Attack Analysis Results for Adversarial Engagement 1 of the DARPA Transparent Computing Program
نویسندگان
چکیده
We built a tagand policy-based analysis system for attack detection and forensic analysis. Our system tracks information flows from sources to sensitive sinks in real time, and raises alarms when the policies are violated. In addition, it keeps a provenance context with every entity in the system. Specifically, provenance context contains a list of the events and relationships that contribute to the existence of an entity. Using such provenance context, we are able to provide an explanation for the raised alarms under the form of dot graphs. During Engagement 1, we successfully detected the attacks on several TA1 traces and produced graphs with details about those attacks.
منابع مشابه
An Effective Attack-Resilient Kalman Filter-Based Approach for Dynamic State Estimation of Synchronous Machine
Kalman filtering has been widely considered for dynamic state estimation in smart grids. Despite its unique merits, the Kalman Filter (KF)-based dynamic state estimation can be undesirably influenced by cyber adversarial attacks that can potentially be launched against the communication links in the Cyber-Physical System (CPS). To enhance the security of KF-based state estimation, in this paper...
متن کاملDevelopment of a Model for Predicting Heart Attack Based on Fog Computing
Introduction: Various studies have demonstrated the benefits of using distributed fog computing for the Internet of Things (IoT). Fog computing has brought cloud computing capabilities such as computing, storage, and processing closer to IoT nodes. The new model of fog and edge computing, compared to cloud computing, provides less latency for data processing by bringing resources closer to user...
متن کاملAlert correlation and prediction using data mining and HMM
Intrusion Detection Systems (IDSs) are security tools widely used in computer networks. While they seem to be promising technologies, they pose some serious drawbacks: When utilized in large and high traffic networks, IDSs generate high volumes of low-level alerts which are hardly manageable. Accordingly, there emerged a recent track of security research, focused on alert correlation, which ext...
متن کاملDevelopment of a Model for Predicting Heart Attack Based on Fog Computing
Introduction: Various studies have demonstrated the benefits of using distributed fog computing for the Internet of Things (IoT). Fog computing has brought cloud computing capabilities such as computing, storage, and processing closer to IoT nodes. The new model of fog and edge computing, compared to cloud computing, provides less latency for data processing by bringing resources closer to user...
متن کاملAudio Adversarial Examples: Targeted Attacks on Speech-to-Text
We construct targeted audio adversarial examples on automatic speech recognition. Given any audio waveform, we can produce another that is over 99.9% similar, but transcribes as any phrase we choose (recognizing up to 50 characters per second of audio). We apply our white-box iterative optimization-based attack to Mozilla’s implementation DeepSpeech end-to-end, and show it has a 100% success ra...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- CoRR
دوره abs/1610.06936 شماره
صفحات -
تاریخ انتشار 2016