Biblio

As the Internet of Things (IoT) era raise, billions of additional connected devices in new locations and applications will create new challenges. Security and privacy are among the major challenges in IoT as any breaches and misuse in those aspects will have the adverse impact on users. Among many factors that determine the security of any system, human factor is the most important aspect to be considered; as it is renowned that human is the weakest link in the information security cycle. Experts express the need to increase cyber resilience culture and a focus on the human factors involved in cybersecurity to counter cyber risks. The aim of this study is to propose a conceptual model to improve cyber resilience in IoT users that is adapted from a model in public health sector. Cyber resilience is improved through promoting security behavior by gathering the existing knowledge and gain understanding about every contributing aspects. The proposed approach is expected to be used as foundation for government, especially in Indonesia, to derive strategies in improving cyber resilience of IoT users.

Modern power systems today are protected and controlled increasingly by embedded systems of computing technologies with a great degree of collaboration enabled by communication. Energy cyber-physical systems such as power systems infrastructures are increasingly vulnerable to cyber-attacks on the protection and control layer. We present a method of securing protective relays from malicious change in protective relay settings via collaboration of devices. Each device checks the proposed setting changes of its neighboring devices for consistency and coordination with its own settings using setting rules based on relay coordination principles. The method is enabled via peer-to-peer communication between IEDs. It is validated in a cyber-physical test bed containing a real time digital simulator and actual relays that communicate via IEC 61850 GOOSE messages. Test results showed improvement in cyber physical security by using domain based rules to block malicious changes in protection settings caused by simulated cyber-attacks. The method promotes the use of defense systems that are aware of the physical systems which they are designed to secure.

This paper sheds light on the collaborative efforts in restoring cyber and physical subsystems of a modern power distribution system after the occurrence of an extreme weather event. The extensive cyber-physical interdependencies in the operation of power distribution systems are first introduced for investigating the functionality loss of each subsystem when the dependent subsystem suffers disruptions. A resilience index is then proposed for measuring the effectiveness of restoration activities in terms of restoration rapidity. After modeling operators' decision making for economic dispatch as a second-order cone programming problem, this paper proposes a heuristic approach for prioritizing the activities for restoring both cyber and physical subsystems. In particular, the proposed heuristic approach takes into consideration of cyber-physical interdependencies for improving the operation performance. Case studies are also conducted to validate the collaborative restoration model in the 33-bus power distribution system.

Concurrency vulnerabilities are extremely harmful and can be frequently exploited to launch severe attacks. Due to the non-determinism of multithreaded executions, it is very difficult to detect them. Recently, data race detectors and techniques based on maximal casual model have been applied to detect concurrency vulnerabilities. However, the former are ineffective and the latter report many false negatives. In this paper, we present CONVUL, an effective tool for concurrency vulnerability detection. CONVUL is based on exchangeable events, and adopts novel algorithms to detect three major kinds of concurrency vulnerabilities. In our experiments, CONVUL detected 9 of 10 known vulnerabilities, while other tools only detected at most 2 out of these 10 vulnerabilities. The 10 vulnerabilities are available at https://github.com/mryancai/ConVul.

Realizing the importance of the concept of “smart city” and its impact on the quality of life, many infrastructures, such as power plants, began their digital transformation process by leveraging modern computing and advanced communication technologies. Unfortunately, by increasing the number of connections, power plants become more and more vulnerable and also an attractive target for cyber-physical attacks. The analysis of interdependencies among system components reveals interdependent connections, and facilitates the identification of those among them that are in need of special protection. In this paper, we review the recent literature which utilizes graph-based models and network-based models to study these interdependencies. A comprehensive overview, based on the main features of the systems including communication direction, control parameters, research target, scalability, security and safety, is presented. We also assess the computational complexity associated with the approaches presented in the reviewed papers, and we use this metric to assess the scalability of the approaches.

In this paper, the cybersecurity of distributed secondary voltage control of AC microgrids is addressed. A resilient approach is proposed to mitigate the negative impacts of cyberthreats on the voltage and reactive power control of Distributed Energy Resources (DERs). The proposed secondary voltage control is inspired by the resilient flocking of a mobile robot team. This approach utilizes a virtual time-varying communication graph in which the quality of the communication links is virtualized and determined based on the synchronization behavior of DERs. The utilized control protocols on DERs ensure that the connectivity of the virtual communication graph is above a specific resilience threshold. Once the resilience threshold is satisfied the Weighted Mean Subsequence Reduced (WMSR) algorithm is applied to satisfy voltage restoration in the presence of malicious adversaries. A typical microgrid test system including 6 DERs is simulated to verify the validity of proposed resilient control approach.

In order to improve the accuracy of similarity, an improved collaborative filtering algorithm based on trust and information entropy is proposed in this paper. Firstly, the direct trust between the users is determined by the user's rating to explore the potential trust relationship of the users. The time decay function is introduced to realize the dynamic portrayal of the user's interest decays over time. Secondly, the direct trust and the indirect trust are combined to obtain the overall trust which is weighted with the Pearson similarity to obtain the trust similarity. Then, the information entropy theory is introduced to calculate the similarity based on weighted information entropy. At last, the trust similarity and the similarity based on weighted information entropy are weighted to obtain the similarity combing trust and information entropy which is used to predicted the rating of the target user and create the recommendation. The simulation shows that the improved algorithm has a higher accuracy of recommendation and can provide more accurate and reliable recommendation service.

In this paper, we propose a compositional scheme for the construction of abstractions for networks of control systems by using the interconnection matrix and joint dissipativity-type properties of subsystems and their abstractions. In the proposed framework, the abstraction, itself a control system (possibly with a lower dimension), can be used as a substitution of the original system in the controller design process. Moreover, we provide a procedure for constructing abstractions of a class of nonlinear control systems by using the bounds on the slope of system nonlinearities. We illustrate the proposed results on a network of linear control systems by constructing its abstraction in a compositional way without requiring any condition on the number or gains of the subsystems. We use the abstraction as a substitute to synthesize a controller enforcing a certain linear temporal logic specification. This example particularly elucidates the effectiveness of dissipativity-type compositional reasoning for large-scale systems.

We consider a compositional construction of approximate abstractions of interconnected control systems. In our framework, an abstraction acts as a substitute in the controller design process and is itself a continuous control system. The abstraction is related to the concrete control system via a so-called simulation function: a Lyapunov-like function, which is used to establish a quantitative bound between the behavior of the approximate abstraction and the concrete system. In the first part of the paper, we provide a small gain type condition that facilitates the compositional construction of an abstraction of an interconnected control system together with a simulation function from the abstractions and simulation functions of the individual subsystems. In the second part of the paper, we restrict our attention to linear control system and characterize simulation functions in terms of controlled invariant, externally stabilizable subspaces. Based on those characterizations, we propose a particular scheme to construct abstractions for linear control systems. We illustrate the compositional construction of an abstraction on an interconnected system consisting of four linear subsystems. We use the abstraction as a substitute to synthesize a controller to enforce a certain linear temporal logic specification.

Cross site scripting (XSS) attack is one of the attacks on the web. It brings session hijack with HTTP cookies, information collection with fake HTML input form and phishing with dummy sites. As a countermeasure of XSS attack, machine learning has attracted a lot of attention. There are existing researches in which SVM, Random Forest and SCW are used for the detection of the attack. However, in the researches, there are problems that the size of data set is too small or unbalanced, and that preprocessing method for vectorization of strings causes misclassification. The highest accuracy of the classification was 98% in existing researches. Therefore, in this paper, we improved the preprocessing method for vectorization by using word2vec to find the frequency of appearance and co-occurrence of the words in XSS attack scripts. Moreover, we also used a large data set to decrease the deviation of the data. Furthermore, we evaluated the classification results with two procedures. One is an inappropriate procedure which some researchers tend to select by mistake. The other is an appropriate procedure which can be applied to an attack detection filter in the real environment.

Cyber Physical Systems (CPS)-Internet of Things (IoT) enabled healthcare services and infrastructures improve human life, but are vulnerable to a variety of emerging cyber-attacks. Cybersecurity specialists are finding it hard to keep pace of the increasingly sophisticated attack methods. There is a critical need for innovative cognitive cybersecurity for CPS-IoT enabled healthcare ecosystem. This paper presents a cognitive cybersecurity framework for simulating the human cognitive behaviour to anticipate and respond to new and emerging cybersecurity and privacy threats to CPS-IoT and critical infrastructure systems. It includes the conceptualisation and description of a layered architecture which combines Artificial Intelligence, cognitive methods and innovative security mechanisms.

Securing wireless communication is significant for privacy and confidentiality of sensing data in Cyber-Physical Systems (CPS). However, due to broadcast nature of radio channels, disseminating sensory data is vulnerable to eavesdropping and message modification. Generating secret keys by extracting the shared randomness in a wireless fading channel is a promising way to improve the communication security. In this poster, we present a novel secret key generation protocol for securing real-time data dissemination in CPS, where the sensor nodes cooperatively generate a shared key by estimating the quantized fading channel randomness. A 2-hop wireless sensor network testbed is built and preliminary experimental results show that the quantization intervals and distance between the nodes lead to a secret bit mismatch.

Fog computing faces various security and privacy threats. Internet of Things (IoTs) devices have limited computing, storage, and other resources. They are vulnerable to attack by adversaries. Although the existing privacy-preserving solutions in fog computing can be migrated to address some privacy issues, specific privacy challenges still exist because of the unique features of fog computing, such as the decentralized and hierarchical infrastructure, mobility, location and content-aware applications. Unfortunately, privacy-preserving issues and resources in fog computing have not been systematically identified, especially the privacy preservation in multiple fog node communication with end users. In this paper, we propose a dynamic MDP-based privacy-preserving model in zero-sum game to identify the efficiency of the privacy loss and payoff changes to preserve sensitive content in a fog computing environment. First, we develop a new dynamic model with MDP-based comprehensive algorithms. Then, extensive experimental results identify the significance of the proposed model compared with others in more effectively and feasibly solving the discussed issues.

As a decentralized ledger technology, blockchain is considered to be a potential solution for applications with highly concentrated management mechanism. However, most of the existing blockchain networks are employed with the hash-puzzle-solving consensus protocol, known as proof-of-work. The competition of solving the puzzle introduces high latency, which directly leads to a long transaction-processing time. One solution of this dilemma is to establish a blockchain network with shards. In this paper, we focus on the blockchain network with shards and adopt the security-deposit based consensus protocol, studying the problem of how to balance the security incentive and the economic incentive. Also, the inherent features of the blockchain, i.e., anonymity and decentralization, introduce the information asymmetric issue between the beacon chain and the participants. The contract theory is utilized to formulate the problem between them. As such, the optimal rewards related to the different types of validators can be obtained, as well as the reasonable deposits accordingly. Compared with the fixed deposits, the flexible deposits can provide enough economic incentive for the participants without losing the security incentives. Besides, the simulation results demonstrate that the contract theory approach is capable of maximizing the beacon chain's utility and satisfying the incentive compatibility and individual rationality of the participants.

Blockchain is seen as a promising technology to provide reliable and secure services due to its decentralized characteristic. However, because of the limited throughput, current blockchain platforms can not meet the transaction demand in practical use. Though researchers proposed many new solutions, they suffered either decentralization or security issues. In this paper, using Directed Acyclic Graph (DAG) structure, we improve the linear structure of traditional blockchain protocol. In the new structure, blocks are organized in levels and width, which will generate into a compacted DAG structure (CoDAG). To make CoDAG more efficient and secure, we design algorithms and protocols to place the new-generated blocks appropriately. Compared with traditional blockchain protocols, CoDAG improves the security and transaction verification time, and enjoys the consistency and liveness properties of blockchain. Taking adversary parties into consideration, two possible attack strategies are presented in this paper, and we further prove that CoDAG is a secure and robust protocol to resist them. The experimental results show that CoDAG can achieve 394 transactions per second, which is 56 times of Bitcoin's throughput and 26 times of Ethereum's.

Automatic test systems designed to validate the performance of military and aerospace products have always been held to a higher standard; moreover, emerging threats to data security and instrumentation integrity continue to raise this bar. Engineers are faced with growing pressure to not only ensure that the unit under test (UUT) meets all design criteria, but that it remains safe from malicious attacks aimed at gaining access to test parameters or results, controlling of test sequences and functionality, downloading malware, or impacting functionality by way of counterfeit parts installed in instrumentation. This paper will delve into the cybersecurity issue from the perspective of the test development environment, including the use of test executives, and the challenges associated with minimizing impact to data integrity and access to control. An undetected data breach on military / aerospace automated test equipment (ATE) holds significance beyond just the test system, since mission critical electronics associated with avionics, radar, electronic warfare and missile assemblies must also be protected. One topic discussed will be the impact of adopting methods and procedures detailed in the Department of Defense's (DoD) Application Security Technical Implementation Guide, which is based on NIST documents and details how to manage and maintain a secure software-based system such as an ATE system. Another aspect of cybersecurity that is often overlooked in the world of commercial-off-the-shelf (COTS) instrumentation and switching systems is the potential impact on the UUT from substandard counterfeit parts and those embedded with malware. Concerns with counterfeit material can encompass a range of threats including the re-purposing of used parts and new knockoff parts with substandard operating characteristics represented and sold as new hardware. One of the most concerning aspects, parts intentionally infected with malware, can pose a significant risk to personnel and national security. We will discuss various strategies aimed at countering these threats, including the adoption of policies and procedures outlined in AS9100D and AS5553, which can mitigate these risks.

In this advanced era, it is important to keep up an abnormal state of security for online exchanges. Public Key cryptography assumes an indispensable job in the field of security. Rivest, Shamir and Adleman (RSA) algorithm is being utilized for quite a long time to give online security. RSA is considered as one of the famous Public Key cryptographic algorithm. Nevertheless, a few fruitful assaults are created to break this algorithm because of specific confinements accepted in its derivation. The algorithm's security is principally founded on the issue of factoring large number. If the process factorization is done then, at that point the entire algorithm can end up fragile. This paper presents a methodology which is more secure than RSA algorithm by doing some modifications in it. Public Key exponent n, which is termed as common modulus replaced by phony modulus to avoid the factorization attack and it is constructed by Mersenne prime numbers to provide more efficiency and security. Paper presents a comparative analysis of the proposed algorithm with the conventional RSA algorithm and Dual RSA.

This paper proposes new concepts for detecting and mitigating cyber attacks on substation automation systems by domain-based cyber-physical security solutions. The proposed methods form the basis of a distributed security domain layer that enables protection devices to collaboratively defend against cyber attacks at substations. The methods utilize protection coordination principles to cross check protection setting changes and can run real-time power system analysis to evaluate the impact of the control commands. The transient fault signature (TFS)-based cross-correlation coefficient algorithm has been proposed to detect the false sampled values data injection attack. The proposed functions were verified in a hardware-in-the-loop (HIL) simulation using commercial relays and a real-time digital simulator (RTDS). Various types of cyber intrusions are tested using this test bed to evaluate the consequences and impacts of cyber attacks to power grid as well as to validate the performance of the proposed research-grade cyber attack mitigation functions.

This paper investigates the effectiveness of reinforcement learning (RL) model in clustering as an approach to achieve higher network scalability in distributed cognitive radio networks. Specifically, it analyzes the effects of RL parameters, namely the learning rate and discount factor in a volatile environment, which consists of member nodes (or secondary users) that launch attacks with various probabilities of attack. The clusterhead, which resides in an operating region (environment) that is characterized by the probability of attacks, countermeasures the malicious SUs by leveraging on a RL model. Simulation results have shown that in a volatile operating environment, the RL model with learning rate α= 1 provides the highest network scalability when the probability of attacks ranges between 0.3 and 0.7, while the discount factor γ does not play a significant role in learning in an operating environment that is volatile due to attacks.

In a linear code, a code symbol with (r, δ)-locality can be repaired by accessing at most r other code symbols in case of at most δ - 1 erasures. A q-ary (n, k, r, δ) locally repairable codes (LRC) in which every code symbol has (r, δ)-locality is said to be optimal if it achieves the Singleton-like bound derived by Prakash et al.. In this paper, we study the classification of optimal ternary (n, k, r, δ)-LRCs (δ \textbackslashtextgreater 2). Firstly, we propose an upper bound on the minimum distance of optimal q-ary LRCs in terms of the field size. Then, we completely determine all the 6 classes of possible parameters with which optimal ternary (n, k, r, δ)-LRCs exist. Moreover, explicit constructions of all these 6 classes of optimal ternary LRCs are proposed in the paper.

As nuclear power plant Instrumentation and Control(I&C) systems have turned into digital systems, the possibility of cyber-attacks has increased. To protect the nuclear power plant from cyber-attacks, digital assets are classified and managed as critical digital assets which have safety, security and emergency preparedness functions. However, critical digital assets represent 70-80% of total digital assets, and applying and managing the same security control is inefficient. Therefore, this paper presents the criteria for identifying digital assets that are classified as vital digital assets that can directly affect the serious accidents of nuclear power plants.

We investigate an implementation of a compressive sampling (CS) stepped frequency ground penetrating radar. Due to the small number of targets, the B-scan is represented as a sparse image. Due to the nature of stepped frequency radar, smaller number of random frequencies can be used to obtain each A-scan (sparse delays). Also, the measurements obtained from different antenna positions can be reduced to a smaller number of random antenna positions. We also use the structure in the B-scan, i.e. the shape of the targets, which can be known, for instance, when detecting land mines. We demonstrate our method using radar data available from the Web from the land mine targets buried in the ground. We use group sparsity, i.e. we assume that the targets have some non-zero (and presumably known) dimension in the cross-range coordinate of the B-scan. For such targets, we also use the Markov chain model for the targets, where we simultaneously estimate the model parameters using the EMturboGAMP algorithm. Both approaches result in improved performance.

In this paper, we present a new Handover technique which combines Distribution Analysis Detector and Compressive Sampling Techniques. The proposed approach consists of analysing Received Signal probability density function instead of demodulating and analysing Received Signal itself as in classical handover. In this method we will exploit some mathematical tools like Kullback Leibler Distance, Akaike Information Criterion (AIC) and Akaike weights, in order to decide blindly the best handover and the best Base Station (BS) for each user. The Compressive Sampling algorithm is designed to take advantage from the primary signals sparsity and to keep the linearity and properties of the original signal in order to be able to apply Distribution Analysis Detector on the compressed measurements.

This article focuses on problems related to detection and prevention of botnet threats in private Internet of Things (IoT) networks. Actual data about IoT botnets activity on the Internet is provided in the paper. Results of analysis of widespread botnets, as well as key characteristics of botnet behavior and activity on IoT devices are also provided. Features of private IoT networks are determined. The paper provides architectural features as well as functioning principles of software systems for botnet prevention in private networks. Recommendations for process of interaction between such system and a user are suggested. Suggestions for future development of the approach are formulated.