Visible to the public Biblio

Filters: Author is Fleming, C.  [Clear All Filters]
2018-11-14
Adams, S., Carter, B., Fleming, C., Beling, P. A..  2018.  Selecting System Specific Cybersecurity Attack Patterns Using Topic Modeling. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :490–497.

One challenge for cybersecurity experts is deciding which type of attack would be successful against the system they wish to protect. Often, this challenge is addressed in an ad hoc fashion and is highly dependent upon the skill and knowledge base of the expert. In this study, we present a method for automatically ranking attack patterns in the Common Attack Pattern Enumeration and Classification (CAPEC) database for a given system. This ranking method is intended to produce suggested attacks to be evaluated by a cybersecurity expert and not a definitive ranking of the "best" attacks. The proposed method uses topic modeling to extract hidden topics from the textual description of each attack pattern and learn the parameters of a topic model. The posterior distribution of topics for the system is estimated using the model and any provided text. Attack patterns are ranked by measuring the distance between each attack topic distribution and the topic distribution of the system using KL divergence.

2018-02-14
Calhoun, Z., Maribojoc, P., Selzer, N., Procopi, L., Bezzo, N., Fleming, C..  2017.  Analysis of Identity and Access Management alternatives for a multinational information-sharing environment. 2017 Systems and Information Engineering Design Symposium (SIEDS). :208–213.
In the 21st century, each country must make decisions on how to utilize modern technologies to maximize benefits and minimize repercussions. For example, the United States Department of Defense (DoD) needs to be able to share information efficiently with its allies while simultaneously preventing unwarranted access or attacks. These attacks pose a threat to the national security of the United States, but proper use of the cyberspace provides countless benefits. The aim of this paper is to explore Identity and Access Management (IdAM) technologies that the Department of Defense can use in joint operations with allies that will allow efficient information-sharing and enhance security. To this end, we have created a methodology and a model for evaluating Identity and Access Management technologies that the Department of Defense can use in joint operations with other nations, with a specific focus on Japan and Australia. To evaluate these systems, we employed an approach that incorporates Political, Operational, Economic and Technical (POET) factors. Governance protocols, technological solutions, and political factors were first thoroughly reviewed and then used to construct an evaluation model to formally assess Identity and Access Management alternatives. This model provides systematic guidance on how the Department of Defense can improve their use of Identity and Access Management systems in the future.