Reactive defense mechanisms, such as intrusion detection systems, have made significant efforts to secure a system or network for the last several decades. However, nature of reactive security mechanisms has limitations because potential attackers cannot be prevented in advance. We are facing reality with proliferation persistent, advanced, intelligent attacks while defenders often way behind taking appropriate actions thwart attackers. The concept moving target (MTD) emerged proactive...

Network-based Intrusion Detection System (NIDS) forms the frontline defence against network attacks that compromise security of data, systems, and networks. In recent years, Deep Neural Networks (DNNs) have been increasingly used in NIDS to detect malicious traffic due their high detection accuracy. However, DNNs are vulnerable adversarial modify an input example with imperceivable perturbation, which causes a misclassification by DNN. security-sensitive domains, such as NIDS, pose severe...

This paper develops an availability model of a virtualized system. We construct non-virtualized and two hosts system models using two-level hierarchical approach in which fault trees are used the upper level homogeneous continuous time Markov chains (CTMC) to represent sub-models lower level. In models, we incorporate not only hardware failures (e.g., CPU, memory, power, etc) but also software including Virtual Machine Monitor (VMM), (VM), application failures. high (HA) service VM live...

ABSTRACT Attack tree (AT) is one of the widely used non‐state‐space models for security analysis. The basic formalism AT does not take into account defense mechanisms. Defense trees (DTs) have been developed to investigate effect mechanisms using measures such as attack cost, investment return on (ROA), and (ROI). DT, however, places only at leaf nodes corresponding ROI/ROA analysis incorporate probabilities attack. In response (ART), are both captured but ART suffers from problem...

Cyber crime is a developing concern, where criminals are targeting valuable assets and critical infrastructures within networked systems, causing severe socio-economic impact on enterprises individuals. Adopting moving target defense (MTD) helps thwart cyber attacks by continuously changing the attack surface. There numerous MTD techniques proposed in various domains (e.g., virtualized network, wireless sensor network), but there still lack of methods to assess compare effectiveness them....

Handling diverse client demands and managing unexpected failures without degrading performance are two key promises of a cloud delivered service. However, evaluation service quality becomes difficult as the scale complexity system increases. In environment, request from user goes through variety provider specific processing steps instant it is submitted until fully delivered. Measurement-based expensive especially if many configurations, workload scenarios, management methods to be analyzed....

There is a need to quantify system properties methodically. Dependability and security models have evolved nearly independently. Therefore, it crucial develop classification of dependability which can meet the requirement professionals in both fault-tolerant computing community. In this paper, we present new models. First threats mitigations systems networks. And then several individual model types such as availability, confidentiality, integrity, performance, reliability, survivability,...

In this paper, we propose genetic algorithm (GA) to improve support vector machines (SVM) based intrusion detection system (IDS). SVM is relatively a novel classification technique and has shown higher performance than traditional learning methods in many applications. So several security researchers have proposed IDS. We use fusions of GA enhance the overall Through SVM, "optimal model" for classifier can be determined. As result fusion, IDS not only select parameters "for but also feature...

Attack tree (AT) is one of the widely used combinatorial models in cyber security analysis. The basic formalism AT does not take into account defense mechanisms. Defense trees (DT) have been developed to investigate effect mechanisms using measures such as attacker's cost and cost, return on investment (ROI) attack (ROA). DT, however, places only at leaf node level while corresponding ROI/ROA analysis incorporate probability attack. In response (ART), attacker-defender game was fin optimal...

Constraints such as limited security investment cost precludes a decision maker from implementing all possible countermeasures in system. Existing analytical model-based optimization strategies do not prevail for the following reasons: (i) none of these methods offer way to find optimal solution absence probability assignments model, (ii) scale badly size system model increases and (iii) some suffer they use attack trees (AT) whose structure does allow inclusion while others translate...

Driven by economic benefits, the number of malware attacks is increasing significantly on a daily basis. Malware Detection Systems (MDS) first line defense against malicious attacks, thus it important for detection systems to accurately and efficiently detect malware. Traditional MDS typically utilizes traditional machine learning algorithms that require feature selection extraction, which are time-consuming error-prone. Conventional deep based approaches use Recurrent Neural Network (RNN)...

With the increasing growth of cyber-attack incidences, it is important to develop innovative and effective techniques assess defend networked systems against cyber attacks. One well-known for this performing penetration testing which carried by a group security professionals (i.e, red team). Penetration also known be find existing new vulnerabilities, however, quality assessment can depending on team members their time devotion testing. In paper, we propose novel automation framework...

Moving target defense (MTD) has emerged as a proactive mechanism aiming to thwart potential attacker. The key underlying idea of MTD is increase uncertainty and confusion for attackers by changing the attack surface (i.e., system or network configurations) that can invalidate intelligence collected interrupt execution; ultimately leading failure. Recently, significant advance software-defined networking (SDN) technology enabled several complex operations be highly flexible robust;...

As server virtualization is used as an essential software infrastructure of various services such cloud computing, availability management virtualized system becoming more significant. Although time-based rejuvenation useful to postpone/prevent failures due aging in a system, the schedules for virtual machine (VM) and monitor (VMM) need be determined proper way VM availability, since VMM affects VMs running on VMM. This paper presents analytic models using stochastic reward nets three...

Server virtualization is a technology used in many enterprise systems to reduce operation and acquisition costs, increase the availability of their critical services. Virtualized may be even more complex than traditional nonvirtualized systems; thus, quantitative assessment system difficult. In this paper, we propose sensitivity analysis approach find parameters that deserve attention for improving systems. Our based on Markov reward models, suggests host failure rate most important...

High-availability assurance of cloud service is a critical and challenging issue for providers. To quantify the availability services from both architectural operational points views, modeling evaluation are essential. This paper presents component-based framework, named Candy, which constructs comprehensive model semi-automatically system specifications described by Systems Modeling Language (SysML). SysML diagrams translated into components assembled together to form entire in Stochastic...