Visible to the public Biblio

Found 1165 results

Filters: First Letter Of Last Name is S  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R [S] T U V W X Y Z   [Show ALL]
Sadu, A., Stevic, M., Wirtz, N., Monti, A..  2020.  A Stochastic Assessment of Attacks based on Continuous-Time Markov Chains. 2020 6th IEEE International Energy Conference (ENERGYCon). :11—16.

With the increasing interdependence of critical infrastructures, the probability of a specific infrastructure to experience a complex cyber-physical attack is increasing. Thus it is important to analyze the risk of an attack and the dynamics of its propagation in order to design and deploy appropriate countermeasures. The attack trees, commonly adopted to this aim, have inherent shortcomings in representing interdependent, concurrent and sequential attacks. To overcome this, the work presented here proposes a stochastic methodology using Petri Nets and Continuous Time Markov Chain (CTMC) to analyze the attacks, considering the individual attack occurrence probabilities and their stochastic propagation times. A procedure to convert a basic attack tree into an equivalent CTMC is presented. The proposed method is applied in a case study to calculate the different attack propagation characteristics. The characteristics are namely, the probability of reaching the root node & sub attack nodes, the mean time to reach the root node and the mean time spent in the sub attack nodes before reaching the root node. Additionally, the method quantifies the effectiveness of specific defenses in reducing the attack risk considering the efficiency of individual defenses.

Saeed, A., Garraghan, P., Craggs, B., Linden, D. v d, Rashid, A., Hussain, S. A..  2018.  A Cross-Virtual Machine Network Channel Attack via Mirroring and TAP Impersonation. 2018 IEEE 11th International Conference on Cloud Computing (CLOUD). :606–613.

Data privacy and security is a leading concern for providers and customers of cloud computing, where Virtual Machines (VMs) can co-reside within the same underlying physical machine. Side channel attacks within multi-tenant virtualized cloud environments are an established problem, where attackers are able to monitor and exfiltrate data from co-resident VMs. Virtualization services have attempted to mitigate such attacks by preventing VM-to-VM interference on shared hardware by providing logical resource isolation between co-located VMs via an internal virtual network. However, such approaches are also insecure, with attackers capable of performing network channel attacks which bypass mitigation strategies using vectors such as ARP Spoofing, TCP/IP steganography, and DNS poisoning. In this paper we identify a new vulnerability within the internal cloud virtual network, showing that through a combination of TAP impersonation and mirroring, a malicious VM can successfully redirect and monitor network traffic of VMs co-located within the same physical machine. We demonstrate the feasibility of this attack in a prominent cloud platform - OpenStack - under various security requirements and system conditions, and propose countermeasures for mitigation.

Saeed, Ahmed, Ahmadinia, Ali, Just, Mike.  2016.  Tag-Protector: An Effective and Dynamic Detection of Out-of-bound Memory Accesses. Proceedings of the Third Workshop on Cryptography and Security in Computing Systems. :31–36.

Programming languages permitting immediate memory accesses through pointers often result in applications having memory-related errors, which may lead to unpredictable failures and security vulnerabilities. A light-weight solution is presented in this paper to tackle such illegal memory accesses dynamically in C/C++ based applications. We propose a new and effective method of instrumenting an application's source code at compile time in order to detect out-of-bound memory accesses. It is based on creating tags, to be coupled with each memory allocation and then placing additional tag checking instructions for each access made to the memory. The proposed solution is evaluated by instrumenting applications from the BugBench benchmark suite and publicly available benchmark software, Runtime Intrusion Prevention Evaluator (RIPE), detecting all the bugs successfully. The performance and memory overhead is further analysed by instrumenting and executing real world applications.

Saeed, S., Mahendran, N., Zulehner, A., Wille, R., Karri, R..  2017.  Identifying Reversible Circuit Synthesis Approaches to Enable IP Piracy Attacks. 2017 IEEE International Conference on Computer Design (ICCD). :537–540.

Reversible circuits are vulnerable to intellectual property and integrated circuit piracy. To show these vulnerabilities, a detailed understanding on how to identify the function embedded in a reversible circuit is crucial. To obtain the embedded function, one needs to know the synthesis approach used to generate the reversible circuit in the first place. We present a machine learning based scheme to identify the synthesis approach using telltale signs in the design.

Saeed, S. M., Cui, X., Zulehner, A., Wille, R., Drechsler, R., Wu, K., Karri, R..  2018.  IC/IP Piracy Assessment of Reversible Logic. 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD). :1–8.
Reversible logic is a building block for adiabatic and quantum computing in addition to other applications. Since common functions are non-reversible, one needs to embed them into proper-size reversible functions by adding ancillary inputs and garbage outputs. We explore the Intellectual Property (IP) piracy of reversible circuits. The number of embeddings of regular functions in a reversible function and the percent of leaked ancillary inputs measure the difficulty of recovering the embedded function. To illustrate the key concepts, we study reversible logic circuits designed using reversible logic synthesis tools based on Binary Decision Diagrams and Quantum Multi-valued Decision Diagrams.
Safar, Jamie L., Tummala, Murali, McEachen, John C., Bollmann, Chad.  2019.  Modeling Worm Propagation and Insider Threat in Air-Gapped Network using Modified SEIQV Model. 2019 13th International Conference on Signal Processing and Communication Systems (ICSPCS). :1—6.
Computer worms pose a major threat to computer and communication networks due to the rapid speed at which they propagate. Biologically based epidemic models have been widely used to analyze the propagation of worms in computer networks. For an air-gapped network with an insider threat, we propose a modified Susceptible-Exposed-Infected-Quarantined-Vaccinated (SEIQV) model called the Susceptible-Exposed-Infected-Quarantined-Patched (SEIQP) model. We describe the assumptions that apply to this model, define a set of differential equations that characterize the system dynamics, and solve for the basic reproduction number. We then simulate and analyze the parameters controlled by the insider threat to determine where resources should be allocated to attain different objectives and results.
Saffar, Zahra, Mohammadi, Siamak.  2019.  Fault tolerant non-linear techniques for scalar multiplication in ECC. 2019 16th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC). :104–113.
Elliptic curve cryptography (ECC) has shorter key length than other asymmetric cryptography algorithms such as RSA with the same security level. Existing faults in cryptographic computations can cause faulty results. If a fault occurs during encryption, false information will be sent to the destination, in which case channel error detection codes are unable to detect the fault. In this paper, we consider the error detection in elliptic curve scalar multiplication point, which is the most important operation in ECC. Our technique is based on non-linear error detection codes. We consider an algorithm for scalar multiplication point proposed by Microsoft research group. The proposed technique in our methods has less overhead for additions (36.36%) and multiplications (34.84%) in total, compared to previous works. Also, the proposed method can detect almost 100% of injected faults.
Saganowski, S..  2020.  A Three-Stage Machine Learning Network Security Solution for Public Entities. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1097–1104.
In the era of universal digitization, ensuring network and data security is extremely important. As a part of the Regional Center for Cybersecurity initiative, a three-stage machine learning network security solution is being developed and will be deployed in March 2021. The solution consists of prevention, monitoring, and curation stages. As prevention, we utilize Natural Language Processing to extract the security-related information from social media, news portals, and darknet. A deep learning architecture is used to monitor the network in real-time and detect any abnormal traffic. A combination of regular expressions, pattern recognition, and heuristics are applied to the abuse reports to automatically identify intrusions that passed other security solutions. The lessons learned from the ongoing development of the system, alongside the results, extensive analysis, and discussion is provided. Additionally, a cybersecurity-related corpus is described and published within this work.
Sagisi, J., Tront, J., Bradley, R. M..  2017.  Platform agnostic, scalable, and unobtrusive FPGA network processor design of moving target defense over IPv6 (MT6D) over IEEE 802.3 Ethernet. 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). :165–165.

This work presents the proof of concept implementation for the first hardware-based design of Moving Target Defense over IPv6 (MT6D) in full Register Transfer Level (RTL) logic, with future sights on an embedded Application-Specified Integrated Circuit (ASIC) implementation. Contributions are an IEEE 802.3 Ethernet stream-based in-line network packet processor with a specialized Complex Instruction Set Computer (CISC) instruction set architecture, RTL-based Network Time Protocol v4 synchronization, and a modular crypto engine. Traditional static network addressing allows attackers the incredible advantage of taking time to plan and execute attacks against a network. To counter, MT6D provides a network host obfuscation technique that offers network-based keyed access to specific hosts without altering existing network infrastructure and is an excellent technique for protecting the Internet of Things, IPv6 over Low Power Wireless Personal Area Networks, and high value globally routable IPv6 interfaces. This is done by crypto-graphically altering IPv6 network addresses every few seconds in a synchronous manner at all endpoints. A border gateway device can be used to intercept select packets to unobtrusively perform this action. Software driven implementations have posed many challenges, namely, constant code maintenance to remain compliant with all library and kernel dependencies, the need for a host computing platform, and less than optimal throughput. This work seeks to overcome these challenges in a lightweight system to be developed for practical wide deployment.

Sagisi, J., Tront, J., Marchany, R..  2017.  System architectural design of a hardware engine for moving target IPv6 defense over IEEE 802.3 Ethernet. MILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM). :551–556.

The Department of Homeland Security Cyber Security Division (CSD) chose Moving Target Defense as one of the fourteen primary Technical Topic Areas pertinent to securing federal networks and the larger Internet. Moving Target Defense over IPv6 (MT6D) employs an obscuration technique offering keyed access to hosts at a network level without altering existing network infrastructure. This is accomplished through cryptographic dynamic addressing, whereby a new network address is bound to an interface every few seconds in a coordinated manner. The goal of this research is to produce a Register Transfer Level (RTL) network security processor implementation to enable the production of an Application Specific Integrated Circuit (ASIC) variant of MT6D processor for wide deployment. RTL development is challenging in that it must provide system level functions that are normally provided by the Operating System's kernel and supported libraries. This paper presents the architectural design of a hardware engine for MT6D (HE-MT6D) and is complete in simulation. Unique contributions are an inline stream-based network packet processor with a Complex Instruction Set Computer (CISC) architecture, Network Time Protocol listener, and theoretical increased performance over previous software implementations.

Sah, S.K., Shakya, S., Dhungana, H..  2014.  A security management for Cloud based applications and services with Diameter-AAA. Issues and Challenges in Intelligent Computing Techniques (ICICT), 2014 International Conference on. :6-11.

The Cloud computing offers various services and web based applications over the internet. With the tremendous growth in the development of cloud based services, the security issue is the main challenge and today's concern for the cloud service providers. This paper describes the management of security issues based on Diameter AAA mechanisms for authentication, authorization and accounting (AAA) demanded by cloud service providers. This paper focuses on the integration of Diameter AAA into cloud system architecture.

Saha, Arunima, Srinivasan, Chungath.  2019.  White-Box Cryptography Based Data Encryption-Decryption Scheme for IoT Environment. 2019 5th International Conference on Advanced Computing Communication Systems (ICACCS). :637–641.

The economic progress of the Internet of Things (IoT) is phenomenal. Applications range from checking the alignment of some components during a manufacturing process, monitoring of transportation and pedestrian levels to enhance driving and walking path, remotely observing terminally ill patients by means of medical devices such as implanted devices and infusion pumps, and so on. To provide security, encrypting the data becomes an indispensable requirement, and symmetric encryptions algorithms are becoming a crucial implementation in the resource constrained environments. Typical symmetric encryption algorithms like Advanced Encryption Standard (AES) showcases an assumption that end points of communications are secured and that the encryption key being securely stored. However, devices might be physically unprotected, and attackers may have access to the memory while the data is still encrypted. It is essential to reserve the key in such a way that an attacker finds it hard to extract it. At present, techniques like White-Box cryptography has been utilized in these circumstances. But it has been reported that applying White-Box cryptography in IoT devices have resulted in other security issues like the adversary having access to the intermediate values, and the practical implementations leading to Code lifting attacks and differential attacks. In this paper, a solution is presented to overcome these problems by demonstrating the need of White-Box Cryptography to enhance the security by utilizing the cipher block chaining (CBC) mode.

Sahabandu, D., Allen, J., Moothedath, S., Bushnell, L., Lee, W., Poovendran, R..  2020.  Quickest Detection of Advanced Persistent Threats: A Semi-Markov Game Approach. 2020 ACM/IEEE 11th International Conference on Cyber-Physical Systems (ICCPS). :9—19.
Advanced Persistent Threats (APTs) are stealthy, sophisticated, long-term, multi-stage attacks that threaten the security of sensitive information. Dynamic Information Flow Tracking (DIFT) has been proposed as a promising mechanism to detect and prevent various cyber attacks in computer systems. DIFT tracks suspicious information flows in the system and generates security analysis when anomalous behavior is detected. The number of information flows in a system is typically large and the amount of resources (such as memory, processing power and storage) required for analyzing different flows at different system locations varies. Hence, efficient use of resources is essential to maintain an acceptable level of system performance when using DIFT. On the other hand, the quickest detection of APTs is crucial as APTs are persistent and the damage caused to the system is more when the attacker spends more time in the system. We address the problem of detecting APTs and model the trade-off between resource efficiency and quickest detection of APTs. We propose a game model that captures the interaction of APT and a DIFT-based defender as a two-player, multi-stage, zero-sum, Stackelberg semi-Markov game. Our game considers the performance parameters such as false-negatives generated by DIFT and the time required for executing various operations in the system. We propose a two-time scale Q-learning algorithm that converges to a Stackelberg equilibrium under infinite horizon, limiting average payoff criteria. We validate our model and algorithm on a real-word attack dataset obtained using Refinable Attack INvestigation (RAIN) framework.
Sahabandu, D., Xiao, B., Clark, A., Lee, S., Lee, W., Poovendran, R..  2018.  DIFT Games: Dynamic Information Flow Tracking Games for Advanced Persistent Threats. 2018 IEEE Conference on Decision and Control (CDC). :1136-1143.
Dynamic Information Flow Tracking (DIFT) has been proposed to detect stealthy and persistent cyber attacks that evade existing defenses such as firewalls and signature-based antivirus systems. A DIFT defense taints and tracks suspicious information flows across the network in order to identify possible attacks, at the cost of additional memory overhead for tracking non-adversarial information flows. In this paper, we present the first analytical model that describes the interaction between DIFT and adversarial information flows, including the probability that the adversary evades detection and the performance overhead of the defense. Our analytical model consists of a multi-stage game, in which each stage represents a system process through which the information flow passes. We characterize the optimal strategies for both the defense and adversary, and derive efficient algorithms for computing the strategies. Our results are evaluated on a realworld attack dataset obtained using the Refinable Attack Investigation (RAIN) framework, enabling us to draw conclusions on the optimal adversary and defense strategies, as well as the effect of valid information flows on the interaction between adversary and defense.
Sahabandu, Dinuka, Moothedath, Shana, Bushnell, Linda, Poovendran, Radha, Aller, Joey, Lee, Wenke, Clark, Andrew.  2019.  A Game Theoretic Approach for Dynamic Information Flow Tracking with Conditional Branching. 2019 American Control Conference (ACC). :2289–2296.
In this paper, we study system security against Advanced Persistent Threats (APTs). APTs are stealthy and persistent but APTs interact with system and introduce information flows in the system as data-flow and control-flow commands. Dynamic Information Flow Tracking (DIFT) is a promising detection mechanism against APTs which taints suspicious input sources in the system and performs online security analysis when a tainted information is used in unauthorized manner. Our objective in this paper is to model DIFT that handle data-flow and conditional branches in the program that arise from control-flow commands. We use game theoretic framework and provide the first analytical model of DIFT with data-flow and conditional-branch tracking. Our game model which is an undiscounted infinite-horizon stochastic game captures the interaction between APTs and DIFT and the notion of conditional branching. We prove that the best response of the APT is a maximal reachability probability problem and provide a polynomial-time algorithm to find the best response by solving a linear optimization problem. We formulate the best response of the defense as a linear optimization problem and show that an optimal solution to the linear program returns a deterministic optimal policy for the defense. Since finding Nash equilibrium for infinite-horizon undiscounted stochastic games is computationally difficult, we present a nonlinear programming based polynomial-time algorithm to find an E-Nash equilibrium. Finally, we perform experimental analysis of our algorithm on real-world data for NetRecon attack augmented with conditional branching.
Saharan, Shail, Gupta, Vishal.  2019.  Prevention and Mitigation of DNS Based DDoS Attacks in SDN Environment. 2019 11th International Conference on Communication Systems Networks (COMSNETS). :571-573.

Denial-of-Service attack (DoS attack) is an attack on network in which an attacker tries to disrupt the availability of network resources by overwhelming the target network with attack packets. In DoS attack it is typically done using a single source, and in a Distributed Denial-of-Service attack (DDoS attack), like the name suggests, multiple sources are used to flood the incoming traffic of victim. Typically, such attacks use vulnerabilities of Domain Name System (DNS) protocol and IP spoofing to disrupt the normal functioning of service provider or Internet user. The attacks involving DNS, or attacks exploiting vulnerabilities of DNS are known as DNS based DDOS attacks. Many of the proposed DNS based DDoS solutions try to prevent/mitigate such attacks using some intelligent non-``network layer'' (typically application layer) protocols. Utilizing the flexibility and programmability aspects of Software Defined Networks (SDN), via this proposed doctoral research it is intended to make underlying network intelligent enough so as to prevent DNS based DDoS attacks.

Sahay, R., Geethakumari, G., Modugu, K..  2018.  Attack graph — Based vulnerability assessment of rank property in RPL-6LOWPAN in IoT. 2018 IEEE 4th World Forum on Internet of Things (WF-IoT). :308–313.

A significant segment of the Internet of Things (IoT) is the resource constrained Low Power and Lossy Networks (LLNs). The communication protocol used in LLNs is 6LOWPAN (IPv6 over Low-power Wireless Personal Area Network) which makes use of RPL (IPv6 Routing Protocol over Low power and Lossy network) as its routing protocol. In recent times, several security breaches in IoT networks occurred by targeting routers to instigate various DDoS (Distributed Denial of Service) attacks. Hence, routing security has become an important problem in securing the IoT environment. Though RPL meets all the routing requirements of LLNs, it is important to perform a holistic security assessment of RPL as it is susceptible to many security attacks. An important attribute of RPL is its rank property. The rank property defines the placement of sensor nodes in the RPL DODAG (Destination Oriented Directed Acyclic Graphs) based on an Objective Function. Examples of Objective Functions include Expected Transmission Count, Packet Delivery Rate etc. Rank property assists in routing path optimization, reducing control overhead and maintaining a loop free topology through rank based data path validation. In this paper, we investigate the vulnerabilities of the rank property of RPL by constructing an Attack Graph. For the construction of the Attack Graph we analyzed all the possible threats associated with rank property. Through our investigation we found that violation of protocols related to rank property results in several RPL attacks causing topological sub-optimization, topological isolation, resource consumption and traffic disruption. Routing security essentially comprises mechanisms to ensure correct implementation of the routing protocol. In this paper, we also present some observations which can be used to devise mechanisms to prevent the exploitation of the vulnerabilities of the rank property.

Sahay, Rashmi, Geethakumari, G., Mitra, Barsha, Thejas, V..  2018.  Exponential Smoothing based Approach for Detection of Blackhole Attacks in IoT. 2018 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS). :1–6.
Low power and lossy network (LLN) comprising of constrained devices like sensors and RFIDs, is a major component in the Internet of Things (IoT) environment as these devices provide global connectivity to physical devices or “Things”. LLNs are tied to the Internet or any High Performance Computing environment via an adaptation layer called 6LoWPAN (IPv6 over Low power Personal Area Network). The routing protocol used by 6LoWPAN is RPL (IPv6 Routing Protocol over LLN). Like many other routing protocols, RPL is susceptible to blackhole attacks which cause topological isolation for a subset of nodes in the LLN. A malicious node instigating the blackhole attack drops received packets from nodes in its subtree which it is supposed to forward. Thus, the malicious node successfully isolates nodes in its subtree from the rest of the network. In this paper, we propose an algorithm based on the concept of exponential smoothing to detect the topological isolation of nodes due to blackhole attack. Exponential smoothing is a technique for smoothing time series data using the exponential window function and is used for short, medium and long term forecasting. In our proposed algorithm, exponential smoothing is used to estimate the next arrival time of packets at the sink node from every other node in the LLN. Using this estimation, the algorithm is designed to identify the malicious nodes instigating blackhole attack in real time.
Sahbi, Roumissa, Ghanemi, Salim, Djouani, Ramissa.  2018.  A Network Model for Internet of vehicles based on SDN and Cloud Computing. 2018 6th International Conference on Wireless Networks and Mobile Communications (WINCOM). :1—4.

Internet of vehicles (IoV) is the evolution of conventional vehicle network (VANET), a recent domain attracting a large number of companies and researchers. It is an integration of three networks: an inter-vehicle network, an intra-vehicle network, and vehicular mobile Internet, in which the vehicle is considered as a smart object equipped with powerful multi-sensors platform, connectivity and communication technologies, enabling it to communicate with the world. The cooperative communication between vehicles and other devices causes diverse challenges in terms of: storage and computing capability, energy of vehicle and network's control and management. Security is very important aspect in IoV and it is required to protect connected cars from cybercrime and accidents. In this article, we propose a network model for IoV based on software Defined Network and Cloud Computing.

Sahin, Cetin, Kuczenski, Brandon, Egecioglu, Omer, El Abbadi, Amr.  2018.  Privacy-Preserving Certification of Sustainability Metrics. Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy. :53–63.
Companies are often motivated to evaluate their environmental sustainability, and to make public pronouncements about their performance with respect to quantitative sustainability metrics. Public trust in these declarations is enhanced if the claims are certified by a recognized authority. Because accurate evaluations of environmental impacts require detailed information about industrial processes throughout a supply chain, protecting the privacy of input data in sustainability assessment is of paramount importance. We introduce a new paradigm, called privacy-preserving certification, that enables the computation of sustainability indicators in a privacy-preserving manner, allowing firms to be classified based on their individual performance without revealing sensitive information to the certifier, other parties, or the public. In this work, we describe different variants of the certification problem, highlight the necessary security requirements, and propose a provably-secure novel framework that performs the certification operations under the management of an authorized, yet untrusted, party without compromising confidential information.
Sahoo, Kshira Sagar, Tiwary, Mayank, Sahoo, Sampa, Nambiar, Rohit, Sahoo, Bibhudatta, Dash, Ratnakar.  2018.  A Learning Automata-Based DDoS Attack Defense Mechanism in Software Defined Networks. Proceedings of the 24th Annual International Conference on Mobile Computing and Networking. :795-797.

The primary innovations behind Software Defined Networks (SDN)are the decoupling of the control plane from the data plane and centralizing the network management through a specialized application running on the controller. Despite all its capabilities, the introduction of various architectural entities of SDN poses many security threats and potential target. Especially, Distributed Denial of Services (DDoS) is a rapidly growing attack that poses a tremendous threat to both control plane and forwarding plane of SDN. Asthe control layer is vulnerable to DDoS attack, the goal of this paper is to provide a defense system which is based on Learning Automata (LA) concepts. It is a self-operating mechanism that responds to a sequence of actions in a certain way to achieve a specific goal. The simulation results show that this scheme effectively reduces the TCP connection setup delay due to DDoS attack.

Sahri, Nm, Okamura, Koji.  2016.  Protecting DNS Services from IP Spoofing: SDN Collaborative Authentication Approach. Proceedings of the 11th International Conference on Future Internet Technologies. :83–89.

As DNS packet are mostly UDP-based, make it as a perfect tool for hackers to launch a well-known type of distributed denial of service (DDoS). The purpose of this attack is to saturate the DNS server availability and resources. This type of attack usually utilizes a large number of botnet and perform spoofing on the IP address of the targeted victim. We take a different approach for IP spoofing detection and mitigation strategies to protect the DNS server by utilizing Software Defined Networking (SDN). In this paper, we present CAuth, a novel mechanism that autonomously block the spoofing query packet while authenticate the legitimate query. By manipulating Openflow control message, we design a collaborative approach between client and server network. Whenever a server controller receives query packet, it will send an authentication packet back to the client network and later the client controller also replies via authentication packet back to the server controller. The server controller will only forward the query to the DNS server if it receives the replied authentication packet from the client. From the evaluation, CAuth instantly manage to block spoofing query packet while authenticate the legitimate query as soon as the mechanism started. Most notably, our mechanism designed with no changes in existing DNS application and Openflow protocol.

Sahu, A., Singh, A..  2016.  Securing IoT devices using JavaScript based sandbox. 2016 IEEE International Conference on Recent Trends in Electronics, Information Communication Technology (RTEICT). :1476–1482.

Internet of Things is gaining research attention as one of the important fields that will affect our daily life vastly. Today, around us this revolutionary technology is growing and evolving day by day. This technology offers certain benefits like automatic processing, improved logistics and device communication that would help us to improve our social life, health, living standards and infrastructure. However, due to their simple architecture and presence on wide variety of fields they pose serious concern to security. Due to the low end architecture there are many security issues associated with IoT network devices. In this paper, we try to address the security issue by proposing JavaScript sandbox as a method to execute IoT program. Using this sandbox we also implement the strategy to control the execution of the sandbox while the program is being executed on it.

Sahu, Abhijeet, Huang, Hao, Davis, Katherine, Zonouz, Saman.  2019.  SCORE: A Security-Oriented Cyber-Physical Optimal Response Engine. 2019 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm). :1–6.

Automatic optimal response systems are essential for preserving power system resilience and ensuring faster recovery from emergency under cyber compromise. Numerous research works have developed such response engine for cyber and physical system recovery separately. In this paper, we propose a novel cyber-physical decision support system, SCORE, that computes optimal actions considering pure and hybrid cyber-physical states, using Markov Decision Process (MDP). Such an automatic decision making engine can assist power system operators and network administrators to make a faster response to prevent cascading failures and attack escalation respectively. The hybrid nature of the engine makes the reward and state transition model of the MDP unique. Value iteration and policy iteration techniques are used to compute the optimal actions. Tests are performed on three and five substation power systems to recover from attacks that compromise relays to cause transmission line overflow. The paper also analyses the impact of reward and state transition model on computation. Corresponding results verify the efficacy of the proposed engine.

Sahu, Abhijeet, Goulart, Ana.  2019.  Implementation of a C-UNB Module for NS-3 and Validation for DLMS-COSEM Application Layer Protocol. 2019 IEEE ComSoc International Communications Quality and Reliability Workshop (CQR). :1-6.

The number of sensors and embedded devices in an urban area can be on the order of thousands. New low-power wide area (LPWA) wireless network technologies have been proposed to support this large number of asynchronous, low-bandwidth devices. Among them, the Cooperative UltraNarrowband (C-UNB) is a clean-slate cellular network technology to connect these devices to a remote site or data collection server. C-UNB employs small bandwidth channels, and a lightweight random access protocol. In this paper, a new application is investigated - the use of C-UNB wireless networks to support the Advanced Metering Infrastructure (AMI), in order to facilitate the communication between smart meters and utilities. To this end, we adapted a mathematical model for C-UNB, and implemented a network simulation module in NS-3 to represent C-UNB's physical and medium access control layer. For the application layer, we implemented the DLMS-COSEM protocol, or Device Language Message Specification - Companion Specification for Energy Metering. Details of the simulation module are presented and we conclude that it supports the results of the mathematical model.