U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Anoop Singhal (Fed)

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 1 - 25 of 60

Attacks on ML Systems: From Security Risk Analysis to Attack Mitigation

December 16, 2022
Author(s)
Qingtian Zou, Lan Zhang, Anoop Singhal, Xiaoyan Sun, Peng Liu
The past several years have witnessed rapidly increasing use of machine learning (ML) systems in multiple industry sectors. Since risk analysis is one of the most essential parts of the real-world ML system protection practice, there is an urgent need to

Poisoning Attacks against Machine Learning: Can Machine Learning be Trustworthy?

October 24, 2022
Author(s)
Alina Oprea, Anoop Singhal, Apostol Vassilev
Many practical applications benefit from Machine Learning (ML) and Artificial Intelligence (AI) technologies, but their security needs to be studied in more depth before the methods and algorithms are actually deployed in critical settings. In this article

Knowledge Mining in Cybersecurity: From Attack to Defense

July 18, 2022
Author(s)
Khandakar Ashrafi Akbar, Sadaf MD Halim, Yibo Hu, Anoop Singhal, Latifur Khan, Bhavani Thuraisingham
In the fast-evolving world of Cybersecurity, an analyst often has the difficult task of responding to new threats and attack campaigns within a limited amount of time. If an analyst fails to do so, this can lead to severe consequences for the system under

Identifying Tactics of Advanced Persistent Threats with Limited Attack Traces

December 16, 2021
Author(s)
Khandakar Ashrafi Akbar, Yigong Wang, Md Islam, Anoop Singhal, Latifur Khan, Bhavani Thuraisingham1
The cyberworld being threatened by continuous imposters needs the development of intelligent methods for identifying threats while keeping in mind all the constraints that can be encountered. Advanced persistent threats (APT) have become an emerging issue

Security Auditing of Internet of Things Devices in a Smart Home

October 15, 2021
Author(s)
Suryadipta Mazumdar, Daniel Bostos, Anoop Singhal
Attacks on the Internet of Things are increasing. Unfortunately, transparency and accountability that are paramount to securing Internet of Things devices are either missing or implemented in a questionable manner. Security auditing is a promising solution

Deep Learning for Detecting Network Attacks: An End to End approach

July 19, 2021
Author(s)
Qingtian Zou, Anoop Singhal, Xiaoyan Sun, Peng Liu
Network attack is still a major security concern for organizations worldwide. Recently, researchers have started to apply neural networks to detect network attacks by leveraging network traÿc data. However, public network data sets have major drawbacks

An Approach for Detection of Advanced Persistent Threat Attacks

December 1, 2020
Author(s)
Qingtian Zou, Xiaoyan Sun, Peng Liu, Anoop Singhal
Advanced Persistent Threat (APT) campaigns employ sophisticated strategies and tactics to achieve their attack goal. The evolution of APT strategies and tactics compounds the challenge of detecting attack campaigns. This article introduces an approach

Evolving Advanced Persistent Threat Detection Using Provenance Graph and Metric Learning

June 29, 2020
Author(s)
Gbadebo Ayoade, Khandakar A. Akbar, Pracheta Sahoo, Yang Gao, Anoop Singhal, Kangkook Jee, Latifur Khan, Anmol Agarwal
Advanced persistent threats (APT) have increased in recent times as a result of the rise in interest by nationstates and sophisticated corporations to obtain high profile information. Typically, APT attacks are more challenging to detect since they

Defining Actionable Rules for Verifying IOT Safety and Security

May 18, 2020
Author(s)
Kayla Ibrahim, Suryadipta Majumdar, Daniel Bastos, Anoop Singhal
Internet of Things (IoT) is being widely adopted in recent years. Security, however, has lagged behind, as evidenced by the increasing number of attacks that use IoT devices (e.g., an arson that uses a smart oven, burglary via a smart lock). Therefore, the

Automatic Recognition of Advanced Persistent Threat Tactics for Enterprise Security

March 16, 2020
Author(s)
Qingtian Zou, Anoop Singhal, Xiaoyan Sun, Peng Liu
Advanced Persistent Threats (APT) has become the concern of many enterprise networks. APT can remain undetected for a long time span and lead to undesirable consequences such as stealing of sensitive data, broken workflow, and so on. To achieve the attack

Forensic Analysis of Advanced Persistent Threat Attacks in Cloud Environments

January 6, 2020
Author(s)
Changwei Liu, Anoop Singhal, Duminda Wijesekera
Due to the increasing cyber-activities and the use of diverse devices offered on cloud environments, post-attack cloud forensic investigations must deal with data in diverse formats and quantities from emerging attackable interfaces. The process of

Determining Forensic Data Requirements for Detecting Hypervisor Attacks

August 7, 2019
Author(s)
Changwei Liu, Anoop Singhal, Ramaswamy Chandramouli, Duminda Wijesekera
Hardware/Server virtualization is a key feature of data centers used for cloud computing services and enterprise computing that enables ubiquitous access to shared system resources. Server virtualization is typically performed by a hypervisor, which

CASFinder: Detecting Common Attack Surface

June 11, 2019
Author(s)
Meng Zhang, Yue Xin, Lingyu Wang, Sushil Jajodia, Anoop Singhal
Code reusing is a common practice in software development due to its various benefits. Such a practice, however, may also cause large scale security issues since one vulnerability may appear in many different software due to cloned code fragments. The well

A Methodology for Enabling Forensic Analysis Using Hypervisor Vulnerabilities Data

June 5, 2019
Author(s)
Ramaswamy Chandramouli, Anoop Singhal, Duminda Wijesekera, Changwei Liu
Hardware/Server Virtualization is a key feature of data centers used for cloud computing services and enterprise computing that enables ubiquitous access to shared system resources. Server virtualization is typically performed by a hypervisor, which

A Layered Graphical Model for Cloud Forensic and Mission Impact Analysis

February 1, 2019
Author(s)
Changwei Liu, Anoop Singhal, Duminda Wijesekera
In this paper, we describe a layered graphical model to analyze the impact of cyber attacks on business processes and services. Our model has three layers: the upper layer models the business processes and their dependencies. The middle layer constructs

Threat Modeling for Cloud Infrastructures

December 21, 2018
Author(s)
Nawaf Alhebaishi, Lingyu Wang, Anoop Singhal
Today's businesses are increasingly relying on the cloud as an alternative IT solution due to its flexibility and lower cost. Compared to traditional enterprise networks, a cloud infrastructure is typically much larger and more complex. Understanding the

Towards Cyber Resiliency in the Context of Cloud Computing

November 30, 2018
Author(s)
Xiaoyan Sun, Peng Liu, Anoop Singhal
Correct and accurate mission impact assessment is the essential prerequisite of mission-aware cyber resilience. However, an overlooked gap has been existing between mission impact assessment and cyber resilience. This article attempts to bridge the gap by

Modeling and Mitigating the Insider Threat of Remote Administrators in Clouds

July 10, 2018
Author(s)
Nawaf Alhebaishi, Lingyu Wang, Sushil Jajodia, Anoop Singhal
As today's cloud providers strive to attract customers with better services and less downtime in a highly competitive market, they increasingly rely on remote administrators including those from third party providers for fulfilling regular maintenance

Surviving Unpatchable Vulnerabilities through Multi-Option Network Hardening

March 23, 2018
Author(s)
Daniel Borbor, Lingyu Wang, Sushil Jajodia, Anoop Singhal
The administrators of a mission critical network usually have to worry about non-traditional threats, e.g., how to live with known, but unpatchable vulnerabilities,and how to improve the network's resilience against potentially unknown vulnerabilities. To

A Layered Graphical Model for Mission Attack Impact Analysis

December 21, 2017
Author(s)
Changwei Liu, Anoop Singhal, Duminda Wijesekera
In this paper, we describe a layered graphical model to analyze the mission impacts of attacks for forensic investigation. Our model has three layers: the upper layer models operational tasks and their dependencies; the middle layer reconstructs attack

Towards Probabilistic Identification of Zero-day Attack Paths

October 24, 2017
Author(s)
Xiaoyan Sun, Dai Jun, Peng Liu, Anoop Singhal, John Yen
Zero-day attacks continue to challenge the enterprise network security defense. A zero-day attack path is formed when a multi- step attack contains one or more zero-day exploits. Detecting zero-day attack paths in time could enable early disclosure of zero