Biblio

Cyber resilience has become a strategic point of information security in recent years. In the face of complex attack means and severe internal and external threats, it is difficult to achieve 100% protection against information systems. It is necessary to enhance the continuous service of information systems based on network resiliency and take appropriate compensation measures in case of protection failure, to ensure that the mission can still be achieved under attack. This paper combs the definition, cycle, and state of cyber resilience, and interprets the cyber resiliency engineering framework, to better understand cyber resilience. In addition, we also discuss the evolution of security architecture and analyze the impact of cyber resiliency on security architecture. Finally, the strategies and schemes of enhancing cyber resilience represented by zero trust and endogenous security are discussed.

The 5G network systems are evolving and have complex network infrastructures. There is a great deal of work in this area focused on meeting the stringent service requirements for the 5G networks. Within this context, security requirements play a critical role as 5G networks can support a range of services such as healthcare services, financial and critical infrastructures. 3GPP and ETSI have been developing security frameworks for 5G networks. Our work in 5G security has been focusing on the design of security architecture and mechanisms enabling dynamic establishment of secure and trusted end to end services as well as development of mechanisms to proactively detect and mitigate security attacks in virtualised network infrastructures. The focus of this paper is on the latter, namely the facilities and mechanisms, and the design of a security architecture providing facilities and mechanisms to detect and mitigate specific security attacks. We have developed a simplified version of the security architecture using Software Defined Networks (SDN) and Network Function Virtualisation (NFV) technologies. The specific security functions developed in this architecture can be directly integrated into the 5G core network facilities enhancing its security.

Real-Time Ethernet has become the major communication technology for modern automation and industrial control systems. On the one hand, this trend increases the need for an automation-friendly security solution, as such networks can no longer be considered sufficiently isolated. On the other hand, it shows that, despite diverging requirements, the domain of Operational Technology (OT) can derive advantage from high-volume technology of the Information Technology (IT) domain. Based on these two sides of the same coin, we study the challenges and prospects of approaches to communication security in real-time Ethernet automation systems. In order to capitalize the expertise aggregated in decades of research and development, we put a special focus on the reuse of well-established security technology from the IT domain. We argue that enhancing such technology to become automation-friendly is likely to result in more robust and secure designs than greenfield designs. Because of its widespread deployment and the (to this date) nonexistence of a consistent security architecture, we use PROFINET as a showcase of our considerations. Security requirements for this technology are defined and different well-known solutions are examined according their suitability for PROFINET. Based on these findings, we elaborate the necessary adaptions for the deployment on PROFINET.

An exciting network called smart IoT has great potential to improve the level of our daily activities and the communication. Source location privacy is one of the critical problems in the wireless sensor network (WSN). Privacy protections, especially source location protection, prevent sensor nodes from revealing valuable information about targets. In this paper, we first discuss about the current security architecture and attack modes. Then we propose a scheme based on cloud for protecting source location, which is named CPSLP. This proposed CPSLP scheme transforms the location of the hotspot to cause an obvious traffic inconsistency. We adopt multiple sinks to change the destination of packet randomly in each transmission. The intermediate node makes routing path more varied. The simulation results demonstrate that our scheme can confuse the detection of adversary and reduce the capture probability.

Ubiquitous or pervasive computing is a new kind of computing, where specialized elements of hardware and software will have such high level of deployment that their use will be fully integrated with the environment. Augmented reality extends reality with virtual elements but tries to place the computer in a relatively unobtrusive, assistive role. In this paper we propose, test and analyse a security and privacy architecture for a previously proposed middleware architecture for mobile and pervasive large scale augmented reality games, which is the main contribution of this paper. The results show that the security features proposed in the scope of this work do not affect the overall performance of the system.

Vehicles are becoming increasingly connected to the outside world. We can connect our devices to the vehicle's infotainment system and internet is being added as a functionality. Therefore, security is a major concern as the attack surface has become much larger than before. Consequently, attackers are creating malware that can infect vehicles and perform life-threatening activities. For example, a malware can compromise vehicle ECUs and cause unexpected consequences. Hence, ensuring the security of connected vehicle software and networks is extremely important to gain consumer confidence and foster the growth of this emerging market. In this paper, we propose a characterization of vehicle malware and a security architecture to protect vehicle from these malware. The architecture uses multiple computational platforms and makes use of the virtualization technique to limit the attack surface. There is a real-time operating system to control critical vehicle functionalities and multiple other operating systems for non-critical functionalities (infotainment, telematics, etc.). The security architecture also describes groups of components for the operating systems to prevent malicious activities and perform policing (monitor, detect, and control). We believe this work will help automakers guard their systems against malware and provide a clear guideline for future research.

UAANET (UAV Ad hoc Network) is defined as an autonomous system made of swarm of UAVs (Unmanned Aerial Vehicle) and GCS (Ground Control Station). Compared to other types of MANET (Mobile Ad hoc network), UAANET have some unique features and bring several challenges. One of them is the design of routing protocol. It must be efficient for creating routes between nodes and dynamically adjusting to the rapidly changing topology. It must also be secure to protect the integrity of the network against malicious attackers. In this paper, we will present the architecture and the performance evaluation (based on both real-life experimental and emulation studies) of a secure routing protocol called SUAP (Secure UAV Ad hoc routing Protocol). SUAP ensures routing services between nodes to exchange real-time traffic and also guarantees message authentication and integrity to protect the network integrity. Additional security mechanisms were added to detect Wormhole attacks. Wormhole attacks represent a high level of risk for UAV ad hoc network and this is the reason why we choose to focus on this specific multi node attack. Through performance evaluation campaign, our results show that SUAP ensures the expected security services against different types of attacks while providing an acceptable quality of service for real-time data exchanges.

Increased use of secure chat and voice/ video apps has transformed the social life. While the benefits and facilitations are seemingly limitless, so are the asscoiacted vulnerabilities and threats. Besides ensuring confidentiality requirements for common users, known facts of non-readable contents over the network make these apps more attractive for criminals. Though access to contents of cryptograhically secure sessions is not possible, network forensics of secure apps can provide interesting information which can be of great help during criminal invetigations. In this paper, we presented a novel framework of profiling the secure chat and voice/ video calling apps which can be employed to extract hidden patterns about the app, information of involved parties, activities of chatting, voice/ video calls, status indications and notifications while having no information of communication protocol of the app and its security architecture. Signatures of any secure app can be developed though our framework and can become base of a large scale solution. Our methodology is considered very important for different cases of criminal investigations and bussiness intelligence solutions for service provider networks. Our results are applicable to any mobile platform of iOS, android and windows.

The borderless, dynamic, high dimensional and virtual natures of cyberspace have brought unprecedented hard situation for defenders. To fight uncertain challenges in versatile cyberspace, a security framework based on the cloud computing platform that facilitates containerization technology to create a security capability pool to generate and distribute security payload according to system needs. Composed by four subsystems of the security decision center, the image and container library, the decision rule base and the security event database, this framework distills structured knowledge from aggregated security events and then deliver security load to the managed network or terminal nodes directed by the decision center. By introducing such unified and standardized top-level security framework that is decomposable, combinable and configurable in a service-oriented manner, it could offer flexibility and effectiveness in reconstructing security resource allocation and usage to reach higher efficiency.

The defense-in-depth approach has been widely recommended for designing critical information infrastructure, however, the lack of holistic design guidelines makes it difficult for many organizations to adopt the concept. Therefore, this paper proposes a holistic architectural framework and guidelines based on ring-based nested network zones for designing such highly secured information systems. This novel security architectural framework and guidelines offer the overall structural design and implementation options for holistically designing the N-tier/shared nothing system architectures. The implementation options, e.g. for the zone's perimeters, are recommended to achieve different capability levels of security or to trade off among different required security attributes. This framework enables the adaptive capability suitable for different real-world contexts. This paper also proposes an attack-hops verification approach as a tool to evaluate the architectural design.

With the development of scientific information technology, the emergence of the Internet of Things (IOT) promoted the information industry once again to a new stage of economic and technological development. From the perspective of confidentiality, integrity, and availability of information security, this paper analyzed the current state of the IOT and the security threats, and then researched the security primary technologies of the IOT security architecture. IOT security architecture established the foundation for a reliable information security system for the IOT.

Smart Farming is driven by the emergence of precise positioning systems and Internet of Things technologies which have already enabled site-specific applications, sustainable resource management, and interconnected machinery. Nowadays, so-called Farm Management Information Systems (FMISs) enable farm-internal interconnection of agricultural machines and implements and, thereby, allow in-field data exchange and the orchestration of collaborative agricultural processes. Machine data is often directly logged during task execution. Moreover, interconnection of farms, agricultural contractors, and marketplaces ease the collaboration. However, current FMISs lack in security and particularly in user authentication. In this paper, we present a security architecture for a decentralized, manufacturer-independent, and open-source FMIS. Special attention is turned on the Radio Frequency Identification (RFID)-based continuous user authentication which greatly improves security and credibility of automated documentation, while at the same time preserves usability in practice.

A successful Smart Grid system requires purpose-built security architecture which is explicitly designed to protect customer data confidentiality. In addition to the investment on electric power infrastructure for protecting the privacy of Smart Grid-related data, entities need to actively participate in the NIST interoperability framework process; establish policies and oversight structure for the enforcement of cyber security controls of the data through adoption of security best practices, personnel training, cyber vulnerability assessments, and consumer privacy audits.

We recently see a real digital revolution where all companies prefer to use cloud computing because of its capability to offer a simplest way to deploy the needed services. However, this digital transformation has generated different security challenges as the privacy vulnerability against cyber-attacks. In this work we will present a new architecture of a hybrid Intrusion detection System, IDS for virtual private clouds, this architecture combines both network-based and host-based intrusion detection system to overcome the limitation of each other, in case the intruder bypassed the Network-based IDS and gained access to a host, in intend to enhance security in private cloud environments. We propose to use a non-traditional mechanism in the conception of the IDS (the detection engine). Machine learning, ML algorithms will can be used to build the IDS in both parts, to detect malicious traffic in the Network-based part as an additional layer for network security, and also detect anomalies in the Host-based part to provide more privacy and confidentiality in the virtual machine. It's not in our scope to train an Artificial Neural Network ”ANN”, but just to propose a new scheme for IDS based ANN, In our future work we will present all the details related to the architecture and parameters of the ANN, as well as the results of some real experiments.

New IoT applications are demanding for more and more performance in embedded devices while their deployment and operation poses strict power constraints. We present the security concept for a customizable Internet of Things (IoT) platform based on the RISC-V ISA and developed by several Fraunhofer Institutes. It integrates a range of peripherals with a scalable computing subsystem as a three dimensional System-in-Package (3D-SiP). The security features aim for a medium security level and target the requirements of the IoT market. Our security architecture extends given implementations to enable secure deployment, operation, and update. Core security features are secure boot, an authenticated watchdog timer, and key management. The Universal Sensor Platform (USeP) SoC is developed for GLOBALFOUNDRIES' 22FDX technology and aims to provide a platform for Small and Medium-sized Enterprises (SMEs) that typically do not have access to advanced microelectronics and integration know-how, and are therefore limited to Commercial Off-The-Shelf (COTS) products.

Verification of security policies represents one of the most critical, complex, and expensive steps of modern SoC design validation. SoC security policies are typically implemented as part of functional design flow, with a diverse set of protection mechanisms sprinkled across various IP blocks. An obvious upshot is that their verification requires comprehension and analysis of the entire system, representing a scalability bottleneck for verification tools. The scale and complexity of industrial SoC is far beyond the analysis capacity of state-of-the-art formal tools; even simulation-based security verification is severely limited in effectiveness because of the need to exercise subtle corner-cases across the entire system. We address this challenge by developing a novel security architecture that accounts for verification needs from the ground up. Our framework, ArtiFact, provides an alternative architecture for security policy implementation that exploits a flexible, centralized, infrastructure IP and enables scalable, streamlined verification of these policies. With our architecture, verification of system-level security policies reduces to analysis of this single IP and its interfaces, enabling off-the-shelf formal tools to successfully verify these policies. We introduce a CAD flow that supports both formal and dynamic (simulation-based) verification, and is built on top of such off-the-shelf tools. Our approach reduces verification time by over 62X and bug detection time by 34X for illustrative policies.

Information and Communication Technologies (ICTs) present a number of vulnerabilities, threats and risks that could lead to devastating cyber-attacks resulting into huge financial losses, legal implications, and reputational damage for large and small organizations. As such, in this digital transformation and 4th industrial revolution era, nations and organizations have accepted that cybersecurity must be part of their strategic objectives and priorities. However, cybersecurity in itself is a multifaceted problem to address and the voluntary "one-size-fits-all" cybersecurity approaches have proven not effective in dealing with cyber incidents, especially in complex operational environments (e.g. large technology-centric organizations) that are multi-disciplinary, multi-departmental, multi-role, multinational, and operating across different locations. Addressing modern cybersecurity challenges requires more than a technical solution. A contextual and systematic approach that considers the complexities of these large digital environments in order to achieve resilient, sustainable, cost-effective and proactive cybersecurity is desirable. This paper aims to highlight through a single case study approach the multifaceted nature and complexity of the cybersecurity environment, pertinently in multi-disciplinary organizations. Essentially, this paper contributes a unified cybersecurity framework underpinned by an integrated capability management (ICM) approach that addresses the multifaceted nature of cybersecurity as well as the challenges and requirements eminent in complex environments, such as national government, municipalities or large corporations. The unified framework incorporates realistic and practical guidelines to bridge the gap between cybersecurity capability requirements, governance instruments and cybersecurity capability specification, implementation, employment and sustainment drawing from well-tested military capability development approaches.

The development of Vehicular Ad-hoc NETwork (VANET) has brought many conveniences to human beings, but also brings a very prominent security problem. The traditional solution to the security problem is based on centralized approach which requires a trusted central entity which exists a single point of failure problem. Moreover, there is no approach of technical level to ensure security of data. Therefore, this paper proposes a security architecture of VANET based on blockchain and mobile edge computing. The architecture includes three layers, namely perception layer, edge computing layer and service layer. The perception layer ensures the security of VANET data in the transmission process through the blockchain technology. The edge computing layer provides computing resources and edge cloud services to the perception layer. The service layer uses the combination of traditional cloud storage and blockchain to ensure the security of data.

Implantable medical devices (IMDs) typically rely on proprietary protocols to wirelessly communicate with external device programmers. In this paper, we fully reverse engineer the proprietary protocol between a device programmer and a widely used commercial neurostimulator from one of the leading IMD manufacturers. For the reverse engineering, we follow a black-box approach and use inexpensive hardware equipment. We document the message format and the protocol state-machine, and show that the transmissions sent over the air are neither encrypted nor authenticated. Furthermore, we conduct several software radio-based attacks that could compromise the safety and privacy of patients, and investigate the feasibility of performing these attacks in real scenarios. Motivated by our findings, we propose a security architecture that allows for secure data exchange between the device programmer and the neurostimulator. It relies on using a patient»s physiological signal for generating a symmetric key in the neurostimulator, and transporting this key from the neurostimulator to the device programmer through a secret out-of-band (OOB) channel. Our solution allows the device programmer and the neurostimulator to agree on a symmetric session key without these devices needing to share any prior secrets; offers an effective and practical balance between security and permissive access in emergencies; requires only minor hardware changes in the devices; adds minimal computation and communication overhead; and provides forward and backward security. Finally, we implement a proof-of-concept of our solution.

The evolution of the Internet of Things (IoT) requires a well-defined infrastructure of systems that provides services for device abstraction and data management, and also supports the development of applications. Middleware for IoT has been recognized as the system that can provide these services and has become increasingly important for IoT in recent years. The large amount of data that flows into a middleware system demands a security architecture that ensures the protection of all layers of the system, including the communication channels and border APIs used to integrate the applications and IoT devices. However, this security architecture should be based on lightweight approaches since middleware systems are widely applied in constrained environments. Some works have already defined new solutions and adaptations to existing approaches in order to mitigate IoT middleware security problems. In this sense, this article discusses the role of lightweight approaches to the standardization of a security architecture for IoT middleware systems. This article also analyzes concepts and existing works, and presents some important IoT middleware challenges that may be addressed by emerging lightweight security approaches in order to achieve the consolidation of a standard security architecture and the mitigation of the security problems found in IoT middleware systems.

Cameras have become nearly ubiquitous with the rise of smartphones and laptops. New wearable devices, such as Google Glass, focus directly on using live video data to enable augmented reality and contextually enabled services. However, granting applications full access to video data exposes more information than is necessary for their functionality, introducing privacy risks. We propose a privilege-separation architecture for visual recognizer applications that encourages modularization and least privilege–-separating the recognizer logic, sandboxing it to restrict filesystem and network access, and restricting what it can extract from the raw video data. We designed and implemented a prototype that separates the recognizer and application modules and evaluated our architecture on a set of 17 computer-vision applications. Our experiments show that our prototype incurs low overhead for each of these applications, reduces some of the privacy risks associated with these applications, and in some cases can actually increase the performance due to increased parallelism and concurrency.

This paper proposes a security architecture for an IoT transparent middleware. Focused on bringing real life objects to the virtual realm, the proposed architecture is deployable and comprises protection measures based on existent technologies for security such as AES, TLS and oAuth. This way, privacy, authenticity, integrity and confidentiality on data exchange services are integrated to provide security for generated smart objects and for involved users and services in a reliable and deployable manner.

Distributed wireless sensor network technologies have become one of the major research areas in healthcare industries due to rapid maturity in improving the quality of life. Medical Wireless Sensor Network (MWSN) via continuous monitoring of vital health parameters over a long period of time can enable physicians to make more accurate diagnosis and provide better treatment. The MWSNs provide the options for flexibilities and cost saving to patients and healthcare industries. Medical data sensors on patients produce an increasingly large volume of increasingly diverse real-time data. The transmission of this data through hospital wireless networks becomes a crucial problem, because the health information of an individual is highly sensitive. It must be kept private and secure. In this paper, we propose a security model to protect the transfer of medical data in hospitals using MWSNs. We propose Compressed Sensing + Encryption as a strategy to achieve low-energy secure data transmission in sensor networks.