Machine Learning in Cyber Trust [book]

2009
except for brief excerpts in connection with reviews or scholarly analysis. Use in connection with any form of information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed is forbidden. The use in this publication of trade names, trademarks, service marks, and similar terms, even if they are not identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to
more » ... etary rights. To my parents: Ying-Ren and Shiow-Lien, and my family: Fuh-Te, Edward, Christina -J.T. To my family -P.Y. Preface Networked computers reside at the heart of systems on which people now rely, both in critical national infrastructures and in private enterprises. Today, many of these systems are far too vulnerable to cyber attacks that can inhibit their functioning, corrupt important data, or expose private information. It is extremely important to make the system resistant to and tolerant of these cyber attacks. Machine learning is critical in the study of how to build computer programs that improve their performance through experience. Machine learning algorithms have proven to be of great practical value in a variety of application domains. They are particularly useful for (a) poorly understood problem domains where little knowledge exists for the humans to develop effective algorithms; (b) domains where there are large databases containing valuable implicit regularities to be discovered; or (c) domains where programs must adapt to changing conditions. Not surprisingly, the field of cyber-based systems turns out to be a fertile ground where many security, reliability, performance, availability, and privacy tasks could be formulated as learning problems and approached in terms of learning algorithms. This book deals with the subject of machine learning applications in the In Part II, Chapter 2 describes how new vulnerabilities occur in security decisions using statistical machine learning. Particularly, authors demonstrate how three new attacks can make the filter unusable and prevent victims from receiving specific email messages. Chapter 3 presents a survey of various approaches that use machine learning/data mining techniques to enhance the traditional security mechanisms of databases. Two database security applications, namely, detection of SQL Injection attacks and anomaly detection for defending against insider threats are discussed. Chapter 4 describes an approach to detecting anomalies in a graph-based representation of the data collected during the monitoring of cyber and other infrastructures. The approach is evaluated using several synthetic and real-world datasets. Results show that the approach has high true-positive rates, low false-positive rates, and is capable of detecting complex structural anomalies in several real-world domains. Chapter 5 shows results from an empirical study of seven online-learning methods on the task of detecting malicious executables. Their study gives vii trust of cyber systems. It includes twelve chapters that are organized into four parts -cyber system, security, privacy, and reliability. Cyber-physical systems are a new and popular research area. In Part I, Chapter 1 introduces the motivation and basic concept of cyber-physical systems and reviews a sample of challenges related to real-time networked embedded systems. viii readers insights into the performance of online methods of machine learning on the task of detecting malicious executables. Chapter 6 proposes a novel network intrusion detection framework for mining and detecting sequential intrusion patterns is proposed. Experiments show promising results with high detection rates, low processing time, and low false alarm rates in mining and detecting sequential intrusion detections. Chapter 7 presents a solution for extending the capabilities of existing systems while simultaneously maintaining the stability of the current systems. It proposes an externalized survivability management scheme based on the observe-reason-modify paradigm and claims that their approach can be applied to a broad class of observable systems. Chapter 8 discusses an image encryption algorithm based on a chaotic cellular neural network to deal with information security and assurance. The comparison with the most recently reported chaos-based image encryption algorithms indicates that the algorithm proposed has a better security performance. Over the decades, a variety of privacy threat models and privacy principles have been proposed and implemented. In Part III, Chapter 9 presents an overview of data privacy research by taking a close examination at the achievements with the objective of pinpointing individual research efforts on the grand map of data privacy protection. They also examine the research challenges and opportunities of location privacy protection. Chapter 10 presents an algorithm based on secure multiparty computation primitives to compute the nearest neighbors of records in horizontally distributed data. Authors show how this algorithm can be used in three important data mining algorithms, namely LOF outlier detection, SNN clustering, and kNN classification. They prove the security of these algorithms under the semi-honest adversarial model, and describe methods that can be used to optimize their performance. Service-oriented architecture (SOA) techniques are being increasingly used for developing network-centric systems. In Part IV, Chapter 11 describes an approach for assessing the reliability of SOA-based systems using AI reasoning techniques. Memory-Based Reasoning technique and Bayesian Belief Networks are verified as the reasoning tools best suited to guide the prediction analysis. They also construct a framework from the above approach to identify the least tested and "high usage" input subdomains of the services. Chapter 12 aims for the models, properties, and applications of context-aware Web services by developing an ontology-based context model, and identifying context-aware applications as well as their properties. They developed an ontology-based context model to enable formal description and acquisition of contextual information pertaining to service requestors and services. They also and facilitate in finding right ser-vices, right partners and right information. Preface proof-of-concept to demonstrate how the context model can be used to enable report three context-aware applications built on top of their context model as a ix Finally, we would like to thank Melissa Fearon and Valerie Schofield of Spring for guidance of this project and
doi:10.1007/978-0-387-88735-7 fatcat:udygc6bqwvehrd7ytmj3pvwpmm