Visible to the public Biblio

Filters: Keyword is security threats  [Clear All Filters]
2021-06-28
Miatra, Ayati, Kumar, Sumit.  2020.  Security Issues With Fog Computing. 2020 10th International Conference on Cloud Computing, Data Science Engineering (Confluence). :123–128.
Fog computing or edge computing or fogging extends cloud computing to the edge of the network. It operates on the computing, storage and networking services between user-end devices and cloud computing data centres. However, in the process of caring out these operations, fog computing is faced with several security issues. These issues may be inherited from cloud computing systems or may arise due to fog computing systems alone. Some of the major gaps in providing a secure platform for the fog computing process arise from interim operational steps like authentication or identification, which often expands to large scale performance issues in fog computing. Thus, these issues and their implications on fog computing databases, and the possible available solutions are researched and provided for a better scope of future use and growth of fog computing systems by bridging the gaps of security issues in it.
2021-06-24
Teplyuk, P.A., Yakunin, A.G., Sharlaev, E.V..  2020.  Study of Security Flaws in the Linux Kernel by Fuzzing. 2020 International Multi-Conference on Industrial Engineering and Modern Technologies (FarEastCon). :1–5.
An exceptional feature of the development of modern operating systems based on the Linux kernel is their leading use in cloud technologies, mobile devices and the Internet of things, which is accompanied by the emergence of more and more security threats at the kernel level. In order to improve the security of existing and future Linux distributions, it is necessary to analyze the existing approaches and tools for automated vulnerability detection and to conduct experimental security testing of some current versions of the kernel. The research is based on fuzzing - a software testing technique, which consists in the automated detection of implementation errors by sending deliberately incorrect data to the input of the fuzzer and analyzing the program's response at its output. Using the Syzkaller software tool, which implements a code coverage approach, vulnerabilities of the Linux kernel level were identified in stable versions used in modern distributions. The direction of this research is relevant and requires further development in order to detect zero-day vulnerabilities in new versions of the kernel, which is an important and necessary link in increasing the security of the Linux operating system family.
2021-04-08
Verdoliva, L..  2020.  Media Forensics and DeepFakes: An Overview. IEEE Journal of Selected Topics in Signal Processing. 14:910—932.
With the rapid progress in recent years, techniques that generate and manipulate multimedia content can now provide a very advanced level of realism. The boundary between real and synthetic media has become very thin. On the one hand, this opens the door to a series of exciting applications in different fields such as creative arts, advertising, film production, and video games. On the other hand, it poses enormous security threats. Software packages freely available on the web allow any individual, without special skills, to create very realistic fake images and videos. These can be used to manipulate public opinion during elections, commit fraud, discredit or blackmail people. Therefore, there is an urgent need for automated tools capable of detecting false multimedia content and avoiding the spread of dangerous false information. This review paper aims to present an analysis of the methods for visual media integrity verification, that is, the detection of manipulated images and videos. Special emphasis will be placed on the emerging phenomenon of deepfakes, fake media created through deep learning tools, and on modern data-driven forensic methods to fight them. The analysis will help highlight the limits of current forensic tools, the most relevant issues, the upcoming challenges, and suggest future directions for research.
2021-03-29
Agirre, I..  2020.  Safe and secure software updates on high-performance embedded systems. 2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W). :68—69.

The next generation of dependable embedded systems feature autonomy and higher levels of interconnection. Autonomy is commonly achieved with the support of artificial intelligence algorithms that pose high computing demands on the hardware platform, reaching a high performance scale. This involves a dramatic increase in software and hardware complexity, fact that together with the novelty of the technology, raises serious concerns regarding system dependability. Traditional approaches for certification require to demonstrate that the system will be acceptably safe to operate before it is deployed into service. The nature of autonomous systems, with potentially infinite scenarios, configurations and unanticipated interactions, makes it increasingly difficult to support such claim at design time. In this context, the extended networking technologies can be exploited to collect post-deployment evidence that serve to oversee whether safety assumptions are preserved during operation and to continuously improve the system through regular software updates. These software updates are not only convenient for critical bug fixing but also necessary for keeping the interconnected system resilient against security threats. However, such approach requires a recondition of the traditional certification practices.

2021-02-10
Ivanov, P., Baklanov, V., Dymova, E..  2020.  Covert Channels of Data Communication. 2020 Ural Symposium on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT). :0557—0558.
The article is dedicated to covert channels of data communication in the protected operating system based on the Linux kernel with mandatory access control. The channel which is not intended by developers violates security policy and can lead to disclosure of confidential information. In this paper the covert storage channels are considered. Authors show opportunities to violate the secrecy policy in the protected operating system based on the Linux kernel experimentally. The first scenario uses time stamps of the last access to the files (“atime” stamp), the second scenario uses unreliable mechanism of the automatic login to the user session with another level of secrecy. Then, there are some recommendations to prevent these violations. The goal of this work is to analyze the methods of using covert channels, both previously known and new. The result of the article is recommendations allowing to eliminate security threats which can be embodied through covert channels.
2021-02-03
Adil, M., Khan, R., Ghani, M. A. Nawaz Ul.  2020.  Preventive Techniques of Phishing Attacks in Networks. 2020 3rd International Conference on Advancements in Computational Sciences (ICACS). :1—8.

Internet is the most widely used technology in the current era of information technology and it is embedded in daily life activities. Due to its extensive use in everyday life, it has many applications such as social media (Face book, WhatsApp, messenger etc.,) and other online applications such as online businesses, e-counseling, advertisement on websites, e-banking, e-hunting websites, e-doctor appointment and e-doctor opinion. The above mentioned applications of internet technology makes things very easy and accessible for human being in limited time, however, this technology is vulnerable to various security threats. A vital and severe threat associated with this technology or a particular application is “Phishing attack” which is used by attacker to usurp the network security. Phishing attacks includes fake E-mails, fake websites, fake applications which are used to steal their credentials or usurp their security. In this paper, a detailed overview of various phishing attacks, specifically their background knowledge, and solutions proposed in literature to address these issues using various techniques such as anti-phishing, honey pots and firewalls etc. Moreover, installation of intrusion detection systems (IDS) and intrusion detection and prevention system (IPS) in the networks to allow the authentic traffic in an operational network. In this work, we have conducted end use awareness campaign to educate and train the employs in order to minimize the occurrence probability of these attacks. The result analysis observed for this survey was quite excellent by means of its effectiveness to address the aforementioned issues.

2021-02-01
Sendhil, R., Amuthan, A..  2020.  A Descriptive Study on Homomorphic Encryption Schemes for Enhancing Security in Fog Computing. 2020 International Conference on Smart Electronics and Communication (ICOSEC). :738–743.
Nowadays, Fog Computing gets more attention due to its characteristics. Fog computing provides more advantages in related to apply with the latest technology. On the other hand, there is an issue about the data security over processing of data. Fog Computing encounters many security challenges like false data injection, violating privacy in edge devices and integrity of data, etc. An encryption scheme called Homomorphic Encryption (HME) technique is used to protect the data from the various security threats. This homomorphic encryption scheme allows doing manipulation over the encrypted data without decrypting it. This scheme can be implemented in many systems with various crypto-algorithms. This homomorphic encryption technique is mainly used to retain the privacy and to process the stored encrypted data on a remote server. This paper addresses the terminologies of Fog Computing, work flow and properties of the homomorphic encryption algorithm, followed by exploring the application of homomorphic encryption in various public key cryptosystems such as RSA and Pailier. It focuses on various homomorphic encryption schemes implemented by various researchers such as Brakerski-Gentry-Vaikuntanathan model, Improved Homomorphic Cryptosystem, Upgraded ElGamal based Algebric homomorphic encryption scheme, In-Direct rapid homomorphic encryption scheme which provides integrity of data.
2020-12-28
Riaz, S., Khan, A. H., Haroon, M., Latif, S., Bhatti, S..  2020.  Big Data Security and Privacy: Current Challenges and Future Research perspective in Cloud Environment. 2020 International Conference on Information Management and Technology (ICIMTech). :977—982.

Cloud computing is an Internet-based technology that emerging rapidly in the last few years due to popular and demanded services required by various institutions, organizations, and individuals. structured, unstructured, semistructured data is transfer at a record pace on to the cloud server. These institutions, businesses, and organizations are shifting more and more increasing workloads on cloud server, due to high cost, space and maintenance issues from big data, cloud computing will become a potential choice for the storage of data. In Cloud Environment, It is obvious that data is not secure completely yet from inside and outside attacks and intrusions because cloud servers are under the control of a third party. The Security of data becomes an important aspect due to the storage of sensitive data in a cloud environment. In this paper, we give an overview of characteristics and state of art of big data and data security & privacy top threats, open issues and current challenges and their impact on business are discussed for future research perspective and review & analysis of previous and recent frameworks and architectures for data security that are continuously established against threats to enhance how to keep and store data in the cloud environment.

2020-12-21
Jithish, J., Sankaran, S., Achuthan, K..  2020.  Towards Ensuring Trustworthiness in Cyber-Physical Systems: A Game-Theoretic Approach. 2020 International Conference on COMmunication Systems NETworkS (COMSNETS). :626–629.

The emergence of Cyber-Physical Systems (CPSs) is a potential paradigm shift for the usage of Information and Communication Technologies (ICT). From predominantly a facilitator of information and communication services, the role of ICT in the present age has expanded to the management of objects and resources in the physical world. Thus, it is imperative to devise mechanisms to ensure the trustworthiness of data to secure vulnerable devices against security threats. This work presents an analytical framework based on non-cooperative game theory to evaluate the trustworthiness of individual sensor nodes that constitute the CPS. The proposed game-theoretic model captures the factors impacting the trustworthiness of CPS sensor nodes. Further, the model is used to estimate the Nash equilibrium solution of the game, to derive a trust threshold criterion. The trust threshold represents the minimum trust score required to be maintained by individual sensor nodes during CPS operation. Sensor nodes with trust scores below the threshold are potentially malicious and may be removed or isolated to ensure the secure operation of CPS.

2020-12-17
Mukhandi, M., Portugal, D., Pereira, S., Couceiro, M. S..  2019.  A novel solution for securing robot communications based on the MQTT protocol and ROS. 2019 IEEE/SICE International Symposium on System Integration (SII). :608—613.

With the growing use of the Robot Operating System (ROS), it can be argued that it has become a de-facto framework for developing robotic solutions. ROS is used to build robotic applications for industrial automation, home automation, medical and even automatic robotic surveillance. However, whenever ROS is utilized, security is one of the main concerns that needs to be addressed in order to ensure a secure network communication of robots. Cyber-attacks may hinder evolution and adaptation of most ROS-enabled robotic systems for real-world use over the Internet. Thus, it is important to address and prevent security threats associated with the use of ROS-enabled applications. In this paper, we propose a novel approach for securing ROS-enabled robotic system by integrating ROS with the Message Queuing Telemetry Transport (MQTT) protocol. We manage to secure robots' network communications by providing authentication and data encryption, therefore preventing man-in-the-middle and hijacking attacks. We also perform real-world experiments to assess how the performance of a ROS-enabled robotic surveillance system is affected by the proposed approach.

2020-11-23
Kumari, K. A., Sadasivam, G. S., Gowri, S. S., Akash, S. A., Radhika, E. G..  2018.  An Approach for End-to-End (E2E) Security of 5G Applications. 2018 IEEE 4th International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing, (HPSC) and IEEE International Conference on Intelligent Data and Security (IDS). :133–138.
As 5G transitions from an industrial vision to a tangible, next-generation mobile technology, security remains key business driver. Heterogeneous environment, new networking paradigms and novel use cases makes 5G vulnerable to new security threats. This in turn necessitates a flexible and dependable security mechanism. End-to-End (E2E) data protection provides better security, avoids repeated security operations like encryption/decryption and provides differentiated security based on the services. E2E security deals with authentication, integrity, key management and confidentiality. The attack surface of a 5G system is larger as 5G aims for a heterogeneous networked society. Hence attack resistance needs to be a design consideration when defining new 5G protocols. This framework has been designed for accessing the manifold applications with high security and trust by offering E2E security for various services. The proposed framework is evaluated based on computation complexity, communication complexity, attack resistance rate and security defensive rate. The protocol is also evaluated for correctness, and resistance against passive, active and dictionary attacks using random oracle model and Automated Validation of Internet Security Protocols and Applications (AVISPA) tool.
2020-11-17
Qian, K., Parizi, R. M., Lo, D..  2018.  OWASP Risk Analysis Driven Security Requirements Specification for Secure Android Mobile Software Development. 2018 IEEE Conference on Dependable and Secure Computing (DSC). :1—2.
The security threats to mobile applications are growing explosively. Mobile apps flaws and security defects open doors for hackers to break in and access sensitive information. Defensive requirements analysis should be an integral part of secure mobile SDLC. Developers need to consider the information confidentiality and data integrity, to verify the security early in the development lifecycle rather than fixing the security holes after attacking and data leaks take place. Early eliminating known security vulnerabilities will help developers increase the security of apps and reduce the likelihood of exploitation. However, many software developers lack the necessary security knowledge and skills at the development stage, and that's why Secure Mobile Software Development education is very necessary for mobile software engineers. In this paper, we propose a guided security requirement analysis based on OWASP Mobile Top ten security risk recommendations for Android mobile software development and its traceability of the developmental controls in SDLC. Building secure apps immune to the OWASP Mobile Top ten risks would be an effective approach to provide very useful mobile security guidelines.
2020-11-02
Sharma, Sachin, Ghanshala, Kamal Kumar, Mohan, Seshadri.  2018.  A Security System Using Deep Learning Approach for Internet of Vehicles (IoV). 2018 9th IEEE Annual Ubiquitous Computing, Electronics Mobile Communication Conference (UEMCON). :1—5.

The Internet of Vehicles (IoV) will connect not only mobile devices with vehicles, but it will also connect vehicles with each other, and with smart offices, buildings, homes, theaters, shopping malls, and cities. The IoV facilitates optimal and reliable communication services to connected vehicles in smart cities. The backbone of connected vehicles communication is the critical V2X infrastructures deployment. The spectrum utilization depends on the demand by the end users and the development of infrastructure that includes efficient automation techniques together with the Internet of Things (IoT). The infrastructure enables us to build smart environments for spectrum utilization, which we refer to as Smart Spectrum Utilization (SSU). This paper presents an integrated system consisting of SSU with IoV. However, the tasks of securing IoV and protecting it from cyber attacks present considerable challenges. This paper introduces an IoV security system using deep learning approach to develop secure applications and reliable services. Deep learning composed of unsupervised learning and supervised learning, could optimize the IoV security system. The deep learning methodology is applied to monitor security threats. Results from simulations show that the monitoring accuracy of the proposed security system is superior to that of the traditional system.

Siddiqui, Abdul Jabbar, Boukerche, Azzedine.  2018.  On the Impact of DDoS Attacks on Software-Defined Internet-of-Vehicles Control Plane. 2018 14th International Wireless Communications Mobile Computing Conference (IWCMC). :1284—1289.

To enhance the programmability and flexibility of network and service management, the Software-Defined Networking (SDN) paradigm is gaining growing attention by academia and industry. Motivated by its success in wired networks, researchers have recently started to embrace SDN towards developing next generation wireless networks such as Software-Defined Internet of Vehicles (SD-IoV). As the SD-IoV evolves, new security threats would emerge and demand attention. And since the core of the SD-IoV would be the control plane, it is highly vulnerable to Distributed Denial of Service (DDoS) Attacks. In this work, we investigate the impact of DDoS attacks on the controllers in a SD-IoV environment. Through experimental evaluations, we highlight the drastic effects DDoS attacks could have on a SD-IoV in terms of throughput and controller load. Our results could be a starting point to motivate further research in the area of SD-IoV security and would give deeper insights into the problems of DDoS attacks on SD-IoV.

2020-10-16
Supriyanto, Aji, Diartono, Dwi Agus, Hartono, Budi, Februariyanti, Herny.  2019.  Inclusive Security Models To Building E-Government Trust. 2019 3rd International Conference on Informatics and Computational Sciences (ICICoS). :1—6.

The low attention to security and privacy causes some problems on data and information that can lead to a lack of public trust in e-Gov service. Security threats are not only included in technical issues but also non-technical issues and therefore, it needs the implementation of inclusive security. The application of inclusive security to e-Gov needs to develop a model involving security and privacy requirements as a trusted security solution. The method used is the elicitation of security and privacy requirements in a security perspective. Identification is carried out on security and privacy properties, then security and privacy relationships are determined. The next step is developing the design of an inclusive security model on e-Gov. The last step is doing an analysis of e-Gov service activities and the role of inclusive security. The results of this study identified security and privacy requirements for building inclusive security. Identification of security requirements involves properties such as confidentiality (C), integrity (I), availability (A). Meanwhile, privacy requirement involves authentication (Au), authorization (Az), and Non-repudiation (Nr) properties. Furthermore, an inclusive security design model on e-Gov requires trust of internet (ToI) and trust of government (ToG) as an e-Gov service provider. Access control is needed to provide solutions to e-Gov service activities.

2020-09-28
Ma, Renjie, Liu, Jianxing, Wu, Ligang.  2019.  Privacy-Enabled Secure Control of Fog Computing Aided Cyber-Physical Systems. IECON 2019 - 45th Annual Conference of the IEEE Industrial Electronics Society. 1:509–514.
With rapid development of deep integration of computation, control, and communication, Cyber-Physical Systems (CPSs) play an important role in industrial processes. Combined with the technology of fog computing, CPSs can outsource their complicated computation to the fog layer, which in turn, may bring security threats with regard to data privacy. To protect data privacy in a control framework, this paper investigate observer-based secure control problem towards fog computing aided CPSs (FCA-CPSs) by utilizing data perturbation method. Firstly, security inputs are designed to encrypt the transmitted states to realize specific confidentiality level. Then, sufficient conditions are established to ensure the stability of considered FCA-CPSs. Finally, a numerical example is provided to illustrate the effectiveness of the secure estimation scheme.
Ahmad, Ibtihaj, Zarrar, Muhammad Kaab, Saeed, Takreem, Rehman, Saad.  2018.  Security Aspects of Cyber Physical Systems. 2018 1st International Conference on Computer Applications Information Security (ICCAIS). :1–6.
Cyber Physical System (CPS) is one of the emerging technologies of the day due to its large number of applications. Its applications extends to automotive, commercial, medical, home appliances and manufacturing industries. Mass research is being conducted in this area including design models, signal processing, control system models, communication models and security. One of the most important aspects of these is security and privacy of CPS. There are a number of vulnerabilities and threats that can be used by an attacker to exploit a cyber physical system. This paper provides a brief review of current security threats, vulnerabilities and its solutions for CPS. For the sake of simplicity the security threats have been divided into two classes i.e. control security and information security. Based on this division various attack methods and their possible solutions have been discussed.
2020-08-07
Liu, Donglan, Zhang, Hao, Yu, Hao, Liu, Xin, Zhao, Yong, Lv, Guodong.  2019.  Research and Application of APT Attack Defense and Detection Technology Based on Big Data Technology. 2019 IEEE 9th International Conference on Electronics Information and Emergency Communication (ICEIEC). :1—4.
In order to excavate security threats in power grid by making full use of heterogeneous data sources in power information system, this paper proposes APT (Advanced Persistent Threat) attack detection sandbox technology and active defense system based on big data analysis technology. First, the file is restored from the mirror traffic and executed statically. Then, sandbox execution was carried out to introduce analysis samples into controllable virtual environment, and dynamic analysis and operation samples were conducted. Through analyzing the dynamic processing process of samples, various known and unknown malicious code, APT attacks, high-risk Trojan horses and other network security risks were comprehensively detected. Finally, the threat assessment of malicious samples is carried out and visualized through the big data platform. The results show that the method proposed in this paper can effectively warn of unknown threats, improve the security level of system data, have a certain active defense ability. And it can effectively improve the speed and accuracy of power information system security situation prediction.
2020-08-03
Ferraris, Davide, Fernandez-Gago, Carmen, Daniel, Joshua, Lopez, Javier.  2019.  A Segregated Architecture for a Trust-based Network of Internet of Things. 2019 16th IEEE Annual Consumer Communications Networking Conference (CCNC). :1–6.
With the ever-increasing number of smart home devices, the issues related to these environments are also growing. With an ever-growing attack surface, there is no standard way to protect homes and their inhabitants from new threats. The inhabitants are rarely aware of the increased security threats that they are exposed to and how to manage them. To tackle this problem, we propose a solution based on segmented architectures similar to the ones used in industrial systems. In this approach, the smart home is segmented into various levels, which can broadly be categorised into an inner level and external level. The external level is protected by a firewall that checks the communication from/to the Internet to/from the external devices. The internal level is protected by an additional firewall that filters the information and the communications between the external and the internal devices. This segmentation guarantees a trusted environment among the entities of the internal network. In this paper, we propose an adaptive trust model that checks the behaviour of the entities and in case the entities violate trust rules they can be put in quarantine or banned from the network.
2020-07-27
Sandosh, S., Govindasamy, V., Akila, G., Deepasangavy, K., FemidhaBegam, S., Sowmiya, B..  2019.  A Progressive Intrusion Detection System through Event Processing: Challenges and Motivation. 2019 IEEE International Conference on System, Computation, Automation and Networking (ICSCAN). :1–7.
In this contemporary world, working on internet is a crucial task owing to the security threats in the network like intrusions, injections etc. To recognize and reduce these system attacks, analysts and academicians have introduced Intrusion Detection Systems (IDSs) with the various standards and applications. There are different types of Intrusion Detection Systems (IDS) arise to solve the attacks in various environments. Though IDS is more powerful, it produces the results on the abnormal behaviours said to be attacks with false positive and false negative rates which leads to inaccurate detection rate. The other problem is that, there are more number of attacks arising simultaneously with different behaviour being detected by the IDS with high false positive rates which spoils the strength and lifetime of the system, system's efficiency and fault tolerance. Complex Event Processing (CEP) plays a vital role in handling the alerts as events in real time environment which mainly helps to recognize and reduce the redundant alerts.CEP identifies and analyses relationships between events in real time, allowing the system to proactively take efficient actions to respond to specific alerts.In this study, the tendency of Complex Event Processing (CEP) over Intrusion Detection System (IDS) which offers effective handling of the alerts received from IDS in real time and the promotion of the better detection of the attacks are discussed. The merits and challenges of CEP over IDS described in this paper helps to understand and educate the IDS systems to focus on how to tackle the dynamic attacks and its alerts in real time.
2020-07-24
Chen, Jun, Zhu, Huijun, Chen, Zhixin, Cai, Xiaobo, Yang, Linnan.  2019.  A Security Evaluation Model Based on Fuzzy Hierarchy Analysis for Industrial Cyber-Physical Control Systems. 2019 IEEE International Conference on Industrial Internet (ICII). :62—65.
With the increasing security threats to the information of Industrial Cyber-physical Control Systems, the quantitative assessment of security risk becomes an important basis of information security research. Based on fuzzy hierarchy analysis, this paper constructs the hierarchical model of industrial control system safety risk evaluation, and obtains the exact value of risk. Experimental results show that the proposed method can effectively quantify the control system risk, which provides a basis for industrial control system risk management decision.
Wu, Zhijun, Xu, Enzhong, Liu, Liang, Yue, Meng.  2019.  CHTDS: A CP-ABE Access Control Scheme Based on Hash Table and Data Segmentation in NDN. 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :843—848.

For future Internet, information-centric networking (ICN) is considered a potential solution to many of its current problems, such as content distribution, mobility, and security. Named Data Networking (NDN) is a more popular ICN project. However, concern regarding the protection of user data persists. Information caching in NDN decouples content and content publishers, which leads to content security threats due to lack of secure controls. Therefore, this paper presents a CP-ABE (ciphertext policy attribute based encryption) access control scheme based on hash table and data segmentation (CHTDS). Based on data segmentation, CHTDS uses a method of linearly splitting fixed data blocks, which effectively improves data management. CHTDS also introduces CP-ABE mechanism and hash table data structure to ensure secure access control and privilege revocation does not need to re-encrypt the published content. The analysis results show that CHTDS can effectively realize the security and fine-grained access control in the NDN environment, and reduce communication overhead for content access.

2020-07-20
Lekidis, Alexios, Barosan, Ion.  2019.  Model-based simulation and threat analysis of in-vehicle networks. 2019 15th IEEE International Workshop on Factory Communication Systems (WFCS). :1–8.
Automotive systems are currently undergoing a rapid evolution through the integration of the Internet of Things (IoT) and Software Defined Networking (SDN) technologies. The main focus of this evolution is to improve the driving experience, including automated controls, intelligent navigation and safety systems. Moreover, the extremely rapid pace that such technologies are brought into the vehicles, necessitates the presence of adequate testing of new features to avoid operational errors. Apart from testing though, IoT and SDN technologies also widen the threat landscape of cyber-security risks due to the amount of connectivity interfaces that are nowadays exposed in vehicles. In this paper we present a new method, based on OMNET++, for testing new in-vehicle features and assessing security risks through network simulation. The method is demonstrated through a case-study on a Toyota Prius, whose network data are analyzed for the detection of anomalies caused from security threats or operational errors.
2020-07-06
Cerotti, D., Codetta-Raiteri, D., Egidi, L., Franceschinis, G., Portinale, L., Dondossola, G., Terruggia, R..  2019.  Analysis and Detection of Cyber Attack Processes targeting Smart Grids. 2019 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe). :1–5.
This paper proposes an approach based on Bayesian Networks to support cyber security analysts in improving the cyber-security posture of the smart grid. We build a system model that exploits real world context information from both Information and Operational Technology environments in the smart grid, and we use it to demonstrate sample predictive and diagnostic analyses. The innovative contribution of this work is in the methodology capability of capturing the many dependencies involved in the assessment of security threats, and of supporting the security analysts in planning defense and detection mechanisms for energy digital infrastructures.
2020-06-19
Eziama, Elvin, Ahmed, Saneeha, Ahmed, Sabbir, Awin, Faroq, Tepe, Kemal.  2019.  Detection of Adversary Nodes in Machine-To-Machine Communication Using Machine Learning Based Trust Model. 2019 IEEE International Symposium on Signal Processing and Information Technology (ISSPIT). :1—6.

Security challenges present in Machine-to-Machine Communication (M2M-C) and big data paradigm are fundamentally different from conventional network security challenges. In M2M-C paradigms, “Trust” is a vital constituent of security solutions that address security threats and for such solutions,it is important to quantify and evaluate the amount of trust in the information and its source. In this work, we focus on Machine Learning (ML) Based Trust (MLBT) evaluation model for detecting malicious activities in a vehicular Based M2M-C (VBM2M-C) network. In particular, we present an Entropy Based Feature Engineering (EBFE) coupled Extreme Gradient Boosting (XGBoost) model which is optimized with Binary Particle Swarm optimization technique. Based on three performance metrics, i.e., Accuracy Rate (AR), True Positive Rate (TPR), False Positive Rate (FPR), the effectiveness of the proposed method is evaluated in comparison to the state-of-the-art ensemble models, such as XGBoost and Random Forest. The simulation results demonstrates the superiority of the proposed model with approximately 10% improvement in accuracy, TPR and FPR, with reference to the attacker density of 30% compared with the start-of-the-art algorithms.