116 results found
Fielder A, Li T, Hankin C, Defense-in-depth vs. Critical Component Defense for Industrial Control Systems, International Symposium for ICS & SCADA Cyber Security
Originally designed as self-contained and isolated networks, Industrial Control Systems (ICS) have evolved tobecome increasingly interconnected with IT systems and other wider networks and services, which enablescyber attacks to sabotage the normal operation of ICS. This paper proposes a simulation of attackers anddefenders, who have limited resources that must be applied to either advancing the technology they haveavailable to them or attempting to attack (defend) the system. The objective is to identify the appropriatedeployment of specific defensive strategy, such as Defense-in-depth and Critical Component Defense.The problem is represented as a strategic competitive optimisation problem, which is solved using a coevolutionaryParticle Swarm Optimisation problem. Through the development of optimal defense strategies,it is possible to identify when each specific defensive strategies is most appropriate; where the optimaldefensive strategy depends on the kind of attacker the system is expecting and the structure of the network.
Li T, Hankin C, Effective Defence Against Zero-Day Exploits Using Bayesian Networks, The 11th International Conference on Critical Information Infrastructures Security
Kodagoda N, Pontis S, Simmie D, et al., 2017, Using Machine Learning to Infer Reasoning Provenance from User Interaction Log Data, Journal of Cognitive Engineering and Decision Making, Vol: 11, Pages: 23-41, ISSN: 1555-3434
© 2016, Human Factors and Ergonomics Society.The reconstruction of analysts' reasoning processes (reasoning provenance) during complex sensemaking tasks can support reflection and decision making. One potential approach to such reconstruction is to automatically infer reasoning from low-level user interaction logs. We explore a novel method for doing this using machine learning. Two user studies were conducted in which participants performed similar intelligence analysis tasks. In one study, participants used a standard web browser and word processor; in the other, they used a system called INVISQUE (Interactive Visual Search and Query Environment). Interaction logs were manually coded for cognitive actions based on captured think-aloud protocol and posttask interviews based on Klein, Phillips, Rall, and Pelusos's data/frame model of sensemaking as a conceptual framework. This analysis was then used to train an interaction frame mapper, which employed multiple machine learning models to learn relationships between the interaction logs and the codings. Our results show that, for one study at least, classification accuracy was significantly better than chance and compared reasonably to a reported manual provenance reconstruction method. We discuss our results in terms of variations in feature sets from the two studies and what this means for the development of the method for provenance capture and the evaluation of sensemaking systems.
Fielder A, Li T, Hankin C, 2016, Modelling cost-effectiveness of defenses in industrial control systems, Pages: 187-200, ISSN: 0302-9743
© Springer International Publishing Switzerland 2016.Industrial Control Systems (ICS) play a critical role in controlling industrial processes. Wide use of modern IT technologies enables cyber attacks to disrupt the operation of ICS. Advanced Persistent Threats (APT) are the most threatening attacks to ICS due to their long persistence and destructive cyber-physical effects to ICS. This paper considers a simulation of attackers and defenders of an ICS, where the defender must consider the cost-effectiveness of implementing defensive measures within the system in order to create an optimal defense. The aim is to identify the appropriate deployment of a specific defensive strategy, such as defense-in-depth or critical component defense. The problem is represented as a strategic competitive optimisation problem, which is solved using a co-evolutionary particle swarm optimisation algorithm. Through the development of optimal defense strategy, it is possible to identify when each specific defensive strategies is most appropriate; where the optimal defensive strategy depends on the resources available and the relative effectiveness of those resources.
Fielder A, Panaousis E, Malacaria P, et al., 2016, Decision support approaches for cyber security investment, DECISION SUPPORT SYSTEMS, Vol: 86, Pages: 13-23, ISSN: 0167-9236
Hankin C, 2016, Game Theory and Industrial Control Systems, Editors: Probst, Hankin, Hansen, Publisher: SPRINGER INT PUBLISHING AG, Pages: 178-190, ISBN: 978-3-319-27809-4
Khouzani MHR, Malacaria P, Hankin C, et al., 2016, Efficient Numerical Frameworks for Multi-objective Cyber Security Planning, 21st European Symposium on Research in Computer Security (ESORICS), Publisher: SPRINGER INT PUBLISHING AG, Pages: 179-197, ISSN: 0302-9743
Probst CW, Hankin C, Hansen RR, 2016, Semantics, logics, and calculi: Essays dedicated to Hanne Riis Nielson and Flemming Nielson on the occasion of their 60th birthdays, ISBN: 9783319278094
Thapen N, Simmie D, Hankin C, 2016, The early bird catches the term: combining twitter and news data for event detection and situational awareness, JOURNAL OF BIOMEDICAL SEMANTICS, Vol: 7, ISSN: 2041-1480
Thapen N, Simmie D, Hankin C, et al., 2016, DEFENDER: Detecting and Forecasting Epidemics Using Novel Data-Analytics for Enhanced Response, PLOS ONE, Vol: 11, ISSN: 1932-6203
Fielder A, Panaousis EA, Malacaria P, et al., 2015, Comparing Decision Support Approaches for Cyber Security Investment., CoRR, Vol: abs/1502.05532
Li T, Hankin C, 2015, A Model-based Approach to Interdependency between Safety and Security in ICS., Publisher: BCS
Vigliotti MG, Hankin C, 2015, Discovery of anomalous behaviour in temporal networks, SOCIAL NETWORKS, Vol: 41, Pages: 18-25, ISSN: 0378-8733
Fielder A, Panaousis E, Malacaria P, et al., 2014, Game Theory Meets Information Security Management, ICT SYSTEMS SECURITY AND PRIVACY PROTECTION, IFIP TC 11 INTERNATIONAL CONFERENCE, SEC 2014, Vol: 428, Pages: 15-29, ISSN: 1868-4238
Le Martelot E, Hankin C, 2014, Fast multi-scale detection of overlapping communities using local criteria, COMPUTING, Vol: 96, Pages: 1011-1027, ISSN: 0010-485X
Panaousis E, Fielder A, Malacaria P, et al., 2014, Cybersecurity Games and Investments: A Decision Support Approach, DECISION AND GAME THEORY FOR SECURITY, GAMESEC 2014, Vol: 8840, Pages: 266-286, ISSN: 0302-9743
Simmie D, Vigliotti MG, Hankin C, 2014, Ranking twitter influence by combining network centrality and influence observables in an evolutionary model, Journal of Complex Networks, Vol: 2, Pages: 495-517, ISSN: 2051-1310
© The authors 2014.Influential agents in networks play a pivotal role in information diffusion. Influence may rise or fall quickly over time and thus capturing this evolution of influence is of benefit to a varied number of application domains such as digital marketing, counter-terrorism or policing. In this paper, we investigate the influence of users in programming communities on Twitter. We propose a new model for capturing both time-invariant influence and also temporal influence. The unified model is a combination of network topological methods and observation of influence-relevant events in the network. We provide an application of Hidden Markov Models (HMM) for capturing this effect on the network. There are many possible combinations of influence factors, hence we required a ground-truth for model configuration. We performed a primary survey of our population users to elicit their views on influential users. The survey allowed us to validate the results of our classifier. We introduce a novel reward-based transformation to the Viterbi path of the observed sequences, which provides an overall ranking for users. Our results show an improvement in ranking accuracy over using solely topology-based methods for the particular area of interest we sampled. Utilizing the evolutionary aspect of the HMM, we attempt to predict future states using current evidence. Our prediction algorithm significantly outperforms a collection of naive models, especially in the short term (1-3 weeks).
Hankin C, 2013, A short note on Simulation and Abstraction, Electronic Proceedings in Theoretical Computer Science, EPTCS, Vol: 129, Pages: 337-340, ISSN: 2075-2180
This short note is written in celebration of David Schmidt's sixtieth birthday. He has now been active in the program analysis research community for over thirty years and we have enjoyed many interactions with him. His work on characterising simulations between Kripke structures using Galois connections was particularly influential in our own work on using probabilistic abstract interpretation to study Larsen and Skou's notion of probabilistic bisimulation. We briefly review this work and discuss some recent applications of these ideas in a variety of different application areas.
Hankin C, Malacaria P, 2013, Payoffs, intensionality and abstraction in games, Pages: 69-82, ISSN: 0302-9743
We discuss some fundamental concepts in Game Theory: the concept of payoffs and the relation between rational solutions to games like Nash equilibrium and real world behaviour. We sketch some connections between Game Theory and Game Semantics by exploring some possible uses of Game Semantics strategies enriched with payoffs. Finally we discuss potential contributions of Abstract Interpretation to Game Theory in addressing the state explosion problem of game models of real world systems. © 2013 Springer-Verlag Berlin Heidelberg.
Le Martelot E, Hankin C, 2013, Multi-scale community detection using stability optimisation, International Journal of Web Based Communities, Vol: 9, Pages: 323-348, ISSN: 1477-8394
Many real systems can be represented as networks whose analysis can be very informative regarding the original system's organisation. In the past decade, community detection received a lot of attention and is now a very active field of research. Recently, stability was introduced as a new measure for partition quality. This work investigates stability as an optimisation criterion that exploits a Markov process view of networks to enable multi-scale community detection. Several heuristics and variations of an algorithm optimising stability are presented as well as an application to overlapping communities. Experiments show that the method enables accurate multi-scale network analysis. Copyright © 2013 Inderscience Enterprises Ltd.
Le Martelot E, Hankin C, 2013, Fast Multi-Scale Detection of Relevant Communities in Large-Scale Networks, COMPUTER JOURNAL, Vol: 56, Pages: 1136-1150, ISSN: 0010-4620
Martelot EL, Hankin C, 2013, Fast Multi-Scale Community Detection based on Local Criteria within a Multi-Threaded Algorithm, CoRR, Vol: abs/1301.0955
Simmie D, Vigliotti MG, Hankin C, 2013, Ranking Twitter Influence by Combining Network Centrality and Influence Observables in an Evolutionary Model, 2013 INTERNATIONAL CONFERENCE ON SIGNAL-IMAGE TECHNOLOGY & INTERNET-BASED SYSTEMS (SITIS), Pages: 486-493
Yang F, Hankin C, Nielson F, et al., 2013, Predictive access control for distributed computation, SCIENCE OF COMPUTER PROGRAMMING, Vol: 78, Pages: 1264-1277, ISSN: 0167-6423
Martelot EL, Hankin C, 2012, Fast Multi-Scale Detection of Relevant Communities, CoRR, Vol: abs/1204.1002
Yang F, Hankin C, Nielson F, et al., 2012, Secondary use of data in EHR systems, CoRR, Vol: abs/1201.4262
Di Pierro A, Hankin C, Wiklicky H, 2011, Probabilistic timing covert channels: to close or not to close?, INTERNATIONAL JOURNAL OF INFORMATION SECURITY, Vol: 10, Pages: 83-106, ISSN: 1615-5262
Di Pierro A, Hankin CL, Wiklicky H, 2011, Probabilistic timing covert channels: To close or not to close, International Journal of Information Security, Vol: 10, Pages: 83-106
Le Martelot E, Hankin C, 2011, MULTI-SCALE COMMUNITY DETECTION USING STABILITY AS OPTIMISATION CRITERION IN A GREEDY ALGORITHM, International Conference on Knowledge Discovery and Information Retrieval, Publisher: INSTICC-INST SYST TECHNOLOGIES INFORMATION CONTROL & COMMUNICATION, Pages: 216-225
Martelot EL, Hankin C, 2011, Multi-scale Community Detection using Stability as Optimisation Criterion in a Greedy Algorithm., Publisher: SciTePress, Pages: 216-225
This data is extracted from the Web of Science and reproduced under a licence from Thomson Reuters. You may not copy or re-distribute this data in whole or in part without the written consent of the Science business of Thomson Reuters.