Visible to the public Biblio

Found 3923 results

Filters: First Letter Of Last Name is S  [Clear All Filters]
Wang, Zhiwen, Hu, Jiqiang, Sun, Hongtao.  2020.  False Data Injection Attacks in Smart Grid Using Gaussian Mixture Model. 2020 16th International Conference on Control, Automation, Robotics and Vision (ICARCV). :830–837.
The application of network technology and high-tech equipment in power systems has increased the degree of grid intelligence, and malicious attacks on smart grids have also increased year by year. The wrong data injection attack launched by the attacker will destroy the integrity of the data by changing the data of the sensor and controller, which will lead to the wrong decision of the control system and even paralyze the power transmission network. This paper uses the measured values of smart grid sensors as samples, analyzes the attack vectors maliciously injected by attackers and the statistical characteristics of system data, and proposes a false data injection attack detection strategy. It is considered that the measured values of sensors have spatial distribution characteristics, the Gaussian mixture model of grid node feature vectors is obtained by training sample values, the test measurement values are input into the Gaussian mixture model, and the knowledge of clustering is used to detect whether the power grid is malicious data attacks. The power supplies of IEEE-18 and IEEE-30 simulation systems was tested, and the influence of the system statistical measurement characteristics on the detection accuracy was analyzed. The results show that the proposed strategy has better detection performance than the support vector machine method.
Piatkowska, Ewa, Gavriluta, Catalin, Smith, Paul, Andrén, Filip Pröstl.  2020.  Online Reasoning about the Root Causes of Software Rollout Failures in the Smart Grid. 2020 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm). :1–7.
An essential ingredient of the smart grid is software-based services. Increasingly, software is used to support control strategies and services that are critical to the grid's operation. Therefore, its correct operation is essential. For various reasons, software and its configuration needs to be updated. This update process represents a significant overhead for smart grid operators and failures can result in financial losses and grid instabilities. In this paper, we present a framework for determining the root causes of software rollout failures in the smart grid. It uses distributed sensors that indicate potential issues, such as anomalous grid states and cyber-attacks, and a causal inference engine based on a formalism called evidential networks. The aim of the framework is to support an adaptive approach to software rollouts, ensuring that a campaign completes in a timely and secure manner. The framework is evaluated for a software rollout use-case in a low voltage distribution grid. Experimental results indicate it can successfully discriminate between different root causes of failure, supporting an adaptive rollout strategy.
Gupta, Praveen Kumar, Singh, Neeraj Kumar, Mahajan, Vasundhara.  2020.  Monitoring of Cyber Intrusion in Wireless Smart Grid Network Using Weight Reduction Technique. 2020 International Conference on Electrical and Electronics Engineering (ICE3). :136–139.
The dependency of the smart grid is higher in terms of Wireless Sensors (WS) for flexible monitoring and control. Sensor nodes are required to sense, collect and process the real-time data and transfer it to the monitoring stations. Mostly, it is deployed in extremely rural areas where human access is limited making it vulnerable to cyber intrusion. In this paper, an easy, efficient and low memory usage program is proposed to detect False Data Injection Cyber Attack (FDICA) in very little time to protect the smart grid network. Each bus of the IEEE test system is represented by a connected graph node having a weight equal to 1. During FDICA the weight of the node changes and triggers the alarm if the change is below the predefined threshold value. MATLAB software is used to evaluate the performance of the proposed method under different conditions. Simulation results indicate that the proposed method detects the FDICA in minimal time increasing the resilience capability of the smart grid.
Rao, Poojith U., Sodhi, Balwinder, Sodhi, Ranjana.  2020.  Cyber Security Enhancement of Smart Grids Via Machine Learning - A Review. 2020 21st National Power Systems Conference (NPSC). :1–6.
The evolution of power system as a smart grid (SG) not only has enhanced the monitoring and control capabilities of the power grid, but also raised its security concerns and vulnerabilities. With a boom in Internet of Things (IoT), a lot a sensors are being deployed across the grid. This has resulted in huge amount of data available for processing and analysis. Machine learning (ML) and deep learning (DL) algorithms are being widely used to extract useful information from this data. In this context, this paper presents a comprehensive literature survey of different ML and DL techniques that have been used in the smart grid cyber security area. The survey summarizes different type of cyber threats which today's SGs are prone to, followed by various ML and DL-assisted defense strategies. The effectiveness of the ML based methods in enhancing the cyber security of SGs is also demonstrated with the help of a case study.
Akhras, Raphaelle, El-Hajj, Wassim, Majdalani, Michel, Hajj, Hazem, Jabr, Rabih, Shaban, Khaled.  2020.  Securing Smart Grid Communication Using Ethereum Smart Contracts. 2020 International Wireless Communications and Mobile Computing (IWCMC). :1672–1678.
Smart grids are being continually adopted as a replacement of the traditional power grid systems to ensure safe, efficient, and cost-effective power distribution. The smart grid is a heterogeneous communication network made up of various devices such as smart meters, automation, and emerging technologies interacting with each other. As a result, the smart grid inherits most of the security vulnerabilities of cyber systems, putting the smart grid at risk of cyber-attacks. To secure the communication between smart grid entities, namely the smart meters and the utility, we propose in this paper a communication infrastructure built on top of a blockchain network, specifically Ethereum. All two-way communication between the smart meters and the utility is assumed to be transactions governed by smart contracts. Smart contracts are designed in such a way to ensure that each smart meter is authentic and each smart meter reading is reported securely and privately. We present a simulation of a sample smart grid and report all the costs incurred from building such a grid. The simulations illustrate the feasibility and security of the proposed architecture. They also point to weaknesses that must be addressed, such as scalability and cost.
Pliatsios, Dimitrios, Sarigiannidis, Panagiotis, Efstathopoulos, Georgios, Sarigiannidis, Antonios, Tsiakalos, Apostolos.  2020.  Trust Management in Smart Grid: A Markov Trust Model. 2020 9th International Conference on Modern Circuits and Systems Technologies (MOCAST). :1–4.
By leveraging the advancements in Information and Communication Technologies (ICT), Smart Grid (SG) aims to modernize the traditional electric power grid towards efficient distribution and reliable management of energy in the electrical domain. The SG Advanced Metering Infrastructure (AMI) contains numerous smart meters, which are deployed throughout the distribution grid. However, these smart meters are susceptible to cyberthreats that aim to disrupt the normal operation of the SG. Cyberattacks can have various consequences in the smart grid, such as incorrect customer billing or equipment destruction. Therefore, these devices should operate on a trusted basis in order to ensure the availability, confidentiality, and integrity of the metering data. In this paper, we propose a Markov chain trust model that determines the Trust Value (TV) for each AMI device based on its behavior. Finally, numerical computations were carried out in order to investigate the reaction of the proposed model to the behavior changes of a device.
Keko, Hrvoje, Hasse, Peter, Gabandon, Eloi, Su\v cić, Stjepan, Isakovic, Karsten, Cipriano, Jordi.  2020.  Secure Standards-Based Reference Architecture for Flexibility Activation and Democratisation. CIRED 2020 Berlin Workshop (CIRED 2020). 2020:584–587.
This study presents an open standards-based information system supporting democratisation and consumer empowerment through flexibility activation. This study describes a functional technical reference infrastructure: a secure, standard-based and viable communication backbone for flexibility activation. The infrastructure allows connection, registering, activation and reporting for different types of granular consumer flexibility. The flexibility sources can be directly controllable set points of chargers and stationary batteries, as well as controllable loads. The proposed communication system sees all these flexibility provisions as distributed energy resources in a wider sense, and the architecture allows consumer-level integration of different energy systems. This makes new flexibility sources fully available to the balancing responsible entities in a viable and realistically implementable manner. The proposed reference architecture, as implemented in the FLEXCoop project, relies on established open standards as it is based on the Open Automated Demand Response (OpenADR) and OAuth2/OpenID standards and the corresponding IEC 62746-10 standard, and it covers interfacing towards other relevant standards. The security and access implications are addressed by the OpenID security layer built on top of the OAuth2 and integrated with the OpenADR standard. To address the data protection and privacy aspects, the architecture is designed on the least knowledge principle.
Shateri, Mohammadhadi, Messina, Francisco, Piantanida, Pablo, Labeau, Fabrice.  2020.  On the Impact of Side Information on Smart Meter Privacy-Preserving Methods. 2020 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm). :1–6.
Smart meters (SMs) can pose privacy threats for consumers, an issue that has received significant attention in recent years. This paper studies the impact of Side Information (SI) on the performance of possible attacks to real-time privacy-preserving algorithms for SMs. In particular, we consider a deep adversarial learning framework, in which the desired releaser, which is a Recurrent Neural Network (RNN), is trained by fighting against an adversary network until convergence. To define the objective for training, two different approaches are considered: the Causal Adversarial Learning (CAL) and the Directed Information (DI)-based learning. The main difference between these approaches relies on how the privacy term is measured during the training process. The releaser in the CAL method, disposing of supervision from the actual values of the private variables and feedback from the adversary performance, tries to minimize the adversary log-likelihood. On the other hand, the releaser in the DI approach completely relies on the feedback received from the adversary and is optimized to maximize its uncertainty. The performance of these two algorithms is evaluated empirically using real-world SMs data, considering an attacker with access to SI (e.g., the day of the week) that tries to infer the occupancy status from the released SMs data. The results show that, although they perform similarly when the attacker does not exploit the SI, in general, the CAL method is less sensitive to the inclusion of SI. However, in both cases, privacy levels are significantly affected, particularly when multiple sources of SI are included.
Alkaeed, Mahdi, Soliman, Md Mohiuddin, Khan, Khaled M., Elfouly, Tarek M..  2020.  Distributed Framework via Block-Chain Smart Contracts for Smart Grid Systems against Cyber-Attacks. 2020 11th IEEE Control and System Graduate Research Colloquium (ICSGRC). :100–105.
In this century, the demand for energy is increasing daily, and the need for energy resources has become urgent and inevitable. New ways of generating energy, such as renewable resources that depend on many sources, including the sun and wind energy will contribute to the future of humankind largely and effectively. These renewable sources are facing major challenges that cannot be ignored which also require more researches on appropriate solutions . This has led to the emergence of a new type of network user called prosumer, which causes new challenges such as the intermittent nature of renewable. Smart grids have emerged as a solution to integrate these distributed energy sources. It also provides a mechanism to maintain safety and security for power supply networks. The main idea of smart grids is to facilitate local production and consumption By customers and consumers.Distributed ledger technology (DLT) or Block-chain technology has evolved dramatically since 2008 that coincided with the birth of its first application Bitcoin, which is the first cryptocurrency. This innovation led to sparked in the digital revolution, which provides decentralization, security, and democratization of information storage and transfer systems across numerous sectors/industries. Block-chain can be applied for the sake of the durability and safety of energy systems. In this paper, we will propose a new distributed framework that provides protection based on block-chain technology for energy systems to enhance self-defense capability against those cyber-attacks.
Shateri, Mohammadhadi, Messina, Francisco, Piantanida, Pablo, Labeau, Fabrice.  2020.  Privacy-Cost Management in Smart Meters Using Deep Reinforcement Learning. 2020 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe). :929–933.
Smart meters (SMs) play a pivotal rule in the smart grid by being able to report the electricity usage of consumers to the utility provider (UP) almost in real-time. However, this could leak sensitive information about the consumers to the UP or a third-party. Recent works have leveraged the availability of energy storage devices, e.g., a rechargeable battery (RB), in order to provide privacy to the consumers with minimal additional energy cost. In this paper, a privacy-cost management unit (PCMU) is proposed based on a model-free deep reinforcement learning algorithm, called deep double Q-learning (DDQL). Empirical results evaluated on actual SMs data are presented to compare DDQL with the state-of-the-art, i.e., classical Q-learning (CQL). Additionally, the performance of the method is investigated for two concrete cases where attackers aim to infer the actual demand load and the occupancy status of dwellings. Finally, an abstract information-theoretic characterization is provided.
Subramanian, Vinod, Pankajakshan, Arjun, Benetos, Emmanouil, Xu, Ning, McDonald, SKoT, Sandler, Mark.  2020.  A Study on the Transferability of Adversarial Attacks in Sound Event Classification. ICASSP 2020 - 2020 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP). :301–305.
An adversarial attack is an algorithm that perturbs the input of a machine learning model in an intelligent way in order to change the output of the model. An important property of adversarial attacks is transferability. According to this property, it is possible to generate adversarial perturbations on one model and apply it the input to fool the output of a different model. Our work focuses on studying the transferability of adversarial attacks in sound event classification. We are able to demonstrate differences in transferability properties from those observed in computer vision. We show that dataset normalization techniques such as z-score normalization does not affect the transferability of adversarial attacks and we show that techniques such as knowledge distillation do not increase the transferability of attacks.
Aksenov, Alexander, Borisov, Vasilii, Shadrin, Denis, Porubov, Andrey, Kotegova, Anna, Sozykin, Andrey.  2020.  Competencies Ontology for the Analysis of Educational Programs. 2020 Ural Symposium on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT). :368–371.
The following topics are dealt with: diseases; medical signal processing; learning (artificial intelligence); security of data; blood; patient treatment; patient monitoring; bioelectric phenomena; biomedical electrodes; biological tissues.
Songala, Komal Kumar, Ammana, Supraja Reddy, Ramachandruni, Hari Chandana, Achanta, Dattatreya Sarma.  2020.  Simplistic Spoofing of GPS Enabled Smartphone. 2020 IEEE International Women in Engineering (WIE) Conference on Electrical and Computer Engineering (WIECON-ECE). :460–463.
Intentional interference such as spoofing is an emerging threat to GPS receivers used in both civilian and defense applications. With the majority of smartphones relying on GPS for positioning and navigation, the vulnerability of these phones to spoofing attacks is an issue of security concern. In this paper, it is demonstrated that is easy to successfully spoof a smartphone using a simplistic spoofing technique. A spoofing signal is generated using open-source signal simulator and transmitted using a low-cost SDR. In view of the tremendously increasing usage of GPS enabled smartphones, it is necessary to develop suitable countermeasures for spoofing. This work carries significance as it would help in understanding the effects of spoofing at various levels of signal processing in the receiver and develop advanced spoofing detection and mitigation techniques.
Zhang, Qiang, Chai, Bo, Song, Bochuan, Zhao, Jingpeng.  2020.  A Hierarchical Fine-Tuning Based Approach for Multi-Label Text Classification. 2020 IEEE 5th International Conference on Cloud Computing and Big Data Analytics (ICCCBDA). :51–54.
Hierarchical Text classification has recently become increasingly challenging with the growing number of classification labels. In this paper, we propose a hierarchical fine-tuning based approach for hierarchical text classification. We use the ordered neurons LSTM (ONLSTM) model by combining the embedding of text and parent category for hierarchical text classification with a large number of categories, which makes full use of the connection between the upper-level and lower-level labels. Extensive experiments show that our model outperforms the state-of-the-art hierarchical model at a lower computation cost.
Somsakul, Supawit, Prom-on, Santitham.  2020.  On the Network and Topological Analyses of Legal Documents Using Text Mining Approach. 2020 1st International Conference on Big Data Analytics and Practices (IBDAP). :1–6.
This paper presents a computational study of Thai legal documents using text mining and network analytic approach. Thai legal systems rely much on the existing judicial rulings. Thus, legal documents contain complex relationships and require careful examination. The objective of this study is to use text mining to model relationships between these legal documents and draw useful insights. A structure of document relationship was found as a result of the study in forms of a network that is related to the meaningful relations of legal documents. This can potentially be developed further into a document retrieval system based on how documents are related in the network.
Fujita, Kentaro, Zhang, Yuanyu, Sasabe, Masahiro, Kasahara, Shoji.  2020.  Mining Pool Selection Problem in the Presence of Block Withholding Attack. 2020 IEEE International Conference on Blockchain (Blockchain). :321–326.
Mining, the process where multiple miners compete to add blocks to Proof-of-Work (PoW) blockchains, is of great importance to maintain the tamper-resistance feature of blockchains. In current blockchain networks, miners usually form groups, called mining pools, to improve their revenues. When multiple pools exist, a fundamental mining pool selection problem arises: which pool should each miner join to maximize its revenue? In addition, the existence of mining pools also leads to another critical issue, i.e., Block WithHolding (BWH) attack, where a pool sends some of its miners as spies to another pool to gain extra revenues without contributing to the mining of the infiltrated pool. This paper therefore aims to investigate the mining pool selection issue (i.e., the stable population distribution of miners in the pools) in the presence of BWH attack from the perspective of evolutionary game theory. We first derive the expected revenue density of each pool to determine the expected payoff of miners in that pool. Based on the expected payoffs, we formulate replicator dynamics to represent the growth rates of the populations in all pools. Using the replicator dynamics, we obtain the rest points of the growth rates and discuss their stability to identify the Evolutionarily Stable States (ESSs) (i.e., stable population distributions) of the game. Simulation and numerical results are also provided to corroborate our analysis and to illustrate the theoretical findings.
Takemoto, Shu, Shibagaki, Kazuya, Nozaki, Yusuke, Yoshikawa, Masaya.  2020.  Deep Learning Based Attack for AI Oriented Authentication Module. 2020 35th International Technical Conference on Circuits/Systems, Computers and Communications (ITC-CSCC). :5–8.
Neural Network Physical Unclonable Function (NN-PUF) has been proposed for the secure implementation of Edge AI. This study evaluates the tamper resistance of NN-PUF against machine learning attacks. The machine learning attack in this study learns CPRs using deep learning. As a result of the evaluation experiment, the machine learning attack predicted about 82% for CRPs. Therefore, this study revealed that NN-PUF is vulnerable to machine learning attacks.
Song, ZHANG, Yang, Li, Gaoyang, LI, Han, YU, Baozhong, HAO, Jinwei, SONG, Jingang, FAN.  2020.  An Improved Data Provenance Framework Integrating Blockchain and PROV Model. 2020 International Conference on Computer Science and Management Technology (ICCSMT). :323–327.
Data tracing is an important topic in the era of digital economy when data are considered as one of the core factors in economic activities. However, the current data traceability systems often fail to obtain public trust due to their centralization and opaqueness. Blockchain possesses natural technical features such as data tampering resistance, anonymity, encryption security, etc., and shows great potential of improving the data tracing credibility. In this paper, we propose a blockchain-PROV-based multi-center data provenance solution in where the PROV model standardizes the data record storage and provenance on the blockchain automatically and intelligently. The solution improves the transparency and credibility of the provenance data, such as to help the efficient control and open sharing of data assets.
Gao, Yang, Wu, Weniun, Dong, Junyu, Yin, Yufeng, Si, Pengbo.  2020.  Deep Reinforcement Learning Based Node Pairing Scheme in Edge-Chain for IoT Applications. GLOBECOM 2020 - 2020 IEEE Global Communications Conference. :1–6.
Nowadays, the Internet of Things (IoT) is playing an important role in our life. This inevitably generates mass data and requires a more secure transmission. As blockchain technology can build trust in a distributed environment and ensure the data traceability and tamper resistance, it is a promising way to support IoT data transmission and sharing. In this paper, edge computing is considered to provide adequate resources for end users to offload computing tasks in the blockchain enabled IoT system, and the node pairing problem between end users and edge computing servers is researched with the consideration of wireless channel quality and the service quality. From the perspective of the end users, the objective optimization is designed to maximize the profits and minimize the payments for completing the tasks and ensuring the resource limits of the edge servers at the same time. The deep reinforcement learning (DRL) method is utilized to train an intelligent strategy, and the policy gradient based node pairing (PG-NP) algorithm is proposed. Through a deep neural network, the well-trained policy matched the system states to the optimal actions. The REINFORCE algorithm with baseline is applied to train the policy network. According to the training results, as the comparison strategies are max-credit, max-SINR, random and max-resource, the PG-NP algorithm performs about 57% better than the second-best method. And testing results show that PGNP also has a good generalization ability which is negatively correlated with the training performance to a certain extend.
Ferdous Khan, M. Fahim, Sakamura, Ken.  2020.  A Context-Policy-Based Approach to Access Control for Healthcare Data Protection. 2020 International Computer Symposium (ICS). :420–425.
Fueled by the emergence of IoT-enabled medical sensors and big data analytics, nations all over the world are widely adopting digitalization of healthcare systems. This is certainly a positive trend for improving the entire spectrum of quality of care, but this convenience is also posing a huge challenge on the security of healthcare data. For ensuring privacy and protection of healthcare data, access control is regarded as one of the first-line-of-defense mechanisms. As none of the traditional enterprise access control models can completely cater to the need of the healthcare domain which includes a myriad of contexts, in this paper, we present a context-policy-based access control scheme. Our scheme relies on the eTRON cybersecurity architecture for tamper-resistance and cryptographic functions, and leverages a context-specific blend of classical discretionary and role-based access models for incorporation into legacy systems. Moreover, our scheme adheres to key recommendations of prominent statutory and technical guidelines including HIPAA and HL7. The protocols involved in the proposed access control system have been delineated, and a proof-of-concept implementation has been carried out - along with a comparison with other systems, which clearly suggests that our approach is more responsive to different contexts for protecting healthcare data.
Sapountzis, Nikolaos, Sun, Ruimin, Wei, Xuetao, Jin, Yier, Crandall, Jedidiah, Oliveira, Daniela.  2020.  MITOS: Optimal Decisioning for the Indirect Flow Propagation Dilemma in Dynamic Information Flow Tracking Systems. 2020 IEEE 40th International Conference on Distributed Computing Systems (ICDCS). :1090–1100.
Dynamic Information Flow Tracking (DIFT), also called Dynamic Taint Analysis (DTA), is a technique for tracking the information as it flows through a program's execution. Specifically, some inputs or data get tainted and then these taint marks (tags) propagate usually at the instruction-level. While DIFT has been a fundamental concept in computer and network security for the past decade, it still faces open challenges that impede its widespread application in practice; one of them being the indirect flow propagation dilemma: should the tags involved in an indirect flow, e.g., in a control or address dependency, be propagated? Propagating all these tags, as is done for direct flows, leads to overtainting (all taintable objects become tainted), while not propagating them leads to undertainting (information flow becomes incomplete). In this paper, we analytically model that decisioning problem for indirect flows, by considering various tradeoffs including undertainting versus overtainting, importance of heterogeneous code semantics and context. Towards tackling this problem, we design MITOS, a distributed-optimization algorithm, that: decides about the propagation of indirect flows by properly weighting all these tradeoffs, is of low-complexity, is scalable, is able to flexibly adapt to different application scenarios and security needs of large distributed systems. Additionally, MITOS is applicable to most DIFT systems that consider an arbitrary number of tag types, and introduces the key properties of fairness and tag-balancing to the DIFT field. To demonstrate MITOS's applicability in practice, we implement and evaluate MITOS on top of an open-source DIFT, and we shed light on the open problem. We also perform a case-study scenario with a real in-memory only attack and show that MITOS improves simultaneously (i) system's spatiotemporal overhead (up to 40%), and (ii) system's fingerprint on suspected bytes (up to 167%) compared to traditional DIFT, even though these metrics usually conflict.
Hermerschmidt, Lars, Straub, Andreas, Piskachev, Goran.  2020.  Language-Agnostic Injection Detection. 2020 IEEE Security and Privacy Workshops (SPW). :268–275.
Formal languages are ubiquitous wherever software systems need to exchange or store data. Unparsing into and parsing from such languages is an error-prone process that has spawned an entire class of security vulnerabilities. There has been ample research into finding vulnerabilities on the parser side, but outside of language specific approaches, few techniques targeting unparser vulnerabilities exist. This work presents a language-agnostic approach for spotting injection vulnerabilities in unparsers. It achieves this by mining unparse trees using dynamic taint analysis to extract language keywords, which are leveraged for guided fuzzing. Vulnerabilities can thus be found without requiring prior knowledge about the formal language, and in fact, the approach is even applicable where no specification thereof exists at all. This empowers security researchers and developers alike to gain deeper understanding of unparser implementations through examination of the unparse trees generated by the approach, as well as enabling them to find new vulnerabilities in poorly-understood software. This work presents a language-agnostic approach for spotting injection vulnerabilities in unparsers. It achieves this by mining unparse trees using dynamic taint analysis to extract language keywords, which are leveraged for guided fuzzing. Vulnerabilities can thus be found without requiring prior knowledge about the formal language, and in fact, the approach is even applicable where no specification thereof exists at all. This empowers security researchers and developers alike to gain deeper understanding of unparser implementations through examination of the unparse trees generated by the approach, as well as enabling them to find new vulnerabilities in poorly-understood software.
She, Dongdong, Chen, Yizheng, Shah, Abhishek, Ray, Baishakhi, Jana, Suman.  2020.  Neutaint: Efficient Dynamic Taint Analysis with Neural Networks. 2020 IEEE Symposium on Security and Privacy (SP). :1527–1543.
Dynamic taint analysis (DTA) is widely used by various applications to track information flow during runtime execution. Existing DTA techniques use rule-based taint-propagation, which is neither accurate (i.e., high false positive rate) nor efficient (i.e., large runtime overhead). It is hard to specify taint rules for each operation while covering all corner cases correctly. Moreover, the overtaint and undertaint errors can accumulate during the propagation of taint information across multiple operations. Finally, rule-based propagation requires each operation to be inspected before applying the appropriate rules resulting in prohibitive performance overhead on large real-world applications.In this work, we propose Neutaint, a novel end-to-end approach to track information flow using neural program embeddings. The neural program embeddings model the target's programs computations taking place between taint sources and sinks, which automatically learns the information flow by observing a diverse set of execution traces. To perform lightweight and precise information flow analysis, we utilize saliency maps to reason about most influential sources for different sinks. Neutaint constructs two saliency maps, a popular machine learning approach to influence analysis, to summarize both coarse-grained and fine-grained information flow in the neural program embeddings.We compare Neutaint with 3 state-of-the-art dynamic taint analysis tools. The evaluation results show that Neutaint can achieve 68% accuracy, on average, which is 10% improvement while reducing 40× runtime overhead over the second-best taint tool Libdft on 6 real world programs. Neutaint also achieves 61% more edge coverage when used for taint-guided fuzzing indicating the effectiveness of the identified influential bytes. We also evaluate Neutaint's ability to detect real world software attacks. The results show that Neutaint can successfully detect different types of vulnerabilities including buffer/heap/integer overflows, division by zero, etc. Lastly, Neutaint can detect 98.7% of total flows, the highest among all taint analysis tools.
Silva-Saravia, Horacio, Singh, Iknoor, Chynoweth, Joshua, Mateo, Norbo, Mejia, Manuel, Amadis, Simon, Alvarez, Rufino.  2020.  Islanding Detection and Resynchronization Based upon Wide-Area Monitoring and Situational Awareness in the Dominican Republic. 2020 IEEE PES Transmission Distribution Conference and Exhibition - Latin America (T D LA). :1–6.
This paper shows the benefits of synchrophasor technology for islanding detection and resynchronization in the control room at Empresa de Transmisión Eléctrica Dominicana (ETED) in the Dominican Republic. EPG's Real Time Dynamics Monitoring System (RTDMS®) deployed at ETED was tested during operator training with the event data after an islanding event occurred on October 26, 2019, which caused the ETED System to split into two islands. RTDMS's islanding detection algorithm quickly detected and identified the event. The islanding situation was not clear for operators during the time of the event with the use of traditional SCADA tools. The use of synchophasor technology also provides valuable information for a quick and safe resynchronization. By monitoring the system frequency in each island and voltage angle differences between islands, operators can know the exact time of circuit breaker closure for a successful resynchronization. Synchrophasors allow the resynchronization in a relatively short time, avoiding the risk of additional load loss, generator outages or even a wider system blackout.
Huang, Xuanbo, Xue, Kaiping, Xing, Yitao, Hu, Dingwen, Li, Ruidong, Sun, Qibin.  2020.  FSDM: Fast Recovery Saturation Attack Detection and Mitigation Framework in SDN. 2020 IEEE 17th International Conference on Mobile Ad Hoc and Sensor Systems (MASS). :329–337.
The whole Software-Defined Networking (SDN) system might be out of service when the control plane is overloaded by control plane saturation attacks. In this attack, a malicious host can manipulate massive table-miss packets to exhaust the control plane resources. Even though many studies have focused on this problem, systems still suffer from more influenced switches because of centralized mitigation policies, and long recovery delay because of the remaining attack flows. To solve these problems, we propose FSDM, a Fast recovery Saturation attack Detection and Mitigation framework. For detection, FSDM extracts the distribution of Control Channel Occupation Rate (CCOR) to detect the attack and locates the port that attackers come from. For mitigation, with the attacker's location and distributed Mitigation Agents, FSDM adopts different policies to migrate or block attack flows, which influences fewer switches and protects the control plane from resource exhaustion. Besides, to reduce the system recovery delay, FSDM equips a novel functional module called Force\_Checking, which enables the whole system to quickly clean up the remaining attack flows and recovery faster. Finally, we conducted extensive experiments, which show that, with the increasing of attack PPS (Packets Per Second), FSDM only suffers a minor recovery delay increase. Compared with traditional methods without cleaning up remaining flows, FSDM saves more than 81% of ping RTT under attack rate ranged from 1000 to 4000 PPS, and successfully reduced the delay of 87% of HTTP requests time under large attack rate ranged from 5000 to 30000 PPS.