Browsing by Subject "security of data"
Now showing 1 - 8 of 8
Results Per Page
Sort Options
Item AI based approach to identify compromised meters in data integrity attacks on smart grid(IET, 2017-10-02) Khanna, Kush; Panigrahi, Bijaya Ketan; Joshi, AnupamFalse data injection attacks can pose serious threats to the operation and control of power grid. The smarter the power grid gets, the more vulnerable it becomes to cyber attacks. Various detection methods of cyber attacks have been proposed in the literature in recent past. However, to completely alleviate the possibility of cyber threats, the compromised meters must be identified and secured. In this paper, we are presenting an Artificial Intelligence (AI) based identification method to correctly single out the malicious meters. The proposed AI based method successfully identifies the compromised meters by anticipating the correct measurements in the event of the cyber attack. NYISO load data is mapped with the IEEE 14 bus system to validate the proposed method. The efficiency of the proposed method is compared for Artificial Neural Network (ANN) and Extreme Learning Machine (ELM) based AI techniques. It is observed that both the techniques identify the corrupted meters with high accuracy.Item Bid Modification Attack in Smart Grid for Monetary Benefits(IEEE, 2016-12-19) Khanna, Kush; Joshi, Anupam; Panigrahi, Bijaya KetanIn the quest for reliability and automation, the entire smart grid operation and control depends on the communication infrastructure. This reliance on the information and communication technologies has also opened up possibilities of cyber intrusions. In this paper, a bid modification attack on the power exchange server is presented with the aim of gaining monetary benefits in the real-time power market. The attack is modelled for PJM 5 bus and IEEE 14 bus test system. The minimum number of load bids required to be changed for launching the attack is obtained and impacts on real time locational marginal prices (LMPs) are presented.Item CyberTwitter: Using Twitter to generate alerts for Cybersecurity Threats and Vulnerabilities(IEEE, 2016-11-24) Mittal, Sudip; Das, Prajit Kumar; Mulwad, Varish; Joshi, Anupam; Finin, TimIn order to secure vital personal and organizational system we require timely intelligence on cybersecurity threats and vulnerabilities. Intelligence about these threats is generally available in both overt and covert sources like the National Vulnerability Database, CERT alerts, blog posts, social media, and dark web resources. Intelligence updates about cybersecurity can be viewed as temporal events that a security analyst must keep up with so as to secure a computer system. We describe CyberTwitter, a system to discover and analyze cybersecurity intelligence on Twitter and serve as a OSINT (Open–source intelligence) source. We analyze real time information updates, in form of tweets, to extract intelligence about various possible threats. We use the Semantic Web RDF to represent the intelligence gathered and SWRL rules to reason over extracted intelligence to issue alerts for security analysts.Item A Data Driven Approach for the Science of Cyber Security: Challenges and Directions(IEEE, 2016-12-19) Thuraisingham, Bhavani; Kantarcioglu, Murat; Hamlen, Kevin; Khan, Latifur; Finin, Tim; Joshi, Anupam; Oates, Tim; Bertino, ElisaThis paper describes a data driven approach to studying the science of cyber security (SoS). It argues that science is driven by data. It then describes issues and approaches towards the following three aspects: (i) Data Driven Science for Attack Detection and Mitigation, (ii) Foundations for Data Trustworthiness and Policy-based Sharing, and (iii) A Risk-based Approach to Security Metrics. We believe that the three aspects addressed in this paper will form the basis for studying the Science of Cyber Security.Item Extracting cybersecurity related linked data from text(IEEE Computer Society Press, 2013-09-16) Joshi, Arnav; Lal, Ravendar; Finin, Tim; Joshi, AnupamThe Web is typically our first source of information about new software vulnerabilities, exploits and cyber-attacks. Information is found in semi-structured vulnerability databases as well as in text from security bulletins, news reports, cybersecurity blogs and Internet chat rooms. It can be useful to cybersecurity systems if there is a way to recognize and extract relevant information and represent it as easily shared and integrated semantic data. We describe such an automatic framework that generates and publishes a RDF linked data representation of cybersecurity concepts and vulnerability descriptions extracted from the National Vulnerability Database and from text sources. A CRF-based system is used to identify cybersecurity-related entities, concepts and relations in text, which are then represented using custom ontologies for the cybersecurity domain and also mapped to objects in the DBpedia knowledge base. The resulting cybersecurity linked data collection can be used for many purposes, including automating early vulnerability identification, mitigation and prevention efforts.Item In Reputation We Believe: Query Processing in Mobile Ad-Hoc Networks(IEEE, 2004-08-22) Perich, Filip; Kagal, Lalana; Joshi, Anupam; Finin, Tim; Yesha, YelenaCurrent research on data management in mobile ad-hoc networks focuses on discovering sources and acquiring information. In this mode of operation, mobile devices assume answers to be correct and do not verify the veracity of the information or their providers. This assumption is suitable for most client-server environments; however, peer-to-peer environments lack the intrinsic stability of ``anchored'' sources. In mobile peer-to-peer environments, some sources may provide faulty information, which can lead to incorrect conclusions. Consequently, devices need a mechanism to evaluate the integrity of their peers and the accuracy of peer provided information. To address this problem we propose a query processing model that relies on distributed trust and belief. In our model, each device maintains and shares beliefs regarding the degree of trust it has for its peers -- where trust is determined by experience and reputation. Additionally, each device associates a value indicating its belief in the accuracy of the information the device holds. Each device, when querying its peers, uses the trust it has placed in the peers, in conjunction with the peers' accuracy belief of their information, to determine the reliability of the responses to its query. We have implemented our model in GloMoSim and provide experimental results for different combinations of trust and accuracy algorithms.Item Private Virtual Infrastructure for Cloud Computing(2009) Krautheim, F. JohnCloud computing places an organization’s sensitive data in the control of a third party, introducing a significant level of risk on the privacy and security of the data. We propose a new management and security model for cloud computing called the Private Virtual Infrastructure (PVI) that shares the responsibility of security in cloud computing between the service provider and client, decreasing the risk exposure to both. The PVI datacenter is under control of the information owner while the cloud fabric is under control of the service provider. A cloud Locator Bot pre-measures the cloud for security properties, securely provisions the datacenter in the cloud, and provides situational awareness through continuous monitoring of the cloud security. PVI and Locator Bot provide the tools that organizations require to maintain control of their information in the cloud and realize the benefits of cloud computing.Item Trust Based Knowledge Outsourcing for Semantic Web Agents(IEEE, 2003-10-12) Ding, Li; Zhou, Lina; Finin, TimThe semantic Web enables intelligent agents to "outsource" knowledge, extending and enhancing their limited knowledge bases. An open question is how agents can efficiently and effectively access the vast knowledge on the inherently open and dynamic semantic Web. The problem is not that of finding a source for desired information, but deciding which among many possibly inconsistent sources is most reliable. We propose an approach to agent knowledge outsourcing inspired by the use trust in human society. Trust is a type of social knowledge and encodes evaluations about which agents can be taken as reliable sources of information or services. We focus on two important practical issues: learning trust and justifying trust. An agent can learn trust relationships by reasoning about its direct interactions with other agents and about public or private reputation information, i.e., the aggregate trust evaluations of other agents. We use the term trust justification to describe the process in which an agent integrates the beliefs of other agents, trust information, and its own beliefs to update its trust model. We describe the results of simulation experiments of the use and evolution of trust in multiagent systems. Our experiments demonstrate that the use of explicit trust knowledge can significantly improve knowledge outsourcing performance. We also describe a collaborative trust justification technique that focuses on reducing search complexity, handling inconsistent knowledge, and avoiding error propagation.