Biblio

The rise in the number of devices joining the Internet of Things (IoT) has created a huge potential for distributed denial of service (DDoS) attacks, especially due to the lack of security in these computationally limited devices. Malicious actors have realized that and managed to turn large sets of IoT devices into botnets under their control. Given this scenario, this work studies botnet architectures identified so far and assesses how they are considered in the few recent defense proposals that consider botnet architectures.

Internet of Things devices have spread to near ubiquity this decade. All around us now lies an invisible mesh of communication from devices embedded in seemingly everything. Inevitably some of that communication flying around our heads will contain data that must be protected or otherwise shielded from tampering. The responsibility to protect this sensitive information from malicious actors as it travels through the air then falls upon the standards used to communicate this data. Bluetooth Low Energy (BLE) is one of these standards, the aim of this paper is to put its security standards to test. By attempting to exploit its vulnerabilities we can see how secure this standard really is. In this paper, we present steps for analyzing the security of BLE devices using open-source hardware and software.

Modern Energy Management Systems (EMS) are becoming increasingly complex in order to address the urgent issue of global energy consumption. These systems retrieve vital information from various Internet-connected resources in a smart grid to function effectively. However, relying on such resources results in them being susceptible to cyber attacks. Malicious actors can exploit the interconnections between the resources to perform nefarious tasks such as modifying critical firmware, sending bogus sensor data, or stealing sensitive information. To address this issue, we propose a novel framework that integrates PowerWatch, a solution that detects compromised devices in the smart grid with Cyber-secure Power Router (CSPR), a smart energy management system. The goal is to ascertain whether or not such a device has operated maliciously. To achieve this, PowerWatch utilizes a machine learning model that analyzes information from system and library call lists extracted from CSPR in order to detect malicious activity in the EMS. To test the efficacy of our framework, a number of unique attack scenarios were performed on a realistic testbed that comprises functional versions of CSPR and PowerWatch to monitor the electrical environment for suspicious activity. Our performance evaluation investigates the effectiveness of this first-of-its-kind merger and provides insight into the feasibility of developing future cybersecure EMS. The results of our experimental procedures yielded 100% accuracy for each of the attack scenarios. Finally, our implementation demonstrates that the integration of PowerWatch and CSPR is effective and yields minimal overhead to the EMS.

In Vehicle-to-Vehicle (V2V) communications, malicious actors may spread false information to undermine the safety and efficiency of the vehicular traffic stream. Thus, vehicles must determine how to respond to the contents of messages which maybe false even though they are authenticated in the sense that receivers can verify contents were not tampered with and originated from a verifiable transmitter. Existing solutions to find appropriate actions are inadequate since they separately address trust and decision, require the honest majority (more honest ones than malicious), and do not incorporate driver preferences in the decision-making process. In this work, we propose a novel trust-aware decision-making framework without requiring an honest majority. It securely determines the likelihood of reported road events despite the presence of false data, and consequently provides the optimal decision for the vehicles. The basic idea of our framework is to leverage the implied effect of the road event to verify the consistency between each vehicle's reported data and actual behavior, and determine the data trustworthiness and event belief by integrating the Bayes' rule and Dempster Shafer Theory. The resulting belief serves as inputs to a utility maximization framework focusing on both safety and efficiency. This framework considers the two basic necessities of the Intelligent Transportation System and also incorporates drivers' preferences to decide the optimal action. Simulation results show the robustness of our framework under the multiple-vehicle attack, and different balances between safety and efficiency can be achieved via selecting appropriate human preference factors based on the driver's risk-taking willingness.

The modern malware poses serious security threats because of its evolved capability of using staged and persistent attack while remaining undetected over a long period of time to perform a number of malicious activities. The challenge for malicious actors is to gain initial control of the victim's machine by bypassing all the security controls. The most favored bait often used by attackers is to deceive users through a trusting or interesting email containing a malicious attachment or a malicious link. To make the email credible and interesting the cybercriminals often perform reconnaissance activities to find background information on the potential target. To this end, the value of information found on the discarded or stolen storage devices is often underestimated or ignored. In this paper, we present the partial results of analysis of one such hard disk that was purchased from the open market. The data found on the disk contained highly sensitive personal and organizational data. The results from the case study will be useful in not only understanding the involved risk but also creating awareness of related threats.