previous day
next day
all days

View: session overviewtalk overview

07:00-10:00 Session 3: KEYNOTE, Microservices and VPN Applications
KEYNOTE: Reliable Computing, Scientific and Technological Seedbank

ABSTRACT. The digital revolution has swept all before it, just as the Green Revolution did a generation ago in agriculture. To avoid monoculture, an analogous response is called for: a Seed Bank conserving old science and technology. With shocking speed, a zero-dimensional, centralized model is displacing a real world that is multidimensional and massively parallel. Dr. Dickson describes real-world responses and simple and urgent changes using both old and new (massively parallel) technology, and prevent lasting damage to science, the economy, and civil society.

Designing and Verifying Microservices Using CSP

ABSTRACT. Microservices Architecture is a popular pattern used for building complex IT systems in an incremental, sustainable and scalable fashion. However, compared with traditional monolithic solution architectures, it introduces a higher degree of concurrency which might result in subtle bugs arising, such as race conditions, deadlocks and lack of data consistency. I shall illustrate this with a worked example of an automated insurance claims payment service which exhibits a bug whereby a particular claim may be settled twice. I shall use the CSP formal modelling language and the FDR refinement checker to prove some results about this bug and how to fix it.

Deep Reinforcement Learning and Fuzzy K-means based VPN-nonVPN Traffic Classification and Characterization

ABSTRACT. Traffic characterization, classification, and analysis play a significant role in network management, efficient bandwidth allocation, and to discern malicious traffic from normal traffic. As threat actors continue to evolve keeping track of network attacks becomes an onerous task. In this paper, we address obfuscated attacks wherein threat actors break into secure networks through virtual private networks to launch tunneling based encrypted attacks, obfuscated advanced persistent threats and malware. To enhance obfuscated threat hunting, analyze these attacks and the associated payload structure, this paper proposes deep reinforcement learning based fuzzy k-means clustering to classify VPN and non-VPN data. Our method is validated on the publicly available UNB-CIC VPN non-VPN dataset and the proposed approach for traffic characterization of major classes (e.g., FTP and P2P) and application identification (e.g., Netflix and Amazon Prime) is analyzed for detection efficiency and accuracy to distinguish VPN and non-VPN network traffic. Our experiments achieve recall of 0.96 in traffic categorization and 0.95 in application identification. This is further improved with deep reinforcement learning to reduce computational costs for encrypted network traffic classification, where the test set F1 scores of 0.973 and 0.965 are achieved for traffic characterization and application identification.