Related papers: immUNITY: Detecting and Mitigating Low Volume & Sl…
Modern advances in sensor, computing, and communication technologies enable various smart grid applications. The heavy dependence on communication technology has highlighted the vulnerability of the electricity grid to false data injection…
Monitoring network traffic to maintain the quality of service (QoS) and to detect network intrusions in a timely and efficient manner is essential. As network traffic is sequential, recurrent neural networks (RNNs) such as long short-term…
Although AI-based models have achieved high accuracy in IoT threat detection, their deployment in enterprise environments is constrained by reliance on stationary datasets that fail to reflect the dynamic nature of real-world IoT NetFlow…
Smart homes, enterprises, and cities are increasingly being equipped with a plethora of Internet of Things (IoT), ranging from smart-lights to security cameras. While IoT networks have the potential to benefit our lives, they create privacy…
The fundamental problem of our interest here is soft-input soft-output multiple-input multiple-output (MIMO) detection. We propose a method, referred to as subspace marginalization with interference suppression (SUMIS), that yields…
We present a new machine learning-based attack that exploits network patterns to detect the presence of smart IoT devices and running services in the WiFi radio spectrum. We perform an extensive measurement campaign of data collection, and…
We investigate the detection of botnet command and control (C2) hosts in massive IP traffic using machine learning methods. To this end, we use NetFlow data -- the industry standard for monitoring of IP traffic -- and ML models using two…
Streaming network intrusion detection systems must process flows continuously while keeping memory bounded, but most current methods leave alerting threshold selection as a post-hoc tuning problem poorly suited to production. Operators need…
The Internet of Things (IoT) technology has rapidly gained popularity with applications widespread across a variety of industries. However, IoT devices have been recently serving as a porous layer for many malicious attacks to both personal…
In this paper, we propose a new method for detecting unauthorized network intrusions, based on a traffic flow model and Cisco NetFlow protocol application. The method developed allows us not only to detect the most common types of network…
This paper presents our simulation of cyber-attacks and detection strategies on the traffic control system in Daytona Beach, FL. using Raspberry Pi virtual machines and the OPNSense firewall, along with traffic dynamics from SUMO and…
IoT devices have become popular targets for various network attacks due to their lack of industry-wide security standards. In this work, we focus on smart home IoT device identification and defending them against Distributed Denial of…
Recent advances in programmable switch hardware offer a fresh opportunity to protect user privacy. This paper presents PINOT, a lightweight in-network anonymity solution that runs at line rate within the memory and processing constraints of…
Network intervention problems often benefit from selecting a highly-connected node to perform interventions using these nodes, e.g. immunization. However, in many network contexts, the structure of network connections is unknown, leading to…
The growing market for smart home IoT devices promises new conveniences for consumers while presenting new challenges for preserving privacy within the home. Many smart home devices have always-on sensors that capture users' offline…
The enormous amount of code required to design modern hardware implementations often leads to critical vulnerabilities being overlooked. Especially vulnerabilities that compromise the confidentiality of sensitive data, such as cryptographic…
As Large Language Models (LLMs) become ubiquitous, the challenge of securing them against adversarial "jailbreaking" attacks has intensified. Current defense strategies often rely on computationally expensive external classifiers or brittle…
We present a highly compact run-time monitoring approach for deep computer vision networks that extracts selected knowledge from only a few (down to merely two) hidden layers, yet can efficiently detect silent data corruption originating…
Many approaches have evolved to enhance network attacks detection anomaly using SNMP-MIBs. Most of these approaches focus on machine learning algorithms with a lot of SNMP-MIB database parameters, which may consume most of hardware…
Pervasive encryption makes large-scale labeling infeasible for traffic analysis, while security operations demand edge analysis to avert service degradation and further vulnerabilities. These pressures have produced two disjoint research…