We examine the write endurance of USB flash drives using a range approaches: chip-level measurements, reverse engineering, timing analysis, whole-device testing, and simulation. The focus our investigation is not only measured endurance, but underlying factors at level chips algorithms--both typical ideal--which determine device.Our measurements show far in excess nominal values quoted by manufacturers, factor as much 100. engineer specifics Flash Translation Layers (FTLs) used several...

Modern scientific discovery is increasingly driven by large-scale supercomputing simulations, followed data analysis tasks. These analyses are either performed offline, on smaller-scale clusters, or the supercomputer itself. Unfortunately, these techniques suffer from performance and energy inefficiencies due to increased movement between compute storage subsystems. Therefore, we propose Active Flash, an insitu approach, wherein conducted solid-state device (SSD), where already resides. Our...

Most machine learning applications rely on centralized processes, opening up the risk of exposure their training datasets. While federated (FL) mitigates to some extent these privacy risks, it relies a trusted aggregation server for shared global model. Recently, new distributed architectures based Peer-to-Peer Federated Learning (P2PFL) offer advantages in terms both and reliability. Still, resilience poisoning attacks during has not been investigated. In this paper, we propose backdoor...

Next generation science will increasingly come to rely on the ability perform efficient, on-the-fly analytics of data generated by high-performance computing (HPC) simulations, modeling complex physical phenomena. Scientific workflows are stymied traditional chaining simulation and analysis, creating multiple rounds redundant reads writes storage system, which grows in cost with ever-increasing gap between compute speeds HPC clusters. Recent acquisitions have introduced node-local flash as a...

There is a wide gap between the potential performance of NAND flash-based solid state drives (SSDs) and their in many real-world applications; understanding this requires knowledge behavior internal algorithms for various workloads. We develop analytic models two commonly-used Flash Translation Layer (FTL) algorithms, as used SSDs, well methodology applying these to demonstrate accuracy via simulation, extend approach incorporate measurement-based approximations when detailed parameters are...

Machine learning (ML) started to become widely deployed in cyber security settings for shortening the detection cycle of attacks. To date, most ML-based systems are either proprietary or make specific choices feature representations and machine models. The success these techniques is difficult assess as public benchmark datasets currently unavailable. In this paper, we provide concrete guidelines recommendations using supervised ML security. As a case study, consider problem botnet from...

Abstract Self-propagating malware (SPM) is responsible for large financial losses and major data breaches with devastating social impacts that cannot be understated. Well-known campaigns such as WannaCry Colonial Pipeline have been able to propagate rapidly on the Internet cause widespread service disruptions. To date, propagation behavior of SPM still not well understood. As result, our ability defend against these cyber threats limited. Here, we address this gap by performing a...

The cyber-threat landscape has evolved tremendously in recent years, with new threat variants emerging daily, and large-scale coordinated campaigns becoming more prevalent. In this study, we propose CELEST (CollaborativE LEarning for Scalable Threat detection, a federated machine learning framework global detection over HTTP, which is one of the most commonly used protocols malware dissemination communication. leverages order to collaboratively train model across multiple clients who keep...

Recent self-propagating malware (SPM) campaigns compromised hundred of thousands victim machines on the Internet. It is challenging to detect these attacks in their early stages, as adversaries utilize common network services, use novel techniques, and can evade existing detection mechanisms. We propose PorTFILER (PORT-Level Network Traffic ProFILER), a new machine learning system applied traffic for detecting SPM attacks. PORTFILER extracts port-level features from Zeek connection logs...

As machine learning (ML) classifiers increasingly oversee the automated monitoring of network traffic, studying their resilience against adversarial attacks becomes critical. This paper focuses on poisoning attacks, specifically backdoor traffic flow classifiers. We investigate challenging scenario clean-label where adversary's capabilities are constrained to tampering only with training data — without ability arbitrarily modify labels or any other component process. describe a trigger...

The training phase of machine learning models is a delicate step, especially in cybersecurity contexts. Recent research has surfaced series insidious training-time attacks that inject backdoors designed for security classification tasks without altering the labels. With this work, we propose new techniques leverage insights threat to effectively mitigate these clean-label poisoning attacks, while preserving model utility. By performing density-based clustering on carefully chosen feature...

Recent advances in multi-agent reinforcement learning (MARL) have created opportunities to solve complex real-world tasks. Cybersecurity is a notable application area, where defending networks against sophisticated adversaries remains challenging task typically performed by teams of security operators. In this work, we explore novel MARL strategies for building autonomous cyber network defenses that address challenges such as large policy spaces, partial observability, and stealthy,...

As machine learning (ML) classifiers increasingly oversee the automated monitoring of network traffic, studying their resilience against adversarial attacks becomes critical. This paper focuses on poisoning attacks, specifically backdoor traffic flow classifiers. We investigate challenging scenario clean-label where adversary's capabilities are constrained to tampering only with training data - without ability arbitrarily modify labels or any other component process. describe a trigger...

Self-propagating malware (SPM) has recently resulted in large financial losses and high social impact, with well-known campaigns such as WannaCry Colonial Pipeline being able to propagate rapidly on the Internet cause service disruptions. To date, propagation behavior of SPM is still not well understood, resulting difficulty defending against these cyber threats. address this gap, paper we perform a comprehensive analysis newly proposed epidemiological model for propagation,...

Recently, coordinated attack campaigns started to become more widespread on the Internet. In May 2017, WannaCry infected than 300,000 machines in 150 countries a few days and had large impact critical infrastructure. Existing threat sharing platforms cannot easily adapt emerging patterns. At same time, enterprises adopt machine learning-based detection tools their local networks. this paper, we pose question: \emph{What information can defenders share across multiple networks help new...

Recent self-propagating malware (SPM) campaigns compromised hundred of thousands victim machines on the Internet. It is challenging to detect these attacks in their early stages, as adversaries utilize common network services, use novel techniques, and can evade existing detection mechanisms. We propose PORTFILER (PORT-Level Network Traffic ProFILER), a new machine learning system applied traffic for detecting SPM attacks. extracts port-level features from Zeek connection logs collected at...