Jill Jermyn scite author profile

Organizations face a persistent challenge detecting malicious insiders as well as outside attackers who compromise legitimate credentials and then masquerade as insiders. No matter how good an organization's perimeter defenses are, eventually they will be compromised or betrayed from the inside. Monitored decoy documents (honey files with enticing names and content) are a promising approach to aid in the detection of malicious masqueraders and insiders. In this paper, we present a new technique for decoy document distribution that can be used to improve the scalability of insider detection. We develop a placement application that automates the deployment of decoy documents and we report on two user studies to evaluate its effectiveness. The first study indicates that our automated decoy distribution tool is capable of strategically placing decoy files in a way that offers comparable security to optimal manual deployment. In the second user study, we measure the frequency that normal users access decoy documents on their own systems and show that decoy files do not significantly interfere with normal user tasks.

show abstract

Improving readiness for enterprise migration to the cloud

Jermyn

Hwang²,

Bai³

et al. 2014

View full text Add to dashboard Cite

Enterprises are increasingly moving their IT infrastructures to the Cloud, driven by the promise of low-cost access to readyto-use, elastic resources. Given the heterogeneous and dynamic nature of enterprise IT environments, a rapid and accurate discovery of complex infrastructure dependencies at the application, middleware, and network level is key to a successful migration to the Cloud. Existing migration approaches typically replicate source resources and configurations on the target site, making it challenging to optimize the resource usage (for reduced cost with same or better performance) or cloud-fit configuration (no misconfiguration) after migration. The responsibility of reconfiguring the target environment after migration is often left to the users, who, as a result, fail to reap the benefits of reduced cost and improved performance in the Cloud. In this paper we propose a method that automatically computes optimized target resources and identifies configurations given discovered source properties and dependencies of machines, while prioritizing performance in the target environment. From our analysis, we could reduce service costs by 60.1%, and found four types of misconfigurations from real enterprise datasets, affecting up to 81.8% of a data center's servers.

show abstract

An Analysis of DoS Attack Strategies Against the LTE RAN

Jermyn

Salles-Loustau

Zonouz

2014

JCSM

View full text Add to dashboard Cite

Long Term Evolution (LTE) is the latest 3GPP mobile network standard, offering an all-IP network with higher efficiency and up to ten times the data rates of its predecessors. Due to an increase in cyber crime and the proliferation of mobile computing, attacks stemming from mobile devices are becoming more frequent and complex. Mobile malware can create smart-phone botnets in which a large number of mobile devices conspire to perform malicious activities on the cellular network. It has been shown that such botnets can cause a denial of service (DoS) by exhausting user traffic capacity over the air interface. Through simulation and with studies in a real-world deployment, this paper examines the impact of a botnet of devices seeking to attack the LTE network using different types of strategies. We quantify the adverse effects on legitimate users as the size of the botnet scales up in both sparsely and denselypopulated cells for varying traffic Quality of Service (QoS) requirements. Our results show that a single attacker can drastically reduce the QoS of legitimate devices in the same cell. Furthermore, we prove that the impact of the attack can be optimized by tuning the attack strategy, leveraging the LTE uplink MAC scheduler.

show abstract

Cloud Transformation Analytics Services: A Case Study of Cloud Fitness Validation for Server Migration

Hwang¹,

Huang²,

Vuković³

et al. 2015

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Jill Jermyn

Scalability of Machine to Machine systems and the Internet of Things on LTE mobile networks

Fox in the trap

Improving readiness for enterprise migration to the cloud

An Analysis of DoS Attack Strategies Against the LTE RAN

Cloud Transformation Analytics Services: A Case Study of Cloud Fitness Validation for Server Migration

Contact Info

Product

Resources

About