Biblio

Real-time supervisory control and data acquisition (SCADA) systems use remote terminal units (RTUs) to monitor and manage the flow of power at electrical substations. As their connectivity to different utility and private networks increases, RTUs are becoming more vulnerable to cyber-attacks. Some attacks seek to access RTUs to directly control power system devices with the intent to shed load or cause equipment damage. Other attacks (such as denial-of-service) target network availability and seek to block, delay, or corrupt communications between the RTU and the control center. In the most severe case, when communications are entirely blocked, the loss of an RTU can cause the power system to become unobservable. It is important to understand how losing an RTU impacts the system state (bus voltage magnitudes and angles). The system state is determined by the state estimator and serves as the input to other critical EMS applications. There is currently no systematic approach for assessing the cyber-physical impact of losing RTUs. This paper proposes a methodology for N-1 RTU cyber-physical security assessment that could benefit power system control and operation. We demonstrate our approach on the IEEE 14-bus system as well as on a synthetic 200-bus system.

As a proposed Internet architecture, Named Data Networking must provide effective security support: data authenticity, confidentiality, and availability. This poster focuses on supporting data confidentiality via encryption. The main challenge is to provide an easy-to-use key management mechanism that ensures only authorized parties are given the access to protected data. We describe the design of name-based access control (NAC) which provides automated key management by developing systematic naming conventions for both data and cryptographic keys. We also discuss an enhanced version of NAC that leverages attribute-based encryption mechanisms (NAC-ABE) to improve the flexibility of data access control and reduce communication, storage, and processing overheads.

Recent projects regarding the exploration of the functions of microbiomes within communities brought about a plethora of new data. That specific field of study is called Metagenomics and one of its more advancing approach is the application of network analysis. The paper introduces NAMData which is a web-application tool for the network analysis of microbiome data. The system handles the compositionality and sparsity nature of microbiome data by applying taxa filtration, normalization, and zero treatment. Furthermore, compositionally aware correlation estimators were used to compute for the correlation between taxa and the system divides the network into the positive and negative correlation network. NAMData aims to capitalize on the unique network features namely network visualization, centrality scores, and community detection. The system enables researchers to include network analysis in their analysis pipelines even without any knowledge of programming. Biological concepts can be integrated with the network findings gathered from the system to either support existing facts or form new insights.

Named Data Networking (NDN) is one of the future internet architectures, which is a clean-slate approach. NDN provides intelligent data retrieval using the principles of name-based symmetrical forwarding of Interest/Data packets and innetwork caching. The continually increasing demand for rapid dissemination of large-scale scientific data is driving the use of NDN in data-intensive science experiments. In this paper, we establish an intercontinental NDN testbed. In the testbed, an NDN-based application that targets climate science as an example data intensive science application is designed and implemented, which has differentiated features compared to those of previous studies. We verify experimental justification of using NDN for climate science in the intercontinental network, through performance comparisons between classical delivery techniques and NDN-based climate data delivery.

Modern vehicles equipped with a large number of electronic components, sensors, actuators, and extensive connectivity, are the classical example of cyber-physical systems (CPS). Communication as an integral part of the CPS has enabled and offered many value-added services for vehicular networks. The communication mechanism helps to share contents with all vehicular network nodes and the surrounding environment, e.g., vehicles, traffic lights, and smart road signs, to efficiently take informed and smart decisions. Thus, it opens the doors to many security threats and vulnerabilities. Traditional TCP/IP-based communication paradigm focuses on securing the communication channel instead of the contents that travel through the network. Nevertheless, for content-centered application, content security is more important than communication channel security. To this end, named data networking (NDN) is one of the future Internet architectures that puts the contents at the center of communication and offers embedded content security. In this paper, we first identify the cyberattacks and security challenges faced by the vehicular CPS (VCPS). Next, we propose the NDN-based cyber-resilient, the layered and modular architecture for VCPS. The architecture includes the NDN's forwarding daemon, threat aversion, detection, and resilience components. A detailed discussion about the functionality of each component is also presented. Furthermore, we discuss the future challenges faced by the integration of NDN with VCPS to realize NDN-based VCPS.

The presence of experts, such as a data protection officer (DPO) and a privacy engineer is essential in Privacy Requirements Engineering. This task is carried out in various forms including threat modeling and privacy impact assessment. The knowledge required for performing privacy threat modeling can be a serious challenge for a novice privacy engineer. We aim to bridge this gap by developing an automated approach via machine learning that is able to detect privacy-related entities in the user stories. The relevant entities include (1) the Data Subject, (2) the Processing, and (3) the Personal Data entities. We use a state-of-the-art Named Entity Recognition (NER) model along with contextual embedding techniques. We argue that an automated approach can assist agile teams in performing privacy requirements engineering techniques such as threat modeling, which requires a holistic understanding of how personally identifiable information is used in a system. In comparison to other domain-specific NER models, our approach achieves a reasonably good performance in terms of precision and recall.

The continuous increase in sophistication of threat actors over the years has made the use of actionable threat intelligence a critical part of the defence against them. Such Cyber Threat Intelligence is published daily on several online sources, including vulnerability databases, CERT feeds, and social media, as well as on forums and web pages from the Surface and the Dark Web. Named Entity Recognition (NER) techniques can be used to extract the aforementioned information in an actionable form from such sources. In this paper we investigate how the latest advances in the NER domain, and in particular transformer-based models, can facilitate this process. To this end, the dataset for NER in Threat Intelligence (DNRTI) containing more than 300 pieces of threat intelligence reports from open source threat intelligence websites is used. Our experimental results demonstrate that transformer-based techniques are very effective in extracting cybersecurity-related named entities, by considerably outperforming the previous state- of-the-art approaches tested with DNRTI.

With the increase of the number of network threats, the knowledge graph is an effective method to quickly analyze the network threats from the mass of network security texts. Named entity recognition in network security domain is an important task to construct knowledge graph. Aiming at the problem that key Chinese entity information in network security related text is difficult to identify, a named entity recognition model in network security domain based on BERT-BiLSTM-CRF is proposed to identify key named entities in network security related text. This model adopts the BERT pre-training model to obtain the word vectors of the preceding and subsequent text information, and the obtained word vectors will be input to the subsequent BiLSTM module and CRF module for encoding and sorting. The test results show that this model has a good effect on the data set of network security domain. The recognition effect of this model is better than that of LSTM-CRF, BERT-LSTM-CRF, BERT-CRF and other models, and the F1=93.81%.

Named in-network computing is an emerging technology of Named Data Networking (NDN). Through deploying the named computing services/functions on NDN router, the router can utilize its free resources to provide nearby computation for users while relieving the pressure of cloud and network edge. Benefitted from the characteristic of named addressing, named computing services/functions can be easily discovered and migrated in the network. To implement named in-network computing, integrating the computing services as Virtual Machines (VMs) into the software router is a feasible way, but how to effectively deploy the service VMs to optimize the local processing capability is still a challenge. Focusing on this problem, we first give the design of NDN-enabled software router in this paper, then propose a service earning based named service deployment scheme (SE-NSD). For available service VMs, SE-NSD not only considers their popularities but further evaluates their service earnings (processed data amount per CPU cycle). Through modelling the deployment problem as the knapsack problem, SE-NSD determines the optimal service VMs deployment scheme. The simulation results show that, comparing with the popularity-based deployment scheme, SE-NSD can promote about 30% in-network computing capability while slightly reducing the service invoking RTT of user.

Named Data Networking (NDN) is a content-centric networking, where the publisher of the packet signs and encapsulates the data packet with a name-content-signature encryption to verify the authenticity and integrity of itself. This scheme can solve many of the security issues inherently compared to IP networking. NDN also support mobility since it hides the point-to-point connection details. However, an extreme attack takes place when an NDN consumer newly connects to a network. A Man-in-the-middle (MITM) malicious node can block the consumer and keep intercepting the interest packets sent out so as to fake the corresponding data packets signed with its own private key. Without knowledge and trust to the network, the NDN consumer can by no means perceive the attack and thus exposed to severe security and privacy hazard. In this paper, the Name-Signature Lookup System (NSLS) and corresponding Name-Signature Lookup Protocol (NSLP) is introduced to verify packets with their registered genuine publisher even in an untrusted network with the help of embedded keys inside Network Interface Controller (NIC), by which attacks like MITM is eliminated. A theoretical analysis of comparing NSLS with existing security model is provided. Digest algorithm SHA-256 and signature algorithm RSA are used in the NSLP model without specific preference.

We propose a multi party conversational social interface NAMIDA through a pilot study. The system consists of three robots that can converse with each other about environment throughout the road. Through this model, the directed utterances towards the driver diminishes by utilizing turn-taking process between the agents, and the mental workload of the driver can be reduced compared to the conventional one-to-one communication based approach that directly addresses the driver. We set up an experiment to compare the both approaches to explore their effects on the workload and attention behaviors of drivers. The results indicated that the multi-party conversational approach has a better effect on reducing certain workload factors. Also, the analysis of attention behaviors of drivers revealed that our method can better promote the drivers to focus on the road.

Recent data breaches in domains such as healthcare, where confidentiality of data is crucial, indicate that misuse cases often originate from user errors rather than vulnerabilities in the technical (software or hardware) architecture. Current requirements engineering (RE) approaches determine what access control mechanisms are needed to protect sensitive resources. However, current RE approaches inadequately characterize how a user is expected to interact with others in relation to the relevant resources. Consequently, a requirements analyst cannot readily identify the vulnerabilities based on user interactions. We adopt social norms as a natural, formal means of characterizing user interactions wherein potential misuses map to norm violations. Our research goal is to help analysts identify misuse cases by systematically generating potential temporal enactments that violate formally stated social norms. We propose Nane: a formal framework for identifying misuse cases from norm enactments. We represent misuse cases formally, and propose a semiautomated process for identifying misuse cases based on norm enactments. We show that our process is sound and complete with respect to the stated norms. We discuss the expressiveness of our representation, and demonstrate how Nane enables monitoring of misuse cases via temporal reasoning.

In this study, the effect of surface treatment on the boding strength between Quad flat package (QFP) and quartz was investigated for establishing a QFP/quartz glass bonding technique. This bonding technique is necessary to prevent bond failure at the nano-artifact metrics (NAM) chip and adhesive interface against physical attacks such as counterfeiting and tampering of edge AI devices that use NAM chips. Therefore, we investigated the relationship between surface roughness and tensile strength by applying surface treatments such as vacuum ultraviolet (VUV) and Ar/O2 plasma. All QFP/quartz glass with surface treatments such as VUV and Ar/O2 plasma showed increased bond strength. Surface treatment and bonding technology for QFP and quartz glass were established to realize NAM chip mounting.

Due to the wide deployment of deep learning applications in safety-critical systems, robust and secure execution of deep learning workloads is imperative. Adversarial examples, where the inputs are carefully designed to mislead the machine learning model is among the most challenging attacks to detect and defeat. The most dominant approach for defending against adversarial examples is to systematically create a network architecture that is sufficiently robust. Neural Architecture Search (NAS) has been heavily used as the de facto approach to design robust neural network models, by using the accuracy of detecting adversarial examples as a key metric of the neural network's robustness. While NAS has been proven effective in improving the robustness (and accuracy in general), the NAS-generated network models run noticeably slower on typical DNN accelerators than the hand-crafted networks, mainly because DNN accelerators are not optimized for robust NAS-generated models. In particular, the inherent multi-branch nature of NAS-generated networks causes unacceptable performance and energy overheads.To bridge the gap between the robustness and performance efficiency of deep learning applications, we need to rethink the design of AI accelerators to enable efficient execution of robust (auto-generated) neural networks. In this paper, we propose a novel hardware architecture, NASGuard, which enables efficient inference of robust NAS networks. NASGuard leverages a heuristic multi-branch mapping model to improve the efficiency of the underlying computing resources. Moreover, NASGuard addresses the load imbalance problem between the computation and memory-access tasks from multi-branch parallel computing. Finally, we propose a topology-aware performance prediction model for data prefetching, to fully exploit the temporal and spatial localities of robust NAS-generated architectures. We have implemented NASGuard with Verilog RTL. The evaluation results show that NASGuard achieves an average speedup of 1.74× over the baseline DNN accelerator.

This research analyzes a seemingly malicious behavior known as a block withholding (BWH) attack between pools of cryptocurrency miners in Bitcoin-like systems featuring blockchain distributed databases. This work updates and builds on a seminal paper, The Miner's Dilemma, which studied a simplified scenario and showed that a BWH attack can be rational behavior that is profitable for the attacker. The new research presented here provides an in-depth profit analysis of a more complex and realistic BWH attack scenario, which includes mutual attacks between multiple, non-uniform Bitcoin mining pools. As a result of mathematical analysis and MATLAB modeling, this paper illustrates the Nash equilibrium conditions of a system of independent mining pools with varied mining rates and computes the equilibrium rates of mutual BWH attack. The analysis method quantifies the additional profit the largest pools extract from the system at the expense of the smaller pools. The results indicate that while the presence of BWH is a net negative for smaller pools, they must participate in BWH to maximize their remaining profits, and the results quantify the attack rates the smaller pools must maintain. Also, the smallest pools maximize profit by not attacking at all-that is, retaliation is not a rational move for them.

The National Cyber Range (NCR) is an innovative Department of Defense (DoD) resource originally established by the Defense Advanced Research Projects Agency (DARPA) and now under the purview of the Test Resource Management Center (TRMC). It provides a unique environment for cyber security testing throughout the program development life cycle using unique methods to assess resiliency to advanced cyberspace security threats. This paper describes what a cyber security range is, how it might be employed, and the advantages a program manager (PM) can gain in applying the results of range events. Creating realism in a test environment isolated from the operational environment is a special challenge in cyberspace. Representing the scale and diversity of the complex DoD communications networks at a fidelity detailed enough to realistically portray current and anticipated attack strategies (e.g., Malware, distributed denial of service attacks, cross-site scripting) is complex. The NCR addresses this challenge by representing an Internet-like environment by employing a multitude of virtual machines and physical hardware augmented with traffic emulation, port/protocol/service vulnerability scanning, and data capture tools. Coupled with a structured test methodology, the PM can efficiently and effectively engage with the Range to gain cyberspace resiliency insights. The NCR capability, when applied, allows the DoD to incorporate cyber security early to avoid high cost integration at the end of the development life cycle. This paper provides an overview of the resources of the NCR which may be especially helpful for DoD PMs to find the best approach for testing the cyberspace resiliency of their systems under development.
 

The spread of Deepfakes via social media platforms leads to disinformation and misinformation. There are ways in which the government and social media companies can prevent to prevent Deepfakes.

Summary

• Obtain Executive Level Commitment for a Supply Chain Risk Management (SCRM) Program
• Identify Critical Systems, Networks, and Information
• Manage Third Party Risk

Bot detection - identifying a software program that's using a computer system -- is an increasingly necessary security task. Existing solutions balance proof of human identity with unobtrusiveness in users' workflows. Cognitive modeling and natural interaction might provide stronger security and less intrusiveness.

Bot detection - identifying a software program that's using a computer system – is an increasingly necessary security task. Existing solutions balance proof of human identity with unobtrusiveness in users' workflows. Cognitive modeling and natural interaction might provide stronger security and less intrusiveness.

The increasing popularity and use of personal voice assistant technologies, such as Siri and Google Now, is driving and expanding progress toward the long-term and lofty goal of using artificial intelligence to build human-computer dialog systems capable of understanding natural language. While dialog-based systems such as Siri support utterances communicated through natural language, they are limited in the flexibility they afford to the user in interacting with the system and, thus, support primarily action-requesting and information-seeking tasks. Mixed-initiative interaction, on the other hand, is a flexible interaction technique where the user and the system act as equal participants in an activity, and is often exhibited in human-human conversations. In this paper, we study user support for mixed-initiative interaction with dialog-based systems through natural language using a bag-of-words model and k-nearest-neighbor classifier. We study this problem in the context of a toolkit we developed for automated, mixed-initiative dialog system construction, involving a dialog authoring notation and management engine based on lambda calculus, for specifying and implementing task-based, mixed-initiative dialogs. We use ordering at Subway through natural language, human-computer dialogs as a case study. Our results demonstrate that the dialogs authored with our toolkit support the end user's completion of a natural language, human-computer dialog in a mixed-initiative fashion. The use of natural language in the resulting mixed-initiative dialogs afford the user the ability to experience multiple self-directed paths through the dialog and makes the flexibility in communicating user utterances commensurate with that in dialog completion paths—an aspect missing from commercial assistants like Siri.

Security Requirements classification is an important area to the Software Engineering community in order to build software that is secure, robust and able to withstand attacks. This classification facilitates proper analysis of security requirements so that adequate security mechanisms are incorporated in the development process. Machine Learning techniques have been used in Security Requirements classification to aid in the process that lead to ensuring that correct security mechanisms are designed corresponding to the Security Requirements classifications made to eliminate the risk of security being incorporated in the late stages of development. However, these Machine Learning techniques have been found to have problems including, handcrafting of features, overfitting and failure to perform well with high dimensional data. In this paper we explore Natural Language Processing and Deep Learning to determine if this can be applied to Security Requirements classification.