发布求助
文献互助 智能选刊 最新文献

Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems最新文献

筛选
英文 中文
Trustworthy Data Analysis and Sensor Data Protection in Cyber-Physical Systems 网络物理系统中可信数据分析与传感器数据保护
Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems Pub Date : 2021-04-28 DOI: 10.1145/3445969.3450432
D. Ulybyshev, Ibrahim Yilmaz, B. Northern, V. Kholodilo, Mike Rogers
{"title":"Trustworthy Data Analysis and Sensor Data Protection in Cyber-Physical Systems","authors":"D. Ulybyshev, Ibrahim Yilmaz, B. Northern, V. Kholodilo, Mike Rogers","doi":"10.1145/3445969.3450432","DOIUrl":"https://doi.org/10.1145/3445969.3450432","url":null,"abstract":"Cyber-Physical Systems are widely used in critical infrastructures such as the power grids, water purification systems, nuclear plants, oil refinery and compressor plants, food manufacturing, etc. Anomalies in these systems can be a result of cybersecurity attacks, failed sensors or communication channels. Undetected anomalies may lead to process failure, cause financial damage and have significant impact on human lives. Thus, it is important to detect anomalies at early stages and to protect data in Cyber-Physical Systems. In this paper, we propose the novel on-the-fly NIST-compliant key generation scheme for a secure data container used to transfer and store sensor data. The data container delivers data from the low-level field sensors to high-level data analysis servers in a protected form. It provides data confidentiality and integrity, as well as data origin integrity, a fine-grained role-based and attribute-based access control. As a result, the anomaly detector runs on trustworthy data sets, protected from unauthorized adversarial modifications. Our solution can be easily integrated with many existing Cyber-Physical Systems and IT infrastructures since our secure data container supports RESTful API and is implemented in two modifications: (1) signed, watermarked and encrypted spreadsheet file; (2) signed and encrypted JSON file. In addition, we implemented several machine learning models based on a Random Forest, a k-Nearest Neighbors, a Support Vector Machine and a Neural Network algorithms for the detection of various anomalies and attacks in a gas pipeline system. We will demonstrate that our anomaly detection models achieve high detection rate with an average accuracy of 97.7% for two industrial data sets collected by the Mississippi State University's Critical Infrastructure Protection Center and Oak Ridge National Laboratories (ORNL)","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115150565","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A Matrix for Systematic Selection of Authentication Mechanisms in Challenging Healthcare related Environments 在具有挑战性的医疗保健相关环境中系统选择身份验证机制的矩阵
Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems Pub Date : 2021-04-28 DOI: 10.1145/3445969.3450424
Michael Grabatin, M. Steinke, Daniela Pöhn, Wolfgang Hommel
{"title":"A Matrix for Systematic Selection of Authentication Mechanisms in Challenging Healthcare related Environments","authors":"Michael Grabatin, M. Steinke, Daniela Pöhn, Wolfgang Hommel","doi":"10.1145/3445969.3450424","DOIUrl":"https://doi.org/10.1145/3445969.3450424","url":null,"abstract":"Passwords continue to dominate the authentication landscape, while One Time Passwords (OTPs) provided by apps are increasingly used as second factor. Even though several alternatives are developed, very few regard usability. Even fewer alternatives consider special conditions of authentication, like disabilities and other input restrictions, typical for healthcare workers. In this paper, we show shortcomings by the example of different stages within the care cycle. Generalized requirements are used to evaluate existing authentication mechanisms. These findings result in the design of a matrix showing different authentication methods and requirements. The matrix can be used to identify the best fitting authentication mechanisms based on the needs of the scenario. Not only the first factor can be identified, but the matrix also helps to select additional well-fitting authentication mechanism for a specific scenario. The designed matrix is practically underlined by applying it to the care cycle with different cyber-physical systems (CPS).","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116172254","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Generating Threat Models and Attack Graphs based on the IEC 61850 System Configuration description Language 基于IEC 61850系统配置描述语言生成威胁模型和攻击图
Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems Pub Date : 2021-04-28 DOI: 10.1145/3445969.3450421
E. Ling, M. Ekstedt
{"title":"Generating Threat Models and Attack Graphs based on the IEC 61850 System Configuration description Language","authors":"E. Ling, M. Ekstedt","doi":"10.1145/3445969.3450421","DOIUrl":"https://doi.org/10.1145/3445969.3450421","url":null,"abstract":"Due to our dependency on electricity, it is vital to keep our power systems secure from cyber attacks. However, because power systems are being digitalized and the infrastructure is growing increasingly complicated, it is difficult to gain an overview and secure the entire system. An overview of the potential security vulnerabilities can be achieved with threat modeling. The Meta Attack Language (MAL) is a formalism that enables the development of threat modeling languages that can be used to automatically generate attack graphs and conduct simulations over them. In this article we present the MAL-based language SCL-Lang which has been created based on the System description Configuration Language (SCL) as defined in the IEC 61850 standard. With SCL-Lang one can create threat models of substations based on their SCL files and automatically find information regarding potential cyber attack paths in the substation automation system configuration. This enables structured cyber security analysis for evaluating various design scenarios before implementation.","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130688146","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Artificial Intelligence Assisted Malware Analysis 人工智能辅助恶意软件分析
Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems Pub Date : 2021-04-28 DOI: 10.1145/3445969.3450433
Mahmoud Abdelsalam, Maanak Gupta, Sudip Mittal
{"title":"Artificial Intelligence Assisted Malware Analysis","authors":"Mahmoud Abdelsalam, Maanak Gupta, Sudip Mittal","doi":"10.1145/3445969.3450433","DOIUrl":"https://doi.org/10.1145/3445969.3450433","url":null,"abstract":"This tutorial provides a review of the state-of-the-art research and the applications of Artificial Intelligence and Machine Learning for malware analysis. We will provide an overview, background and results with respect to the three main malware analysis approaches: static malware analysis, dynamic malware analysis and online malware analysis. Further, we will provide a simplified hands-on tutorial of applying ML algorithm for dynamic malware analysis in cloud IaaS.","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129566643","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
A Data-based Protocol for One-way Trust in Inter-vehicular Communication 基于数据的车际通信单向信任协议
Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems Pub Date : 2021-04-28 DOI: 10.1145/3445969.3450430
Stephen Ly, Yuan Cheng
{"title":"A Data-based Protocol for One-way Trust in Inter-vehicular Communication","authors":"Stephen Ly, Yuan Cheng","doi":"10.1145/3445969.3450430","DOIUrl":"https://doi.org/10.1145/3445969.3450430","url":null,"abstract":"As autonomous vehicles fill the roads and more manufacturers join the trend, the need for a unified communication protocol grows. Current paradigms in vehicle-to-vehicle communication are too slow to provide accurate and meaningful traffic data in a timely fashion, and it is difficult to trust that incoming data is correct without an authoritative server verifying the sender's identity. This paper introduces a protocol for peer-to-peer exchanges of positional data that determines the trust level of a particular message by comparing matching object data hashes. Similar in concept to non-interactive zero-knowledge proofs, the design retains the privacy and anonymity of senders and is relatively fast compared to certificate-based solutions under a reasonable traffic load. Our preliminary experiment shows promising results, with much faster runtimes compared to similar cryptographic solutions. Although the current implementation is still rough around the edges, the basic design can provide the groundwork for future paradigms in inter-vehicular communication without depending on expensive cryptographic operations performed on special or more powerful hardware. This opens doors for protocols that can be run on current vehicles without requiring the collective processing power of all vehicles to increase.","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132182528","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Vulnerability Assessment of the Rowhammer Attack Using Machine Learning and the gem5 Simulator - Work in Progress 使用机器学习和gem5模拟器的Rowhammer攻击漏洞评估-正在进行中
Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems Pub Date : 2021-04-28 DOI: 10.1145/3445969.3450425
Loïc France, M. Mushtaq, Florent Bruguier, D. Novo, P. Benoit
{"title":"Vulnerability Assessment of the Rowhammer Attack Using Machine Learning and the gem5 Simulator - Work in Progress","authors":"Loïc France, M. Mushtaq, Florent Bruguier, D. Novo, P. Benoit","doi":"10.1145/3445969.3450425","DOIUrl":"https://doi.org/10.1145/3445969.3450425","url":null,"abstract":"Modern computer memories have been shown to have reliability issues. The main memory is the target of a security attack called Rowhammer, which causes bit flips in adjacent victim cells of aggressor rows. Multiple mitigation techniques have been proposed to counter this issue, but they all come at a non-negligible cost of performance and/or silicon surface. Some techniques rely on a detection mechanism using row access counters to trigger automatic defenses. In this paper, we propose a tool to build a system-specific detection mechanism using gem5 to simulate the system and Machine Learning to detect the attack by analyzing hardware event traces. The detection mechanism built with our tool shows high accuracy (over 99.5%) and low latency (maximum 474µs to classify when running offline in software) to detect an attack before completion.","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"5 9","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"113973560","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
A Flexible Security Analytics Service for the Industrial IoT 面向工业物联网的灵活安全分析服务
Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems Pub Date : 2021-04-28 DOI: 10.1145/3445969.3450427
Philip Empl, G. Pernul
{"title":"A Flexible Security Analytics Service for the Industrial IoT","authors":"Philip Empl, G. Pernul","doi":"10.1145/3445969.3450427","DOIUrl":"https://doi.org/10.1145/3445969.3450427","url":null,"abstract":"In Cloud Computing, the cloud serves as a central data hub for the Industrial Internet of Things' (IIoT) data and is deployed in diverse application fields, e.g., Smart Grid or Smart Manufacturing. Therefore, the aggregated and contextualized data is bundled in a central data hub, bringing tremendous cybersecurity advantages. Given the threat landscape in IIoT systems, especially SMEs (small and medium-sized enterprises) need to be prepared regarding their cybersecurity, react quickly, and strengthen their overall cybersecurity. For instance, with the application of machine learning algorithms, security-related data can be analyzed predictively in order to be able to ward off a potential attack at an early stage. Since modern reference architectures for IIoT systems, such as RAMI 4.0 or IIRA, consider cybersecurity approaches on a high level and SMEs lack financial funds and knowledge, this paper conceptualizes a security analytics service used as a security add-on to these reference architectures. Thus, this paper conceptualizes a flexible security analytics service that implements security capabilities with flexible analytical techniques that fit specific SMEs' needs. The security analytics service is also evaluated with a real-world use case.","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127821002","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Session details: Session 3: Tutorial 会话详细信息:会话3:教程
Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems Pub Date : 2021-04-28 DOI: 10.1145/3460497
Mahmoud Abdelsalam
{"title":"Session details: Session 3: Tutorial","authors":"Mahmoud Abdelsalam","doi":"10.1145/3460497","DOIUrl":"https://doi.org/10.1145/3460497","url":null,"abstract":"","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122933755","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Session details: Session 4: Miscellaneous Topics 会议详情:会议4:Miscellaneous Topics
Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems Pub Date : 2021-04-28 DOI: 10.1145/3460498
Nisha Panwar
{"title":"Session details: Session 4: Miscellaneous Topics","authors":"Nisha Panwar","doi":"10.1145/3460498","DOIUrl":"https://doi.org/10.1145/3460498","url":null,"abstract":"","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"54 3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131877658","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Session details: Session 1: AI for CPS Security 会话详细信息:会话1:AI for CPS Security
Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems Pub Date : 2021-04-28 DOI: 10.1145/3460495
Heena Rathore
{"title":"Session details: Session 1: AI for CPS Security","authors":"Heena Rathore","doi":"10.1145/3460495","DOIUrl":"https://doi.org/10.1145/3460495","url":null,"abstract":"","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128576490","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信