Learn More
Although the ability to model and infer Attacker Intent, Objectives and Strategies (AIOS) may dramatically advance the literature of risk assessment, harm prediction, and predictive or proactive cyber defense, existing AIOS inference techniques are ad hoc and system or application specific. In this paper, we present a general incentive-based method to model(More)
Privacy concern is still one of the major issues that prevent users from moving to public clouds. The root cause of the privacy problem is that the cloud provider has more privileges than it is necessary, which leaves no options for the cloud users to protect their privacy. Due to the same problem, once the control virtual machine or the cloud platform is(More)
Cloud computing has changed how services are provided and supported through the computing infrastructure. However, recent work [11] reveals that virtual machine (VM) colocation based side-channel attack can leak users’ privacy. Techniques have been developed against side-channel attacks. Some of them like NoHype remove the hypervisor layer, which suggests(More)
Although multi-interface multi-channel (MIMC) wireless networks have drawn much attention, they are susceptible to various attacks. This paper describes three new types of attacks against a variety of channel assignment protocols: utilization-based conflict attack, link break attack, and denial-of-data attack. These attacks exploit the vulnerabilities(More)
Cloud computing is becoming more and more popular in computing infrastructure and it also introduces new security problems. For example, a physical server shared by many virtual machines can be taken over by an attacker if the virtual machine monitor is compromised through one of the virtual machines. Thus, collocating with vulnerable virtual machines, or(More)
Even though the automatic recovery techniques of workflow have attracted enough attention in recent years, several critical issues regarding the distributed recovery have not been addressed. For example, if we do the recovery under sustained attacks, in which condition the recovery can terminate? Is a synchronized clock necessary for distributed recovery?(More)
Intrusion monitoring is an indispensable security measure for multi-channel wireless mesh networks. This paper studies how to use mesh routers to monitor a network while supporting regular traffic. This paper shows that the traffic aware monitoring (TRAM) problem is an NP-hard problem, which is challenging in coordinating monitoring and traffic forwarding(More)
Although multi-channel wireless protocols are becoming predominant, security mechanisms of channel assignment are far from sufficient to protect the channel usage. In this paper, we discuss radio jamming attacks, ripple effect attacks and false information injection attacks in multi-interface and multi-channel wireless networks. We propose a security(More)
Workflow systems are popular in daily business processing. Since vulnerability cannot be totally removed from a workflow management system, successful attacks always happen and may inject malicious tasks or incorrect data into the workflow system. Referring to the incorrect data further corrupt more data objects in the system, which comprises the integrity(More)