Biblio

This paper presents a scheme of intellectual property protection of hardware circuit based on digital compression coding technology. The aim is to solve the problem of high embedding cost and low resource utilization of IP watermarking. In this scheme, the watermark information is preprocessed by dynamic compression coding around the idle circuit of FPGA, and the free resources of the surrounding circuit are optimized that the IP watermark can get the best compression coding model while the extraction and detection of IP core watermark by activating the decoding function. The experimental results show that this method not only expands the capacity of watermark information, but also reduces the cost of watermark and improves the security and robustness of watermark algorithm.

The occurrence of security vulnerabilities in kernel, especially for macOS/iOS kernel XNU, has increased rapidly in recent years. Naturally, concerns were raised due to the high risks they would lead to, which in general are much more serious than common application vulnerabilities. However, discovering XNU kernel vulnerabilities is always very challenging, and the main approach in practice is still manual analysis, which obviously is not a scalable method. In this paper, we perform an in-depth empirical study on the 406 published XNU kernel vulnerabilities to identify distinguishing characteristics of them and then leverage the features to guide our vulnerability detection, i.e., locating suspicious functions. To further improve the efficiency of vulnerability detection, we present KInspector, a new and lightweight framework to detect XNU kernel vulnerabilities by leveraging feedback-based fuzzing techniques. We thoroughly evaluate our approach on XNU with various versions, and the results turn out to be quite promising: 21 N/0-day vulnerabilities have been discovered in our experiments.

This paper presents a detailed analysis of some relevant security features of iOS and Android -the two most popular operating systems for mobile devices- from the perspective of user privacy. In particular, permissions that can be modified at run time on these platforms are analyzed. Additionally, a framework is introduced for permission analysis, a hybrid mobile application that can run on both iOS and Android. The framework, which can be extended, places special emphasis on the relationship between the user's privacy and the permission system.

The growing use of smart phones has also given opportunity to the intruders to create malicious apps thereby the security and privacy concerns of a novice user has also grown. This research focuses on the privacy concerns of a user who unknowingly installs a malicious apps created by the programmer. In this paper we created an attack scenario and created an app capable of compromising the privacy of the users. After accepting all the permissions by the user while installing the app, the app allows us to track the live location of the Android device and continuously sends the GPS coordinates to the server. This spying app is also capable of sending the call log details of the user. This paper evaluates two leading smart phone operating systems- Android and IOS to find out the flexibility provided by the two operating systems to their programmers to create the malicious apps.

Virtual network function provides tenant with flexible and scalable end-to-end service chaining in the cloud computing and data center environments. However, comparing with traditional hardware network devices, the uncertainty caused by software and virtualization of Network Function Virtualization expands the attack surface, making the network node vulnerable to a certain types of attacks. The existing approaches for solving the problem of reliability are able to reduce the impact of failure of physical devices, but pay little attention to the attack scenario, which could be persistent and covert. In this paper, a heterogeneous backup strategy is brought up, enhancing the intrusion tolerance of NFV SFC by dynamically switching the VNF executor. The validity of the method is verified by simulation and game theory analysis.

While cyberattacks pose a relatively new challenge for power grid control systems, commercial cloud systems have needed to address similar threats for many years. However, technology and approaches developed for cloud systems do not necessarily transfer directly to the power grid, due to important differences between the two domains. We discuss our experience adapting intrusion-tolerant cloud technologies to the power domain and describe the challenges we have encountered and potential directions for overcoming those obstacles.

Information security is a top priority in government and industry because high consequence cyber incidents continue with regularity. The blue teamers that protect cyber systems cannot stop or even know about all these incidents, so they must take measures to tolerate these incursions in addition to preventing and detecting them. We propose dynamically compartmentalizing subject networks into collaboration zones and limiting the communication between these zones. In this article, we demonstrate this technique's effect on the attacker and the defender for various parameter settings using discrete-time simulation. Based on our results, we conclude that dynamic cyber zone defense is a viable intrusion tolerance technique and should be considered for technology transfer.

Technologies such as Industry 4.0 or assisted/autonomous driving are relying on highly customized cyber-physical realtime systems. Those systems are designed to match functional safety regulations and requirements such as EN ISO 13849, EN IEC 62061 or ISO 26262. However, as systems - especially vehicles - are becoming more connected and autonomous, they become more likely to suffer from new attack vectors. New features may meet the corresponding safety requirements but they do not consider adversaries intruding through security holes with the purpose of bringing vehicles into unsafe states. As research goal, we want to bridge the gap between security and safety in cyber-physical real-time systems by investigating real-time-aware intrusion-tolerant architectures for automotive use-cases.

Many complex dynamical systems consist of a large number of interacting subsystems that operate harmoniously and make decisions that are designed for the benefit of the entire enterprise. If, in an attempt to disrupt the operation of the entire system, one subsystem gets attacked and is made to operate in a manner that is adversarial with the others, then the entire system suffers, resulting in an adversarial decision-making environment among its subsystems. Such an environment may affect not only the decision-making process of the attacked subsystem but also possibly the other remaining subsystems as well. The disruption caused by the attacked subsystem may cause the remaining subsystems to either coalesce as a unified team making team-based decisions, or disintegrate and act as independent decision-making entities. The decision-making process in these types of complex systems of systems is best analyzed within the general framework of cooperative and non-cooperative game theory. In this paper, we will develop an analysis that provides a theoretical basis for modeling the decision-making process in such complex systems. We show how cooperation among the subsystems can produce Noninferior Nash Strategies (NNS) that are fair and acceptable to all subsystems within the team while at the same time provide the subsystems in the team with the security of the Nash equilibrium against the opposing attacked subsystem. We contrast these strategies with the all Nash Strategies (NS) that would result if the operation of the entire system disintegrated and became adversarial among all subsystems as a result of the attack. An example of a system consisting of three subsystems with one opposing subsystem as a result of an attack is included to illustrate the results.

The motion process of multi-dimensional chaotic system is complex and variable, the randomness of motion state is stronger, and the motion state is more unpredictable within a certain range. This feature of multi-dimensional chaotic system can effectively improve the security performance of digital image encryption algorithm. In this paper, the hyper-chaotic Lorenz map is used to design the encryption sequence to improve the random performance of the encryption sequence, thus optimizing the performance of the digital image encryption algorithm. In this paper, the chaotic sequence is used to randomly select the row vector of the Hadamard matrix to form the Hadamard matrix to determine the measurement matrix, which simplifies the computational difficulty of the algorithm and solves the problem of the discontinuity of the key space in the random matrix design.

With the increase in the number of cyber attacks on industrial control systems, especially in critical infrastructure facilities, the problem of comprehensive analysis of the security of such systems becomes urgent. This, in turn, requires the availability of fundamental mathematical, methodological and instrumental basis for modeling automated systems, modeling attacks on their information resources, which would allow realtime system protection analysis. The paper proposes a basis for simulating protected industrial control systems, based on the developed reference security model, and a model for attacks on information resources of automated systems. On the basis of these mathematical models, a complex model of a protected automated system was developed, which can be used to build protection systems for automated systems used in production.

In this paper, System Theoretic Process Analysis (STPA) method was used to analyze the security of Temporary Speed Restriction (TSR) sending scenario in train control system based on vehicle-vehicle communication. The security of this scenario was analyzed according to the analysis process of STPA method. Firstly, Unsafe Control Actions (UCAs) in this scenario were identified and Control Defects (CDs) were analyzed. After that, the corresponding Security Design Requirements (SDRs) were formulated according to the obtained control defects. Finally, the time automata network model of TSR sending scenario was established to verify SDRs. The result shows that: STPA method is suitable to discover the unsafe factors and safety hazards of train control system and take corresponding safety measures to prevent the occurrence of accidents.

Aiming at the shortcomings of the traditional network active security threat model that cannot continuously control the threat process, a network active security threat model based on offensive and defensive differential game is constructed. The attack and defense differential game theory is used to define the parameters of the network active security threat model, on this basis, the network security target is determined, the network active security threat is identified by the attack defense differential equation, and finally the network active security threat is quantitatively evaluated, thus construction of network active security threat model based on offensive and defensive differential game is completed. The experimental results show that compared with the traditional network active security threat model, the proposed model is more feasible in the attack and defense control of the network active security threat process, and can achieve the ideal application effect.

In recent years the use of security gateways (SG) located within the electrical grid distribution network has become pervasive. SGs in substations and renewable distributed energy resource aggregators (DERAs) protect power distribution control devices from cyber and cyber-physical attacks. When encrypted communications within a DER network is used, TCP/IP packet inspection is restricted to packet header behavioral analysis which in most cases only allows the SG to perform anomaly detection of blocks of time-series data (event windows). Packet header anomaly detection calculates the probability of the presence of a threat within an event window, but fails in such cases where the unreadable encrypted payload contains the attack content. The SG system log (syslog) is a time-series record of behavioral patterns of network users and processes accessing and transferring data through the SG network interfaces. Threatening behavioral pattern in the syslog are measurable using both anomaly detection and graph theory. In this paper it will be shown that it is possible to efficiently detect the presence of and classify a potential threat within an SG syslog using light-weight anomaly detection and graph theory.

The work is devoted to the synthesis of an aircraft control system using a synergetic control theory. The paper contains a general description of the apparatus and its control system, a synthesis of control laws, and a computer simulation. The relevance of the work consists in the need to create a vertically take-off aircraft of the “flying platform” type in order to increase the efficiency of rescue operations in disaster zones where helicopters and other modern means can't cope with the task. The scientific novelty of the work consists in the application of synergetic approaches to the development of a hierarchical system for balancing the vehicle spatial position and to the coordinating energy-saving control of electric motors that receive energy from a turbine generator.

The authors carry out the analysis of the process of modeling threats to information security of automated process control systems. Basic principles of security threats model formation are considered. The approach to protection of automated process control systems based on the Shtakelberg game in a strategic form was modeled. An abstract mathematical model of information security threats to automated process control systems was developed. A formalized representation of a threat model is described, taking into account an intruder's potential. Presentation of the process of applying the described threat model in the form of a continuous Deming-Shewhart cycle is proposed.

With the increasing security threats to the information of Industrial Cyber-physical Control Systems, the quantitative assessment of security risk becomes an important basis of information security research. Based on fuzzy hierarchy analysis, this paper constructs the hierarchical model of industrial control system safety risk evaluation, and obtains the exact value of risk. Experimental results show that the proposed method can effectively quantify the control system risk, which provides a basis for industrial control system risk management decision.

In a computer world, to identify anyone by doing a job or to authenticate by checking their identification and give access to computer. Access Control model comes in to picture when require to grant the permissions to individual and complete the duties. The access control models cannot give complete security when dealing with cloud computing area, where access control model failed to handle the attributes which are requisite to inhibit access based on time and location. When the data outsourced in the cloud, the information holders expect the security and confidentiality for their outsourced data. The data will be encrypted before outsourcing on cloud, still they want control on data in cloud server, where simple encryption is not a complete solution. To irradiate these issues, unlike access control models proposed Attribute Based Encryption standards (ABE). In ABE schemes there are different types like Key Policy-ABE (KP-ABE), Cipher Text-ABE (CP-ABE) and so on. The proposed method applied the access control policy of CP-ABE with Advanced Encryption Standard and used elliptic curve for key generation by using multi stage encryption which divides the users into two domains, public and private domains and shuffling the data base records to protect from inference attacks.

With all the exciting benefits of IoT in healthcare - from mobile applications to wearable and implantable health gadgets-it becomes prominent to ensure that patients, their medical data and the interactions to and from their medical devices are safe and secure. The security and privacy is being breached when the mobile applications are mishandled or tampered by the hackers by performing reverse engineering on the application leading to catastrophic consequences. To combat against these vulnerabilities, there is need to create an awareness of the potential risks of these devices and effective strategies are needed to be implemented to achieve a level of security defense. In this paper, the benefits of healthcare IoT system and the possible vulnerabilities that may result are presented. Also, we propose to develop solutions against these vulnerabilities by protecting mobile applications using obfuscation and return oriented programming techniques. These techniques convert an application into a form which makes difficult for an adversary to interpret or alter the code for illegitimate purpose. The mobile applications use keys to control communication with the implantable medical devices, which need to be protected as they are the critical component for securing communications. Therefore, we also propose access control schemes using white box encryption to make the keys undiscoverable to hackers.

There is a need for new tools and techniques to aid automotive engineers performing cybersecurity testing on connected car systems. This is in order to support the principle of secure-by-design. Our research has produced a method to construct useful automotive security tooling and tests. It has been used to implement Controller Area Network (CAN) fuzz testing (a dynamic security test) via a prototype CAN fuzzer. The black-box fuzz testing of a laboratory vehicle's display ECU demonstrates the value of a fuzzer in the automotive field, revealing bugs in the ECU software, and weaknesses in the vehicle's systems design.

Nowadays, the growing need to connect modern vehicles through computer networks leads to increased risks of cyberattacks. The internal network, which governs the several electronic components of a vehicle, is becoming increasingly overexposed to external attacks. The Controller Area Network (CAN) protocol, used to interconnect those devices is the key point of the internal network of modern vehicles. Therefore, securing such protocol is crucial to ensure a safe driving experience. However, the CAN is a standard that has undergone little changes since it was introduced in 1983. More precisely, in an attempt to reduce latency, the transfer of information remains unencrypted, which today represents a weak point in the protocol. Hence, the need to protect communications, without introducing low-level alterations, while preserving the performance characteristics of the protocol. In this work, we investigate the possibility of using symmetric encryption algorithms for securing messages exchanged by CAN protocol. In particular, we evaluate the using of lightweight ciphers to secure CAN-level communication. Such ciphers represent a reliable solution on hardware-constrained devices, such as microcontrollers.

Security is a critical issue for new car generation targeting intelligent transportation systems (ITS), involving autonomous and connected vehicles. In this work we designed a low cost CAN probe and defined analysis tools in order to build attack scenarios. We reuse some threats identified by a previous work. Future researches will address new security protocols.

Security issues severely restrict the development and popularization of cloud computing. As a way of data leakage, covert channel greatly threatens the security of cloud platform. This paper introduces the types and research status of covert channels, and discusses the classical detection and interference methods of time-covert channels on cloud platforms for shared memory time covert channels.

Covert communications, where a transmitter Alice wishes to hide the presence of her transmitted signal from a watchful adversary Willie, has been considered extensively in recent years. Those investigations have generally considered physical-layer models, where the adversary has access to a sophisticated (often optimal) receiver to determine whether a transmission has taken place, and have addressed the question of what rate can information be communicated covertly. More recent investigations have begun to consider the change in covert rate when Willie has uncertainty about the physical layer environment. Here, we move up the protocol stack to consider the covert rate when Willie is watching the medium-access control (MAC) layer in a network employing a random access MAC such as slotted ALOHA. Based on the rate of collisions and potentially the number of users involved in those collisions, Willie attempts to determine whether unauthorized (covert) users are accessing the channel. In particular, we assume different levels of sophistication in Willie's receiver, ranging from a receiver that only can detect whether there was a collision or not, to one that can always tell exactly how many packets were on the channel in the random access system. In each case, we derive closed-form expressions for the achievable covert rates in the system. The achievable rates exhibit significantly different behavior than that observed in the study of covert systems at the physical layer.

With rapid advances in the fields of the Internet of Things and autonomous systems, the network security of cyber-physical systems(CPS) becomes more and more important. This paper focuses on the real-time security evaluation for unmanned aircraft systems which are cyber-physical systems relying on information communication and control system to achieve autonomous decision making. Our problem formulation is motivated by scenarios involving autonomous unmanned aerial vehicles(UAVs) working continuously under data-driven attacks when in an open, uncertain, and even hostile environment. Firstly, we investigated the state estimation method in CPS integrated with data-driven attacks model, and then proposed a real-time security scoring algorithm to evaluate the security condition of unmanned aircraft systems under different threat patterns, considering the vulnerability of the systems and consequences brought by data attacks. Our simulation in a UAV illustrated the efficiency and reliability of the algorithm.