Visible to the public Biblio

Found 193 results

Filters: Keyword is Real-time Systems  [Clear All Filters]
2021-09-16
Singh, Vivek Kumar, Govindarasu, Manimaran.  2020.  A Novel Architecture for Attack-Resilient Wide-Area Protection and Control System in Smart Grid. 2020 Resilience Week (RWS). :41–47.
Wide-area protection and control (WAPAC) systems are widely applied in the energy management system (EMS) that rely on a wide-area communication network to maintain system stability, security, and reliability. As technology and grid infrastructure evolve to develop more advanced WAPAC applications, however, so do the attack surfaces in the grid infrastructure. This paper presents an attack-resilient system (ARS) for the WAPAC cybersecurity by seamlessly integrating the network intrusion detection system (NIDS) with intrusion mitigation and prevention system (IMPS). In particular, the proposed NIDS utilizes signature and behavior-based rules to detect attack reconnaissance, communication failure, and data integrity attacks. Further, the proposed IMPS applies state transition-based mitigation and prevention strategies to quickly restore the normal grid operation after cyberattacks. As a proof of concept, we validate the proposed generic architecture of ARS by performing experimental case study for wide-area protection scheme (WAPS), one of the critical WAPAC applications, and evaluate the proposed NIDS and IMPS components of ARS in a cyber-physical testbed environment. Our experimental results reveal a promising performance in detecting and mitigating different classes of cyberattacks while supporting an alert visualization dashboard to provide an accurate situational awareness in real-time.
2021-09-07
Sami, Muhammad, Ibarra, Matthew, Esparza, Anamaria C., Al-Jufout, Saleh, Aliasgari, Mehrdad, Mozumdar, Mohammad.  2020.  Rapid, Multi-vehicle and Feed-forward Neural Network based Intrusion Detection System for Controller Area Network Bus. 2020 IEEE Green Energy and Smart Systems Conference (IGESSC). :1–6.
In this paper, an Intrusion Detection System (IDS) in the Controller Area Network (CAN) bus of modern vehicles has been proposed. NESLIDS is an anomaly detection algorithm based on the supervised Deep Neural Network (DNN) architecture that is designed to counter three critical attack categories: Denial-of-service (DoS), fuzzy, and impersonation attacks. Our research scope included modifying DNN parameters, e.g. number of hidden layer neurons, batch size, and activation functions according to how well it maximized detection accuracy and minimized the false positive rate (FPR) for these attacks. Our methodology consisted of collecting CAN Bus data from online and in real-time, injecting attack data after data collection, preprocessing in Python, training the DNN, and testing the model with different datasets. Results show that the proposed IDS effectively detects all attack types for both types of datasets. NESLIDS outperforms existing approaches in terms of accuracy, scalability, and low false alarm rates.
2021-09-01
Walter, Dominik, Witterauf, Michael, Teich, Jürgen.  2020.  Real-time Scheduling of I/O Transfers for Massively Parallel Processor Arrays. 2020 18th ACM-IEEE International Conference on Formal Methods and Models for System Design (MEMOCODE). :1—11.
The following topics are dealt with: formal verification; formal specification; cyber-physical systems; program verification; mobile robots; control engineering computing; temporal logic; security of data; Internet of Things; traffic engineering computing.
2021-08-31
Tang, Zefan, Qin, Yanyuan, Jiang, Zimin, Krawec, Walter O., Zhang, Peng.  2020.  Quantum-Secure Networked Microgrids. 2020 IEEE Power Energy Society General Meeting (PESGM). :1—5.
The classical key distribution systems used for data transmission in networked microgrids (NMGs) rely on mathematical assumptions, which however can be broken by attacks from quantum computers. This paper addresses this quantum-era challenge by using quantum key distribution (QKD). Specifically, the novelty of this paper includes 1) a QKD-enabled communication architecture it devises for NMGs, 2) a real-time QKD- enabled NMGs testbed it builds in an RTDS environment, and 3) a novel two-level key pool sharing (TLKPS) strategy it designs to improve the system resilience against cyberattacks. Test results validate the effectiveness of the presented strategy, and provide insightful resources for building quantum-secure NMGs.
Zhang, Yifei, Gao, Neng, Chen, Junsha.  2020.  A Practical Defense against Attribute Inference Attacks in Session-based Recommendations. 2020 IEEE International Conference on Web Services (ICWS). :355–363.
When users in various web and mobile applications enjoy the convenience of recommendation systems, they are vulnerable to attribute inference attacks. The accumulating online behaviors of users (e.g., clicks, searches, ratings) naturally brings out user preferences, and poses an inevitable threat of privacy that adversaries can infer one's private profiles (e.g., gender, sexual orientation, political view) with AI-based algorithms. Existing defense methods assume the existence of a trusted third party, rely on computationally intractable algorithms, or have impact on recommendation utility. These imperfections make them impractical for privacy preservation in real-life scenarios. In this work, we introduce BiasBooster, a practical proactive defense method based on behavior segmentation, to protect user privacy against attribute inference attacks from user behaviors, while retaining recommendation utility with a heuristic recommendation aggregation module. BiasBooster is a user-centric approach from client side, which proactively divides a user's behaviors into weakly related segments and perform them with several dummy identities, then aggregates real-time recommendations for user from different dummy identities. We estimate its effectiveness of preservation on both privacy and recommendation utility through extensive evaluations on two real-world datasets. A Chrome extension is conducted to demonstrate the feasibility of applying BiasBooster in real world. Experimental results show that compared to existing defenses, BiasBooster substantially reduces the averaged accuracy of attribute inference attacks, with minor utility loss of recommendations.
2021-07-27
Nweke, Livinus Obiora, Wolthusen, Stephen D..  2020.  Resilience Analysis of Software-Defined Networks Using Queueing Networks. 2020 International Conference on Computing, Networking and Communications (ICNC). :536–542.
Software-Defined Networks (SDN) are being adopted widely and are also likely to be deployed as the infrastructure of systems with critical real-time properties such as Industrial Control Systems (ICS). This raises the question of what security and performance guarantees can be given for the data plane of such critical systems and whether any control plane actions will adversely affect these guarantees, particularly for quality of service in real-time systems. In this paper we study the existing literature on the analysis of SDN using queueing networks and show ways in which models need to be extended to study attacks that are based on arrival rates and service time distributions of flows in SDN.
2021-07-08
Signori, Alberto, Campagnaro, Filippo, Wachlin, Kim-Fabian, Nissen, Ivor, Zorzi, Michele.  2020.  On the Use of Conversation Detection to Improve the Security of Underwater Acoustic Networks. Global Oceans 2020: Singapore – U.S. Gulf Coast. :1—8.
Security is one of the key aspects of underwater acoustic networks, due to the critical importance of the scenarios in which these networks can be employed. For example, attacks performed to military underwater networks or to assets deployed for tsunami prevention can lead to disastrous consequences. Nevertheless, countermeasures to possible network attacks have not been widely investigated so far. One way to identify possible attackers is by using reputation, where a node gains trust each time it exhibits a good behavior, and loses trust each time it behaves in a suspicious way. The first step for analyzing if a node is behaving in a good way is to inspect the network traffic, by detecting all conversations. This paper proposes both centralized and decentralized algorithms for performing this operation, either from the network or from the node perspective. While the former can be applied only in post processing, the latter can also be used in real time by each node, and so can be used for creating the trust value. To evaluate the algorithms, we used real experimental data acquired during the EDA RACUN project (Robust Underwater Communication in Underwater Networks).
2021-07-07
Mengli, Zhou, Fucai, Chen, Wenyan, Liu, Hao, Liang.  2020.  Negative Feedback Dynamic Scheduling Algorithm based on Mimic Defense in Cloud Environment. 2020 IEEE 6th International Conference on Computer and Communications (ICCC). :2265–2270.
The virtualization technology in cloud environment brings some data and privacy security issues to users. Aiming at the problems of virtual machines singleness, homogeneity and static state in cloud environment, a negative feedback dynamic scheduling algorithm is proposed. This algorithm is based on mimic defense and creates multiple virtual machines to complete user request services together through negative feedback control mechanism which can achieve real-time monitor of the running state of virtual machines. When virtual machines state is found to be inconsistent, this algorithm will dynamically change its execution environment, resulting in the attacker's information collection and vulnerability exploitation process being disrupting. Experiments show that the algorithm can better solve security threats caused by the singleness, homogeneity and static state of virtual machines in the cloud, and improve security and reliability of cloud users.
Zhao, Qian, Wang, Shengjin.  2020.  Real-time Face Tracking in Surveillance Videos on Chips for Valuable Face Capturing. 2020 International Conference on Artificial Intelligence and Computer Engineering (ICAICE). :281–284.
Face capturing is a task to capture and store the "best" face of each person passing by the monitor. To some extent, it is similar to face tracking, but uses a different criterion and requires a valuable (i.e., high-quality and recognizable) face selection procedure. Face capturing systems play a critical role in public security. When deployed on edge devices, it is capable of reducing redundant storage in data center and speeding up retrieval of a certain person. However, high computation complexity and high repetition rate caused by ID switch errors are major challenges. In this paper, we propose a novel solution to constructing a real-time low-repetition face capturing system on chips. First, we propose a two-stage association algorithm for memory-efficient and accurate face tracking. Second, we propose a fast and reliable face quality estimation algorithm for valuable face selection. Our pipeline runs at over 20fps on Hisiv 3559A SoC with a single NNIE device for neural network inference, while achieving over 95% recall and less than 0.4 repetition rate in real world surveillance videos.
2021-06-28
Kaur, Jasleen, Agrawal, Alka, Khan, Raees Ahmad.  2020.  Security Assessment in Foggy Era through Analytical Hierarchy Process. 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1–6.
Fog Computing provides users with the cloud facilities at the network edge. It may be assumed to be a virtual platform with adequate storage., computation and processing facilities for latency-sensitive applications. The basic difference lies with the fact that this platform is decentralized in nature. In addition., the fog systems or devices process data locally., are conveyable and are capable of being installed on heterogenous hardware. This versatility in its behavior and it being at the network edge turns the attention towards the security of the users sensitive data (in transition or at rest). In this paper., the authors have emphasized on the security of the fog level in typical Fog- IoT architecture. Various security factors (along with their subfactors) persisting at fog level are identified and discussed in detail. The authors have presented a hierarchy of fog computing security factors that is expected to help in considering security in a systematic and efficient manner. Further., the authors have also ranked the same through Analytical Hierarchy Process (AHP) and compared the results with Fuzzy-AHP (F-AHP). The results are found to be highly correlated.
2021-06-24
Javaheripi, Mojan, Chen, Huili, Koushanfar, Farinaz.  2020.  Unified Architectural Support for Secure and Robust Deep Learning. 2020 57th ACM/IEEE Design Automation Conference (DAC). :1—6.
Recent advances in Deep Learning (DL) have enabled a paradigm shift to include machine intelligence in a wide range of autonomous tasks. As a result, a largely unexplored surface has opened up for attacks jeopardizing the integrity of DL models and hindering the success of autonomous systems. To enable ubiquitous deployment of DL approaches across various intelligent applications, we propose to develop architectural support for hardware implementation of secure and robust DL. Towards this goal, we leverage hardware/software co-design to develop a DL execution engine that supports algorithms specifically designed to defend against various attacks. The proposed framework is enhanced with two real-time defense mechanisms, securing both DL training and execution stages. In particular, we enable model-level Trojan detection to mitigate backdoor attacks and malicious behaviors induced on the DL model during training. We further realize real-time adversarial attack detection to avert malicious behavior during execution. The proposed execution engine is equipped with hardware-level IP protection and usage control mechanism to attest the legitimacy of the DL model mapped to the device. Our design is modular and can be tuned to task-specific demands, e.g., power, throughput, and memory bandwidth, by means of a customized hardware compiler. We further provide an accompanying API to reduce the nonrecurring engineering cost and ensure automated adaptation to various domains and applications.
2021-05-26
Boursinos, Dimitrios, Koutsoukos, Xenofon.  2020.  Trusted Confidence Bounds for Learning Enabled Cyber-Physical Systems. 2020 IEEE Security and Privacy Workshops (SPW). :228—233.

Cyber-physical systems (CPS) can benefit by the use of learning enabled components (LECs) such as deep neural networks (DNNs) for perception and decision making tasks. However, DNNs are typically non-transparent making reasoning about their predictions very difficult, and hence their application to safety-critical systems is very challenging. LECs could be integrated easier into CPS if their predictions could be complemented with a confidence measure that quantifies how much we trust their output. The paper presents an approach for computing confidence bounds based on Inductive Conformal Prediction (ICP). We train a Triplet Network architecture to learn representations of the input data that can be used to estimate the similarity between test examples and examples in the training data set. Then, these representations are used to estimate the confidence of set predictions from a classifier that is based on the neural network architecture used in the triplet. The approach is evaluated using a robotic navigation benchmark and the results show that we can computed trusted confidence bounds efficiently in real-time.

2021-05-25
Ravikumar, Gelli, Hyder, Burhan, Govindarasu, Manimaran.  2020.  Next-Generation CPS Testbed-based Grid Exercise - Synthetic Grid, Attack, and Defense Modeling. 2020 Resilience Week (RWS). :92—98.
Quasi-Realistic cyber-physical system (QR-CPS) testbed architecture and operational environment are critical for testing and validating various cyber attack-defense algorithms for the wide-area resilient power systems. These QR-CPS testbed environments provide a realistic platform for conducting the Grid Exercise (GridEx), CPS security training, and attack-defense exercise at a broader scale for the cybersecurity of Energy Delivery Systems. The NERC has established a tabletop based GridEx platform for the North American power utilities to demonstrate how they would respond to and recover from cyber threats and incidents. The NERC-GridEx is a bi-annual activity with tabletop attack injects and incidence response management. There is a significant need to build a testbed-based hands-on GridEx for the utilities by leveraging the CPS testbeds, which imitates the pragmatic CPS grid environment. We propose a CPS testbed-based Quasi-Realistic Grid Exercise (QR-GridEx), which is a model after the NERC's tabletop GridEx. We have designed the CPS testbed-based QR-GridEx into two parts. Part-I focuses on the modeling of synthetic grid models for the utilities, including SCADA and WAMS communications, and attack-and-defense software systems; and the Part-II focuses on the incident response management and risk-based CPS grid investment strategies. This paper presents the Part-I of the CPS testbed-based QRGridEx, which includes modeling of the synthetic grid models in the real-time digital simulator, stealthy, and coordinated cyberattack vectors, and integration of intrusion/anomaly detection systems. We have used our existing HIL CPS security testbed to demonstrate the testbed-based QR-GridEx for a Texas-2000 bus US synthetic grid model and the IEEE-39 bus grid models. The experiments demonstrated significant results by 100% real-time performance with zero overruns for grid impact characteristics against stealthy and coordinated cyberattack vectors.
Ravikumar, Gelli, Hyder, Burhan, Govindarasu, Manimaran.  2020.  Efficient Modeling of IEC-61850 Logical Nodes in IEDs for Scalability in CPS Security Testbed. 2020 IEEE/PES Transmission and Distribution Conference and Exposition (T D). :1–5.

Though the deep penetration of cyber systems across the smart grid sub-domains enrich the operation of the wide-area protection, control, and smart grid applications, the stochastic nature of cyber-attacks by adversaries inflict their performance and the system operation. Various hardware-in-the-loop (HIL) cyber-physical system (CPS) testbeds have attempted to evaluate the cyberattack dynamics and power system perturbations for robust wide-area protection algorithms. However, physical resource constraints and modular integration designs have been significant barriers while modeling large-scale grid models (scalability) and have limited many of the CPS testbeds to either small-scale HIL environment or complete simulation environments. This paper proposes a meticulous design and efficient modeling of IEC-61850 logical nodes in physical relays to simulate large-scale grid models in a HIL real-time digital simulator environment integrated with industry-grade hardware and software systems for wide-area power system applications. The proposed meticulous design includes multi-breaker emulation in the physical relays, which extends the capacity of a physical relay to accommodate more number of CPS interfaces in the HIL CPS security testbed environment. We have used our existing HIL CPS security testbed to demonstrate scalability by the real-time performance of ten simultaneous IEEE-39 CPS grid models. The experiments demonstrated significant results by 100% real-time performance with zero overruns, and low latency while receiving and executing control signals from physical SEL relays via IEC-61850 and DNP-3 protocols to real-time digital simulator, substation remote terminal unit (RTU) software and supervisory control and data acquisition (SCADA) software at control center.

2021-05-20
Al-madani, Ali Mansour, Gaikwad, Ashok T., Mahale, Vivek, Ahmed, Zeyad A.T..  2020.  Decentralized E-voting system based on Smart Contract by using Blockchain Technology. 2020 International Conference on Smart Innovations in Design, Environment, Management, Planning and Computing (ICSIDEMPC). :176—180.

Nowadays the use of the Internet is growing; E-voting system has been used by different countries because it reduces the cost and the time which used to consumed by using traditional voting. When the voter wants to access the E-voting system through the web application, there are requirements such as a web browser and a server. The voter uses the web browser to reach to a centralized database. The use of a centralized database for the voting system has some security issues such as Data modification through the third party in the network due to the use of the central database system as well as the result of the voting is not shown in real-time. However, this paper aims to provide an E-voting system with high security by using blockchain. Blockchain provides a decentralized model that makes the network Reliable, safe, flexible, and able to support real-time services.

2021-04-27
Saganowski, S..  2020.  A Three-Stage Machine Learning Network Security Solution for Public Entities. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1097–1104.
In the era of universal digitization, ensuring network and data security is extremely important. As a part of the Regional Center for Cybersecurity initiative, a three-stage machine learning network security solution is being developed and will be deployed in March 2021. The solution consists of prevention, monitoring, and curation stages. As prevention, we utilize Natural Language Processing to extract the security-related information from social media, news portals, and darknet. A deep learning architecture is used to monitor the network in real-time and detect any abnormal traffic. A combination of regular expressions, pattern recognition, and heuristics are applied to the abuse reports to automatically identify intrusions that passed other security solutions. The lessons learned from the ongoing development of the system, alongside the results, extensive analysis, and discussion is provided. Additionally, a cybersecurity-related corpus is described and published within this work.
2021-04-09
Chytas, S. P., Maglaras, L., Derhab, A., Stamoulis, G..  2020.  Assessment of Machine Learning Techniques for Building an Efficient IDS. 2020 First International Conference of Smart Systems and Emerging Technologies (SMARTTECH). :165—170.
Intrusion Detection Systems (IDS) are the systems that detect and block any potential threats (e.g. DDoS attacks) in the network. In this project, we explore the performance of several machine learning techniques when used as parts of an IDS. We experiment with the CICIDS2017 dataset, one of the biggest and most complete IDS datasets in terms of having a realistic background traffic and incorporating a variety of cyber attacks. The techniques we present are applicable to any IDS dataset and can be used as a basis for deploying a real time IDS in complex environments.
2021-04-08
Cheng, J., He, R., Yuepeng, E., Wu, Y., You, J., Li, T..  2020.  Real-Time Encrypted Traffic Classification via Lightweight Neural Networks. GLOBECOM 2020 - 2020 IEEE Global Communications Conference. :1–6.
The fast growth of encrypted traffic puts forward burning requirements on the efficiency of traffic classification. Although deep learning models perform well in the classification, they sacrifice the efficiency to obtain high-precision results. To reduce the resource and time consumption, a novel and lightweight model is proposed in this paper. Our design principle is to “maximize the reuse of thin modules”. A thin module adopts the multi-head attention and the 1D convolutional network. Attributed to the one-step interaction of all packets and the parallelized computation of the multi-head attention mechanism, a key advantage of our model is that the number of parameters and running time are significantly reduced. In addition, the effectiveness and efficiency of 1D convolutional networks are proved in traffic classification. Besides, the proposed model can work well in a real time manner, since only three consecutive packets of a flow are needed. To improve the stability of the model, the designed network is trained with the aid of ResNet, layer normalization and learning rate warmup. The proposed model outperforms the state-of-the-art works based on deep learning on two public datasets. The results show that our model has higher accuracy and running efficiency, while the number of parameters used is 1.8% of the 1D convolutional network and the training time halves.
2021-03-30
Foroughi, F., Hadipour, H., Shafiee, A. M..  2020.  High-Performance Monitoring Sensors for Home Computer Users Security Profiling. 2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA). :1—7.

Recognising user's risky behaviours in real-time is an important element of providing appropriate solutions and recommending suitable actions for responding to cybersecurity threats. Employing user modelling and machine learning can make this process automated by requires high-performance intelligent agent to create the user security profile. User profiling is the process of producing a profile of the user from historical information and past details. This research tries to identify the monitoring factors and suggests a novel observation solution to create high-performance sensors to generate the user security profile for a home user concerning the user's privacy. This observer agent helps to create a decision-making model that influences the user's decision following real-time threats or risky behaviours.

2021-03-29
Bodhe, A., Sangale, A..  2020.  Network Parameter Analysis; ad hoc WSN for Security Protocol with Fuzzy Logic. 2020 Second International Conference on Inventive Research in Computing Applications (ICIRCA). :960—963.

The wireless communication has become very vast, important and easy to access nowadays because of less cost associated and easily available mobile devices. It creates a potential threat for the community while accessing some secure information like banking passwords on the unsecured network. This proposed research work expose such a potential threat such as Rogue Access Point (RAP) detection using soft computing prediction tool. Fuzzy logic is used to implement the proposed model to identify the presence of RAP existence in the network.

Liu, F., Wen, Y., Wu, Y., Liang, S., Jiang, X., Meng, D..  2020.  MLTracer: Malicious Logins Detection System via Graph Neural Network. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :715—726.

Malicious login, especially lateral movement, has been a primary and costly threat for enterprises. However, there exist two critical challenges in the existing methods. Specifically, they heavily rely on a limited number of predefined rules and features. When the attack patterns change, security experts must manually design new ones. Besides, they cannot explore the attributes' mutual effect specific to login operations. We propose MLTracer, a graph neural network (GNN) based system for detecting such attacks. It has two core components to tackle the previous challenges. First, MLTracer adopts a novel method to differentiate crucial attributes of login operations from the rest without experts' designated features. Second, MLTracer leverages a GNN model to detect malicious logins. The model involves a convolutional neural network (CNN) to explore attributes of login operations, and a co-attention mechanism to mutually improve the representations (vectors) of login attributes through learning their login-specific relation. We implement an evaluation of such an approach. The results demonstrate that MLTracer significantly outperforms state-of-the-art methods. Moreover, MLTracer effectively detects various attack scenarios with a remarkably low false positive rate (FPR).

John, A., MC, A., Ajayan, A. S., Sanoop, S., Kumar, V. R..  2020.  Real-Time Facial Emotion Recognition System With Improved Preprocessing and Feature Extraction. 2020 Third International Conference on Smart Systems and Inventive Technology (ICSSIT). :1328—1333.

Human emotion recognition plays a vital role in interpersonal communication and human-machine interaction domain. Emotions are expressed through speech, hand gestures and by the movements of other body parts and through facial expression. Facial emotions are one of the most important factors in human communication that help us to understand, what the other person is trying to communicate. People understand only one-third of the message verbally, and two-third of it is through non-verbal means. There are many face emotion recognition (FER) systems present right now, but in real-life scenarios, they do not perform efficiently. Though there are many which claim to be a near-perfect system and to achieve the results in favourable and optimal conditions. The wide variety of expressions shown by people and the diversity in facial features of different people will not aid in the process of coming up with a system that is definite in nature. Hence developing a reliable system without any flaws showed by the existing systems is a challenging task. This paper aims to build an enhanced system that can analyse the exact facial expression of a user at that particular time and generate the corresponding emotion. Datasets like JAFFE and FER2013 were used for performance analysis. Pre-processing methods like facial landmark and HOG were incorporated into a convolutional neural network (CNN), and this has achieved good accuracy when compared with the already existing models.

Dörr, T., Sandmann, T., Becker, J..  2020.  A Formal Model for the Automatic Configuration of Access Protection Units in MPSoC-Based Embedded Systems. 2020 23rd Euromicro Conference on Digital System Design (DSD). :596—603.

Heterogeneous system-on-chip platforms with multiple processing cores are becoming increasingly common in safety-and security-critical embedded systems. To facilitate a logical isolation of physically connected on-chip components, internal communication links of such platforms are often equipped with dedicated access protection units. When performed manually, however, the configuration of these units can be both time-consuming and error-prone. To resolve this issue, we present a formal model and a corresponding design methodology that allows developers to specify access permissions and information flow requirements for embedded systems in a mostly platform-independent manner. As part of the methodology, the consistency between the permissions and the requirements is automatically verified and an extensible generation framework is used to transform the abstract permission declarations into configuration code for individual access protection units. We present a prototypical implementation of this approach and validate it by generating configuration code for the access protection unit of a commercially available multiprocessor system-on-chip.

2021-03-17
Wang, W., Zhang, X., Dong, L., Fan, Y., Diao, X., Xu, T..  2020.  Network Attack Detection based on Domain Attack Behavior Analysis. 2020 13th International Congress on Image and Signal Processing, BioMedical Engineering and Informatics (CISP-BMEI). :962—965.

Network security has become an important issue in our work and life. Hackers' attack mode has been upgraded from normal attack to APT( Advanced Persistent Threat, APT) attack. The key of APT attack chain is the penetration and intrusion of active directory, which can not be completely detected via the traditional IDS and antivirus software. Further more, lack of security protection of existing solutions for domain control aggravates this problem. Although researchers have proposed methods for domain attack detection, many of them have not yet been converted into effective market-oriented products. In this paper, we analyzes the common domain intrusion methods, various domain related attack behavior characteristics were extracted from ATT&CK matrix (Advanced tactics, techniques, and common knowledge) for analysis and simulation test. Based on analyzing the log file generated by the attack, the domain attack detection rules are established and input into the analysis engine. Finally, the available domain intrusion detection system is designed and implemented. Experimental results show that the network attack detection method based on the analysis of domain attack behavior can analyze the log file in real time and effectively detect the malicious intrusion behavior of hackers , which could facilitate managers find and eliminate network security threats immediately.

2021-03-09
Hakim, A. R., Rinaldi, J., Setiadji, M. Y. B..  2020.  Design and Implementation of NIDS Notification System Using WhatsApp and Telegram. 2020 8th International Conference on Information and Communication Technology (ICoICT). :1—4.

Network Intrusion Detection System (NIDS) can help administrators of a server in detecting attacks by analyzing packet data traffic on the network in real-time. If an attack occurs, an alert to the administrator is provided by NIDS so that the attack can be known and responded immediately. On the other hand, the alerts cannot be monitored by administrators all the time. Therefore, a system that automatically sends notifications to administrators in real-time by utilizing social media platforms is needed. This paper provides an analysis of the notification system built using Snort as NIDS with WhatsApp and Telegram as a notification platform. There are three types of attacks that are simulated and must be detected by Snort, which are Ping of Death attacks, SYN flood attacks, and SSH brute force attacks. The results obtained indicate that the system successfully provided notification in the form of attack time, IP source of the attack, source of attack port and type of attack in real-time.