Visible to the public Biblio

Found 2194 results

Filters: Keyword is Human Behavior  [Clear All Filters]
2019-08-05
Zhang, Chengyu, Yan, Yichen, Zhou, Hanru, Yao, Yinbo, Wu, Ke, Su, Ting, Miao, Weikai, Pu, Geguang.  2018.  Smartunit: Empirical Evaluations for Automated Unit Testing of Embedded Software in Industry. Proceedings of the 40th International Conference on Software Engineering: Software Engineering in Practice. :296-305.

In this paper, we aim at the automated unit coverage-based testing for embedded software. To achieve the goal, by analyzing the industrial requirements and our previous work on automated unit testing tool CAUT, we rebuild a new tool, SmartUnit, to solve the engineering requirements that take place in our partner companies. SmartUnit is a dynamic symbolic execution implementation, which supports statement, branch, boundary value and MC/DC coverage. SmartUnit has been used to test more than one million lines of code in real projects. For confidentiality motives, we select three in-house real projects for the empirical evaluations. We also carry out our evaluations on two open source database projects, SQLite and PostgreSQL, to test the scalability of our tool since the scale of the embedded software project is mostly not large, 5K-50K lines of code on average. From our experimental results, in general, more than 90% of functions in commercial embedded software achieve 100% statement, branch, MC/DC coverage, more than 80% of functions in SQLite achieve 100% MC/DC coverage, and more than 60% of functions in PostgreSQL achieve 100% MC/DC coverage. Moreover, SmartUnit is able to find the runtime exceptions at the unit testing level. We also have reported exceptions like array index out of bounds and divided-by-zero in SQLite. Furthermore, we analyze the reasons of low coverage in automated unit testing in our setting and give a survey on the situation of manual unit testing with respect to automated unit testing in industry.

Yao, Zhihao, Ma, Zongheng, Liu, Yingtong, Amiri Sani, Ardalan, Chandramowlishwaran, Aparna.  2018.  Sugar: Secure GPU Acceleration in Web Browsers. Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems. :519-534.

Modern personal computers have embraced increasingly powerful Graphics Processing Units (GPUs). Recently, GPU-based graphics acceleration in web apps (i.e., applications running inside a web browser) has become popular. WebGL is the main effort to provide OpenGL-like graphics for web apps and it is currently used in 53% of the top-100 websites. Unfortunately, WebGL has posed serious security concerns as several attack vectors have been demonstrated through WebGL. Web browsers\guillemotright solutions to these attacks have been reactive: discovered vulnerabilities have been patched and new runtime security checks have been added. Unfortunately, this approach leaves the system vulnerable to zero-day vulnerability exploits, especially given the large size of the Trusted Computing Base of the graphics plane. We present Sugar, a novel operating system solution that enhances the security of GPU acceleration for web apps by design. The key idea behind Sugar is using a dedicated virtual graphics plane for a web app by leveraging modern GPU virtualization solutions. A virtual graphics plane consists of a dedicated virtual GPU (or vGPU) as well as all the software graphics stack (including the device driver). Sugar enhances the system security since a virtual graphics plane is fully isolated from the rest of the system. Despite GPU virtualization overhead, we show that Sugar achieves high performance. Moreover, unlike current systems, Sugar is able to use two underlying physical GPUs, when available, to co-render the User Interface (UI): one GPU is used to provide virtual graphics planes for web apps and the other to provide the primary graphics plane for the rest of the system. Such a design not only provides strong security guarantees, it also provides enhanced performance isolation.

Xu, Cheng, Xu, Jianliang, Hu, Haibo, Au, Man Ho.  2018.  When Query Authentication Meets Fine-Grained Access Control: A Zero-Knowledge Approach. Proceedings of the 2018 International Conference on Management of Data. :147-162.

Query authentication has been extensively studied to ensure the integrity of query results for outsourced databases, which are often not fully trusted. However, access control, another important security concern, is largely ignored by existing works. Notably, recent breakthroughs in cryptography have enabled fine-grained access control over outsourced data. In this paper, we take the first step toward studying the problem of authenticating relational queries with fine-grained access control. The key challenge is how to protect information confidentiality during query authentication, which is essential to many critical applications. To address this challenge, we propose a novel access-policy-preserving (APP) signature as the primitive authenticated data structure. A useful property of the APP signature is that it can be used to derive customized signatures for unauthorized users to prove the inaccessibility while achieving the zero-knowledge confidentiality. We also propose a grid-index-based tree structure that can aggregate APP signatures for efficient range and join query authentication. In addition to this, a number of optimization techniques are proposed to further improve the authentication performance. Security analysis and performance evaluation show that the proposed solutions and techniques are robust and efficient under various system settings.

Gennaro, Rosario, Minelli, Michele, Nitulescu, Anca, Orrù, Michele.  2018.  Lattice-Based Zk-SNARKs from Square Span Programs. Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. :556-573.

Zero-knowledge SNARKs (zk-SNARKs) are non-interactive proof systems with short and efficiently verifiable proofs. They elegantly resolve the juxtaposition of individual privacy and public trust, by providing an efficient way of demonstrating knowledge of secret information without actually revealing it. To this day, zk-SNARKs are being used for delegating computation, electronic cryptocurrencies, and anonymous credentials. However, all current SNARKs implementations rely on pre-quantum assumptions and, for this reason, are not expected to withstand cryptanalitic efforts over the next few decades. In this work, we introduce the first designated-verifier zk-SNARK based on lattice assumptions, which are believed to be post-quantum secure. We provide a generalization in the spirit of Gennaro et al. (Eurocrypt'13) to the SNARK of Danezis et al. (Asiacrypt'14) that is based on Square Span Programs (SSPs) and relies on weaker computational assumptions. We focus on designated-verifier proofs and propose a protocol in which a proof consists of just 5 LWE encodings. We provide a concrete choice of parameters as well as extensive benchmarks on a C implementation, showing that our construction is practically instantiable.

Glaser, Alexander.  2018.  Hardware Security at the Limit: Nuclear Verification and Arms Control. Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security. :40-40.

Nuclear weapons have re-emerged as one the main global security challenges of our time. Any further reductions in the nuclear arsenals will have to rely on robust verification mechanisms. This requires, in particular, trusted measurement systems to confirm the authenticity of nuclear warheads based on their radiation signatures. These signatures are considered extremely sensitive information, and inspection systems have to be designed to protect them. To accomplish this task, so-called information barriers" have been proposed. These devices process sensitive information acquired during an inspection, but only display results in a pass/fail manner. Traditional inspection systems rely on complex electronics both for data acquisition and processing. Several research efforts have produced prototype systems, but after almost thirty years of research and development, no viable and widely accepted system has emerged. This talk highlights recent efforts to overcome this impasse. A first approach is to avoid electronics in critical parts of the measurement process altogether and to rely instead on physical phenomena to detect radiation and to confirm a unique fingerprint of the inspected warhead using a zero-knowledge protocol. A second approach is based on a radiation detection system using vintage electronics built around a 6502 processor. Hardware designed in the distant past, at a time when its use for sensitive measurements was never envisioned, may drastically reduce concerns that another party implemented backdoors or hidden switches. Sensitive information is only stored on traditional punched cards. The talk concludes with a roadmap and highlights opportunities for researchers from the hardware security community to make critical contributions to nuclear arms control and global security in the years ahead.

Tao, Y., Lei, Z., Ruxiang, P..  2018.  Fine-Grained Big Data Security Method Based on Zero Trust Model. 2018 IEEE 24th International Conference on Parallel and Distributed Systems (ICPADS). :1040-1045.

With the rapid development of big data technology, the requirement of data processing capacity and efficiency result in failure of a number of legacy security technologies, especially in the data security domain. Data security risks became extremely important for big data usage. We introduced a novel method to preform big data security control, which comprises three steps, namely, user context recognition based on zero trust, fine-grained data access authentication control, and data access audit based on full network traffic to recognize and intercept risky data access in big data environment. Experiments conducted on the fine-grained big data security method based on the zero trust model of drug-related information analysis system demonstrated that this method can identify the majority of data security risks.

Samaniego, M., Deters, R..  2018.  Zero-Trust Hierarchical Management in IoT. 2018 IEEE International Congress on Internet of Things (ICIOT). :88-95.

Internet of Things (IoT) is experiencing exponential scalability. This scalability introduces new challenges regarding management of IoT networks. The question that emerges is how we can trust the constrained infrastructure that shortly is expected to be formed by millions of 'things.' The answer is not to trust. This research introduces Amatista, a blockchain-based middleware for management in IoT. Amatista presents a novel zero-trust hierarchical mining process that allows validating the infrastructure and transactions at different levels of trust. This research evaluates Amatista on Edison Arduino Boards.

Vanickis, R., Jacob, P., Dehghanzadeh, S., Lee, B..  2018.  Access Control Policy Enforcement for Zero-Trust-Networking. 2018 29th Irish Signals and Systems Conference (ISSC). :1-6.

The evolution of the enterprise computing landscape towards emerging trends such as fog/edge computing and the Industrial Internet of Things (IIoT) are leading to a change of approach to securing computer networks to deal with challenges such as mobility, virtualized infrastructures, dynamic and heterogeneous user contexts and transaction-based interactions. The uncertainty introduced by such dynamicity introduces greater uncertainty into the access control process and motivates the need for risk-based access control decision making. Thus, the traditional perimeter-based security paradigm is increasingly being abandoned in favour of a so called "zero trust networking" (ZTN). In ZTN networks are partitioned into zones with different levels of trust required to access the zone resources depending on the assets protected by the zone. All accesses to sensitive information is subject to rigorous access control based on user and device profile and context. In this paper we outline a policy enforcement framework to address many of open challenges for risk-based access control for ZTN. We specify the design of required policy languages including a generic firewall policy language to express firewall rules. We design a mechanism to map these rules to specific firewall syntax and to install the rules on the firewall. We show the viability of our design with a small proof-of-concept.

Kaur, Gurpreet, Malik, Yasir, Samuel, Hamman, Jaafar, Fehmi.  2018.  Detecting Blind Cross-Site Scripting Attacks Using Machine Learning. Proceedings of the 2018 International Conference on Signal Processing and Machine Learning. :22–25.
Cross-site scripting (XSS) is a scripting attack targeting web applications by injecting malicious scripts into web pages. Blind XSS is a subset of stored XSS, where an attacker blindly deploys malicious payloads in web pages that are stored in a persistent manner on target servers. Most of the XSS detection techniques used to detect the XSS vulnerabilities are inadequate to detect blind XSS attacks. In this research, we present machine learning based approach to detect blind XSS attacks. Testing results help to identify malicious payloads that are likely to get stored in databases through web applications.
Liu, Jed, Corbett-Davies, Joe, Ferraiuolo, Andrew, Ivanov, Alexander, Luo, Mulong, Suh, G. Edward, Myers, Andrew C., Campbell, Mark.  2018.  Secure Autonomous Cyber-Physical Systems Through Verifiable Information Flow Control. Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy. :48–59.
Modern cyber-physical systems are complex networked computing systems that electronically control physical systems. Autonomous road vehicles are an important and increasingly ubiquitous instance. Unfortunately, their increasing complexity often leads to security vulnerabilities. Network connectivity exposes these vulnerable systems to remote software attacks that can result in real-world physical damage, including vehicle crashes and loss of control authority. We introduce an integrated architecture to provide provable security and safety assurance for cyber-physical systems by ensuring that safety-critical operations and control cannot be unintentionally affected by potentially malicious parts of the system. Fine-grained information flow control is used to design both hardware and software, determining how low-integrity information can affect high-integrity control decisions. This security assurance is used to improve end-to-end security across the entire cyber-physical system. We demonstrate this integrated approach by developing a mobile robotic testbed modeling a self-driving system and testing it with a malicious attack.
Ogundokun, A., Zavarsky, P., Swar, B..  2018.  Cybersecurity assurance control baselining for smart grid communication systems. 2018 14th IEEE International Workshop on Factory Communication Systems (WFCS). :1–6.

Cybersecurity assurance plays an important role in managing trust in smart grid communication systems. In this paper, cybersecurity assurance controls for smart grid communication networks and devices are delineated from the more technical functional controls to provide insights on recent innovative risk-based approaches to cybersecurity assurance in smart grid systems. The cybersecurity assurance control baselining presented in this paper is based on requirements and guidelines of the new family of IEC 62443 standards on network and systems security of industrial automation and control systems. The paper illustrates how key cybersecurity control baselining and tailoring concepts of the U.S. NIST SP 800-53 can be adopted in smart grid security architecture. The paper outlines the application of IEC 62443 standards-based security zoning and assignment of security levels to the zones in smart grid system architectures. To manage trust in the smart grid system architecture, cybersecurity assurance base lining concepts are applied per security impact levels. Selection and justification of security assurance controls presented in the paper is utilizing the approach common in Security Technical Implementation Guides (STIGs) of the U.S. Defense Information Systems Agency. As shown in the paper, enhanced granularity for managing trust both on the overall system and subsystem levels of smart grid systems can be achieved by implementation of the instructions of the CNSSI 1253 of the U.S. Committee of National Security Systems on security categorization and control selection for national security systems.

Sorokine, Alex, Thakur, Gautam, Palumbo, Rachel.  2018.  Machine Learning to Improve Retrieval by Category in Big Volunteered Geodata. Proceedings of the 12th Workshop on Geographic Information Retrieval. :4:1–4:2.
Nowadays, Volunteered Geographic Information (VGI) is commonly used in research and practical applications. However, the quality assurance of such a geographic data remains a problem. In this study we use machine learning and natural language processing to improve record retrieval by category (e.g. restaurant, museum, etc.) from Wikimapia Points of Interest data. We use textual information contained in VGI records to evaluate its ability to determine the category label. The performance of the trained classifier is evaluated on the complete dataset and then is compared with its performance on regional subsets. Preliminary analysis shows significant difference in the classifier performance across the regions. Such geographic differences will have a significant effect on data enrichment efforts such as labeling entities with missing categories.
Francalino, Wagner, Callado, Arthur de Castro, Jucá, Paulyne Matthews.  2018.  Defining and Implementing a Test Automation Strategy in an IT Company. Proceedings of the Euro American Conference on Telematics and Information Systems. :40:1–40:5.
Software testing is very important for software quality assurance. However, the test activity is not a simple task and requires good planning to be successful. It is in this context that the automation of tests gains importance. This paper presents the experience of defining and implementing a test automation strategy for functional tests based on the Brazilian Test Process Improvement Model (MPT.Br) in an IT company. The results of this work include the improvement of the testing process used by the company, the increase in the test coverage and the reduction of time used to perform regression tests.
Sen, Amartya, Madria, Sanjay.  2018.  Data Analysis of Cloud Security Alliance's Security, Trust & Assurance Registry. Proceedings of the 19th International Conference on Distributed Computing and Networking. :42:1–42:10.
The security of clients' applications on the cloud platforms has been of great interest. Security concerns associated with cloud computing are improving in both the domains; security issues faced by cloud providers and security issues faced by clients. However, security concerns still remain in domains like cloud auditing and migrating application components to cloud to make the process more secure and cost-efficient. To an extent, this can be attributed to a lack of detailed information being publicly present about the cloud platforms and their security policies. A resolution in this regard can be found in Cloud Security Alliance's Security, Trust, and Assurance Registry (STAR) which documents the security controls provided by popular cloud computing offerings. In this paper, we perform some descriptive analysis on STAR data in an attempt to comprehend the information publicly presented by different cloud providers. It is to help clients in more effectively searching and analyzing the required security information they need for the decision making process for hosting their applications on cloud. Based on the analysis, we outline some augmentations that can be made to STAR as well as certain specific design improvements for a cloud migration risk assessment framework.
Randhawa, Suneel, Turnbull, Benjamin, Yuen, Joseph, Dean, Jonathan.  2018.  Mission-Centric Automated Cyber Red Teaming. Proceedings of the 13th International Conference on Availability, Reliability and Security. :1:1–1:11.
Cyberspace is ubiquitous and is becoming increasingly critical to many societal, commercial, military, and national functions as it emerges as an operational space in its own right. Within this context, decision makers must achieve mission continuity when operating in cyberspace. One aspect of any comprehensive security program is the use of penetration testing; the use of scanning, enumeration and offensive techniques not unlike those used by a potential adversary. Effective penetration testing provides security insight into the network as a system in its entirety. Often though, this systemic view is lost in reporting outcomes, instead becoming a list of vulnerable or exploitable systems that are individually evaluated for remediation priority. This paper introduces Trogdor; a mission-centric automated cyber red-teaming system. Trogdor undertakes model based Automated Cyber Red Teaming (ACRT) and critical node analysis to visually present the impact of vulnerable resources to cyber dependent missions. Specifically, this work discusses the purpose of Trogdor, outlines its architecture, design choices and the technologies it employs. This paper describes an application of Trogdor to an enterprise network scenario; specifically, how Trogdor provides an understanding of potential mission impacts arising from cyber vulnerabilities and mission or business-centric decision support in selecting possible strategies to mitigate those impacts.
Hu, Xinyi, Zhao, Yaqun.  2018.  One to One Identification of Cryptosystem Using Fisher's Discriminant Analysis. Proceedings of the 6th ACM/ACIS International Conference on Applied Computing and Information Technology. :7–12.
Distinguishing analysis is an important part of cryptanalysis. It is an important content of discriminating analysis that how to identify ciphertext is encrypted by which cryptosystems when it knows only ciphertext. In this paper, Fisher's discriminant analysis (FDA), which is based on statistical method and machine learning, is used to identify 4 stream ciphers and 7 block ciphers one to one by extracting 9 different features. The results show that the accuracy rate of the FDA can reach 80% when identifying files that are encrypted by the stream cipher and the block cipher in ECB mode respectively, and files encrypted by the block cipher in ECB mode and CBC mode respectively. The average one to one identification accuracy rates of stream ciphers RC4, Grain, Sosemanuk are more than 55%. The maximum accuracy rate can reach 60% when identifying SMS4 from block ciphers in CBC mode one to one. The identification accuracy rate of entropy-based features is apparently higher than the probability-based features.
Jimenez, J. I., Jahankhani, H..  2019.  “Privacy by Design” Governance Framework to Achieve Privacy Assurance of Personal Health Information (PHI) Processed by IoT-based Telemedicine Devices and Applications Within Healthcare Services. 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3). :212–212.
Future that IoT has to enhance the productivity on healthcare applications.
Headrick, W. J., Dlugosz, A., Rajcok, P..  2018.  Information Assurance in modern ATE. 2018 IEEE AUTOTESTCON. :1–4.

For modern Automatic Test Equipment (ATE) one of the most daunting tasks is now Information Assurance (IA). What was once at most a secondary item consisting mainly of installing an Anti-Virus suite is now becoming one of the most important aspects of ATE. Given the current climate of IA it has become important to ensure ATE is kept safe from any breaches of security or loss of information. Even though most ATE are not on the Internet (or even on a network for many) they are still vulnerable to some of the same attack vectors plaguing common computers and other electronic devices. This paper will discuss some of the processes and procedures which must be used to ensure that modern ATE can continue to be used to test and detect faults in the systems they are designed to test. The common items that must be considered for ATE are as follows: The ATE system must have some form of Anti-Virus (as should all computers). The ATE system should have a minimum software footprint only providing the software needed to perform the task. The ATE system should be verified to have all the Operating System (OS) settings configured pursuant to the task it is intended to perform. The ATE OS settings should include password and password expiration settings to prevent access by anyone not expected to be on the system. The ATE system software should be written and constructed such that it in itself is not readily open to attack. The ATE system should be designed in a manner such that none of the instruments in the system can easily be attacked. The ATE system should insure any paths to the outside world (such as Ethernet or USB devices) are limited to only those required to perform the task it was designed for. These and many other common configuration concerns will be discussed in the paper.

2019-07-01
Akhtar, T., Gupta, B. B., Yamaguchi, S..  2018.  Malware propagation effects on SCADA system and smart power grid. 2018 IEEE International Conference on Consumer Electronics (ICCE). :1–6.

Critical infrastructures have suffered from different kind of cyber attacks over the years. Many of these attacks are performed using malwares by exploiting the vulnerabilities of these resources. Smart power grid is one of the major victim which suffered from these attacks and its SCADA system are frequently targeted. In this paper we describe our proposed framework to analyze smart power grid, while its SCADA system is under attack by malware. Malware propagation and its effects on SCADA system is the focal point of our analysis. OMNeT++ simulator and openDSS is used for developing and analyzing the simulated smart power grid environment.

Urias, V. E., Stout, M. S. William, Leeuwen, B. V..  2018.  On the Feasibility of Generating Deception Environments for Industrial Control Systems. 2018 IEEE International Symposium on Technologies for Homeland Security (HST). :1–6.

The cyber threat landscape is a constantly morphing surface; the need for cyber defenders to develop and create proactive threat intelligence is on the rise, especially on critical infrastructure environments. It is commonly voiced that Supervisory Control and Data Acquisition (SCADA) systems and Industrial Control Systems (ICS) are vulnerable to the same classes of threats as other networked computer systems. However, cyber defense in operational ICS is difficult, often introducing unacceptable risks of disruption to critical physical processes. This is exacerbated by the notion that hardware used in ICS is often expensive, making full-scale mock-up systems for testing and/or cyber defense impractical. New paradigms in cyber security have focused heavily on using deception to not only protect assets, but also gather insight into adversary motives and tools. Much of the work that we see in today's literature is focused on creating deception environments for traditional IT enterprise networks; however, leveraging our prior work in the domain, we explore the opportunities, challenges and feasibility of doing deception in ICS networks.

Perez, R. Lopez, Adamsky, F., Soua, R., Engel, T..  2018.  Machine Learning for Reliable Network Attack Detection in SCADA Systems. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :633–638.

Critical Infrastructures (CIs) use Supervisory Control And Data Acquisition (SCADA) systems for remote control and monitoring. Sophisticated security measures are needed to address malicious intrusions, which are steadily increasing in number and variety due to the massive spread of connectivity and standardisation of open SCADA protocols. Traditional Intrusion Detection Systems (IDSs) cannot detect attacks that are not already present in their databases. Therefore, in this paper, we assess Machine Learning (ML) for intrusion detection in SCADA systems using a real data set collected from a gas pipeline system and provided by the Mississippi State University (MSU). The contribution of this paper is two-fold: 1) The evaluation of four techniques for missing data estimation and two techniques for data normalization, 2) The performances of Support Vector Machine (SVM), and Random Forest (RF) are assessed in terms of accuracy, precision, recall and F1score for intrusion detection. Two cases are differentiated: binary and categorical classifications. Our experiments reveal that RF detect intrusions effectively, with an F1score of respectively \textbackslashtextgreater 99%.

Zabetian-Hosseini, A., Mehrizi-Sani, A., Liu, C..  2018.  Cyberattack to Cyber-Physical Model of Wind Farm SCADA. IECON 2018 - 44th Annual Conference of the IEEE Industrial Electronics Society. :4929–4934.

In recent years, there has been a significant increase in wind power penetration into the power system. As a result, the behavior of the power system has become more dependent on wind power behavior. Supervisory control and data acquisition (SCADA) systems responsible for monitoring and controlling wind farms often have vulnerabilities that make them susceptible to cyberattacks. These vulnerabilities allow attackers to exploit and intrude in the wind farm SCADA system. In this paper, a cyber-physical system (CPS) model for the information and communication technology (ICT) model of the wind farm SCADA system integrated with SCADA of the power system is proposed. Cybersecurity of this wind farm SCADA system is discussed. Proposed cyberattack scenarios on the system are modeled and the impact of these cyberattacks on the behavior of the power systems on the IEEE 9-bus modified system is investigated. Finally, an anomaly attack detection algorithm is proposed to stop the attack of tripping of all wind farms. Case studies validate the performance of the proposed CPS model of the test system and the attack detection algorithm.

Kolosok, I., Korkina, E., Mahnitko, A., Gavrilovs, A..  2018.  Supporting Cyber-Physical Security of Electric Power System by the State Estimation Technique. 2018 IEEE 59th International Scientific Conference on Power and Electrical Engineering of Riga Technical University (RTUCON). :1–6.

Security is one of the most important properties of electric power system (EPS). We consider the state estimation (SE) tool as a barrier to the corruption of data on current operating conditions of the EPS. An algorithm for a two-level SE on the basis of SCADA and WAMS measurements is effective in terms of detection of malicious attacks on energy system. The article suggests a methodology to identify cyberattacks on SCADA and WAMS.

Kumar, S., Gaur, N., Kumar, A..  2018.  Developing a Secure Cyber Ecosystem for SCADA Architecture. 2018 Second International Conference on Computing Methodologies and Communication (ICCMC). :559–562.

Advent of Cyber has converted the entire World into a Global village. But, due to vurneabilites in SCADA architecture [1] national assests are more prone to cyber attacks.. Cyber invasions have a catastrophic effect in the minds of the civilian population, in terms of states security system. A robust cyber security is need of the hour to protect the critical information infastructrue & critical infrastructure of a country. Here, in this paper we scrutinize cyber terrorism, vurneabilites in SCADA network systems [1], [2] and concept of cyber resilience to combat cyber attacks.

Senthivel, Saranyan, Dhungana, Shrey, Yoo, Hyunguk, Ahmed, Irfan, Roussev, Vassil.  2018.  Denial of Engineering Operations Attacks in Industrial Control Systems. Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy. :319–329.
We present a new type of attack termed denial of engineering operations in which an attacker can interfere with the normal cycle of an engineering operation leading to a loss of situational awareness. Specifically, the attacker can deceive the engineering software during attempts to retrieve the ladder logic program from a programmable logic controller (PLC) by manipulating the ladder logic on the PLC, such that the software is unable to process it while the PLC continues to execute it successfully. This attack vector can provide sufficient cover for the attacker»s actual scenario to play out while the owner tries to understand the problem and reestablish positive operational control. To enable the forensic analysis and, eventually, eliminate the threat, we have developed the first decompiler for ladder logic programs. Ladder logic is a graphical programming language for PLCs that control physical processes such as power grid, pipelines, and chemical plants; PLCs are a common target of malicious modifications leading to the compromise of the control behavior (and potentially serious consequences). Our decompiler, Laddis, transforms a low-level representation to its corresponding high-level original representation comprising of graphical symbols and connections. The evaluation of the accuracy of the decompiler on the program of varying complexity demonstrates perfect reconstruction of the original program. We present three new attack scenarios on PLC-deployed ladder logic and demonstrate the effectiveness of the decompiler on these scenarios.