Visible to the public Biblio

Filters: Author is Okamura, Koji  [Clear All Filters]
2020-02-17
Rodriguez, Ariel, Okamura, Koji.  2019.  Generating Real Time Cyber Situational Awareness Information Through Social Media Data Mining. 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC). 2:502–507.
With the rise of the internet many new data sources have emerged that can be used to help us gain insights into the cyber threat landscape and can allow us to better prepare for cyber attacks before they happen. With this in mind, we present an end to end real time cyber situational awareness system which aims to efficiently retrieve security relevant information from the social networking site Twitter.com. This system classifies and aggregates the data retrieved and provides real time cyber situational awareness information based on sentiment analysis and data analytics techniques. This research will assist security analysts to evaluate the level of cyber risk in their organization and proactively take actions to plan and prepare for potential attacks before they happen as well as contribute to the field through a cybersecurity tweet dataset.
2017-10-03
Sahri, Nm, Okamura, Koji.  2016.  Protecting DNS Services from IP Spoofing: SDN Collaborative Authentication Approach. Proceedings of the 11th International Conference on Future Internet Technologies. :83–89.

As DNS packet are mostly UDP-based, make it as a perfect tool for hackers to launch a well-known type of distributed denial of service (DDoS). The purpose of this attack is to saturate the DNS server availability and resources. This type of attack usually utilizes a large number of botnet and perform spoofing on the IP address of the targeted victim. We take a different approach for IP spoofing detection and mitigation strategies to protect the DNS server by utilizing Software Defined Networking (SDN). In this paper, we present CAuth, a novel mechanism that autonomously block the spoofing query packet while authenticate the legitimate query. By manipulating Openflow control message, we design a collaborative approach between client and server network. Whenever a server controller receives query packet, it will send an authentication packet back to the client network and later the client controller also replies via authentication packet back to the server controller. The server controller will only forward the query to the DNS server if it receives the replied authentication packet from the client. From the evaluation, CAuth instantly manage to block spoofing query packet while authenticate the legitimate query as soon as the mechanism started. Most notably, our mechanism designed with no changes in existing DNS application and Openflow protocol.