Biblio

Security analysts conduct continuous evaluations of cyber-defense tools to keep pace with advanced and persistent threats. Cyber agility has become a critical proactive security resource that makes it possible to measure defense adjustments and reactions to rising threats. Subsequently, machine learning has been applied to support cyber agility prediction as an essential effort to anticipate future security performance. Nevertheless, apt and treacherous actors motivated by economic incentives continue to prevail in circumventing machine learning-based protection tools. Adversarial learning, widely applied to computer security, especially intrusion detection, has emerged as a new area of concern for the recently recognized critical cyber agility prediction. The rationale is, if a sophisticated malicious actor obtains the cyber agility parameters, correct prediction cannot be guaranteed. Unless with a demonstration of white-box attack failures. The challenge lies in recognizing that unconstrained adversaries hold vast potential capabilities. In practice, they could have perfect-knowledge, i.e., a full understanding of the defense tool in use. We address this challenge by proposing an adversarial machine learning approach that achieves accurate cyber agility forecast through mapped nefarious influence on static defense tools metrics. Considering an adversary would aim at influencing perilous confidence in a defense tool, we demonstrate resilient cyber agility prediction through verified attack signatures in dynamic learning windows. After that, we compare cyber agility prediction under negative influence with and without our proposed dynamic learning windows. Our numerical results show the model's execution degrades without adversarial machine learning. Such a feigned measure of performance could lead to incorrect software security patching.

Wireless communications networks are an integral part of intelligent systems that enhance the automation of various activities and operations embarked by humans. For example, the development of intelligent devices imbued with sensors leverages emerging technologies such as machine learning (ML) and artificial intelligence (AI), which have proven to enhance military operations through communication, control, intelligence gathering, and situational awareness. However, growing concerns in cybersecurity imply that attackers are always seeking to take advantage of the widened attack surface to launch adversarial attacks which compromise the activities of legitimate users. To address this challenge, we leverage on deep learning (DL) and the principle of cyber-deception to propose a method for defending wireless networks from the activities of jammers. Specifically, we use DL to regulate the power allocated to users and the channel they use to communicate, thereby luring jammers into attacking designated channels that are considered to guarantee maximum damage when attacked. Furthermore, by directing its energy towards the attack on a specific channel, other channels are freed up for actual transmission, ensuring secure communication. Through simulations and experiments carried out, we conclude that this approach enhances security in wireless communication systems.

The most widely used method to prevent adversaries from eavesdropping on sensitive sensor, robot, and war fighter communications is mathematically strong cryptographic algorithms. However, prevailing cryptographic protocol mandates are often made without consideration of resource constraints of devices in the internet of Battlefield Things (IoBT). In this article, we address the challenges of IoBT sensor data exchange in contested environments. Battlefield IoT (Internet of Things) devices need to exchange data and receive feedback from other devices such as tanks and command and control infrastructure for analysis, tracking, and real-time engagement. Since data in IoBT systems may be massive or sparse, we introduced a machine learning classifier to determine what type of data to transmit under what conditions. We compared Support Vector Machine, Bayes Point Match, Boosted Decision Trees, Decision Forests, and Decision Jungles on their abilities to recommend the optimal confidentiality preserving data and transmission path considering dynamic threats. We created a synthesized dataset that simulates platoon maneuvers and IED detection components. We found Decision Jungles to produce the most accurate results while requiring the least resources during training to produce those results. We also introduced the JointField blockchain network for joint and allied force data sharing. With our classifier, strategists, and system designers will be able to enable adaptive responses to threats while engaged in real-time field conflict.

Securing communication between any two wireless devices or users is challenging without compromising sensitive/personal data. To address this problem, we have developed an artificial intelligence (AI) algorithm to secure communication on virtualized wireless networks. To detect cyberattacks in a virtualized environment is challenging compared to traditional wireless networks setting. However, we successfully investigate an efficient cyberattack detection algorithm using an AI algorithm in a Bayesian learning model for detecting cyberattacks on the fly. We have studied the results of Random Forest and deep neural network (DNN) models to detect the cyberattacks on a virtualized wireless network, having considered the required transmission power as a threshold value to classify suspicious activities in our model. We present both formal mathematical analysis and numerical results to support our claims. The numerical results show our accuracy in detecting cyberattacks in the proposed Bayesian model is better than Random Forest and DNN models. We have also compared both models in terms of detection errors. The performance comparison results show our proposed approach outperforms existing approaches in detection accuracy, precision, and recall.

The US Federal Communications Commission (FCC) has recently mandated the database-driven dynamic spectrum access where unlicensed secondary users search for idle bands and use them opportunistically. The database-driven dynamic spectrum access approach is regarded for minimizing any harmful interference to licensed primary users caused by RF channel sensing uncertainties. However, when several secondary users (or several malicious users) query the RF spectrum database at the same time, spectrum server could experience denial of service (DoS) attack. In this paper, we investigate the Aggregated-Query-as-a-Secure-Service (AQaaSS) for querying RF spectrum database by secondary users for opportunistic wireless communications where selected number of secondary users aka grid leaders, query the database on behalf of all other secondary users, aka grid followers and relay the idle channel information to grid followers. Furthermore, the grid leaders are selected based on their both reputation or trust level and location in the network for the integrity of the information that grid followers receive. Grid followers also use the weighted majority voting to filter out comprised information about the idle channels. The performance of the proposed approach is evaluated using numerical results. The proposed approach gives lower latency (or same latency) to the secondary users and lower load (or same load) to the RF spectrum database server when more number of secondary users (or less number of secondary users) query than that of the server capacity.