Leonard J. Popyack

SVD-Based Approach to Transparent Embedding Data into Digital Images

A new approach to transparent embedding of data into digital images is proposed. It provides a high rate of the embedded data and is robust to common and some intentional distortions. The developed technique employs properties of the singular value decomposition (SVD) of a digital image. According to these properties each singular value (SV) specifies the luminance of the SVD image layer, whereas the respective pair of singular vectors specifies image geometry. Therefore slight variations of SVs cannot affect the visual perception of the cover image. The proposed approach is based on embedding a bit of data through slight modifications of SVs of a small block of the segmented covers. The approach is robust because it supposes to embed extra data into low bands of covers in a distributed way. The size of small blocks is used as an attribute to achieve a tradeoff between the embedded data rate and robustness. An advantage of the approach is that it is blind. Simulation has proved its robustness to JPEG up to 40%. The approach can be used both for hidden communication and watermarking.

Information Assurance in Computer Networks

The paper describes the design of a genetic classifier-based intrusion detection system, which can provide active detection and automated responses during intrusions. It is designed to be a sense and response system that can monitor various activities on the network (i.e. looks for changes such as malfunctions, faults, abnormalities, misuse, deviations, intrusions, etc.). In particular, it simultaneously monitors networked computer’s activities at different levels (such as user level, system level, process level and packet level) and use a genetic classifier system in order to determine a specific action in case of any security violation. The objective is to find correlation among the deviated values (from normal) of monitored parameters to determine the type of intrusion and to generate an action accordingly. We performed some experiments to evolve set of decision rules based on the significance of monitored parameters in Unix environment, and tested for validation.

A group testing method for finding patterns in data

The screening of data sets is essential to modern technology. The use of classical group testing to isolate objects that are individually positive has become the standard experimental procedure in many applied settings. Work is just beginning in applying group testing techniques to the identification of subsets of objects that are collectively positive. This paper addresses the development of probabilistic group testing methods that lead to the identification of positive combinations of objects with specific applications to data mining.

Agent-Based Model of Computer Network Security System: A Case Study

The paper considers a multi-agent model of a computer networks security system, which is composed of particular autonomous knowledge-based agents, distributed over the hosts of the computer network to be protected and cooperating to make integrated consistent decisions. The paper is focused on an architecture, implementation and simulation of a case study aiming at exploration distinctions and potential advantages of using such an architecture for the computer network protection. The paper describes the conceptual model and architecture of the particular specialized agents and the system on a whole as well as implementation technology. Simulation scenario, input traffic model and peculiarities of the distributed security system operation are described. The major attention is paid to the intrusion detection task and agents interactions during detection of an attack against the computer network. The advantages of the proposed model of a computer networks security system are discussed.

BASIS: A Biological Approach to System Information Security

Advanced information security systems (ISS) play an ever-increasing role in the information assurance in global computer networks. Dependability of ISS is being achieved by the enormous amount of data processing that adversely affects the overall network performance. Modern ISS architecture is viewed as a multi-agent system comprising a number of semi-autonomous software agents designated to prevent particular kinds of threats and suppress specific types of attacks without burdening the network. The high efficiency of such a system is achieved by establishing the principles of successful individual and cooperative operation of particular agents. Such principles, evolved during evolution, are known to be implemented in biological immune systems. The aim of this paper is the exploration of the basic principles that govern an immune system and the potential implementation of these principles in a multi-agent ISS of a heterogeneous computer network.

Ontology-Based Multi-Agent Model of an Information Security System

The paper is focused on a distributed agent-based information security system of a computer network. A multi-agent model of an information security system is proposed. It is based on the established ontology of the information security system domain. Ontology is used as a means of structuring distributed knowledge, utilized by the information security system, as the common ground of interacting agents as well as for the agent behavior coordination.

Active response technology

Information dominance, the superior ability to perceive, correctly interpret, and rapidly respond, is a central strategic goal for the United States at the dawn of the information age. To achieve information dominance, it is necessary to control the global information lattice through comprehensive strategic mechanisms supported by National Policy. To maintain control requires technologies to measure, analyze, prevent, predict and respond to information warfare in a manner that is commensurate with the evolving scale of threat. Unfortunately, little of the research conducted over the last 25 years has focused on response. As nations around the world grow increasingly sophisticated technologically, and become interconnected in the global information lattice, there is now a need to consider a methodical scientific exploration of response technologies. This exploration is intended to exercise and improve defensive capabilities, expand and improve offensive capabilities, and examine the relationship between defense and active response.

Key Distribution Protocol Based on Noisy Channel and Error Detecting Codes

Secret key agreement based on noisy channel connecting parties and on public discussion has been considered in [1-4] for asymptotic case. Extension of the information-theoretically secure key sharing concept to non- asymptotic case was given in [5]. In the last paper several channel transform protocols (corresponding to different algorithms of public discussion) were presented. Unfortunately the efficiency of these protocols was very low in comparison with asymptotic key capacity found in [1]. The reason of this was that these protocols do not use a redundancy efficiently. One of the considered protocols (the so-called advantage to the main channel primitive) exploits a repetition of binary symbols only. It may be much better to use linear error detecting codes, that is just a subject of consideration in the current paper. We regain the main formulas to compute Renyi entropy which is necessary to bound the information about the final key leaking to an eavesdropper after execution of such modificated protocol. The use of this protocol causes an increase in the key-rate by several times, that is very important in practical implementations of key sharing procedures.