Biblio

{Surrogate model-based optimization algorithm remains as an important solution to expensive black-box function optimization. The introduction of ensemble model enables the algorithm to automatically choose a proper model integration mode and adapt to various parameter spaces when dealing with different problems. However, this also significantly increases the computational burden of the algorithm. On the other hand, utilizing parallel computing resources and improving efficiency of black-box function optimization also require combination with surrogate optimization algorithm in order to design and realize an efficient parallel parameter space sampling mechanism. This paper makes use of parallel computing technology to speed up the weight updating related computation for the ensemble model based on Dempster-Shafer theory, and combines it with stochastic response surface method to develop a novel parallel sampling mechanism for asynchronous parameter optimization. Furthermore, it designs and implements corresponding parallel computing framework and applies the developed algorithm to quantitative trading strategy tuning in financial market. It is verified that the algorithm is both feasible and effective in actual application. The experiment demonstrates that with guarantee of optimizing performance, the parallel optimization algorithm can achieve excellent accelerating effect.

In this paper, we investigate the local secure connectivity in terms of the probability of existing a secure wireless connection between two legitimate users and the isolated security probability of a legitimate user in stochastic wireless networks. Specifically, the closed-form expressions of the probability that there is a secure wireless communication between two legitimate users are derived first. Then, based on these equations, the corresponding isolated secure probability are given. The characteristics of local secure connectivity are examined in four scenarios combined from two wireless channel conditions (deterministic/Rayleigh fading) and two eavesdropper configurations (non-colluding/colluding). All the derived mathematical equations are validated by the Monte-Carlo simulation. The obtained numerical results in this paper reveal some interesting features of the impact of eavesdropper collusion, wireless channel fading, and density ratio on the secure connection probability and the isolated security probability of legitimate user in stochastic networks.

Previous research on internal threats was mostly focused on modeling threat behaviors. These studies have paid little attention to risk measurement. This paper analyzed the internal threat scenarios, introduced the operation related protection model into the firewall-password model, constructed a series of sub models. By analyzing the illegal data out process, the analysis model of target network can be rapidly generated based on four protection sub-models. Then the risk value of an assessment point can be computed dynamically according to the Petri net computing characteristics and the effectiveness of overall network protection can be measured. This method improves the granularity of the model and simplifies the complexity of modeling complex networks and can realize dynamic and real-time risk measurement.

Smart meters enable improvements in electricity distribution system efficiency at some cost in customer privacy. Users with home batteries can mitigate this privacy loss by applying charging policies that mask their underlying energy use. A battery charging policy is proposed and shown to provide universal privacy guarantees subject to a constraint on energy cost. The guarantee bounds our strategy's maximal information leakage from the user to the utility provider under general stochastic models of user energy consumption. The policy construction adapts coding strategies for non-probabilistic permuting channels to this privacy problem.

Cognitive radio networks (CRNs) are found to be, without difficulty wide-open to external malicious threats. Secure communication is an important prerequisite for forthcoming fifth-generation (5G) systems, and CRs are not exempt. A framework for developing the accomplishable benefits of physical layer security (PLS) in an amplify-and-forward cooperative spectrum sensing (AF-CSS) in a cognitive radio network (CRN) using a stochastic geometry is proposed. In the CRN the spectrum sensing data from secondary users (SU) are collected by a fusion center (FC) with the assistance of access points (AP) as cognitive relays, and when malicious eavesdropping SU are listening. In this paper we focus on the secure transmission of active APs relaying their spectrum sensing data to the FC. Closed expressions for the average secrecy rate are presented. Analytical formulations and results substantiate our analysis and demonstrate that multiple antennas at the APs is capable of improving the security of an AF-CSSCRN. The obtained numerical results also show that increasing the number of FCs, leads to an increase in the secrecy rate between the AP and its correlated FC.

In internet based communication, various types of attacks have been evolved. Hence, attacker easily breaches the securities. Traditional intrusion detection techniques to observe these attacks have failed and thus hefty systems are required to remove these attacks before they expose entire network. With the ability of artificial intelligence systems to adapt high computational speed, boost fault tolerance, and error resilience against noisy information, a hybrid particle swarm optimization(PSO) fuzzy rule based inference engine has been designed in this paper. The fuzzy logic based on degree of truth while the PSO algorithm based on population stochastic technique helps in learning from the scenario, thus their combination will increase the toughness of intrusion detection system. The proposed network intrusion detection system will be able to classify normal as well as anomalism behaviour in the network. DARPA-KDD99 dataset examined on this system to address the behaviour of each connection on network and compared with existing system. This approach improves the result on the basis of precision, recall and F1-score.

Smart power grid is a perfect model of Cyber Physical System (CPS) which is an important component for a comfortable life. The major concern of the electrical network is safety and reliable operation. A cyber attacker in the operation of power system would create a major damage to the entire power system structure and affect the continuity of the power supply by adversely changing its parameters. A risk assessment method is presented for evaluating the cyber security assessment of power systems taking into consideration the need for protection systems. The paper considers the impact of bus and transmission line protection systems located in substations on the cyber physical performance of power systems. The proposed method is to simulate the response of power systems to sudden attacks on various power system preset value and parameters. This paper focuses on the cyber attacks which occur in a co-ordinated way so that many power system components will be in risk. The risk can be modelled as the combined probability of power system impact due to attacks and of successful interruption into the system. Stochastic Petri Nets is employed for assessing the risks. The effectiveness of the proposed cyber security risk assessment method is simulated for a IEEE39 bus system.

The term “smart” has been used in many ways for describing systems and infrastructure such as smart city, smart home, smart grid, smart meter, etc. These systems may lie in the domain of critical security systems where security can be estimated in terms of confidentiality, integrity and some cases may involve availability for protection against the theft or damage of system resources as well as disruption of the system services. Although, in spite of, being a hot topic to enhance the quality of life, there is no concrete definition of what smart system is and what should be the characteristics of it. Thus, there is a need to identify what these systems actually are and how they can be designed securely. This work firstly attempts to describe attributes related to the smartness to define smart systems. Furthermore, we propose a secure smart system development life cycle, where the security is weaved at all the development phase of smart systems according to principles, guidelines, attack patterns, risk, vulnerability, exploits, and defined rules. Finally, the comparative study is performed for evaluation of traditional security modeling techniques for early assessment of threats and risks in smart systems.

This paper presents a general model to assess the mixed-degradation profiles of critical components in a Cyber-Physical System (CPS) based on the reliability of its critical physical and software components. In the proposed assessment, the cyber aspect of a CPS was approached from a software reliability perspective. Although extensive research has been done on physical components degradation and software reliability separately, research for the combined physical-software systems is still scarce. The non-homogeneous Poisson Processes (NHPP) software reliability models are deemed to fit well with the real data and have descriptive and predictive abilities, which could make them appropriate to estimate software components reliability. To show the feasibility of the proposed approach, a case study for mixed-degradation profiles assessment is presented with n physical components and one major software component forming a critical subsystem in CPS. Two physical components were assumed to have different degradation paths with the dependency between them. Series and parallel structures were investigated for physical components. The software component failure data was taken from a wireless network switching center and fitted into a Weibull software reliability model. The case study results revealed that mix-degradation profiles of physical components, combined with software component profile, produced a different CPS reliability profile.

In this paper, we study system security against Advanced Persistent Threats (APTs). APTs are stealthy and persistent but APTs interact with system and introduce information flows in the system as data-flow and control-flow commands. Dynamic Information Flow Tracking (DIFT) is a promising detection mechanism against APTs which taints suspicious input sources in the system and performs online security analysis when a tainted information is used in unauthorized manner. Our objective in this paper is to model DIFT that handle data-flow and conditional branches in the program that arise from control-flow commands. We use game theoretic framework and provide the first analytical model of DIFT with data-flow and conditional-branch tracking. Our game model which is an undiscounted infinite-horizon stochastic game captures the interaction between APTs and DIFT and the notion of conditional branching. We prove that the best response of the APT is a maximal reachability probability problem and provide a polynomial-time algorithm to find the best response by solving a linear optimization problem. We formulate the best response of the defense as a linear optimization problem and show that an optimal solution to the linear program returns a deterministic optimal policy for the defense. Since finding Nash equilibrium for infinite-horizon undiscounted stochastic games is computationally difficult, we present a nonlinear programming based polynomial-time algorithm to find an E-Nash equilibrium. Finally, we perform experimental analysis of our algorithm on real-world data for NetRecon attack augmented with conditional branching.

The methods are based on injecting unpredictability into means and objects of protection are called stochastic methods of information security. The effective protection can be done only by using stochastic methods against an active opponent. The effectiveness of stochastic protection methods is defined by the quality of the used pseudo-random number generators and hash functions. The proposed hashing algorithm DOZENHASH is based on the using of 3D stochastic transformations of DOZEN family. The principal feature of the algorithm is that all input and output data blocks as well as intermediate results of calculations are represented as three-dimensional array of bytes with 4 bytes in each dimension. Thus, the resulting transformation has a high degree of parallelism at the level of elementary operations, in other words, it is focused on the implementation using heterogeneous supercomputer technologies.

In various natural language processing applications, PART-OF-SPEECH (POS) tagging is performed as a preprocessing step. For making POS tagging accurate, various techniques have been explored. But in Indian languages, not much work has been done. This paper describes the methods to build a Part of speech tagger by using hidden markov model. Supervised learning approach is implemented in which, already tagged sentences in malayalam is used to build hidden markov model.

This paper considers the complex of models for the description, analysis, and modeling of group behavior by user actions in complex social systems. In particular, electoral processes can be considered in which preferences are selected from several possible ones. For example, for two candidates, the choice is made from three states: for the candidate A, for candidate B and undecided (candidate C). Thus, any of the voters can be in one of the three states, and the interaction between them leads to the transition between the states with some delay time intervals, which are one of the parameters of the proposed models. The dynamics of changes in the preferences of voters can be described graphically on diagram of possible transitions between states, on the basis of which is possible to write a system of differential kinetic equations that describes the process. The analysis of the obtained solutions shows the possibility of existence within the model, different modes of changing the preferences of voters. In the developed model of stochastic cellular automata with variable memory at each step of the interaction process between its cells, a new network of random links is established, the minimum and the maximum number of which is selected from a given range. At the initial time, a cell of each type is assigned a numeric parameter that specifies the number of steps during which will retain its type (cell memory). The transition of cells between states is determined by the total number of cells of different types with which there was interaction at the given number of memory steps. After the number of steps equal to the depth of memory, transition to the type that had the maximum value of its sum occurs. The effect of external factors (such as media) on changes in node types can set for each step using a transition probability matrix. Processing of the electoral campaign's sociological data of 2015-2016 at the choice of the President of the United States using the method of almost-periodic functions allowed to estimate the parameters of a set of models and use them to describe, analyze and model the group behavior of voters. The studies show a good correspondence between the data observed in sociology and calculations using a set of developed models. Under some sets of values of the coefficients in the differential equations and models of cellular automata are observed the oscillating and almost-periodic character of changes in the preferences of the electorate, which largely coincides with the real observations.

Various aspects of security and privacy in many application domains can be assessed based on proper analysis of successive measurements that are collected on a given system. This work is devoted to such issues in the context of timed stochastic Petri net models. We assume that certain events and part of the marking trajectories are observable to adversaries who aim to determine when the system is performing secret operations, such as time intervals during which the system is executing certain critical sequences of events (as captured, for instance, in language-based opacity formulations). The combined use of the k-step trajectory-observer and the Markov model of the stochastic Petri net leads to probabilistic indicators helpful for evaluating language-based opacity of the given system, related timing aspects, and possible strategies to improve them.

Deep neural networks are susceptible to various inference attacks as they remember information about their training data. We design white-box inference attacks to perform a comprehensive privacy analysis of deep learning models. We measure the privacy leakage through parameters of fully trained models as well as the parameter updates of models during training. We design inference algorithms for both centralized and federated learning, with respect to passive and active inference attackers, and assuming different adversary prior knowledge. We evaluate our novel white-box membership inference attacks against deep learning algorithms to trace their training data records. We show that a straightforward extension of the known black-box attacks to the white-box setting (through analyzing the outputs of activation functions) is ineffective. We therefore design new algorithms tailored to the white-box setting by exploiting the privacy vulnerabilities of the stochastic gradient descent algorithm, which is the algorithm used to train deep neural networks. We investigate the reasons why deep learning models may leak information about their training data. We then show that even well-generalized models are significantly susceptible to white-box membership inference attacks, by analyzing state-of-the-art pre-trained and publicly available models for the CIFAR dataset. We also show how adversarial participants, in the federated learning setting, can successfully run active membership inference attacks against other participants, even when the global model achieves high prediction accuracies.

This paper shows that stochastic heuristic approach for implicitly solving addition chain problem (ACP) in public-key cryptosystem (PKC) enhances the efficiency of the PKC and improves the security by blinding the multiplications/squaring operations involved against side-channel attack (SCA). We show that while the current practical heuristic approaches being deterministic expose the fixed pattern of the operations, using stochastic method blinds the pattern by being unpredictable and generating diffident pattern of operation for the same exponent at a different time. Thus, if the addition chain (AC) is generated implicitly every time the exponentiation operation is being made, needless for such approaches as padding by insertion of dummy operations and the operation is still totally secured against the SCA. Furthermore, we also show that the stochastic approaches, when carefully designed, further reduces the length of the operation than state-of-the-art practical methods for improving the efficiency. We demonstrated our investigation by implementing RSA cryptosystem using the stochastic approach and the results benchmarked with the existing current methods.

In this work, we synthesize collaboration protocols for human-unmanned aerial vehicle (H-UAV) command and control systems, where the human operator aids in securing the UAV by intermittently performing geolocation tasks to confirm its reported location. We first present a stochastic game-based model for the system that accounts for both the operator and an adversary capable of launching stealthy false-data injection attacks, causing the UAV to deviate from its path. We also describe a synthesis challenge due to the UAV's hidden-information constraint. Next, we perform human experiments using a developed RESCHU-SA testbed to recognize the geolocation strategies that operators adopt. Furthermore, we deploy machine learning techniques on the collected experimental data to predict the correctness of a geolocation task at a given location based on its geographical features. By representing the model as a delayed-action game and formalizing the system objectives, we utilize off-the-shelf model checkers to synthesize protocols for the human-UAV coalition that satisfy these objectives. Finally, we demonstrate the usefulness of the H-UAV protocol synthesis through a case study where the protocols are experimentally analyzed and further evaluated by human operators.

In Software Defined Networking (SDN) control plane of forwarding devices is concentrated in the SDN controller, which assumes the role of a network operating system. Big share of today's commercial SDN controllers are based on OpenDaylight, an open source SDN controller platform, whose bug repository is publicly available. In this article we provide a first insight into 8k+ bugs reported in the period over five years between March 2013 and September 2018. We first present the functional components in OpenDaylight architecture, localize the most vulnerable modules and measure their contribution to the total bug content. We provide high fidelity models that can accurately reproduce the stochastic behaviour of bug manifestation and bug removal rates, and discuss how these can be used to optimize the planning of the test effort, and to improve the software release management. Finally, we study the correlation between the code internals, derived from the Git version control system, and software defect metrics, derived from Jira issue tracker. To the best of our knowledge, this is the first study to provide a comprehensive analysis of bug characteristics in a production grade SDN controller.

Dynamic Information Flow Tracking (DIFT) has been proposed to detect stealthy and persistent cyber attacks that evade existing defenses such as firewalls and signature-based antivirus systems. A DIFT defense taints and tracks suspicious information flows across the network in order to identify possible attacks, at the cost of additional memory overhead for tracking non-adversarial information flows. In this paper, we present the first analytical model that describes the interaction between DIFT and adversarial information flows, including the probability that the adversary evades detection and the performance overhead of the defense. Our analytical model consists of a multi-stage game, in which each stage represents a system process through which the information flow passes. We characterize the optimal strategies for both the defense and adversary, and derive efficient algorithms for computing the strategies. Our results are evaluated on a realworld attack dataset obtained using the Refinable Attack Investigation (RAIN) framework, enabling us to draw conclusions on the optimal adversary and defense strategies, as well as the effect of valid information flows on the interaction between adversary and defense.

As an information hinge of various trades and professions in the era of big data, cloud data center bears the responsibility to provide uninterrupted service. To cope with the impact of failure and interruption during the operation on the Quality of Service (QoS), it is important to guarantee the resilience of cloud data center. Thus, different resilience actions are conducted in its life circle, that is, resilience strategy. In order to measure the effect of resilience strategy on the system resilience, this paper propose a new approach to model and evaluate the resilience strategy for cloud data center focusing on its core part of service providing-IT architecture. A comprehensive resilience metric based on resilience loss is put forward considering the characteristic of cloud data center. Furthermore, mapping model between system resilience and resilience strategy is built up. Then, based on a hierarchical colored generalized stochastic petri net (HCGSPN) model depicting the procedure of the system processing the service requests, simulation is conducted to evaluate the resilience strategy through the metric calculation. With a case study of a company's cloud data center, the applicability and correctness of the approach is demonstrated.

Deep neural networks (DNNs) are effective machine learning models to solve a large class of recognition problems, including the classification of nonlinearly separable patterns. The applications of DNNs are, however, limited by the large size and high energy consumption of the networks. Recently, stochastic computation (SC) has been considered to implement DNNs to reduce the hardware cost. However, it requires a large number of random number generators (RNGs) that lower the energy efficiency of the network. To overcome these limitations, we propose the design of an energy-efficient deep belief network (DBN) based on stochastic computation. An approximate SC activation unit (A-SCAU) is designed to implement different types of activation functions in the neurons. The A-SCAU is immune to signal correlations, so the RNGs can be shared among all neurons in the same layer with no accuracy loss. The area and energy of the proposed design are 5.27% and 3.31% (or 26.55% and 29.89%) of a 32-bit floating-point (or an 8-bit fixed-point) implementation. It is shown that the proposed SC-DBN design achieves a higher classification accuracy compared to the fixed-point implementation. The accuracy is only lower by 0.12% than the floating-point design at a similar computation speed, but with a significantly lower energy consumption.

We consider a pharmaceutical supply chain where the manufacturer sources a customized product with unique attributes from a set of unreliable suppliers. We model the likelihood of a supplier to successfully deliver the product via Bayesian logistic regression and use simulation to obtain the posterior distribution of the unknown parameters of this model. We study the role of so-called input-model uncertainty in estimating the likelihood of the supply failure, which is the probability that none of the suppliers in a given supplier portfolio can successfully deliver the product. We investigate how the input-model uncertainty changes with respect to the characteristics of the historical data on the past realizations of the supplier performances and the product attributes.

Popularization of the Internet-of-Things (IoT) has brought widespread concerns on IoT security, especially in face of several recent security incidents related to IoT devices. Due to the resource-constrained nature of many IoT devices, security offloading has been proposed to provide good-enough security for IoT with minimum overhead on the devices. In this paper, we investigate the inevitable risk associated with security offloading: the unprotected and unmonitored transmission from IoT devices to the offloaded security mechanisms. An important challenge in modeling the security risk is the dynamic nature of IoT due to demand fluctuations and infrastructure instability. We propose a stochastic model to capture both the expected and worst-case security risks of an IoT system. We then propose a framework to efficiently address the optimal robust deployment of security mechanisms in IoT. We use results from extensive simulations to demonstrate the superb performance and efficiency of our approach compared to several other algorithms.

On cloud computing systems consisting of task queuing and resource allocations, it is essential but hard to model and evaluate the global performance. In most of the models, researchers use a stochastic process or several stochastic processes to describe a real system. However, due to the absence of theoretical conclusions of any arbitrary stochastic processes, they approximate the complicated model into simple processes that have mathematical results, such as Markov processes. Our purpose is to give a universal method to deal with common stochastic processes as long as the processes can be expressed in the form of transition matrix. To achieve our purpose, we firstly prove several theorems about the convergence of stochastic matrices to figure out what kind of matrix-defined systems has steady states. Furthermore, we propose two strategies for measuring the rate of convergence which reflects how fast the system would come to its steady state. Finally, we give a method for reducing a stochastic matrix into smaller ones, and perform some experiments to illustrate our strategies in practice.

The Internet of things (IoT) is revolutionizing the management and control of automated systems leading to a paradigm shift in areas, such as smart homes, smart cities, health care, and transportation. The IoT technology is also envisioned to play an important role in improving the effectiveness of military operations in battlefields. The interconnection of combat equipment and other battlefield resources for coordinated automated decisions is referred to as the Internet of battlefield things (IoBT). IoBT networks are significantly different from traditional IoT networks due to battlefield specific challenges, such as the absence of communication infrastructure, heterogeneity of devices, and susceptibility to cyber-physical attacks. The combat efficiency and coordinated decision-making in war scenarios depends highly on real-time data collection, which in turn relies on the connectivity of the network and information dissemination in the presence of adversaries. This paper aims to build the theoretical foundations of designing secure and reconfigurable IoBT networks. Leveraging the theories of stochastic geometry and mathematical epidemiology, we develop an integrated framework to quantify the information dissemination among heterogeneous network devices. Consequently, a tractable optimization problem is formulated that can assist commanders in cost effectively planning the network and reconfiguring it according to the changing mission requirements.