Youki Kadobayashi

Zoned federation of game servers: a peer-to-peer approach to scalable multi-player online games

Todays Multi-player Online Games (MOGs) are challenged by infrastructure requirements, because of their server-centric nature. Peer-to-peer networks are an interesting alternative, if they can implement the set of functions that are traditionally performed by centralized authoritative servers. In this paper, we propose a zoned federation model to adapt MOG to peer-to-peer networks. In this model, zoning layer is inserted between the game program and peer-to-peer networks. We introduce the concept of zone and zone owner to MOG. Zone is some part of the whole game world, and zone owner is an authoritative server of a specific zone. According to the demands of the game program, each node actively changes its role to zone owner and works in the same way as a centralized authoritative server. By dividing the whole game world into several zones, workloads of the centralized authoritative game server can be distributed to a federation of nodes. We have implemented the zoned federation model, and evaluate it with a prototypical multi-player game. Evaluation results indicate that our proposed approach is applicable to small and medium-sized MOGs, where the number of nodes is less than 500.

A proposal and implementation of automatic detection/collection system for cross-site scripting vulnerability

Cross-site scripting (XSS) attacks target Web sites with cookie-based session management, resulting in the leakage of privacy information. Although several server-side countermeasures for XSS attacks do exist, such techniques have not been applied in a universal manner, because of their deployment overhead and the poor understanding of XSS problems. This paper proposes a client-side system that automatically detects XSS vulnerability by manipulating either request or server response. The system also shares the indication of vulnerability via a central repository. The purpose of the proposed system is twofold: to protect users from XSS attacks, and to warn the Web servers with XSS vulnerabilities.

Exploring attack graph for cost-benefit security hardening: A probabilistic approach

The increasing complexity of todays computer systems, together with the rapid emergence of novel vulnerabilities, make security hardening a formidable challenge for security administrators. Although a large variety of tools and techniques are available for vulnerability analysis, the majority work at system or network level without explicit association with human and organizational factors. This article presents a middleware approach to bridge the gap between system-level vulnerabilities and organization-level security metrics, ultimately contributing to cost-benefit security hardening. In particular, our approach systematically integrates attack graph, a commonly used effective approach to representing and analyzing network vulnerabilities, and Hidden Markov Model (HMM) together, for exploring the probabilistic relation between system observations and states. More specifically, we modify and apply dependency attack graph to represent network assets and vulnerabilities (observations), which are then fed to HMM for estimating attack states, whereas their transitions are driven by a set of predefined cost factors associated with potential attacks and countermeasures. A heuristic searching algorithm is employed to automatically infer the optimal security hardening through cost-benefit analysis. We use a synthetic network scenario to illustrate our approach and evaluate its performance through a set of simulations.

Ontological approach toward cybersecurity in cloud computing

Widespread deployment of the Internet enabled building of an emerging IT delivery model, i.e., cloud computing. Albeit cloud computing-based services have rapidly developed, their security aspects are still at the initial stage of development. In order to preserve cybersecurity in cloud computing, cybersecurity information that will be exchanged within it needs to be identified and discussed. For this purpose, we propose an ontological approach to cybersecurity in cloud computing. We build an ontology for cybersecurity operational information based on actual cybersecurity operations mainly focused on non-cloud computing. In order to discuss necessary cybersecurity information in cloud computing, we apply the ontology to cloud computing. Through the discussion, we identify essential changes in cloud computing such as data-asset decoupling and clarify the cybersecurity information required by the changes such as data provenance and resource dependency information.

Path selection using active measurement in multi-homed wireless networks

The mobile Internet is built upon a number of different wireless access networks with widely varying features in terms of coverage area, bandwidth, packet loss, and delay. To move across these different networks smoothly, issues associated with the changing features need to be addressed. In this paper, a path selection method for the coverage overlap area is proposed in which the mobile host actively measures the round trip time (RTT) and bottleneck bandwidth for each path and a path is selected based on four rules.

An evaluation of machine learning-based methods for detection of phishing sites

In this paper, we present the performance of machine learning-based methods for detection of phishing sites. We employ 9 machine learning techniques including AdaBoost, Bagging, Support Vector Machines, Classification and Regression Trees, Logistic Regression, Random Forests, Neural Networks, Naive Bayes, and Bayesian Additive Regression Trees. We let these machine learning techniques combine heuristics, and also let machine learning-based detection methods distinguish phishing sites from others. We analyze our dataset, which is composed of 1,500 phishing sites and 1,500 legitimate sites, classify them using the machine learning-based detection methods, and measure the performance. In our evaluation, we used f1 measure, error rate, and Area Under the ROC Curve (AUC) as performance metrics along with our requirements for detection methods. The highest f1 measure is 0.8581, the lowest error rate is 14.15%, and the highest AUC is 0.9342, all of which are observed in the case of AdaBoost. We also observe that 7 out of 9 machine learning-based detection methods outperform the traditional detection method.

CYBEX: the cybersecurity information exchange framework (x.1500)

The cybersecurity information exchange framework, known as CYBEX, is currently undergoing its first iteration of standardization efforts within ITU-T. The framework describes how cybersecurity information is exchanged between cybersecurity entities on a global scale and how the exchange is assured. The worldwide implementation of the framework will eventually minimize the disparate availability of cybersecurity information. This paper provides a specification overview, use cases, and the current status of CYBEX.

Enabling secure multitenancy in cloud computing: Challenges and approaches

Cloud computing provides a multitenant feature that enables an IT asset to host multiple tenants, improving its utilization rate. The feature provides economic benefits to both users and service providers since it reduces the management cost and thus lowers the subscription price. Many users are, however, reluctant to subscribe to cloud computing services due to security concerns. To advance deployment of cloud computing, techniques enabling secure multitenancy, especially resource isolation techniques, need to be advanced further. Difficulty lies in the fact that the techniques range and cross various technical domains, and it is difficult to get the big picture. To cope with that, this paper introduces technical layers and categories, with which it identifies and structures technical issues on enabling multitenancy by conducting a survey. Based on the survey result, this paper discusses technical maturity of multitenant cloud computing from the standpoint of security and the needs for developing both technical and operational security toward the development and wide deployment of multitenant cloud computing.

Performance evaluations of DCCP for bursty traffic in real-time applications

The Datagram Congestion Control Protocol (DCCP) has been proposed as a transport protocol which supports real-time traffic using window-based flow control. We investigate the DCCP performance for various traffic flows, focusing on how DCCP flows affect TCP flows and vice versa. Through those simulations, we examine an unfair bandwidth distribution problem caused by the incompatibility of DCCP with the fast recovery algorithm of TCP.

An implementation of a hierarchical IP traceback architecture

The IP traceback technique detects sources of attack nodes and the paths traversed by anonymous DDoS (distributed denial of service) flows with spoofed source addresses. We propose a hierarchical IP traceback architecture, which decomposes the Internet-wide traceback procedure into inter-domain traceback and intradomain traceback. Our proposed method is different from existing approaches in that our method is independent from a single IP traceback mechanism, and domain decomposition is based on existing operational models of the Internet. Moreover, it has the capability of being used for not only the IPv4 network, but also the IPv6 network.