Laurent Njilla

ProvChain: A Blockchain-based Data Provenance Architecture in Cloud Environment with Enhanced Privacy and Availability

Cloud data provenance is metadata that records the history of the creation and operations performed on a cloud data object. Secure data provenance is crucial for data accountability, forensics and privacy. In this paper, we propose a decentralized and trusted cloud data provenance architecture using blockchain technology. Blockchain-based data provenance can provide tamper-proof records, enable the transparency of data accountability in the cloud, and help to enhance the privacy and availability of the provenance data. We make use of the cloud storage scenario and choose the cloud file as a data unit to detect user operations for collecting provenance data. We design and implement ProvChain, an architecture to collect and verify cloud data provenance, by embedding the provenance data into blockchain transactions. ProvChain operates mainly in three phases: (1) provenance data collection, (2) provenance data storage, and (3) provenance data validation. Results from performance evaluation demonstrate that ProvChain provides security features including tamper-proof provenance, user privacy and reliability with low overhead for the cloud storage applications.

Three Layer Game Theoretic Decision Framework for Cyber-Investment and Cyber-Insurance

Cyber-threat landscape has become highly complex, due to which isolated attempts to understand, detect, and resolve cybersecurity issues are not feasible in making a time constrained decisions. Introduction of cyber-threat information (CTI) sharing has potential to handle this issue to some extent, where knowledge about security incidents is gathered, exchanged across organizations for deriving useful information regarding the threat actors and vulnerabilities. Although, sharing security information could allow organizations to make informed decision, it may not completely eliminate the risks. Therefore, organizations are also inclined toward considering cyber-insurance for transferring risks to the insurers. Also, in networked environment, adversaries may exploit the information sharing to successfully breach the participating organizations. In this paper, we consider these players, i.e. organizations, adversary, and insure, to model a three layer game, where players play sequentially to find out their optimal strategies. Organizations determine their optimal self-defense investment to make while participating in CTI sharing and cyber-insurance. The adversary looks for an optimal attack rate while the insurer targets to maximize its profit by offering suitable coverage level to the organizations. Using backward induction approach, we conduct subgame perfect equilibrium analysis to find optimal strategies for the involved players. We observe that when cyber-insurance is not considered, attacker prefers to increase its rate of attack. This motivates the organizations to consider cyber-insurance option for transferring the risks on their critical assets.

Translating circuit behavior manifestations of hardware Trojans using model checkers into run-time Trojan detection monitors

It is a consensus among the researchers, although not proven, that it is close to impossible to guarantee completely secure hardware design. Therefore, it is desired to have run-time hardware Trojan detection techniques. This paper is toward developing a framework of how to achieve run-time hardware Trojan detection units. Although it is difficult to predict the stage of circuit design at which hardware intruder would insert Trojan as well as the hardware Trojan detection methodology that should be applied, behavior patterns of certain design units in the hardware can indicate malicious activities in the design. We propose to translate such behavior patterns using formal verification approaches to establish run-time hardware Trojan detection technique leading which can improve the resiliency of hardware designs against hardware Trojan. We examine the possibility of malicious intrusions in both combinational and sequential circuits that may result in functional incorrectness, and applied our methodology in two example circuits.

Methods to Detect Cyberthreats on Twitter

Twitter is a microblogging service where users can post short messages and communicate with millions of users instantaneously. Twitter has been used for marketing, political campaigns, and during catastrophic events. Unfortunately, Twitter has been exploited by spammers and cybercriminals to post spam, spread malware, and launch different kinds of cyberattacks. The ease of following another user on Twitter, the posting of shortened URLs in tweets, the use of trending hashtags in tweets, and so on, have made innocent users the victims of various cyberattacks. This chapter reviews recent methods to detect spam, spammers, cybercus content, and suspicious users on Twitter. It also presents a unified framework for modeling hreats on Twitter are discussed, specifically in the context of big data and adversarial machine learning.

A Markov Game Theoritic Approach for Power Grid Security

The extensive use of information and communication technologies in power grid systems make them vulnerable to cyber-attacks. One class of cyber-attack is advanced persistent threats where highly skilled attackers can steal user authentication informations and then move laterally in the network, from host to host in a hidden manner, until they reach an attractive target. Once the presence of the attacker has been detected in the network, appropriate actions should be taken quickly to prevent the attacker going deeper. This paper presents a game theoretic approach to optimize the defense against an invader attempting to use a set of known vulnerabilities to reach critical nodes in the network. First, the network is modeled as a vulnerability multi-graph where the nodes represent physical hosts and edges the vulnerabilities that the attacker can exploit to move laterally from one host to another. Secondly, a two-player zero-sum Markov game is built where the states of the game represent the nodes of the vulnerability multi-graph graph and transitions correspond to the edge vulnerabilities that the attacker can exploit. The solution of the game gives the optimal strategy to disconnect vulnerable services and thus slow down the attack.

A game theoretic approach for inspecting web-based malvertising

Web-based advertising system has become a convenient and efficient channel for advertisers to deliver ads to targeted Internet users. Unfortunately, this system has been exploited by cybercriminals to disseminate malware to an enormous number of end-users and their vulnerable machines. To protect their malicious ads and malware from detection by the ad network, malvertisers apply a variety of evasion techniques such as fingerprinting the execution environment, redirecting to compromised IP addresses, and malware polymorphism. On the other hand, the ad network can also apply inspection techniques to spoil the malvertisers tricks and expose the malware. However, both the malvertiser and the ad network are under the constraints of resource and time. In this paper, we aim to apply game theory to formulate the problem of inspecting the malware inserted by the malvertisers into the Web-based advertising system. We design a normal form game between the malvertiser and the ad network, define their strategies and payoff functions, and compute their pure-strategy and mixed-strategy Nash equilibria. We use numeric simulation to evaluate our game theoretic models, and derive several insights from the results that can serve as guidelines for the ad network to decide its best inspection strategy.1

Rethinking information sharing for threat intelligence

In the past decade, the information security and threat landscape has grown significantly making it difficult for a single defender to defend against all attacks at the same time. This called for introducing information sharing, a paradigm in which threat indicators are shared in a community of trust to facilitate defenses. Standards for representation, exchange, and consumption of indicators are proposed in the literature, although various issues are undermined. In this paper, we take the position of rethinking information sharing for actionable intelligence, by highlighting various issues that deserve further exploration. We argue that information sharing can benefit from well-defined use models, threat models, well-understood risk by measurement and robust scoring, well-understood and preserved privacy and quality of indicators and robust mechanism to avoid free riding behavior of selfish agents. We call for using the differential nature of data and community structures for optimizing sharing designs and structures.

Monitoring colluding behavior in MANETs using game theory

Prevalent concerns with dynamic networks typically involve security. Especially with resource constraints in dynamic networks such as mobile ad-hoc networks (MANETs), security needs to be of particular consideration. This is part of the implementation used in IEEE Syscon2016 [1]. In this demo paper, we present the solution concept involved in tracking collusion behavior in MANETs, by considering the possibility of having some group of nodes exhibiting malicious behavior and colluding to subvert the MANET. In a MANET, the availability of having data packets forwarded may be insubstantial due to the presence of selfish nodes. Nodes may not want to participate in the network to preserve their own resources. We model a packet-forwarding problem with a negotiation game, where an arbitrator acts as a cluster head and initiates a bargaining game. We simulate the effect of the coalition of malicious nodes in a mobile environment.

Preventing Colluding Identity Clone Attacks in Online Social Networks

Nowadays, Online Social Networks (OSNs) has become one of the most common ways among people to facilitate communication. This has made it a target for attackers to steal information from influential users and has brought new forms of customized attacks for OSNs. Attackers take advantage of the users trustworthiness when using OSN. This exploitation leads to attacks with a combination of both classical and modern threats. Specifically, colluding attackers have been taken advantage of many OSNs by creating fake profiles of friends of the target in the same OSN or others. Colluders impersonate their victims and ask friend requests to the target in the aim to infiltrate her private circle to steal information. These types of attacks are difficult to detect in OSNs because multiple malicious users may have a similar purpose to gain information from their targeted user. The purpose of this paper is to overcome this type of attack by addressing the problem of matching user profiles across multiple OSNs. Then, we will extract both features and text from a users profile and build a classifier based on supervised learning techniques. Simulation and experimental results are provided to validate the accuracy of our findings.

Majority is Not Always Supreme: Less Can Be More When Voting with Compromised Nodes

We consider binary voting in a replica voting setup with a small number of redundant components. Seeking to understand the implications of corrupted components on voting schemes, we consider a simplified setup where one node is highly compromised and the remaining nodes are functionally homogenous. We show that if the homogenous nodes are slightly better than average at voting correctly and the highly compromised node is sufficiently bad, a random dictator leads to a better outcome than a majority vote.