Large-scale smart computing is generally more vulnerable to cyber attacks since their system devices are normally distributed as networked platforms and each device could be a target and get compromised. Due to resource constraints (i.e., Sustainable Computing demand) and cost-efficiency issues (i.e., Green Computing demand), we usually monitor only a few devices (i.e., partial observation) to ensure all operations across different platforms are under a secure environment. This leads to a critical problem for detecting compromised devices that are out of surveillance. To the best of our knowledge, this problem has not been solved so far. In this paper, we propose an unsupervised classifier based on source-tracing technique (STC in short) to expose hidden compromised devices with partial observation on the networked sustainable green smart computing platforms. STC mainly focuses on the cyber threats that can spread in the platform and compromise various system devices. To expose hidden compromised devices that are out-of-surveillance, STC first captures the spreading source by the reverse dissemination technique, and then relies on microscopic propagation modelling to probabilistically identify the most probable compromised devices. We carried out a series of experiments to validate the performance of our proposed method. The evaluations are based on three real networked platforms: Air Traffic Control system, AS-level Internet platform, and US Power Grid. The experiment results demonstrated that STC can accurately expose the hidden compromised devices in terms of following aspects: 1) Source-tracing (more than 80 percent runs got exact real source and 95 percent within two hops of real source); 2) Modelling (very close to the simulation results); 3) Exposing accuracy (almost all $>$> 90 percent); and 4) Comparison to baseline (superiority to three supervised and two unsupervised classifiers).
- Compromised devices
- sustainable computing