Biblio

In this paper, we present a security and privacy enhancement (SPE) framework for unmodified mobile operating systems. SPE introduces a new layer between the application and the operating system and does not require a device be jailbroken or utilize a custom operating system. We utilize an existing ontology designed for enforcing security and privacy policies on mobile devices to build a policy that is customizable. Based on this policy, SPE provides enhancements to native controls that currently exist on the platform for privacy and security sensitive components. SPE allows access to these components in a way that allows the framework to ensure the application is truthful in its declared intent and ensure that the user's policy is enforced. In our evaluation we verify the correctness of the framework and the computing impact on the device. Additionally, we discovered security and privacy issues in several open source applications by utilizing the SPE Framework. From our findings, if SPE is adopted by mobile operating systems producers, it would provide consumers and businesses the additional privacy and security controls they demand and allow users to be more aware of security and privacy issues with applications on their devices.

iOS devices are steadily obtaining popularity of the majority of users because of its some unique advantages in recent years. They can do many things that have been done on a desktop computer or laptop. With the increase in the use of mobile devices by individuals, organizations and government, there are many problems with information security especially some sensitive data related to users. As we all known, encryption algorithm play a significant role in data security. In order to prevent data being intercepted and being leaked during communication, in this paper, we adopted DES encryption algorithm that is fast, simple and suitable for large amounts of data of encryption to encrypt the data of iOS client and adopted the ECC encryption algorithms that was used to overcome the shortcoming of exchanging keys in a securing way before communications. In addition, we should also consider the application isolation and security mechanism of iOS that these features also protect the data securing to some extent. Namely, we propose an encryption algorithm combined the strengths of DES and ECC and make full use of the advantages of hybrid algorithm. Then, we tested and evaluated the performances of the suggested cryptography mechanism within the mobile platform of iOS. The results show that the algorithm has fairly efficiency in practical applications and strong anti-attack ability and it also improves the security and efficiency in data transmission.

A new development of smart-home systems is to use mobile apps to control IoT devices across a Home Area Network (HAN). As verified in our study, those systems tend to rely on the Wi-Fi router to authenticate other devices. This treatment exposes them to the attack from malicious apps, particularly those running on authorized phones, which the router does not have information to control. Mitigating this threat cannot solely rely on IoT manufacturers, which may need to change the hardware on the devices to support encryption, increasing the cost of the device, or software developers who we need to trust to implement security correctly. In this work, we present a new technique to control the communication between the IoT devices and their apps in a unified, backward-compatible way. Our approach, called HanGuard, does not require any changes to the IoT devices themselves, the IoT apps or the OS of the participating phones. HanGuard uses an SDN-like approach to offer fine-grained protection: each phone runs a non-system userspace Monitor app to identify the party that attempts to access the protected IoT device and inform the router through a control plane of its access decision; the router enforces the decision on the data plane after verifying whether the phone should be allowed to talk to the device. We implemented our design over both Android and iOS (\textbackslashtextgreater 95% of mobile OS market share) and a popular router. Our study shows that HanGuard is both efficient and effective in practice.

With the rapid application of the network based communication in industries, the security related problems appear to be inevitable for automation networks. The integration of internet into the automation plant benefited companies and engineers a lot and on the other side paved ways to number of threats. An attack on such control critical infrastructure may endangers people's health and safety, damage industrial facilities and produce financial loss. One of the approach to secure the network in automation is the development of an efficient Network based Intrusion Detection System (NIDS). Despite several techniques available for intrusion detection, they still lag in identifying the possible attacks or novel attacks on network efficiently. In this paper, we evaluate the performance of detection mechanism by combining the deep learning techniques with the machine learning techniques for the development of Intrusion Detection System (IDS). The performance metrics such as precession, recall and F-Measure were measured.

Generative policies enable devices to generate their own policies that are validated, consistent and conflict free. This autonomy is required for security policy generation to deal with the large number of smart devices per person that will soon become reality. In this paper, we discuss the research issues that have to be addressed in order for devices involved in security enforcement to automatically generate their security policies - enabling policy-based autonomous security management. We discuss the challenges involved in the task of automatic security policy generation, and outline some approaches based om machine learning that may potentially provide a solution to the same.

In the paper, we demonstrate novel approach for network Intrusion Detection System (IDS) for cyber security using unsupervised Deep Learning (DL) techniques. Very often, the supervised learning and rules based approach like SNORT fetch problem to identify new type of attacks. In this implementation, the input samples are numerical encoded and applied un-supervised deep learning techniques called Auto Encoder (AE) and Restricted Boltzmann Machine (RBM) for feature extraction and dimensionality reduction. Then iterative k-means clustering is applied for clustering on lower dimension space with only 3 features. In addition, Unsupervised Extreme Learning Machine (UELM) is used for network intrusion detection in this implementation. We have experimented on KDD-99 dataset, the experimental results show around 91.86% and 92.12% detection accuracy using unsupervised deep learning technique AE and RBM with K-means respectively. The experimental results also demonstrate, the proposed approach shows around 4.4% and 2.95% improvement of detection accuracy using RBM with K-means against only K-mean clustering and Unsupervised Extreme Learning Machine (USELM) respectively.

In this paper, an advanced security and stability defense framework that utilizes multisource power system data to enhance the power system security and resilience is proposed. The framework consists of early warning, preventive control, on-line state awareness and emergency control, requires in-depth collaboration between power engineering and data science. To realize this framework in practice, a cross-disciplinary research topic — the big data analytics for power system security and resilience enhancement, which consists of data converting, data cleaning and integration, automatic labelling and learning model establishing, power system parameter identification and feature extraction using developed big data learning techniques, and security analysis and control based on the extracted knowledge — is deeply investigated. Domain considerations of power systems and specific data science technologies are studied. The future technique roadmap for emerging problems is proposed.

The most of the organizations tend to accumulate the data related to security, which goes up-to terabytes in every month. They collect this data to meet the security requirements. The data is mostly in the shape of logs like Dns logs, Pcap files, and Firewall data etc. The data can be related to any communication network like cloud, telecom, or smart grid network. Generally, these logs are stored in databases or warehouses which becomes ultimately gigantic in size. Such a huge size of data upsurge the importance of security analytics in big data. In surveys, the security experts grumble about the existing tools and recommend for special tools and methods for big data security analysis. In this paper, we are using a big data analysis tool, which is known as apache spark. Although this tool is used for general purpose but we have used this for security analysis. It offers a very good library for machine learning algorithms including the clustering which is the main algorithm used in our work. In this work, we have developed a novel model, which combines rule based and clustering analysis for security analysis of big dataset. The dataset we are using in our experiment is the Kddcup99 which is a widely used dataset for intrusion detection. It is of MBs in size but can be used as a test case for big data security analysis.

The security of computer programs and systems is a very critical issue. With the number of attacks launched on computer networks and software, businesses and IT professionals are taking steps to ensure that their information systems are as secure as possible. However, many programmers do not think about adding security to their programs until their projects are near completion. This is a major mistake because a system is as secure as its weakest link. If security is viewed as an afterthought, it is highly likely that the resulting system will have a large number of vulnerabilities, which could be exploited by attackers. One of the reasons programmers overlook adding security to their code is because it is viewed as a complicated or time-consuming process. This paper presents a tool that will help programmers think more about security and add security tactics to their code with ease. We created a model that learns from existing open source projects and documentation using machine learning and text mining techniques. Our tool contains a module that runs in the background to analyze code as the programmer types and offers suggestions of where security could be included. In addition, our tool fetches existing open source implementations of cryptographic algorithms and sample code from repositories to aid programmers in adding security easily to their projects.

With the progressive development of network applications and software dependency, we need to discover more advanced methods for protecting our systems. Each industry is equally affected, and regardless of whether we consider the vulnerability of the government or each individual household or company, we have to find a sophisticated and secure way to defend our systems. The starting point is to create a reliable intrusion detection mechanism that will help us to identify the attack at a very early stage; otherwise in the cyber security space the intrusion can affect the system negatively, which can cause enormous consequences and damage the system's privacy, security or financial stability. This paper proposes a concise, and easy to use statistical learning procedure, abbreviated NASCA, which is a four-stage intrusion detection method that can successfully detect unwanted intrusion to our systems. The model is static, but it can be adapted to a dynamic set up.

The vision of cyber-physical systems (CPSs) considered the Internet as the future communication network for such systems. A challenge with this regard is to provide high communication reliability, especially, for CPSs applications in critical infrastructures. Examples include smart grid applications with reliability requirements between 99-99.9999% [2]. Even though the Internet is a cost effective solution for such applications, the reliability of its end-to-end (e2e) paths is inadequate (often less than 99%). In this paper, we propose Reliable Multipath Communication Approach for Internet-based CPSs (RC4CPS). RC4CPS is an e2e approach that utilizes the inherent redundancy of the Internet and multipath (MP) transport protocols concept to improve reliability measured in terms of availability. It provides online monitoring and MP selection in order to fulfill the application specific reliability requirement. In addition, our MP selection considers e2e paths dependency and unavailability prediction to maximize the reliability gains of MP communication. Our results show that RC4CPS dynamic MP selection satisfied the reliability requirement along with selecting e2e paths with low dependency and unavailability probability.

Cyber-induced dependent failures are important to be considered in composite system reliability evaluation. Because of the complexity and dimensionality, Monte Carlo simulation is a preferred method for composite system reliability evaluation. The non-sequential Monte Carlo or sampling generally requires less computational and storage resources than sequential techniques and is generally preferred for large systems where components are independent or only a limited dependency exists. However, cyber-induced events involve dependent failures, making it difficult to use sampling methods. The difficulties of using sampling with dependent failures are discussed and a solution is proposed. The basic idea is to generate a representative state space from which states can be sampled. The probabilities of representative state space provide an approximation of the joint distribution and are generated by a sequential simulation in this paper but it may be possible to find alternative means of achieving this objective. The proposed method preserves the dependent features of cyber-induced events and also improves the efficiency. Although motivated by cyber-induced failures, the technique can be used for other types of dependent failures as well. A comparative study between a purely sequential methodology and the proposed method is presented on an extended Roy Billinton Test System.

Large-scale infrastructures are critical to economic and social development, and hence their continued performance and security are of high national importance. Such an infrastructure often is a system of systems, and its functionality critically depends on the inherent robustness of its constituent systems and its defense strategy for countering attacks. Additionally, interdependencies between the systems play another critical role in determining the infrastructure robustness specified by its survival probability. In this paper, we develop game-theoretic models between a defender and an attacker for a generic system of systems using inherent parameters and conditional survival probabilities that characterize the interdependencies. We derive Nash Equilibrium conditions for the cases of interdependent and independent systems of systems under sum-form utility functions. We derive expressions for the infrastructure survival probability that capture its dependence on cost and system parameters, and also on dependencies that are specified by conditional probabilities. We apply the results to cyber-physical systems which show the effects on system survival probability due to defense and attack intensities, inherent robustness, unit cost, target valuation, and interdependencies.

Business or military missions are supported by hardware and software systems. Unanticipated cyber activities occurring in supporting systems can impact such missions. In order to quantify such impact, we describe a layered graphical model as an extension of forensic investigation. Our model has three layers: the upper layer models operational tasks that constitute the mission and their inter-dependencies. The middle layer reconstructs attack scenarios from available evidence to reconstruct their inter-relationships. In cases where not all evidence is available, the lower level reconstructs potentially missing attack steps. Using the three levels of graphs constructed in these steps, we present a method to compute the impacts of attack activities on missions. We use NIST National Vulnerability Database's (NVD)-Common Vulnerability Scoring System (CVSS) scores or forensic investigators' estimates in our impact computations. We present a case study to show the utility of our model.

In this paper, we present a decentralized nonlinear robust controller to enhance the transient stability margin of synchronous generators. Although, the trend in power system control is shifting towards centralized or distributed controller approaches, the remote data dependency of these schemes fuels cyber-physical security issues. Since the excessive delay or losing remote data affect severely the operation of those controllers, the designed controller emerges as an alternative for stabilization of Smart Grids in case of unavailability of remote data and in the presence of plant parametric uncertainties. The proposed controller actuates distributed storage systems such as flywheels in order to reduce stabilization time and it implements a novel input time delay compensation technique. Lyapunov stability analysis proves that all the tracking error signals are globally uniformly ultimately bounded. Furthermore, the simulation results demonstrate that the proposed controller outperforms traditional local power systems controllers such as Power System Stabilizers.

Enhancing the security and resilience of interdependent infrastructures is crucial. In this paper, we establish a theoretical framework based on Markov decision processes (MDPs) to design optimal resiliency mechanisms for interdependent infrastructures. We use MDPs to capture the dynamics of the failure of constituent components of an infrastructure and their cyber-physical dependencies. Factored MDPs and approximate linear programming are adopted for an exponentially growing dimension of both state and action spaces. Under our approximation scheme, the optimally distributed policy is equivalent to the centralized one. Finally, case studies in a large-scale interdependent system demonstrate the effectiveness of the control strategy to enhance the network resilience to cascading failures.

We analyze the security practices of three smart toys that communicate with children through voice commands. We show the general communication architecture, and some general security and privacy practices by each of the devices. Then we focus on the analysis of one particular toy, and show how attackers can decrypt communications to and from a target device, and perhaps more worryingly, the attackers can also inject audio into the toy so the children listens to any arbitrary audio file the attacker sends to the toy. This last attack raises new safety concerns that manufacturers of smart toys should prevent.

Speech recognition (SR) systems such as Siri or Google Now have become an increasingly popular human-computer interaction method, and have turned various systems into voice controllable systems (VCS). Prior work on attacking VCS shows that the hidden voice commands that are incomprehensible to people can control the systems. Hidden voice commands, though "hidden", are nonetheless audible. In this work, we design a totally inaudible attack, DolphinAttack, that modulates voice commands on ultrasonic carriers (e.g., f textgreater 20 kHz) to achieve inaudibility. By leveraging the nonlinearity of the microphone circuits, the modulated low-frequency audio commands can be successfully demodulated, recovered, and more importantly interpreted by the speech recognition systems. We validated DolphinAttack on popular speech recognition systems, including Siri, Google Now, Samsung S Voice, Huawei HiVoice, Cortana and Alexa. By injecting a sequence of inaudible voice commands, we show a few proof-of-concept attacks, which include activating Siri to initiate a FaceTime call on iPhone, activating Google Now to switch the phone to the airplane mode, and even manipulating the navigation system in an Audi automobile. We propose hardware and software defense solutions, and suggest to re-design voice controllable systems to be resilient to inaudible voice command attacks.

Modern vehicles rely on hundreds of on-board electronic control units (ECUs) communicating over in-vehicle networks. As external interfaces to the car control networks (such as the on-board diagnostic (OBD) port, auxiliary media ports, etc.) become common, and vehicle-to-vehicle / vehicle-to-infrastructure technology is in the near future, the attack surface for vehicles grows, exposing control networks to potentially life-critical attacks. This paper addresses the need for securing the controller area network (CAN) bus by detecting anomalous traffic patterns via unusual refresh rates of certain commands. While previous works have identified signal frequency as an important feature for CAN bus intrusion detection, this paper provides the first such algorithm with experiments using three attacks in five (total) scenarios. Our data-driven anomaly detection algorithm requires only five seconds of training time (on normal data) and achieves true positive / false discovery rates of 0.9998/0.00298, respectively (micro-averaged across the five experimental tests).

Voice assistants like Siri enable us to control IoT devices conveniently with voice commands, however, they also provide new attack opportunities for adversaries. Previous papers attack voice assistants with obfuscated voice commands by leveraging the gap between speech recognition system and human voice perception. The limitation is that these obfuscated commands are audible and thus conspicuous to device owners. In this poster, we propose a novel mechanism to directly attack the microphone used for sensing voice data with inaudible voice commands. We show that the adversary can exploit the microphone's non-linearity and play well-designed inaudible ultrasounds to cause the microphone to record normal voice commands, and thus control the victim device inconspicuously. We demonstrate via end-to-end real-world experiments that our inaudible voice commands can attack an Android phone and an Amazon Echo device with high success rates at a range of 2-3 meters.

Nowadays the Internet is closely related to our daily life. We enjoy the quality of service the provided by The Internet at the same time, but also suffer from the threat of network security. Among the many threats, SQL injection attacks are ranked in the first place. SQL injection attack refers to “when the user sends a request to the server, the malicious SQL command will be inserted into the web form or request URL parameters, leading to the server to perform illegal SQL query. The existing SQL injection detection methods include static analysis, dynamic analysis, parameterized query, intrusion detection system, parameter filtering and so on. However, these methods have some defects. Static analysis method can only detect the type and grammatical errors of SQL. Dynamic analysis can only detect the vulnerability predefined by application developers. Parameter filtering is based on regular expressions and black list to filter invalid characters. This method needs predefined regular expressions, but due to the diversity of SQL syntax and user input, resulting in a regular expression can't meet the requirements of detection, and has the defects that the attackers bypass detection to inject by the way of encoding parameters. In this paper, we propose a new approach to detect and prevent SQL injection. Our approach is based on the attack behavior and the analysis of response and state of the web application under different attacks. Our method perfectly solves the problems existing in methods mentioned above, and has higher accuracy.
 

Robotic vehicles and especially autonomous robotic vehicles can be attractive targets for attacks that cross the cyber-physical divide, that is cyber attacks or sensory channel attacks affecting the ability to navigate or complete a mission. Detection of such threats is typically limited to knowledge-based and vehicle-specific methods, which are applicable to only specific known attacks, or methods that require computation power that is prohibitive for resource-constrained vehicles. Here, we present a method based on Bayesian Networks that can not only tell whether an autonomous vehicle is under attack, but also whether the attack has originated from the cyber or the physical domain. We demonstrate the feasibility of the approach on an autonomous robotic vehicle built in accordance with the Generic Vehicle Architecture specification and equipped with a variety of popular communication and sensing technologies. The results of experiments involving command injection, rogue node and magnetic interference attacks show that the approach is promising.

Usually, the air gap will appear inside the composite insulators and it will lead to serious accident. In order to detect these internal defects in composite insulators operated in the transmission lines, a new non-destructive technique has been proposed. In the study, the mathematical analysis model of the composite insulators inner defects, which is about heat diffusion, has been build. The model helps to analyze the propagation process of heat loss and judge the structure and defects under the surface. Compared with traditional detection methods and other non-destructive techniques, the technique mentioned above has many advantages. In the study, air defects of composite insulators have been made artificially. Firstly, the artificially fabricated samples are tested by flash thermography, and this method shows a good performance to figure out the structure or defects under the surface. Compared the effect of different excitation between flash and hair drier, the artificially samples have a better performance after heating by flash. So the flash excitation is better. After testing by different pollution on the surface, it can be concluded that different pollution don't have much influence on figuring out the structure or defect under the surface, only have some influence on heat diffusion. Then the defective composite insulators from work site are detected and the image of defect is clear. This new active thermography system can be detected quickly, efficiently and accurately, ignoring the influence of different pollution and other environmental restrictions. So it will have a broad prospect of figuring out the defeats and structure in composite insulators even other styles of insulators.

Complex safety-critical devices require dependable communication. Dependability includes confidentiality and integrity as much as safety. Encrypting gateways with demilitarized zones, Multiple Independent Levels of Security architectures and the infamous Air Gap are diverse integration patterns for safety-critical infrastructure. Though resource restricted embedded safety devices still lack simple, certifiable, and efficient cryptography implementations. Following the recommended formal methods approach for safety-critical devices, we have implemented proven cryptography algorithms in the qualified model based language Scade as the Safety Leveraged Implementation of Data Encryption (SLIDE) library. Optimization for the synchronous dataflow language is discussed in the paper. The implementation for public-key based encryption and authentication is evaluated for real-world performance. The feasibility is shown by execution time benchmarks on an industrial safety microcontroller platform running a train control safety application.

The proliferation of Internet-of-Things (IoT) devices within homes raises many security and privacy concerns. Recent headlines highlight the lack of effective security mechanisms in IoT devices. Security threats in IoT arise not only from vulnerabilities in individual devices but also from the composition of devices in unanticipated ways and the ability of devices to interact through both cyber and physical channels. Existing approaches provide methods for monitoring cyber interactions between devices but fail to consider possible physical interactions. To overcome this challenge, it is essential that security assessments of IoT networks take a holistic view of the network and treat it as a "system of systems", in which security is defined, not solely by the individual systems, but also by the interactions and trust dependencies between systems. In this paper, we propose a way of modeling cyber and physical interactions between IoT devices of a given network. By verifying the cyber and physical interactions against user-defined policies, our model can identify unexpected chains of events that may be harmful. It can also be applied to determine the impact of the addition (or removal) of a device into an existing network with respect to dangerous device interactions. We demonstrate the viability of our approach by instantiating our model using Alloy, a language and tool for relational models. In our evaluation, we considered three realistic IoT use cases and demonstrate that our model is capable of identifying potentially dangerous device interactions. We also measure the performance of our approach with respect to the CPU runtime and memory consumption of the Alloy model finder, and show that it is acceptable for smart-home IoT networks.