Visible to the public Biblio

Filters: Keyword is risk  [Clear All Filters]
Su, K.-M., Liu, I.-H., Li, J.-S..  2020.  The Risk of Industrial Control System Programmable Logic Controller Default Configurations. 2020 International Computer Symposium (ICS). :443—447.
In recent years, many devices in industrial control systems (ICS) equip Ethernet modules for more efficient communication and more fiexible deployment. Many communication protocols of those devices are based on internet protocol, which brings the above benefits but also makes it easier to access by anyone including attackers. In the case of using the factory default configurations, we wiiˆ demonstrate how to easily modify the programmable logic controllers (PLCs) program through the Integrated Development Environment provided by the manufacturer under the security protection of PLC not set properly and discuss the severity of it.
Volkov, A. I., Semin, V. G., Khakimullin, E. R..  2020.  Modeling the Structures of Threats to Information Security Risks based on a Fuzzy Approach. 2020 International Conference Quality Management, Transport and Information Security, Information Technologies (IT QM IS). :132—135.

The article deals with the development and implementation of a method for synthesizing structures of threats and risks to information security based on a fuzzy approach. We consider a method for modeling threat structures based on structural abstractions: aggregation, generalization, and Association. It is shown that the considered forms of structural abstractions allow implementing the processes of Ascending and Descending inheritance. characteristics of the threats. A database of fuzzy rules based on procedural abstractions has been developed and implemented in the fuzzy logic tool environment Fussy Logic.

Maklachkova, V. V., Dokuchaev, V. A., Statev, V. Y..  2020.  Risks Identification in the Exploitation of a Geographically Distributed Cloud Infrastructure for Storing Personal Data. 2020 International Conference on Engineering Management of Communication and Technology (EMCTECH). :1—6.

Throughout the life cycle of any technical project, the enterprise needs to assess the risks associated with its development, commissioning, operation and decommissioning. This article defines the task of researching risks in relation to the operation of a data storage subsystem in the cloud infrastructure of a geographically distributed company and the tools that are required for this. Analysts point out that, compared to 2018, in 2019 there were 3.5 times more cases of confidential information leaks from storages on unprotected (freely accessible due to incorrect configuration) servers in cloud services. The total number of compromised personal data and payment information records increased 5.4 times compared to 2018 and amounted to more than 8.35 billion records. Moreover, the share of leaks of payment information has decreased, but the percentage of leaks of personal data has grown and accounts for almost 90% of all leaks from cloud storage. On average, each unsecured service identified resulted in 33.7 million personal data records being leaked. Leaks are mainly related to misconfiguration of services and stored resources, as well as human factors. These impacts can be minimized by improving the skills of cloud storage administrators and regularly auditing storage. Despite its seeming insecurity, the cloud is a reliable way of storing data. At the same time, leaks are still occurring. According to Kaspersky Lab, every tenth (11%) data leak from the cloud became possible due to the actions of the provider, while a third of all cyber incidents in the cloud (31% in Russia and 33% in the world) were due to gullibility company employees caught up in social engineering techniques. Minimizing the risks associated with the storage of personal data is one of the main tasks when operating a company's cloud infrastructure.

DiMase, D., Collier, Z. A., Chandy, J., Cohen, B. S., D'Anna, G., Dunlap, H., Hallman, J., Mandelbaum, J., Ritchie, J., Vessels, L..  2020.  A Holistic Approach to Cyber Physical Systems Security and Resilience. 2020 IEEE Systems Security Symposium (SSS). :1—8.

A critical need exists for collaboration and action by government, industry, and academia to address cyber weaknesses or vulnerabilities inherent to embedded or cyber physical systems (CPS). These vulnerabilities are introduced as we leverage technologies, methods, products, and services from the global supply chain throughout a system's lifecycle. As adversaries are exploiting these weaknesses as access points for malicious purposes, solutions for system security and resilience become a priority call for action. The SAE G-32 Cyber Physical Systems Security Committee has been convened to address this complex challenge. The SAE G-32 will take a holistic systems engineering approach to integrate system security considerations to develop a Cyber Physical System Security Framework. This framework is intended to bring together multiple industries and develop a method and common language which will enable us to more effectively, efficiently, and consistently communicate a risk, cost, and performance trade space. The standard will allow System Integrators to make decisions utilizing a common framework and language to develop affordable, trustworthy, resilient, and secure systems.

Ajenaghughrure, I. B., Sousa, S. C. da Costa, Lamas, D..  2020.  Risk and Trust in artificial intelligence technologies: A case study of Autonomous Vehicles. 2020 13th International Conference on Human System Interaction (HSI). :118–123.
This study investigates how risk influences users' trust before and after interactions with technologies such as autonomous vehicles (AVs'). Also, the psychophysiological correlates of users' trust from users” eletrodermal activity responses. Eighteen (18) carefully selected participants embark on a hypothetical trip playing an autonomous vehicle driving game. In order to stay safe, throughout the drive experience under four risk conditions (very high risk, high risk, low risk and no risk) that are based on automotive safety and integrity levels (ASIL D, C, B, A), participants exhibit either high or low trust by evaluating the AVs' to be highly or less trustworthy and consequently relying on the Artificial intelligence or the joystick to control the vehicle. The result of the experiment shows that there is significant increase in users' trust and user's delegation of controls to AVs' as risk decreases and vice-versa. In addition, there was a significant difference between user's initial trust before and after interacting with AVs' under varying risk conditions. Finally, there was a significant correlation in users' psychophysiological responses (electrodermal activity) when exhibiting higher and lower trust levels towards AVs'. The implications of these results and future research opportunities are discussed.
Dwivedi, A..  2018.  Implementing Cyber Resilient Designs through Graph Analytics Assisted Model Based Systems Engineering. 2018 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C). :607–616.
Model Based Systems Engineering (MBSE) adds efficiency during all phases of the design lifecycle. MBSE tools enforce design policies and rules to capture the design elements, inter-element relationships, and their attributes in a consistent manner. The system elements, and attributes are captured and stored in a centralized MBSE database for future retrieval. Systems that depend on computer networks can be designed using MBSE to meet cybersecurity and resilience requirements. At each step of a structured systems engineering methodology, decisions need to be made regarding the selection of architecture and designs that mitigate cyber risk and enhance cyber resilience. Detailed risk and decision analysis methods involve complex models and computations which are often characterized as a Big Data analytic problem. In this paper, we argue in favor of using graph analytic methods with model based systems engineering to support risk and decision analyses when engineering cyber resilient systems.
Payne, Josh, Budhraja, Karan, Kundu, Ashish.  2019.  How Secure Is Your IoT Network? 2019 IEEE International Congress on Internet of Things (ICIOT). :181—188.

The proliferation of IoT devices in smart homes, hospitals, and enterprise networks is wide-spread and continuing to increase in a superlinear manner. The question is: how can one assess the security of an IoT network in a holistic manner? In this paper, we have explored two dimensions of security assessment- using vulnerability information and attack vectors of IoT devices and their underlying components (compositional security scores) and using SIEM logs captured from the communications and operations of such devices in a network (dynamic activity metrics). These measures are used to evaluate the security of IoT devices and the overall IoT network, demonstrating the effectiveness of attack circuits as practical tools for computing security metrics (exploitability, impact, and risk to confidentiality, integrity, and availability) of the network. We decided to approach threat modeling using attack graphs. To that end, we propose the notion of attack circuits, which are generated from input/output pairs constructed from CVEs using NLP, and an attack graph composed of these circuits. Our system provides insight into possible attack paths an adversary may utilize based on their exploitability, impact, or overall risk. We have performed experiments on IoT networks to demonstrate the efficacy of the proposed techniques.

Sheela, A., Revathi, S., Iqbal, Atif.  2019.  Cyber Risks Assessment For Intelligent And Non-Intelligent Attacks In Power System. 2019 2nd International Conference on Power and Embedded Drive Control (ICPEDC). :40–45.
Smart power grid is a perfect model of Cyber Physical System (CPS) which is an important component for a comfortable life. The major concern of the electrical network is safety and reliable operation. A cyber attacker in the operation of power system would create a major damage to the entire power system structure and affect the continuity of the power supply by adversely changing its parameters. A risk assessment method is presented for evaluating the cyber security assessment of power systems taking into consideration the need for protection systems. The paper considers the impact of bus and transmission line protection systems located in substations on the cyber physical performance of power systems. The proposed method is to simulate the response of power systems to sudden attacks on various power system preset value and parameters. This paper focuses on the cyber attacks which occur in a co-ordinated way so that many power system components will be in risk. The risk can be modelled as the combined probability of power system impact due to attacks and of successful interruption into the system. Stochastic Petri Nets is employed for assessing the risks. The effectiveness of the proposed cyber security risk assessment method is simulated for a IEEE39 bus system.
Stoykov, Stoyko.  2019.  Risk Management as a Strategic Management Element in the Security System. 2019 International Conference on Creative Business for Smart and Sustainable Growth (CREBUS). :1–4.
Strategic management and security risk management are part of the general government of the country, and therefore it is not possible to examine it separately and even if it was, one separate examination would not have give us a complete idea of how to implement this process. A modern understanding of the strategic security management requires not only continuous efforts to improve security policy formation and implementation but also new approaches and particular solutions to modernize the security system by making it adequate to the requirements of the dynamic security environment.
Nakamura, Emilio, Ribeiro, Sérgio.  2019.  Risk-Based Attributed Access Control Modelling in a Health Platform: Results from Project CityZen. 2019 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC). :391–398.

This paper presents an access control modelling that integrates risk assessment elements in the attribute-based model to organize the identification, authentication and authorization rules. Access control is complex in integrated systems, which have different actors accessing different information in multiple levels. In addition, systems are composed by different components, much of them from different developers. This requires a complete supply chain trust to protect the many existent actors, their privacy and the entire ecosystem. The incorporation of the risk assessment element introduces additional variables like the current environment of the subjects and objects, time of the day and other variables to help produce more efficient and effective decisions in terms of granting access to specific objects. The risk-based attributed access control modelling was applied in a health platform, Project CityZen.

Tucker, Scot.  2018.  Engineering Trust: A Graph-Based Algorithm for Modeling, Validating, and Evaluating Trust. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :1–9.
Trust is an important topic in today's interconnected world. Breaches of trust in today's systems has had profound effects upon us all, and they are very difficult and costly to fix especially when caused by flaws in the system's architecture. Trust modeling can expose these types of issues, but modeling trust in complex multi-tiered system architectures can be very difficult. Often experts have differing views of trust and how it applies to systems within their domain. This work presents a graph-based modeling methodology that normalizes the application of trust across disparate system domains allowing the modeling of complex intersystem trust relationships. An algorithm is proposed that applies graph theory to model, validate and evaluate trust in system architectures. Also, it provides the means to apply metrics to compare and prioritize the effectiveness of trust management in system and component architectures. The results produced by the algorithm can be used in conjunction with systems engineering processes to ensure both trust and the efficient use of resources.
Lewis, Matt.  2018.  Using Graph Databases to Assess the Security of Thingernets Based on the Thingabilities and Thingertivity of Things. Living in the Internet of Things: Cybersecurity of the IoT - 2018. :1-9.

Security within the IoT is currently below par. Common security issues include IoT device vendors not following security best practices and/or omitting crucial security controls and features within their devices, lack of defined and mandated IoT security standards, default IoT device configurations, missing secure update mechanisms to rectify security flaws discovered in IoT devices and the overall unintended consequence of complexity - the attack surface of networks comprising IoT devices can increase exponentially with the addition of each new device. In this paper we set out an approach using graphs and graph databases to understand IoT network complexity and the impact that different devices and their profiles have on the overall security of the underlying network and its associated data.

Davari, Maryam, Bertino, Elisa.  2018.  Reactive Access Control Systems. Proceedings of the 23Nd ACM on Symposium on Access Control Models and Technologies. :205-207.

In context-aware applications, user's access privileges rely on both user's identity and context. Access control rules are usually statically defined while contexts and the system state can change dynamically. Changes in contexts can result in service disruptions. To address this issue, this poster proposes a reactive access control system that associates contingency plans with access control rules. Risk scores are also associated with actions part of the contingency plans. Such risks are estimated by using fuzzy inference. Our approach is cast into the XACML reference architecture.

Chen, L., Liu, J., Ha, W..  2018.  Cloud Service Risk in the Smart Grid. 2018 14th International Conference on Computational Intelligence and Security (CIS). :242–244.

Smart grid utilizes cloud service to realize reliable, efficient, secured, and cost-effective power management, but there are a number of security risks in the cloud service of smart grid. The security risks are particularly problematic to operators of power information infrastructure who want to leverage the benefits of cloud. In this paper, security risk of cloud service in the smart grid are categorized and analyzed characteristics, and multi-layered index system of general technical risks is established, which applies to different patterns of cloud service. Cloud service risk of smart grid can evaluate according indexes.

Herald, N. E., David, M. W..  2018.  A Framework for Making Effective Responses to Cyberattacks. 2018 IEEE International Conference on Big Data (Big Data). :4798–4805.
The process for determining how to respond to a cyberattack involves evaluating many factors, including some with competing risks. Consequentially, decision makers in the private sector and policymakers in the U.S. government (USG) need a framework in order to make effective response decisions. The authors' research identified two competing risks: 1) the risk of not responding forcefully enough to deter a suspected attacker, and 2) responding in a manner that escalates a situation with an attacker. The authors also identified three primary factors that influence these risks: attribution confidence/time, the scale of the attack, and the relationship with the suspected attacker. This paper provides a framework to help decision makers understand how these factors interact to influence the risks associated with potential response options to cyberattacks. The views expressed do not reflect the official policy or position of the National Intelligence University, the Department of Defense, the U.S. Intelligence Community, or the U.S. Government.
Khayyam, Y. E., Herrou, B..  2017.  Risk assessment of the supply chain: Approach based on analytic hierarchy process and group decision-making. 2017 International Colloquium on Logistics and Supply Chain Management (LOGISTIQUA). :135–141.

Faced with a turbulent economic, political and social environment, Companies need to build effective risk management systems in their supply chains. Risk management can only be effective when the risks identification and analysis are enough accurate. In this perspective, this paper proposes a risk assessment approach based on the analytic hierarchy process and group decision making. In this study, a new method is introduced that will reduce the impact of incoherent judgments on group decision-making, It is, the “reduced weight function” that decreases the weight associated to a member of the expert panel based on the consistency of its judgments.

Petracca, Giuseppe, Capobianco, Frank, Skalka, Christian, Jaeger, Trent.  2017.  On Risk in Access Control Enforcement. Proceedings of the 22Nd ACM on Symposium on Access Control Models and Technologies. :31–42.

While we have long had principles describing how access control enforcement should be implemented, such as the reference monitor concept, imprecision in access control mechanisms and access control policies leads to risks that may enable exploitation. In practice, least privilege access control policies often allow information flows that may enable exploits. In addition, the implementation of access control mechanisms often tries to balance security with ease of use implicitly (e.g., with respect to determining where to place authorization hooks) and approaches to tighten access control, such as accounting for program context, are ad hoc. In this paper, we define four types of risks in access control enforcement and explore possible approaches and challenges in tracking those types of risks. In principle, we advocate runtime tracking to produce risk estimates for each of these types of risk. To better understand the potential of risk estimation for authorization, we propose risk estimate functions for each of the four types of risk, finding that benign program deployments accumulate risks in each of the four areas for ten Android programs examined. As a result, we find that tracking of relative risk may be useful for guiding changes to security choices, such as authorized unsafe operations or placement of authorization checks, when risk differs from that expected.

Pearson, Carl J., Welk, Allaire K., Boettcher, William A., Mayer, Roger C., Streck, Sean, Simons-Rudolph, Joseph M., Mayhorn, Christopher B..  2016.  Differences in Trust Between Human and Automated Decision Aids. Proceedings of the Symposium and Bootcamp on the Science of Security. :95–98.

Humans can easily find themselves in high cost situations where they must choose between suggestions made by an automated decision aid and a conflicting human decision aid. Previous research indicates that humans often rely on automation or other humans, but not both simultaneously. Expanding on previous work conducted by Lyons and Stokes (2012), the current experiment measures how trust in automated or human decision aids differs along with perceived risk and workload. The simulated task required 126 participants to choose the safest route for a military convoy; they were presented with conflicting information from an automated tool and a human. Results demonstrated that as workload increased, trust in automation decreased. As the perceived risk increased, trust in the human decision aid increased. Individual differences in dispositional trust correlated with an increased trust in both decision aids. These findings can be used to inform training programs for operators who may receive information from human and automated sources. Examples of this context include: air traffic control, aviation, and signals intelligence.

Frey, Sylvain, Rashid, Awais, Zanutto, Alberto, Busby, Jerry, Follis, Karolina.  2016.  On the Role of Latent Design Conditions in Cyber-physical Systems Security. Proceedings of the 2Nd International Workshop on Software Engineering for Smart Cyber-Physical Systems. :43–46.

As cyber-physical systems (CPS) become prevalent in everyday life, it is critical to understand the factors that may impact the security of such systems. In this paper, we present insights from an initial study of historical security incidents to analyse such factors for a particular class of CPS: industrial control systems (ICS). Our study challenges the usual tendency to blame human fallibility or resort to simple explanations for what are often complex issues that lead to a security incident. We highlight that (i) perception errors are key in such incidents (ii) latent design conditions – e.g., improper specifications of a system's borders and capabilities – play a fundamental role in shaping perceptions, leading to security issues. Such design-time considerations are particularly critical for ICS, the life-cycle of which is usually measured in decades. Based on this analysis, we discuss how key characteristics of future smart CPS in such industrial settings can pose further challenges with regards to tackling latent design flaws.

Munaiah, Nuthan, Meneely, Andrew.  2016.  Beyond the Attack Surface: Assessing Security Risk with Random Walks on Call Graphs. Proceedings of the 2016 ACM Workshop on Software PROtection. :3–14.

When reasoning about software security, researchers and practitioners use the phrase ``attack surface'' as a metaphor for risk. Enumerate and minimize the ways attackers can break in then risk is reduced and the system is better protected, the metaphor says. But software systems are much more complicated than their surfaces. We propose function- and file-level attack surface metrics–-proximity and risky walk–-that enable fine-grained risk assessment. Our risky walk metric is highly configurable: we use PageRank on a probability-weighted call graph to simulate attacker behavior of finding or exploiting a vulnerability. We provide evidence-based guidance for deploying these metrics, including an extensive parameter tuning study. We conducted an empirical study on two large open source projects, FFmpeg and Wireshark, to investigate the potential correlation between our metrics and historical post-release vulnerabilities. We found our metrics to be statistically significantly associated with vulnerable functions/files with a small-to-large Cohen's d effect size. Our prediction model achieved an increase of 36% (in FFmpeg) and 27% (in Wireshark) in the average value of F-measure over a base model built with SLOC and coupling metrics. Our prediction model outperformed comparable models from prior literature with notable improvements: 58% reduction in false negative rate, 81% reduction in false positive rate, and 548% increase in F-measure. These metrics advance vulnerability prevention by [(a)] being flexible in terms of granularity, performing better than vulnerability prediction literature, and being tunable so that practitioners can tailor the metrics to their products and better assess security risk.

Kjølle, G. H., Gjerde, O..  2015.  Vulnerability analysis related to extraordinary events in power systems. 2015 IEEE Eindhoven PowerTech. :1–6.

A novel approach is developed for analyzing power system vulnerability related to extraordinary events. Vulnerability analyses are necessary for identification of barriers to prevent such events and as a basis for the emergency preparedness. Identification of cause and effect relationships to reveal vulnerabilities related to extraordinary events is a complex and difficult task. In the proposed approach, the analysis starts by identifying the critical consequences. Then the critical contingencies and operating states, and which external threats and causes that may result in such severe consequences, are identified. This is opposed to the traditional risk and vulnerability analysis which starts by analyzing threats and what can happen as a chain of events. The vulnerability analysis methodology is tested and demonstrated on real systems.

Wang, C. H., Wu, M. E., Chen, C. M..  2015.  Inspection Risk and Delay for Screening Cargo Containers at Security Checkpoints. 2015 International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP). :211–214.

There are relatively fewer studies on the security-check waiting lines for screening cargo containers using queueing models. In this paper, we address two important measures at a security-check system, which are concerning the security screening effectiveness and the efficiency. The goal of this paper is to provide a modelling framework to understand the economic trade-offs embedded in container-inspection decisions. In order to analyze the policy initiatives, we develop a stylized queueing model with the novel features pertaining to the security checkpoints.

Dehghanniri, H., Letier, E., Borrion, H..  2015.  Improving security decision under uncertainty: A multidisciplinary approach. 2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA). :1–7.

Security decision-making is a critical task in tackling security threats affecting a system or process. It often involves selecting a suitable resolution action to tackle an identified security risk. To support this selection process, decision-makers should be able to evaluate and compare available decision options. This article introduces a modelling language that can be used to represent the effects of resolution actions on the stakeholders' goals, the crime process, and the attacker. In order to reach this aim, we develop a multidisciplinary framework that combines existing knowledge from the fields of software engineering, crime science, risk assessment, and quantitative decision analysis. The framework is illustrated through an application to a case of identity theft.

Gonzalez-Longatt, F., Carmona-Delgado, C., Riquelme, J., Burgos, M., Rueda, J. L..  2015.  Risk-based DC security assessment for future DC-independent system operator. 2015 International Conference on Energy Economics and Environment (ICEEE). :1–8.

The use of multi-terminal HVDC to integrate wind power coming from the North Sea opens de door for a new transmission system model, the DC-Independent System Operator (DC-ISO). DC-ISO will face highly stressed and varying conditions that requires new risk assessment tools to ensure security of supply. This paper proposes a novel risk-based static security assessment methodology named risk-based DC security assessment (RB-DCSA). It combines a probabilistic approach to include uncertainties and a fuzzy inference system to quantify the systemic and individual component risk associated with operational scenarios considering uncertainties. The proposed methodology is illustrated using a multi-terminal HVDC system where the variability of wind speed at the offshore wind is included.

Pearson, Carl J., Welk, Allaire K., Boettcher, William A., Mayer, Roger C., Streck, Sean, Simons-Rudolph, Joseph M., Mayhorn, Christopher B..  2016.  Differences in Trust Between Human and Automated Decision Aids. Proceedings of the Symposium and Bootcamp on the Science of Security. :95–98.

Humans can easily find themselves in high cost situations where they must choose between suggestions made by an automated decision aid and a conflicting human decision aid. Previous research indicates that humans often rely on automation or other humans, but not both simultaneously. Expanding on previous work conducted by Lyons and Stokes (2012), the current experiment measures how trust in automated or human decision aids differs along with perceived risk and workload. The simulated task required 126 participants to choose the safest route for a military convoy; they were presented with conflicting information from an automated tool and a human. Results demonstrated that as workload increased, trust in automation decreased. As the perceived risk increased, trust in the human decision aid increased. Individual differences in dispositional trust correlated with an increased trust in both decision aids. These findings can be used to inform training programs for operators who may receive information from human and automated sources. Examples of this context include: air traffic control, aviation, and signals intelligence.