Biblio

Found 902 results

Filters: Keyword is security of data  [Clear All Filters]
2017-03-13
Hlyne, C. N. N., Zavarsky, P., Butakov, S..  Submitted.  SCAP benchmark for Cisco router security configuration compliance. 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST). :270–276.
Information security management is time-consuming and error-prone. Apart from day-to-day operations, organizations need to comply with industrial regulations or government directives. Thus, organizations are looking for security tools to automate security management tasks and daily operations. Security Content Automation Protocol (SCAP) is a suite of specifications that help to automate security management tasks such as vulnerability measurement and policy compliance evaluation. SCAP benchmark provides detailed guidance on setting the security configuration of network devices, operating systems, and applications. Organizations can use SCAP benchmark to perform automated configuration compliance assessment on network devices, operating systems, and applications. This paper discusses SCAP benchmark components and the development of a SCAP benchmark for automating Cisco router security configuration compliance.
2020-02-26
Sokolov, S. A., Iliev, T. B., Stoyanov, I. S..  2019.  Analysis of Cybersecurity Threats in Cloud Applications Using Deep Learning Techniques. 2019 42nd International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO). :441–446.
In this paper we present techniques based on machine learning techniques on monitoring data for analysis of cybersecurity threats in cloud environments that incorporate enterprise applications from the fields of telecommunications and IoT. Cybersecurity is a term describing techniques for protecting computers, telecommunications equipment, applications, environments and data. In modern networks enormous volume of generated traffic can be observed. We propose several techniques such as Support Vector Machines, Neural networks and Deep Neural Networks in combination for analysis of monitoring data. An approach for combining classifier results based on performance weights is proposed. The proposed approach delivers promising results comparable to existing algorithms and is suitable for enterprise grade security applications.
2020-02-17
Rizk, Dominick, Rizk, Rodrigue, Hsu, Sonya.  2019.  Applied Layered-Security Model to IoMT. 2019 IEEE International Conference on Intelligence and Security Informatics (ISI). :227–227.
Nowadays, IoT has crossed all borders and become ubiquitous in everyday life. This emerging technology has a huge success in closing the gap between the digital and the real world. However, security and privacy become huge concerns especially in the medical field which prevent the healthcare industry from adopting it despite its benefits and potentials. This paper focuses on identifying potential security threats to the IoMT and presents the security mechanisms to remove any possible impediment from immune information security of IoMT. A summarized framework of the layered-security model is proposed followed by a specific assessment review of each layer.
Yin, Mingyong, Wang, Qixu, Cao, Mingsheng.  2019.  An Attack Vector Evaluation Method for Smart City Security Protection. 2019 International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob). :1–7.
In the network security risk assessment on critical information infrastructure of smart city, to describe attack vectors for predicting possible initial access is a challenging task. In this paper, an attack vector evaluation model based on weakness, path and action is proposed, and the formal representation and quantitative evaluation method are given. This method can support the assessment of attack vectors based on known and unknown weakness through combination of depend conditions. In addition, defense factors are also introduced, an attack vector evaluation model of integrated defense is proposed, and an application example of the model is given. The research work in this paper can provide a reference for the vulnerability assessment of attack vector.
2020-02-10
Nomura, Komei, Rikitake, Kenji, Matsumoto, Ryosuke.  2019.  Automatic Whitelist Generation for SQL Queries Using Web Application Tests. 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC). 2:465–470.
Stealing confidential information from a database has become a severe vulnerability issue for web applications. The attacks can be prevented by defining a whitelist of SQL queries issued by web applications and detecting queries not in list. For large-scale web applications, automated generation of the whitelist is conducted because manually defining numerous query patterns is impractical for developers. Conventional methods for automated generation are unable to detect attacks immediately because of the long time required for collecting legitimate queries. Moreover, they require application-specific implementations that reduce the versatility of the methods. As described herein, we propose a method to generate a whitelist automatically using queries issued during web application tests. Our proposed method uses the queries generated during application tests. It is independent of specific applications, which yields improved timeliness against attacks and versatility for multiple applications.
2020-02-24
Maunero, Nicoló, Prinetto, Paolo, Roascio, Gianluca.  2019.  CFI: Control Flow Integrity or Control Flow Interruption? 2019 IEEE East-West Design Test Symposium (EWDTS). :1–6.
Runtime memory vulnerabilities, especially present in widely used languages as C and C++, are exploited by attackers to corrupt code pointers and hijack the execution flow of a program running on a target system to force it to behave abnormally. This is the principle of modern Code Reuse Attacks (CRAs) and of famous attack paradigms as Return-Oriented Programming (ROP) and Jump-Oriented Programming (JOP), which have defeated the previous defenses against malicious code injection such as Data Execution Prevention (DEP). Control-Flow Integrity (CFI) is a promising approach to protect against such runtime attacks. Recently, many CFI solutions have been proposed, with both hardware and software implementations. But how can a defense based on complying with a graph calculated a priori efficiently deal with something unpredictable as exceptions and interrupt requests? The present paper focuses on this dichotomy by analysing some of the CFI-based defenses and showing how the unexpected trigger of an interrupt and the sudden execution of an Interrupt Service Routine (ISR) can circumvent them.
2020-02-17
Ganguly, Pallab, Nasipuri, Mita, Dutta, Sourav.  2019.  Challenges of the Existing Security Measures Deployed in the Smart Grid Framework. 2019 IEEE 7th International Conference on Smart Energy Grid Engineering (SEGE). :1–5.
Due to the rise of huge population in mankind and the large variety of upcoming utilization of power, the energy requirement has substantially increased. Smart Grid is a very important part of the Smart Cities initiative and is one of the crucial components in distribution and reconciliation of energy. Security of the smart grid infrastructure, which is an integral part of the smart grid framework, intended at transitioning the conventional power grid system into a robust, reliable, adaptable and intelligent energy utility, is an impending problem that needs to be arrested quickly. With the increasingly intensifying integration of smart devices in the smart grid infrastructure with other interconnected applications and the communication backbone is compelling both the energy users and the energy utilities to thoroughly look into the privacy and security issues of the smart grid. In this paper, we present challenges of the existing security mechanisms deployed in the smart grid framework and we tried to bring forward the unresolved problems that would highlight the security aspects of Smart Grid as a challenging area of research and development in the future.
2020-02-10
Zhang, Jiemin, Mao, Jian, Liu, Jinming, Tang, Zhi, Gu, Zhiling, Liu, Yongmei.  2019.  Cloud-based Multi-core Architecture against DNS Attacks. 2019 14th International Conference on Computer Science Education (ICCSE). :391–393.
The domain name resolution system provides support service for website visits as the basic service of the Internet. With the increase of DNS attacks, it has brought copious challenges to network security. The paper studies on the key defense technologies against DNS attacks based on the DNS principle. The multi-core customized to the DNS is adopted to analyze hardware kernel, while AI algorithms being realized for malicious flow cleaning and intelligent routing running on the cloud system established specifically for DNS. The designed DNS intelligent cloud system can provide high-efficiency domain name resolution in practice, while ensuring the network security.
2019-12-17
Li, Ming, Hawrylak, Peter, Hale, John.  2019.  Concurrency Strategies for Attack Graph Generation. 2019 2nd International Conference on Data Intelligence and Security (ICDIS). :174-179.
The network attack graph is a powerful tool for analyzing network security, but the generation of a large-scale graph is non-trivial. The main challenge is from the explosion of network state space, which greatly increases time and storage costs. In this paper, three parallel algorithms are proposed to generate scalable attack graphs. An OpenMP-based programming implementation is used to test their performance. Compared with the serial algorithm, the best performance from the proposed algorithms provides a 10X speedup.
2020-02-10
Naseem, Faraz, Babun, Leonardo, Kaygusuz, Cengiz, Moquin, S.J., Farnell, Chris, Mantooth, Alan, Uluagac, A. Selcuk.  2019.  CSPoweR-Watch: A Cyber-Resilient Residential Power Management System. 2019 International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData). :768–775.
Modern Energy Management Systems (EMS) are becoming increasingly complex in order to address the urgent issue of global energy consumption. These systems retrieve vital information from various Internet-connected resources in a smart grid to function effectively. However, relying on such resources results in them being susceptible to cyber attacks. Malicious actors can exploit the interconnections between the resources to perform nefarious tasks such as modifying critical firmware, sending bogus sensor data, or stealing sensitive information. To address this issue, we propose a novel framework that integrates PowerWatch, a solution that detects compromised devices in the smart grid with Cyber-secure Power Router (CSPR), a smart energy management system. The goal is to ascertain whether or not such a device has operated maliciously. To achieve this, PowerWatch utilizes a machine learning model that analyzes information from system and library call lists extracted from CSPR in order to detect malicious activity in the EMS. To test the efficacy of our framework, a number of unique attack scenarios were performed on a realistic testbed that comprises functional versions of CSPR and PowerWatch to monitor the electrical environment for suspicious activity. Our performance evaluation investigates the effectiveness of this first-of-its-kind merger and provides insight into the feasibility of developing future cybersecure EMS. The results of our experimental procedures yielded 100% accuracy for each of the attack scenarios. Finally, our implementation demonstrates that the integration of PowerWatch and CSPR is effective and yields minimal overhead to the EMS.
2019-10-02
Zhang, Y., Eisele, S., Dubey, A., Laszka, A., Srivastava, A. K..  2019.  Cyber-Physical Simulation Platform for Security Assessment of Transactive Energy Systems. 2019 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems (MSCPES). :1–6.
Transactive energy systems (TES) are emerging as a transformative solution for the problems that distribution system operators face due to an increase in the use of distributed energy resources and rapid growth in scalability of managing active distribution system (ADS). On the one hand, these changes pose a decentralized power system control problem, requiring strategic control to maintain reliability and resiliency for the community and for the utility. On the other hand, they require robust financial markets while allowing participation from diverse prosumers. To support the computing and flexibility requirements of TES while preserving privacy and security, distributed software platforms are required. In this paper, we enable the study and analysis of security concerns by developing Transactive Energy Security Simulation Testbed (TESST), a TES testbed for simulating various cyber attacks. In this work, the testbed is used for TES simulation with centralized clearing market, highlighting weaknesses in a centralized system. Additionally, we present a blockchain enabled decentralized market solution supported by distributed computing for TES, which on one hand can alleviate some of the problems that we identify, but on the other hand, may introduce newer issues. Future study of these differing paradigms is necessary and will continue as we develop our security simulation testbed.
2020-01-13
Kabiri, Peyman, Chavoshi, Mahdieh.  2019.  Destructive Attacks Detection and Response System for Physical Devices in Cyber-Physical Systems. 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). :1–6.
Nowadays, physical health of equipment controlled by Cyber-Physical Systems (CPS) is a significant concern. This paper reports a work, in which, a hardware is placed between Programmable Logic Controller (PLC) and the actuator as a solution. The proposed hardware operates in two conditions, i.e. passive and active. Operation of the proposed solution is based on the repetitive operational profile of the actuators. The normal operational profile of the actuator is fed to the protective hardware and is considered as the normal operating condition. In the normal operating condition, the middleware operates in its passive mode and simply monitors electronic signals passing between PLC and Actuator. In case of any malicious operation, the proposed hardware operates in its active mode and both slowly stops the actuator and sends an alert to SCADA server initiating execution of the actuator's emergency profile. Thus, the proposed hardware gains control over the actuator and prevents any physical damage on the operating devices. Two sample experiments are reported in which, results of implementing the proposed solution are reported and assessed. Results show that once the PLC sends incorrect data to actuator, the proposed hardware detects it as an anomaly. Therefore, it does not allow the PLC to send incorrect and unauthorized data pattern to its actuator. Significance of the paper is in introducing a solution to prevent destruction of physical devices apart from source or purpose of the encountered anomaly and apart from CPS functionality or PLC model and operation.
2020-02-10
Gao, Hongcan, Zhu, Jingwen, Liu, Lei, Xu, Jing, Wu, Yanfeng, Liu, Ao.  2019.  Detecting SQL Injection Attacks Using Grammar Pattern Recognition and Access Behavior Mining. 2019 IEEE International Conference on Energy Internet (ICEI). :493–498.
SQL injection attacks are a kind of the greatest security risks on Web applications. Much research has been done to detect SQL injection attacks by rule matching and syntax tree. However, due to the complexity and variety of SQL injection vulnerabilities, these approaches fail to detect unknown and variable SQL injection attacks. In this paper, we propose a model, ATTAR, to detect SQL injection attacks using grammar pattern recognition and access behavior mining. The most important idea of our model is to extract and analyze features of SQL injection attacks in Web access logs. To achieve this goal, we first extract and customize Web access log fields from Web applications. Then we design a grammar pattern recognizer and an access behavior miner to obtain the grammatical and behavioral features of SQL injection attacks, respectively. Finally, based on two feature sets, machine learning algorithms, e.g., Naive Bayesian, SVM, ID3, Random Forest, and K-means, are used to train and detect our model. We evaluated our model on these two feature sets, and the results show that the proposed model can effectively detect SQL injection attacks with lower false negative rate and false positive rate. In addition, comparing the accuracy of our model based on different algorithms, ID3 and Random Forest have a better ability to detect various kinds of SQL injection attacks.
Niu, Xiangyu, Li, Jiangnan, Sun, Jinyuan, Tomsovic, Kevin.  2019.  Dynamic Detection of False Data Injection Attack in Smart Grid using Deep Learning. 2019 IEEE Power Energy Society Innovative Smart Grid Technologies Conference (ISGT). :1–6.
Modern advances in sensor, computing, and communication technologies enable various smart grid applications. The heavy dependence on communication technology has highlighted the vulnerability of the electricity grid to false data injection (FDI) attacks that can bypass bad data detection mechanisms. Existing mitigation in the power system either focus on redundant measurements or protect a set of basic measurements. These methods make specific assumptions about FDI attacks, which are often restrictive and inadequate to deal with modern cyber threats. In the proposed approach, a deep learning based framework is used to detect injected data measurement. Our time-series anomaly detector adopts a Convolutional Neural Network (CNN) and a Long Short Term Memory (LSTM) network. To effectively estimate system variables, our approach observes both data measurements and network level features to jointly learn system states. The proposed system is tested on IEEE 39-bus system. Experimental analysis shows that the deep learning algorithm can identify anomalies which cannot be detected by traditional state estimation bad data detection.
2020-01-21
Caprolu, Maurantonio, Di Pietro, Roberto, Lombardi, Flavio, Raponi, Simone.  2019.  Edge Computing Perspectives: Architectures, Technologies, and Open Security Issues. 2019 IEEE International Conference on Edge Computing (EDGE). :116–123.
Edge and Fog Computing will be increasingly pervasive in the years to come due to the benefits they bring in many specific use-case scenarios over traditional Cloud Computing. Nevertheless, the security concerns Fog and Edge Computing bring in have not been fully considered and addressed so far, especially when considering the underlying technologies (e.g. virtualization) instrumental to reap the benefits of the adoption of the Edge paradigm. In particular, these virtualization technologies (i.e. Containers, Real Time Operating Systems, and Unikernels), are far from being adequately resilient and secure. Aiming at shedding some light on current technology limitations, and providing hints on future research security issues and technology development, in this paper we introduce the main technologies supporting the Edge paradigm, survey existing issues, introduce relevant scenarios, and discusses benefits and caveats of the different existing solutions in the above introduced scenarios. Finally, we provide a discussion on the current security issues in the introduced context, and strive to outline future research directions in both security and technology development in a number of Edge/Fog scenarios.
2020-02-24
Srivastava, Ankush, Ghosh, Prokash.  2019.  An Efficient Memory Zeroization Technique Under Side-Channel Attacks. 2019 32nd International Conference on VLSI Design and 2019 18th International Conference on Embedded Systems (VLSID). :76–81.
Protection of secured data content in volatile memories (processor caches, embedded RAMs etc) is essential in networking, wireless, automotive and other embedded secure applications. It is utmost important to protect secret data, like authentication credentials, cryptographic keys etc., stored over volatile memories which can be hacked during normal device operations. Several security attacks like cold boot, disclosure attack, data remanence, physical attack, cache attack etc. can extract the cryptographic keys or secure data from volatile memories of the system. The content protection of memory is typically done by assuring data deletion in minimum possible time to minimize data remanence effects. In today's state-of-the-art SoCs, dedicated hardwares are used to functionally erase the private memory contents in case of security violations. This paper, in general, proposes a novel approach of using existing memory built-in-self-test (MBIST) hardware to zeroize (initialize memory to all zeros) on-chip memory contents before it is being hacked either through different side channels or secuirty attacks. Our results show that the proposed MBIST based content zeroization approach is substantially faster than conventional techniques. By adopting the proposed approach, functional hardware requirement for memory zeroization can be waived.
2020-02-17
Aranha, Helder, Masi, Massimiliano, Pavleska, Tanja, Sellitto, Giovanni Paolo.  2019.  Enabling Security-by-Design in Smart Grids: An Architecture-Based Approach. 2019 15th European Dependable Computing Conference (EDCC). :177–179.
Energy Distribution Grids are considered critical infrastructure, hence the Distribution System Operators (DSOs) have developed sophisticated engineering practices to improve their resilience. Over the last years, due to the "Smart Grid" evolution, this infrastructure has become a distributed system where prosumers (the consumers who produce and share surplus energy through the grid) can plug in distributed energy resources (DERs) and manage a bi-directional flow of data and power enabled by an advanced IT and control infrastructure. This introduces new challenges, as the prosumers possess neither the skills nor the knowledge to assess the risk or secure the environment from cyber-threats. We propose a simple and usable approach based on the Reference Model of Information Assurance & Security (RMIAS), to support the prosumers in the selection of cybesecurity measures. The purpose is to reduce the risk of being directly targeted and to establish collective responsibility among prosumers as grid gatekeepers. The framework moves from a simple risk analysis based on security goals to providing guidelines for the users for adoption of adequate security countermeasures. One of the greatest advantages of the approach is that it does not constrain the user to a specific threat model.
2020-02-10
Abdul Raman, Razman Hakim.  2019.  Enhanced Automated-Scripting Method for Improved Management of SQL Injection Penetration Tests on a Large Scale. 2019 IEEE 9th Symposium on Computer Applications Industrial Electronics (ISCAIE). :259–266.
Typically, in an assessment project for a web application or database with a large scale and scope, tasks required to be performed by a security analyst are such as SQL injection and penetration testing. To carry out these large-scale tasks, the analyst will have to perform 100 or more SQLi penetration tests on one or more target. This makes the process much more complex and much harder to implement. This paper attempts to compare large-scale SQL injections performed with Manual Methods, which is the benchmark, and the proposed SQLiAutoScript Method. The SQLiAutoScript method uses sqlmap as a tool, in combination with sqlmap scripting and logging features, to facilitate a more effective and manageable approach within a large scale of hundreds or thousands of SQL injection penetration tests. Comparison of the test results for both Manual and SQLiAutoScript approaches and their benefits is included in the comparative analysis. The tests were performed over a scope of 24 SQL injection (SQLi) tests that comprises over 100,000 HTTP requests and injections, and within a total testing run-time period of about 50 hours. The scope of testing also covers both SQLiAutoScript and Manual methods. In the SQLiAutoScript method, each SQL injection test has its own sub-folder and files for data such as results (output), progress (traffic logs) and logging. In this way across all SQLi tests, the results, data and details related to SQLi tests are logged, available, traceable, accurate and not missed out. Available and traceable data also facilitates traceability of failed SQLi tests, and higher recovery and reruns of failed SQLi tests to maximize increased attack surface upon the target.
2020-02-17
Moquin, S. J., Kim, SangYun, Blair, Nicholas, Farnell, Chris, Di, Jia, Mantooth, H. Alan.  2019.  Enhanced Uptime and Firmware Cybersecurity for Grid-Connected Power Electronics. 2019 IEEE CyberPELS (CyberPELS). :1–6.
A distributed energy resource prototype is used to show cybersecurity best practices. These best practices include straightforward security techniques, such as encrypted serial communication. The best practices include more sophisticated security techniques, such as a method to evaluate and respond to firmware integrity at run-time. The prototype uses embedded Linux, a hardware-assisted monitor, one or more digital signal processors, and grid-connected power electronics. Security features to protect communication, firmware, power flow, and hardware are developed. The firmware run-time integrity security is presently evaluated, and shown to maintain power electronics uptime during firmware updating. The firmware run-time security feature can be extended to allow software rejuvenation, multi-mission controls, and greater flexibility and security in controls.
Eckhart, Matthias, Ekelhart, Andreas, Weippl, Edgar.  2019.  Enhancing Cyber Situational Awareness for Cyber-Physical Systems through Digital Twins. 2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA). :1222–1225.
Operators of cyber-physical systems (CPSs) need to maintain awareness of the cyber situation in order to be able to adequately address potential issues in a timely manner. For instance, detecting early symptoms of cyber attacks may speed up the incident response process and mitigate consequences of attacks (e.g., business interruption, safety hazards). However, attaining a full understanding of the cyber situation may be challenging, given the complexity of CPSs and the ever-changing threat landscape. In particular, CPSs typically need to be continuously operational, may be sensitive to active scanning, and often provide only limited in-depth analysis capabilities. To address these challenges, we propose to utilize the concept of digital twins for enhancing cyber situational awareness. Digital twins, i.e., virtual replicas of systems, can run in parallel to their physical counterparts and allow deep inspection of their behavior without the risk of disrupting operational technology services. This paper reports our work in progress to develop a cyber situational awareness framework based on digital twins that provides a profound, holistic, and current view on the cyber situation that CPSs are in. More specifically, we present a prototype that provides real-time visualization features (i.e., system topology, program variables of devices) and enables a thorough, repeatable investigation process on a logic and network level. A brief explanation of technological use cases and outlook on future development efforts completes this work.
2020-01-02
Shabanov, Boris, Sotnikov, Alexander, Palyukh, Boris, Vetrov, Alexander, Alexandrova, Darya.  2019.  Expert System for Managing Policy of Technological Security in Uncertainty Conditions: Architectural, Algorithmic, and Computing Aspects. 2019 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). :1716–1721.
The paper discusses the architectural, algorithmic and computing aspects of creating and operating a class of expert system for managing technological safety of an enterprise, in conditions of a large flow of diagnostic variables. The algorithm for finding a faulty technological chain uses expert information, formed as a set of evidence on the influence of diagnostic variables on the correctness of the technological process. Using the Dempster-Schafer trust function allows determining the overall probability measure on subsets of faulty process chains. To combine different evidence, the orthogonal sums of the base probabilities determined for each evidence are calculated. The procedure described above is converted into the rules of the knowledge base production. The description of the developed prototype of the expert system, its architecture, algorithmic and software is given. The functionality of the expert system and configuration tools for a specific type of production are under discussion.
2020-02-17
Pérez García, Julio César, Ortiz Guerra, Erik, Barriquello, Carlos Henrique, Dalla Costa, Marco Antônio, Reguera, Vitalio Alfonso.  2019.  Faster-Than-Nyquist Signaling for Physical Layer Security on Wireless Smart Grid. 2019 IEEE PES Innovative Smart Grid Technologies Conference - Latin America (ISGT Latin America). :1–6.
Wireless networks offer great flexibility and ease of deployment for the rapid implementation of smart grids. However, these data network technologies are prone to security issues. Especially, the risk of eavesdropping attacks increases due to the inherent characteristics of the wireless medium. In this context, physical layer security can augment secrecy through appropriate coding and signal processing. In this paper we consider the use of faster-than-Nyquist signaling to introduce artificial noise in the wireless network segment of the smart grid; with the aim of reinforce the information security at the physical layer. The results show that the proposed scheme can significantly improves the secrecy rate of the channel. Guaranteeing, in coexistence with other security mechanisms and despite the presence of potential eavesdroppers, a reliable and secure flow of information for smart grids.
2020-02-24
De, Asmit, Basu, Aditya, Ghosh, Swaroop, Jaeger, Trent.  2019.  FIXER: Flow Integrity Extensions for Embedded RISC-V. 2019 Design, Automation Test in Europe Conference Exhibition (DATE). :348–353.
With the recent proliferation of Internet of Things (IoT) and embedded devices, there is a growing need to develop a security framework to protect such devices. RISC-V is a promising open source architecture that targets low-power embedded devices and SoCs. However, there is a dearth of practical and low-overhead security solutions in the RISC-V architecture. Programs compiled using RISC-V toolchains are still vulnerable to code injection and code reuse attacks such as buffer overflow and return-oriented programming (ROP). In this paper, we propose FIXER, a hardware implemented security extension to RISC-V that provides a defense mechanism against such attacks. FIXER enforces fine-grained control-flow integrity (CFI) of running programs on backward edges (returns) and forward edges (calls) without requiring any architectural modifications to the RISC-V processor core. We implement FIXER on RocketChip, a RISC-V SoC platform, by leveraging the integrated Rocket Custom Coprocessor (RoCC) to detect and prevent attacks. Compared to existing software based solutions, FIXER reduces energy overhead by 60% at minimal execution time (1.5%) and area (2.9%) overheads.
2020-02-10
Singh, Neeraj Kumar, Mahajan, Vasundhara.  2019.  Fuzzy Logic for Reducing Data Loss during Cyber Intrusion in Smart Grid Wireless Network. 2019 IEEE Student Conference on Research and Development (SCOReD). :192–197.
Smart grid consists of smart devices to control, record and analyze the grid power flow. All these devices belong to the latest technology, which is used to interact through the wireless network making the grid communication network vulnerable to cyber attack. This paper deals with a novel approach using altering the Internet Protocol (IP) address of the smart grid communication network using fuzzy logic according to the degree of node. Through graph theory approach Wireless Communication Network (WCN) is designed by considering each node of the system as a smart sensor. In this each node communicates with other nearby nodes for exchange of data. Whenever there is cyber intrusion the WCN change its IP using proposed fuzzy rules, where higher degree nodes are given the preference to change first with extreme IP available in the system. Using the proposed algorithm, different IEEE test systems are simulated and compared with existing Dynamic Host Configuration Protocol (DHCP). The fuzzy logic approach reduces the data loss and improves the system response time.
2020-02-17
Rodriguez, Ariel, Okamura, Koji.  2019.  Generating Real Time Cyber Situational Awareness Information Through Social Media Data Mining. 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC). 2:502–507.
With the rise of the internet many new data sources have emerged that can be used to help us gain insights into the cyber threat landscape and can allow us to better prepare for cyber attacks before they happen. With this in mind, we present an end to end real time cyber situational awareness system which aims to efficiently retrieve security relevant information from the social networking site Twitter.com. This system classifies and aggregates the data retrieved and provides real time cyber situational awareness information based on sentiment analysis and data analytics techniques. This research will assist security analysts to evaluate the level of cyber risk in their organization and proactively take actions to plan and prepare for potential attacks before they happen as well as contribute to the field through a cybersecurity tweet dataset.