Computing security Research Papers - Academia.edu (original) (raw)

Data mining techniques are widely used for intrusion detection since they have the capability of automation and improving the performance. However, using a single classification technique for intrusion detection might involve some... more

Data mining techniques are widely used for intrusion detection since they have the capability of automation and improving the performance. However, using a single classification technique for intrusion detection might involve some difficulties and limitations such as high complexity, instability, and low detection precision for less frequent attacks. Ensemble classifiers can address these issues as they combine different classifiers and obtain better results for predictions. In this paper, a novel ensemble method with neural networks is proposed for intrusion detection based on fuzzy clustering and stacking combination method. We use fuzzy clustering in order to divide the dataset into more homogeneous portions. The stacking combination method is used to aggregate the predictions of the base models and reduce their errors in order to enhance detection accuracy. The experimental results on NSL-KDD dataset demonstrate that the performance of our proposed ensemble method is higher compared to other well-known classification techniques, particularly when the classes of attacks are small.

Femtocells are widely used to improve poor indoor coverage and decrease the cellular networks high cost. The fact that femtocells and macrocells share similar frequency bands leads to a major challenge in time/frequency resources... more

Femtocells are widely used to improve poor indoor coverage and decrease the cellular networks high cost. The fact that femtocells and macrocells share similar frequency bands leads to a major challenge in time/frequency resources allocation. Addressing fairness among femtocells and improving time/frequency resources utilization are the main objectives of the previous studies. The balance between femtocell level fairness and utilization is considered in some of the previous studies. Providing user level fairness with respect to User Equipments (UEs) demands is the issue that has not received adequate attention so far. Here, a centralized resource allocation algorithm is proposed to improve the balance between user level fairness and radio resource utilization where the demand of UEs for radio resources are involved. In this algorithm, two independent phases are followed. The frst phase assigns resources to femtocells in a greedy manner to increase the reused spectrum utilization base...

Cloud computing is clearly one of today's most enticing technology areas due, at least in part, to its cost-efficiency and flexibility. However, despite the surge in activity and interest, there are significant, persistent concerns about... more

Cloud computing is clearly one of today's most enticing technology areas due, at least in part, to its cost-efficiency and flexibility. However, despite the surge in activity and interest, there are significant, persistent concerns about cloud computing that are impeding momentum and will eventually compromise the vision of cloud computing as a new IT procurement model. In this paper, we characterize the problems and their impact on adoption. In addition, and equally importantly, we describe how the combination of existing research thrusts has the potential to alleviate many of the concerns impeding adoption. In particular, we argue that with continued research advances in trusted computing and computation-supporting encryption, life in the cloud can be advantageous from a business intelligence standpoint over the isolated alternative that is more common today.

Recently, semi-supervised clustering methods have been considered by many researchers. In this type of clustering, there are some constraints and information about a small portion of data. In constrained k-means method, the user (i.e. an... more

Recently, semi-supervised clustering methods have been considered by many researchers. In this type of clustering, there are some constraints and information about a small portion of data. In constrained k-means method, the user (i.e. an expert) selects the initial seeds. In this paper, a constraint k-means method based on user feedback is proposed. With the help of the user, some initial seeds of boundary data obtained from clustering were selected and then the results of the user feedback were given to the constrained k-means algorithm in order to obtain the most appropriate clustering model for the existing data. The presented method was applied to various standard datasets and the results showed that this method clustered the data with more accuracy than other similar methods.

During the last decades, opponent modeling techniques, utilized to improve the negotiation outcome, have sparked interest in the negotiation research community. In this study, we first investigate the applicability of nearest neighbor... more

During the last decades, opponent modeling techniques, utilized to improve the negotiation outcome, have sparked interest in the negotiation research community. In this study, we first investigate the applicability of nearest neighbor method with different distance functions in modeling the opponent's preferences. Then, we introduce a new distance-based model to extract the opponent's preferences in a bilateral multi issue negotiation session. We devise an experiment to evaluate the efficiency of our proposed model in a real negotiation setting in terms of a number of performance measures.

Authorization systems are an integral part of any network where resources need to be protected. They act as the gateway for providing (or denying) subjects (users) access to resources. As networks expand and organisations start to... more

Authorization systems are an integral part of any network where resources need to be protected. They act as the gateway for providing (or denying) subjects (users) access to resources. As networks expand and organisations start to federate access to their resources, authorization infrastructures become increasingly difficult to manage. In this paper, we explore the potential of self-adaptive authorization as a means to automate the management of the access control configuration. We propose a Self-Adaptive Authorization Framework (SAAF) that is capable of managing any policy based distributed RBAC/ABAC authorization infrastructure. SAAF relies on a feedback control loop to monitor decisions (by policy decision points) of a target authorization infrastructure. These decisions are analysed to form a view of the subject's behaviour to decide whether to adapt the target authorization infrastructure. Adaptations are made in order to either endorse or restrict the identified behaviour, e.g. by loosening or tightening the current authorization policy. We demonstrate in terms of representative scenarios SAAF's ability for detecting abnormal behaviour, such as, misuse of access to system resources, proposing solutions that either prevent/endorse such behaviour, applying a cost function to each of these solutions, and executing the adaptive changes against a target authorization infrastructure.

Femtocells are widely used to improve poor indoor coverage and decrease the cellular networks high cost. The fact that femtocells and macrocells share similar frequency bands leads to a major challenge in time/frequency resources... more

Femtocells are widely used to improve poor indoor coverage and decrease the cellular networks high cost. The fact that femtocells and macrocells share similar frequency bands leads to a major challenge in time/frequency resources allocation. Addressing fairness among femtocells and improving time/frequency resources utilization are the main objectives of the previous studies. The balance between femtocell level fairness and utilization is considered in some of the previous studies. Providing user level fairness with respect to User Equipments (UEs) demands is the issue that has not received adequate attention so far. Here, a centralized resource allocation algorithm is proposed to improve the balance between user level fairness and radio resource utilization where the demand of UEs for radio resources are involved. In this algorithm, two independent phases are followed. The first phase assigns resources to femtocells in a greedy manner to increase the reused spectrum utilization bas...

Femtocells are widely used to improve poor indoor coverage and decrease the cellular networks high cost. The fact that femtocells and macrocells share similar frequency bands leads to a major challenge in time/frequency resources... more

Femtocells are widely used to improve poor indoor coverage and decrease the cellular networks high cost. The fact that femtocells and macrocells share similar frequency bands leads to a major challenge in time/frequency resources allocation. Addressing fairness among femtocells and improving time/frequency resources utilization are the main objectives of the previous studies. The balance between femtocell level fairness and utilization is considered in some of the previous studies. Providing user level fairness with respect to User Equipments (UEs) demands is the issue that has not received adequate attention so far. Here, a centralized resource allocation algorithm is proposed to improve the balance between user level fairness and radio resource utilization where the demand of UEs for radio resources are involved. In this algorithm, two independent phases are followed. The frst phase assigns resources to femtocells in a greedy manner to increase the reused spectrum utilization base...

The main objective of this article is to improve the accuracy of Mamdani fuzzy rule-based classification systems. Although these systems tend to perform successfully with respect to interpretability, they suffer from rigid pattern space... more

The main objective of this article is to improve the accuracy of Mamdani fuzzy rule-based classification systems. Although these systems tend to perform successfully with respect to interpretability, they suffer from rigid pattern space partitioning. Therefore, a new hierarchical fuzzy rule-based classifier based on binary-tree decomposition is proposed here to develop a more flexible pattern space partitioning. The decomposition process is controlled by fuzzy entropy of each partition. Final rule sets obtained by this proposed method are pruned to overcome the over fitting problem. The performance of this method is compared with some fuzzy and non-fuzzy classification methods on a set of bench mark classification tasks. The experimental results indicate a good performance of the proposed algorithm.

Cloud infrastructure commonly relies on virtualization. Customers provide their own VMs, and the cloud provider runs them often without knowledge of the guest OSes or their configurations. However, cloud customers also want effective and... more

Cloud infrastructure commonly relies on virtualization. Customers provide their own VMs, and the cloud provider runs them often without knowledge of the guest OSes or their configurations. However, cloud customers also want effective and efficient security for their VMs. Cloud providers offering security-as-a-service based on VM introspection promise the best of both worlds: efficient centralization and effective protection. Since customers can move images from one cloud to another, an effective solution requires learning what guest OS runs in each VM and securing the guest OS without relying on the guest OS functionality or an initially secure guest VM state.