A New Method for Image Steganography Using Discrete Wavelet Transforms

Document Type : Original Article

Authors

-

Abstract

In Cyber Security Analysis, in addition to data and information obtained from machine-based sensors like intrusion detection systems, firewalls and vulnerability scanners (hard data), human observations and conclusions from world's state including problems reported by users and network administrators, and assessments made by security analysts about network security status (soft data), can be used to obtain more accurate and more reliable estimation and decision. Hard and soft data fusion in cyber security analysis has many challenges such as designing a proper framework for problem modeling and representation of different types of uncertainty. This paper presents a new model based on ontology to fusion of hard and soft data in cyber security analysis.  First, the concepts and problem variables are modeled and then the inference about security status of assets is made by using set of rules. Also, to fusion of data and unified modeling of different uncertainties, transferable belief model (TBM) and Dempster-Shafer combination rule were used. Results of applying proposed model in a sample scenario of cyber security analysis show applicability of model for hard and soft data fusion.

Keywords


   [1]      D. L. Hall, M. D. McNeese, J. Llinas, and T. Mullen, “A framework for dynamic hard/soft fusion,” In FUSION, pp. 1-8, 2008.##
   [2]      J. Llinas, N. Rakesh, D. Hall, and J. Lavery, “A            multi-disciplinary university research initiative in hard and soft information fusion: Overview, research strategies and initial results,” In Information Fusion (FUSION), 2010 13th Conference on, pp. 1-7. IEEE, 2010.##
   [3]      G. Gross, R. Nagi, and K. Sambhoos, “Soft information, dirty graphs and uncertainty representation/processing for situation understanding,” In Proceedings of the 13th International Conference on Information Fusion, Edinburgh, UK, 2010.##
   [4]      M. P. Jenkins, G. A. Gross, A. M. Bisantz, and N. Rakesh, “Towards context aware data fusion: Modeling and integration of situationally qualified human observations to manage uncertainty in a hard+ soft fusion process,” Information Fusion, vol. 21, pp. 130-144, 2015.##
   [5]      B. Khaleghi, “Distributed Random Set Theoretic Soft/Hard Data Fusion,” PhD diss. University of Waterloo, 2012.##
   [6]      T. L. Wickramarathne, “An Analytical Framework for Soft and Hard Data Fusion: A Dempster-Shafer Belief Theoretic Approach,” PhD diss. Miami Univ. Coral Gablesfl, 2012.##
   [7]      K. Golestan, F. Karray, and M. S. Kamel, “An integrated approach for fuzzy multi-entity bayesian networks and semantic analysis for soft and hard data fusion,” In Fuzzy Systems (FUZZ-IEEE), 2014 IEEE International Conference on, 2015.##
   [8]      Xu, Guangquan, Yan Cao, Yuanyuan Ren, Xiaohong Li, and Zhiyong Feng, “Network security situation awareness based on semantic ontology and user-defined rules for Internet of Things,” IEEE Access 5, pp. 21046-21056, 2017.##
   [9]      G. Gonzalez Granadillo, M. Yosra Ben, H. Nabil, and D. Herve, “An ontology-driven approach to model SIEM information and operations using the SWRL formalism,” International Journal of Electronic Security and Digital Forensics, vol. 74, no. 2-3, pp. 104-123, 2012.##
[10]      P. Smets, “Data fusion in the transferable belief model,” Information Fusion, FUSIon 2000, Proceedings of the Third International Conference on, vol. 1, IEEE, 2000.##
[11]      Gao, Jian-bo, Bao-wen Zhang, Xiao-hua Chen, and Zheng Luo, “Ontology-based model of network and computer attacks for security assessment,” Journal of Shanghai Jiaotong University (Science), vol. 18, no. 5, pp. 554-562, 2013.##
[12]      Wu, Songyang, Yong Zhang, and Wei Cao. “Network security assessment using a semantic reasoning and graph based approach,” Computers & Electrical Engineering, vol. 64, pp. 96-109, 2017.##
[13]      S. Barnum, “Standardizing cyber threat intelligence information with the Structured Threat Information expression (STIX),” MITRE Corporation, vol. 11, pp.       1-22, 2012.##
[14]      V. Akbari and S. M. Safavi Homami, “A Framework For The Status Estimation In Distributed Denial-Of-Service Attacks By Data Fusion Of Human-And-Technical Sensors Based On Fuzzy Logic,” Journal of Electronical & Cyber Defence, vol. 5, no. 3, Serial No. 19, IHU. AC. IR, 2017. (In Persian)##