Biblio

Cognitive Radio Networks (CRN) are opportunistic networks which aim to harness the white space in the television frequency spectrum, on a need-to-need basis, without interfering the incumbent, called the Primary User (PU). Cognitive radios (CR) that sense the spectrum periodically for sensing the PU activity, are called Secondary Users (SU). CRNs are susceptible to two major attacks, Byzantine attacks and Primary User Emulation Attack (PUEA). Both the attacks are capable of rendering a CRN useless, by either interfering with the PU itself or capturing the entire channel for themselves. Byzantine attacks detection and mitigation is an important security issue in CRN. Hence, the current work proposes using a multi-Hidden Markov Model system with an aim to detect different types of random-Byzantine attacks. Simulation results show good detection rate across all the attacks.

Botnets have been a major area of concern in the field of cybersecurity. There have been a lot of research works for detection of botnets. However, everyday cybercriminals are coming up with new ideas to counter the well-known detection methods. One such popular method is domain flux-based botnets in which a large number of domain names are produced using domain generation algorithm. In this paper, we have proposed a robust way of detecting DGA-based botnets using few novel features covering both syntactic and semantic viewpoints. We have used Area under ROC curve as our performance metric since it provides comprehensive information about the performance of binary classifiers at various thresholds. Results show that our approach performs significantly better than the baseline approach. Our proposed method can help in detecting established DGA bots (equipped with extensive features) as well as prospective advanced DGA bots imitating real-world domain names.

Traffic state estimation helps urban traffic control and management. In this paper, a traffic state estimation model based on the fusion of Hidden Markov model and SEA algorithm is proposed considering the randomness and volatility of traffic systems. Traffic data of average travel speed in selected city were collected, and the mean and fluctuation values of average travel speed in adjacent time windows were calculated. With Hidden Markov model, the system state network is defined according to mean values and fluctuation values. The operation efficiency of traffic system, as well as stability and trend values, were calculated with System Effectiveness Analysis (SEA) algorithm based on system state network. Calculation results show that the method perform well and can be applied to both traffic state assessment of certain road sections and large scale road networks.

In this paper, security of secret key extraction scheme is evaluated for private communication between legitimate wireless devices. Multiple adversaries that distribute around these legitimate wireless devices eavesdrop on the data transmitted between them, and deduce the secret key. Conditional min-entropy given the view of those adversaries is utilized as security evaluation metric in this paper. Besides, the wiretap channel model and hidden Markov model (HMM) are regarded as the channel model and a dynamic programming approach is used to approximate conditional min- entropy. Two algorithms are proposed to mathematically calculate the conditional min- entropy by combining the Viterbi algorithm with the Forward algorithm. Optimal method with multiple adversaries (OME) algorithm is proposed firstly, which has superior performance but exponential computation complexity. To reduce this complexity, suboptimal method with multiple adversaries (SOME) algorithm is proposed, using performance degradation for the computation complexity reduction. In addition to the theoretical analysis, simulation results further show that the OME algorithm indeed has superior performance as well as the SOME algorithm has more efficient computation.

Recent developments in robotics and virtual reality (VR) are making embodied agents familiar, and social behaviors of embodied conversational agents are essential to create mindful daily lives with conversational agents. Especially, natural nonverbal behaviors are required, such as gaze and gesture movement. We propose a novel method to create an agent with human-like gaze as a listener in multi-party conversation, using Hidden Markov Model (HMM) to learn the behavior from real conversation examples. The model can generate gaze reaction according to users' gaze and utterance. We implemented an agent with proposed method, and created VR environment to interact with the agent. The proposed agent reproduced several features of gaze behavior in example conversations. Impression survey result showed that there is at least a group who felt the proposed agent is similar to human and better than conventional methods.

SDN is a new network framework which can be controlled and defined by software programming, and OpenFlow is the communication protocol between SDN controller plane and data plane. With centralized control of SDN, the network is more vulnerable encounter APT than traditional network. After deeply analyzing the process of APT at each stage in SDN, this paper proposes the APT detection method based on HMM, which can fully reflect the relationship between attack behavior and APT stage. Experiment shows that the method is more accurate to detect APT in SDN, and less overhead.

This paper presents a unified approach for the detection of network anomalies. Current state of the art methods are often able to detect one class of anomalies at the cost of others. Our approach is based on using a Linear Dynamical System (LDS) to model network traffic. An LDS is equivalent to Hidden Markov Model (HMM) for continuous-valued data and can be computed using incremental methods to manage high-throughput (volume) and velocity that characterizes Big Data. Detailed experiments on synthetic and real network traces shows a significant improvement in detection capability over competing approaches. In the process we also address the issue of robustness of network anomaly detection systems in a principled fashion.
 

Cloud computing significantly increased the security threats because intruders can exploit the large amount of cloud resources for their attacks. However, most of the current security technologies do not provide early warnings about such attacks. This paper presents a Finite State Hidden Markov prediction model that uses an adaptive risk approach to predict multi-staged cloud attacks. The risk model measures the potential impact of a threat on assets given its occurrence probability. The attacks prediction model was integrated with our autonomous cloud intrusion detection framework (ACIDF) to raise early warnings about attacks to the controller so it can take proactive corrective actions before the attacks pose a serious security risk to the system. According to our experiments on DARPA 2000 dataset, the proposed prediction model has successfully fired the early warning alerts 39.6 minutes before the launching of the LLDDoS1.0 attack. This gives the auto response controller ample time to take preventive measures.