Pub Date : 2019-11-01DOI: 10.1109/MILCOM47813.2019.9021004
K. Wrona, M. Tortonesi, M. Marks, Niranjan Suri
Natural disasters occur unpredictably and can range in severity from something locally manageable to large scale events that require external intervention. In particular, when large scale disasters occur, they can cause widespread damage and overwhelm the ability of local governments and authorities to respond. In such situations, Civil-Military Cooperation (CIMIC) is essential for a rapid and robust Humanitarian Assistance and Disaster Relief (HADR) operation. These type of operations bring to bear the Command and Control (C2) and Logistics capabilities of the military to rapidly deploy assets to help with the disaster relief activities. Smart Cities and Smart Environments, embedded with IoT, introduce multiple sensing modalities that typically provide wide coverage over the deployed area. Given that the military does not own or control these assets, they are sometimes referred to as gray assets, which are not as trustworthy as blue assets, owned by the military. However, leveraging these gray assets can significantly improve the ability for the military to quickly obtain Situational Awareness (SA) about the disaster and optimize the planning of rescue operations and allocation of resources to achieve the best possible effects. Fusing the information from the civilian IoT sensors with the custom military sensors could help validate and improve trust in the information from the gray assets. The focus of this paper is to further examine this challenge of achieving Civil-Military cooperation for HADR operations by leveraging and fusing information from gray and blue assets.
{"title":"Leveraging and Fusing Civil and Military Sensors to support Disaster Relief Operations in Smart Environments","authors":"K. Wrona, M. Tortonesi, M. Marks, Niranjan Suri","doi":"10.1109/MILCOM47813.2019.9021004","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9021004","url":null,"abstract":"Natural disasters occur unpredictably and can range in severity from something locally manageable to large scale events that require external intervention. In particular, when large scale disasters occur, they can cause widespread damage and overwhelm the ability of local governments and authorities to respond. In such situations, Civil-Military Cooperation (CIMIC) is essential for a rapid and robust Humanitarian Assistance and Disaster Relief (HADR) operation. These type of operations bring to bear the Command and Control (C2) and Logistics capabilities of the military to rapidly deploy assets to help with the disaster relief activities. Smart Cities and Smart Environments, embedded with IoT, introduce multiple sensing modalities that typically provide wide coverage over the deployed area. Given that the military does not own or control these assets, they are sometimes referred to as gray assets, which are not as trustworthy as blue assets, owned by the military. However, leveraging these gray assets can significantly improve the ability for the military to quickly obtain Situational Awareness (SA) about the disaster and optimize the planning of rescue operations and allocation of resources to achieve the best possible effects. Fusing the information from the civilian IoT sensors with the custom military sensors could help validate and improve trust in the information from the gray assets. The focus of this paper is to further examine this challenge of achieving Civil-Military cooperation for HADR operations by leveraging and fusing information from gray and blue assets.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129982040","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-11-01DOI: 10.1109/MILCOM47813.2019.9020849
A. Poylisher, Y. Gottlieb, L. Kant
With the currently deployed tactical software defined radios (SDRs), there is no easy way to develop advanced Layer 3 (L3) QoS functionalities independently of the idiosyncrasies of the operating systems (OSs) and Layer 2 (L2) technologies. This significantly slows down large-scale R&D efforts on L3 QoS for tactical radios. In this position paper, we propose an architectural approach to support a large set of advanced L3 QoS behaviors, portable across tactical devices based on the P4 (programming protocol-independent packet processors) language and the Portable Switching Architecture (PSA). Our goal is to initiate a productive discussion among the interested industry, academic, and government parties that could lead to standardization that significantly accelerates research and development of application- and missionaware L3 QoS for future tactical networks.
{"title":"Portable Programmable Layer 3 QoS for Tactical MANETs: A P4/PSA-Based Architectural Approach","authors":"A. Poylisher, Y. Gottlieb, L. Kant","doi":"10.1109/MILCOM47813.2019.9020849","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9020849","url":null,"abstract":"With the currently deployed tactical software defined radios (SDRs), there is no easy way to develop advanced Layer 3 (L3) QoS functionalities independently of the idiosyncrasies of the operating systems (OSs) and Layer 2 (L2) technologies. This significantly slows down large-scale R&D efforts on L3 QoS for tactical radios. In this position paper, we propose an architectural approach to support a large set of advanced L3 QoS behaviors, portable across tactical devices based on the P4 (programming protocol-independent packet processors) language and the Portable Switching Architecture (PSA). Our goal is to initiate a productive discussion among the interested industry, academic, and government parties that could lead to standardization that significantly accelerates research and development of application- and missionaware L3 QoS for future tactical networks.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115431164","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-11-01DOI: 10.1109/MILCOM47813.2019.9021080
Kevin Merchant, Bryan D. Nousain
As the Internet of Things (IoT) continues to expand, there is a growing necessity for improved techniques to authenticate the identity of wireless transmitters. In this paper, we develop a physical-layer authentication technique using a neural network structure with both convolutional and recurrent components to distinguish transmissions originating from a particular target device from all others. In addition, we demonstrate strong performance in a realistic multipath channel environment, as well as show that classifier performance remains strong when presented with transmissions from devices that were never seen by the classifier during training. We explore the latter benefit in more detail via an experiment which measures the performance on unknown devices as a function of the number of devices seen during training. Next, we highlight the importance of frequency synchronization prior to fingerprint extraction by demonstrating that a network trained on unsynchronized transmissions is easily fooled by a simple frequency shift in a transmitted waveform. Finally, we increase the applicability of our approach to IoT devices by presenting a simple technique for reducing the memory footprint of trained models by 95% while maintaining strong performance.
{"title":"Enhanced RF Fingerprinting for IoT Devices with Recurrent Neural Networks","authors":"Kevin Merchant, Bryan D. Nousain","doi":"10.1109/MILCOM47813.2019.9021080","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9021080","url":null,"abstract":"As the Internet of Things (IoT) continues to expand, there is a growing necessity for improved techniques to authenticate the identity of wireless transmitters. In this paper, we develop a physical-layer authentication technique using a neural network structure with both convolutional and recurrent components to distinguish transmissions originating from a particular target device from all others. In addition, we demonstrate strong performance in a realistic multipath channel environment, as well as show that classifier performance remains strong when presented with transmissions from devices that were never seen by the classifier during training. We explore the latter benefit in more detail via an experiment which measures the performance on unknown devices as a function of the number of devices seen during training. Next, we highlight the importance of frequency synchronization prior to fingerprint extraction by demonstrating that a network trained on unsynchronized transmissions is easily fooled by a simple frequency shift in a transmitted waveform. Finally, we increase the applicability of our approach to IoT devices by presenting a simple technique for reducing the memory footprint of trained models by 95% while maintaining strong performance.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"55 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115576706","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-11-01DOI: 10.1109/MILCOM47813.2019.9020984
Joseph Noor, A. Ali-Eldin, Luis Garcia, C. Rao, Venkateswara Dasari, Deepak Ganesan, B. Jalaeian, P. Shenoy, M. Srivastava
Autonomic resource management for distributed edge computing systems provides an effective means of enabling dynamic placement and adaptation in the face of network changes, load dynamics, and failures. However, adaptation in-and-of-itself offers a side channel by which malicious entities can extract valuable information. An attacker can take advantage of autonomic resource management techniques to fool a system into misallocating resources and crippling applications. Using a few scenarios, we outline how attacks can be launched using partial knowledge of the resource management substrate - with as little as a single compromised node. We argue that any system that provides adaptation must consider resource management as an attack surface. As such, we propose ADAPT2, a framework that incorporates concepts taken from Moving-Target Defense and state estimation techniques to ensure correctness and obfuscate resource management, thereby protecting valuable system and application information from leaking.
{"title":"The Case for Robust Adaptation: Autonomic Resource Management is a Vulnerability","authors":"Joseph Noor, A. Ali-Eldin, Luis Garcia, C. Rao, Venkateswara Dasari, Deepak Ganesan, B. Jalaeian, P. Shenoy, M. Srivastava","doi":"10.1109/MILCOM47813.2019.9020984","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9020984","url":null,"abstract":"Autonomic resource management for distributed edge computing systems provides an effective means of enabling dynamic placement and adaptation in the face of network changes, load dynamics, and failures. However, adaptation in-and-of-itself offers a side channel by which malicious entities can extract valuable information. An attacker can take advantage of autonomic resource management techniques to fool a system into misallocating resources and crippling applications. Using a few scenarios, we outline how attacks can be launched using partial knowledge of the resource management substrate - with as little as a single compromised node. We argue that any system that provides adaptation must consider resource management as an attack surface. As such, we propose ADAPT2, a framework that incorporates concepts taken from Moving-Target Defense and state estimation techniques to ensure correctness and obfuscate resource management, thereby protecting valuable system and application information from leaking.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114657173","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-11-01DOI: 10.1109/MILCOM47813.2019.9020846
Sofia Bergström, T. Lindgren
This paper presents a method to assess the reliability of a communication system integrated on a platform. It is done in terms of the probability that the performance will fulfil a certain requirement. The method is demonstrated using a scenario where two dipoles, simulation two antennas on the same military platform, are communicating with another platform. Non-orthogonal and orthogonal frequency hopping are used and the statistical impact from the antenna on the SINR is investigated. The method is proved useful as it can compare and visualize different complex antenna configurations.
{"title":"Effects from Mutual Coupling on Communication Link Reliability","authors":"Sofia Bergström, T. Lindgren","doi":"10.1109/MILCOM47813.2019.9020846","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9020846","url":null,"abstract":"This paper presents a method to assess the reliability of a communication system integrated on a platform. It is done in terms of the probability that the performance will fulfil a certain requirement. The method is demonstrated using a scenario where two dipoles, simulation two antennas on the same military platform, are communicating with another platform. Non-orthogonal and orthogonal frequency hopping are used and the statistical impact from the antenna on the SINR is investigated. The method is proved useful as it can compare and visualize different complex antenna configurations.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123405079","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-11-01DOI: 10.1109/MILCOM47813.2019.9020954
Arwid Komulainen, Jimmi Grönkvist, U. Sterner, Ulrika Uppman
Effective command and control on the battlefield requires robust voice communications. Single-hop combat-net radios operating on narrowband channels are typically used to provide push-to-talk voice communications. For a battalion operating over large areas, maintaining reliable communication using single-hop radios is challenging and may require manually placed, dedicated radio relays. In this paper, it is shown how a multi-hop protocol based on cooperative broadcast can be used for providing more robust and resource-efficient narrowband voice communications. Cooperative broadcast for tactical voice communications is evaluated in a realistic scenario using network simulations. The results show that the multi-hop protocol provides great improvements in terms of robustness and resource efficiency compared to the single-hop system.
{"title":"Improving Tactical Voice Communications using Cooperative Broadcast over a Narrowband Channel","authors":"Arwid Komulainen, Jimmi Grönkvist, U. Sterner, Ulrika Uppman","doi":"10.1109/MILCOM47813.2019.9020954","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9020954","url":null,"abstract":"Effective command and control on the battlefield requires robust voice communications. Single-hop combat-net radios operating on narrowband channels are typically used to provide push-to-talk voice communications. For a battalion operating over large areas, maintaining reliable communication using single-hop radios is challenging and may require manually placed, dedicated radio relays. In this paper, it is shown how a multi-hop protocol based on cooperative broadcast can be used for providing more robust and resource-efficient narrowband voice communications. Cooperative broadcast for tactical voice communications is evaluated in a realistic scenario using network simulations. The results show that the multi-hop protocol provides great improvements in terms of robustness and resource efficiency compared to the single-hop system.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123420136","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-11-01DOI: 10.1109/MILCOM47813.2019.9020726
Abel O. Gomez Rivera, Deepak K. Tosh, L. Njilla
State-of-the-art centralized internet of things (IoT) architectures suffer from scalability issues in terms of both devices and transactions. Centralized architecture infers a central server with finite resources to process the communication demands of large IoT networks. The security of such IoT infrastructures is contingent on the protection of the central server. To address the challenges of security and scalability of transactions, we design and implement an edge-based blockchain network, where a set of edge nodes are incorporated to serve the requests of field devices. The edge nodes of our network offer security and processing functionalities to data transactions made by field devices. Besides the proposed architecture, a proof of concept of our edge-based blockchain platform is implemented to study its feasibility and performance. The platform achieves the fundamental security properties and addresses the transaction scalability issue. Blockchain technology and edge computing have the potential to enable a robust, and flexible architecture for IoT networks while maintaining low latency and high availability. The effectiveness of the proposed architecture is evaluated in a simulated network.
{"title":"Scalable Blockchain Implementation for Edge-based Internet of Things Platform","authors":"Abel O. Gomez Rivera, Deepak K. Tosh, L. Njilla","doi":"10.1109/MILCOM47813.2019.9020726","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9020726","url":null,"abstract":"State-of-the-art centralized internet of things (IoT) architectures suffer from scalability issues in terms of both devices and transactions. Centralized architecture infers a central server with finite resources to process the communication demands of large IoT networks. The security of such IoT infrastructures is contingent on the protection of the central server. To address the challenges of security and scalability of transactions, we design and implement an edge-based blockchain network, where a set of edge nodes are incorporated to serve the requests of field devices. The edge nodes of our network offer security and processing functionalities to data transactions made by field devices. Besides the proposed architecture, a proof of concept of our edge-based blockchain platform is implemented to study its feasibility and performance. The platform achieves the fundamental security properties and addresses the transaction scalability issue. Blockchain technology and edge computing have the potential to enable a robust, and flexible architecture for IoT networks while maintaining low latency and high availability. The effectiveness of the proposed architecture is evaluated in a simulated network.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"49 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123972260","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-11-01DOI: 10.1109/MILCOM47813.2019.9020841
Brandon F. Lo, Scott Torborg, Chun Kin Au-Yeung
Small unmanned aircraft systems (UAS), commonly known as drones and widely used in recreational and commercial applications, have caused alarming concerns of public safety and homeland security due to frequently reported unauthorized UAS incidents in recent years. To effectively disable potential threats from frequency hopping drones and controllers, the counter attack of Counter-UAS (CUAS) systems typically require parameter estimation of the frequency hopping signals with high precision and low complexity for real-time responses. Therefore, a model parameter estimation method to meet all these requirements becomes a challenge for CUAS systems. In this paper, a novel hopping parameter estimation method based on random sample consensus called HopSAC is proposed to conquer this challenge. Given a small set of samples, HopSAC estimates the parameters of linear frequency hopping sequence and achieves high multiple target detection performance with low implementation complexity that can be realized in real time. Simulation results show that the proposed HopSAC significantly outperforms linear Least Squares method in achieving exceptional accuracy of model parameter estimation under the impact of gross errors, timing errors, and multiple UAS targets.
{"title":"HopSAC: Frequency Hopping Parameter Estimation Based on Random Sample Consensus for Counter-Unmanned Aircraft Systems","authors":"Brandon F. Lo, Scott Torborg, Chun Kin Au-Yeung","doi":"10.1109/MILCOM47813.2019.9020841","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9020841","url":null,"abstract":"Small unmanned aircraft systems (UAS), commonly known as drones and widely used in recreational and commercial applications, have caused alarming concerns of public safety and homeland security due to frequently reported unauthorized UAS incidents in recent years. To effectively disable potential threats from frequency hopping drones and controllers, the counter attack of Counter-UAS (CUAS) systems typically require parameter estimation of the frequency hopping signals with high precision and low complexity for real-time responses. Therefore, a model parameter estimation method to meet all these requirements becomes a challenge for CUAS systems. In this paper, a novel hopping parameter estimation method based on random sample consensus called HopSAC is proposed to conquer this challenge. Given a small set of samples, HopSAC estimates the parameters of linear frequency hopping sequence and achieves high multiple target detection performance with low implementation complexity that can be realized in real time. Simulation results show that the proposed HopSAC significantly outperforms linear Least Squares method in achieving exceptional accuracy of model parameter estimation under the impact of gross errors, timing errors, and multiple UAS targets.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"321 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125777177","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-11-01DOI: 10.1109/MILCOM47813.2019.9020721
Enass Hriba, M. Valenti
At millimeter wave (mmWave) frequencies, signals are prone to blocking by objects in the environment, which causes paths to go from line-of-sight (LOS) to non-LOS (NLOS). We consider macrodiversity as a strategy to improve the performance of mmWave cellular systems, where the user attempts to connect with two or more base stations. An accurate analysis of macrodiversity must account for the possibility of correlated blocking, which occurs when a single blockage simultaneously blocks the paths to two base stations. In this paper, we analyze the macrodiverity gain in the presence of correlated random blocking and interference. To do so, we develop a framework to determine distributions for the LOS probability, SNR, and SINR by taking into account correlated blocking. We consider a cellular uplink with both diversity combining and selection combining schemes. We also study the impact of blockage size and blockage density. We show that blocking can be both a blessing and a curse. On the one hand, the signal from the source transmitter could be blocked, and on the other hand, interfering signals tend to also be blocked, which leads to a completely different effect on macrodiversity gains. We also show that the assumption of independent blocking can lead to an incorrect evaluation of macrodiversity gain, as the correlation tends to decrease macrodiversity gain.
{"title":"The Potential Gains of Macrodiversity in mmWave Cellular Networks with Correlated Blocking","authors":"Enass Hriba, M. Valenti","doi":"10.1109/MILCOM47813.2019.9020721","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9020721","url":null,"abstract":"At millimeter wave (mmWave) frequencies, signals are prone to blocking by objects in the environment, which causes paths to go from line-of-sight (LOS) to non-LOS (NLOS). We consider macrodiversity as a strategy to improve the performance of mmWave cellular systems, where the user attempts to connect with two or more base stations. An accurate analysis of macrodiversity must account for the possibility of correlated blocking, which occurs when a single blockage simultaneously blocks the paths to two base stations. In this paper, we analyze the macrodiverity gain in the presence of correlated random blocking and interference. To do so, we develop a framework to determine distributions for the LOS probability, SNR, and SINR by taking into account correlated blocking. We consider a cellular uplink with both diversity combining and selection combining schemes. We also study the impact of blockage size and blockage density. We show that blocking can be both a blessing and a curse. On the one hand, the signal from the source transmitter could be blocked, and on the other hand, interfering signals tend to also be blocked, which leads to a completely different effect on macrodiversity gains. We also show that the assumption of independent blocking can lead to an incorrect evaluation of macrodiversity gain, as the correlation tends to decrease macrodiversity gain.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129292044","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-11-01DOI: 10.1109/MILCOM47813.2019.9020790
J. W. Stokes, C. Seifert, Jerry Li, Nizar Hejazi
Attackers evolve their malware over time in order to evade detection, and the rate of change varies from family to family depending on the amount of resources these groups devote to their “product”. This rapid change forces anti-malware companies to also direct much human and automated effort towards combatting these threats. These companies track thousands of distinct malware families and their variants, but the most prevalent families are often particularly problematic. While some companies employ many analysts to investigate and create new signatures for these highly prevalent families, we take a different approach and propose a new deep learning system to learn a semantic feature embedding which better discriminates the files within each of these families. Identifying files which are close in a metric space is the key aspect of malware clustering systems. The DeepSim system employs a Siamese Neural Network (SNN), which has previously shown promising results in other domains, to learn this embedding for the cosine distance in the feature space. The error rate for K-Nearest Neighbor classification using DeepSim's SNN with two hidden layers is 0.011% compared to 0.42% for a Jaccard Index-based baseline which has been used by several previously proposed systems to identify similar malware files.
{"title":"Detection of Prevalent Malware Families with Deep Learning","authors":"J. W. Stokes, C. Seifert, Jerry Li, Nizar Hejazi","doi":"10.1109/MILCOM47813.2019.9020790","DOIUrl":"https://doi.org/10.1109/MILCOM47813.2019.9020790","url":null,"abstract":"Attackers evolve their malware over time in order to evade detection, and the rate of change varies from family to family depending on the amount of resources these groups devote to their “product”. This rapid change forces anti-malware companies to also direct much human and automated effort towards combatting these threats. These companies track thousands of distinct malware families and their variants, but the most prevalent families are often particularly problematic. While some companies employ many analysts to investigate and create new signatures for these highly prevalent families, we take a different approach and propose a new deep learning system to learn a semantic feature embedding which better discriminates the files within each of these families. Identifying files which are close in a metric space is the key aspect of malware clustering systems. The DeepSim system employs a Siamese Neural Network (SNN), which has previously shown promising results in other domains, to learn this embedding for the cosine distance in the feature space. The error rate for K-Nearest Neighbor classification using DeepSim's SNN with two hidden layers is 0.011% compared to 0.42% for a Jaccard Index-based baseline which has been used by several previously proposed systems to identify similar malware files.","PeriodicalId":371812,"journal":{"name":"MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM)","volume":"79 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130856364","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: