Visible to the public Biblio

Found 418 results

Filters: Keyword is Monitoring  [Clear All Filters]
2020-03-09
Salehie, Mazeiar, Pasquale, Liliana, Omoronyia, Inah, Nuseibeh, Bashar.  2012.  Adaptive Security and Privacy in Smart Grids: A Software Engineering Vision. 2012 First International Workshop on Software Engineering Challenges for the Smart Grid (SE-SmartGrids). :46–49.

Despite the benefits offered by smart grids, energy producers, distributors and consumers are increasingly concerned about possible security and privacy threats. These threats typically manifest themselves at runtime as new usage scenarios arise and vulnerabilities are discovered. Adaptive security and privacy promise to address these threats by increasing awareness and automating prevention, detection and recovery from security and privacy requirements' failures at runtime by re-configuring system controls and perhaps even changing requirements. This paper discusses the need for adaptive security and privacy in smart grids by presenting some motivating scenarios. We then outline some research issues that arise in engineering adaptive security. We particularly scrutinize published reports by NIST on smart grid security and privacy as the basis for our discussions.

Khan, Iqra, Durad, Hanif, Alam, Masoom.  2019.  Data Analytics Layer For high-interaction Honeypots. 2019 16th International Bhurban Conference on Applied Sciences and Technology (IBCAST). :681–686.

Security of VMs is now becoming a hot topic due to their outsourcing in cloud computing paradigm. All VMs present on the network are connected to each other, making exploited VMs danger to other VMs. and threats to organization. Rejuvenation of virtualization brought the emergence of hyper-visor based security services like VMI (Virtual machine introspection). As there is a greater chance for any intrusion detection system running on the same system, of being dis-abled by the malware or attacker. Monitoring of VMs using VMI, is one of the most researched and accepted technique, that is used to ensure computer systems security mostly in the paradigm of cloud computing. This thesis presents a work that is to integrate LibVMI with Volatility on a KVM, a Linux based hypervisor, to introspect memory of VMs. Both of these tools are used to monitor the state of live VMs. VMI capability of monitoring VMs is combined with the malware analysis and virtual honeypots to achieve the objective of this project. A testing environment is deployed, where a network of VMs is used to be introspected using Volatility plug-ins. Time execution of each plug-in executed on live VMs is calculated to observe the performance of Volatility plug-ins. All these VMs are deployed as Virtual Honeypots having honey-pots configured on them, which is used as a detection mechanism to trigger alerts when some malware attack the VMs. Using STIX (Structure Threat Information Expression), extracted IOCs are converted into the understandable, flexible, structured and shareable format.

Zhan, Dongyang, Li, Huhua, Ye, Lin, Zhang, Hongli, Fang, Binxing, Du, Xiaojiang.  2019.  A Low-Overhead Kernel Object Monitoring Approach for Virtual Machine Introspection. ICC 2019 - 2019 IEEE International Conference on Communications (ICC). :1–6.

Monitoring kernel object modification of virtual machine is widely used by virtual-machine-introspection-based security monitors to protect virtual machines in cloud computing, such as monitoring dentry objects to intercept file operations, etc. However, most of the current virtual machine monitors, such as KVM and Xen, only support page-level monitoring, because the Intel EPT technology can only monitor page privilege. If the out-of-virtual-machine security tools want to monitor some kernel objects, they need to intercept the operation of the whole memory page. Since there are some other objects stored in the monitored pages, the modification of them will also trigger the monitor. Therefore, page-level memory monitor usually introduces overhead to related kernel services of the target virtual machine. In this paper, we propose a low-overhead kernel object monitoring approach to reduce the overhead caused by page-level monitor. The core idea is to migrate the target kernel objects to a protected memory area and then to monitor the corresponding new memory pages. Since the new pages only contain the kernel objects to be monitored, other kernel objects will not trigger our monitor. Therefore, our monitor will not introduce runtime overhead to the related kernel service. The experimental results show that our system can monitor target kernel objects effectively only with very low overhead.

Joseph, Linda, Mukesh, Rajeswari.  2019.  To Detect Malware attacks for an Autonomic Self-Heal Approach of Virtual Machines in Cloud Computing. 2019 Fifth International Conference on Science Technology Engineering and Mathematics (ICONSTEM). 1:220–231.

Cloud Computing as of large is evolving at a faster pace with an ever changing set of cloud services. The amenities in the cloud are all enabled with respect to the public cloud services in their own enormous domain aspects commercially, which tend to be more insecure. These cloud services should be thus protected and secured which is very vital to the cloud infrastructures. Therefore, in this research work, we have identified security features with a self-heal approach that could be rendered on the infrastructure as a service (IaaS) in a private cloud environment. We have investigated the attack model from the virtual machine snapshots and have analyzed based on the supervised machine learning techniques. The virtual machines memory snapshots API call sequences are considered as input for the supervised and unsupervised machine learning algorithms to classify the attacked and the un-attacked virtual machine memory snapshots. The obtained set of the attacked virtual machine memory snapshots are given as input to the self-heal algorithm which is enabled to retrieve back the functionality of the virtual machines. Our method of detecting the malware attains about 93% of accuracy with respect to the virtual machine snapshots.

Hăjmăȿan, Gheorghe, Mondoc, Alexandra, Creț, Octavian.  2019.  Bytecode Heuristic Signatures for Detecting Malware Behavior. 2019 Conference on Next Generation Computing Applications (NextComp). :1–6.
For a long time, the most important approach for detecting malicious applications was the use of static, hash-based signatures. This approach provides a fast response time, has a low performance overhead and is very stable due to its simplicity. However, with the rapid growth in the number of malware, as well as their increased complexity in terms of polymorphism and evasion, the era of reactive security solutions started to fade in favor of new, proactive approaches such as behavior based detection. We propose a novel approach that uses an interpreter virtual machine to run proactive behavior heuristics from bytecode signatures, thus combining the advantages of behavior based detection with those of signatures. Based on our approximation, using this approach we succeeded to reduce by 85% the time required to update a behavior based detection solution to detect new threats, while continuing to benefit from the versatility of behavior heuristics.
2020-03-02
Tootaghaj, Diman Zad, La Porta, Thomas, He, Ting.  2019.  Modeling, Monitoring and Scheduling Techniques for Network Recovery from Massive Failures. 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM). :695–700.

Large-scale failures in communication networks due to natural disasters or malicious attacks can severely affect critical communications and threaten lives of people in the affected area. In the absence of a proper communication infrastructure, rescue operation becomes extremely difficult. Progressive and timely network recovery is, therefore, a key to minimizing losses and facilitating rescue missions. To this end, we focus on network recovery assuming partial and uncertain knowledge of the failure locations. We proposed a progressive multi-stage recovery approach that uses the incomplete knowledge of failure to find a feasible recovery schedule. Next, we focused on failure recovery of multiple interconnected networks. In particular, we focused on the interaction between a power grid and a communication network. Then, we focused on network monitoring techniques that can be used for diagnosing the performance of individual links for localizing soft failures (e.g. highly congested links) in a communication network. We studied the optimal selection of the monitoring paths to balance identifiability and probing cost. Finally, we addressed, a minimum disruptive routing framework in software defined networks. Extensive experimental and simulation results show that our proposed recovery approaches have a lower disruption cost compared to the state-of-the-art while we can configure our choice of trade-off between the identifiability, execution time, the repair/probing cost, congestion and the demand loss.

Zheng, Zhengfan, Zheng, Bo, Wu, Yuechao, Chen, Shangui.  2019.  An Integrated Safety Management System Based on Ubiquitous Internet of Things in Electricity for Smart Pumped-storage Power Stations. 2019 4th International Conference on Intelligent Green Building and Smart Grid (IGBSG). :548–551.
The safety management is an important and fundamental task in the construction and operation of pumped-storage power stations. However, because of the traditional technical framework, the relevant systems are separated from each other, leading to a lot of disadvantages in application and performance. In order to meet the requirements of smart pumped-storage power stations, an integrated safety management system (ISMS) based on ubiquitous internet of things in electricity is proposed in this paper. The ISMS is divided into five layers including data display layer, data manipulation layer, data processing layer, data transmission layer and data acquisition layer. It consists of six modules, i.e., central control module, cave access control and personnel location module, video and security monitoring module, emergency broadcasting and communication module, geological warning module, and fall protection module. All modules are integrated into a unified information platform.
2020-02-26
Danger, Jean-Luc, Fribourg, Laurent, Kühne, Ulrich, Naceur, Maha.  2019.  LAOCOÖN: A Run-Time Monitoring and Verification Approach for Hardware Trojan Detection. 2019 22nd Euromicro Conference on Digital System Design (DSD). :269–276.

Hardware Trojan Horses and active fault attacks are a threat to the safety and security of electronic systems. By such manipulations, an attacker can extract sensitive information or disturb the functionality of a device. Therefore, several protections against malicious inclusions have been devised in recent years. A prominent technique to detect abnormal behavior in the field is run-time verification. It relies on dedicated monitoring circuits and on verification rules generated from a set of temporal properties. An important question when dealing with such protections is the effectiveness of the protection against unknown attacks. In this paper, we present a methodology based on automatic generation of monitoring and formal verification techniques that can be used to validate and analyze the quality of a set of temporal properties when used as protection against generic attackers of variable strengths.

Almohaimeed, Abdulrahman, Asaduzzaman, Abu.  2019.  Incorporating Monitoring Points in SDN to Ensure Trusted Links Against Misbehaving Traffic Flows. 2019 Fifth Conference on Mobile and Secure Services (MobiSecServ). :1–4.

The growing trend toward information technology increases the amount of data travelling over the network links. The problem of detecting anomalies in data streams has increased with the growth of internet connectivity. Software-Defined Networking (SDN) is a new concept of computer networking that can adapt and support these growing trends. However, the centralized nature of the SDN design is challenged by the need for an efficient method for traffic monitoring against traffic anomalies caused by misconfigured devices or ongoing attacks. In this paper, we propose a new model for traffic behavior monitoring that aims to ensure trusted communication links between the network devices. The main objective of this model is to confirm that the behavior of the traffic streams matches the instructions provided by the SDN controller, which can help to increase the trust between the SDN controller and its covered infrastructure components. According to our preliminary implementation, the behavior monitoring unit is able to read all traffic information and perform a validation process that reports any mismatching traffic to the controller.

2020-02-24
Maunero, Nicoló, Prinetto, Paolo, Roascio, Gianluca.  2019.  CFI: Control Flow Integrity or Control Flow Interruption? 2019 IEEE East-West Design Test Symposium (EWDTS). :1–6.

Runtime memory vulnerabilities, especially present in widely used languages as C and C++, are exploited by attackers to corrupt code pointers and hijack the execution flow of a program running on a target system to force it to behave abnormally. This is the principle of modern Code Reuse Attacks (CRAs) and of famous attack paradigms as Return-Oriented Programming (ROP) and Jump-Oriented Programming (JOP), which have defeated the previous defenses against malicious code injection such as Data Execution Prevention (DEP). Control-Flow Integrity (CFI) is a promising approach to protect against such runtime attacks. Recently, many CFI solutions have been proposed, with both hardware and software implementations. But how can a defense based on complying with a graph calculated a priori efficiently deal with something unpredictable as exceptions and interrupt requests? The present paper focuses on this dichotomy by analysing some of the CFI-based defenses and showing how the unexpected trigger of an interrupt and the sudden execution of an Interrupt Service Routine (ISR) can circumvent them.

Ahmadi-Assalemi, Gabriela, al-Khateeb, Haider M., Epiphaniou, Gregory, Cosson, Jon, Jahankhani, Hamid, Pillai, Prashant.  2019.  Federated Blockchain-Based Tracking and Liability Attribution Framework for Employees and Cyber-Physical Objects in a Smart Workplace. 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3). :1–9.
The systematic integration of the Internet of Things (IoT) and Cyber-Physical Systems (CPS) into the supply chain to increase operational efficiency and quality has also introduced new complexities to the threat landscape. The myriad of sensors could increase data collection capabilities for businesses to facilitate process automation aided by Artificial Intelligence (AI) but without adopting an appropriate Security-by-Design framework, threat detection and response are destined to fail. The emerging concept of Smart Workplace incorporates many CPS (e.g. Robots and Drones) to execute tasks alongside Employees both of which can be exploited as Insider Threats. We introduce and discuss forensic-readiness, liability attribution and the ability to track moving Smart SPS Objects to support modern Digital Forensics and Incident Response (DFIR) within a defence-in-depth strategy. We present a framework to facilitate the tracking of object behaviour within Smart Controlled Business Environments (SCBE) to support resilience by enabling proactive insider threat detection. Several components of the framework were piloted in a company to discuss a real-life case study and demonstrate anomaly detection and the emerging of behavioural patterns according to objects' movement with relation to their job role, workspace position and nearest entry or exit. The empirical data was collected from a Bluetooth-based Proximity Monitoring Solution. Furthermore, a key strength of the framework is a federated Blockchain (BC) model to achieve forensic-readiness by establishing a digital Chain-of-Custody (CoC) and a collaborative environment for CPS to qualify as Digital Witnesses (DW) to support post-incident investigations.
2020-02-18
Lin, Gengshen, Dong, Mianxiong, Ota, Kaoru, Li, Jianhua, Yang, Wu, Wu, Jun.  2019.  Security Function Virtualization Based Moving Target Defense of SDN-Enabled Smart Grid. ICC 2019 - 2019 IEEE International Conference on Communications (ICC). :1–6.

Software-defined networking (SDN) allows the smart grid to be centrally controlled and managed by decoupling the control plane from the data plane, but it also expands attack surface for attackers. Existing studies about the security of SDN-enabled smart grid (SDSG) mainly focused on static methods such as access control and identity authentication, which is vulnerable to attackers that carefully probe the system. As the attacks become more variable and complex, there is an urgent need for dynamic defense methods. In this paper, we propose a security function virtualization (SFV) based moving target defense of SDSG which makes the attack surface constantly changing. First, we design a dynamic defense mechanism by migrating virtual security function (VSF) instances as the traffic state changes. The centralized SDN controller is re-designed for global status monitoring and migration management. Moreover, we formalize the VSF instances migration problem as an integer nonlinear programming problem with multiple constraints and design a pre-migration algorithm to prevent VSF instances' resources from being exhausted. Simulation results indicate the feasibility of the proposed scheme.

2020-02-17
Eckhart, Matthias, Ekelhart, Andreas, Weippl, Edgar.  2019.  Enhancing Cyber Situational Awareness for Cyber-Physical Systems through Digital Twins. 2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA). :1222–1225.
Operators of cyber-physical systems (CPSs) need to maintain awareness of the cyber situation in order to be able to adequately address potential issues in a timely manner. For instance, detecting early symptoms of cyber attacks may speed up the incident response process and mitigate consequences of attacks (e.g., business interruption, safety hazards). However, attaining a full understanding of the cyber situation may be challenging, given the complexity of CPSs and the ever-changing threat landscape. In particular, CPSs typically need to be continuously operational, may be sensitive to active scanning, and often provide only limited in-depth analysis capabilities. To address these challenges, we propose to utilize the concept of digital twins for enhancing cyber situational awareness. Digital twins, i.e., virtual replicas of systems, can run in parallel to their physical counterparts and allow deep inspection of their behavior without the risk of disrupting operational technology services. This paper reports our work in progress to develop a cyber situational awareness framework based on digital twins that provides a profound, holistic, and current view on the cyber situation that CPSs are in. More specifically, we present a prototype that provides real-time visualization features (i.e., system topology, program variables of devices) and enables a thorough, repeatable investigation process on a logic and network level. A brief explanation of technological use cases and outlook on future development efforts completes this work.
Liu, Xiaobao, Wu, Qinfang, Sun, Jinhua, Xu, Xia, Wen, Yifan.  2019.  Research on Self-Healing Technology for Faults of Intelligent Distribution Network Communication System. 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). :1404–1408.
The intelligent power communication network is closely connected with the power system, and carries the data transmission and intelligent decision in a series of key services in the power system, which is an important guarantee for the smart power service. The self-healing control (SHC) of the distribution network monitors the data of each device and node in the distribution network in real time, simulates and analyzes the data, and predicts the hidden dangers in the normal operation of the distribution network. Control, control strategies such as correcting recovery and troubleshooting when abnormal or fault conditions occur, reducing human intervention, enabling the distribution network to change from abnormal operating state to normal operating state in time, preventing event expansion and reducing the impact of faults on the grid and users.
Liu, Zhikun, Gui, Canzhi, Ma, Chao.  2019.  Design and Verification of Integrated Ship Monitoring Network with High Reliability and Zero-Time Self-Healing. 2019 Chinese Control And Decision Conference (CCDC). :2348–2351.
The realization principle of zero-time self-healing network communication technology is introduced. According to the characteristics of ship monitoring, an integrated ship monitoring network is designed, which integrates the information of ship monitoring equipment. By setting up a network performance test environment, the information delay of self-healing network switch is tested, and the technical characteristics of "no packet loss" are verified. Zero-time self-healing network communication technology is an innovative technology in the design of ship monitoring network. It will greatly reduce the laying of network cables, reduce the workload of information upgrade and transformation of ships, and has the characteristics of continuous maintenance of the network. It has a wide application prospect.
Roukounaki, Aikaterini, Efremidis, Sofoklis, Soldatos, John, Neises, Juergen, Walloschke, Thomas, Kefalakis, Nikos.  2019.  Scalable and Configurable End-to-End Collection and Analysis of IoT Security Data : Towards End-to-End Security in IoT Systems. 2019 Global IoT Summit (GIoTS). :1–6.

In recent years, there is a surge of interest in approaches pertaining to security issues of Internet of Things deployments and applications that leverage machine learning and deep learning techniques. A key prerequisite for enabling such approaches is the development of scalable infrastructures for collecting and processing security-related datasets from IoT systems and devices. This paper introduces such a scalable and configurable data collection infrastructure for data-driven IoT security. It emphasizes the collection of (security) data from different elements of IoT systems, including individual devices and smart objects, edge nodes, IoT platforms, and entire clouds. The scalability of the introduced infrastructure stems from the integration of state of the art technologies for large scale data collection, streaming and storage, while its configurability relies on an extensible approach to modelling security data from a variety of IoT systems and devices. The approach enables the instantiation and deployment of security data collection systems over complex IoT deployments, which is a foundation for applying effective security analytics algorithms towards identifying threats, vulnerabilities and related attack patterns.

Chen, Lu, Ma, Yuanyuan, SHAO, Zhipeng, CHEN, Mu.  2019.  Research on Mobile Application Local Denial of Service Vulnerability Detection Technology Based on Rule Matching. 2019 IEEE International Conference on Energy Internet (ICEI). :585–590.
Aiming at malicious application flooding in mobile application market, this paper proposed a method based on rule matching for mobile application local denial of service vulnerability detection. By combining the advantages of static detection and dynamic detection, static detection adopts smali abstract syntax tree as rule matching object. This static detection method has higher code coverage and better guarantees the integrity of mobile application information. The dynamic detection performs targeted hook verification on the static detection result, which improves the accuracy of the detection result and saves the test workload at the same time. This dynamic detection method has good scalability, can be upgraded with discovery and variants of the vulnerability. Through experiments, it is verified that the mobile application with this vulnerability can be accurately found in a large number of mobile applications, and the effectiveness of the system is verified.
Alsumayt, Albandari, Albawardy, Norah, Aldossary, Wejdan, Alghamdi, Ebtehal, Aljammaz, Aljawhra.  2019.  Improve the security over the wireless sensor networks in medical sector. 2019 2nd International Conference on Computer Applications Information Security (ICCAIS). :1–4.
Nowadays with the huge technological development, the reliance on technology has become enormous. Wireless Sensor Networks (WSN) is an example of using the Internet and communication between the patient and the hospital. Easy use of such networks helps to increase the quality of communication between patient and hospital. With the development of technology increased risk in use. Any change in this data between the patient and the hospital may cause false data that may harm the patient. In this paper, a secure protocol is designed to ensure the confidentiality, integrity, and availability of data transfer between the hospital and the patient, depending on the AES and RC4 algorithms.
Jyothi, R., Cholli, Nagaraj G..  2019.  New Approach to Secure Cluster Heads in Wireless Sensor Networks. 2019 5th International Conference on Advanced Computing Communication Systems (ICACCS). :1097–1101.
This Wireless Sensor Network is a network of devices that communicates the information gathered from a monitored field through wireless links. Small size sensor nodes constitute wireless sensor networks. A Sensor is a device that responds and detects some type of input from both the physical or environmental conditions, such as pressure, heat, light, etc. Applications of wireless sensor networks include home automation, street lighting, military, healthcare and industrial process monitoring. As wireless sensor networks are distributed across large geographical area, these are vulnerable to various security threats. This affects the performance of the wireless sensor networks. The impact of security issues will become more critical if the network is used for mission-critical applications like tactical battlefield. In real life deployment scenarios, the probability of failure of nodes is more. As a result of resource constraints in the sensor nodes, traditional methods which involve large overhead computation and communication are not feasible in WSNs. Hence, design and deployment of secured WSNs is a challenging task. Attacks on WSNs include attack on confidentiality, integrity and availability. There are various types of architectures that are used to deploy WSNs. Some of them are data centric, hierarchical, location based, mobility based etc. This work discusses the security issue of hierarchical architecture and proposes a solution. In hierarchical architectures, sensor nodes are grouped to form clusters. Intra-cluster communication happens through cluster heads. Cluster heads also facilitate inter-cluster communication with other cluster heads. Aggregation of data generated by sensor nodes is done by cluster heads. Aggregated data also get transferred to base through multi-hop approach in most cases. Cluster heads are vulnerable to various malicious attacks and this greatly affects the performance of the wireless sensor network. The proposed solution identifies attacked cluster head and changes the CH by identifying the fittest node using genetic algorithm based search.
Byun, Minjae, Lee, Yongjun, Choi, Jin-Young.  2019.  Risk and avoidance strategy for blocking mechanism of SDN-based security service. 2019 21st International Conference on Advanced Communication Technology (ICACT). :187–190.

Software-Defined Network (SDN) is the dynamic network technology to address the issues of traditional networks. It provides centralized view of the whole network through decoupling the control planes and data planes of a network. Most SDN-based security services globally detect and block a malicious host based on IP address. However, the IP address is not verified during the forwarding process in most cases and SDN-based security service may block a normal host with forged IP address in the whole network, which means false-positive. In this paper, we introduce an attack scenario that uses forged packets to make the security service consider a victim host as an attacker so that block the victim. We also introduce cost-effective risk avoidance strategy.

Moquin, S. J., Kim, SangYun, Blair, Nicholas, Farnell, Chris, Di, Jia, Mantooth, H. Alan.  2019.  Enhanced Uptime and Firmware Cybersecurity for Grid-Connected Power Electronics. 2019 IEEE CyberPELS (CyberPELS). :1–6.
A distributed energy resource prototype is used to show cybersecurity best practices. These best practices include straightforward security techniques, such as encrypted serial communication. The best practices include more sophisticated security techniques, such as a method to evaluate and respond to firmware integrity at run-time. The prototype uses embedded Linux, a hardware-assisted monitor, one or more digital signal processors, and grid-connected power electronics. Security features to protect communication, firmware, power flow, and hardware are developed. The firmware run-time integrity security is presently evaluated, and shown to maintain power electronics uptime during firmware updating. The firmware run-time security feature can be extended to allow software rejuvenation, multi-mission controls, and greater flexibility and security in controls.
Ullah, N., Ali, S. M., Khan, B., Mehmood, C. A., Anwar, S. M., Majid, M., Farid, U., Nawaz, M. A., Ullah, Z..  2019.  Energy Efficiency: Digital Signal Processing Interactions Within Smart Grid. 2019 International Conference on Engineering and Emerging Technologies (ICEET). :1–6.
Smart Grid (SG) is regarded as complex electrical power system due to massive penetration of Renewable Energy Resources and Distribution Generations. The implementation of adjustable speed drives, advance power electronic devices, and electric arc furnaces are incorporated in SG (the transition from conventional power system). Moreover, SG is an advance, automated, controlled, efficient, digital, and intelligent system that ensures pertinent benefits, such as: (a) consumer empowerment, (b) advanced communication infrastructure, (c) user-friendly system, and (d) supports bi-directional power flow. Digital Signal Processing (DSP) is key tool for SG deployment and provides key solutions to a vast array of complex SG challenges. This research provides a comprehensive study on DSP interactions within SG. The prominent challenges posed by conventional grid, such as: (a) monitoring and control, (b) Electric Vehicles infrastructure, (c) cyber data injection attack, (d) Demand Response management and (e) cyber data injection attack are thoroughly investigated in this research.
Facon, Adrien, Guilley, Sylvain, Ngo, Xuan-Thuy, Perianin, Thomas.  2019.  Hardware-enabled AI for Embedded Security: A New Paradigm. 2019 3rd International Conference on Recent Advances in Signal Processing, Telecommunications Computing (SigTelCom). :80–84.

As chips become more and more connected, they are more exposed (both to network and to physical attacks). Therefore one shall ensure they enjoy a sufficient protection level. Security within chips is accordingly becoming a hot topic. Incident detection and reporting is one novel function expected from chips. In this talk, we explain why it is worthwhile to resort to Artificial Intelligence (AI) for security event handling. Drivers are the need to aggregate multiple and heterogeneous security sensors, the need to digest this information quickly to produce exploitable information, and so while maintaining a low false positive detection rate. Key features are adequate learning procedures and fast and secure classification accelerated by hardware. A challenge is to embed such security-oriented AI logic, while not compromising chip power budget and silicon area. This talk accounts for the opportunities permitted by the symbiotic encounter between chip security and AI.

Paul, Shuva, Ni, Zhen.  2019.  A Strategic Analysis of Attacker-Defender Repeated Game in Smart Grid Security. 2019 IEEE Power Energy Society Innovative Smart Grid Technologies Conference (ISGT). :1–5.

Traditional power grid security schemes are being replaced by highly advanced and efficient smart security schemes due to the advancement in grid structure and inclusion of cyber control and monitoring tools. Smart attackers create physical, cyber, or cyber-physical attacks to gain the access of the power system and manipulate/override system status, measurements and commands. In this paper, we formulate the environment for the attacker-defender interaction in the smart power grid. We provide a strategic analysis of the attacker-defender strategic interaction using a game theoretic approach. We apply repeated game to formulate the problem, implement it in the power system, and investigate for optimal strategic behavior in terms of mixed strategies of the players. In order to define the utility or cost function for the game payoffs calculation, generation power is used. Attack-defense budget is also incorporated with the attacker-defender repeated game to reflect a more realistic scenario. The proposed game model is validated using IEEE 39 bus benchmark system. A comparison between the proposed game model and the all monitoring model is provided to validate the observations.

Ganguly, Pallab, Nasipuri, Mita, Dutta, Sourav.  2019.  Challenges of the Existing Security Measures Deployed in the Smart Grid Framework. 2019 IEEE 7th International Conference on Smart Energy Grid Engineering (SEGE). :1–5.
Due to the rise of huge population in mankind and the large variety of upcoming utilization of power, the energy requirement has substantially increased. Smart Grid is a very important part of the Smart Cities initiative and is one of the crucial components in distribution and reconciliation of energy. Security of the smart grid infrastructure, which is an integral part of the smart grid framework, intended at transitioning the conventional power grid system into a robust, reliable, adaptable and intelligent energy utility, is an impending problem that needs to be arrested quickly. With the increasingly intensifying integration of smart devices in the smart grid infrastructure with other interconnected applications and the communication backbone is compelling both the energy users and the energy utilities to thoroughly look into the privacy and security issues of the smart grid. In this paper, we present challenges of the existing security mechanisms deployed in the smart grid framework and we tried to bring forward the unresolved problems that would highlight the security aspects of Smart Grid as a challenging area of research and development in the future.