发布求助
文献互助 智能选刊 最新文献

Proceedings of the 18th International Conference on Availability, Reliability and Security最新文献

筛选
英文 中文
Formal Security Analysis of Vehicle Diagnostic Protocols 车辆诊断协议的正式安全性分析
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3600184
Timm Lauser, C. Krauß
{"title":"Formal Security Analysis of Vehicle Diagnostic Protocols","authors":"Timm Lauser, C. Krauß","doi":"10.1145/3600160.3600184","DOIUrl":"https://doi.org/10.1145/3600160.3600184","url":null,"abstract":"Diagnostic protocols for vehicles are important for maintenance, updates, etc. However, if they are not secure, an attacker can use them as an entry point to the vehicle or even directly access critical functionality. In this paper, we discuss the security of the vehicle diagnostics protocols Diagnostics over IP (DoIP) and Unified Diagnostic Services (UDS). For UDS, we provide a formal analysis of the included security protocols SecurityAccess service and the different variants of the new Authentication service introduced in the year 2020. We present two new vulnerabilities, we identified in our analyses, describe how they can be mitigated and formally verify our mitigations. Furthermore, we give recommendations on how to securely implement UDS and how future standards can be improved.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132737676","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Breaching the Defense: Investigating FGSM and CTGAN Adversarial Attacks on IEC 60870-5-104 AI-enabled Intrusion Detection Systems 突破防御:调查针对IEC 60870-5-104人工智能入侵检测系统的FGSM和CTGAN对抗性攻击
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605163
D. C. Asimopoulos, Panagiotis I. Radoglou-Grammatikis, Ioannis Makris, V. Mladenov, Konstantinos E. Psannis, S. Goudos, P. Sarigiannidis
{"title":"Breaching the Defense: Investigating FGSM and CTGAN Adversarial Attacks on IEC 60870-5-104 AI-enabled Intrusion Detection Systems","authors":"D. C. Asimopoulos, Panagiotis I. Radoglou-Grammatikis, Ioannis Makris, V. Mladenov, Konstantinos E. Psannis, S. Goudos, P. Sarigiannidis","doi":"10.1145/3600160.3605163","DOIUrl":"https://doi.org/10.1145/3600160.3605163","url":null,"abstract":"In the digital age of the hyper-connected Critical Infrastructures (CIs), the role of the smart electrical grid is crucial, providing several benefits, such as improved grid resilience, efficient energy distribution and smart load and response management. However, despite the several advantages, the rapid evolution of the heterogeneous technologies involved in the smart electrical grid increases the attack surface. In this paper, we focus first our attention on how Artificial Intelligence (AI) can be used to protect the smart electrical grid in terms of detecting efficiently potential cyberattacks and anomalies. Secondly, we investigate how AI can be used to trick AI-enabled detection services, thus resulting in false alarms. In particular, we emphasise on cyberattacks against IEC 60870-5-104, an industrial communication protocol which is widely used in the energy domain. Therefore, a relevant AI-powered Intrusion Detection System (IDS) is provided, utilising strong Machine Learning (ML)/Deep Learning (DL) methods, such as Decision Tree, Random Forest, XGBOOST and deep MultiLayer Perceptron (MLP). On the other hand, we investigate how adversarial attacks can affect the detection performance of the previous IDS. For this purpose, the Fast Gradient Signed Method (FGSM) is examined, and a Conditional Tabular Generative Adversarial Network (CTGAN) adversarial attack generator is implemented. The evaluation results demonstrate the efficiency of the proposed IDS and the aforementioned adversarial attacks.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133778259","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Experiences with Secure Pipelines in Highly Regulated Environments 在高度管制的环境中有安全管道的经验
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605466
J. Morales, Hasan Yasar
{"title":"Experiences with Secure Pipelines in Highly Regulated Environments","authors":"J. Morales, Hasan Yasar","doi":"10.1145/3600160.3605466","DOIUrl":"https://doi.org/10.1145/3600160.3605466","url":null,"abstract":"In this experiential paper, we present observations from our collaborative efforts with multiple entities operating in highly regulated environments that enabled or disrupted the construction, use, and sustainment of secure CI/CD pipelines as part of a larger DevSecOps strategy. From these observations, we provide insights and recommendations to support enablers and avoid or minimize disruptions. Our insights reveal that along with noted established progress in the area of secure pipelines, there still exists a need to amend multiple cultural and technical barriers to fully realize secure pipelines in a highly regulated environment. Areas of improvement include streamlining security approvals, revising and updating polices to relevance with current technology, increasing automation in multiple pipeline relevant tasking, improving inquiries to better understand pipeline requirements at commencement, and ensuring appropriate sustained training of technical staff. Recommendations presented here address observed gap areas with the purpose of assisting further advancement of achieving formal and refined pipeline incorporation in a highly regulated environment.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114405399","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Effect of Group Based Synchronization on User Anonymity in Mix Networks 混合网络中基于组的同步对用户匿名性的影响
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3604998
Alperen Aksoy, Dogan Kesdogan
{"title":"Effect of Group Based Synchronization on User Anonymity in Mix Networks","authors":"Alperen Aksoy, Dogan Kesdogan","doi":"10.1145/3600160.3604998","DOIUrl":"https://doi.org/10.1145/3600160.3604998","url":null,"abstract":"In so-called closed environments, the MIX network can theoretically provide perfect security, i.e. if perfect protection is envisaged, all senders and receivers should be perfectly synchronized and participate equally in each communication round of the MIX technique. In the context of open environments (e.g., the Internet), there is no synchronization between the participants and here the technique is vulnerable to known analyses such as (statistical) disclosure attacks. In short, the Mix technology is highly dependent on its application context in which it involves the participants. In this work, we study the effect of context in terms of synchronization rate, present two different synchronization approaches and evaluate their protection against disclosure attacks.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123954416","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
ICSvertase: A Framework for Purpose-based Design and Classification of ICS Honeypots ICSvertase:基于目的的ICS蜜罐设计与分类框架
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605020
Stash Kempinski, Shuaib Ichaarine, Savio Sciancalepore
{"title":"ICSvertase: A Framework for Purpose-based Design and Classification of ICS Honeypots","authors":"Stash Kempinski, Shuaib Ichaarine, Savio Sciancalepore","doi":"10.1145/3600160.3605020","DOIUrl":"https://doi.org/10.1145/3600160.3605020","url":null,"abstract":"As attacks on Industrial Control Systems (ICS) are increasing, the design and deployment of ICS honeypots is gaining momentum as a way to prevent, detect, and research them. However, ICS honeypot creators hardly explicitly consider what adversary behavior they want to capture, potentially creating honeypots that may not completely fulfill their intended purpose. At the same time, ICS honeypots are classified using the traditional interaction level scheme which is unsuitable for ICS due to its unique properties. In turn, these issues make it hard for potential users to systematically determine the suitability of an ICS honeypot for their use case. To tackle these problems, in this paper we introduce ICSvertase, a novel framework allowing for structural reasoning about ICS honeypots. ICSvertase integrates several existing components from the ATT&CK for ICS and Engage frameworks provided by MITRE and extends them with novel elements. ICSvertase provides a novel approach to helping companies and users in several real-world use cases, such as choosing the most suitable existing ICS honeypot, designing new ICS honeypots, and classifying existing ones in a more fine-grained way. To show ICSvertase’s benefits, we provide examples for these real-world use cases and compare them to their traditional counterparts.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123956575","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An Improved Honeypot Model for Attack Detection and Analysis 一种改进的蜜罐攻击检测与分析模型
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3604993
Marwan Abbas-Escribano, Hervé Debar
{"title":"An Improved Honeypot Model for Attack Detection and Analysis","authors":"Marwan Abbas-Escribano, Hervé Debar","doi":"10.1145/3600160.3604993","DOIUrl":"https://doi.org/10.1145/3600160.3604993","url":null,"abstract":"This paper presents a new model and design for honeypots, and the results obtained the implementation and exposure on the internet of an high interaction honeypot. We show that our model can allow higher interaction with attackers while preserving integrity and attractiveness. In our work, we use threat analysis based on the MITRE ATT&CK taxonomy to describe the design and supervision constraints of our honeypot with it’s situation in our implemented architecture. We exposed our infrastructure during seventeen days and collected information about several actors and attack methods, from which we extracted previously undocumented Indicators of Compromise.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129775781","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Exploiting Digital Twin technology for Cybersecurity Monitoring in Smart Grids 利用数字孪生技术实现智能电网网络安全监测
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605043
L. Coppolino, Roberto Nardone, Alfredo Petruolo, L. Romano, A. Souvent
{"title":"Exploiting Digital Twin technology for Cybersecurity Monitoring in Smart Grids","authors":"L. Coppolino, Roberto Nardone, Alfredo Petruolo, L. Romano, A. Souvent","doi":"10.1145/3600160.3605043","DOIUrl":"https://doi.org/10.1145/3600160.3605043","url":null,"abstract":"The adoption of Digital Twin technology has witnessed significant growth in various domains, enabling continuous monitoring and testing in diverse applications. In the context of safeguarding critical infrastructures, particularly smart grids, Digital Twin has emerged as a viable solution to meet the requirements outlined in the NIS2 directive issued by the European Commission. Additionally, the increasing trend in Europe towards establishing shared dataspaces, and fostering collaborative environments through data sharing, necessitates a heightened focus on cybersecurity risks. This study focuses on enhancing cybersecurity measures in critical infrastructure, with a specific emphasis on the energy sector and smart grids. To achieve this objective, a robust architecture is proposed for the cybersecurity monitoring of a smart power and distribution grid. The proposed approach involves the transformation of a system model, conforming to the Common Information Model standard for the power system domain, into a digital twin model powered by FIWARE, an open-source platform. The architecture incorporates a SIEM (Security Information and Event Management) solution built on open-source technologies. A comprehensive validation is conducted through a real-world case study, providing empirical evidence of the effectiveness of the proposed approach.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128506715","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Dynamic Intrusion Detection Framework for UAVCAN Protocol Using AI 基于AI的无人机can协议动态入侵检测框架
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605071
Fadhila Tlili, S. Ayed, Lamia CHAARI FOURATI
{"title":"Dynamic Intrusion Detection Framework for UAVCAN Protocol Using AI","authors":"Fadhila Tlili, S. Ayed, Lamia CHAARI FOURATI","doi":"10.1145/3600160.3605071","DOIUrl":"https://doi.org/10.1145/3600160.3605071","url":null,"abstract":"Industry 4.0 is going through a transitional period via the radically automotive transformations. In particular, unmanned aerial vehicles have significantly contributed to the development of intelligent and connected transportation systems. Thus, the continuous development using diverse technologies to achieve a variety of high-performance services raised the security concerns regarding communicating entities. Thus, being managed by networked controllers, UAVs uses controller area networks (CAN) protocol to broadcast information in a bus. However, this protocol is used as a de facto standard which does not have sufficient security features that raise the security risks. This issue caught the attention of the automotive industry researchers and several studies have attempted to improve the security of the CAN protocol attack detection. However, the proposed studies established general perspective solution and did not pay attention to UAVCAN attack detection. To alleviate these concerns, this paper proposed a dynamic intrusion detection frameworks (DIDF) for UAVCAN. The proposed UAVCAN DIDF scheme adopts an artificial intelligence (AI) based model to achieve high detection performance. We performed experiments using public UAVCAN dataset to evaluate our detection system. The experimental results demonstrate that UAVCAN DIDF has significantly reached a high detection rate with a high true positive and a low false negative rate. The simulation results are encouraging and demonstrate the effectiveness of UAVCAN DIDF.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127374301","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
TRUSTEE: Towards the creation of secure, trustworthy and privacy-preserving framework 受托人:致力于建立安全、可信和隐私保护的框架
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3604997
Dr Sarwar Sayeed, N. Pitropakis, W. Buchanan, E. Markakis, Dimitra Papatsaroucha, Ilias Politis
{"title":"TRUSTEE: Towards the creation of secure, trustworthy and privacy-preserving framework","authors":"Dr Sarwar Sayeed, N. Pitropakis, W. Buchanan, E. Markakis, Dimitra Papatsaroucha, Ilias Politis","doi":"10.1145/3600160.3604997","DOIUrl":"https://doi.org/10.1145/3600160.3604997","url":null,"abstract":"Digital transformation is a method where new technologies replace the old to meet essential organisational requirements and enhance the end-user experience. Technological transformation often improvises the manner in which a facility or resources are delivered to the recipient. Data is one of the key assets of every organisation which influences significantly reaching the long-term objective. Thus, the entities, as well as technologies involved in the data management process, have a significant role to play to secure different data types. However, the traditional data governance process often follows a centralised approach and thus resulting in various cyber attacks, whereas the distributed approaches are mostly research prototypes and often comprise various security challenges. Security incidents such as data theft fabricate the integrity of confidential data and thus the consequences are often disastrous. To address the challenges, we introduce TRUSTEE, a data-driven platform which aims to provide a secure and privacy-by-design framework to empower companies, organisations, and individuals to access different data domains, use and re-use the data and metadata to extract knowledge with trust and confidentiality. In this paper, we assess the effectiveness of the platform by reviewing the potential challenges and threats associated with the incorporated technologies. Our research emphasises the efficacy of distributed technologies to indicate their significance in data integrity and security.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127547700","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Network Covert Channels in Routing Protocols 路由协议中的网络隐蔽通道
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605021
Michael Schneider, Daniel Spiekermann, J. Keller
{"title":"Network Covert Channels in Routing Protocols","authors":"Michael Schneider, Daniel Spiekermann, J. Keller","doi":"10.1145/3600160.3605021","DOIUrl":"https://doi.org/10.1145/3600160.3605021","url":null,"abstract":"Computer networks play a key role in everyday lives. To guarantee fail-safe operation, routing protocols are used that enable dynamic routing via redundant paths. Because of this, routing protocols like RIP or OSPF play an important role in modern network infrastructures. The widespread use together with the mostly missing traffic monitoring of these protocols provide a possible base to exploit these protocols for network steganographic channels. In this paper, we present a novel storage covert channel based on the OSPF routing protocol. We analyzed the protocol in detail with the help of hiding patterns to identify protocol fields that might be suitable for covert communication. We provide a proof-of-concept implementation of our covert channel inside a simulated network, which demonstrates the possibility of covert communication in a routing protocol. Our evaluation covers detectability and countermeasures, steganographic bandwidth and robustness. Furthermore, we sketch an application scenario where such a covert channel can be deployed.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128923850","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信