Visible to the public Biblio

Found 110 results

Filters: Keyword is Real-time Systems  [Clear All Filters]
2020-05-15
Fan, Renshi, Du, Gaoming, Xu, Pengfei, Li, Zhenmin, Song, Yukun, Zhang, Duoli.  2019.  An Adaptive Routing Scheme Based on Q-learning and Real-time Traffic Monitoring for Network-on-Chip. 2019 IEEE 13th International Conference on Anti-counterfeiting, Security, and Identification (ASID). :244—248.
In the Network on Chip (NoC), performance optimization has always been a research focus. Compared with the static routing scheme, dynamical routing schemes can better reduce the data of packet transmission latency under network congestion. In this paper, we propose a dynamical Q-learning routing approach with real-time monitoring of NoC. Firstly, we design a real-time monitoring scheme and the corresponding circuits to record the status of traffic congestion for NoC. Secondly, we propose a novel method of Q-learning. This method finds an optimal path based on the lowest traffic congestion. Finally, we dynamically redistribute network tasks to increase the packet transmission speed and balance the traffic load. Compared with the C-XY routing and DyXY routing, our method achieved improvement in terms of 25.6%-49.5% and 22.9%-43.8%.
Madhukar, Anant, Misra, Dinesh Kumar, Zaheer, M M.  2018.  Indigenous Network Monitoring System. 2018 International Conference on Computational and Characterization Techniques in Engineering Sciences (CCTES). :262—266.

Military reconnaissance in 1999 has paved the way to establish its own, self-reliant and indigenous navigation system. The strategic necessity has been accomplished in 2013 by launching seven satellites in Geo-orbit and underlying Network control center in Bangalore and a new NavIC control center at Lucknow, later in 2016. ISTRAC is one of the premier and amenable center to track the Indian as well as external network satellite launch vehicle and provide house-keeping and inertial navigation (INC) data to launch control center in real time and to project team in off-line. Over the ISTRAC Launch network, Simple Network Management Protocol (SNMP) was disabled due to security and bandwidth reasons. The cons of SNMP comprise security risks that are normal trait whenever applied as an open standard. There is "security through obscurity" linked with any slight-used communications standard in SNMP. Detailed messages are being sent between devices, not just miniature pre-set codes. These cons in the SNMP are found in majority applications and more bandwidth seizure is another contention. Due to the above pros and cones in SNMP in form of open source, available network monitoring system (NMS) could not be employed for link monitoring and immediate decision making in ISTRAC network. The situation has made requisitions to evolve an in-house network monitoring system (NMS). It was evolved for real-time network monitoring as well as communication link performance explication. The evolved system has the feature of Internet control message protocol (ICMP) based link monitoring, 24/7 monitoring of all the nodes, GUI based real-time link status, Summary and individual link statistics on the GUI. It also identifies total downtime and generates summary reports. It does identification for out of order or looped packets, Email and SMS alert to Prime and Redundant system which one is down and repeat alert if the link is failed for more than 30 minutes. It has easy file based configuration and no application restart required. Generation of daily and monthly link status, offline link analysis plot of any day, less consumption of system resources are add-on features. It is fully secured in-house development, calculates total data flow over a network and co-relate data vs link percentage.

2020-05-08
CUI, A-jun, Li, Chen, WANG, Xiao-ming.  2019.  Real-Time Early Warning of Network Security Threats Based on Improved Ant Colony Algorithm. 2019 12th International Conference on Intelligent Computation Technology and Automation (ICICTA). :309—316.
In order to better ensure the operation safety of the network, the real-time early warning of network security threats is studied based on the improved ant colony algorithm. Firstly, the network security threat perception algorithm is optimized based on the principle of neural network, and the network security threat detection process is standardized according to the optimized algorithm. Finally, the real-time early warning of network security threats is realized. Finally, the experiment proves that the network security threat real-time warning based on the improved ant colony algorithm has better security and stability than the traditional warning methods, and fully meets the research requirements.
2020-05-04
Wang, Fang, Qi, Weimin, Qian, Tonghui.  2019.  A Dynamic Cybersecurity Protection Method based on Software-defined Networking for Industrial Control Systems. 2019 Chinese Automation Congress (CAC). :1831–1834.
In this paper, a dynamic cybersecurity protection method based on software-defined networking (SDN) is proposed, according to the protection requirement analysis for industrial control systems (ICSs). This method can execute security response measures by SDN, such as isolation, redirection etc., based on the real-time intrusion detection results, forming a detecting-responding closed-loop security control. In addition, moving target defense (MTD) concept is introduced to the protection for ICSs, where topology transformation and IP/port hopping are realized by SDN, which can confuse and deceive the attackers and prevent attacks at the beginning, protection ICSs in an active manner. The simulation results verify the feasibility of the proposed method.
Zou, Zhenwan, Chen, Jia, Hou, Yingsa, Song, Panpan, He, Ling, Yang, Huiting, Wang, Bin.  2019.  Design and Implementation of a New Intelligent Substation Network Security Defense System. 2019 IEEE 4th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). 1:2709–2713.
In order to enhance the network security protection level of intelligent substation, this paper puts forward a model of intelligent substation network security defense system through the analysis of intelligent substation network security risk and protection demand, and using example proved the feasibility and effectiveness of the defense system. It is intelligent substation network security protection provides a new solution.
2020-04-24
Yu, Jiangfan, Zhang, Li.  2019.  Reconfigurable Colloidal Microrobotic Swarm for Targeted Delivery. 2019 16th International Conference on Ubiquitous Robots (UR). :615—616.
Untethered microrobots actuated by external magnetic fields have drawn extensive attention recently, due to their potential advantages in real-time tracking and targeted delivery in vivo. To control a swarm of microrobots with external fields, however, is still one of the major challenges in this field. In this work, we present new methods to generate ribbon-like and vortex-like microrobotic swarms using oscillating and rotating magnetic fields, respectively. Paramagnetic nanoparticles with a diameter of 400 nm serve as the agents. These two types of swarms exhibits out-of-equilibrium structure, in which the nanoparticles perform synchronised motions. By tuning the magnetic fields, the swarming patterns can be reversibly transformed. Moreover, by increasing the pitch angle of the applied fields, the swarms are capable of performing navigated locomotion with a controlled velocity. This work sheds light on a better understanding for microrobotic swarm behaviours and paves the way for potential biomedical applications.
2020-04-13
Wang, Yongtao.  2019.  Development of AtoN Real-time Video Surveillance System Based on the AIS Collision Warning. 2019 5th International Conference on Transportation Information and Safety (ICTIS). :393–398.
In view of the challenges with Aids to Navigation (AtoN) managements and emergency response, the present study designs and presents an AtoN real-time video surveillance system based on the AIS collision warning. The key technologies regarding with AtoN cradle head control and testing algorithms, video image fusion, system operation and implementation are demonstrated in details. Case study is performed at Guan River (China) to verify the effectiveness of the AtoN real-time video surveillance system for maritime security supervision. The research results indicate that the intellective level of the AtoN maintenance and managements could be significantly improved. The idea of designing modules brings a good flexibility and a high portability for the present surveillance system, therefore provides a guidance for the design of similar maritime surveillance systems.
2020-04-10
Yadollahi, Mohammad Mehdi, Shoeleh, Farzaneh, Serkani, Elham, Madani, Afsaneh, Gharaee, Hossein.  2019.  An Adaptive Machine Learning Based Approach for Phishing Detection Using Hybrid Features. 2019 5th International Conference on Web Research (ICWR). :281—286.
Nowadays, phishing is one of the most usual web threats with regards to the significant growth of the World Wide Web in volume over time. Phishing attackers always use new (zero-day) and sophisticated techniques to deceive online customers. Hence, it is necessary that the anti-phishing system be real-time and fast and also leverages from an intelligent phishing detection solution. Here, we develop a reliable detection system which can adaptively match the changing environment and phishing websites. Our method is an online and feature-rich machine learning technique to discriminate the phishing and legitimate websites. Since the proposed approach extracts different types of discriminative features from URLs and webpages source code, it is an entirely client-side solution and does not require any service from the third-party. The experimental results highlight the robustness and competitiveness of our anti-phishing system to distinguish the phishing and legitimate websites.
2020-04-03
Aires Urquiza, Abraão, AlTurki, Musab A., Kanovich, Max, Ban Kirigin, Tajana, Nigam, Vivek, Scedrov, Andre, Talcott, Carolyn.  2019.  Resource-Bounded Intruders in Denial of Service Attacks. 2019 IEEE 32nd Computer Security Foundations Symposium (CSF). :382—38214.
Denial of Service (DoS) attacks have been a serious security concern, as no service is, in principle, protected against them. Although a Dolev-Yao intruder with unlimited resources can trivially render any service unavailable, DoS attacks do not necessarily have to be carried out by such (extremely) powerful intruders. It is useful in practice and more challenging for formal protocol verification to determine whether a service is vulnerable even to resource-bounded intruders that cannot generate or intercept arbitrary large volumes of traffic. This paper proposes a novel, more refined intruder model where the intruder can only consume at most some specified amount of resources in any given time window. Additionally, we propose protocol theories that may contain timeouts and specify service resource usage during protocol execution. In contrast to the existing resource-conscious protocol verification models, our model allows finer and more subtle analysis of DoS problems. We illustrate the power of our approach by representing a number of classes of DoS attacks, such as, Slow, Asymmetric and Amplification DoS attacks, exhausting different types of resources of the target, such as, number of workers, processing power, memory, and network bandwidth. We show that the proposed DoS problem is undecidable in general and is PSPACE-complete for the class of resource-bounded, balanced systems. Finally, we implemented our formal verification model in the rewriting logic tool Maude and analyzed a number of DoS attacks in Maude using Rewriting Modulo SMT in an automated fashion.
2020-03-12
Gawanmeh, Amjad, Parvin, Sazia, Venkatraman, Sitalakshmi, de Souza-Daw, Tony, Kang, James, Kaspi, Samuel, Jackson, Joanna.  2019.  A Framework for Integrating Big Data Security Into Agricultural Supply Chain. 2019 IEEE Fifth International Conference on Big Data Computing Service and Applications (BigDataService). :191–194.

In the era of mass agriculture to keep up with the increasing demand for food production, advanced monitoring systems are required in order to handle several challenges such as perishable products, food waste, unpredictable supply variations and stringent food safety and sustainability requirements. The evolution of Internet of Things have provided means for collecting, processing, and communicating data associated with agricultural processes. This have opened several opportunities to sustain, improve productivity and reduce waste in every step in the food supply chain system. On the hand, this resulted in several new challenges, such as, the security of the data, recording and representation of data, providing real time control, reliability of the system, and dealing with big data. This paper proposes an architecture for security of big data in the agricultural supply chain management system. This can help in reducing food waste, increasing the reliability of the supply chain, and enhance the performance of the food supply chain system.

2020-02-26
Kuo, Man-Hsuan, Hu, Chun-Ming, Lee, Kuen-Jong.  2019.  Time-Related Hardware Trojan Attacks on Processor Cores. 2019 IEEE International Test Conference in Asia (ITC-Asia). :43–48.

Real-time clock circuits are widely used in modern electronic systems to provide time information to the systems at the beginning of the system power-on. In this paper, we present two types of Hardware Trojan designs that employ the time information as the trigger conditions. One is a real-time based Trojan, which will attack a system at some specific realworld time. The other is a relative-time based Trojan, which will be triggered when a specific time period passes after the system is powered on. In either case when a Trojan is triggered its payload may corrupt the system or leakage internal information to the outside world. Experimental results show that the extra power consumption, area overhead and delay time are all quite small and thus the detection of the Trojans is difficult by using traditional side-channel detection methods.

Almohaimeed, Abdulrahman, Asaduzzaman, Abu.  2019.  Incorporating Monitoring Points in SDN to Ensure Trusted Links Against Misbehaving Traffic Flows. 2019 Fifth Conference on Mobile and Secure Services (MobiSecServ). :1–4.

The growing trend toward information technology increases the amount of data travelling over the network links. The problem of detecting anomalies in data streams has increased with the growth of internet connectivity. Software-Defined Networking (SDN) is a new concept of computer networking that can adapt and support these growing trends. However, the centralized nature of the SDN design is challenged by the need for an efficient method for traffic monitoring against traffic anomalies caused by misconfigured devices or ongoing attacks. In this paper, we propose a new model for traffic behavior monitoring that aims to ensure trusted communication links between the network devices. The main objective of this model is to confirm that the behavior of the traffic streams matches the instructions provided by the SDN controller, which can help to increase the trust between the SDN controller and its covered infrastructure components. According to our preliminary implementation, the behavior monitoring unit is able to read all traffic information and perform a validation process that reports any mismatching traffic to the controller.

2020-02-18
Chaturvedi, Shilpa, Simmhan, Yogesh.  2019.  Toward Resilient Stream Processing on Clouds Using Moving Target Defense. 2019 IEEE 22nd International Symposium on Real-Time Distributed Computing (ISORC). :134–142.
Big data platforms have grown popular for real-time stream processing on distributed clusters and clouds. However, execution of sensitive streaming applications on shared computing resources increases their vulnerabilities, and may lead to data leaks and injection of spurious logic that can compromise these applications. Here, we adopt Moving Target Defense (MTD) techniques into Fast Data platforms, and propose MTD strategies by which we can mitigate these attacks. Our strategies target the platform, application and data layers, which make these reusable, rather than the OS, virtual machine, or hardware layers, which are environment specific. We use Apache Storm as the canonical distributed stream processing platform for designing our MTD strategies, and offer a preliminary evaluation that indicates the feasibility and evaluates the performance overheads.
2020-02-17
Liu, Zhikun, Gui, Canzhi, Ma, Chao.  2019.  Design and Verification of Integrated Ship Monitoring Network with High Reliability and Zero-Time Self-Healing. 2019 Chinese Control And Decision Conference (CCDC). :2348–2351.
The realization principle of zero-time self-healing network communication technology is introduced. According to the characteristics of ship monitoring, an integrated ship monitoring network is designed, which integrates the information of ship monitoring equipment. By setting up a network performance test environment, the information delay of self-healing network switch is tested, and the technical characteristics of "no packet loss" are verified. Zero-time self-healing network communication technology is an innovative technology in the design of ship monitoring network. It will greatly reduce the laying of network cables, reduce the workload of information upgrade and transformation of ships, and has the characteristics of continuous maintenance of the network. It has a wide application prospect.
Gharehbaghi, Koorosh, Myers, Matt.  2019.  Intelligent System Intricacies: Safety, Security and Risk Management Apprehensions of ITS. 2019 8th International Conference on Industrial Technology and Management (ICITM). :37–40.
While the general idea of Intelligent Transportation System (ITS) is to employ suitable, sophisticated information and communications technologies, however, such tool also encompass many system complexities. Fittingly, this paper aims to highlight the most contemporary system complications of ITS and in doing so, will also underline the safety, security and risk management concerns. More importantly, effectively treating such issues will ultimately improve the reliability and efficiency of transportation systems. Whereas such issues are among the most significant subjects for any intelligent system, for ITS in particular they the most dominant. For such intelligent systems, the safety, security and risk management issues must not only be decidedly prioritized, but also methodically integrated. As a part of such ITS integration, this paper will delicately examine the Emergency Management System (EMS) development and application. Accurate EMS is not only a mandatory feature of intelligent systems, but it is a fundamental component of ITS which will vigilantly respond to safety, security and risk management apprehensions. To further substantiate such scheme, the Sydney Metro's EMS will be also conferred. It was determined that, the Sydney Metro's EMS although highly advanced, it was also vigilantly aligned with specific designated safety, security and risk management strategies.
2020-02-10
Shahinzadeh, Hossein, Moradi, Jalal, Gharehpetian, Gevork B., Nafisi, Hamed, Abedi, Mehrdad.  2019.  IoT Architecture for Smart Grids. 2019 International Conference on Protection and Automation of Power System (IPAPS). :22–30.
The tremendous advances in information and communications technology (ICT), as well as the embedded systems, have been led to the emergence of the novel concept of the internet of things (IoT). Enjoying IoT-based technologies, many objects and components can be connected to each other through the internet or other modern communicational platforms. Embedded systems which are computing machines for special purposes like those utilized in high-tech devices, smart buildings, aircraft, and vehicles including advanced controllers, sensors, and meters with the ability of information exchange using IT infrastructures. The phrase "internet", in this context, does not exclusively refer to the World Wide Web rather than any type of server-based or peer-to-peer networks. In this study, the application of IoT in smart grids is addressed. Hence, at first, an introduction to the necessity of deployment of IoT in smart grids is presented. Afterwards, the applications of IoT in three levels of generation, transmission, and distribution is proposed. The generation level is composed of applications of IoT in renewable energy resources, wind and solar in particular, thermal generation, and energy storage facilities. The deployment of IoT in transmission level deals with congestion management in power system and guarantees the security of the system. In the distribution level, the implications of IoT in active distribution networks, smart cities, microgrids, smart buildings, and industrial sector are evaluated.
Yang, Weiyong, Liu, Wei, Wei, Xingshen, Lv, Xiaoliang, Qi, Yunlong, Sun, Boyan, Liu, Yin.  2019.  Micro-Kernel OS Architecture and its Ecosystem Construction for Ubiquitous Electric Power IoT. 2019 IEEE International Conference on Energy Internet (ICEI). :179–184.

The operating system is extremely important for both "Made in China 2025" and ubiquitous electric power Internet of Things. By investigating of five key requirements for ubiquitous electric power Internet of Things at the OS level (performance, ecosystem, information security, functional security, developer framework), this paper introduces the intelligent NARI microkernel Operating System and its innovative schemes. It is implemented with microkernel architecture based on the trusted computing. Some technologies such as process based fine-grained real-time scheduling algorithm, sigma0 efficient message channel and service process binding in multicore are applied to improve system performance. For better ecological expansion, POSIX standard API is compatible, Linux container, embedded virtualization and intelligent interconnection technology are supported. Native process sandbox and mimicry defense are considered for security mechanism design. Multi-level exception handling and multidimensional partition isolation are adopted to provide High Reliability. Theorem-assisted proof tools based on Isabelle/HOL is used to verify the design and implementation of NARI microkernel OS. Developer framework including tools, kit and specification is discussed when developing both system software and user software on this IoT OS.

2020-01-27
Shang, Chengya, Bao, Xianqiang, Fu, Lijun, Xia, Li, Xu, Xinghua, Xu, Chengcheng.  2019.  A Novel Key-Value Based Real-Time Data Management Framework for Ship Integrated Power Cyber-Physical System. 2019 IEEE Innovative Smart Grid Technologies - Asia (ISGT Asia). :854–858.
The new generation ship integrated power system (IPS) realizes high level informatization for various physical equipments, and gradually develops to a cyber-physical system (CPS). The future trend is collecting ship big data to achieve data-driven intelligence for IPS. However, traditional relational data management framework becomes inefficient to handle the real-time data processing in ship integrated power cyber-physics system. In order to process the large-scale real-time data that collected from numerous sensors by field bus of IPS devices within acceptable latency, especially for handling the semi-structured and non-structured data. This paper proposes a novel key-value data model based real-time data management framework, which enables batch processing and distributed deployment to acquire time-efficiency as well as system scalable. We implement a real-time data management prototype system based on an open source in-memory key-value store. Finally, the evaluation results from the prototype verify the advantages of novel framework compared with traditional solution.
2020-01-21
Shen, Qili, Wu, Jun, Li, Jianhua.  2019.  Edge Learning Based Green Content Distribution for Information-Centric Internet of Things. 2019 42nd International Conference on Telecommunications and Signal Processing (TSP). :67–70.
Being the revolutionary future networking architecture, information-centric networking (ICN) conducts network distribution based on content, which is ideally suitable for Internet of things (IoT). With the rapid growth of network traffic, compared to the conventional IoT, information-centric Internet of things (IC-IoT) is expected to provide users with the better satisfaction of the network quality of service (QoS). However, due to IC-IoT requirements of low latency, large data volume, marginalization, and intelligent processing, it urgently needs an efficient content distribution system. In this paper, we propose an edge learning based green content distribution scheme for IC-IoT. We implement intelligent path selection based on decision tree and edge calculation. Moreover, we apply distributed coding based content transmission to enhance the speed and recovery capability of content. Meanwhile, we have verified the effectiveness and performance of this scheme based on a large number of simulation experiments. The work of this paper is of great significance to improve the efficiency and flexibility of content distribution in IC-IoT.
2019-12-30
Liu, Keng-Cheng, Hsu, Chen-Chien, Wang, Wei-Yen, Chiang, Hsin-Han.  2019.  Real-Time Facial Expression Recognition Based on CNN. 2019 International Conference on System Science and Engineering (ICSSE). :120–123.
In this paper, we propose a method for improving the robustness of real-time facial expression recognition. Although there are many ways to improve the accuracy of facial expression recognition, a revamp of the training framework and image preprocessing allow better results in applications. One existing problem is that when the camera is capturing images in high speed, changes in image characteristics may occur at certain moments due to the influence of light and other factors. Such changes can result in incorrect recognition of the human facial expression. To solve this problem for smooth system operation and maintenance of recognition speed, we take changes in image characteristics at high speed capturing into account. The proposed method does not use the immediate output for reference, but refers to the previous image for averaging to facilitate recognition. In this way, we are able to reduce interference by the characteristics of the images. The experimental results show that after adopting this method, overall robustness and accuracy of facial expression recognition have been greatly improved compared to those obtained by only the convolution neural network (CNN).
2019-12-18
Kirti, Agrawal, Namrata, Kumar, Sunil, Sah, D.K..  2018.  Prevention of DDoS Attack through Harmonic Homogeneity Difference Mechanism on Traffic Flow. 2018 4th International Conference on Recent Advances in Information Technology (RAIT). :1-6.

The ever rising attacks on IT infrastructure, especially on networks has become the cause of anxiety for the IT professionals and the people venturing in the cyber-world. There are numerous instances wherein the vulnerabilities in the network has been exploited by the attackers leading to huge financial loss. Distributed denial of service (DDoS) is one of the most indirect security attack on computer networks. Many active computer bots or zombies start flooding the servers with requests, but due to its distributed nature throughout the Internet, it cannot simply be terminated at server side. Once the DDoS attack initiates, it causes huge overhead to the servers in terms of its processing capability and service delivery. Though, the study and analysis of request packets may help in distinguishing the legitimate users from among the malicious attackers but such detection becomes non-viable due to continuous flooding of packets on servers and eventually leads to denial of service to the authorized users. In the present research, we propose traffic flow and flow count variable based prevention mechanism with the difference in homogeneity. Its simplicity and practical approach facilitates the detection of DDoS attack at the early stage which helps in prevention of the attack and the subsequent damage. Further, simulation result based on different instances of time has been shown on T-value including generation of simple and harmonic homogeneity for observing the real time request difference and gaps.

Lawal, Babatunde Hafis, Nuray, A. T..  2018.  Real-time detection and mitigation of distributed denial of service (DDoS) attacks in software defined networking (SDN). 2018 26th Signal Processing and Communications Applications Conference (SIU). :1–4.
The emergence of Software Defined Network (SDN) and its promises in networking technology has gotten every stakeholder excited. However, it is believed that every technological development comes with its own challenges of which the most prominent in this case is security. This paper presents a real time detection of the distributed denial of service (DDoS) attacks on the SDN and a control method based on the sFlow mitigation technology. sFlow analyses samples of packets collected from the network traffic and generates handling rules to be sent to the controller in case of an attack detection. The implementation was done by emulating the network in Mininet which runs on a Virtual Machine (VM) and it was shown that the proposed method effectively detects and mitigates DDoS attacks.
2019-12-16
DiPaola, Steve, Yalçin, Özge Nilay.  2019.  A multi-layer artificial intelligence and sensing based affective conversational embodied agent. 2019 8th International Conference on Affective Computing and Intelligent Interaction Workshops and Demos (ACIIW). :91–92.
Building natural and conversational virtual humans is a task of formidable complexity. We believe that, especially when building agents that affectively interact with biological humans in real-time, a cognitive science-based, multilayered sensing and artificial intelligence (AI) systems approach is needed. For this demo, we show a working version (through human interaction with it) our modular system of natural, conversation 3D virtual human using AI or sensing layers. These including sensing the human user via facial emotion recognition, voice stress, semantic meaning of the words, eye gaze, heart rate, and galvanic skin response. These inputs are combined with AI sensing and recognition of the environment using deep learning natural language captioning or dense captioning. These are all processed by our AI avatar system allowing for an affective and empathetic conversation using an NLP topic-based dialogue capable of using facial expressions, gestures, breath, eye gaze and voice language-based two-way back and forth conversations with a sensed human. Our lab has been building these systems in stages over the years.
2019-12-02
Khan, Rafiullah, McLaughlin, Kieran, Laverty, John Hastings David, David, Hastings, Sezer, Sakir.  2018.  Demonstrating Cyber-Physical Attacks and Defense for Synchrophasor Technology in Smart Grid. 2018 16th Annual Conference on Privacy, Security and Trust (PST). :1–10.
Synchrophasor technology is used for real-time control and monitoring in smart grid. Previous works in literature identified critical vulnerabilities in IEEE C37.118.2 synchrophasor communication standard. To protect synchrophasor-based systems, stealthy cyber-attacks and effective defense mechanisms still need to be investigated.This paper investigates how an attacker can develop a custom tool to execute stealthy man-in-the-middle attacks against synchrophasor devices. In particular, four different types of attack capabilities have been demonstrated in a real synchrophasor-based synchronous islanding testbed in laboratory: (i) command injection attack, (ii) packet drop attack, (iii) replay attack and (iv) stealthy data manipulation attack. With deep technical understanding of the attack capabilities and potential physical impacts, this paper also develops and tests a distributed Intrusion Detection System (IDS) following NIST recommendations. The functionalities of the proposed IDS have been validated in the testbed for detecting aforementioned cyber-attacks. The paper identified that a distributed IDS with decentralized decision making capability and the ability to learn system behavior could effectively detect stealthy malicious activities and improve synchrophasor network security.
2019-11-11
Al-Hasnawi, Abduljaleel, Mohammed, Ihab, Al-Gburi, Ahmed.  2018.  Performance Evaluation of the Policy Enforcement Fog Module for Protecting Privacy of IoT Data. 2018 IEEE International Conference on Electro/Information Technology (EIT). :0951–0957.
The rapid development of the Internet of Things (IoT) results in generating massive amounts of data. Significant portions of these data are sensitive since they reflect (directly or indirectly) peoples' behaviors, interests, lifestyles, etc. Protecting sensitive IoT data from privacy violations is a challenge since these data need to be communicated, processed, analyzed, and stored by public networks, servers, and clouds; most of them are untrusted parties for data owners. We propose a solution for protecting sensitive IoT data called Policy Enforcement Fog Module (PEFM). The major task of the PEFM solution is mandatory enforcement of privacy policies for sensitive IoT data-wherever these data are accessed throughout their entire lifecycle. The key feature of PEFM is its placement within the fog computing infrastructure, which assures that PEFM operates as closely as possible to data sources within the edge. PEFM enforces policies directly for local IoT applications. In contrast, for remote applications, PEFM provides a self-protecting mechanism based on creating and disseminating Active Data Bundles (ADBs). ADBs are software constructs bundling inseparably sensitive data, their privacy policies, and an execution engine able to enforce privacy policies. To prove effectiveness and efficiency of the proposed module, we developed a smart home proof-of-concept scenario. We investigate privacy threats for sensitive IoT data. We run simulation experiments, based on network calculus, for testing performance of the PEFM controls for different network configurations. The results of the simulation show that-even with using from 1 to 5 additional privacy policies for improved data privacy-penalties in terms of execution time and delay are reasonable (approx. 12-15% and 13-19%, respectively). The results also show that PEFM is scalable regarding the number of the real-time constraints for real-time IoT applications.