Visible to the public Biblio

Filters: Keyword is pubcrawl170107  [Clear All Filters]
2017-02-27
Aydin, M., Jacob, J..  2015.  Cloud-COVER: Using User Security Attribute Preferences and Propagation Analysis to Prioritize Threats to Systems. 2015 European Intelligence and Security Informatics Conference. :53–60.

We present Cloud-COVER (Controls and Orderings for Vulnerabilities and ExposuRes), a cloud security threat modelling tool. Cloud-COVER takes input from a user about their deployment, requiring information about the data, instances, connections, their properties, and the importance of various security attributes. This input is used to analyse the relevant threats, and the way they propagate through the system. They are then presented to the user, ordered according to the security attributes they have prioritised, along with the best countermeasures to secure against the dangers listed.

Kainth, M., Krishnan, L., Narayana, C., Virupaksha, S. G., Tessier, R..  2015.  Hardware-assisted code obfuscation for FPGA soft microprocessors. 2015 Design, Automation Test in Europe Conference Exhibition (DATE). :127–132.

Soft microprocessors are vital components of many embedded FPGA systems. As the application domain for FPGAs expands, the security of the software used by soft processors increases in importance. Although software confidentiality approaches (e.g. encryption) are effective, code obfuscation is known to be an effective enhancement that further deters code understanding for attackers. The availability of specialization in FPGAs provides a unique opportunity for code obfuscation on a per-application basis with minimal hardware overhead. In this paper we describe a new technique to obfuscate soft microprocessor code which is located outside the FPGA chip in an unprotected area. Our approach provides customizable, data-dependent control flow modification to make it difficult for attackers to easily understand program behavior. The application of the approach to three benchmarks illustrates a control flow cyclomatic complexity increase of about 7× with a modest logic overhead for the soft processor.

Mohsen, R., Pinto, A. M..  2015.  Algorithmic information theory for obfuscation security. 2015 12th International Joint Conference on e-Business and Telecommunications (ICETE). 04:76–87.

The main problem in designing effective code obfuscation is to guarantee security. State of the art obfuscation techniques rely on an unproven concept of security, and therefore are not regarded as provably secure. In this paper, we undertake a theoretical investigation of code obfuscation security based on Kolmogorov complexity and algorithmic mutual information. We introduce a new definition of code obfuscation that requires the algorithmic mutual information between a code and its obfuscated version to be minimal, allowing for controlled amount of information to be leaked to an adversary. We argue that our definition avoids the impossibility results of Barak et al. and is more advantageous then obfuscation indistinguishability definition in the sense it is more intuitive, and is algorithmic rather than probabilistic.

Cómbita, L. F., Giraldo, J., Cárdenas, A. A., Quijano, N..  2015.  Response and reconfiguration of cyber-physical control systems: A survey. 2015 IEEE 2nd Colombian Conference on Automatic Control (CCAC). :1–6.

The integration of physical systems with distributed embedded computing and communication devices offers advantages on reliability, efficiency, and maintenance. At the same time, these embedded computers are susceptible to cyber-attacks that can harm the performance of the physical system, or even drive the system to an unsafe state; therefore, it is necessary to deploy security mechanisms that are able to automatically detect, isolate, and respond to potential attacks. Detection and isolation mechanisms have been widely studied for different types of attacks; however, automatic response to attacks has attracted considerably less attention. Our goal in this paper is to identify trends and recent results on how to respond and reconfigure a system under attack, and to identify limitations and open problems. We have found two main types of attack protection: i) preventive, which identifies the vulnerabilities in a control system and then increases its resiliency by modifying either control parameters or the redundancy of devices; ii) reactive, which responds as soon as the attack is detected (e.g., modifying the non-compromised controller actions).

Aduba, C., Won, C. h.  2015.  Resilient cumulant game control for cyber-physical systems. 2015 Resilience Week (RWS). :1–6.

In this paper, we investigate the resilient cumulant game control problem for a cyber-physical system. The cyberphysical system is modeled as a linear hybrid stochastic system with full-state feedback. We are interested in 2-player cumulant Nash game for a linear Markovian system with quadratic cost function where the players optimize their system performance by shaping the distribution of their cost function through cost cumulants. The controllers are optimally resilient against control feedback gain variations.We formulate and solve the coupled first and second cumulant Hamilton-Jacobi-Bellman (HJB) equations for the dynamic game. In addition, we derive the optimal players strategy for the second cost cumulant function. The efficiency of our proposed method is demonstrated by solving a numerical example.

Trajanovski, S., Kuipers, F. A., Hayel, Y., Altman, E., Mieghem, P. Van.  2015.  Designing virus-resistant networks: A game-formation approach. 2015 54th IEEE Conference on Decision and Control (CDC). :294–299.

Forming, in a decentralized fashion, an optimal network topology while balancing multiple, possibly conflicting objectives like cost, high performance, security and resiliency to viruses is a challenging endeavor. In this paper, we take a game-formation approach to network design where each player, for instance an autonomous system in the Internet, aims to collectively minimize the cost of installing links, of protecting against viruses, and of assuring connectivity. In the game, minimizing virus risk as well as connectivity costs results in sparse graphs. We show that the Nash Equilibria are trees that, according to the Price of Anarchy (PoA), are close to the global optimum, while the worst-case Nash Equilibrium and the global optimum may significantly differ for small infection rate and link installation cost. Moreover, the types of trees, in both the Nash Equilibria and the optimal solution, depend on the virus infection rate, which provides new insights into how viruses spread: for high infection rate τ, the path graph is the worst- and the star graph is the best-case Nash Equilibrium. However, for small and intermediate values of τ, trees different from the path and star graphs may be optimal.

Lokesh, M. R., Kumaraswamy, Y. S..  2015.  Healing process towards resiliency in cyber-physical system: A modified danger theory based artifical immune recogization2 algorithm approach. 2015 IEEE International Conference on Computer Graphics, Vision and Information Security (CGVIS). :226–232.

Healing Process is a major role in developing resiliency in cyber-physical system where the environment is diverse in nature. Cyber-physical system is modelled with Multi Agent Paradigm and biological inspired Danger Theory based-Artificial Immune Recognization2 Algorithm Methodology towards developing healing process. The Proposed methodology is implemented in a simulation environment and percentage of Convergence rates shown in achieving accuracy in the healing process to resiliency in cyber-physical system environment is shown.