Visible to the public Biblio

Found 240 results

Filters: Keyword is cyber security  [Clear All Filters]
2021-11-29
Claveria, Joevis J., Kalam, Akhtar.  2020.  Communication and Information Security Assessment of a Digital Substation. 2020 Australasian Universities Power Engineering Conference (AUPEC). :1–7.
The Internet of Things (IoT) has enabled the rapid pace of the use of communication technology and infiltration of technical systems in a digital world. In terms of power systems generation and operation, a reliable solution for substation automation and smart grid communication is the IEC 61850 standard. It has a robust modelling structure for monitoring, protection, and control and management systems in substations and across the grid. Modern communication technologies are destined for internet use for remote monitoring, settings, and data recovery. However, the communication network is exposed to cyber threats and evident risks in security defense of automated power systems. To tackle these vulnerabilities, the IEC 62351 standard aims to improve security in handling the communication and data transfers in power system automation. This paper discusses the different security measures in communication, information and cyber security solutions in power systems. To further illustrate the novel communication and security schemes of digital substations, a case study using the Victoria University Zone Substation (VUZS) simulator for cybersecurity assessment has been instigated.
2021-11-08
Dang, Quang Anh, Khondoker, Rahamatullah, Wong, Kelvin, Kamijo, Shunsuke.  2020.  Threat Analysis of an Autonomous Vehicle Architecture. 2020 2nd International Conference on Sustainable Technologies for Industry 4.0 (STI). :1–6.
Over recent years, we have seen a significant rise in popularity of autonomous vehicle. Several researches have shown the severity of security threats that autonomous vehicles face -for example, Miller and Valasek (2015) were able to remotely take complete control over a 2014 Jeep Cherokee in a so called "Jeephack" [1]. This paper analyses the threats that the Electrical and Electronic (E/E) architecture of an autonomous vehicle has to face and rank those threats by severity. To achieve this, the Microsoft's STRIDE threat analysis technique was applied and 13 threats were identified. These are sorted by their Common Vulnerability Scoring System (CVSS) scores. Potential mitigation methods are then suggested for the five topmost severe threats.
Damasevicius, Robertas, Toldinas, Jevgenijus, Venckauskas, Algimantas, Grigaliunas, Sarunas, Morkevicius, Nerijus.  2020.  Technical Threat Intelligence Analytics: What and How to Visualize for Analytic Process. 2020 24th International Conference Electronics. :1–4.
Visual Analytics uses data visualization techniques for enabling compelling data analysis by engaging graphical and visual portrayal. In the domain of cybersecurity, convincing visual representation of data enables to ascertain valuable observations that allow the domain experts to construct efficient cyberattack mitigation strategies and provide useful decision support. We present a survey of visual analytics tools and methods in the domain of cybersecurity. We explore and discuss Technical Threat Intelligence visualization tools using the Five Question Method. We conclude the analysis of the works using Moody's Physics of Notations, and VIS4ML ontology as a methodological background of visual analytics process. We summarize our analysis as a high-level model of visual analytics for cybersecurity threat analysis.
He, Hongmei, Gray, John, Cangelosi, Angelo, Meng, Qinggang, McGinnity, T. M., Mehnen, Jörn.  2020.  The Challenges and Opportunities of Artificial Intelligence for Trustworthy Robots and Autonomous Systems. 2020 3rd International Conference on Intelligent Robotic and Control Engineering (IRCE). :68–74.
Trust is essential in designing autonomous and semiautonomous Robots and Autonomous Systems (RAS), because of the ``No trust, no use'' concept. RAS should provide high quality services, with four key properties that make them trustworthy: they must be (i) robust with regards to any system health related issues, (ii) safe for any matters in their surrounding environments, (iii) secure against any threats from cyber spaces, and (iv) trusted for human-machine interaction. This article thoroughly analyses the challenges in implementing the trustworthy RAS in respects of the four properties, and addresses the power of AI in improving the trustworthiness of RAS. While we focus on the benefits that AI brings to human, we should realize the potential risks that could be caused by AI. This article introduces for the first time the set of key aspects of human-centered AI for RAS, which can serve as a cornerstone for implementing trustworthy RAS by design in the future.
2021-10-12
Rajkumar, Vetrivel Subramaniam, Tealane, Marko, \c Stefanov, Alexandru, Palensky, Peter.  2020.  Cyber Attacks on Protective Relays in Digital Substations and Impact Analysis. 2020 8th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems. :1–6.
Power systems automation and communication standards are crucial for the transition of the conventional power system towards a smart grid. The IEC 61850 standard is widely used for substation automation and protection. It enables real-time communication and data exchange between critical substation automation devices. IEC 61850 serves as the foundation for open communication and data exchange for digital substations of the smart grid. However, IEC 61850 has cyber security vulnerabilities that can be exploited with a man-in-the-middle attack. Such coordinated cyber attacks against the protection system in digital substations can disconnect generation and transmission lines, causing cascading failures. In this paper, we demonstrate a cyber attack involving the Generic Object-Oriented Substation Event (GOOSE) protocol of IEC 61850. This is achieved by exploiting the cyber security vulnerabilities in the protocol and injecting spoofed GOOSE data frames into the substation communication network at the bay level. The cyber attack leads to tripping of multiple protective relays in the power grid, eventually resulting in a blackout. The attack model and impact on system dynamics are verified experimentally through hardware-in-the-loop simulations using commercial relays and Real-Time Digital Simulator (RTDS).
Rajkumar, Vetrivel Subramaniam, Tealane, Marko, \c Stefanov, Alexandru, Presekal, Alfan, Palensky, Peter.  2020.  Cyber Attacks on Power System Automation and Protection and Impact Analysis. 2020 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe). :247–254.
Power system automation and communication standards are spearheading the power system transition towards a smart grid. IEC 61850 is one such standard, which is widely used for substation automation and protection. It enables real-time communication and data exchange between critical substation automation and protection devices within digital substations. However, IEC 61850 is not cyber secure. In this paper, we demonstrate the dangerous implications of not securing IEC 61850 standard. Cyber attacks may exploit the vulnerabilities of the Sampled Values (SV) and Generic Object-Oriented Substation Event (GOOSE) protocols of IEC 61850. The cyber attacks may be realised by injecting spoofed SV and GOOSE data frames into the substation communication network at the bay level. We demonstrate that such cyber attacks may lead to obstruction or tripping of multiple protective relays. Coordinated cyber attacks against the protection system in digital substations may cause generation and line disconnections, triggering cascading failures in the power grid. This may eventually result in a partial or complete blackout. The attack model, impact on system dynamics and cascading failures are veri ed experimentally through a proposed cyber-physical experimental framework that closely resembles real-world conditions within a digital substation, including Intelligent Electronic Devices (IEDs) and protection schemes. It is implemented through Hardware-in-the-Loop (HIL) simulations of commercial relays with a Real-Time Digital Simulator (RTDS).
2021-09-30
Shuang, Zhang, Xinyu, Wan, Deqi, Kong, Yangming, Guo.  2020.  Embedded Virtualization Computing Platform Security Architecture Based on Trusted Computing. 2020 7th International Conference on Dependable Systems and Their Applications (DSA). :1–5.
With the application of virtualization and multi-core processor in embedded system, the computing capacity of embedded system has been improved comprehensively, but it is also faced with malicious attacks against virtualization technology. First, it was analyzed the security requirements of each layer of embedded virtualization computing platform. Aiming at the security requirements, it was proposed the security architecture of embedded virtualization computing platform based on trusted computing module. It was designed the hardware trusted root on the hardware layer, the virtualization trusted root on the virtual machine manager layer, trusted computing component and security function component on guest operation system layer. Based on the trusted roots, it was built the static extension of the trusted chain on the platform. This security architecture can improve the active security protection capability of embedded virtualization computing platform.
2021-09-21
Zhao, Quanling, Sun, Jiawei, Ren, Hongjia, Sun, Guodong.  2020.  Machine-Learning Based TCP Security Action Prediction. 2020 5th International Conference on Mechanical, Control and Computer Engineering (ICMCCE). :1329–1333.
With the continuous growth of Internet technology and the increasingly broadening applications of The Internet, network security incidents as well as cyber-attacks are also showing a growing trend. Consequently, computer network security is becoming increasingly important. TCP firewall is a computer network security system, and it allows or denies the transmission of data according to specific rules for providing security for the computer network. Traditional firewalls rely on network administrators to set security rules for them, and network administrators sometimes need to choose to allow and deny packets to keep computer networks secure. However, due to the huge amount of data on the Internet, network administrators have a huge task. Therefore, it is particularly important to solve this problem by using the machine learning method of computer technology. This study aims to predict TCP security action based on the TCP transmission characteristics dataset provided by UCI machine learning repository by implementing machine learning models such as neural network, support vector machine (SVM), AdaBoost, and Logistic regression. Processes including evaluating various models and interpretability analysis. By utilizing the idea of ensemble-learning, the final result has an accuracy score of over 98%.
2021-09-16
Rieger, Craig, Kolias, Constantinos, Ulrich, Jacob, McJunkin, Timothy R..  2020.  A Cyber Resilient Design for Control Systems. 2020 Resilience Week (RWS). :18–25.
The following topics are dealt with: security of data; distributed power generation; power engineering computing; power grids; power system security; computer network security; voltage control; risk management; power system measurement; critical infrastructures.
2021-08-31
Tang, Zefan, Qin, Yanyuan, Jiang, Zimin, Krawec, Walter O., Zhang, Peng.  2020.  Quantum-Secure Networked Microgrids. 2020 IEEE Power Energy Society General Meeting (PESGM). :1—5.
The classical key distribution systems used for data transmission in networked microgrids (NMGs) rely on mathematical assumptions, which however can be broken by attacks from quantum computers. This paper addresses this quantum-era challenge by using quantum key distribution (QKD). Specifically, the novelty of this paper includes 1) a QKD-enabled communication architecture it devises for NMGs, 2) a real-time QKD- enabled NMGs testbed it builds in an RTDS environment, and 3) a novel two-level key pool sharing (TLKPS) strategy it designs to improve the system resilience against cyberattacks. Test results validate the effectiveness of the presented strategy, and provide insightful resources for building quantum-secure NMGs.
2021-08-18
Tsavos, Marios, Sklavos, Nicolas, Alexiou, George Ph..  2020.  Lightweight Security Data Streaming, Based on Reconfigurable Logic, for FPGA Platform. 2020 23rd Euromicro Conference on Digital System Design (DSD). :277—280.
Alongside the rapid expansion of Internet of Things (IoT), and network evolution (5G, 6G technologies), comes the need for security of higher level and less hardware demanding modules. New cryptographic systems are developed, in order to satisfy the special needs of security, that have emerged in modern applications. In this paper, a novel lightweight data streaming system, is proposed, which operates in alternative modes. Each one of them, performs efficiently as one of three in total, stream ciphering modules. The operation of the proposed system, is based on reconfigurable logic. It aims at a lower hardware utilization and good performance, at the same time. In addition, in order to have a fair and detailed comparison, a second one design is also integrated and introduced. This one proposes a conventional architecture, consisting of the same three stream ciphering modes, implemented on the same device, as separate operation modules. The FPGA synthesis results prove that the proposed reconfigurable design achieves to minimize the area resources, from 18% to 30%, compared to the conventional one, while maintaining high performance values, for the supported modes.
2021-08-02
Thapar, Shruti, Sharma, Sudhir Kumar.  2020.  Direct Trust-based Detection Algorithm for Preventing Jellyfish Attack in MANET. 2020 4th International Conference on Electronics, Communication and Aerospace Technology (ICECA). :749–753.
The dynamic and adaptable characteristics of mobile ad hoc networks have made it a significant field for deploying various applications in wireless sensor networks. Increasing popularity of the portable devices is the main reason for the development of mobile ad hoc networks. Furthermore, the network does not require a fixed architecture and it is easy to deploy. This type of network is highly vulnerable to cyber-attacks as the nodes communicate with each other through a Wireless medium. The most critical attack in ad hoc network is jellyfish attack. In this research we have proposed a Direct Trust-based Detection Algorithm to detect and prevent jellyfish attack in MANET.
2021-07-27
Chaudhry, Y. S., Sharma, U., Rana, A..  2020.  Enhancing Security Measures of AI Applications. 2020 8th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO). :713—716.
Artificial Intelligence also often referred to as machine learning is being labelled to as the future has been into light since more than a decade. Artificial Intelligence designated by the acronym AI has a vast scope of development and the developers have been working on with it constantly. AI is being associated with the existing objects in the world as well as with the ones that are about to arrive to improve them and make them more reliable. AI as it states in its name is intelligence, intelligence shown by the machines to work similar to humans and work on achieving the goals they are being provided with. Another application of AI could be to provide defenses against the present cyber threats, vehicle overrides etc. Also, AI might be intelligence but, in the end, it's still a bunch of codes, hence it is prone to be corrupted or misused by the world. To prevent the misuse of the technologies, it is necessary to deploy them with a sustainable defensive system as well. Obviously, there is going to be a default defense system but it is prone to be corrupted by the hackers or malfunctioning of the intelligence in certain scenarios which can result disastrous especially in case of Robotics. A proposal referred to as the “Guard Masking” has been offered in the following paper, to provide an alternative for securing Artificial Intelligence.
2021-06-30
He, Kexun, Qin, Kongjian, Wang, Changyuan, Fang, Xiyu.  2020.  Research on Cyber Security Test Method for GNSS of Intelligent Connected Vehicle. 2020 International Conference on Computer Information and Big Data Applications (CIBDA). :200—203.
Intelligent connected vehicle cyber security has attracted widespread attention this year. The safety of GNSS information is related to the safety of cars and has become a key technology. This paper researches the cyber security characteristics of intelligent connected vehicle navigation and positioning by analyzing the signal receiving mode of navigation and positioning on the vehicle terminal. The article expounds the principles of deceiving and interfering cyber security that lead to the safety of GNSS information. This paper studies the key causes of cyber security. Based on key causes, the article constructs a GNSS cyber security test method by combining a navigation signal simulator and an interference signal generator. The results shows that the method can realize the security test of the GNSS information of the vehicle terminal. This method provides a test method for the navigation terminal defense cyber security capability for a vehicle terminal, and fills a gap in the industry for the vehicle terminal information security test.
2021-05-13
Feng, Xiaohua, Feng, Yunzhong, Dawam, Edward Swarlat.  2020.  Artificial Intelligence Cyber Security Strategy. 2020 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). :328—333.
Nowadays, STEM (science, technology, engineering and mathematics) have never been treated so seriously before. Artificial Intelligence (AI) has played an important role currently in STEM. Under the 2020 COVID-19 pandemic crisis, coronavirus disease across over the world we are living in. Every government seek advices from scientist before making their strategic plan. Most of countries collect data from hospitals (and care home and so on in the society), carried out data analysis, using formula to make some AI models, to predict the potential development patterns, in order to make their government strategy. AI security become essential. If a security attack make the pattern wrong, the model is not a true prediction, that could result in thousands life loss. The potential consequence of this non-accurate forecast would be even worse. Therefore, take security into account during the forecast AI modelling, step-by-step data governance, will be significant. Cyber security should be applied during this kind of prediction process using AI deep learning technology and so on. Some in-depth discussion will follow.AI security impact is a principle concern in the world. It is also significant for both nature science and social science researchers to consider in the future. In particular, because many services are running on online devices, security defenses are essential. The results should have properly data governance with security. AI security strategy should be up to the top priority to influence governments and their citizens in the world. AI security will help governments' strategy makers to work reasonably balancing between technologies, socially and politics. In this paper, strategy related challenges of AI and Security will be discussed, along with suggestions AI cyber security and politics trade-off consideration from an initial planning stage to its near future further development.
2021-05-05
Coulter, Rory, Zhang, Jun, Pan, Lei, Xiang, Yang.  2020.  Unmasking Windows Advanced Persistent Threat Execution. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :268—276.

The advanced persistent threat (APT) landscape has been studied without quantifiable data, for which indicators of compromise (IoC) may be uniformly analyzed, replicated, or used to support security mechanisms. This work culminates extensive academic and industry APT analysis, not as an incremental step in existing approaches to APT detection, but as a new benchmark of APT related opportunity. We collect 15,259 APT IoC hashes, retrieving subsequent sandbox execution logs across 41 different file types. This work forms an initial focus on Windows-based threat detection. We present a novel Windows APT executable (APT-EXE) dataset, made available to the research community. Manual and statistical analysis of the APT-EXE dataset is conducted, along with supporting feature analysis. We draw upon repeat and common APT paths access, file types, and operations within the APT-EXE dataset to generalize APT execution footprints. A baseline case analysis successfully identifies a majority of 117 of 152 live APT samples from campaigns across 2018 and 2019.

Lee, Jae-Myeong, Hong, Sugwon.  2020.  Host-Oriented Approach to Cyber Security for the SCADA Systems. 2020 6th IEEE Congress on Information Science and Technology (CiSt). :151—155.
Recent cyberattacks targeting Supervisory Control and Data Acquisition (SCADA)/Industrial Control System(ICS) exploit weaknesses of host system software environment and take over the control of host processes in the host of the station network. We analyze the attack path of these attacks, which features how the attack hijacks the host in the network and compromises the operations of field device controllers. The paper proposes a host-based protection method, which can prevent malware penetration into the process memory by code injection attacks. The method consists of two protection schemes. One is to prevent file-based code injection such as DLL injection. The other is to prevent fileless code injection. The method traces changes in memory regions and determine whether the newly allocated memory is written with malicious codes. For this method, we show how a machine learning method can be adopted.
2021-04-09
Mishra, A., Yadav, P..  2020.  Anomaly-based IDS to Detect Attack Using Various Artificial Intelligence Machine Learning Algorithms: A Review. 2nd International Conference on Data, Engineering and Applications (IDEA). :1—7.
Cyber-attacks are becoming more complex & increasing tasks in accurate intrusion detection (ID). Failure to avoid intrusion can reduce the reliability of security services, for example, integrity, Privacy & availability of data. The rapid proliferation of computer networks (CNs) has reformed the perception of network security. Easily accessible circumstances affect computer networks from many threats by hackers. Threats to a network are many & hypothetically devastating. Researchers have recognized an Intrusion Detection System (IDS) up to identifying attacks into a wide variety of environments. Several approaches to intrusion detection, usually identified as Signature-based Intrusion Detection Systems (SIDS) & Anomaly-based Intrusion Detection Systems (AIDS), were proposed in the literature to address computer safety hazards. This survey paper grants a review of current IDS, complete analysis of prominent new works & generally utilized dataset to evaluation determinations. It also introduces avoidance techniques utilized by attackers to avoid detection. This paper delivers a description of AIDS for attack detection. IDS is an applied research area in artificial intelligence (AI) that uses multiple machine learning algorithms.
2021-04-08
Colbaugh, R., Glass, K., Bauer, T..  2013.  Dynamic information-theoretic measures for security informatics. 2013 IEEE International Conference on Intelligence and Security Informatics. :45–49.
Many important security informatics problems require consideration of dynamical phenomena for their solution; examples include predicting the behavior of individuals in social networks and distinguishing malicious and innocent computer network activities based on activity traces. While information theory offers powerful tools for analyzing dynamical processes, to date the application of information-theoretic methods in security domains has focused on static analyses (e.g., cryptography, natural language processing). This paper leverages information-theoretic concepts and measures to quantify the similarity of pairs of stochastic dynamical systems, and shows that this capability can be used to solve important problems which arise in security applications. We begin by presenting a concise review of the information theory required for our development, and then address two challenging tasks: 1.) characterizing the way influence propagates through social networks, and 2.) distinguishing malware from legitimate software based on the instruction sequences of the disassembled programs. In each application, case studies involving real-world datasets demonstrate that the proposed techniques outperform standard methods.
2021-03-29
Bogdan-Iulian, C., Vasilică-Gabriel, S., Alexandru, M. D., Nicolae, G., Andrei, V..  2020.  Improved Secure Internet of Things System using Web Services and Low Power Single-board Computers. 2020 International Conference on e-Health and Bioengineering (EHB). :1—5.

Internet of Things (IoT) systems are becoming widely used, which makes them to be a high-value target for both hackers and crackers. From gaining access to sensitive information to using them as bots for complex attacks, the variety of advantages after exploiting different security vulnerabilities makes the security of IoT devices to be one of the most challenging desideratum for cyber security experts. In this paper, we will propose a new IoT system, designed to ensure five data principles: confidentiality, integrity, availability, authentication and authorization. The innovative aspects are both the usage of a web-based communication and a custom dynamic data request structure.

Gressl, L., Krisper, M., Steger, C., Neffe, U..  2020.  Towards Security Attack and Risk Assessment during Early System Design. 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). :1—8.

The advent of the Internet of Things (IoT) and Cyber-Physical Systems (CPS) enabled a new class of smart and interactive devices. With their continuous connectivity and their access to valuable information in both the digital and physical world, they are attractive targets for security attackers. Hence, with their integration into both the industry and consumer devices, they added a new surface for cybersecurity attacks. These potential threats call for special care of security vulnerabilities during the design of IoT devices and CPS. The design of secure systems is a complex task, especially if they must adhere to other constraints, such as performance, power consumption, and others. A range of design space exploration tools have been proposed in academics, which aim to support system designers in their task of finding the optimal selection of hardware components and task mappings. Said tools offer a limited way of modeling attack scenarios as constraints for a system under design. The framework proposed in this paper aims at closing this gap, offering system designers a way to consider security attacks and security risks during the early design phase. It offers designers to model security constraints from the view of potential attackers, assessing the probability of successful security attacks and security risk. The framework's feasibility and performance is demonstrated by revisiting a potential system design of an industry partner.

Dai, Q., Shi, L..  2020.  A Game-Theoretic Analysis of Cyber Attack-Mitigation in Centralized Feeder Automation System. 2020 IEEE Power Energy Society General Meeting (PESGM). :1–5.
The intelligent electronic devices widely deployed across the distribution network are inevitably making the feeder automation (FA) system more vulnerable to cyber-attacks, which would lead to disastrous socio-economic impacts. This paper proposes a three-stage game-theoretic framework that the defender allocates limited security resources to minimize the economic impacts on FA system while the attacker deploys limited attack resources to maximize the corresponding impacts. Meanwhile, the probability of successful attack is calculated based on the Bayesian attack graph, and a fault-tolerant location technique for centralized FA system is elaborately considered during analysis. The proposed game-theoretic framework is converted into a two-level zero-sum game model and solved by the particle swarm optimization (PSO) combined with a generalized reduced gradient algorithm. Finally, the proposed model is validated on distribution network for RBTS bus 2.
2021-03-17
Kushal, T. R. B., Gao, Z., Wang, J., Illindala, M. S..  2020.  Causal Chain of Time Delay Attack on Synchronous Generator Control. 2020 IEEE Power Energy Society General Meeting (PESGM). :1—5.

Wide integration of information and communication technology (ICT) in modern power grids has brought many benefits as well as the risk of cyber attacks. A critical step towards defending grid cyber security is to understand the cyber-physical causal chain, which describes the progression of intrusion in cyber-space leading to the formation of consequences on the physical power grid. In this paper, we develop an attack vector for a time delay attack at load frequency control in the power grid. Distinct from existing works, which are separately focused on cyber intrusion, grid response, or testbed validation, the proposed attack vector for the first time provides a full cyber-physical causal chain. It targets specific vulnerabilities in the protocols, performs a denial-of-service (DoS) attack, induces the delays in control loop, and destabilizes grid frequency. The proposed attack vector is proved in theory, presented as an attack tree, and validated in an experimental environment. The results will provide valuable insights to develop security measures and robust controls against time delay attacks.

2021-03-09
Murali, R., Velayutham, C. S..  2020.  A Conceptual Direction on Automatically Evolving Computer Malware using Genetic and Evolutionary Algorithms. 2020 International Conference on Inventive Computation Technologies (ICICT). :226—229.

The widespread use of computing devices and the heavy dependence on the internet has evolved the cyberspace to a cyber world - something comparable to an artificial world. This paper focuses on one of the major problems of the cyber world - cyber security or more specifically computer malware. We show that computer malware is a perfect example of an artificial ecosystem with a co-evolutionary predator-prey framework. We attempt to merge the two domains of biologically inspired computing and computer malware. Under the aegis of proactive defense, this paper discusses the possibilities, challenges and opportunities in fusing evolutionary computing techniques with malware creation.

Oosthoek, K., Doerr, C..  2020.  From Hodl to Heist: Analysis of Cyber Security Threats to Bitcoin Exchanges. 2020 IEEE International Conference on Blockchain and Cryptocurrency (ICBC). :1—9.

Bitcoin is gaining traction as an alternative store of value. Its market capitalization transcends all other cryptocurrencies in the market. But its high monetary value also makes it an attractive target to cyber criminal actors. Hacking campaigns usually target the weakest points in an ecosystem. In Bitcoin, these are currently the exchange platforms. As each exchange breach potentially decreases Bitcoin's market value by billions, it is a threat not only to direct victims, but to everyone owning Bitcoin. Based on an extensive analysis of 36 breaches of Bitcoin exchanges, we show the attack patterns used to exploit Bitcoin exchange platforms using an industry standard for reporting intelligence on cyber security breaches. Based on this we are able to provide an overview of the most common attack vectors, showing that all except three hacks were possible due to relatively lax security. We also show that while the security regimen of Bitcoin exchanges is not on par with other financial service providers, the use of stolen credentials, which does not require any hacking, is decreasing. We also show that the amount of BTC taken during a breach is decreasing, as well as the exchanges that terminate after being breached. With exchanges being targeted by nation-state hacking groups, security needs to be a first concern.