t dominance prioritized defense deployment for byod
play

T -dominance: Prioritized Defense Deployment for BYOD Security IEEE - PowerPoint PPT Presentation

Dec 15, 2022 •281 likes •489 views

T -dominance: Prioritized Defense Deployment for BYOD Security IEEE CNS 2013 Wei Peng 1 Feng Li 1 Keesook J. Han 2 Xukai Zou 1 Jie Wu 3 1 Indiana University-Purdue University Indianapolis 2 Air Force Research Laboratory 3 Temple University 14

  1. T -dominance: Prioritized Defense Deployment for BYOD Security IEEE CNS 2013 Wei Peng 1 Feng Li 1 Keesook J. Han 2 Xukai Zou 1 Jie Wu 3 1 Indiana University-Purdue University Indianapolis 2 Air Force Research Laboratory 3 Temple University 14 October 2013 Approved for Public Release; Distribution Unlimited: 88ABW-2012-4117, 25-Jul-2012. T -dominance 14 October 2013 1 / 16

  2. bring your own device (BYOD) ◮ an enterprise IT policy rising with blackberry/smartphones. . . ◮ . . . that encourages employees to user their own devices to access the enterprise IT infrastructure at work ◮ some cited justifications ◮ employees’ demand/satisfaction ◮ decreased IT acquisition and support cost ◮ increased use of virtualization ◮ security concerns ◮ “bring your own virus” ◮ inadvertenly or maliciously bring malware on a personal device to other devices. . . ◮ . . . through the enterprise network behind firewalls T -dominance 14 October 2013 2 / 16

  3. prioritized defense deployment motivation ◮ BYOD devices need to be monitored and audited for malware protection. . . ◮ . . . but constantly doing so on all devices: ◮ negates the perceived convenience ◮ is costly to implement idea ◮ observation: some device are more security-wise representative ◮ prioritize these devices for defense deployment question ◮ How to define security-wise representative? ◮ How to find these users? T -dominance 14 October 2013 3 / 16

  4. T -dominance as a structural property on temporal-evolving topology the black node is security-wise representative. . . . . . because it T -dominants the white nodes with T = 4 T -dominance 14 October 2013 4 / 16

  5. T -dominance as a distributed algorithm that constructs a T -dominating set the T -dominating set election process is carried out by individual nodes. . . . . . with knowledge of local (rather than global) neighborhood T -dominance 14 October 2013 4 / 16

  6. T -dominance as a prioritized defense deployment strategy more stringent security mechanism deployed on the T -dominating set. . . . . . provides a quantified (by T ) security trade-off. . . . . . between deployment cost and detection delay T -dominance 14 October 2013 4 / 16

  7. T -dominance structural property ◮ given connectivity history 1 , expected encounter delays (reachability) r ( u, v ) between devices u, v ∈ P = { u, v, w, . . . } can be estimated details ◮ G T ( P ) (reachability graph filtered by T ): an undirected graph with P as vertices and r ( u, v ) as weight on edge ( u, v ) , and all edges with weight greater than T removed Definition ( T -dominance) Let P be a set of devices and A be a subset of P called the agents. Agents A are said to T -dominate the smartphones P at moment t if, for any u ∈ G T ( P ) , either u ∈ A or u is a neighbor of an agent a ∈ A in G T ( P ) . ◮ example: prioritizing a T -dominating set for deploying a security patch will have the patch reach all devices within a maximal delay of T with a high probability 1 a built-in feature of many smartphones T -dominance 14 October 2013 5 / 16

  8. T -dominance distributed algorithm overview info exchange upon encounters. . . ◮ agent keeps info on encountered devices; non-agent does not ◮ time-stamped info: device ID, agent/non-agent status, connectivity history ◮ info helps make the following activation/deactivation decisions ◮ u constructs its domination graph G D ( u ) , based on exchanged info . . . plus 2 circumstances ◮ agent meets agent: deactivation ◮ agent meets non-agent: activation T -dominance 14 October 2013 6 / 16

  9. T -dominance distributed algorithm deactivation ◮ when agent u meets another agent (after u has been an agent for at least a period of W ), u decides whether to deactivate itself ◮ N [ w ] = N ( w ) ∪ { w } : the closed neighborhood of w ∈ G D ( u ) 2 alternative decision rules for u ◮ Individual. u deactivates itself if there exists an agent w with higher priority in G D ( u ) so that N [ u ] ⊆ N [ w ] . ◮ Group. u deactivates itself if there exists a connected set of agents U in G D ( u ) , each of which has a higher priority than u , so that N [ u ] ⊆ � w ∈ U N [ w ] . Such a U is said to be a replacement of u . 2 alternative priority comparisons ◮ Strong. w has a priority higher than u if 1) N ∩ � = ∅ ; 2) ∃ x ∈ N ∩ , r ( x, w ) < r ( x, u ) ; 3) ∀ x ∈ N ∩ , r ( x, w ) ≤ r ( x, u ) . ◮ Weak. w has higher priority than u if 1) N ∩ � = ∅ ; 2) � x ∈ N ∩ r ( x, w ) < � x ∈ N ∩ r ( x, u ) . T -dominance 14 October 2013 7 / 16

  10. T -dominance distributed algorithm activation ◮ when agent u meets non-agent v , u decides whether to activate v ◮ problem: indiscriminate activation wastes resources in thrashing ◮ solution: activate v unless it is highly likely to be deactivated later 2 consecutive stages ◮ Deactiviability. u pretends v is an agent, plays v ’s role in u ’s own perspective G D ( u ) ◮ if v is not to be deactivated, then u activates v ◮ if v is to be deactivated, then u proceeds to the next stage. ◮ Coverage. u estimates v ’s unique coverage (in addition to the agent set A ( u ) that u knows of) and activates v with a corresponding probability ◮ c ( v \ A ( u )) : v ’s unique coverage; c ( A ( u )) : A ( u ) ’s total coverage ◮ u activates v with a probability: 1 − exp( − c ( v \ A ( u )) c ( A ( u )) ) . T -dominance 14 October 2013 8 / 16

  11. T -dominance algorithm properties 3 properties Property (Correctness) The T -dominance structural property is maintained by the algorithm. Property (Localization) An agent makes its activation/deactivation decisions locally. Property ( Temporal robustness ) Correctness is achieved even if the info obtained from other devices is outdated. T -dominance 14 October 2013 9 / 16

  12. T -dominance algorithm properties the key to temporal robustness Theorem If an agent a deactivates itself in its local (and potentially outdated) view at the moment t , then, in the global (and updated) view, each of the devices T -dominated by a , including a itself, is still T -dominated by some agent at t . T -dominance 14 October 2013 10 / 16

  13. evaluation data set and preprocessing dataset ◮ from the Wireless Topology Discovery (WTD) project 2 ◮ collected from over 150 UC San Diego freshmen using hand-held mobile devices over an 11-week period ◮ periodic Wi-Fi AP scanning and association results were recorded every 20 seconds preprocessing ◮ consecutive association records (every 20 seconds) are combined into a single session ◮ took the first 200 record entries ◮ use the first 30% of the data (with 190 nodes) to accumulate connectivity history ◮ some nodes are randomly selected as initial agents ◮ simulate the activation/deactivation processes 2 http://sysnet.ucsd.edu/wtd/data_download/wtd_data_release.tgz T -dominance 14 October 2013 11 / 16

  14. evaluation agent election results agent election is normalized by the epidemic activation strategy T -dominance 14 October 2013 12 / 16

  15. evaluation prioritized defense deployment effectiveness compare at the same rate ◮ T -dominance-based strategic malware sampling/patching ◮ random sampling/patching on different malware propagation model ◮ epidemic propagation ◮ static/no propagation T -dominance 14 October 2013 13 / 16

  16. evaluation prioritized defense deployment effectiveness the delay till first detection T -dominance strategic sampling can detect malware faster than random sampling T -dominance 14 October 2013 13 / 16

  17. evaluation prioritized defense deployment effectiveness the number of malware infected nodes averaged over the whole time period T -dominance strategic patching is more effective in preventing malware epidemic than random patching T -dominance 14 October 2013 13 / 16

  18. take-aways ◮ prioritized defense deployment provides a less-intrusive BYOD security solution ◮ T -dominance provides a quantified trade-off between defense deployment cost and time-to-full-coverage ◮ the activation/deactivation distributed algorithm preserves the T -dominance structural property with temporal robustness ◮ T -dominance-based strategy sampling/patching is more effective than random sampling/patching T -dominance 14 October 2013 14 / 16

  19. thank you T -dominance 14 October 2013 15 / 16

  20. ◮ connectivity log entry ( ST = s, ET = e, APID = AP i ) : the device is associated with access point AP i from time s to e ◮ given u and v ’s connectivity logs, find encounter durations in time window [ t − W, t ] to be [ s 1 , e 1 ] , [ s 2 , e 2 ] , . . . , [ s k , e k ] (define s k +1 = s 1 + W ) ◮ at time m , delay until the next encounter: � 0 ∃ i, s.t. s i ≤ m ≤ e i , g ( m ) = min s i ≥ m ( s i − m ) otherwise. ◮ reachability between u and v as expected delay: � s k +1 g ( m ) dm � k i =1 ( s i +1 − e i ) 2 s 1 r ( u, v ) = = . W 2 W back to T -dominance definition T -dominance 14 October 2013 16 / 16

Recommend

BYOD Informational Session Why BYOD? What is BYOD? BYOD is Bring Your Own Device. It is a Wake

BYOD Informational Session Why BYOD? What is BYOD? BYOD is Bring Your Own Device. It is a Wake

BYOD Informational Session Why BYOD? What is BYOD? BYOD is Bring Your Own Device. It is a Wake County initiative to assist students in integrating technology with learning. It will enable our students to become future- ready,

415 views • 18 slides
www.georgetownisd.org/byod What is BYOD? B ring Y our O wn D evice www.georgetownisd.org/byod

www.georgetownisd.org/byod What is BYOD? B ring Y our O wn D evice www.georgetownisd.org/byod

B ring Y our O wn D evice Photo Source: http://commons.wikimedia.org/wiki/File:Mobile_Ger%C3%A4te.jpg Information for Parents &amp; Guardians Check Out Our BYOD Resources Online! This presentation is an overview of the BYOD program. For

742 views • 26 slides
Bring Your Own Device (BYOD) 4 October 2016 What is BYOD? Define the characteristics of

Bring Your Own Device (BYOD) 4 October 2016 What is BYOD? Define the characteristics of

Bring Your Own Device (BYOD) 4 October 2016 What is BYOD? Define the characteristics of todays students Explore BYOD in the classroom Any Questions pollev.com/bishpoll Student Feedback BYOD Survey for Years 10 - 13. Student

474 views • 43 slides
2019 For Years 11 &amp; 12 in 2019 BYOd Bring Your Own device Why BYOd? To sustain the

2019 For Years 11 &amp; 12 in 2019 BYOd Bring Your Own device Why BYOd? To sustain the

BYOd at Tully SHS 2019 For Years 11 &amp; 12 in 2019 BYOd Bring Your Own device Why BYOd? To sustain the success of the Tully SHS 1:1 mobile devices policy in years 11 &amp; 12. This policy has allowed each senior student to have a mobile

202 views • 16 slides
Assessing BYOD with the Smarthpone Pentest Framework Georgia

Assessing BYOD with the Smarthpone Pentest Framework Georgia

Assessing BYOD with the Smarthpone Pentest Framework Georgia Weidman BYOD Is Not New Contractor Laptop Rogue Access Point Gaming Console Tradi&gt;onal Vulnerability Scanning

1.28k views • 95 slides
Information Dominance through Unmanned Autonomous Vehicles 15 th Annual INCOSE Region II Fall

Information Dominance through Unmanned Autonomous Vehicles 15 th Annual INCOSE Region II Fall

Information Dominance through Unmanned Autonomous Vehicles 15 th Annual INCOSE Region II Fall mini-Conference 30 October, 2010 San Diego, California Dr. S.S. Kamal Phone: 703-676-8111 Cell: 858-967-0589 E-Mail: kamalss@saic.com Defense

470 views • 14 slides
1 Dominance Frontiers Revisited Dominance Frontiers and SSA Suppose that node 3 defines variable

1 Dominance Frontiers Revisited Dominance Frontiers and SSA Suppose that node 3 defines variable

Machinery for Placing -Functions Dominance Frontier Example entry Recall Dominators DF(d) = {n | p pred(n), d dom p and d !sdom n} d dom i if all paths from entry to node i include d Nodes in Dom(5) d dom i d {5, 6, 7, 8}

265 views • 4 slides
Multidimensional Social Welfare Dominance with 4 th Order Derivatives of Utility Christophe

Multidimensional Social Welfare Dominance with 4 th Order Derivatives of Utility Christophe

Multidimensional Social Welfare Dominance with 4 th Order Derivatives of Utility Christophe Muller Aix-Marseille School of Economics August 2014 conf 1 1. Dominance Poverty, Inequality, Social Welfare Robust dominance judgments:

491 views • 27 slides
Lower Moreland Township School District What is BYOD? Bring your own device (BYOD) Embraces

Lower Moreland Township School District What is BYOD? Bring your own device (BYOD) Embraces

Lower Moreland Township School District What is BYOD? Bring your own device (BYOD) Embraces devices students already own Students bring their device to school to assist their learning in the classroom Student devices access

528 views • 32 slides
What is BYOD? Bring your own device (BYOD) refers to students bringing a personally

What is BYOD? Bring your own device (BYOD) refers to students bringing a personally

What is BYOD? Bring your own device (BYOD) refers to students bringing a personally owned device to school for the purpose of learning. A personally owned device is any technology device brought into the school and is owned by a

684 views • 26 slides
Beyond Admissibility : Dominance between chains of strategies Dominance between chains of

Beyond Admissibility : Dominance between chains of strategies Dominance between chains of

Beyond Admissibility : Beyond Admissibility : Dominance between chains of strategies Dominance between chains of strategies Marie van den Bogaard 1 Marie van den Bogaard Joint work with N. Basset 2 , I. Jecker 1 , A.Pauly 3 &amp; J.-F. Raskin 1

1.05k views • 100 slides
Bring Your Own Device (BYOD) Information Session Tue 30 th October 2018 3:20pm &amp; 5:00pm

Bring Your Own Device (BYOD) Information Session Tue 30 th October 2018 3:20pm &amp; 5:00pm

Bring Your Own Device (BYOD) Information Session Tue 30 th October 2018 3:20pm &amp; 5:00pm Welcome Mr Anthony Lanskey Principal Topics covered during this session 1. The what, how and why of BYOD and online learning 2. Responsibilities of

394 views • 22 slides
Presented by: Doretta Richardson Pre-Deployment Brief Got Deployment? 2 Pre-Deployment Workshop

Presented by: Doretta Richardson Pre-Deployment Brief Got Deployment? 2 Pre-Deployment Workshop

Presented by: Doretta Richardson Pre-Deployment Brief Got Deployment? 2 Pre-Deployment Workshop R U Ready? This is my vest this is my CORE. These are all of the things I need as a Marine to be successful during this deployment: Who

453 views • 34 slides
Presented by: Doretta Richardson Pre-Deployment Brief Got Deployment? 2 Pre-Deployment Workshop

Presented by: Doretta Richardson Pre-Deployment Brief Got Deployment? 2 Pre-Deployment Workshop

Presented by: Doretta Richardson Pre-Deployment Brief Got Deployment? 2 Pre-Deployment Workshop R U Ready? This is my vest this is my CORE. These are all of the things I need as a Marine to be successful during this deployment: Who

426 views • 25 slides
Prioritized Access Arbitration to Shared Resources on Integrated Software Systems in Multicore

Prioritized Access Arbitration to Shared Resources on Integrated Software Systems in Multicore

Prioritized Access Arbitration to Shared Resources on Integrated Software Systems in Multicore Environments 14th December 2012, Liverpool Andreas Knirsch , Pierre Schnarz, Joachim Wietzke h_da Prioritized Access Arbitration to Shared Resources

222 views • 21 slides
From Qualitative to Quantitative Dominance Pruning for Optimal Planning Alvaro Torralba

From Qualitative to Quantitative Dominance Pruning for Optimal Planning Alvaro Torralba

Qualitative Quantitative Finding Dominance Action Selection Pruning Experiments Conclusions From Qualitative to Quantitative Dominance Pruning for Optimal Planning Alvaro Torralba Saarland University HSDIP Workshop June 20, 2017

677 views • 43 slides
b Dominance vs. Recessiveness B Homozygous, Heterozygous Punnett Square: Black vs.

b Dominance vs. Recessiveness B Homozygous, Heterozygous Punnett Square: Black vs.

1/ 26/ 2017 Know how. Know now. Know how. Know now. Breeding/Genetics Objectives Livestock Management CDE Beef: Breeding, Genetic, &amp; Reproductive Mgmt Students should understand ... B. A. Reiling Dominance vs. Recessiveness

471 views • 6 slides
IPv6 Deployment WG in IPv6 Promotion Council and its Deployment Guideline 2005.2.23 IPv6

IPv6 Deployment WG in IPv6 Promotion Council and its Deployment Guideline 2005.2.23 IPv6

IPv6 Deployment WG in IPv6 Promotion Council and its Deployment Guideline 2005.2.23 IPv6 Deployment WG Chair Takashi Arano (Intec NetCore, Inc.) IPv6 Deployment Guideline solves barriers for deployment I cant see IPv6s

319 views • 7 slides
Novel Is Not Always Better: On the Relation between Novelty and Dominance Pruning Joschka Gro,

Novel Is Not Always Better: On the Relation between Novelty and Dominance Pruning Joschka Gro,

Classical Planning Novelty Dominance Relation Novelty Heuristics Conclusions Novel Is Not Always Better: On the Relation between Novelty and Dominance Pruning Joschka Gro, Alvaro Torralba, Maximilian Fickert Classical Planning

1.13k views • 68 slides
Prioritized Garbage Collection Using the Garbage Collector to Support Caching Diogenes Nunez ,

Prioritized Garbage Collection Using the Garbage Collector to Support Caching Diogenes Nunez ,

Prioritized Garbage Collection Using the Garbage Collector to Support Caching Diogenes Nunez , Samuel Z. Guyer, Emery D. Berger Tufts University, University of Massachusetts Amherst November 2, 2016 D. Nunez, S. Guyer, E. Berger Prioritized GC

1.04k views • 80 slides
Managed BYOD Program Learning for the 21 st Century Company LOGO WELCOME The 1:1 Learning

Managed BYOD Program Learning for the 21 st Century Company LOGO WELCOME The 1:1 Learning

Managed BYOD Program Learning for the 21 st Century Company LOGO WELCOME The 1:1 Learning Journey NSSCF (National Secondary Schools Computer Funding) RSC required to purchase devices in 2011 Push for 1:1 with 24 / 7 access

727 views • 31 slides
Challenges of Implementing Fair Defense Act Requirements &amp; Indigent Defense Grant

Challenges of Implementing Fair Defense Act Requirements &amp; Indigent Defense Grant

Challenges of Implementing Fair Defense Act Requirements &amp; Indigent Defense Grant Opportunities Effective Post-Arrest and Indigent Defense Practices Longview, TX August 10, 2018 Scott Ehlers, Special Counsel T exas Indigent Defense

676 views • 30 slides
1 Dominance Frontier Example Dominance Frontier Example II DF(d) = {n | p pred(n), d dom

1 Dominance Frontier Example Dominance Frontier Example II DF(d) = {n | p pred(n), d dom

Where Do We Place -Functions? Approaches to Placing -Functions Basic Rule Minimal If two distinct (non-null) paths x z and y z converge at node z, and As few as possible subject to the basic rule nodes x and y contain

416 views • 4 slides
Family Communication During Deployment Please download the Family Communication during Deployment

Family Communication During Deployment Please download the Family Communication during Deployment

Family Communication During Deployment Please download the Family Communication during Deployment Worksheet before beginning this class. Family Communication during Deployment (MAR 2103) What are the options? Care E-mail Packages Letters

221 views • 9 slides

More recommend