Biblio
Communication architecture is a crucial component in smart grid. Most of the previous researches have been focused on the traditional Internet and proposed numerous evolutionary designs. However, the traditional network architecture has been reported with multiple inherent shortcomings, which bring unprecedented challenges for the Smart Grid. Moreover, the smart network architecture for the future Smart Grid is still unexplored. In this context, this paper proposes a clean-slate communication approach to boost the development of smart grid in the respective of Smart Identifier Network (SINET), named SI4SG. It also designs the service resolution mechanism and the ns-3 based simulating tool for the proposed communication architecture.
We present a new method for mitigating wall return and a new greedy algorithm for detecting stationary targets after wall clutter has been cancelled. Given limited measurements of a stepped-frequency radar signal consisting of both wall and target return, our objective is to detect and localize the potential targets. Modulated Discrete Prolate Spheroidal Sequences (DPSS's) form an efficient basis for sampled bandpass signals. We mitigate the wall clutter efficiently within the compressive measurements through the use of a bandpass modulated DPSS basis. Then, in each step of an iterative algorithm for detecting the target positions, we use a modulated DPSS basis to cancel nearly all of the target return corresponding to previously selected targets. With this basis, we improve upon the target detection sensitivity of a Fourier-based technique.
In recent years, there has been a significant increase in wind power penetration into the power system. As a result, the behavior of the power system has become more dependent on wind power behavior. Supervisory control and data acquisition (SCADA) systems responsible for monitoring and controlling wind farms often have vulnerabilities that make them susceptible to cyberattacks. These vulnerabilities allow attackers to exploit and intrude in the wind farm SCADA system. In this paper, a cyber-physical system (CPS) model for the information and communication technology (ICT) model of the wind farm SCADA system integrated with SCADA of the power system is proposed. Cybersecurity of this wind farm SCADA system is discussed. Proposed cyberattack scenarios on the system are modeled and the impact of these cyberattacks on the behavior of the power systems on the IEEE 9-bus modified system is investigated. Finally, an anomaly attack detection algorithm is proposed to stop the attack of tripping of all wind farms. Case studies validate the performance of the proposed CPS model of the test system and the attack detection algorithm.
Hardware implementations of cryptographic algorithms may leak information through numerous side channels, which can be used to reveal the secret cryptographic keys, and therefore compromise the security of the algorithm. Power Analysis Attacks (PAAs) [1] exploit the information leakage from the device's power consumption (typically measured on the supply and/or ground pins). Digital circuits consume dynamic switching energy when data propagate through the logic in each new calculation (e.g. new clock cycle). The average power dissipation of a design can be expressed by: Ptot(t) = α · (Pd(t) + Ppvt(t)) (1) where α is the activity factor (the probability that the gate will switch) and depends on the probability distribution of the inputs to the combinatorial logic. This induces a linear relationship between the power and the processed data [2]. Pd is the deterministic power dissipated by the switching of the gate, including any parasitic and intrinsic capacitances, and hence can be evaluated prior to manufacturing. Ppvt is the change in expected power consumption due to nondeterministic parameters such as process variations, mismatch, temperature, etc. In this manuscript, we describe the design of logic gates that induce data-independent (constant) α and Pd.
Phishing as one of the most well-known cybercrime activities is a deception of online users to steal their personal or confidential information by impersonating a legitimate website. Several machine learning-based strategies have been proposed to detect phishing websites. These techniques are dependent on the features extracted from the website samples. However, few studies have actually considered efficient feature selection for detecting phishing attacks. In this work, we investigate an agreement on the definitive features which should be used in phishing detection. We apply Fuzzy Rough Set (FRS) theory as a tool to select most effective features from three benchmarked data sets. The selected features are fed into three often used classifiers for phishing detection. To evaluate the FRS feature selection in developing a generalizable phishing detection, the classifiers are trained by a separate out-of-sample data set of 14,000 website samples. The maximum F-measure gained by FRS feature selection is 95% using Random Forest classification. Also, there are 9 universal features selected by FRS over all the three data sets. The F-measure value using this universal feature set is approximately 93% which is a comparable result in contrast to the FRS performance. Since the universal feature set contains no features from third-part services, this finding implies that with no inquiry from external sources, we can gain a faster phishing detection which is also robust toward zero-day attacks.
Presented at the NSA Science of Security Quarterly Meeting, July 2016.
Many current VM monitoring approaches require guest OS modifications and are also unable to perform application level monitoring, reducing their value in a cloud setting. This paper introduces hprobes, a framework that allows one to dynamically monitor applications and operating systems inside a VM. The hprobe framework does not require any changes to the guest OS, which avoids the tight coupling of monitoring with its target. Furthermore, the monitors can be customized and enabled/disabled while the VM is running. To demonstrate the usefulness of this framework, we present three sample detectors: an emergency detector for a security vulnerability, an application watchdog, and an infinite-loop detector. We test our detectors on real applications and demonstrate that those detectors achieve an acceptable level of performance overhead with a high degree of flexibility.
Presented at the 11th European Dependable Computing Conference-Dependabiltiy in Practice (EDCC 2015), September 2015.
Vector space models (VSMs) are mathematically well-defined frameworks that have been widely used in text processing. In these models, high-dimensional, often sparse vectors represent text units. In an application, the similarity of vectors -- and hence the text units that they represent -- is computed by a distance formula. The high dimensionality of vectors, however, is a barrier to the performance of methods that employ VSMs. Consequently, a dimensionality reduction technique is employed to alleviate this problem. This paper introduces a new method, called Random Manhattan Indexing (RMI), for the construction of L1 normed VSMs at reduced dimensionality. RMI combines the construction of a VSM and dimension reduction into an incremental, and thus scalable, procedure. In order to attain its goal, RMI employs the sparse Cauchy random projections.
This paper explores using chaos-based cryptography for transmitting multimedia data, mainly speech and voice messages, over public communication channels, such as the internet. The secret message to be transmitted is first converted into a one-dimensional time series, that can be cast in a digital/binary format. The main feature of the proposed technique is mapping the two levels of every corresponding bit of the time series into different multiple chaotic orbits, using a simple encryption function. This one-to-many mapping robustifies the encryption technique and makes it resilient to crypto-analysis methods that rely on associating the energy level of the signal into two binary levels, using return map attacks. A chaotic nonautonomous Duffing oscillator is chosen to implement the suggested technique, using three different parameters that are assumed unknown at the receiver side. Synchronization between the transmitter and the receiver and reconstructing the secret message, at the receiver side, is done using a Lyapunov-based adaptive technique. Achieving stable operation, tuning the required control gains, as well as effective utilization of the bandwidth of the public communication channel are investigated. Two different case studies are presented; the first one deals with text that can be expressed as 8-bit ASCII code, while the second one corresponds to an analog acoustic signal that corresponds to the voice associated with pronouncing a short sentence. Advantages and limitation of the proposed technique are highlighted, while suggesting extensions to other multimedia signals, along with their required additional computational effort.
This paper explores using chaos-based cryptography for transmitting multimedia data, mainly speech and voice messages, over public communication channels, such as the internet. The secret message to be transmitted is first converted into a one-dimensional time series, that can be cast in a digital/binary format. The main feature of the proposed technique is mapping the two levels of every corresponding bit of the time series into different multiple chaotic orbits, using a simple encryption function. This one-to-many mapping robustifies the encryption technique and makes it resilient to crypto-analysis methods that rely on associating the energy level of the signal into two binary levels, using return map attacks. A chaotic nonautonomous Duffing oscillator is chosen to implement the suggested technique, using three different parameters that are assumed unknown at the receiver side. Synchronization between the transmitter and the receiver and reconstructing the secret message, at the receiver side, is done using a Lyapunov-based adaptive technique. Achieving stable operation, tuning the required control gains, as well as effective utilization of the bandwidth of the public communication channel are investigated. Two different case studies are presented; the first one deals with text that can be expressed as 8-bit ASCII code, while the second one corresponds to an analog acoustic signal that corresponds to the voice associated with pronouncing a short sentence. Advantages and limitation of the proposed technique are highlighted, while suggesting extensions to other multimedia signals, along with their required additional computational effort.
NoSQL databases are easy to scale-out because of their flexible schema and support for BASE (Basically Available, Soft State and Eventually Consistent) properties. The process of scaling-out in most of these databases is supported by sharding which is considered as the key feature in providing faster reads and writes to the database. However, securing the data sharded over various servers is a challenging problem because of the data being distributedly processed and transmitted over the unsecured network. Though, extensive research has been performed on NoSQL sharding mechanisms but no specific criterion has been defined to analyze the security of sharded architecture. This paper proposes an assessment criterion comprising various security features for the analysis of sharded NoSQL databases. It presents a detailed view of the security features offered by NoSQL databases and analyzes them with respect to proposed assessment criteria. The presented analysis helps various organizations in the selection of appropriate and reliable database in accordance with their preferences and security requirements.
The advancement in technology has changed how people work and what software and hardware people use. From conventional personal computer to GPU, hardware technology and capability have dramatically improved so does the operating systems that come along. Unfortunately, current industry practice to compare OS is performed with single perspective. It is either benchmark the hardware level performance or performs penetration testing to check the security features of an OS. This rigid method of benchmarking does not really reflect the true performance of an OS as the performance analysis is not comprehensive and conclusive. To illustrate this deficiency, the study performed hardware level and operational level benchmarking on Windows XP, Windows 7 and Windows 8 and the results indicate that there are instances where Windows XP excels over its newer counterparts. Overall, the research shows Windows 8 is a superior OS in comparison to its predecessors running on the same hardware. Furthermore, the findings also show that the automated benchmarking tools are proved less efficient benchmark systems that run on Windows XP and older OS as they do not support DirectX 11 and other advanced features that the hardware supports. There lies the need to have a unified benchmarking approach to compare other aspects of OS such as user oriented tasks and security parameters to provide a complete comparison. Therefore, this paper is proposing a unified approach for Operating System (OS) comparisons with the help of a Windows OS case study. This unified approach includes comparison of OS from three aspects which are; hardware level, operational level performance and security tests.
Internet of things (IoT) is internetworking of various physical devices to provide a range of services and applications. IoT is a rapidly growing field, on an account of this; the security measurements for IoT should be at first concern. In the modern day world, the most emerging cyber-attack threat for IoT is ransomware attack. Ransomware is a kind of malware with the aim of rendering a victim's computer unusable or inaccessible, and then asking the user to pay a ransom to revert the destruction. In this paper we are evaluating ransomware attacks statistics for the past 2 years and the present year to estimate growth rate of the most emerging ransomware families from the last 3 years to evaluate most threatening ransomware attacks for IoT. Growth rate results shows that the number of attacks for Cryptowall and locky ransomware are notably increasing therefore, these ransomware families are potential threat to IoT. Moreover, we present a Cryptowall ransomware attack detection model based on the communication and behavioral study of Cryptowall for IoT environment. The proposed model observes incoming TCP/IP traffic through web proxy server then extracts TCP/IP header and uses command and control (C&C) server black listing to detect ransomware attacks.
A number of small Open Source projects let independent providers measure different aspects of their quality that would otherwise be hard to see. This paper describes this observation as the pattern Quality Attestation. Quality Attestation belongs to a family of Open Source patterns written by various authors.
Nanonetworks consist of nanomachines that perform simple tasks (sensing, data processing and communication) at molecular scale. Nanonetworks promise novel solutions in various fields, such as biomedical, industrial and military. Reliable nanocommunications require error control. ARQ and complex Forward Error Correction (FEC) are not appropriate in nano-devices due to the peculiarities of Terahertz band, limited computation complexity and energy capacity. In this paper we propose Simple Block Nanocode (SBN) to provide reliable data transmission in electromagnetic nanocommunications. We compare it with the two reliable transmission codes in nanonetworks in the literature, minimum energy channel (MEC) and Low Weight Channel (LWC) codes. The results show that SBN outperforms MEC and LWC in terms of reliability and image quality at receiver. The results also show that a nano-device (with nano-camera) with harvesting module has enough energy to support perpetual image transmission.
Nowadays, the Internet is developed, so that the requirements for on- and offline data storage have increased. Large storage IT projects, are related to large costs and high level of business risk. A storage service provider (SSP) provides computer storage space and management. In addition to that, it offers also back-up and archiving. Despite this, many companies fears security, privacy and integrity of outsourced data. As a solution, File Assured Deletion (FADE) is a system built upon standard cryptographic issues. It aims to guarantee their privacy and integrity, and most importantly, assuredly deleted files to make them unrecoverable to anybody (including those who manage the cloud storage) upon revocations of file access policies, by encrypting outsourced data files. Unfortunately, This system remains weak, in case the key manager's security is compromised. Our work provides a new scheme that aims to improve the security of FADE by using the TPM (Trusted Platform Module) that stores safely keys, passwords and digital certificates.
Web Application becomes the leading solution for the utilization of systems that need access globally, distributed, cost-effective, as well as the diversity of the content that can run on this technology. At the same time web application security have always been a major issue that must be considered due to the fact that 60% of Internet attacks targeting web application platform. One of the biggest impacts on this technology is Cross Site Scripting (XSS) attack, the most frequently occurred and are always in the TOP 10 list of Open Web Application Security Project (OWASP). Vulnerabilities in this attack occur in the absence of checking, testing, and the attention about secure coding practices. There are several alternatives to prevent the attacks that associated with this threat. Network Intrusion Detection System can be used as one solution to prevent the influence of XSS Attack. This paper investigates the XSS attack recognition and detection using regular expression pattern matching and a preprocessing method. Experiments are conducted on a testbed with the aim to reveal the behaviour of the attack.