Publications

Jacobs, Danielle R.; Harrison, Christopher B.; Bierma, Michael B.; Kincher-Winoto, Kina K.; Lee, Jina L.; Kavaler, David; Quynn, Sophie Q.

Abstract not provided.

2018 International Conference on Computing, Networking and Communications, ICNC 2018

Kavaler, David; Hudson, Corey H.; Bierma, Michael B.

In many organizations, intrusion detection and other related systems are tuned to generate security alerts, which are then manually inspected by cyber-security analysts. These analysts often devote a large portion of time to inspecting these alerts, most of which are innocuous. Thus, it would be greatly beneficial to reduce the number of innocuous alerts, allowing analysts to utilize their time and skills for other aspects of cyber defense. In this work, we devise several simple, fast, and easily understood models to cut back this manual inspection workload, while maintaining high true positive and true negative rates. We demonstrate their effectiveness on real data, and discuss their potential utility in application by others.

Bierma, Michael B.

Abstract not provided.

Kroeger, Thomas M.; Bierma, Michael B.; Poston, Howard E.; Delano, Troy E.; Brown, Aaron B.

Abstract not provided.

Kroeger, Thomas M.; Bierma, Michael B.; Brown, Aaron B.; Delano, Troy E.; Poston, Howard E.

Abstract not provided.

Kavaler, David; Hudson, Corey H.; Bierma, Michael B.

Abstract not provided.

Bierma, Michael B.; Kavaler, David

Abstract not provided.

Bierma, Michael B.; Kroeger, Thomas M.; Delano, Troy E.; Brown, Aaron B.

Abstract not provided.

Bierma, Michael B.; Doak, Justin E.; Hudson, Corey H.

Abstract not provided.

Bierma, Michael B.; Doak, Justin E.; Hudson, Corey H.

Abstract not provided.

Proceedings - International Carnahan Conference on Security Technology

Choi, Sung N.; Bierma, Michael B.; Choe, Yung R.; Zage, David J.

In nuclear facilities, having efficient accountability of critical assets, personnel locations, and activities is essential for productive, safe, and secure operations. Such accountability tracked through standard manual procedures is highly inefficient and prone to human error. The ability to actively and autonomously monitor both personnel and critical assets can significantly enhance security and safety operations while removing significant levels of human reliability issues and reducing insider threat concerns. A Real-Time Location System (RTLS) encompasses several technologies that use wireless signals to determine the precise location of tagged critical assets or personnel. RTLS systems include tags that either transmit or receive signals at regular intervals, location sensors/beacons that receive/transmit signals, and a location appliance that collects and correlates the data. Combined with ephemeral biometrics (EB) to validate the live-state of a user, an ephemeral biometrically-enhanced RTLS (EMBERS) can eliminate time-consuming manual searches and audits by providing precise location data. If critical assets or people leave a defined secured area, EMBERS can automatically trigger an alert and function as an access control mechanism and/or ingress/egress monitoring tool. Three different EMBERS application scenarios for safety and security have been analyzed and the heuristic results of this study are outlined in this paper along with areas of technological improvements and innovations that can be made if EMBERS is to be used as safety and security tool.

Choe, Yung R.; Choi, Sung N.; Bierma, Michael B.; Zage, David J.

Abstract not provided.

Choe, Yung R.; Bierma, Michael B.

Abstract not provided.

Choe, Yung R.; Bierma, Michael B.; Ward, Nicholas P.; Wu, Kevin W.

Abstract not provided.

Choe, Yung R.; Choi, Sung N.; Bierma, Michael B.; Todd, Margaret T.; Bigg, Jeffrey B.; Narayanan, Shrinithi N.; Gandhi, Vansh G.

Abstract not provided.

Choe, Yung R.; Bierma, Michael B.; Ward, Nicholas P.; Wu, Kevin W.

Abstract not provided.

Choe, Yung R.; choi, sung c.; Bierma, Michael B.; Bigg, Jeffrey B.; Narayanan, Shrinithi N.; Gandhi, Vansh G.

Abstract not provided.

Bierma, Michael B.; Erickson, Jeremy L.; Fritz, David J.; Choe, Yung R.

Abstract not provided.

Bierma, Michael B.

Analyzing mobile applications for malicious behavior is an important area of re- search, and is made di cult, in part, by the increasingly large number of appli- cations available for the major operating systems. There are currently over 1.2 million apps available in both the Google Play and Apple App stores (the respec- tive o cial marketplaces for the Android and iOS operating systems)[1, 2]. Our research provides two large-scale analysis tools to aid in the detection and analysis of mobile malware. The rst tool we present, Andlantis, is a scalable dynamic analysis system capa- ble of processing over 3000 Android applications per hour. Traditionally, Android dynamic analysis techniques have been relatively limited in scale due to the compu- tational resources required to emulate the full Android system to achieve accurate execution. Andlantis is the most scalable Android dynamic analysis framework to date, and is able to collect valuable forensic data, which helps reverse-engineers and malware researchers identify and understand anomalous application behavior. We discuss the results of running 1261 malware samples through the system, and provide examples of malware analysis performed with the resulting data. While techniques exist to perform static analysis on a large number of appli- cations, large-scale analysis of iOS applications has been relatively small scale due to the closed nature of the iOS ecosystem, and the di culty of acquiring appli- cations for analysis. The second tool we present, iClone, addresses the challenges associated with iOS research in order to detect application clones within a dataset of over 20,000 iOS applications.

Kunz, Michael K.; Bierma, Michael B.; Roe, Natalie R.; Gustafson, Eric D.

Abstract not provided.

Lloyd, Levi L.; Bierma, Michael B.; Beneduce, Kristen B.; Erickson, Jeremy L.; Hsu, Irving H.

Abstract not provided.