Statistical Analysis of Covert Cybersecurity Activities: Scaling Laws and Detection Methodologies

Content

Speaker

Amir Reza Ramtin

Abstract

This dissertation conducts a comprehensive statistical analysis of covert cybersecurity activities, with a focus on volume-based attack detection, sequential detection methods, and the principles of covert communication within information theory. The research unfolds in three critical sections, each dissecting a unique aspect of covert cyber operations.

The first section delves into the detection of Distributed Denial-of-Service (DDoS) attacks, with a particular emphasis on the asymptotic behavior of attackers striving to remain undetected. This study elucidates the scaling laws of covert attacks within mixture Gaussian and exponential distributions, revealing the limits of traffic volume an attacker can manage without detection as the network of compromised devices expands.

In the second section, the narrative shifts to sequential detection, scrutinizing the efficacy of Shewhart and CUSUM tests against covert adversaries. The analysis encompasses both stationary and non-stationary post-change distributions, offering an understanding of adversarial strategies to maximize their impact while evading detection.

The third section addresses the scaling laws in covert communication, especially in scenarios influenced by fast fading and jammers. This investigation aims to demystify the asymptotic principles that govern covert communication capabilities in diverse interference conditions, thereby advancing the theoretical framework of low probability of detection (LPD) communication systems.