Visible to the public Biblio

Found 12254 results

2021-05-25
Baccari, Sihem, Touati, Haifa, Hadded, Mohamed, Muhlethaler, Paul.  2020.  Performance Impact Analysis of Security Attacks on Cross-Layer Routing Protocols in Vehicular Ad hoc Networks. 2020 International Conference on Software, Telecommunications and Computer Networks (SoftCOM). :1—6.

Recently, several cross-layer protocols have been designed for vehicular networks to optimize data dissemination by ensuring internal communications between routing and MAC layers. In this context, a cross-layer protocol, called TDMA-aware Routing Protocol for Multi-hop communications (TRPM), was proposed in order to efficiently select a relay node based on time slot scheduling information obtained from the MAC layer. However, due to the constant evolution of cyber-attacks on the routing and MAC layers, data dissemination in vehicular networks is vulnerable to several types of attack. In this paper, we identify the different attack models that can disrupt the cross-layer operation of the TRPM protocol and assess their impact on performance through simulation. Several new vulnerabilities related to the MAC slot scheduling process are identified. Exploiting of these vulnerabilities would lead to severe channel capacity wastage where up to half of the free slots could not be reserved.

Silitonga, Arthur, Becker, Juergen.  2020.  Security-driven Cross-Layer Model Description of a HW/SW Framework for AP MPSoC-based Computing Device. 2020 IEEE International Systems Conference (SysCon). :1—8.

Implementation of Internet-of-Things (IoT) can take place in many applications, for instance, automobiles, and industrial automation. We generally view the role of an Electronic Control Unit (ECU) or industrial network node that is occupied and interconnected in many different configurations in a vehicle or a factory. This condition may raise the occurrence of problems related to security issues, such as unauthorized access to data or components in ECUs or industrial network nodes. In this paper, we propose a hardware (HW)/software (SW) framework having integrated security extensions complemented with various security-related features that later can be implemented directly from the framework to All Programmable Multiprocessor System-on-Chip (AP MPSoC)-based ECUs. The framework is a software-defined one that can be configured or reconfigured in a higher level of abstraction language, including High-Level Synthesis (HLS), and the output of the framework is hardware configuration in multiprocessor or reconfigurable components in the FPGA. The system comprises high-level requirements, covert and side-channel estimation, cryptography, optimization, artificial intelligence, and partial reconfiguration. With this framework, we may reduce the design & development time, and provide significant flexibility to configure/reconfigure our framework and its target platform equipped with security extensions.

Zhu, Pengfei, Cui, Jiabin, Ji, Yuefeng.  2020.  A Built-in Hash Permutation Assisted Cross-layer Secure Transport in End-to-End FlexE over WDM Networks. GLOBECOM 2020 - 2020 IEEE Global Communications Conference. :1—5.

With the traffic growth with different deterministic transport and isolation requirements in radio access networks (RAN), Flexible Ethernet (FlexE) over wavelength division multiplexing (WDM) network is as a candidate for next generation RAN transport, and the security issue in RAN transport is much more obvious, especially the eavesdropping attack in physical layer. Therefore, in this work, we put forward a cross-layer design for security enhancement through leveraging universal Hashing based FlexE data block permutation and multiple parallel fibre transmission for anti-eavesdropping in end-to-end FlexE over WDM network. Different levels of attack ability are considered for measuring the impact on network security and resource utilization. Furthermore, the trade-off problem between efficient resource utilization and guarantee of higher level of security is also explored. Numerical results demonstrate the cross-layer defense strategies are effective to struggle against intruders with different levels of attack ability.

Santos, Bernardo, Dzogovic, Bruno, Feng, Boning, Jacot, Niels, Do, Van Thuan, Do, Thanh Van.  2020.  Improving Cellular IoT Security with Identity Federation and Anomaly Detection. 2020 5th International Conference on Computer and Communication Systems (ICCCS). :776—780.

As we notice the increasing adoption of Cellular IoT solutions (smart-home, e-health, among others), there are still some security aspects that can be improved as these devices can suffer various types of attacks that can have a high-impact over our daily lives. In order to avoid this, we present a multi-front security solution that consists on a federated cross-layered authentication mechanism, as well as a machine learning platform with anomaly detection techniques for data traffic analysis as a way to study devices' behavior so it can preemptively detect attacks and minimize their impact. In this paper, we also present a proof-of-concept to illustrate the proposed solution and showcase its feasibility, as well as the discussion of future iterations that will occur for this work.

Abbas, Syed Ghazanfar, Hashmat, Fabiha, Shah, Ghalib A..  2020.  A Multi-layer Industrial-IoT Attack Taxonomy: Layers, Dimensions, Techniques and Application. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1820—1825.

Industrial IoT (IIoT) is a specialized subset of IoT which involves the interconnection of industrial devices with ubiquitous control and intelligent processing services to improve industrial system's productivity and operational capability. In essence, IIoT adapts a use-case specific architecture based on RFID sense network, BLE sense network or WSN, where heterogeneous industrial IoT devices can collaborate with each other to achieve a common goal. Nonetheless, most of the IIoT deployments are brownfield in nature which involves both new and legacy technologies (SCADA (Supervisory Control and Data Acquisition System)). The merger of these technologies causes high degree of cross-linking and decentralization which ultimately increases the complexity of IIoT systems and introduce new vulnerabilities. Hence, industrial organizations becomes not only vulnerable to conventional SCADA attacks but also to a multitude of IIoT specific threats. However, there is a lack of understanding of these attacks both with respect to the literature and empirical evaluation. As a consequence, it is infeasible for industrial organizations, researchers and developers to analyze attacks and derive a robust security mechanism for IIoT. In this paper, we developed a multi-layer taxonomy of IIoT attacks by considering both brownfield and greenfield architecture of IIoT. The taxonomy consists of 11 layers 94 dimensions and approximately 100 attack techniques which helps to provide a holistic overview of the incident attack pattern, attack characteristics and impact on industrial system. Subsequently, we have exhibited the practical relevance of developed taxonomy by applying it to a real-world use-case. This research will benefit researchers and developers to best utilize developed taxonomy for analyzing attack sequence and to envisage an efficient security platform for futuristic IIoT applications.

Meghdouri, Fares, Vázquez, Félix Iglesias, Zseby, Tanja.  2020.  Cross-Layer Profiling of Encrypted Network Data for Anomaly Detection. 2020 IEEE 7th International Conference on Data Science and Advanced Analytics (DSAA). :469—478.

In January 2017 encrypted Internet traffic surpassed non-encrypted traffic. Although encryption increases security, it also masks intrusions and attacks by blocking the access to packet contents and traffic features, therefore making data analysis unfeasible. In spite of the strong effect of encryption, its impact has been scarcely investigated in the field. In this paper we study how encryption affects flow feature spaces and machine learning-based attack detection. We propose a new cross-layer feature vector that simultaneously represents traffic at three different levels: application, conversation, and endpoint behavior. We analyze its behavior under TLS and IPSec encryption and evaluate the efficacy with recent network traffic datasets and by using Random Forests classifiers. The cross-layer multi-key approach shows excellent attack detection in spite of TLS encryption. When IPsec is applied, the reduced variant obtains satisfactory detection for botnets, yet considerable performance drops for other types of attacks. The high complexity of network traffic is unfeasible for monolithic data analysis solutions, therefore requiring cross-layer analysis for which the multi-key vector becomes a powerful profiling core.

Wei, Wenqi, Liu, Ling, Loper, Margaret, Chow, Ka-Ho, Gursoy, Emre, Truex, Stacey, Wu, Yanzhao.  2020.  Cross-Layer Strategic Ensemble Defense Against Adversarial Examples. 2020 International Conference on Computing, Networking and Communications (ICNC). :456—460.

Deep neural network (DNN) has demonstrated its success in multiple domains. However, DNN models are inherently vulnerable to adversarial examples, which are generated by adding adversarial perturbations to benign inputs to fool the DNN model to misclassify. In this paper, we present a cross-layer strategic ensemble framework and a suite of robust defense algorithms, which are attack-independent, and capable of auto-repairing and auto-verifying the target model being attacked. Our strategic ensemble approach makes three original contributions. First, we employ input-transformation diversity to design the input-layer strategic transformation ensemble algorithms. Second, we utilize model-disagreement diversity to develop the output-layer strategic model ensemble algorithms. Finally, we create an input-output cross-layer strategic ensemble defense that strengthens the defensibility by combining diverse input transformation based model ensembles with diverse output verification model ensembles. Evaluated over 10 attacks on ImageNet dataset, we show that our strategic ensemble defense algorithms can achieve high defense success rates and are more robust with high attack prevention success rates and low benign false negative rates, compared to existing representative defenses.

Javidi, Giti, Sheybani, Ehsan.  2018.  K-12 Cybersecurity Education, Research, and Outreach. 2018 IEEE Frontiers in Education Conference (FIE). :1—5.
This research-to-practice work-in-progress addresses a new approach to cybersecurity education. The cyber security skills shortage is reaching prevalent proportions. The consensus in the STEM community is that the problem begins at k-12 schools with too few students interested in STEM subjects. One way to ensure a larger pipeline in cybersecurity is to train more high school teachers to not only teach cybersecurity in their schools or integrate cybersecurity concepts in their classrooms but also to promote IT security as an attractive career path. The proposed research will result in developing a unique and novel curriculum and scalable program in the area of cybersecurity and a set of powerful tools for a fun learning experience in cybersecurity education. In this project, we are focusing on the potential to advance research agendas in cybersecurity and train the future generation with cybersecurity skills and answer fundamental research questions that still exist in the blended learning methodologies for cybersecurity education and assessment. Leadership and entrepreneurship skills are also added to the mix to prepare students for real-world problems. Delivery methods, timing, format, pacing and outcomes alignment will all be assessed to provide a baseline for future research and additional synergy and integration with existing cybersecurity programs to expand or leverage for new cybersecurity and STEM educational research. This is a new model for cybersecurity education, leadership, and entrepreneurship and there is a possibility of a significant leap towards a more advanced cybersecurity educational methodology using this model. The project will also provide a prototype for innovation coupled with character-building and ethical leadership.
Raj, Rajendra K., Ekstrom, Joseph J., Impagliazzo, John, Lingafelt, Steven, Parrish, Allen, Reif, Harry, Sobiesk, Ed.  2017.  Perspectives on the future of cybersecurity education. 2017 IEEE Frontiers in Education Conference (FIE). :1—2.
As the worldwide demand for cybersecurity-trained professionals continues to grow, the need to understand and define what cybersecurity education really means at the college or university level. Given the relative infancy of these efforts to define undergraduate cybersecurity programs, the panelists will present different perspectives on how such programs can be structured. They will then engage with the audience to explore additional viewpoints on cybersecurity, and work toward a shared understanding of undergraduate cybersecurity programs.
Alnsour, Rawan, Hamdan, Basil.  2020.  Incorporating SCADA Cybersecurity in Undergraduate Engineering Technology Information Technology Education. 2020 Intermountain Engineering, Technology and Computing (IETC). :1—4.

The purpose of this paper is threefold. First, it makes the case for incorporating cybersecurity principles into undergraduate Engineering Technology Education and for incorporating Industrial Control Systems (ICS) principles into undergraduate Information Technology (IT)/Cybersecurity Education. Specifically, the paper highlights the knowledge/skill gap between engineers and IT/Cybersecurity professionals with respect to the cybersecurity of the ICS. Secondly, it identifies several areas where traditional IT systems and ICS intercept. This interception not only implies that ICS are susceptible to the same cyber threats as traditional IT/IS but also to threats that are unique to ICS. Subsequently, the paper identifies several areas where cybersecurity principles can be applied to ICS. By incorporating cybersecurity principles into Engineering Technology Education, the paper hopes to provide IT/Cybersecurity and Engineering Students with (a) the theoretical knowledge of the cybersecurity issues associated with administering and operating ICS and (b) the applied technical skills necessary to manage and mitigate the cyber risks against these systems. Overall, the paper holds the promise of contributing to the ongoing effort aimed at bridging the knowledge/skill gap with respect to securing ICS against cyber threats and attacks.

Addae, Joyce, Radenkovic, Milena, Sun, Xu, Towey, Dave.  2016.  An extended perspective on cybersecurity education. 2016 IEEE International Conference on Teaching, Assessment, and Learning for Engineering (TALE). :367—369.
The current trend of ubiquitous device use whereby computing is becoming increasingly context-aware and personal, has created a growing concern for the protection of personal privacy. Privacy is an essential component of security, and there is a need to be able to secure personal computers and networks to minimize privacy depreciation within cyberspace. Human error has been recognized as playing a major role in security breaches: Hence technological solutions alone cannot adequately address the emerging security and privacy threats. Home users are particularly vulnerable to cybersecurity threats for a number of reasons, including a particularly important one that our research seeks to address: The lack of cybersecurity education. We argue that research seeking to address the human element of cybersecurity should not be limited only to the design of more usable technical security mechanisms, but should be extended and applied to offering appropriate training to all stakeholders within cyberspace.
Sabillon, Regner, Serra-Ruiz, Jordi, Cavaller, Victor, Cano, Jeimy.  2017.  A Comprehensive Cybersecurity Audit Model to Improve Cybersecurity Assurance: The CyberSecurity Audit Model (CSAM). 2017 International Conference on Information Systems and Computer Science (INCISCOS). :253—259.

Nowadays, private corporations and public institutions are dealing with constant and sophisticated cyberthreats and cyberattacks. As a general warning, organizations must build and develop a cybersecurity culture and awareness in order to defend against cybercriminals. Information Technology (IT) and Information Security (InfoSec) audits that were efficient in the past, are trying to converge into cybersecurity audits to address cyber threats, cyber risks and cyberattacks that evolve in an aggressive cyber landscape. However, the increase in number and complexity of cyberattacks and the convoluted cyberthreat landscape is challenging the running cybersecurity audit models and putting in evidence the critical need for a new cybersecurity audit model. This article reviews the best practices and methodologies of global leaders in the cybersecurity assurance and audit arena. By means of the analysis of the current approaches and theoretical background, their real scope, strengths and weaknesses are highlighted looking forward a most efficient and cohesive synthesis. As a resut, this article presents an original and comprehensive cybersecurity audit model as a proposal to be utilized for conducting cybersecurity audits in organizations and Nation States. The CyberSecurity Audit Model (CSAM) evaluates and validates audit, preventive, forensic and detective controls for all organizational functional areas. CSAM has been tested, implemented and validated along with the Cybersecurity Awareness TRAining Model (CATRAM) in a Canadian higher education institution. A research case study is being conducted to validate both models and the findings will be published accordingly.

Chao, Henry, Stark, Benjamin, Samarah, Mohammad.  2019.  Analysis of Learning Modalities Towards Effective Undergraduate Cybersecurity Education Design. 2019 IEEE International Conference on Engineering, Technology and Education (TALE). :1—6.
Cybersecurity education is a critical component of today's computer science and IT curriculum. To provide for a highly effective cybersecurity education, we propose using machine-learning techniques to identify common learning modalities of cybersecurity students in order to optimize how cybersecurity core topics, threats, tools and techniques are taught. We test various hypothesis, e.g. that students of selected VARK learning styles will outperform their peers. The results indicate that for the class assignments in our study preference of read/write and kinesthetic modalities yielded the best results. This further indicates that specific learning instruments can be tailored for students based on their individual VARK learning styles.
Laato, Samuli, Farooq, Ali, Tenhunen, Henri, Pitkamaki, Tinja, Hakkala, Antti, Airola, Antti.  2020.  AI in Cybersecurity Education- A Systematic Literature Review of Studies on Cybersecurity MOOCs. 2020 IEEE 20th International Conference on Advanced Learning Technologies (ICALT). :6—10.

Machine learning (ML) techniques are changing both the offensive and defensive aspects of cybersecurity. The implications are especially strong for privacy, as ML approaches provide unprecedented opportunities to make use of collected data. Thus, education on cybersecurity and AI is needed. To investigate how AI and cybersecurity should be taught together, we look at previous studies on cybersecurity MOOCs by conducting a systematic literature review. The initial search resulted in 72 items and after screening for only peer-reviewed publications on cybersecurity online courses, 15 studies remained. Three of the studies concerned multiple cybersecurity MOOCs whereas 12 focused on individual courses. The number of published work evaluating specific cybersecurity MOOCs was found to be small compared to all available cybersecurity MOOCs. Analysis of the studies revealed that cybersecurity education is, in almost all cases, organised based on the topic instead of used tools, making it difficult for learners to find focused information on AI applications in cybersecurity. Furthermore, there is a gab in academic literature on how AI applications in cybersecurity should be taught in online courses.

Qian, Kai, Dan Lo, Chia-Tien, Guo, Minzhe, Bhattacharya, Prabir, Yang, Li.  2012.  Mobile security labware with smart devices for cybersecurity education. IEEE 2nd Integrated STEM Education Conference. :1—3.

Smart mobile devices such as smartphones and tablets have become an integral part of our society. However, it also becomes a prime target for attackers with malicious intents. There have been a number of efforts on developing innovative courseware to promote cybersecurity education and to improve student learning; however, hands-on labs are not well developed for smart mobile devices and for mobile security topics. In this paper, we propose to design and develop a mobile security labware with smart mobile devices to promote the cybersecurity education. The integration of mobile computing technologies and smart devices into cybersecurity education will connect the education to leading-edge information technologies, motivate and engage students in security learning, fill in the gap with IT industry need, and help faculties build expertise on mobile computing. In addition, the hands-on experience with mobile app development will promote student learning and supply them with a better understanding of security knowledge not only in classical security domains but also in the emerging mobile security areas.

Zhang, ZhiShuo, Zhang, Wei, Qin, Zhiguang.  2020.  Multi-Authority CP-ABE with Dynamical Revocation in Space-Air-Ground Integrated Network. 2020 International Conference on Space-Air-Ground Computing (SAGC). :76–81.
Space-air-ground integrated network (SAGIN) is emerged as a versatile computing and traffic architecture in recent years. Though SAGIN brings many significant benefits for modern communication and computing services, there are many unprecedented challenges in SAGIN. The one critical challenge in SAGIN is the data security. In SAGIN, because the data will be stored in cleartext on cloud, the sensitive data may suffer from the illegal access by the unauthorized users even the untrusted cloud servers (CSs). Ciphertext-policy attribute-based encryption (CP-ABE), which is a type of attribute-based encryption (ABE), has been regarded as a promising solution to the critical challenge of the data security on cloud. But there are two main blemishes in traditional CP-ABE. The first one is that there is only one attribute authority (AA) in CP-ABE. If the single AA crashs down, the whole system will be shut down. The second one is that the AA cannot effectively manage the life cycle of the users’ private keys. If a user on longer has one attribute, the AA cannot revoke the user’s private key of this attribute. This means the user can still decrypt some ciphertexts using this invalid attribute. In this paper, to solve the two flaws mentioned above, we propose a multi-authority CP-ABE (MA-CP-ABE) scheme with the dynamical key revocation (DKR). Our key revocation supports both user revocation and attribute revocation. And the our revocation is time friendly. What’s more, by using our dynamically tag-based revocation algorithm, AAs can dynamically and directly re-enable or revoke the invalid attributes to users. Finally, by evaluating and implementing our scheme, we can observe that our scheme is more comprehensive and practical for cloud applications in SAGIN.
Chen, Yingquan, Wang, Yong.  2020.  Efficient Conversion Scheme Of Access Matrix In CP-ABE With Double Revocation Capability. 2020 IEEE International Conference on Progress in Informatics and Computing (PIC). :352–357.
To achieve a fine-grained access control function and guarantee the data confidentiality in the cloud storage environment, ciphertext policy attribute-based encryption (CP-ABE) has been widely implemented. However, due to the high computation and communication overhead, the nature of CP-ABE mechanism makes it difficult to be adopted in resource constrained terminals. Furthermore, the way of realizing varying levels of undo operations remains a problem. To this end, the access matrix that satisfies linear secret sharing scheme (LSSS) was optimized with Cauchy matrix, and then a user-level revocation scheme based on Chinese Remainder Theorem was proposed. Additionally, the attribute level revocation scheme which is based on the method of key encrypt key (KEK) and can help to reduce the storage overhead has also been improved.
Taha, Mohammad Bany, Chowdhury, Rasel.  2020.  GALB: Load Balancing Algorithm for CP-ABE Encryption Tasks in E-Health Environment. 2020 Fifth International Conference on Research in Computational Intelligence and Communication Networks (ICRCICN). :165–170.
Security of personal data in the e-healthcare has always been challenging issue. The embedded and wearable devices used to collect these personal and critical data of the patients and users are sensitive in nature. Attribute-Based Encryption is believed to provide access control along with data security for distributed data among multiple parties. These resources limited devices do have the capabilities to secure the data while sending to the cloud but instead it increases the overhead and latency of running the encryption algorithm. On the top of if confidentiality is required, which will add more latency. In order to reduce latency and overhead, we propose a new load balancing algorithm that will distribute the data to nearby devices with available resources to encrypt the data and send it to the cloud. In this article, we are proposing a load balancing algorithm for E-Health system called (GALB). Our algorithm is based on Genetic Algorithm (GA). Our algorithm (GALB) distribute the tasks that received to the main gateway between the devices on E-health environment. The distribution strategy is based on the available resources in the devices, the distance between the gateway and the those devices, and the complexity of the task (size) and CP-ABE encryption policy length. In order to evaluate our algorithm performance, we compare the near optimal solution proposed by GALB with the optimal solution proposed by LP.
Fang, Ying, Gu, Tianlong, Chang, Liang, Li, Long.  2020.  Algebraic Decision Diagram-Based CP-ABE with Constant Secret and Fast Decryption. 2020 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC). :98–106.
Ciphertext-policy attribute-based encryption (CP-ABE) is applied to many data service platforms to provides secure and fine-grained access control. In this paper, a new CP-ABE system based on the algebraic decision diagram (ADD) is presented. The new system makes full use of both the powerful description ability and the high calculating efficiency of ADD to improves the performance and efficiency of algorithms contained in CP-ABE. First, the new system supports both positive and negative attributes in the description of access polices. Second, the size of the secret key is constant and is not affected by the number of attributes. Third, time complexity of the key generation and decryption algorithms are O(1). Finally, this scheme allows visitors to have different access permissions to access shared data or file. At the same time, PV operation is introduced into CP-ABE framework for the first time to prevent resource conflicts caused by read and write operations on shared files. Compared with other schemes, the new scheme proposed in this paper performs better in function and efficiency.
Pradhan, Ankit, R., Punith., Sethi, Kamalakanta, Bera, Padmalochan.  2020.  Smart Grid Data Security using Practical CP-ABE with Obfuscated Policy and Outsourcing Decryption. 2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA). :1–8.
Smart grid consists of multiple different entities related to various energy management systems which share fine-grained energy measurements among themselves in an optimal and reliable manner. Such delivery is achieved through intelligent transmission and distribution networks composed of various stakeholders like Phasor Measurement Units (PMUs), Master and Remote Terminal Units (MTU and RTU), Storage Centers and users in power utility departments subject to volatile changes in requirements. Hence, secure accessibility of data becomes vital in the context of efficient functioning of the smart grid. In this paper, we propose a practical attribute-based encryption scheme for securing data sharing and data access in Smart Grid architectures with the added advantage of obfuscating the access policy. This is aimed at preserving data privacy in the context of competing smart grid operators. We build our scheme on Linear Secret Sharing (LSS) Schemes for supporting any monotone access structures and thus enhancing the expressiveness of access policies. Lastly, we analyze the security, access policy privacy and collusion resistance properties of our cryptosystem and provide an efficiency comparison as well as experimental analysis using the Charm-Crypto framework to validate the proficiency of our proposed solution.
Ravikumar, Gelli, Hyder, Burhan, Govindarasu, Manimaran.  2020.  Efficient Modeling of IEC-61850 Logical Nodes in IEDs for Scalability in CPS Security Testbed. 2020 IEEE/PES Transmission and Distribution Conference and Exposition (T D). :1–5.

Though the deep penetration of cyber systems across the smart grid sub-domains enrich the operation of the wide-area protection, control, and smart grid applications, the stochastic nature of cyber-attacks by adversaries inflict their performance and the system operation. Various hardware-in-the-loop (HIL) cyber-physical system (CPS) testbeds have attempted to evaluate the cyberattack dynamics and power system perturbations for robust wide-area protection algorithms. However, physical resource constraints and modular integration designs have been significant barriers while modeling large-scale grid models (scalability) and have limited many of the CPS testbeds to either small-scale HIL environment or complete simulation environments. This paper proposes a meticulous design and efficient modeling of IEC-61850 logical nodes in physical relays to simulate large-scale grid models in a HIL real-time digital simulator environment integrated with industry-grade hardware and software systems for wide-area power system applications. The proposed meticulous design includes multi-breaker emulation in the physical relays, which extends the capacity of a physical relay to accommodate more number of CPS interfaces in the HIL CPS security testbed environment. We have used our existing HIL CPS security testbed to demonstrate scalability by the real-time performance of ten simultaneous IEEE-39 CPS grid models. The experiments demonstrated significant results by 100% real-time performance with zero overruns, and low latency while receiving and executing control signals from physical SEL relays via IEC-61850 and DNP-3 protocols to real-time digital simulator, substation remote terminal unit (RTU) software and supervisory control and data acquisition (SCADA) software at control center.

Bogosyan, Seta, Gokasan, Metin.  2020.  Novel Strategies for Security-hardened BMS for Extremely Fast Charging of BEVs. 2020 IEEE 23rd International Conference on Intelligent Transportation Systems (ITSC). :1–7.

The increased power capacity and networking requirements in Extremely Fast Charging (XFC) systems for battery electric vehicles (BEVs) and the resulting increase in the adversarial attack surface call for security measures to be taken in the involved cyber-physical system (CPS). Within this system, the security of the BEV's battery management system (BMS) is of critical importance as the BMS is the first line of defense between the vehicle and the charge station. This study proposes an optimal control and moving-target defense (MTD) based novel approach for the security of the vehicle BMS) focusing on the charging process, during which a compromised vehicle may contaminate the XFC station and the whole grid. This paper is part of our ongoing research, which is one of the few, if not the first, reported studies in the literature on security-hardened BMS, aiming to increase the security and performance of operations between the charging station, the BMS and the battery system of electric vehicles. The developed MTD based switching strategy makes use of redundancies in the controller and feedback design. The performed simulations demonstrate an increased unpredictability and acceptable charging performance under adversarial attacks.

Diao, Yiqing, Ye, Ayong, Cheng, Baorong, Zhang, Jiaomei, Zhang, Qiang.  2020.  A Dummy-Based Privacy Protection Scheme for Location-Based Services under Spatiotemporal Correlation. 2020 International Conference on Networking and Network Applications (NaNA). :443—447.
The dummy-based method has been commonly used to protect the users location privacy in location-based services, since it can provide precise results and generally do not rely on a third party or key sharing. However, the close spatiotemporal correlation between the consecutively reported locations enables the adversary to identify some dummies, which lead to the existing dummy-based schemes fail to protect the users location privacy completely. To address this limit, this paper proposes a new algorithm to produce dummy location by generating dummy trajectory, which naturally takes into account of the spatiotemporal correlation all round. Firstly, the historical trajectories similar to the user's travel route are chosen as the dummy trajectories which depend on the distance between two trajectories with the help of home gateway. Then, the dummy is generated from the dummy trajectory by taking into account of time reachability, historical query similarity and the computation of in-degree/out-degree. Security analysis shows that the proposed scheme successfully perturbs the spatiotemporal correlation between neighboring location sets, therefore, it is infeasible for the adversary to distinguish the users real location from the dummies. Furthermore, extensive experiments indicate that the proposal is able to protect the users location privacy effectively and efficiently.
Zhu, Hong, Xia, Bing, Zhou, Dongxu, Zhang, Ming, Ma, Zhoujun.  2020.  Research on Integrated Model and Interactive Influence of Energy Internet Cyber Physical System. 2020 IEEE Sustainable Power and Energy Conference (iSPEC). :1667–1671.

Energy Internet is a typical cyber-physical system (CPS), in which the disturbance on cyber part may result in the operation risks on the physical part. In order to perform CPS assessment and research the interactive influence between cyber part and physical part, an integrated energy internet CPS model which adopts information flow matrix, energy control flow matrix and information energy hybrid flow matrix is proposed in this paper. The proposed model has a higher computational efficacy compared with simulation based approaches. Then, based on the proposed model, the influence of cyber disturbances such as data dislocation, data delay and data error on the physical part are studied. Finally, a 3 MW PET based energy internet CPS is built using PSCAD/EMTDC software. The simulation results prove the validity of the proposed model and the correctness of the interactive influence analysis.

AKCENGİZ, Ziya, Aslan, Melis, Karabayır, Özgür, Doğanaksoy, Ali, Uğuz, Muhiddin, Sulak, Fatih.  2020.  Statistical Randomness Tests of Long Sequences by Dynamic Partitioning. 2020 International Conference on Information Security and Cryptology (ISCTURKEY). :68—74.
Random numbers have a wide usage in the area of cryptography. In practice, pseudo random number generators are used in place of true random number generators, as regeneration of them may be required. Therefore because of generation methods of pseudo random number sequences, statistical randomness tests have a vital importance. In this paper, a randomness test suite is specified for long binary sequences. In literature, there are many randomness tests and test suites. However, in most of them, to apply randomness test, long sequences are partitioned into a certain fixed length and the collection of short sequences obtained is evaluated instead. In this paper, instead of partitioning a long sequence into fixed length subsequences, a concept of dynamic partitioning is introduced in accordance with the random variable in consideration. Then statistical methods are applied. The suggested suite, containing four statistical tests: Collision Tests, Weight Test, Linear Complexity Test and Index Coincidence Test, all of them work with the idea of dynamic partitioning. Besides the adaptation of this approach to randomness tests, the index coincidence test is another contribution of this work. The distribution function and the application of all tests are given in the paper.