Proceedings of the 10th Annual Cyber and Information Security Research Conference最新文献_第2页

On the Design of Jamming-Aware Safety Applications in VANETs vanet中干扰感知安全应用的设计

Proceedings of the 10th Annual Cyber and Information Security Research Conference Pub Date : 2015-04-07 DOI: 10.1145/2746266.2746273

Hani Alturkostani, Anup Chitrakar, R. Rinker, A. Krings

{"title":"On the Design of Jamming-Aware Safety Applications in VANETs","authors":"Hani Alturkostani, Anup Chitrakar, R. Rinker, A. Krings","doi":"10.1145/2746266.2746273","DOIUrl":"https://doi.org/10.1145/2746266.2746273","url":null,"abstract":"Connected vehicles communicate either with each other or with the fixed infrastructure using Dedicated Short Range Communication (DSRC). The communication is used by DSRC safety applications, such as forward collision warning, which are intended to reduce accidents. Since these safety applications operate in a critical infrastructure, reliability of the applications is essential. This research considers jamming as the source of a malicious act that could significantly affect reliability. Previous research has discussed jamming detection and prevention in the context of wireless networks in general, but little focus has been on Vehicular Ad Hoc Networks (VANET), which have unique characteristics. Other research discussed jamming detection in VANET, however it is not aligned with current DSRC standards. We propose a new jamming-aware algorithm for DSRC safety application design for VANET that increases reliability using jamming detection and consequent fail-safe behavior, without any alteration of existing protocols and standards. The impact of deceptive jamming on data rates and the impact of the jammer's data rate were studied using actual field measurements. Finally, we show the operation of the jamming-aware algorithm using field data.","PeriodicalId":106769,"journal":{"name":"Proceedings of the 10th Annual Cyber and Information Security Research Conference","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122234951","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 5

Controlling Combinatorial Complexity in Software and Malware Behavior Computation 软件组合复杂度控制与恶意软件行为计算

Proceedings of the 10th Annual Cyber and Information Security Research Conference Pub Date : 2015-04-07 DOI: 10.1145/2746266.2746281

M. Pleszkoch, R. Linger

{"title":"Controlling Combinatorial Complexity in Software and Malware Behavior Computation","authors":"M. Pleszkoch, R. Linger","doi":"10.1145/2746266.2746281","DOIUrl":"https://doi.org/10.1145/2746266.2746281","url":null,"abstract":"Virtually all software is out of intellectual control in that no one knows its full behavior. Software Behavior Computation (SBC) is a new technology for understanding everything software does. SBC applies the mathematics of denotational semantics implemented by function composition in Functional Trace Tables (FTTs) to compute the behavior of programs, expressed as disjoint cases of conditional concurrent assignments. In some circumstances, combinatorial explosions in the number of cases can occur when calculating the behavior of sequences of multiple branching structures. This paper describes computational methods that avoid combinatorial explosions. The predicates that control branching structures such as ifthenelses can be organized into three categories: 1) Independent, resulting in no behavior case explosion, 2) Coordinated, resulting in two behavior cases, or 3) Goal-oriented, with potential exponential growth in the number of cases. Traditional FTT-based behavior computation can be augmented by two additional computational methods, namely, Single-Value Function Abstractions (SVFAs) and, introduced in this paper, Relational Trace Tables (RTTs). These methods can be applied to the three predicate categories to avoid combinatorial growth in behavior cases while maintaining mathematical correctness.","PeriodicalId":106769,"journal":{"name":"Proceedings of the 10th Annual Cyber and Information Security Research Conference","volume":"80 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116372683","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 4

Proceedings of the 10th Annual Cyber and Information Security Research Conference 第十届网络与信息安全研究年会论文集

Proceedings of the 10th Annual Cyber and Information Security Research Conference Pub Date : 2015-04-07 DOI: 10.1145/2746266

Joseph P. Trien, S. Prowell, R. A. Bridges, J. Goodall

引用次数: 3

Automobile ECU Design to Avoid Data Tampering 避免数据篡改的汽车ECU设计

Proceedings of the 10th Annual Cyber and Information Security Research Conference Pub Date : 2015-04-07 DOI: 10.1145/2746266.2746276

Lu Yu, Juan Deng, R. Brooks, S. Yun

引用次数: 26

Risk and Vulnerability Assessment Using Cybernomic Computational Models: Tailored for Industrial Control Systems 使用控制论计算模型的风险和脆弱性评估:为工业控制系统量身定制

Proceedings of the 10th Annual Cyber and Information Security Research Conference Pub Date : 2015-04-07 DOI: 10.1145/2746266.2746284

R. Abercrombie, Frederick T. Sheldon, Bob G. Schlicher

{"title":"Risk and Vulnerability Assessment Using Cybernomic Computational Models: Tailored for Industrial Control Systems","authors":"R. Abercrombie, Frederick T. Sheldon, Bob G. Schlicher","doi":"10.1145/2746266.2746284","DOIUrl":"https://doi.org/10.1145/2746266.2746284","url":null,"abstract":"In cybersecurity, there are many influencing economic factors to weigh. This paper considers the defender-practitioner stakeholder points-of-view that involve cost combined with development and deployment considerations. Some examples include the cost of countermeasures, training and maintenance as well as the lost opportunity cost and actual damages associated with a compromise. The return on investment (ROI) from countermeasures comes from saved impact costs (i.e., losses from violating availability, integrity, confidentiality or privacy requirements). A measured approach that informs cybersecurity practice is pursued toward maximizing ROI. To this end for example, ranking threats based on their potential impact focuses security mitigation and control investments on the highest value assets, which represent the greatest potential losses. The traditional approach uses risk exposure (calculated by multiplying risk probability by impact). To address this issue in terms of security economics, we introduce the notion of Cybernomics. Cybernomics considers the cost/benefits to the attacker/defender to estimate risk exposure. As the first step, we discuss the likelihood that a threat will emerge and whether it can be thwarted and if not what will be the cost (losses both tangible and intangible). This impact assessment can provide key information for ranking cybersecurity threats and managing risk.","PeriodicalId":106769,"journal":{"name":"Proceedings of the 10th Annual Cyber and Information Security Research Conference","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130434841","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 3

Android Malware Static Analysis Techniques Android恶意软件静态分析技术

Proceedings of the 10th Annual Cyber and Information Security Research Conference Pub Date : 2015-04-07 DOI: 10.1145/2746266.2746271

Suzanna E. Schmeelk, Junfeng Yang, A. Aho

引用次数: 25

In-Vehicle Networks: Attacks, Vulnerabilities, and Proposed Solutions 车载网络:攻击、漏洞和建议的解决方案

Proceedings of the 10th Annual Cyber and Information Security Research Conference Pub Date : 2015-04-07 DOI: 10.1145/2746266.2746267

Paulsohn Carsten, T. Andel, M. Yampolskiy, J. McDonald

引用次数: 59

Authentication Bypass and Remote Escalated I/O Command Attacks 认证绕过和远程升级I/O命令攻击

Proceedings of the 10th Annual Cyber and Information Security Research Conference Pub Date : 2015-04-07 DOI: 10.1145/2746266.2746268

Ryan Grandgenett, W. Mahoney, R. Gandhi

{"title":"Authentication Bypass and Remote Escalated I/O Command Attacks","authors":"Ryan Grandgenett, W. Mahoney, R. Gandhi","doi":"10.1145/2746266.2746268","DOIUrl":"https://doi.org/10.1145/2746266.2746268","url":null,"abstract":"The Common Industrial Protocol (CIP) is a widely used Open DeviceNet Vendors Association (ODVA) standard [14]. CIP is an application-level protocol for communication between components in an industrial control setting such as a Supervisory Control And Data Acquisition (SCADA) environment. We present exploits for authentication and privileged I/O in a CIP implementation. In particular, Allen Bradley's implementation of CIP communications between its programming software and Programmable Logic Controllers (PLCs) is the target of our exploits. Allen Bradley's RSLogix 5000 software supports programming and centralized monitoring of Programmable Logic Controllers (PLCs) from a desktop computer. In our test bed, ControlLogix EtherNet/IP Web Server Module (1756-EWEB) allows the PLC Module (5573-Logix) to be programmed, monitored and controlled by RSLogix 5000 over an Ethernet LAN. Our vulnerability discovery process included examination of CIP network traffic and reverse engineering the RSLogix 5000 software. Our findings have led to the discovery of several vulnerabilities in the protocol, including denial-of-service attacks, but more significantly and recently the creation of an authentication bypass and remote escalated privileged I/O command exploit. The exploit abuses RSLogix 5000's use of hard-coded credentials for outbound communication with other SCADA components. This paper provides a first public disclosure of the vulnerability, exploit development process, and results.","PeriodicalId":106769,"journal":{"name":"Proceedings of the 10th Annual Cyber and Information Security Research Conference","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127523242","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 9

Preventing Cyber-induced Irreversible Physical Damage to Cyber-Physical Systems 防止网络对网络-物理系统造成不可逆转的物理损害

Proceedings of the 10th Annual Cyber and Information Security Research Conference Pub Date : 2015-04-07 DOI: 10.1145/2746266.2746274

Jaewon Yang, Xiuwen Liu, Shamik Bose

{"title":"Preventing Cyber-induced Irreversible Physical Damage to Cyber-Physical Systems","authors":"Jaewon Yang, Xiuwen Liu, Shamik Bose","doi":"10.1145/2746266.2746274","DOIUrl":"https://doi.org/10.1145/2746266.2746274","url":null,"abstract":"Ever since the discovery of the Stuxnet malware, there have been widespread concerns about disasters via cyber-induced physical damage on critical infrastructures. Cyber physical systems (CPS) integrate computation and physical processes; such infrastructure systems are examples of cyber-physical systems, where computation and physical processes are integrated to optimize resource usage and system performance. The inherent security weaknesses of computerized systems and increased connectivity could allow attackers to alter the systems' behavior and cause irreversible physical damage, or even worse cyber-induced disasters. However, existing security measures were mostly developed for cyber-only systems and they cannot be effectively applied to CPS directly. Thus, new approaches to preventing cyber physical system disasters are essential. We recognize very different characteristics of cyber and physical components in CPS, where cyber components are flexible with large attack surfaces while physical components are inflexible and relatively simple with very small attack surfaces. This research focuses on the components where cyber and physical components interact. Securing cyber-physical interfaces will complete a layer-based defense strategy in the \"Defense in Depth Framework\". In this paper we propose Trusted Security Modules as a systematic solution to provide a guarantee of preventing cyber-induced physical damage even when operating systems and controllers are compromised. TSMs will be placed at the interface between cyber and physical components by adapting the existing integrity enforcing mechanisms such as Trusted Platform Module, Control-Flow Integrity, and Data-Flow Integrity.","PeriodicalId":106769,"journal":{"name":"Proceedings of the 10th Annual Cyber and Information Security Research Conference","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133110576","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 1