Visible to the public Biblio

Filters: Keyword is process control  [Clear All Filters]
2021-09-30
Wang, Guoqing, Zhuang, Lei, Liu, Taotao, Li, Shuxia, Yang, Sijin, Lan, Julong.  2020.  Formal Analysis and Verification of Industrial Control System Security via Timed Automata. 2020 International Conference on Internet of Things and Intelligent Applications (ITIA). :1–5.
The industrial Internet of Things (IIoT) can facilitate industrial upgrading, intelligent manufacturing, and lean production. Industrial control system (ICS) is a vital support mechanism for many key infrastructures in the IIoT. However, natural defects in the ICS network security mechanism and the susceptibility of the programmable logic controller (PLC) program to malicious attack pose a threat to the safety of national infrastructure equipment. To improve the security of the underlying equipment in ICS, a model checking method based on timed automata is proposed in this work, which can effectively model the control process and accurately simulate the system state when incorporating time factors. Formal analysis of the ICS and PLC is then conducted to formulate malware detection rules which can constrain the normal behavior of the system. The model checking tool UPPAAL is then used to verify the properties by detecting whether there is an exception in the system and determine the behavior of malware through counter-examples. The chemical reaction control system in Tennessee-Eastman process is taken as an example to carry out modeling, characterization, and verification, and can effectively detect multiple patterns of malware and propose relevant security policy recommendations.
2021-09-16
Sah, Love Kumar, Polnati, Srivarsha, Islam, Sheikh Ariful, Katkoori, Srinivas.  2020.  Basic Block Encoding Based Run-Time CFI Check for Embedded Software. 2020 IFIP/IEEE 28th International Conference on Very Large Scale Integration (VLSI-SOC). :135–140.
Modern control flow attacks circumvent existing defense mechanisms to transfer the program control to attacker chosen malicious code in the program, leaving application vulnerable to attack. Advanced attacks such as Return-Oriented Programming (ROP) attack and its variants, transfer program execution to gadgets (code-snippet that ends with return instruction). The code space to generate gadgets is large and attacks using these gadgets are Turing-complete. One big challenge to harden the program against ROP attack is to confine gadget selection to a limited locations, thus leaving the attacker to search entire code space according to payload criteria. In this paper, we present a novel approach to label the nodes of the Control-Flow Graph (CFG) of a program such that labels of the nodes on a valid control flow edge satisfy a Hamming distance property. The newly encoded CFG enables detection of illegal control flow transitions during the runtime in the processor pipeline. Experimentally, we have demonstrated that the proposed Control Flow Integrity (CFI) implementation is effective against control-flow hijacking and the technique can reduce the search space of the ROP gadgets upto 99.28%. We have also validated our technique on seven applications from MiBench and the proposed labeling mechanism incurs no instruction count overhead while, on average, it increases instruction width to a maximum of 12.13%.
2021-09-09
Zarubskiy, Vladimir G., Bondarchuk, Aleksandr S., Bondarchuk, Ksenija A..  2020.  Evaluation of the Computational Complexity of Implementation of the Process of Adaptation of High-Reliable Control Systems. 2020 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). :964–967.
The development of control systems of increased reliability is highly relevant due to their widespread introduction in various sectors of human activity, including those where failure of the control system can lead to serious or catastrophic consequences. The increase of the reliability of control systems is directly related with the reliability of control computers (so called intellectual centers) since the computer technology is the basis of modern control systems. One of the possible solutions to the development of highly reliable control computers is the practical implementation of the provisions of the theory of structural stability, which involves the practical solution of two main tasks - this is the task of functional adaptation and the preceding task of functional diagnostics. This article deals with the issues on the assessment of computational complexity of the implementation of the adaptation process of structural and sustainable control computer. The criteria of computational complexity are the characteristics of additionally attracted resources, such as the temporal characteristics of the adaptation process and the characteristics of the involved amount of memory resources of the control computer involved in the implementation of the adaptation process algorithms.
2021-09-07
Nweke, Livinus Obiora, Wolthusen, Stephen D..  2020.  Modelling Adversarial Flow in Software-Defined Industrial Control Networks Using a Queueing Network Model. 2020 IEEE Conference on Communications and Network Security (CNS). :1–6.
In recent years, software defined networking (SDN) has been proposed for enhancing the security of industrial control networks. However, its ability to guarantee the quality of service (QoS) requirements of such networks in the presence of adversarial flow still needs to be investigated. Queueing theory and particularly queueing network models have long been employed to study the performance and QoS characteristics of networks. The latter appears to be particularly suitable to capture the behaviour of SDN owing to the dependencies between layers, planes and components in an SDN architecture. Also, several authors have used queueing network models to study the behaviour of different application of SDN architectures, but none of the existing works have considered the strong periodic network traffic in software-defined industrial control networks. In this paper, we propose a queueing network model for softwaredefined industrial control networks, taking into account the strong periodic patterns of the network traffic in the data plane. We derive the performance measures for the analytical model and apply the queueing network model to study the effect of adversarial flow in software-defined industrial control networks.
2021-09-01
Barinov, Andrey, Beschastnov, Semen, Boger, Alexander, Kolpakov, Alexey, Ufimtcev, Maxim.  2020.  Virtual Environment for Researching Information Security of a Distributed ICS. 2020 Global Smart Industry Conference (GloSIC). :348—353.
Nowadays, industrial control systems are increasingly subject to cyber-attacks. In this regard, the relevance of ICS modeling for security research and for teaching employees the basics of information security is increasing. Most of the existing testbeds for research on information security of industrial control systems are software and hardware solutions that contain elements of industrial equipment. However, when implementing distance-learning programs, it is not possible to fully use such testbeds. This paper describes the approach of complete virtualization of technological processes in ICS based on the open source programmable logic controller OpenPLC. This enables a complete information security training from any device with Internet access. A unique feature of this stand is also the support of several PLCs and a lower-level subsystem implemented by a distributed I/O system. The study describes the implementation scheme of the stand, and several case of reproduction of attacks. Scaling approaches for this solution are also considered.
2021-07-08
Wahyudono, Bintang, Ogi, Dion.  2020.  Implementation of Two Factor Authentication based on RFID and Face Recognition using LBP Algorithm on Access Control System. 2020 International Conference on ICT for Smart Society (ICISS). CFP2013V-ART:1—6.
Studies on two-factor authentication based on RFID and face recognition have been carried out on a large scale. However, these studies didn't discuss the way to overcome the weaknesses of face recognition authentication in the access control systems. In this study, two authentication factors, RFID and face recognition, were implemented using the LBP (Local Binary Pattern) algorithm to overcome weaknesses of face recognition authentication in the access control system. Based on the results of performance testing, the access control system has 100% RFID authentication and 80% face recognition authentication. The average time for the RFID authentication process is 0.03 seconds, the face recognition process is 6.3885 seconds and the verification of the face recognition is 0.1970 seconds. The access control system can still work properly after three days without being switched off. The results of security testing showed that the capabilities spoofing detection has 100% overcome the photo attack.
2021-06-30
Asyaev, G. D., Antyasov, I. S..  2020.  Model for Providing Information Security of APCS Based on Predictive Maintenance Technology. 2020 Global Smart Industry Conference (GloSIC). :287—290.
In article the basic criteria of quality of work of the automated control system of technological process (APCS) are considered, the analysis of critical moments and level of information safety of APCS is spent. The model of maintenance of information safety of APCS on the basis of technology of predictive maintenance with application of intellectual methods of data processing is offered. The model allows to generate the list of actions at detection of new kinds of the threats connected with destructive influences on object, proceeding from acceptability of predicted consequences of work of APCS. In article with use of the system analysis the complex model of the technical object of automation is developed, allowing to estimate consequences from realization of threats of information safety at various system levels of APCS.
Maalla, Allam.  2020.  Research on Data Transmission Security Architecture Design and Process. 2020 IEEE International Conference on Information Technology,Big Data and Artificial Intelligence (ICIBA). 1:1195—1199.
With the development of business, management companies are currently facing a series of problems and challenges in terms of resource allocation and task management. In terms of the technical route, this research will use cloud services to implement the public honesty system, and carry out secondary development and interface development on this basis, the architecture design and the formulation of the process are realized for various types, relying on the support of the knowledge base and case library, through the system intelligent configuration corresponding work instructions, safety work instructions, case references and other reference information to the existing work plan to provide managers Reference; managers can configure and adjust the work content by themselves through specific requirements to efficiently and flexibly adapt to the work content.
2021-06-02
Avula, Ramana R., Oechtering, Tobias J..  2020.  On Design of Optimal Smart Meter Privacy Control Strategy Against Adversarial Map Detection. ICASSP 2020 - 2020 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP). :5845—5849.
We study the optimal control problem of the maximum a posteriori (MAP) state sequence detection of an adversary using smart meter data. The privacy leakage is measured using the Bayesian risk and the privacy-enhancing control is achieved in real-time using an energy storage system. The control strategy is designed to minimize the expected performance of a non-causal adversary at each time instant. With a discrete-state Markov model, we study two detection problems: when the adversary is unaware or aware of the control. We show that the adversary in the former case can be controlled optimally. In the latter case, where the optimal control problem is shown to be non-convex, we propose an adaptive-grid approximation algorithm to obtain a sub-optimal strategy with reduced complexity. Although this work focuses on privacy in smart meters, it can be generalized to other sensor networks.
2021-05-25
Segovia, Mariana, Rubio-Hernan, Jose, Cavalli, Ana R., Garcia-Alfaro, Joaquin.  2020.  Cyber-Resilience Evaluation of Cyber-Physical Systems. 2020 IEEE 19th International Symposium on Network Computing and Applications (NCA). :1—8.
Cyber-Physical Systems (CPS) use computational resources to control physical processes and provide critical services. For this reason, an attack in these systems may have dangerous consequences in the physical world. Hence, cyber- resilience is a fundamental property to ensure the safety of the people, the environment and the controlled physical processes. In this paper, we present metrics to quantify the cyber-resilience level based on the design, structure, stability, and performance under the attack of a given CPS. The metrics provide reference points to evaluate whether the system is better prepared or not to face the adversaries. This way, it is possible to quantify the ability to recover from an adversary using its mathematical model based on actuators saturation. Finally, we validate our approach using a numeric simulation on the Tennessee Eastman control challenge problem.
Bogosyan, Seta, Gokasan, Metin.  2020.  Novel Strategies for Security-hardened BMS for Extremely Fast Charging of BEVs. 2020 IEEE 23rd International Conference on Intelligent Transportation Systems (ITSC). :1–7.

The increased power capacity and networking requirements in Extremely Fast Charging (XFC) systems for battery electric vehicles (BEVs) and the resulting increase in the adversarial attack surface call for security measures to be taken in the involved cyber-physical system (CPS). Within this system, the security of the BEV's battery management system (BMS) is of critical importance as the BMS is the first line of defense between the vehicle and the charge station. This study proposes an optimal control and moving-target defense (MTD) based novel approach for the security of the vehicle BMS) focusing on the charging process, during which a compromised vehicle may contaminate the XFC station and the whole grid. This paper is part of our ongoing research, which is one of the few, if not the first, reported studies in the literature on security-hardened BMS, aiming to increase the security and performance of operations between the charging station, the BMS and the battery system of electric vehicles. The developed MTD based switching strategy makes use of redundancies in the controller and feedback design. The performed simulations demonstrate an increased unpredictability and acceptable charging performance under adversarial attacks.

2021-05-13
Huo, Dongdong, Wang, Yu, Liu, Chao, Li, Mingxuan, Wang, Yazhe, Xu, Zhen.  2020.  LAPE: A Lightweight Attestation of Program Execution Scheme for Bare-Metal Systems. 2020 IEEE 22nd International Conference on High Performance Computing and Communications; IEEE 18th International Conference on Smart City; IEEE 6th International Conference on Data Science and Systems (HPCC/SmartCity/DSS). :78—86.

Unlike traditional processors, Internet of Things (IoT) devices are short of resources to incorporate mature protections (e.g. MMU, TrustZone) against modern control-flow attacks. Remote (control-flow) attestation is fast becoming a key instrument in securing such devices as it has proven the effectiveness on not only detecting runtime malware infestation of a remote device, but also saving the computing resources by moving the costly verification process away. However, few control-flow attestation schemes have been able to draw on any systematic research into the software specificity of bare-metal systems, which are widely deployed on resource-constrained IoT devices. To our knowledge, the unique design patterns of the system limit implementations of such expositions. In this paper, we present the design and proof-of-concept implementation of LAPE, a lightweight attestation of program execution scheme that enables detecting control-flow attacks for bare-metal systems without requiring hardware modification. With rudimentary memory protection support found in modern IoT-class microcontrollers, LAPE leverages software instrumentation to compartmentalize the firmware functions into several ”attestation compartments”. It then continuously tracks the control-flow events of each compartment and periodically reports them to the verifier. The PoC of the scheme is incorporated into an LLVM-based compiler to generate the LAPE-enabled firmware. By taking experiments with several real-world IoT firmware, the results show both the efficiency and practicality of LAPE.

2021-05-05
Lee, Jae-Myeong, Hong, Sugwon.  2020.  Host-Oriented Approach to Cyber Security for the SCADA Systems. 2020 6th IEEE Congress on Information Science and Technology (CiSt). :151—155.
Recent cyberattacks targeting Supervisory Control and Data Acquisition (SCADA)/Industrial Control System(ICS) exploit weaknesses of host system software environment and take over the control of host processes in the host of the station network. We analyze the attack path of these attacks, which features how the attack hijacks the host in the network and compromises the operations of field device controllers. The paper proposes a host-based protection method, which can prevent malware penetration into the process memory by code injection attacks. The method consists of two protection schemes. One is to prevent file-based code injection such as DLL injection. The other is to prevent fileless code injection. The method traces changes in memory regions and determine whether the newly allocated memory is written with malicious codes. For this method, we show how a machine learning method can be adopted.
2021-05-03
Herber, Paula, Liebrenz, Timm.  2020.  Dependence Analysis and Automated Partitioning for Scalable Formal Analysis of SystemC Designs. 2020 18th ACM-IEEE International Conference on Formal Methods and Models for System Design (MEMOCODE). :1–6.
Embedded systems often consist of deeply intertwined hardware and software components. At the same time, they are often used in safety-critical applications, where an error may result in enormous costs or even loss of human lives. Existing verification techniques that show the absence of errors do not scale well for complex integrated HW/SW systems. In this paper, we present a dependence analysis and automated partitioning approach for the formal analysis of HW/SW codesigns that are modeled in SystemC. The key idea of our approach is threefold: first, we partition a given system into loosely coupled submodels. Second, we analyze the dependences between these submodels and compute an abstract verification interface for each of them, which captures all possible influences of all other submodels. Third, we verify global properties of the overall system by verifying them separately for each subsystem. We demonstrate that our approach significantly reduces verification times and increases scalability with results for an anti-lock braking system.
2021-04-27
Aigner, A., Khelil, A..  2020.  A Benchmark of Security Metrics in Cyber-Physical Systems. 2020 IEEE International Conference on Sensing, Communication and Networking (SECON Workshops). :1—6.

The usage of connected devices and their role within our daily- and business life gains more and more impact. In addition, various derivations of Cyber-Physical Systems (CPS) reach new business fields, like smart healthcare or Industry 4.0. Although these systems do bring many advantages for users by extending the overall functionality of existing systems, they come with several challenges, especially for system engineers and architects. One key challenge consists in achieving a sufficiently high level of security within the CPS environment, as sensitive data or safety-critical functions are often integral parts of CPS. Being system of systems (SoS), CPS complexity, unpredictability and heterogeneity complicate analyzing the overall level of security, as well as providing a way to detect ongoing attacks. Usually, security metrics and frameworks provide an effective tool to measure the level of security of a given component or system. Although several comprehensive surveys exist, an assessment of the effectiveness of the existing solutions for CPS environments is insufficiently investigated in literature. In this work, we address this gap by benchmarking a carefully selected variety of existing security metrics in terms of their usability for CPS. Accordingly, we pinpoint critical CPS challenges and qualitatively assess the effectiveness of the existing metrics for CPS systems.

Damis, H. A., Shehada, D., Fachkha, C., Gawanmeh, A., Al-Karaki, J. N..  2020.  A Microservices Architecture for ADS-B Data Security Using Blockchain. 2020 3rd International Conference on Signal Processing and Information Security (ICSPIS). :1—4.

The use of Automatic Dependent Surveillance - Broadcast (ADS-B) for aircraft tracking and flight management operations is widely used today. However, ADS-B is prone to several cyber-security threats due to the lack of data authentication and encryption. Recently, Blockchain has emerged as new paradigm that can provide promising solutions in decentralized systems. Furthermore, software containers and Microservices facilitate the scaling of Blockchain implementations within cloud computing environment. When fused together, these technologies could help improve Air Traffic Control (ATC) processing of ADS-B data. In this paper, a Blockchain implementation within a Microservices framework for ADS-B data verification is proposed. The aim of this work is to enable data feeds coming from third-party receivers to be processed and correlated with that of the ATC ground station receivers. The proposed framework could mitigate ADS- B security issues of message spoofing and anomalous traffic data. and hence minimize the cost of ATC infrastructure by throughout third-party support.

Elavarasan, G., Veni, S..  2020.  Data Sharing Attribute-Based Secure with Efficient Revocation in Cloud Computing. 2020 International Conference on Computing and Information Technology (ICCIT-1441). :1—6.

In recent days, cloud computing is one of the emerging fields. It is a platform to maintain the data and privacy of the users. To process and regulate the data with high security, the access control methods are used. The cloud environment always faces several challenges such as robustness, security issues and so on. Conventional methods like Cipher text-Policy Attribute-Based Encryption (CP-ABE) are reflected in providing huge security, but still, the problem exists like the non-existence of attribute revocation and minimum efficient. Hence, this research work particularly on the attribute-based mechanism to maximize efficiency. Initially, an objective coined out in this work is to define the attributes for a set of users. Secondly, the data is to be re-encrypted based on the access policies defined for the particular file. The re-encryption process renders information to the cloud server for verifying the authenticity of the user even though the owner is offline. The main advantage of this work evaluates multiple attributes and allows respective users who possess those attributes to access the data. The result proves that the proposed Data sharing scheme helps for Revocation under a fine-grained attribute structure.

2021-03-30
Elnour, M., Meskin, N., Khan, K. M..  2020.  Hybrid Attack Detection Framework for Industrial Control Systems using 1D-Convolutional Neural Network and Isolation Forest. 2020 IEEE Conference on Control Technology and Applications (CCTA). :877—884.

Industrial control systems (ICSs) are used in various infrastructures and industrial plants for realizing their control operation and ensuring their safety. Concerns about the cybersecurity of industrial control systems have raised due to the increased number of cyber-attack incidents on critical infrastructures in the light of the advancement in the cyber activity of ICSs. Nevertheless, the operation of the industrial control systems is bind to vital aspects in life, which are safety, economy, and security. This paper presents a semi-supervised, hybrid attack detection approach for industrial control systems by combining Isolation Forest and Convolutional Neural Network (CNN) models. The proposed framework is developed using the normal operational data, and it is composed of a feature extraction model implemented using a One-Dimensional Convolutional Neural Network (1D-CNN) and an isolation forest model for the detection. The two models are trained independently such that the feature extraction model aims to extract useful features from the continuous-time signals that are then used along with the binary actuator signals to train the isolation forest-based detection model. The proposed approach is applied to a down-scaled industrial control system, which is a water treatment plant known as the Secure Water Treatment (SWaT) testbed. The performance of the proposed method is compared with the other works using the same testbed, and it shows an improvement in terms of the detection capability.

Pyatnisky, I. A., Sokolov, A. N..  2020.  Assessment of the Applicability of Autoencoders in the Problem of Detecting Anomalies in the Work of Industrial Control Systems.. 2020 Global Smart Industry Conference (GloSIC). :234—239.

Deep learning methods are increasingly becoming solutions to complex problems, including the search for anomalies. While fully-connected and convolutional neural networks have already found their application in classification problems, their applicability to the problem of detecting anomalies is limited. In this regard, it is proposed to use autoencoders, previously used only in problems of reducing the dimension and removing noise, as a method for detecting anomalies in the industrial control system. A new method based on autoencoders is proposed for detecting anomalies in the operation of industrial control systems (ICS). Several neural networks based on auto-encoders with different architectures were trained, and the effectiveness of each of them in the problem of detecting anomalies in the work of process control systems was evaluated. Auto-encoders can detect the most complex and non-linear dependencies in the data, and as a result, can show the best quality for detecting anomalies. In some cases, auto-encoders require fewer machine resources.

2021-03-29
Tang, C., Fu, X., Tang, P..  2020.  Policy-Based Network Access and Behavior Control Management. 2020 IEEE 20th International Conference on Communication Technology (ICCT). :1102—1106.

Aiming at the requirements of network access control, illegal outreach control, identity authentication, security monitoring and application system access control of information network, an integrated network access and behavior control model based on security policy is established. In this model, the network access and behavior management control process is implemented through abstract policy configuration, network device and application server, so that management has device-independent abstraction, and management simplification, flexibility and automation are improved. On this basis, a general framework of policy-based access and behavior management control is established. Finally, an example is given to illustrate the method of device connection, data drive and fusion based on policy-based network access and behavior management control.

2021-03-22
Vimercati, S. de Capitani di, Foresti, S., Paraboschi, S., Samarati, P..  2020.  Enforcing Corporate Governance's Internal Controls and Audit in the Cloud. 2020 IEEE 13th International Conference on Cloud Computing (CLOUD). :453–461.
More and more organizations are today using the cloud for their business as a quite convenient alternative to in-house solutions for storing, processing, and managing data. Cloud-based solutions are then permeating almost all aspects of business organizations, resulting appealing also for functions that, already in-house, may result sensitive or security critical, and whose enforcement in the cloud requires then particular care. In this paper, we provide an approach for securely relying on cloud-based services for the enforcement of Internal Controls and Audit (ICA) functions for corporate governance. Our approach is based on the use of selective encryption and of tags to provide a level of self-protection to data and for enabling only authorized parties to access data and perform operations on them, providing privacy and integrity guarantees, as well as accountability and non-repudiation.
2021-03-09
Guibene, K., Ayaida, M., Khoukhi, L., MESSAI, N..  2020.  Black-box System Identification of CPS Protected by a Watermark-based Detector. 2020 IEEE 45th Conference on Local Computer Networks (LCN). :341–344.

The implication of Cyber-Physical Systems (CPS) in critical infrastructures (e.g., smart grids, water distribution networks, etc.) has introduced new security issues and vulnerabilities to those systems. In this paper, we demonstrate that black-box system identification using Support Vector Regression (SVR) can be used efficiently to build a model of a given industrial system even when this system is protected with a watermark-based detector. First, we briefly describe the Tennessee Eastman Process used in this study. Then, we present the principal of detection scheme and the theory behind SVR. Finally, we design an efficient black-box SVR algorithm for the Tennessee Eastman Process. Extensive simulations prove the efficiency of our proposed algorithm.

Muñoz, C. M. Blanco, Cruz, F. Gómez, Valero, J. S. Jimenez.  2020.  Software architecture for the application of facial recognition techniques through IoT devices. 2020 Congreso Internacional de Innovación y Tendencias en Ingeniería (CONIITI). :1–5.

The facial recognition time by time takes more importance, due to the extend kind of applications it has, but it is still challenging when faces big variations in the characteristics of the biometric data used in the process and especially referring to the transportation of information through the internet in the internet of things context. Based on the systematic review and rigorous study that supports the extraction of the most relevant information on this topic [1], a software architecture proposal which contains basic security requirements necessary for the treatment of the data involved in the application of facial recognition techniques, oriented to an IoT environment was generated. Concluding that the security and privacy considerations of the information registered in IoT devices represent a challenge and it is a priority to be able to guarantee that the data circulating on the network are only accessible to the user that was designed for this.

2021-02-03
Chernov, D., Sychugov, A..  2020.  Determining the Hazard Quotient of Destructive Actions of Automated Process Control Systems Information Security Violator. 2020 International Russian Automation Conference (RusAutoCon). :566—570.
The purpose of the work is a formalized description of the method determining numerical expression of the danger from actions potentially implemented by an information security violator. The implementation of such actions may lead to a disruption of the ordered functioning of multilevel distributed automated process control systems, which indicates the importance of developing new adequate solutions for predicting attacks consequences. The analysis of the largest destructive effects on information security systems of critical objects is carried out. The most common methods of obtaining the value of the hazard quotient of information security violators' destructive actions are considered. Based on the known methods for determining the possible damage from attacks implemented by a potential information security violator, a new, previously undetected in open sources method for determining the hazard quotient of destructive actions of an information security violator has been proposed. In order to carry out experimental calculations by the proposed method, the authors developed the required software. The calculations results are presented and indicate the possibility of using the proposed method for modeling threats and information security violators when designing an information security system for automated process control systems.
2021-01-28
Esmeel, T. K., Hasan, M. M., Kabir, M. N., Firdaus, A..  2020.  Balancing Data Utility versus Information Loss in Data-Privacy Protection using k-Anonymity. 2020 IEEE 8th Conference on Systems, Process and Control (ICSPC). :158—161.

Data privacy has been an important area of research in recent years. Dataset often consists of sensitive data fields, exposure of which may jeopardize interests of individuals associated with the data. In order to resolve this issue, privacy techniques can be used to hinder the identification of a person through anonymization of the sensitive data in the dataset to protect sensitive information, while the anonymized dataset can be used by the third parties for analysis purposes without obstruction. In this research, we investigated a privacy technique, k-anonymity for different values of on different number columns of the dataset. Next, the information loss due to k-anonymity is computed. The anonymized files go through the classification process by some machine-learning algorithms i.e., Naive Bayes, J48 and neural network in order to check a balance between data anonymity and data utility. Based on the classification accuracy, the optimal values of and are obtained, and thus, the optimal and can be used for k-anonymity algorithm to anonymize optimal number of columns of the dataset.