Biblio

Filters: Author is Fang, Fei  [Clear All Filters]
2022-06-13
Deng, Han, Fang, Fei, Chen, Juan, Zhang, Yazhen.  2021.  A Cloud Data Storage Technology for Alliance Blockchain Technology. 2021 7th IEEE Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS). :174–179.
The rapid development of blockchain application technology promotes continuous exploration in the field of computer application science. Although it is still in the initial stage of development, the technical features of blockchain technology such as decentralization, identity verification, tamper resistance, data integrity, and security are regarded as excellent solutions to today's computer security technical problems. In this paper, we will analyze and compare blockchain data storage and cloud data processing technologies, focusing on the concept and technology of blockchain distributed data storage technology, and analyze and summarize the key issues. The results of this paper will provide a useful reference for the application and research of blockchain technology in cloud storage security.
2023-01-30
Kinneer, Cody, Wagner, Ryan, Fang, Fei, Le Goues, Claire, Garlan, David.  2019.  Modeling Observability in Adaptive Systems to Defend Against Advanced Persistent Threats. In Proceedings of the 17th ACM-IEEE International Conference on Formal Methods and Models for Systems Design (MEMCODE\'19.

Advanced persistent threats (APTs) are a particularly troubling challenge for software systems. The adversarial nature of the security domain, and APTs in particular, poses unresolved challenges to the design of self-* systems, such as how to defend against multiple types of attackers with different goals and capabilities. In this interaction, the observability of each side is an important and under-investigated issue in the self-* domain. We propose a model of APT defense that elevates observability as a first-class concern. We evaluate this model by showing how an informed approach that uses observability improves the defender's utility compared to a uniform random strategy, can enable robust planning through sensitivity analysis, and can inform observability-related architectural design decisions.

2019-09-24
Schlenker, Aaron, Thakoor, Omkar, Xu, Haifeng, Fang, Fei, Tambe, Milind, Tran-Thanh, Long, Vayanos, Phebe, Vorobeychik, Yevgeniy.  2018.  Deceiving Cyber Adversaries: A Game Theoretic Approach. Proceedings of the 17th International Conference on Autonomous Agents and MultiAgent Systems. :892–900.

An important way cyber adversaries find vulnerabilities in mod- ern networks is through reconnaissance, in which they attempt to identify configuration specifics of network hosts. To increase un- certainty of adversarial reconnaissance, the network administrator (henceforth, defender) can introduce deception into responses to network scans, such as obscuring certain system characteristics.  We introduce a novel game-theoretic model of deceptive interactions of this kind between a defender and a cyber attacker, which we call the Cyber Deception Game. We consider both a powerful (rational) attacker, who is aware of the defender’s exact deception strategy, and a naive attacker who is not. We show that computing the optimal deception strategy is NP-hard for both types of attackers. For the case with a powerful attacker, we provide a mixed-integer linear program solution as well as a fast and effective greedy algorithm. Similarly, we provide complexity results and propose exact and heuristic approaches when the attacker is naive. Our extensive experimental analysis demonstrates the effectiveness of our approaches.