Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security最新文献

{"title":"Evaluation of Apple iDevice Sensors as a Potential Relay Attack Countermeasure for Apple Pay","authors":"Gareth Haken, K. Markantonakis, Iakovos Gurulian, Carlton Shepherd, Raja Naeem Akram","doi":"10.1145/3055186.3055201","DOIUrl":"https://doi.org/10.1145/3055186.3055201","url":null,"abstract":"Traditional countermeasures to relay attacks are difficult to implement on mobile devices due to hardware limitations. Establishing proximity of a payment device and terminal is the central notion of most relay attack countermeasures, and mobile devices offer new and exciting possibilities in this area of research. One such possibility is the use of on-board sensors to measure ambient data at both the payment device and terminal, with a comparison made to ascertain whether the device and terminal are in close proximity. This project focuses on the iPhone, specifically the iPhone 6S, and the potential use of its sensors to both establish proximity to a payment terminal and protect Apple Pay against relay attacks. The iPhone contains 12 sensors in total, but constraints introduced by payment schemes mean only 5 were deemed suitable to be used for this study. A series of mock transactions and relay attack attempts are enacted using an iOS application written specifically for this study. Sensor data is recorded, and then analysed to ascertain its accuracy and suitability for both proximity detection and relay attack countermeasures.","PeriodicalId":140504,"journal":{"name":"Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security","volume":"62 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124975798","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"On the Disappearing Boundary Between Digital, Physical, and Social Spaces: Who, What, Where and When?","authors":"B. Nuseibeh","doi":"10.1145/3055186.3055190","DOIUrl":"https://doi.org/10.1145/3055186.3055190","url":null,"abstract":"Boundaries play a critical role in the systems development process. In software engineering, boundaries are used to scope the real world problems that the software is required to address, and to scope the design solutions through which the software will meet its requirements. In security engineering, boundaries delimit the points at which assets may be legitimately accessed or the defences that attackers seek to breach. Cyber physical systems (CPS) add another set of boundaries that require consideration - the boundaries between the digital and the physical spaces that the CPS inhabit, as well as the boundaries with the social spaces in which such systems will operate. These boundaries have been the bedrock upon which developers build software, systems, and security capabilities. They help manage complexity of systems, organise their development, and manage their deployment. However, the views and behaviours of \"end users\" of CPS - legitimate or otherwise - do not always align with the separation of concerns embodied by such boundaries. Legitimate users, for example, may see a CPS as a single provider of services and functions, and may not find it useful to separate digital, physical, and social considerations. Similarly, malicious users may intentionally exploit the larger attack surfaces presented by a CPS, and actively exploit the design or accidental interplay between digital, physical, and social spaces. Thus, in a world of disappearing boundaries, there is sometimes what appears to be a conflicting need to make these boundaries visible and explicit. In our research work, we explore the development of software-intensive systems deployed in such a world, and set this against the development of secure, privacy-aware, forensics-ready systems, where boundaries need to be recognised and managed. We suggest some technical contributions that may contribute to addressing some of the research challenges in the area, including techniques for engineering adaptive software, collaborative security, and topology awareness. We contextualise our research in cyber-physical-social systems, which we argue provide research challenges to the community that go beyond any single technical discipline such as software or security engineering. Indeed we further argue, and demonstrate, that considerations of the interplay of security and human behaviour are fundamental to tackling some of the key challenges of developing secure cyber physical systems.","PeriodicalId":140504,"journal":{"name":"Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125265009","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cyber Security of the Autonomous Ship","authors":"S. Katsikas","doi":"10.1145/3055186.3055191","DOIUrl":"https://doi.org/10.1145/3055186.3055191","url":null,"abstract":"In this keynote talk we give an overview of the state of play of cyber security of the autonomous ship. We discuss the generic system architecture of an autonomous ship, as well as threats, vulnerabilities and risks against such a generic architecture, and we argue for the need to employ a holistic approach to ensuring the cyber security of the autonomous ship.","PeriodicalId":140504,"journal":{"name":"Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security","volume":"214 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132689699","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Functional Co-Design towards Safe and Secure Vehicle Platooning","authors":"Jiafa Liu, Di Ma, A. Weimerskirch, Haojin Zhu","doi":"10.1145/3055186.3055193","DOIUrl":"https://doi.org/10.1145/3055186.3055193","url":null,"abstract":"Cooperative adaptive cruise control (CACC) or platooning recently becomes promising as vehicles can learn of nearby vehicles? intentions and dynamics through wireless vehicle to vehicle (V2V) communication and advanced on-board sensing technologies. Violation of cybersecurity often results in serious safety issues as been demonstrated in recent studies. However, safety and security in a vehicle platoon so far have been considered separately by different sets of experts. Consequently no existing solution solves both safety and security in a coherent way. In this paper, we show cyber attacks on an automated platoon system could have the most severe level of safety impact with large scale car crash and argue the importance of safety-security co-design for safety critical cyber physical systems (CPS). We propose a safety-security co-design engineering process to derive functional security requirements for a safe automated vehicle platoon system based on a deep comprehension on the interrelation of safety and security. To our best knowledge, we are the first to apply the safety-security co-design concept to a concrete application. Through this engineering process, we propose a general approach for designing a safe and secure platooning. Following the general approach, we come up with a new platoon control algorithm that takes into account both safety and security. Our defense mechanism implicitly defends against safety-related cyber-attacks and greatly shortens the safe distance required when the platoon is not protected.","PeriodicalId":140504,"journal":{"name":"Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114361845","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Towards Improving Data Validity of Cyber-Physical Systems through Path Redundancy","authors":"Zhiyuan Zheng, A. Reddy","doi":"10.1145/3055186.3055189","DOIUrl":"https://doi.org/10.1145/3055186.3055189","url":null,"abstract":"Cyber-physical systems have shown to be susceptible to cyber-attacks. Incidents such as Stuxnet Attack and Ukraine power outage have shown that attackers are capable of penetrating into industrial control systems, compromising PLCs, and sending false commands to physical devices while reporting normal sensing values. Therefore, one of the critical needs of CPS is to ensure the validity of the sensor values. In this paper, we explore path diversity in SCADA networks and develop Path Redundancy to improve data validity. The proposed solution is shown to be able to effectively prevent data integrity attacks and detect false command attacks from a single compromised path or PLC. We provide detailed analysis on solution design and implement an application of the technique in building automation networks. Our cost-efficient and easy-to-deploy solution improves the resilience of SCADA networks.","PeriodicalId":140504,"journal":{"name":"Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133105741","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Secure 3D Printing: Reconstructing and Validating Solid Geometries using Toolpath Reverse Engineering","authors":"N. G. Tsoutsos, Homer Gamil, M. Maniatakos","doi":"10.1145/3055186.3055198","DOIUrl":"https://doi.org/10.1145/3055186.3055198","url":null,"abstract":"As 3D printing becomes more ubiquitous, traditional centralized process chains are transformed to a distributed manufacturing model, where each step of the process can be outsourced to different parties. Despite the countless benefits of this revolutionary technology, outsourcing parts of the process to potentially untrusted parties raises security concerns, as malicious design modifications can impact the structural integrity of the manufactured 3D geometries. To address this problem, we introduce a novel compiler that allows reverse engineering G-code toolpaths (i.e., machine commands describing how a geometry is printed) to reconstruct a close approximation of the original 3D object. Our framework then uses Finite Element Analysis to simulate the reconstructed object under different stress conditions and validate its structural integrity, without requiring a golden model reference.","PeriodicalId":140504,"journal":{"name":"Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security","volume":"88 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121867212","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Spatio-Temporal Correlations in Cyber-Physical Systems: A Defense Against Data Availability Attacks","authors":"B. Sikdar","doi":"10.1145/3055186.3055200","DOIUrl":"https://doi.org/10.1145/3055186.3055200","url":null,"abstract":"Many cyber-physical systems (CPS) use geographically distributed instrumentation to monitor and control the operation of the underlying system in real time. The availability of real-time measurements from deployed instrumentation is critical for the operation of CPS, which in turn makes them vulnerable to attacks that limit access to this stream of information. However, the impact of such attacks may be mitigated by exploiting the spatio-temporal correlation in the data streams that exist in many CPS, as shown in this paper. In addition to establishing the extent of spatio-temporal correlations in CPS data stream in the context of natural gas distribution systems, we propose and validate a methodology that exploits these correlations to accurately recreate data that might be lost or unavailable due to cyber attacks.","PeriodicalId":140504,"journal":{"name":"Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125619320","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Detecting Phishing Websites using Automation of Human Behavior","authors":"Routhu Srinivasa Rao, A. R. Pais","doi":"10.1145/3055186.3055188","DOIUrl":"https://doi.org/10.1145/3055186.3055188","url":null,"abstract":"In this paper, we propose a technique to detect phishing attacks based on behavior of human when exposed to fake website. Some online users submit fake credentials to the login page before submitting their actual credentials. He/She observes the login status of the resulting page to check whether the website is fake or legitimate. We automate the same behavior with our application (FeedPhish) which feeds fake values into login page. If the web page logs in successfully, it is classified as phishing otherwise it undergoes further heuristic filtering. If the suspicious site passes through all heuristic filters then the website is classified as a legitimate site. As per the experimentation results, our application has achieved a true positive rate of 97.61%, true negative rate of 94.37% and overall accuracy of 96.38%. Our application neither demands third party services nor prior knowledge like web history, whitelist or blacklist of URLS. It is able to detect not only zero-day phishing attacks but also detects phishing sites which are hosted on compromised domains.","PeriodicalId":140504,"journal":{"name":"Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121308163","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"ViotSOC: Controlling Access to Dynamically Virtualized IoT Services using Service Object Capability","authors":"Hajoon Ko, Jiong Jin, S. Keoh","doi":"10.1145/3055186.3055194","DOIUrl":"https://doi.org/10.1145/3055186.3055194","url":null,"abstract":"Virtualization of Internet of Things(IoT) is a concept of dynamically building customized high-level IoT services which rely on the real time data streams from low-level physical IoT sensors. Security in IoT virtualization is challenging, because with the growing number of available (building block) services, the number of personalizable virtual services grows exponentially. This paper proposes Service Object Capability(SOC) ticket system, a decentralized access control mechanism between servers and clients to efficiently authenticate and authorize each other without using public key cryptography. SOC supports decentralized partial delegation of capabilities specified in each server/client ticket. Unlike PKI certificates, SOC's authentication time and handshake packet overhead stays constant regardless of each capability's delegation hop distance from the root delegator. The paper compares SOC's security benefifits with Kerberos and the experimental results show SOC's authentication incurs significantly less time packet overhead compared against those from other mechanisms based on RSA-PKI and ECC-PKI algorithms. SOC is as secure as, and more efficient and suitable for IoT environments, than existing PKIs and Kerberos.","PeriodicalId":140504,"journal":{"name":"Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128574927","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cyber-Physical System Discovery: Reverse Engineering Physical Processes","authors":"Alexander Winnicki, M. Krotofil, D. Gollmann","doi":"10.1145/3055186.3055195","DOIUrl":"https://doi.org/10.1145/3055186.3055195","url":null,"abstract":"Successful cyber attacks against cyber-physical systems require expert knowledge about the dynamic behaviour of the underlying physical process. Therefore, obtaining the relevant information is a crucial part during attack preparation. Previous work has shown manual acquisition of knowledge about process dynamics to be prohibitively laborious. This paper presents - first insights into semi-automated process-aware system discovery that goes beyond IT-related trivia, and focuses on the physical core of a system.","PeriodicalId":140504,"journal":{"name":"Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129327239","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}