effective Approach to Classify Abnormal Network Traffic Activities using Wavelet Transform

Abstract: Understanding network activities has become the most significant task in network security due to the rapid growth of the Internet and mobile devices usages. To protect our computing infrastructures and personal data from network intruders or attacks, identifying abnormal activities is critical. Extracting features from network traffic data is considered as an essential task to be performed because it affects the overall performances to identify the activities accurately. Although researchers proposed several approaches, they mainly focused on identifying the best possible technique to detect abnormal network activities. Only a few studies considered utilizing feature extraction techniques. In this paper, we introduced a new approach, with which an integrative information feature set is determined to identify abnormal network activities using wavelet transformation. Instead of extracting features by attributes, the approach uses all attributes information to extract features and to design a reliable learning model to detect abnormal activities by reducing false positives. Two machine learning techniques, Logistic Regression (LR) and Naive Bayes, are utilized to show the effectiveness of the approach. A visualization method is also used to emphasize our approach. As a result, we found that our proposed approach produces a better performance result with less computational time in detecting abnormal network activities.

Secure Wireless Communications for Vehicle-to-Everything

Abstract: The four articles in this special section focus on secure wireless networks for vehicle-to-everything communications. Intelligent transportation systems (ITS) will support more efficient vehicular traffic flow, increased vehicular and pedestrian safety, and, eventually, autonomous driving. Wireless communications is fundamental for enabling ITS, and recent advances in communications technology and systems support establishing reliable wireless links and networks among cars, cars and pedestrians, and cars and fixed infrastructure. The success of ITS will be measured in terms of how well it can scale to the ever-increasing mobility application scenarios and harsh environmental conditions. Research and development is ongoing to make vehicle-to-everything (V2X) systems more reliable and more secure for providing safety-critical applications. This Feature Topic brings together researchers and practitioners in V2X security to share their latest research contributions and expert insights.

A Game Theoretic Approach for Making IoT Device Connectivity Decisions During Malware Outbreak

Abstract: The paradigm of Internet of Things (IoT) aims to connect all the devices into a network. However, most IoT devices don’t have appropriate security protection, which allows cyber criminals to infect them through the network with malware and exploit them to launch attacks such as DDoS attacks or information stealing. Many proposed countermeasures, such as authentication enhancement and software update, are not practical d be to the constraints of IoT devices, malware’s fast spreading speed, and manufacturer laziness. One viable approach is to temporarily disconnect IoT devices to protect them from exploitation and to prevent infected ones from infecting more devices. However, in an IoT network, some devices may have significant responsibilities, for example serving as gateway to the Internet or in charge of critical monitoring or control tasks, and it may be beneficial to defer their disconnection. In this paper, we aim to apply game theory to formulate the problem of making decisions on the connectivity of IoT devices during malware outbreak as a repeated game, which allows individual IoT devices to make connectivity decision over time. We consider possible strategies that IoT devices can apply when calculating their payoff function, use numeric simulations to evaluate our game theoretic models, and derive several insights that can serve as guidelines for IoT network managers to configure the best connection/disconnection strategy for their IoT devices.

Behavioral Cyber Deception: A Game and Prospect Theoretic Approach

Abstract: This paper aims to characterize deception based attack-defense strategies when a system and an attacker is behavioral in nature under strategic considerations. The paper uses Prospect Theory to model the behavioral nature of the system and the attacker, and Game Theory to model the strategic interactions between them. The paper first considers the availability of multiple computing devices that can be used to deceive a behavioral attacker into attacking a device being unused by a behavioral system and characterizes the Nash Equilibrium (NE) based attack-defense strategy in such a scenario under cost considerations. The paper then considers the problem of protecting a target device that is accessible via a tree network and proposes the idea of deceptive routing to mislead a behavioral attacker towards a fake target present in the network. The NE based attack-defense strategies in the context of the proposed deceptive routing technique is also characterized. Numerical results provide insights into the strategic deception techniques presented in this paper.

Security engineering with machine learning for adversarial resiliency in cyber physical systems

Abstract: Recent technological advances provide the opportunities to bridge the physical world with cyber-space that leads to complex and multi-domain cyber physical systems (CPS) where physical systems are monitored and controlled using numerous smart sensors and cyber space to respond in real-time based on their operating environment. However, the rapid adoption of smart, adaptive and remotely accessible connected devices in CPS makes the cyberspace more complex and diverse as well as more vulnerable to multitude of cyber-attacks and adversaries. In this paper, we aim to design, develop and evaluate a distributed machine learning algorithm for adversarial resiliency where developed algorithm is expected to provide security in adversarial environment for critical mobile CPS.

Dual Redundant Cyber-Attack Tolerant Control Systems Strategy for Cyber-Physical Systems

Abstract: In this paper, a cyber-attack tolerant control strategy for embedded controllers in a cyber-physical system is presented A dual redundant control architecture that combines two identical controllers that are switched periodically between active and restart modes is proposed The strategy is addressed to mitigate the impact due to corruption of the controller software by an adversary We analyze the impact of the resetting and restarting the controller software and performance of switching process The minimum requirements in the control design, for effective mitigation of cyber-attacks to the control software, that implies a “fast” switching period is provided The simulation results demonstrate the effectiveness of the proposed strategy when the time to fully reset and restart the controller is faster than the time taken by adversary to compromise the controller The results also provide insights into the stability and safety regions and the factors that determine the effectiveness of the proposed strategy

Fast Approximate Score Computation on Large-Scale Distributed Data for Learning Multinomial Bayesian Networks

Abstract: In this article, we focus on the problem of learning a Bayesian network over distributed data stored in a commodity cluster. Specifically, we address the challenge of computing the scoring function over distributed data in an efficient and scalable manner, which is a fundamental task during learning. While exact score computation can be done using the MapReduce-style computation, our goal is to compute approximate scores much faster with probabilistic error bounds and in a scalable manner. We propose a novel approach, which is designed to achieve the following: (a) decentralized score computation using the principle of gossiping; (b) lower resource consumption via a probabilistic approach for maintaining scores using the properties of a Markov chain; and (c) effective distribution of tasks during score computation (on large datasets) by synergistically combining well-known hashing techniques. We conduct theoretical analysis of our approach in terms of convergence speed of the statistics required for score computation, and memory and network bandwidth consumption. We also discuss how our approach is capable of efficiently recomputing scores when new data are available. We conducted a comprehensive evaluation of our approach and compared with the MapReduce-style computation using datasets of different characteristics on a 16-node cluster. When the MapReduce-style computation provided exact statistics for score computation, it was nearly 10 times slower than our approach. Although it ran faster on randomly sampled datasets than on the entire datasets, it performed worse than our approach in terms of accuracy. Our approach achieved high accuracy (below 6% average relative error) in estimating the statistics for approximate score computation on all the tested datasets. In conclusion, it provides a feasible tradeoff between computation time and accuracy for fast approximate score computation on large-scale distributed data.

Learning and Planning in Feature Deception Games.

Abstract: Today's high-stakes adversarial interactions feature attackers who constantly breach the ever-improving security measures. Deception mitigates the defender's loss by misleading the attacker to make suboptimal decisions. In order to formally reason about deception, we introduce the feature deception game (FDG), a domain-independent game-theoretic model and present a learning and planning framework. We make the following contributions. (1) We show that we can uniformly learn the adversary's preferences using data from a modest number of deception strategies. (2) We propose an approximation algorithm for finding the optimal deception strategy and show that the problem is NP-hard. (3) We perform extensive experiments to empirically validate our methods and results.

Cyber Deception in the Internet of Battlefield Things: Techniques, Instances, and Assessments

Abstract: The Internet of Battlefield Things (IoBT) is an emerging application to improve operational effectiveness for military applications. The security of IoBT is one of the more challenging aspects, where adversaries can exploit vulnerabilities in IoBT software and deployment conditions to gain insight into their state. In this work, we look into the security of IoBT from the lens of cyber deception. First, we formulate the IoBT domain as a graph learning problem from an adversarial point of view and introduce various tools through which an adversary can learn the graph starting with partial prior knowledge. Second, we use this model to show that an adversary can learn high-level information from low-level graph structures, including the number of soldiers and their proximity. For that, we use a powerful n-gram based algorithm to obtain features from random walks on the underlying graph representation of IoBT. Third, we provide microscopic and macroscopic approaches that manipulate the underlying IoBT graph structure to introduce uncertainty in the adversary’s learning. Finally, we show our approach’s effectiveness through analyses and evaluations.