Visible to the public Biblio

Filters: Keyword is Ethernet  [Clear All Filters]
Li, Yuekang, Chen, Hongxu, Zhang, Cen, Xiong, Siyang, Liu, Chaoyi, Wang, Yi.  2020.  Ori: A Greybox Fuzzer for SOME/IP Protocols in Automotive Ethernet. 2020 27th Asia-Pacific Software Engineering Conference (APSEC). :495—499.
With the emergence of smart automotive devices, the data communication between these devices gains increasing importance. SOME/IP is a light-weight protocol to facilitate inter- process/device communication, which supports both procedural calls and event notifications. Because of its simplicity and capability, SOME/IP is getting adopted by more and more automotive devices. Subsequently, the security of SOME/IP applications becomes crucial. However, previous security testing techniques cannot fit the scenario of vulnerability detection SOME/IP applications due to miscellaneous challenges such as the difficulty of server-side testing programs in parallel, etc. By addressing these challenges, we propose Ori - a greybox fuzzer for SOME/IP applications, which features two key innovations: the attach fuzzing mode and structural mutation. The attach fuzzing mode enables Ori to test server programs efficiently, and the structural mutation allows Ori to generate valid SOME/IP packets to reach deep paths of the target program effectively. Our evaluation shows that Ori can detect vulnerabilities in SOME/IP applications effectively and efficiently.
Su, K.-M., Liu, I.-H., Li, J.-S..  2020.  The Risk of Industrial Control System Programmable Logic Controller Default Configurations. 2020 International Computer Symposium (ICS). :443—447.
In recent years, many devices in industrial control systems (ICS) equip Ethernet modules for more efficient communication and more fiexible deployment. Many communication protocols of those devices are based on internet protocol, which brings the above benefits but also makes it easier to access by anyone including attackers. In the case of using the factory default configurations, we wiiˆ demonstrate how to easily modify the programmable logic controllers (PLCs) program through the Integrated Development Environment provided by the manufacturer under the security protection of PLC not set properly and discuss the severity of it.
Gu, Bruce, Wang, Xiaodong, Qu, Youyang, Jin, Jiong, Xiang, Yong, Gao, Longxiang.  2019.  Context-Aware Privacy Preservation in a Hierarchical Fog Computing System. ICC 2019 - 2019 IEEE International Conference on Communications (ICC). :1–6.
Fog computing faces various security and privacy threats. Internet of Things (IoTs) devices have limited computing, storage, and other resources. They are vulnerable to attack by adversaries. Although the existing privacy-preserving solutions in fog computing can be migrated to address some privacy issues, specific privacy challenges still exist because of the unique features of fog computing, such as the decentralized and hierarchical infrastructure, mobility, location and content-aware applications. Unfortunately, privacy-preserving issues and resources in fog computing have not been systematically identified, especially the privacy preservation in multiple fog node communication with end users. In this paper, we propose a dynamic MDP-based privacy-preserving model in zero-sum game to identify the efficiency of the privacy loss and payoff changes to preserve sensitive content in a fog computing environment. First, we develop a new dynamic model with MDP-based comprehensive algorithms. Then, extensive experimental results identify the significance of the proposed model compared with others in more effectively and feasibly solving the discussed issues.
Yoshikawa, Takashi, Date, Susumu, Watashiba, Yasuhiro, Matsui, Yuki, Nozaki, Kazunori, Murakami, Shinya, Lee, Chonho, Hida, Masami, Shimojo, Shinji.  2019.  Secure Staging System for Highly Confidential Data Built on Reconfigurable Computing Platform. 2019 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC). :308–313.
Cloud use for High Performance Computing (HPC) and High Performance Data Analytics (HPDA) is increasing. The data are transferred to the cloud and usually left there even after the data being processed. There is security concern for such data being left online. We propose secure staging system to prepare not only data but also computing platform for processing the data dynamically just while the data is processed. The data plane of the secure staging system has dynamic reconfigurability with several lower-than-IP-layer partitioning mechanisms. The control plane consists of a scheduler and a resource provisioner working together to reconfigure the partitioning in the data plane dynamically. A field trial system is deployed for treating secure data in dental school to be processed in the computer center with the location distance of 1km. The system shows high score in the Common Vulnerability Scoring System (CVSS) evaluation.
Liu, Zhikun, Gui, Canzhi, Ma, Chao.  2019.  Design and Verification of Integrated Ship Monitoring Network with High Reliability and Zero-Time Self-Healing. 2019 Chinese Control And Decision Conference (CCDC). :2348–2351.
The realization principle of zero-time self-healing network communication technology is introduced. According to the characteristics of ship monitoring, an integrated ship monitoring network is designed, which integrates the information of ship monitoring equipment. By setting up a network performance test environment, the information delay of self-healing network switch is tested, and the technical characteristics of "no packet loss" are verified. Zero-time self-healing network communication technology is an innovative technology in the design of ship monitoring network. It will greatly reduce the laying of network cables, reduce the workload of information upgrade and transformation of ships, and has the characteristics of continuous maintenance of the network. It has a wide application prospect.
Yousef, K. M. A., AlMajali, A., Hasan, R., Dweik, W., Mohd, B..  2017.  Security risk assessment of the PeopleBot mobile robot research platform. 2017 International Conference on Electrical and Computing Technologies and Applications (ICECTA). :1–5.

Nowadays, robots are widely ubiquitous and integral part in our daily lives, which can be seen almost everywhere in industry, hospitals, military, etc. To provide remote access and control, usually robots are connected to local network or to the Internet through WiFi or Ethernet. As such, it is of great importance and of a critical mission to maintain the safety and the security access of such robots. Security threats may result in completely preventing the access and control of the robot. The consequences of this may be catastrophic and may cause an immediate physical damage to the robot. This paper aims to present a security risk assessment of the well-known PeopleBot; a mobile robot platform from Adept MobileRobots Company. Initially, we thoroughly examined security threats related to remote accessing the PeopleBot robot. We conducted an impact-oriented analysis approach on the wireless communication medium; the main method considered to remotely access the PeopleBot robot. Numerous experiments using SSH and server-client applications were conducted, and they demonstrated that certain attacks result in denying remote access service to the PeopleBot robot. Consequently and dangerously the robot becomes unavailable. Finally, we suggested one possible mitigation and provided useful conclusions to raise awareness of possible security threats on the robotic systems; especially when the robots are involved in critical missions or applications.

Khan, J..  2017.  Vehicle Network Security Testing. 2017 Third International Conference on Sensing, Signal Processing and Security (ICSSS). :119–123.

In-vehicle networks like Controller Area Network, FlexRay, Ethernet are now subjected to huge security threats where unauthorized entities can take control of the whole vehicle. This can pose very serious threats including accidents. Security features like encryption, message authentication are getting implemented in vehicle networks to counteract these issues. This paper is proposing a set of novel validation techniques to ensure that vehicle network security is fool proof. Security validation against requirements, security validation using white box approach, black box approach and grey box approaches are put forward. Test system architecture, validation of message authentication, decoding the patterns from vehicle network data, using diagnostics as a security loophole, V2V V2X loopholes, gateway module security testing are considered in detail. Aim of this research paper is to put forward a set of tools and methods for finding and reporting any security loopholes in the in-vehicle network security implementation.

Schulz, Matthias, Klapper, Patrick, Hollick, Matthias, Tews, Erik, Katzenbeisser, Stefan.  2016.  Trust The Wire, They Always Told Me!: On Practical Non-Destructive Wire-Tap Attacks Against Ethernet. Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks. :43–48.

Ethernet technology dominates enterprise and home network installations and is present in datacenters as well as parts of the backbone of the Internet. Due to its wireline nature, Ethernet networks are often assumed to intrinsically protect the exchanged data against attacks carried out by eavesdroppers and malicious attackers that do not have physical access to network devices, patch panels and network outlets. In this work, we practically evaluate the possibility of wireless attacks against wired Ethernet installations with respect to resistance against eavesdropping by using off-the-shelf software-defined radio platforms. Our results clearly indicate that twisted-pair network cables radiate enough electromagnetic waves to reconstruct transmitted frames with negligible bit error rates, even when the cables are not damaged at all. Since this allows an attacker to stay undetected, it urges the need for link layer encryption or physical layer security to protect confidentiality.

Sumec, S..  2014.  Software tool for verification of sampled values transmitted via IEC 61850-9-2 protocol. Electric Power Engineering (EPE), Proccedings of the 2014 15th International Scientific Conference on. :113-117.

Nowadays is increasingly used process bus for communication of equipments in substations. In addition to signaling various statuses of device using GOOSE messages it is possible to transmit measured values, which can be used for diagnostic of system or other advanced functions. Transmission of such values via Ethernet is well defined in protocol IEC 61850-9-2. Paper introduces a tool designed for verification of sampled values generated by various devices using this protocol.