Physical Sciences and Mathematics Commons^™

Securing Critical Cyber Infrastructures And Functionalities Via Machine Learning Empowered Strategies, Tao Hou

USF Tampa Graduate Theses and Dissertations

Machine learning plays a vital role in understanding threats, vulnerabilities, and security policies. In this dissertation, two machine learning empowered approaches on improving the security of critical cyber infrastructures and functionalities will be discussed.

The first work focuses on preventing attacks that use adversarial, active end-to-end topology inference to obtain the topology information of a target network. The topology of a network is fundamental for building network infrastructure functionalities. In many scenarios, enterprise networks may have no desire to disclose their topology information. To this end, we propose a Proactive Topology Obfuscation (ProTO) system that adopts a detect-then-obfuscate framework: (i) …

Strategies In Botnet Detection And Privacy Preserving Machine Learning, Di Zhuang

USF Tampa Graduate Theses and Dissertations

Peer-to-peer (P2P) botnets have become one of the major threats in network security for serving as the infrastructure that responsible for various of cyber-crimes. Though a few existing work claimed to detect traditional botnets effectively, the problem of detecting P2P botnets involves more challenges. In this dissertation, we present two P2P botnet detection systems, PeerHunter and Enhanced PeerHunter. PeerHunter starts from a P2P hosts detection component. Then, it uses mutual contacts as the main feature to cluster bots into communities. Finally, it uses community behavior analysis to detect potential botnet communities and further identify bot candidates. Enhanced PeerHunter is an …

Machine Learning Methods For Network Intrusion Detection And Intrusion Prevention Systems, Zheni Svetoslavova Stefanova

USF Tampa Graduate Theses and Dissertations

Given the continuing advancement of networking applications and our increased dependence upon software-based systems, there is a pressing need to develop improved security techniques for defending modern information technology (IT) systems from malicious cyber-attacks. Indeed, anyone can be impacted by such activities, including individuals, corporations, and governments. Furthermore, the sustained expansion of the network user base and its associated set of applications is also introducing additional vulnerabilities which can lead to criminal breaches and loss of critical data. As a result, the broader cybersecurity problem area has emerged as a significant concern, with many solution strategies being proposed for both …

Grouper: A Packet Classification Algorithm Allowing Time-Space Tradeoffs, Joshua Adam Kuhn

USF Tampa Graduate Theses and Dissertations

This thesis presents an algorithm for classifying packets according to arbitrary (including noncontiguous) bitmask rules. As its principal novelty, the algorithm is parameterized by the amount of memory available and can customize its data structures to optimize classification time without exceeding the given memory bound. The algorithm thus automatically trades time for space efficiency as needed. The two extremes of this time-space tradeoff (linear search through the rules versus a single table that maps every possible packet to its class number) are special cases of the general algorithm we present. Additional features of the algorithm include its simplicity, its open-source …