Browsing by Author "Abhinit, Ishan"
Now showing 1 - 9 of 9
- Results Per Page
- Sort Options
Item 2020 CACR AI/ML Lessons Learned Report(2020-07-31) Kiser, Ryan; Adams, Emily K.; Cushenberry, Austin; Abhinit, Ishan; Shute, KelliSince Fall of 2019, the Indiana University Center for Applied Cybersecurity Research (CACR) has been exploring the application of machine learning to cybersecurity workflows with the intent of developing the applicable expertise necessary to maintain a commanding lead in the cybersecurity domain where machine learning solutions are expected to increasingly become the norm. In order to serve the objectives laid out in the project charter, CACR primarily worked in partnership with OmniSOC and researchers at Rochester Institute of Technology to explore the application of the ASSERT research prototype to SOC analyst workflows. The intent of this effort was to better understand both the utility of the ASSERT prototype and the challenges associated with the implementation of machine learning approaches to cybersecurity workflows more broadly.Item Data Integrity Threat Model(2019-06-27) Welch, Von; Abhinit, IshanThis document uses OSCRP as a point of reference to construct a non-malicious Data Integrity Threat Model as a part of IRIS project. The goal of the project is to detect the source of unintentional integrity errors in the scientific workflow executions on distributed cyberinfrastructure.Item Data Integrity Threat Model (Non-Malicious)(2022-07-27) Abhinit, IshanItem Google Drive security considerations in an academic and research space(2021-08-23) Krenz, Mark; Abhinit, IshanCloud storage systems are used by millions worldwide for data storage. There are many cloud storage systems available. Popular options include Google Drive, Google Shared Drive, Microsoft OneDrive, and Box. In this paper we will provide a brief introduction to Google Drive and Google Shared Drive and review the issues of concern to security professionals which we have encountered during use. The academic and research communities often share and collaborate beyond organizational boundaries, making these security concerns especially relevant. There are many concerns that create significant security risks to the academic and research communities. This paper is a product of several years using Google Drive within a variety of contexts and projects, most notably ResearchSOC , Trusted CI , SGCI and SWAMP . These projects often involved collaborating on documents with personnel from multiple institutions, a common use case in the academic sector. The authors of this paper are or have been involved with these projects. During use, we observed several security risks and developed methods for mitigating these risks.Item Jupyter Security Training NSF Summit 2019 Slides(2019-10-15) Wagner, Rick; Bussonnier, Matthias; Abhinit, Ishan; Krenz, MarkThis is a PDF export of the slide deck used to provide security training on Jupyter at the 2019 NSF Cybersecurity Summit. It contains information about security Jupyter, JupyterHub and notebooks.Item Modeling Data Integrity Threats for Scientific Workflows Using OSCRP and MITRE ATT&CK(2022-08-22) Abhinit, Ishan; Adams, Emily K; Chase, Brian; Mandal, Anirban; Xin, Yufeng; Vahi, Karan; Rynge, Mats; Deelman, EwaGuaranteeing the data integrity of scientific workflows and their associated data products, in the face of nonmalicious and malicious threats, is of paramount importance for the validity and credibility of scientific research. In this work, we describe how we can leverage two popular cybersecurity classification frameworks - OSCRP and MITRE ATT&CK®, to systematically model threats to the integrity of scientific workflows and data in a research setting. We enumerate nonmalicious and malicious threats to the integrity of scientific workflows, and present the relevant assets, concerns, avenues of attacks and impact of the threats in typical scientific workflow execution scenarios.Item Recommendations For Improving the Security of a Science Gateway(2021-09-14) Abhinit, Ishan; Filus, Shane; Krenz, MarkThis document, created by the Trusted CI team, provides an ease of implementation ordered list of security recommendations that can be used to help improve the security of a science gateway. It is focused on helping the science gateway that is implemented by a small team. The document was created as part of Trusted CI's collaboration with the Science Gateway Community Institute.Item Science DMZ: Secure High Performance Data Transfer(2022-01-06) Abhinit, Ishan; Addleman, Hans; Benninger, Kathy; DuRousseau, Don; Krenz, Mark; Meade, BrennaScience DMZs are a unique network architecture for allowing high low latency high speed data transfers for science research data. This white paper introduces the idea and explains some of the security challenges and solutions. This document also explains some of the high level implementation details and makes security recommendations for decreasing the security risk while using a Science DMZItem Security Log Analysis Training: 2019 Great Plains Network & Greater Western Library Alliance Annual Meeting(2019-05-22) Abhinit, Ishan; Krenz, MarkSlides used for security log analysis training session at the 2019 Great Plains Network All Hands Meeting in Kansas City. The slides contain information about how to prepare for doing log analysis, issues and also techniques for performing analysis to detect attacks.