Biblio

In this paper, a new model-free adaptive sliding mode load frequency control (LFC) scheme is designed for inter-connected power systems, where modeling is difficult and suffers from load change disturbances and denial of service (DoS) attacks. The proposed algorithm only uses real-time I/O data of the power system to achieve a high control performance. Firstly, the dynamic linearization strategy is used to build a data-based model of the power system, and intermittent DoS attacks are modeled by limiting their duration and frequency. Secondly, the model-free adaptive sliding mode control (MFASMC) scheme is designed based on optimization theory and sliding mode reaching law, and its stability is analyzed. Finally, the three-area interconnected power system was selected to test the presented MFASMC scheme. Simulation data shows the effectiveness of the LFC algorithm in this paper.

In this paper, the distributed security control problem of connected vehicle systems (CVSs) is investigated under denial of service (DoS) attacks and uncertain dynamics. DoS attacks usually block communication channels, resulting in the vehicle inability to receive data from the neighbors. In severe cases, it will affect the control performance of CVSs and even cause vehicle collision and life threats. In order to keep the vehicle platoon stable when the DoS attacks happen, we introduce a random characteristic to describe the impact of the packet loss behavior caused by them. Dependent on the length of the lost packets, we propose a security platoon control protocol to deal with it. Furthermore, the security platoon control problem of CVSs is transformed into a stable problem of Markov jump systems (MJSs) with uncertain parameters. Next, the Lyapunov function method and linear matrix inequations (LMI) are used to analyze the internal stability and design controller. Finally, several simulation results are presented to illustrate the effectiveness of the proposed method.

The model-free adaptive security tracking control (MFASTC) problem of nonlinear networked control systems is explored in this paper with DoS attacks and delays consideration. In order to alleviate the impact of DoS attack and RTT delays on NCSs performance, an attack compensation mechanism and a networked predictive-based delay compensation mechanism are designed, respectively. The data-based designed method need not the dynamic and structure of the system, The MFASTC algorithm is proposed to ensure the output tracking error being bounded in the mean-square sense. Finally, an example is given to illustrate the effectiveness of the new algorithm by a comparison.

This paper investigates the event-triggered control (ETC) problem for stochastic networked control systems (NCSs) with exogenous disturbances and Denial-of-Service (DoS) attacks. The ETC strategy is proposed to reduce the utilization of network resource while defending the DoS attacks. Based on the introduced ETC strategy, sufficient conditions, which rely on the frequency and duration properties of DoS attacks, are obtained to achieve the stochastic input-to-state stability and Zeno-freeness of the ETC stochastic NCSs. An example of air vehicle system is given to explain the effectiveness of proposed ETC strategy.

In recent years, smart grid has gradually become the common development trend of the world's power industry, and its security issues are increasingly valued by researchers. Smart grids have applied technologies such as physical control, data encryption, and authentication to improve their security, but there is still a lack of timely and effective detection methods to prevent the grid from being threatened by malicious intrusions. Aiming at this problem, a model based on machine learning to detect smart grid DoS attacks has been proposed. The model first collects network data, secondly selects features and uses PCA for data dimensionality reduction, and finally uses SVM algorithm for abnormality detection. By testing the SVM, Decision Tree and Naive Bayesian Network classification algorithms on the KDD99 dataset, it is found that the SVM model works best.

Due to the harsh environment and energy limitation, maintaining efficient communication is crucial to the lifetime of Underwater Sensor Networks (UWSN). Named Data Networking (NDN), one of future network architectures, begins to be applied to UWSN. Although Underwater Named Data Networking (UNDN) performs well in data transmission, it still faces some security threats, such as the Denial-of-Service (DoS) attacks caused by Interest Flooding Attacks (IFAs). In this paper, we present a new type of DoS attacks, named as Synergetic Denial-of-Service (SDoS). Attackers synergize with each other, taking turns to reply to malicious interests as late as possible. SDoS attacks will damage the Pending Interest Table, Content Store, and Forwarding Information Base in routers with high concealment. Simulation results demonstrate that the SDoS attacks quadruple the increased network traffic compared with normal IFAs and the existing IFA detection algorithm in UNDN is completely invalid to SDoS attacks. In addition, we analyze the infection problem in UNDN and propose a defense method Trident based on carefully designed adaptive threshold, burst traffic detection, and attacker identification. Experiment results illustrate that Trident can effectively detect and resist both SDoS attacks and normal IFAs. Meanwhile, Trident can robustly undertake burst traffic and congestion.

Microgrids' dependency on communication links exposes the control systems to cyber attack threats. In this work, instead of designing reactive defense approaches, a proacitve moving target defense mechanism is proposed for securing microgrid secondary frequency control from denial of service (DoS) attack. The sensor data is transmitted by following a Markov process, not in a deterministic way. This uncertainty will increase the difficulty for attacker's decision making and thus significantly reduce the attack space. As the system parameters are constantly changing, a gain scheduling based secondary frequency controller is designed to sustain the system performance. Case studies of a microgrid with four inverter-based DGs show the proposed moving target mechanism can enhance the resiliency of the microgrid control systems against DoS attacks.

The security problem of networked control systems (NCSs) suffering denial of service(DoS) attacks with incomplete information is investigated in this paper. Data transmission among different components in NCSs may be blocked due to DoS attacks. We use the concept of security level to describe the degree of security of different components in an NCS. Intrusion detection system (IDS) is used to monitor the invalid data generated by DoS attacks. At each time slot, the defender considers which component to monitor while the attacker considers which place for invasion. A one-shot game between attacker and defender is built and both the complete information case and the incomplete information case are considered. Furthermore, a repeated game model with updating beliefs is also established based on the Bayes' rule. Finally, a numerical example is provided to illustrate the effectiveness of the proposed method.

Vehicular Adhoc Network (VANET), a specialized form of MANET in which safety is the major concern as critical information related to driver's safety and assistance need to be disseminated between the vehicle nodes. The security of the nodes can be increased, if the network availability is increased. The availability of the network is decreased, if there is Denial of Service Attacks (DoS) in the network. In this paper, a packet detection algorithm for the prevention of DoS attacks is proposed. This algorithm will be able to detect the multiple malicious nodes in the network which are sending irrelevant packets to jam the network and that will eventually stop the network to send the safety messages. The proposed algorithm was simulated in NS-2 and the quantitative values of packet delivery ratio, packet loss ratio, network throughput proves that the proposed algorithm enhance the security of the network by detecting the DoS attack well in time.

The growing number of attacks against cyber-physical systems in recent years elevates the concern for cybersecurity of industrial control systems (ICSs). The current efforts of ICS cybersecurity are mainly based on firewalls, data diodes, and other methods of intrusion prevention, which may not be sufficient for growing cyber threats from motivated attackers. To enhance the cybersecurity of ICS, a cyber-attack detection system built on the concept of defense-in-depth is developed utilizing network traffic data, host system data, and measured process parameters. This attack detection system provides multiple-layer defense in order to gain the defenders precious time before unrecoverable consequences occur in the physical system. The data used for demonstrating the proposed detection system are from a real-time ICS testbed. Five attacks, including man in the middle (MITM), denial of service (DoS), data exfiltration, data tampering, and false data injection, are carried out to simulate the consequences of cyber attack and generate data for building data-driven detection models. Four classical classification models based on network data and host system data are studied, including k-nearest neighbor (KNN), decision tree, bootstrap aggregating (bagging), and random forest (RF), to provide a secondary line of defense of cyber-attack detection in the event that the intrusion prevention layer fails. Intrusion detection results suggest that KNN, bagging, and RF have low missed alarm and false alarm rates for MITM and DoS attacks, providing accurate and reliable detection of these cyber attacks. Cyber attacks that may not be detectable by monitoring network and host system data, such as command tampering and false data injection attacks by an insider, are monitored for by traditional process monitoring protocols. In the proposed detection system, an auto-associative kernel regression model is studied to strengthen early attack detection. The result shows that this approach detects physically impactful cyber attacks before significant consequences occur. The proposed multiple-layer data-driven cyber-attack detection system utilizing network, system, and process data is a promising solution for safeguarding an ICS.

The Internet of things networks is vulnerable to many DOS attacks. Among them, Blackhole attack is one of the severe attacks as it hampers communication among network devices. In general, the solutions presented in the literature for Blackhole detection are not efficient. In addition, the existing approaches do not factor-in, the consumption in resources viz. energy, bandwidth and network lifetime. Further, these approaches are also insensitive to the mechanism used for selecting a parent in on Blackhole formation. Needless to say, a blackhole node if selected as parent would lead to orchestration of this attack trivially and hence it is an important factor in selection of a parent. In this paper, we propose SIEWE (Strainer based Intrusion Detection of Blackhole in 6LoWPAN for the Internet of Things) - an Intrusion detection mechanism to identify Blackhole attack on Routing protocol RPL in IoT. In contrast to the Watchdog based approaches where every node in network runs in promiscuous mode, SIEWE filters out suspicious nodes first and then verifies the behavior of those nodes only. The results that we obtain, show that SIEWE improves the Packet Delivery Ratio (PDR) of the system by blacklisting malicious Blackhole nodes.

NDN has been widely regarded as a promising representation and implementation of information- centric networking (ICN) and serves as a potential candidate for the future Internet architecture. However, the security of NDN is threatened by a significant safety hazard known as an IFA, which is an evolution of DoS and distributed DoS attacks on IP-based networks. The IFA attackers can create numerous malicious interest packets into a named data network to quickly exhaust the bandwidth of communication channels and cache capacity of NDN routers, thereby seriously affecting the routers' ability to receive and forward packets for normal users. Accurate detection of the IFAs is the most critical issue in the design of a countermeasure. To the best of our knowledge, the existing IFA countermeasures still have limitations in terms of detection accuracy, especially for rapidly volatile attacks. This article proposes a TC to detect the distributions of normal and malicious interest packets in the NDN routers to further identify the IFA. The trace back method is used to prevent further attempts. The simulation results show the efficiency of the TC for mitigating the IFAs and its advantages over other typical IFA countermeasures.

The QoS performance of MANET routing protocols is significantly affected by the mobility conditions in network. Secondly, as MANET open nature network, there is strong possibility of different types of vulnerabilities such as blackhole attack, malicious attack, DoS attacks etc. In this research work, we are designing the novel opportunistic routing protocol in order to address the challenges of network security as well as QoS improvement. There two algorithms designed in this paper. First we proposed and designed novel QoS improvement algorithm based on optimization scheme called Ant Colony Optimization (ACO) with swarm intelligence approach. This proposed method used the RSSI measurements to determine the distance between two mobile nodes in order to select efficient path for communication. This new routing protocol is named as QoS Mobility Aware ACO (QMAA) Routing Protocol. Second, we designed security algorithm for secure communication and user's authentication in MANET under the presence attackers in network. With security algorithm the QoS aware protocol is proposed named as Secure-QMAA (SQMAA). The SQMAA achieved secure communications while guaranteed QoS performance against existing routing protocols. The simulation results shows that under the presence of malicious attackers, the performance of SQMAA are efficient as compared to QMAA and state-of-art routing protocol.

Software Defined Networking (SDN) is a major paradigm in controlling and managing number of heterogeneous networks. It's a real challenge however to secure such complex networks which are heterogeneous in network security. The centralization of the intelligence in network presents both an opportunity as well as security threats. This paper focuses on various potential security challenges at the various levels of SDN architecture such as Denial of service (DoS) attack and its countermeasures. The paper shows the detection of DoS attck with S-FlowRT.

Widespread use of Wireless Sensor Networks (WSNs) introduced many security threats due to the nature of such networks, particularly limited hardware resources and infrastructure less nature. Denial of Service attack is one of the most common types of attacks that face such type of networks. Building an Intrusion Detection and Prevention System to mitigate the effect of Denial of Service attack is not an easy task. This paper proposes the use of two machine learning techniques, namely decision trees and Support Vector Machines, to detect attack signature on a specialized dataset. The used dataset contains regular profiles and several Denial of Service attack scenarios in WSNs. The experimental results show that decision trees technique achieved better (higher) true positive rate and better (lower) false positive rate than Support Vector Machines, 99.86% vs 99.62%, and 0.05% vs. 0.09%, respectively.

The integrity of information and services is one of the more evident concerns in the world of global information security, due to the fact that it has economic repercussions on the digital industry. For this reason, big companies spend a lot of money on systems that protect them against cyber-attacks like Denial of Service attacks. In this article, we will use all the attributes of the data-set NSL-KDD to train and test a Support Vector Machine model. This model will then be applied to a method of feature selection to obtain the most relevant attributes within the aforementioned data-set and train the model again. The main goal is comparing the results obtained in both instances of training and validate which was more efficient.

Named Data Networking (NDN) is a promising candidate for future internet architecture. It is one of the implementations of the Information-Centric Networking (ICN) architectures where the focus is on the data rather than the owner of the data. While the data security is assured by definition, these networks are susceptible of various Denial of Service (DoS) attacks, mainly Interest Flooding Attacks (IFA). IFAs overwhelm an NDN router with a huge amount of interests (Data requests). Various solutions have been proposed in the literature to mitigate IFAs; however; these solutions do not make a difference between intentional and unintentional misbehavior due to the network congestion. In this paper, we propose a novel congestion-aware IFA detection and mitigation solution. We performed extensive simulations and the results clearly depict the efficiency of our proposal in detecting truly occurring IFA attacks.

In recent years, technology use has assumed an important role in the support of human activities. Intellectual work has become the main preferred human activity, while structured activities are going to become ever more automatized for increasing their efficiency. For this reason, we assist to the diffusion of ever more innovative devices able to face new emergent problems. These devices can interact with the environment and each other autonomously, taking decisions even without human control. This is the Internet of Things (IoT) phenomenon, favored by low cost, high mobility, high interaction and low power devices. This spread of devices has become uncontrolled, but security in this context continues to increase slowly. The purpose of this work is to model and evaluate a new IoT security system. The context is based on a generic IoT system in the presence of lightweight actuator and sensor nodes exchanging messages through Message Queue Telemetry Transport (MQTT) protocol. This work aims to increase the security of this protocol at application level, particularly mitigating Denial of Service (DoS) attacks. The system is based on the use of a host Intrusion Detection System (IDS) which applies a threshold based packet discarding policy to the different topics defined through MQTT.

Distributed Denial of Service (DDoS) strike is a malevolent undertaking to irritate regular action of a concentrated on server, organization or framework by overwhelming the goal or its incorporating establishment with a flood of Internet development. DDoS ambushes achieve feasibility by utilizing different exchanged off PC structures as wellsprings of strike action. Mishandled machines can join PCs and other masterminded resources, for instance, IoT contraptions. From an anomalous express, a DDoS attack looks like a vehicle convergence ceasing up with the road, shielding standard action from meeting up at its pined for objective.

The Controller Area Network (CAN) is a broadcast communications network invented by Robert Bosch GmbH in 1986. CAN is the standard communication network found in automobiles, industry equipment, and many space applications. To be used in these environments, CAN is designed for efficiency and reliability, rather than security. This research paper closely examines the security risks within the CAN protocol and proposes a feasible solution. In this research, we investigate the problems with implementing certain security features in the CAN protocol, such as message authentication and protections against replay and denial-of-service (DoS) attacks. We identify the restrictions of the CAN bus, and we demonstrate how our proposed implementation meets these restrictions. Many previously proposed solutions lack security, feasibility, and/or efficiency; however, a solution must not drastically hinder the real-time operation speed of the network. The solution proposed in this research is tested with a simulative CAN environment. This paper proposes an alteration to the standard CAN bus nodes and the CAN protocol to better protect automobiles and other CAN-related systems from attacks.

Mobile Ad hoc Network has a wide range of applications in military and civilian domains. It is generally assumed that the nodes are trustworthy and cooperative in routing protocols of MANETs viz. AODV, DSR etc. This assumption makes wireless ad hoc network more prone to interception and manipulation which further open possibilities of various types of Denial of Service (DoS) attacks. In order to mitigate the effect of malicious nodes, a reputation based secure routing protocol is proposed in this paper. The basic idea of the proposed scheme is organize the network with 25 nodes which are deployed in a 5×5 grid structure. Each normal node in the network has a specific prime number, which acts as Node identity. A Backbone Network (BBN) is deployed in a 5×5 grid structure. The proposed scheme uses legitimacy value table and reputation level table maintained by backbone network in the network. These tables are used to provide best path selection after avoiding malicious nodes during path discovery. Based on the values collected in their legitimacy table & reputation level table backbone nodes separate and avoid the malicious nodes while making path between source and destination.

Security is the most important issue which needs to be given utmost importance and as both `Mobile Ad hoc Networks (MANET) and Wireless Sensor Networks (WSN) have similar system models, their security issues are also similar. This study deals in analysing the various lapses in security and the characteristics of various routing protocol's functionality and structure. This paper presents the implementation of ECC algorithm in the prevention of Denial of Service (DoS) attack through fictitious node. Optimized Link State Routing (OLSR) protocol is a MANET routing protocol and is evaluated mainly for two things. Primarily OLSR is less secure like AODV and others. The reason for it being less secure is that it is a table-driven in nature and uses a methodology called selective flooding technique, where redundancy is reduced and thus the security possibilities of the protocol is reduced. Another reason for selecting OLSR is that is an highly effective routing protocol for MANET. A brief information about formal routing is provided by the proposed methodology termed Denial Contradictions with Fictitious Node Mechanism (DCFM) which provides brief information about formal routing. Here, fictitious node acts as a virtual node and large networks are managed from attacks. More than 95% of attacks are prevented by this proposed methodology and the solution is applicable all the other DoS attacks of MANET.

This paper aims to address the security challenges on physical unclonable functions (PUFs) raised by modeling attacks and denial of service (DoS) attacks. We develop a hardware isolation-based secure architecture extension, namely PUFSec, to protect the target PUF from security compromises without modifying the internal PUF design. PUFSec achieves the security protection by physically isolating the PUF hardware and data from the attack surfaces accessible by the adversaries. Furthermore, we deploy strictly enforced security policies within PUFSec, which authenticate the incoming PUF challenges and prevent attackers from collecting sufficient PUF responses to issue modeling attacks or interfering with the PUF workflow to launch DoS attacks. We implement our PUFSec framework on a Xilinx SoC equipped with ARM processor. Our experimental results on the real hardware prove the enhanced security and the low performance and power overhead brought by PUFSec.

Cloud Data Center (CDC) security remains a major challenge for business organizations and takes an important concern with research works. The attacker purpose is to guarantee the service unavailability and maximize the financial loss costs. As a result, Distributed Denial of Service (DDoS) attacks have appeared as the most popular attack. The main aim of such attacks is to saturate and overload the system network through a massive data packets size flooding toward a victim server and to block the service to users. This paper provides a defending system in order to mitigate the Denial of Service (DoS) attack in CDC environment. Basically it outlines the different techniques of DoS attacks and its countermeasures by combining the filtering and detection mechanisms. We presented an analytical model based on queueing model to evaluate the impact of flooding attack on cloud environment regarding service availability and QoS performance. Consequently, we have plotted the response time, throughput, drop rate and resource computing utilization varying the attack arrival rate. We have used JMT (Java Modeling Tool) simulator to validate the analytical model. Our approach was appeared powerful for attacks mitigation in the cloud environment.

Recent years, the issue of cyber security has become ever more prevalent in the analysis and design of electrical cyber-physical systems (ECPSs). In this paper, we present the TrueTime Network Library for modeling the framework of ECPSs and focuses on the vulnerability analysis of ECPSs under DoS attacks. Model predictive control algorithm is used to control the ECPS under disturbance or attacks. The performance of decentralized and distributed control strategies are compared on the simulation platform. It has been proved that DoS attacks happen at dada collecting sensors or control instructions actuators will influence the system differently.