PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
This PDF file contains the front matter associated with SPIE Proceedings Volume 9458, including the Title Page, Copyright information, Table of Contents, Invited Panel Discussion, and Conference Committee listing.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
Reconstructing images from SAR returns is usually a time consuming task. In addition it is often desired to use as many
returns as possible to achieve better image quality. However, the high computational resources demand by the conventional
methods hinders the reconstruction process. In this article, we propose a simple method to reconstruct SAR image that is
built upon the back-projection algorithm using multiple sub-aperture imagery to attain both greater processing efficiency
and improved image quality. Instead of aggregating all the available pulses into one single image following the back-projection
algorithm, our proposed method creates multiple SAR image reconstructions from a relatively small number
of pulses to exploit variations in sub-aperture views of the scene. The heterogeneity among these sub-aperture views
exhibits an exceptional difference between various objects and presents a reconstruction with much less noise. Our
proposed method is evaluated with circular spotlight GOTCHA data sets and it demonstrates much improved
computational performance and image quality compared to the conventional back-projection algorithm.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
Deception can be a useful defensive technique against cyber-attacks; it has the advantage of unexpectedness to attackers
and offers a variety of tactics. Honeypots are a good tool for deception. They act as decoy computers to confuse
attackers and exhaust their time and resources. This work tested the effectiveness of two free honeypot tools in real
networks by varying their location and virtualization, and the effects of adding more deception to them. We tested a
Web honeypot tool, Glastopf and an SSH honeypot tool Kippo. We deployed the Web honeypot in both a residential
network and our organization’s network and as both real and virtual machines; the organization honeypot attracted more
attackers starting in the third week. Results also showed that the virtual honeypots received attacks from more unique IP
addresses. They also showed that adding deception to the Web honeypot, in the form of additional linked Web pages
and interactive features, generated more interest by attackers. For the purpose of comparison, we used examined log
files of a legitimate Web-site www.cmand.org. The traffic distributions for the Web honeypot and the legitimate Web
site showed similarities (with much malicious traffic from Brazil), but the SSH honeypot was different (with much
malicious traffic from China). Contrary to previous experiments where traffic to static honeypots decreased quickly, our
honeypots received increasing traffic over a period of three months. It appears that both honeypot tools are useful for
providing intelligence about cyber-attack methods, and that additional deception is helpful.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
Industrial control systems (ICSs) are an important part of critical infrastructure in cyberspace. They are especially
vulnerable to cyber-attacks because of their legacy hardware and software and the difficulty of changing it. We first
survey the history of intrusions into ICSs, the more serious of which involved a continuing adversary presence on an ICS
network. We discuss some common vulnerabilities and the categories of possible attacks, noting the frequent use of
software written a long time ago. We propose a framework for designing ICS incident response under the constraints
that no new software must be required and that interventions cannot impede the continuous processing that is the norm
for such systems. We then discuss a prototype toolkit we built using the Windows Management Instrumentation
Command-Line tool for host-based analysis and the Bro intrusion-detection software for network-based analysis.
Particularly useful techniques we used were learning the historical range of parameters of numeric quantities so as to
recognize anomalies, learning the usual addresses of connections to a node, observing Internet addresses (usually rare),
observing anomalous network protocols such as unencrypted data transfers, observing unusual scheduled tasks, and
comparing key files through registry entries and hash values to find malicious modifications. We tested our methods on
actual data from ICSs including publicly-available data, voluntarily-submitted data, and researcher-provided “advanced
persistent threat” data. We found instances of interesting behavior in our experiments. Intrusions were generally easy to
see because of the repetitive nature of most processing on ICSs, but operators need to be motivated to look.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
Situation Awareness: Joint Session with Conferences 9458 and 9464
In this work, we present a novel improvement to classical vehicle tracking algorithms by implementing a three-tier
architecture consisting of a data-centric vehicle tracker paired with a hypothetical thinking layer that is controlled by an
overarching goal layer – this models more effectively how a human thinks about and analyzes situations like vehicle
tracking. The upper two layers are disassociated from the data itself and instead operate from the idea of qualia in event
space. Our proof-of-concept results show how a classical vehicle tracker can be improved by fusing multiple input
sources using coincident SAR and EO data paired with a thinking layer that is able to detect, hypothesize, and resolve
conflicts.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
Current cyber-related security and safety risks are unprecedented, due in no small part to information overload
and skilled cyber-analyst shortages. Advances in decision support and Situation Awareness (SA) tools are
required to support analysts in risk mitigation. Inspired by human intelligence, research in Artificial Intelligence
(AI) and Computational Intelligence (CI) have provided successful engineering solutions in complex domains
including cyber. Current AI approaches aggregate large volumes of data to infer the general from the particular,
i.e. inductive reasoning (pattern-matching) and generally cannot infer answers not previously programmed.
Whereas humans, rarely able to reason over large volumes of data, have successfully reached the top of the
food chain by inferring situations from partial or even partially incorrect information, i.e. abductive reasoning
(pattern-completion); generating a hypothetical explanation of observations. In order to achieve an engineering
advantage in computational decision support and SA we leverage recent research in human consciousness, the role
consciousness plays in decision making, modeling the units of subjective experience which generate consciousness,
qualia. This paper introduces a novel computational implementation of a Cognitive Modeling Architecture (CMA)
which incorporates concepts of consciousness. We apply our model to the malware type-classification task. The
underlying methodology and theories are generalizable to many domains.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
Demand response is one of key smart grid applications that aims to reduce power generation at peak hours and maintain
a balance between supply and demand. With the support of communication networks, energy consumers can become
active actors in the energy management process by adjusting or rescheduling their electricity usage during peak hours
based on utilities pricing incentives. Nonetheless, the integration of communication networks expose the smart grid to
cyber-attacks. In this paper, we developed a smart grid simulation test-bed and designed evaluation scenarios. By
leveraging the capabilities of Matlab and ns-3 simulation tools, we conducted a simulation study to evaluate the impact
of cyber-attacks on demand response application. Our data shows that cyber-attacks could seriously disrupt smart grid
operations, thus confirming the need of secure and resilient communication networks for supporting smart grid
operations.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
Assessing and quantifying cyber risk accurately in real-time is essential to providing security and mission assurance in any system and network. This paper presents a modeling and dynamic analysis approach to assessing cyber risk of a network in real-time by representing dynamically its vulnerabilities, exploitations, and impact using integrated Bayesian network and Markov models. Given the set of vulnerabilities detected by a vulnerability scanner in a network, this paper addresses how its risk can be assessed by estimating in real-time the exploit likelihood and impact of vulnerability exploitation on the network, based on real-time observations and measurements over the network. The dynamic representation of the network in terms of its vulnerabilities, sensor measurements, and observations is constructed dynamically using the integrated Bayesian network and Markov models. The transition rates of outgoing and incoming links of states in hidden Markov models are used in determining exploit likelihood and impact of attacks, whereas emission rates help quantify the attack states of vulnerabilities. Simulation results show the quantification and evolving risk scores over time for individual and aggregated vulnerabilities of a network.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
Network security monitoring is currently challenged by its reliance on human analysts and the inability for tools to
generate indications and warnings for previously unknown attacks. We propose a reputation system based on IP address
set membership within the Autonomous System Number (ASN) system. Essentially, a metric generated based on the
historic behavior, or misbehavior, of nodes within a given ASN can be used to predict future behavior and provide a
mechanism to locate network activity requiring inspection. This will provide reinforcement of notifications and warnings
and lead to inspection for ASNs known to be problematic even if initial inspection leads to interpretation of the event as
innocuous. We developed proof of concept capabilities to generate the IP address to ASN set membership and analyze
the impact of the results. These results clearly show that while some ASNs are one-offs with individual or small numbers
of misbehaving IP addresses, there are definitive ASNs with a history of long term and wide spread misbehaving IP
addresses. These ASNs with long histories are what we are especially interested in and will provide an additional
correlation metric for the human analyst and lead to new tools to aid remediation of these IP address blocks.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
High profile breaches have occurred across numerous information systems. One area where attacks are particularly
problematic is autonomous control systems. This paper considers the aerospace information system, focusing on
elements that interact with autonomous control systems (e.g., onboard UAVs). It discusses the trust placed in the
autonomous systems and supporting systems (e.g., navigational aids) and how this trust can be validated. Approaches to
remotely detect the UAV compromise, without relying on the onboard software (on a potentially compromised system)
as part of the process are discussed. How different levels of autonomy (task-based, goal-based, mission-based) impact
this remote characterization is considered.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
Network Systems Security Analysis has utmost importance in today’s world. Many companies, like banks
which give priority to data management, test their own data security systems with “Penetration Tests” by time to time.
In this context, companies must also test their own network/server systems and take precautions, as the data security
draws attention.
Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With
these information on, classification is made for the cyber-attacks and later network systems’ security is tested
systematically. After the testing period, all data is reported and filed for future reference.
Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may
unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like
updating the security software.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
For the states with advanced technology, effective use of electronic warfare and cyber warfare will be the main
determining factor of winning a war in the future’s operational environment. The developed states will be able to finalize
the struggles they have entered with a minimum of human casualties and minimum cost thanks to high-tech. Considering
the increasing number of world economic problems, the development of human rights and humanitarian law it is easy to
understand the importance of minimum cost and minimum loss of human. In this paper, cyber warfare and electronic
warfare concepts are examined in conjunction with the historical development and the relationship between them is
explained. Finally, assessments were carried out about the use of cyber electronic warfare in the coming years.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.