Biblio

In vehicular networks, each message is signed by the generating node to ensure accountability for the contents of that message. For privacy reasons, each vehicle uses a collection of certificates, which for accountability reasons are linked at a central authority. One such design is the Security Credential Management System (SCMS) [1], which is the leading credential management system in the US. The SCMS is composed of multiple components, each of which has a different task for key management, which are logically separated. The SCMS is designed to ensure privacy against a single insider compromise, or against outside adversaries. In this paper, we demonstrate that the current SCMS design fails to achieve its design goal, showing that a compromised authority can gain substantial information about certificate linkages. We propose a solution that accommodates threshold-based detection, but uses relabeling and noise to limit the information that can be learned from a single insider adversary. We also analyze our solution using techniques from differential privacy and validate it using traffic-simulator based experiments. Our results show that our proposed solution prevents privacy information leakage against the compromised authority in collusion with outsider attackers.

Since the Information Networks are added to the current electricity networks, the security and privacy of individuals is challenged. This combination of technologies creates vulnerabilities in the context of smart grid power which disrupt the consumer energy supply. Methods based on encryption are against the countermeasures attacks that have targeted the integrity and confidentiality factors. Although the cryptography strategies are used in Smart Grid, key management which is different in size from tens to millions of keys (for meters), is considered as the critical processes. The Key mismanagement causes to reveal the secret keys for attacker, a symmetric key distribution method is recently suggested by [7] which is based on a symmetric key distribution, this strategy is very suitable for smart electric meters. The problem with this method is its vulnerability to impersonating respondents attack. The proposed approach to solve this problem is to send the both side identifiers in encrypted form based on hash functions and a random value, the proposed solution is appropriate for devices such as meters that have very little computing power.

The factors that threaten electric power information network are analyzed. Aiming at the weakness of being unable to provide numerical value of risk, this paper presents the evaluation index system, the evaluation model and method of network security based on multilevel fuzzy comprehensive judgment. The steps and method of security evaluation by the synthesis evaluation model are provided. The results show that this method is effective to evaluate the risk of electric power information network.

Recent years, the issue of cyber security has become ever more prevalent in the analysis and design of electrical cyber-physical systems (ECPSs). In this paper, we present the TrueTime Network Library for modeling the framework of ECPSs and focuses on the vulnerability analysis of ECPSs under DoS attacks. Model predictive control algorithm is used to control the ECPS under disturbance or attacks. The performance of decentralized and distributed control strategies are compared on the simulation platform. It has been proved that DoS attacks happen at dada collecting sensors or control instructions actuators will influence the system differently.

This paper considers a framework of electrical cyber-physical systems (ECPSs) in which each bus and branch in a power grid is equipped with a controller and a sensor. By means of measuring the damages of cyber attacks in terms of cutting off transmission lines, three solution approaches are proposed to assess and deal with the damages caused by faults or cyber attacks. Splitting incident is treated as a special situation in cascading failure propagation. A new simulation platform is built for simulating the protection procedure of ECPSs under faults. The vulnerability of ECPSs under faults is analyzed by experimental results based on IEEE 39-bus system.

The previous consideration of power grid focuses on the power system itself, however, the recent work is aiming at both power grid and communication network, this coupling networks are firstly called as interdependent networks. Prior study on modeling interdependent networks always extracts main features from real networks, the model of network A and network B are completely symmetrical, both degree distribution in intranetwork and support pattern in inter-network, but in reality this circumstance is hard to attain. In this paper, we deliberately set both networks with same topology in order to specialized research the support pattern between networks. In terms of initial failure from power grid or communication network, we find the remaining survival fraction is greatly disparate, and the failure initially from power grid is more harmful than failure initially from communication network, which all show the vulnerability of interdependency and meantime guide us to pay more attention to the protection measures for power grid.

Ransomware has become a very significant cyber threat. The basic idea of ransomware was presented in the form of a cryptovirus in 1995. However, it was considered as merely a conceptual topic since then for over a decade. In 2017, ransomware has become a reality, with several famous cases of ransomware having compromised important computer systems worldwide. For example, the damage caused by CryptoLocker and WannaCry is huge, as well as global. They encrypt victims' files and require user's payment to decrypt them. Because they utilize public key cryptography, the key for recovery cannot be found in the footprint of the ransomware on the victim's system. Therefore, once infected, the system cannot be recovered without paying for restoration. Various methods to deal this threat have been developed by antivirus researchers and experts in network security. However, it is believed that cryptographic defense is infeasible because recovering a victim's files is computationally as difficult as breaking a public key cryptosystem. Quite recently, various approaches to protect the crypto-API of an OS from malicious codes have been proposed. Most ransomware generate encryption keys using the random number generation service provided by the victim's OS. Thus, if a user can control all random numbers generated by the system, then he/she can recover the random numbers used by the ransomware for the encryption key. In this paper, we propose a dynamic ransomware protection method that replaces the random number generator of the OS with a user-defined generator. As the proposed method causes the virus program to generate keys based on the output from the user-defined generator, it is possible to recover an infected file system by reproducing the keys the attacker used to perform the encryption.

The SDN (Software Defined Networking) paradigm rings flexibility to the network management and is an enabler to offer huge opportunities for network programmability. And, to solve the scalability issue raised by the centralized architecture of SDN, multi-controllers deployment (or distributed controllers system) is envisioned. In this paper, we focus on increasing the diversity of SDN control plane so as to enhance the network security. Our goal is to limit the ability of a malicious controller to compromise its neighboring controllers, and by extension, the rest of the controllers. We investigate a heterogeneous Susceptible-Infectious-Susceptible (SIS) epidemic model to evaluate the security performance and propose a coloring algorithm to increase the diversity based on community detection. And the simulation results demonstrate that our algorithm can reduce infection rate in control plane and our work shows that diversity must be introduced in network design for network security.

The consistency checking of network security policy is an important issue of network security field, but current studies lack of overall security strategy modeling and entire network checking. In order to check the consistency of policy in distributed network system, a security policy model is proposed based on network topology, which checks conflicts of security policies for all communication paths in the network. First, the model uniformly describes network devices, domains and links, abstracts the network topology as an undirected graph, and formats the ACL (Access Control List) rules into quintuples. Then, based on the undirected graph, the model searches all possible paths between all domains in the topology, and checks the quintuple consistency by using a classifying algorithm. The experiments in campus network demonstrate that this model can effectively detect the conflicts of policy globally in the distributed network and ensure the consistency of the network security policies.

The deployment of Software Defined Networking (SDN) and Network Functions Virtualization (NFV) technologies is increasing, with security as a recognized application driving adoption. However, despite the potential with SDN/NFV for automated and adaptive network security services, the controller interaction presents both a performance and scalability challenge, and a threat vector. To overcome the performance issue, stateful data-plane designs have been proposed. However, these solutions do not offer protection from SDN-specific attacks linked to necessary control functions such as link reconfiguration and switch identification. In this work, we leverage the OpenState framework to introduce state-based SDN security protection mechanisms. The extensions required for this design are presented with respect to an SDN configuration-based attack. The demonstration shows the ability of the SDN Configuration (CFG) security protection mechanism to support legitimate relocation requests and to protect against malicious connection attempts.

Smart Internet of Things (IoT) applications will rely on advanced IoT platforms that not only provide access to IoT sensors and actuators, but also provide access to cloud services and data analytics. Future IoT platforms should thus provide connectivity and intelligence. One approach to connecting IoT devices, IoT networks to cloud networks and services is to use network federation mechanisms over the internet to create network slices across heterogeneous platforms. Network slices also need to be protected from potential external and internal threats. In this paper we describe an approach for enforcing global security policies in the federated cloud and IoT networks. Our approach allows a global security to be defined in the form of a single service manifest and enforced across all federation network segments. It relies on network function virtualisation (NFV) and service function chaining (SFC) to enforce the security policy. The approach is illustrated with two case studies: one for a user that wishes to securely access IoT devices and another in which an IoT infrastructure administrator wishes to securely access some remote cloud and data analytics services.

A dynamic modeling method for network security vulnerabilities which is composed of the design of safety evaluation model, the design of risk model of intrusion event and the design of vulnerability risk model. The model based on identification of vulnerabilities values through dynamic forms can improve the tightness between vulnerability scanning system, intrusion prevention system and security configuration verification system. Based on this model, the network protection system which is most suitable for users can be formed, and the protection capability of the network protection system can be improved.

A dynamic modeling method for network security vulnerabilities which is composed of the design of safety evaluation model, the design of risk model of intrusion event and the design of vulnerability risk model. The model based on identification of vulnerabilities values through dynamic forms can improve the tightness between vulnerability scanning system, intrusion prevention system and security configuration verification system. Based on this model, the network protection system which is most suitable for users can be formed, and the protection capability of the network protection system can be improved.

In-vehicle networks like Controller Area Network, FlexRay, Ethernet are now subjected to huge security threats where unauthorized entities can take control of the whole vehicle. This can pose very serious threats including accidents. Security features like encryption, message authentication are getting implemented in vehicle networks to counteract these issues. This paper is proposing a set of novel validation techniques to ensure that vehicle network security is fool proof. Security validation against requirements, security validation using white box approach, black box approach and grey box approaches are put forward. Test system architecture, validation of message authentication, decoding the patterns from vehicle network data, using diagnostics as a security loophole, V2V V2X loopholes, gateway module security testing are considered in detail. Aim of this research paper is to put forward a set of tools and methods for finding and reporting any security loopholes in the in-vehicle network security implementation.

The most of the organizations tend to accumulate the data related to security, which goes up-to terabytes in every month. They collect this data to meet the security requirements. The data is mostly in the shape of logs like Dns logs, Pcap files, and Firewall data etc. The data can be related to any communication network like cloud, telecom, or smart grid network. Generally, these logs are stored in databases or warehouses which becomes ultimately gigantic in size. Such a huge size of data upsurge the importance of security analytics in big data. In surveys, the security experts grumble about the existing tools and recommend for special tools and methods for big data security analysis. In this paper, we are using a big data analysis tool, which is known as apache spark. Although this tool is used for general purpose but we have used this for security analysis. It offers a very good library for machine learning algorithms including the clustering which is the main algorithm used in our work. In this work, we have developed a novel model, which combines rule based and clustering analysis for security analysis of big dataset. The dataset we are using in our experiment is the Kddcup99 which is a widely used dataset for intrusion detection. It is of MBs in size but can be used as a test case for big data security analysis.

Protection of information achieves keeping confidentiality, integrity, and availability of the data. These features are essential for the proper operation of modern industrial technologies, like Smart Grid. The complex grid system integrates many electronic devices that provide an efficient way of exploiting the power systems but cause many problems due to their vulnerabilities to attacks. The aim of the work is to propose a solution to the privacy problem in Smart Grid communication network between the customers and Control center. It consists in using the relatively new cryptographic task - quantum key distribution (QKD). The solution is based on choosing an appropriate quantum key distribution method out of all the conventional ones by performing an assessment in terms of several parameters. The parameters are: key rate, operating distances, resources, and trustworthiness of the devices involved. Accordingly, we discuss an answer to the privacy problem of the SG network with regard to both security and resource economy.

Software Defined Networks (SDNs) is a new networking paradigm that has gained a lot of attention in recent years especially in implementing data center networks and in providing efficient security solutions. The popularity of SDN and its attractive security features suggest that it can be used in the context of smart grid systems to address many of the vulnerabilities and security problems facing such critical infrastructure systems. This paper studies the impact of different cyber attacks that can target smart grid communication network which is implemented as a software defined network on the operation of the smart grid system in general. In particular, we perform different attack scenarios including DDoS attacks, location highjacking and link overloading against SDN networks of different controller types that include POX, Floodlight and RYU. Our experiments were carried out using the mininet simulator. The experiments show that SDN-enabled smartgrid systems are vulnerable to different types of attacks.

Distributed Denial of Service (DDoS) attack has been bringing serious security concerns on banks, finance incorporation, public institutions, and data centers. Also, the emerging wave of Internet of Things (IoT) raises new concerns on the smart devices. Software Defined Networking (SDN) and Network Functions Virtualization (NFV) have provided a new paradigm for network security. In this paper, we propose a new method to efficiently prevent DDoS attacks, based on a SDN/NFV framework. To resolve the problem that normal packets are blocked due to the inspection on suspicious packets, we developed a threshold-based method that provides a client with an efficient, fast DDoS attack mitigation. In addition, we use open source code to develop the security functions in order to implement our solution for SDN-based network security functions. The source code is based on NETCONF protocol [1] and YANG Data Model [2].

The theory of robust control models the controller-disturbance interaction as a game where disturbance is nonstrategic. The proviso of a deliberately malicious (strategic) attacker should be considered to increase the robustness of infrastructure systems. This has become especially important since many IT systems supporting critical functionalities are vulnerable to exploits by attackers. While the usefulness of game theory methods for modeling cyber-security is well established in the literature, new game theoretic models of cyber-physical security are needed for deriving useful insights on "optimal" attack plans and defender responses, both in terms of allocation of resources and operational strategies of these players. This whitepaper presents some progress and challenges in using game-theoretic models for security of infrastructure networks. Main insights from the following models are presented: (i) Network security game on flow networks under strategic edge disruptions; (ii) Interdiction problem on distribution networks under node disruptions; (iii) Inspection game to monitor commercial non-technical losses (e.g. energy diversion); and (iv) Interdependent security game of networked control systems under communication failures. These models can be used to analyze the attacker-defender interactions in a class of cyber-physical security scenarios.

A problem in managing the ever growing computer networks nowadays is the analysis of events detected by intrusion detection systems and the classification whether an event was correctly detected or not. When a false positive is detected by the user, changes to the configuration must be made and evaluated before they can be adopted to productive use. This paper describes an approach for a visual analysis framework that integrates the monitoring and analysis of events and the resulting changes on the configuration of detection systems after finding false alarms, together with a preliminary simulation and evaluation of the changes.

Smart IoT applications require connecting multiple IoT devices and networks with multiple services running in fog and cloud computing platforms. One approach to connecting IoT devices with cloud and fog services is to create a federated virtual network. The main benefit of this approach is that IoT devices can then interact with multiple remote services using an application specific federated network where no traffic from other applications passes. This federated network spans multiple cloud platforms and IoT networks but it can be managed as a single entity. From the point of view of security, federated virtual networks can be managed centrally and be secured with a coherent global network security policy. This does not mean that the same security policy applies everywhere, but that the different security policies are specified in a single coherent security policy. In this paper we propose to extend a federated cloud networking security architecture so that it can secure IoT devices and networks. The federated network is extended to the edge of IoT networks by integrating a federation agent in an IoT gateway or network controller (Can bus, 6LowPan, Lora, ...). This allows communication between the federated cloud network and the IoT network. The security architecture is based on the concepts of network function virtualisation (NFV) and service function chaining (SFC) for composing security services. The IoT network and devices can then be protected by security virtual network functions (VNF) running at the edge of the IoT network.

Cyber-Physical Systems (CPS) represent a fundamental link between information technology (IT) systems and the devices that control industrial production and maintain critical infrastructure services that support our modern world. Increasingly, the interconnections among CPS and IT systems have created exploitable security vulnerabilities due to a number of factors, including a legacy of weak information security applications on CPS and the tendency of CPS operators to prioritize operational availability at the expense of integrity and confidentiality. As a result, CPS are subject to a number of threats from cyber attackers and cyber-physical attackers, including denial of service and even attacks against the integrity of the data in the system. The effects of these attacks extend beyond mere loss of data or the inability to access information system services. Attacks against CPS can cause physical damage in the real world. This paper reviews the challenges of providing information assurance services for CPS that operate critical infrastructure systems and industrial control systems. These methods are thorough measures to close integrity and confidentiality gaps in CPS and processes to highlight the security risks that remain. This paper also outlines approaches to reduce the overhead and complexity for security methods, as well as examine novel approaches, including covert communications channels, to increase CPS security.

Federated cloud networks are formed by federating virtual network segments from different clouds, e.g. in a hybrid cloud, into a single federated network. Such networks should be protected with a global federated cloud network security policy. The availability of network function virtualisation and service function chaining in cloud platforms offers an opportunity for implementing and enforcing global federated cloud network security policies. In this paper we describe an approach for enforcing global security policies in federated cloud networks. The approach relies on a service manifest that specifies the global network security policy. From this manifest configurations of the security functions for the different clouds of the federation are generated. This enables automated deployment and configuration of network security functions across the different clouds. The approach is illustrated with a case study where communications between trusted and untrusted clouds, e.g. public clouds, are encrypted. The paper discusses future work on implementing this architecture for the OpenStack cloud platform with the service function chaining API.

With the popularization and development of network knowledge, network intruders are increasing, and the attack mode has been updated. Intrusion detection technology is a kind of active defense technology, which can extract the key information from the network system, and quickly judge and protect the internal or external network intrusion. Intrusion detection is a kind of active security technology, which provides real-time protection for internal attacks, external attacks and misuse, and it plays an important role in ensuring network security. However, with the diversification of intrusion technology, the traditional intrusion detection system cannot meet the requirements of the current network security. Therefore, the implementation of intrusion detection needs diversifying. In this context, we apply neural network technology to the network intrusion detection system to solve the problem. In this paper, on the basis of intrusion detection method, we analyze the development history and the present situation of intrusion detection technology, and summarize the intrusion detection system overview and architecture. The neural network intrusion detection is divided into data acquisition, data analysis, pretreatment, intrusion behavior detection and testing.

In distributed control systems with shared resources, participating agents can improve the overall performance of the system by sharing data about their personal references. In this paper, we formulate and study a natural tradeoff arising in these problems between the privacy of the agent’s data and the performance of the control system.We formalize privacy in terms of differential privacy of agents’ preference vectors. The overall control system consists of N agents with linear discrete-time coupled dynamics, each controlled to track its preference vector. Performance of the system is measured by the mean squared tracking error. We present a mechanism that achieves differential privacy by adding Laplace noise to the shared information in a way that depends on the sensitivity of the control system to the private data. We show that for stable systems the performance cost of using this type of privacy preserving mechanism grows as O(T³ /Nε²), where T is the time horizon and ε is the privacy parameter. For unstable systems, the cost grows exponentially with time. From an estimation point of view, we establish a lower-bound for the entropy of any unbiased estimator of the private data from any noise-adding mechanism that gives ε-differential privacy. We show that the mechanism achieving this lower-bound is a randomized mechanism that also uses Laplace noise.