Visible to the public Biblio

Filters: Keyword is threat mitigation  [Clear All Filters]
2022-05-20
Zahra, Ayima, Asif, Muhammad, Nagra, Arfan Ali, Azeem, Muhammad, Gilani, Syed A..  2021.  Vulnerabilities and Security Threats for IoT in Transportation and Fleet Management. 2021 4th International Conference on Computing Information Sciences (ICCIS). :1–5.
The fields of transportation and fleet management have been evolving at a rapid pace and most of these changes are due to numerous incremental developments in the area. However, a comprehensive study that critically compares and contrasts all the existing techniques and methodologies in the area is still missing. This paper presents a comparative analysis of the vulnerabilities and security threats for IoT and their mitigation strategies in the context of transportation and fleet management. Moreover, we attempt to classify the existing strategies based on their underlying principles.
Choi, Changhee, Shin, Sunguk, Shin, Chanho.  2021.  Performance evaluation method of cyber attack behaviour forecasting based on mitigation. 2021 International Conference on Information and Communication Technology Convergence (ICTC). :13–15.
Recently, most of the processes are being computerized, due to the development of information and communication technology. In proportion to this, cyber-attacks are also increasing, and state-sponsored cyber-attacks are becoming a great threat to the country. These attacks are often composed of stages and proceed step-by-step, so for defense, it is necessary to predict the next action and perform appropriate mitigation. To this end, the paper proposes a mitigation-based performance evaluation method. We developed the new true positive which can have a value between 0 and 1 according to the mitigation. The experiment result and case studies show that the proposed method can effectively measure forecasting results under cyber security defense system.
Hasan, Raiful, Hasan, Ragib.  2021.  Towards a Threat Model and Security Analysis of Video Conferencing Systems. 2021 IEEE 18th Annual Consumer Communications Networking Conference (CCNC). :1–4.
Video Conferencing has emerged as a new paradigm of communication in the age of COVID-19 pandemic. This technology is allowing us to have real-time interaction during the social distancing era. Even before the current crisis, it was increasingly commonplace for organizations to adopt a video conferencing tool. As people adopt video conferencing tools and access data with potentially less secure equipment and connections, meetings are becoming a target to cyber attackers. Enforcing appropriate security and privacy settings prevents attackers from exploiting the system. To design the video conferencing system's security and privacy model, an exhaustive threat model must be adopted. Threat modeling is a process of optimizing security by identifying objectives, vulnerabilities, and defining the plan to mitigate or prevent potential threats to the system. In this paper, we use the widely accepted STRIDE threat modeling technique to identify all possible risks to video conferencing tools and suggest mitigation strategies for creating a safe and secure system.
Cotae, Paul, Reindorf, Nii Emil Alexander.  2021.  Using Counterfactual Regret Minimization and Monte Carlo Tree Search for Cybersecurity Threats. 2021 IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom). :1–6.
Mitigating cyber threats requires adequate understanding of the attacker characteristics in particular their patterns. Such knowledge is essential in addressing the defensive measures that mitigate the attack. If the attacker enters in the network system, the game tree model generates resources by to counter such threat. This is done by altering the parity in the next game tree iteration which yield an adequate response to counter it. If an attacker enters a network system, and a game tree models the resources he must interface with, then that game tree can be altered, by changing the parity on the next to last iteration. This paper analyzes the sequence of patterns based on incoming attacks. The detection of attacker’s pattern and subsequent changes in iterations to counter threat can be viewed as adequate resource or know how in cyber threat mitigations It was realized that changing the game tree of the hacker deprives the attacker of network resources and hence would represent a defensive measure against the attack; that is changing varying or understanding attacker paths, creates an effective defensive measure to protect the system against the incoming threats.. In this paper we analyze a unique combination of CFR and MCTS that attempts to detect the behavior of a hacker. Counterfactual Regret (CFR) is a game theory concept that helps identify patterns of attacks. The pattern recognition concept of Monte Carlo Tree Search (MCTS) is used in harmony with CFR in order to enhance the detection of attacks.
Phan, Cao-Thanh, Rahali, Mohamed, Morin, Cédric.  2021.  Threat detection and mitigation with MonB5G components in the aLTEr scenario. 2021 IEEE International Mediterranean Conference on Communications and Networking (MeditCom). :1–2.
This demo presents a new approach to detecting and countering the aLTEr attack by proactively searching for the threat and automatically remediating it. These processes leverage AI/ML techniques and the automation framework offered by the MonB5G architecture.
Chattopadhyay, Abhiroop, Valdes, Alfonso, Sauer, Peter W., Nuqui, Reynaldo.  2021.  A Localized Cyber Threat Mitigation Approach For Wide Area Control of FACTS. 2021 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm). :264–269.
We propose a localized oscillation amplitude monitoring (OAM) method for the mitigation of cyber threats directed at the wide area control (WAC) system used to coordinate control of Flexible AC Transmission Systems (FACTS) for power oscillation damping (POD) of active power flow on inter-area tie lines. The method involves monitoring the inter-area tie line active power oscillation amplitude over a sliding window. We use system instability - inferred from oscillation amplitudes growing instead of damping - as evidence of an indication of a malfunction in the WAC of FACTS, possibly indicative of a cyber attack. Monitoring the presence of such a growth allows us to determine whether any destabilizing behaviors appear after the WAC system engages to control the POD. If the WAC signal increases the oscillation amplitude over time, thereby diminishing the POD performance, the FACTS falls back to POD using local measurements. The proposed method does not require an expansive system-wide view of the network. We simulate replay, control integrity, and timing attacks for a test system and present results that demonstrate the performance of the OAM method for mitigation.
Sion, Laurens, Van Landuyt, Dimitri, Yskout, Koen, Verreydt, Stef, Joosen, Wouter.  2021.  Automated Threat Analysis and Management in a Continuous Integration Pipeline. 2021 IEEE Secure Development Conference (SecDev). :30–37.
Security and privacy threat modeling is commonly applied to systematically identify and address design-level security and privacy concerns in the early stages of architecture and design. Identifying and resolving these threats should remain a continuous concern during the development lifecycle. Especially with contemporary agile development practices, a single-shot upfront analysis becomes quickly outdated. Despite it being explicitly recommended by experts, existing threat modeling approaches focus largely on early development phases and provide limited support during later implementation phases.In this paper, we present an integrated threat analysis toolchain to support automated, continuous threat elicitation, assessment, and mitigation as part of a continuous integration pipeline in the GitLab DevOps platform. This type of automation allows for continuous attention to security and privacy threats during development at the level of individual commits, supports monitoring and managing the progress in addressing security and privacy threats over time, and enables more advanced and fine-grained analyses such as assessing the impact of proposed changes in different code branches or merge/pull requests by analyzing the changes to the threat model.
Chattopadhyay, Abhiroop, Valdes, Alfonso, Sauer, Peter W., Nuqui, Reynaldo.  2021.  A Cyber Threat Mitigation Approach For Wide Area Control of SVCs using Stability Monitoring. 2021 IEEE Madrid PowerTech. :1–6.
We propose a stability monitoring approach for the mitigation of cyber threats directed at the wide area control (WAC) system used for coordinated control of Flexible AC Transmission Systems (FACTS) used for power oscillation damping (POD) of active power flow on inter-area tie lines. The approach involves monitoring the modes of the active power oscillation on an inter-area tie line using the Matrix Pencil (MP) method. We use the stability characteristics of the observed modes as a proxy for the presence of destabilizing cyber threats. We monitor the system modes to determine whether any destabilizing modes appear after the WAC system engages to control the POD. If the WAC signal exacerbates the POD performance, the FACTS falls back to POD using local measurements. The proposed approach does not require an expansive system-wide view of the network. We simulate replay, control integrity, and timing attacks for a test system and present results that demonstrate the performance of the SM approach for mitigation.
2022-03-23
Chandavarkar, B. R., Shantanu, T K.  2021.  Sybil Attack Simulation and Mitigation in UnetStack. 2021 12th International Conference on Computing Communication and Networking Technologies (ICCCNT). :01—07.

Underwater networks have the potential to enable unexplored applications and to enhance our ability to observe and predict the ocean. Underwater acoustic sensor networks (UASNs) are often deployed in unprecedented and hostile waters and face many security threats. Applications based on UASNs such as coastal defense, pollution monitoring, assisted navigation to name a few, require secure communication. A new set of communication protocols and cooperative coordination algorithms have been proposed to enable collaborative monitoring tasks. However, such protocols overlook security as a key performance indicator. Spoofing, altering, or replaying routing information can affect the entire network, making UASN vulnerable to routing attacks such as selective forwarding, sinkhole attack, Sybil attack, acknowledgement spoofing and HELLO flood attack. The lack of security against such threats is startling if maintained that security is indeed an important requirement in many emerging civilian and military applications. In this work, we look at one of the most prevalent attacks among UASNs which is Sybill attack and discuss mitigation approaches for it. Then, feasibly implemented the attack in UnetStack3 to simulate real-life scenario.

2021-12-20
Masood, Arshad, Masood, Ammar.  2021.  A Taxonomy of Insider Threat in Isolated (Air-Gapped) Computer Networks. 2021 International Bhurban Conference on Applied Sciences and Technologies (IBCAST). :678–685.
Mitigation of dangers posed by authorized and trusted insiders to the organization is a challenging Cyber Security issue. Despite state-of-the-art cyber security practices, malicious insiders present serious threat for the enterprises due to their wider access to organizational resources (Physical, Cyber) and good knowledge of internal processes with potential vulnerabilities. The issue becomes particularly important for isolated (air-gapped) computer networks, normally used by security sensitive organizations such as government, research and development, critical infrastructure (e.g. power, nuclear), finance, and military. Such facilities are difficult to compromise from outside; however, are quite much prone to insider threats. Although many insider threat taxonomies exist for generic computer networks; yet, the existing taxonomies do not effectively address the issue of Insider Threat in isolated computer networks. Thereby, we have developed an insider threat taxonomy specific to isolated computer networks focusing on actions performed by the trusted individual(s), Our methodology is to identify limitations in existing taxonomies and map real world insider threat cases on proposed taxonomy. We argue that for successful attack in an isolated computer network, the attack must manifest in both Physical and Cyber world. The proposed taxonomy systematically classifies different aspects of the problem into separate dimensions and branches out these dimensions into further sub-categories without loss of general applicability. Our multi-dimensional hierarchical taxonomy provides comprehensive treatment of the insider threat problem in isolated computer networks; thus, improving situational awareness of the security analyst and helps in determining proper countermeasures against perceived threats. Although many insider threat taxonomies exist for generic computer networks; yet, the existing taxonomies do not effectively address the issue of Insider Threat in isolated computer networks. Thereby, we have developed an insider threat taxonomy specific to isolated computer networks focusing on actions performed by the trusted individual(s), Our methodology is to identify limitations in existing taxonomies and map real world insider threat cases on proposed taxonomy. We argue that for successful attack in an isolated computer network, the attack must manifest in both Physical and Cyber world. The proposed taxonomy systematically classifies different aspects of the problem into separate dimensions and branches out these dimensions into further sub-categories without loss of general applicability. Our multi-dimensional hierarchical taxonomy provides comprehensive treatment of the insider threat problem in isolated computer networks; thus, improving situational awareness of the security analyst and helps in determining proper countermeasures against perceived threats. The proposed taxonomy systematically classifies different aspects of the problem into separate dimensions and branches out these dimensions into further sub-categories without loss of general applicability. Our multi-dimensional hierarchical taxonomy provides comprehensive treatment of the insider threat problem in isolated computer networks; thus, improving situational awareness of the security analyst and helps in determining proper countermeasures against perceived threats.
2021-11-08
Ma, Rui, Basumallik, Sagnik, Eftekharnejad, Sara, Kong, Fanxin.  2020.  Recovery-based Model Predictive Control for Cascade Mitigation under Cyber-Physical Attacks. 2020 IEEE Texas Power and Energy Conference (TPEC). :1–6.
The ever-growing threats of cascading failures due to cyber-attacks pose a significant challenge to power grid security. A wrong system state estimate caused by a false data injection attack could lead to a wrong control actions and take the system into a more insecure operating condition. As a consequence, an attack-resilient failure mitigation strategy needs to be developed to correctly determine control actions to prevent the propagation of cascades. In this paper, a recovery-based model predictive control methodology is developed to eliminate power system component violations following coordinated cyber-physical attacks where physical attacks are masked by targeted false data injection attacks. Specifically, to address the problem of wrong system state estimation with compromised data, a developed methodology recovers the incorrect states from historical data rather than utilizing the tampered data, and thus allowing control centers to identify proper control actions. Additionally, instead of using a one-step method to optimize control actions, the recovery-based model predictive control methodology scheme incorporates the effect of controls over a finite time horizon and the attack detection delay to make appropriate control decisions. Case studies, performed on IEEE 30-bus and Illinois 200-bus systems, show that the developed recovery-based model predictive control methodology scheme is robust to coordinated attacks and efficient in mitigating cascades.
Dang, Quang Anh, Khondoker, Rahamatullah, Wong, Kelvin, Kamijo, Shunsuke.  2020.  Threat Analysis of an Autonomous Vehicle Architecture. 2020 2nd International Conference on Sustainable Technologies for Industry 4.0 (STI). :1–6.
Over recent years, we have seen a significant rise in popularity of autonomous vehicle. Several researches have shown the severity of security threats that autonomous vehicles face -for example, Miller and Valasek (2015) were able to remotely take complete control over a 2014 Jeep Cherokee in a so called "Jeephack" [1]. This paper analyses the threats that the Electrical and Electronic (E/E) architecture of an autonomous vehicle has to face and rank those threats by severity. To achieve this, the Microsoft's STRIDE threat analysis technique was applied and 13 threats were identified. These are sorted by their Common Vulnerability Scoring System (CVSS) scores. Potential mitigation methods are then suggested for the five topmost severe threats.
Rankothge, W.H., Randeniya, S M.N..  2020.  Identification and Mitigation Tool For Cross-Site Request Forgery (CSRF). 2020 IEEE 8th R10 Humanitarian Technology Conference (R10-HTC). :1–5.
Most organizations use web applications for sharing resources and communication via the internet and information security is one of the biggest concerns in most organizations. Web applications are becoming vulnerable to threats and malicious attacks every day, which lead to violation of confidentiality, integrity, and availability of information assets.We have proposed and implemented a new automated tool for the identification and mitigation of Cross-Site Request Forgery (CSRF) vulnerability. A secret token pattern based has been used in the automated tool, which applies effective security mechanism on PHP based web applications, without damaging the content and its functionalities, where the authenticated users can perform web activities securely.
Damasevicius, Robertas, Toldinas, Jevgenijus, Venckauskas, Algimantas, Grigaliunas, Sarunas, Morkevicius, Nerijus.  2020.  Technical Threat Intelligence Analytics: What and How to Visualize for Analytic Process. 2020 24th International Conference Electronics. :1–4.
Visual Analytics uses data visualization techniques for enabling compelling data analysis by engaging graphical and visual portrayal. In the domain of cybersecurity, convincing visual representation of data enables to ascertain valuable observations that allow the domain experts to construct efficient cyberattack mitigation strategies and provide useful decision support. We present a survey of visual analytics tools and methods in the domain of cybersecurity. We explore and discuss Technical Threat Intelligence visualization tools using the Five Question Method. We conclude the analysis of the works using Moody's Physics of Notations, and VIS4ML ontology as a methodological background of visual analytics process. We summarize our analysis as a high-level model of visual analytics for cybersecurity threat analysis.
Wilhjelm, Carl, Younis, Awad A..  2020.  A Threat Analysis Methodology for Security Requirements Elicitation in Machine Learning Based Systems. 2020 IEEE 20th International Conference on Software Quality, Reliability and Security Companion (QRS-C). :426–433.
Machine learning (ML) models are now a key component for many applications. However, machine learning based systems (MLBSs), those systems that incorporate them, have proven vulnerable to various new attacks as a result. Currently, there exists no systematic process for eliciting security requirements for MLBSs that incorporates the identification of adversarial machine learning (AML) threats with those of a traditional non-MLBS. In this research study, we explore the applicability of traditional threat modeling and existing attack libraries in addressing MLBS security in the requirements phase. Using an example MLBS, we examined the applicability of 1) DFD and STRIDE in enumerating AML threats; 2) Microsoft SDL AI/ML Bug Bar in ranking the impact of the identified threats; and 3) the Microsoft AML attack library in eliciting threat mitigations to MLBSs. Such a method has the potential to assist team members, even with only domain specific knowledge, to collaboratively mitigate MLBS threats.
Abbas, Syed Ghazanfar, Zahid, Shahzaib, Hussain, Faisal, Shah, Ghalib A., Husnain, Muhammad.  2020.  A Threat Modelling Approach to Analyze and Mitigate Botnet Attacks in Smart Home Use Case. 2020 IEEE 14th International Conference on Big Data Science and Engineering (BigDataSE). :122–129.
Despite the surging development and utilization of IoT devices, the security of IoT devices is still in infancy. The security pitfalls of IoT devices have made it easy for hackers to take over IoT devices and use them for malicious activities like botnet attacks. With the rampant emergence of IoT devices, botnet attacks are surging. The botnet attacks are not only catastrophic for IoT device users but also for the rest of the world. Therefore, there is a crucial need to identify and mitigate the possible threats in IoT devices during the design phase. Threat modelling is a technique that is used to identify the threats in the earlier stages of the system design activity. In this paper, we propose a threat modelling approach to analyze and mitigate the botnet attacks in an IoT smart home use case. The proposed methodology identifies the development-level and application-level threats in smart home use case using STRIDE and VAST threat modelling methods. Moreover, we reticulate the identified threats with botnet attacks. Finally, we propose the mitigation techniques for all identified threats including the botnet threats.
2021-09-07
Zebari, Rizgar R., Zeebaree, Subhi R. M., Sallow, Amira Bibo, Shukur, Hanan M., Ahmad, Omar M., Jacksi, Karwan.  2020.  Distributed Denial of Service Attack Mitigation Using High Availability Proxy and Network Load Balancing. 2020 International Conference on Advanced Science and Engineering (ICOASE). :174–179.
Nowadays, cybersecurity threat is a big challenge to all organizations that present their services over the Internet. Distributed Denial of Service (DDoS) attack is the most effective and used attack and seriously affects the quality of service of each E-organization. Hence, mitigation this type of attack is considered a persistent need. In this paper, we used Network Load Balancing (NLB) and High Availability Proxy (HAProxy) as mitigation techniques. The NLB is used in the Windows platform and HAProxy in the Linux platform. Moreover, Internet Information Service (IIS) 10.0 is implemented on Windows server 2016 and Apache 2 on Linux Ubuntu 16.04 as web servers. We evaluated each load balancer efficiency in mitigating synchronize (SYN) DDoS attack on each platform separately. The evaluation process is accomplished in a real network and average response time and average CPU are utilized as metrics. The results illustrated that the NLB in the Windows platform achieved better performance in mitigation SYN DDOS compared to HAProxy in the Linux platform. Whereas, the average response time of the Window webservers is reduced with NLB. However, the impact of the SYN DDoS on the average CPU usage of the IIS 10.0 webservers was more than those of the Apache 2 webservers.
Jonker, Mattijs, Sperotto, Anna, Pras, Aiko.  2020.  DDoS Mitigation: A Measurement-Based Approach. NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium. :1–6.
Society heavily relies upon the Internet for global communications. Simultaneously, Internet stability and reliability are continuously subject to deliberate threats. These threats include (Distributed) Denial-of-Service (DDoS) attacks, which can potentially be devastating. As a result of DDoS, businesses lose hundreds of millions of dollars annually. Moreover, when it comes to vital infrastructure, national safety and even lives could be at stake. Effective defenses are therefore an absolute necessity. Prospective users of readily available mitigation solutions find themselves having many shapes and sizes to choose from, the right fit of which may, however, not always be apparent. In addition, the deployment and operation of mitigation solutions may come with hidden hazards that need to be better understood. Policy makers and governments also find themselves facing questions concerning what needs to be done to promote cybersafety on a national level. Developing an optimal course of action to deal with DDoS, therefore, also brings about societal challenges. Even though the DDoS problem is by no means new, the scale of the problem is still unclear. We do not know exactly what it is we are defending against and getting a better understanding of attacks is essential to addressing the problem head-on. To advance situational awareness, many technical and societal challenges need still to be tackled. Given the central importance of better understanding the DDoS problem to improve overall Internet security, the thesis that we summarize in this paper has three main contributions. First, we rigorously characterize attacks and attacked targets at scale. Second, we advance knowledge about the Internet-wide adoption, deployment and operational use of various mitigation solutions. Finally, we investigate hidden hazards that can render mitigation solutions altogether ineffective.
2021-03-04
Hajizadeh, M., Afraz, N., Ruffini, M., Bauschert, T..  2020.  Collaborative Cyber Attack Defense in SDN Networks using Blockchain Technology. 2020 6th IEEE Conference on Network Softwarization (NetSoft). :487—492.

The legacy security defense mechanisms cannot resist where emerging sophisticated threats such as zero-day and malware campaigns have profoundly changed the dimensions of cyber-attacks. Recent studies indicate that cyber threat intelligence plays a crucial role in implementing proactive defense operations. It provides a knowledge-sharing platform that not only increases security awareness and readiness but also enables the collaborative defense to diminish the effectiveness of potential attacks. In this paper, we propose a secure distributed model to facilitate cyber threat intelligence sharing among diverse participants. The proposed model uses blockchain technology to assure tamper-proof record-keeping and smart contracts to guarantee immutable logic. We use an open-source permissioned blockchain platform, Hyperledger Fabric, to implement the blockchain application. We also utilize the flexibility and management capabilities of Software-Defined Networking to be integrated with the proposed sharing platform to enhance defense perspectives against threats in the system. In the end, collaborative DDoS attack mitigation is taken as a case study to demonstrate our approach.

2021-01-22
Akbari, I., Tahoun, E., Salahuddin, M. A., Limam, N., Boutaba, R..  2020.  ATMoS: Autonomous Threat Mitigation in SDN using Reinforcement Learning. NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium. :1—9.
Machine Learning has revolutionized many fields of computer science. Reinforcement Learning (RL), in particular, stands out as a solution to sequential decision making problems. With the growing complexity of computer networks in the face of new emerging technologies, such as the Internet of Things and the growing complexity of threat vectors, there is a dire need for autonomous network systems. RL is a viable solution for achieving this autonomy. Software-defined Networking (SDN) provides a global network view and programmability of network behaviour, which can be employed for security management. Previous works in RL-based threat mitigation have mostly focused on very specific problems, mostly non-sequential, with ad-hoc solutions. In this paper, we propose ATMoS, a general framework designed to facilitate the rapid design of RL applications for network security management using SDN. We evaluate our framework for implementing RL applications for threat mitigation, by showcasing the use of ATMoS with a Neural Fitted Q-learning agent to mitigate an Advanced Persistent Threat. We present the RL model's convergence results showing the feasibility of our solution for active threat mitigation.
2020-02-26
Sanjeetha, R., Benoor, Pallavi, Kanavalli, Anita.  2019.  Mitigation of DDoS Attacks in Software Defined Networks at Application Level. 2019 PhD Colloquium on Ethically Driven Innovation and Technology for Society (PhD EDITS). :1–3.

Software-Defined Network's (SDN) core working depends on the centralized controller which implements the control plane. With the help of this controller, security threats like Distributed Denial of Service (DDoS) attacks can be identified easily. A DDoS attack is usually instigated on servers by sending a huge amount of unwanted traffic that exhausts its resources, denying their services to genuine users. Earlier research work has been carried out to mitigate DDoS attacks at the switch and the host level. Mitigation at switch level involves identifying the switch which sends a lot of unwanted traffic in the network and blocking it from the network. But this solution is not feasible as it will also block genuine hosts connected to that switch. Later mitigation at the host level was introduced wherein the compromised hosts were identified and blocked thereby allowing genuine hosts to send their traffic in the network. Though this solution is feasible, it will block the traffic from the genuine applications of the compromised host as well. In this paper, we propose a new way to identify and mitigate the DDoS attack at the application level so that only the application generating the DDoS traffic is blocked and other genuine applications are allowed to send traffic in the network normally.

Belehaki, Anna, Galkin, Ivan, Borries, Claudia, Pintor, Pedro, Altadill, David, Sanz, Jaume, Juan, J. Miguel, Buresova, Dalia, Verhulst, Tobias, Mielich, Jens et al..  2019.  TechTIDE: Warning and Mitigation Technologies for Travelling Ionospheric Disturbances Effects. 2019 URSI Asia-Pacific Radio Science Conference (AP-RASC). :1–1.

Travelling Ionospheric Disturbances (TIDs) are ionospheric manifestations of internal atmospheric gravity waves (AGW) in the neutral atmosphere driven by near-Earth space dynamics and by lower atmosphere phenomena. They constitute a threat for operational systems such as precise navigation (e.g., EGNOS and NRTK) and high frequency geolocation as they can impose disturbances with amplitudes of up to 20% of the ambient electron density, and Doppler frequency shifts of the order of 0.5 Hz on HF signals. The Horizon 2020 Project TechTIDE (http://techtide.space.noa.gr/) funded by the European Commission aims at designing and testing new viable TID impact mitigation strategies for the technologies affected by developing a system able to calculate in real-time the main TID characteristics (velocity, amplitude, propagation drection), to realistically specify background ionospheric conditions and to specify those ionospheric characteristics whose perturbation, because of TIDs, cause the impact in each specific technology. The TechTIDE system will contribute new understanding of the physical processes resulting in the formation of TIDs, and will consequently help to identify the drivers in the interplanetary medium, the magnetosphere and the atmosphere. This paper will provide a description of the instrumentation involved and outline the project methodologies for the identification and tracking of TIDs based on the exploitation of real-time observations from networks of Digisonde, GNSS receivers and Continuous Doppler Sounding Systems.

Crouch, Alfred L, Ley, Adam W.  2019.  A Role for Embedded Instrumentation in Real-Time Hardware Assurance and Online Monitoring against Cybersecurity Threats. 2019 IEEE AUTOTESTCON. :1–9.

Jeopardy to cybersecurity threats in electronic systems is persistent and growing. Such threats present in hardware, by means such as Trojans and counterfeits, and in software, by means such as viruses and other malware. Against such threats, we propose a range of embedded instruments that are capable of real-time hardware assurance and online monitoring.

Vlachokostas, Alex, Prousalidis, John, Spathis, Dimosthenis, Nikitas, Mike, Kourmpelis, Theo, Dallas, Stefanos, Soghomonian, Zareh, Georgiou, Vassilis.  2019.  Ship-to-Grid Integration: Environmental Mitigation and Critical Infrastructure Resilience. 2019 IEEE Electric Ship Technologies Symposium (ESTS). :542–547.

The United States and European Union have an increasing number of projects that are engaging end-use devices for improved grid capabilities. Areas such as building-to-grid and vehicle-to-grid are simple examples of these advanced capabilities. In this paper, we present an innovative concept study for a ship-to-grid integration. The goal of this study is to simulate a two-way power flow between ship(s) and the grid with GridLAB-D for the port of Kyllini in Greece, where a ship-to-shore interconnection was recently implemented. Extending this further, we explore: (a) the ability of ships to meet their load demand needs, while at berth, by being supplied with energy from the electric grid and thus powering off their diesel engines; and (b) the ability of ships to provide power to critical loads onshore. As a result, the ship-to-grid integration helps (a) mitigate environmental pollutants from the ships' diesel engines and (b) provide resilience to nearby communities during a power disruption due to natural disasters or man-made threats.

Tuan, Nguyen Ngoc, Hung, Pham Huy, Nghia, Nguyen Danh, Van Tho, Nguyen, Phan, Trung V., Thanh, Nguyen Huu.  2019.  A Robust TCP-SYN Flood Mitigation Scheme Using Machine Learning Based on SDN. 2019 International Conference on Information and Communication Technology Convergence (ICTC). :363–368.

Keeping Internet users safe from attacks and other threats is one of the biggest security challenges nowadays. Distributed Denial of Service (DDoS) [1] is one of the most common attacks. DDoS makes the system stop working by resource overload. Software Define Networking (SDN) [2] has recently emerged as a new networking technology offering an unprecedented programmability that allows network operators to dynamically configure and manage their infrastructures. The flexible processing and centralized management of SDN controller allow flexibly deploying complex security algorithms and mitigation methods. In this paper, we propose a new TCP-SYN flood attack mitigation in SDN networks using machine learning. By using a testbed, we implement the proposed algorithms, evaluate their accuracy and address the trade-off between the accuracy and capacity of the security device. The results show that the algorithms can mitigate TCP-SYN Flood attack over 96.