skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Hardening the Security of Multi-Access Edge Computing through Bio-Inspired VM Introspection
The extreme bandwidth and performance of 5G mobile networks changes the way we develop and utilize digital services. Within a few years, 5G will not only touch technology and applications, but dramatically change the economy, our society and individual life. One of the emerging technologies that enables the evolution to 5G by bringing cloud capabilities near to the end users is Edge Computing or also known as Multi-Access Edge Computing (MEC) that will become pertinent towards the evolution of 5G. This evolution also entails growth in the threat landscape and increase privacy in concerns at different application areas, hence security and privacy plays a central role in the evolution towards 5G. Since MEC application instantiated in the virtualized infrastructure, in this paper we present a distributed application that aims to constantly introspect multiple virtual machines (VMs) in order to detect malicious activities based on their anomalous behavior. Once suspicious processes detected, our IDS in real-time notifies system administrator about the potential threat. Developed software is able to detect keyloggers, rootkits, trojans, process hiding and other intrusion artifacts via agent-less operation, by operating remotely or directly from the host machine. Remote memory introspection means no software to install, no notice to malware to evacuate or destroy data. Experimental results of remote VMI on more than 50 different malicious code demonstrate average anomaly detection rate close to 97%. We have established wide testbed environment connecting networks of two universities Kyushu Institute of Technology and The City College of New York through secure GRE tunnel. Conducted experiments on this testbed deliver high response time of the proposed system.  more » « less
Award ID(s):
2029295 1818884
PAR ID:
10301146
Author(s) / Creator(s):
Date Published:
Journal Name:
Big data and cognitive computing
Volume:
5
Issue:
4
ISSN:
2504-2289
Page Range / eLocation ID:
50
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; (, International Conference on Intelligent Networking and Collaborative Systems (INCoS 2021))
    null (Ed.)
    As organizations drastically expand their usage of collaborative systems and multi-user applications during this period of mass remote work, it is crucial to understand and manage the risks that such platforms may introduce. Improperly or carelessly deployed and configured systems hide security threats that can impact not only a single organization, but the whole economy. Cloud-based architecture is used in many collaborative systems, such as audio/video conferencing, collaborative document sharing/editing, distance learning and others. Therefore, it is important to understand that safety risk can be triggered by attacks on remote servers and confidential information might be compromised. In this paper, we present an AI powered application that aims to constantly introspect multiple virtual servers in order to detect malicious activities based on their anomalous behavior. Once the suspicious process(es) detected, the application in real-time notifies system administrator about the potential threat. Developed software is able to detect user space based keyloggers, rootkits, process hiding and other intrusion artifacts via agent-less operation, by operating directly from the host machine. Remote memory introspection means no software to install, no notice to malware to evacuate or destroy data. Conducted experiments on more than twenty different types of malicious applications provide evidence of high detection accuracy 
    more » « less
  2. ; ; ; ; (, Applied Sciences)
    In this study, we demonstrate an application for 5G networks in mobile and remote GPR scanning situations to detect buried objects by experts while the operator is performing the scans. Using a GSSI SIR-30 system in conjunction with the RealSense camera for visual mapping of the surveyed area, subsurface GPR scans were created and transmitted for remote processing. Using mobile networks, the raw B-scan files were transmitted at a sufficient rate, a maximum of 0.034 ms mean latency, to enable near real-time edge processing. The performance of 5G networks in handling the data transmission for the GPR scans and edge computing was compared to the performance of 4G networks. In addition, long-range low-power devices, namely Wi-Fi HaLow and Wi-Fi hotspots, were compared as local alternatives to cellular networks. Augmented reality headset representation of the F-scans is proposed as a method of assisting the operator in using the edge-processed scans. These promising results bode well for the potential of remote processing of GPR data in augmented reality applications. 
    more » « less
  3. ; ; ; (, Proc. 57th Asilomar Conference on Signals, Systems, and Computers)
    The broadcasting nature of wireless signals may result in the task offloading process of mobile edge computing (MEC) suffering serious information leakage. As a novel technology, physical layer security (PLS) combined with reconfigurable intelligent surfaces (RIS) can enhance transmission quality and security. This paper investigates the MEC service delay problem in RIS-aided vehicular networks under malicious eavesdropping. Due to the lack of an explicit formulation for the optimization problem, we propose a deep deterministic policy gradient (DDPG)-based communication scheme to optimize the secure MEC service. It aims to minimize the maximum MEC service time while reducing eavesdropping threats by jointly designing the RIS phase shift matrix and computing resource allocation in real-time. Simulation results demonstrate that 1) the DDPG-based scheme can help the base station make reasonable actions to realize secure MEC service in dynamic MEC vehicular networks; 2) deploying RIS can dramatically reduce eavesdropping threats and improve the overall MEC service quality. 
    more » « less
  4. ; ; ; (, SEC '19: Proceedings of the 4th ACM/IEEE Symposium on Edge Computing)
    The prevailing network security measures are often implemented on proprietary appliances that are deployed at fixed network locations with constant capacity. Such a rigid deployment is sometimes necessary, but undermines the flexibility of security services in meeting the demands of emerging applications, such as augmented/virtual reality, autonomous driving, and 5G for industry 4.0, which are provoked by the evolution of connected and smart devices, their heterogeneity, and integration with cloud and edge computing infrastructures. To loosen these rigid security deployments, in this paper, we propose a data-centric SECurity-as-a-Service (SECaaS) framework for elastic deployment and provisioning of security services at the Multi-Access Edge Computing (MEC) infrastructure. In particular, we discuss three security services that are suitable for edge deployment: (i) an intrusion detection and prevention system (IDPS), (ii) an access control enforcement system (ACE), and (iii) a communication anonymization service (CA). We benchmark the common security microservices along with the design and implementation of a proof of concept communication anonymization application. 
    more » « less
  5. ; ; (, 2023 IEEE 14th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON))
    The Windows registry stores a glut of information containing settings and data utilized by the Microsoft operating system (OS) and other applications. For example, information such as user credentials, installed programs, recently used applications and documents, accessed resources such as local, remote, and removable devices can all be found in this database. More revealingly, the registry also has time and date stamps that can help build a timeline of user activities. The Windows registry can be easily queried by either malicious or benign applications. This is possible through the Windows Application Program Interface (API) and other OS built-in utilities. In this paper, we develop and demonstrate a program able to collect and infer a user’s rich activities by accessing the Windows registry alone. This information, also referred to as the user’s digital footprint, can be used to devise an exploit or create a privacy threat. Our custom developed application will demonstrate how a user’s digital footprint can be acquired by a malicious application from a Windows registry, without alerting security software. In addition, this information can be exported to a set of comma delimited files, making it easy to import them into other analysis applications. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email