发布求助
文献互助 智能选刊 最新文献

Proceedings of the 7th ACM on Cyber-Physical System Security Workshop最新文献

筛选
英文 中文
Session details: Session 1: CPS Formalization and Protocols 会话详细信息:会话1:CPS形式化和协议
Proceedings of the 7th ACM on Cyber-Physical System Security Workshop Pub Date : 2021-05-24 DOI: 10.1145/3468024
N. Tippenhauer
{"title":"Session details: Session 1: CPS Formalization and Protocols","authors":"N. Tippenhauer","doi":"10.1145/3468024","DOIUrl":"https://doi.org/10.1145/3468024","url":null,"abstract":"","PeriodicalId":239758,"journal":{"name":"Proceedings of the 7th ACM on Cyber-Physical System Security Workshop","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128822306","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
You talkin' to me? Exploring Practical Attacks on Controller Pilot Data Link Communications 你在跟我说话?探索对控制器导频数据链路通信的实际攻击
Proceedings of the 7th ACM on Cyber-Physical System Security Workshop Pub Date : 2021-05-24 DOI: 10.1145/3457339.3457985
Joshua Smailes, Daniel Moser, Matthew Smith, Martin Strohmeier, Vincent Lenders, I. Martinovic
{"title":"You talkin' to me? Exploring Practical Attacks on Controller Pilot Data Link Communications","authors":"Joshua Smailes, Daniel Moser, Matthew Smith, Martin Strohmeier, Vincent Lenders, I. Martinovic","doi":"10.1145/3457339.3457985","DOIUrl":"https://doi.org/10.1145/3457339.3457985","url":null,"abstract":"Worldwide, voice-based Air Traffic Control (ATC) communications are gradually being replaced with data link-based equivalents, namely the Controller Pilot Data Link Communications (CPDLC) system. This helps to manage the high levels of congestion on voice-based ATC---under modern traffic levels these analog voice channels are extremely busy, especially at times of peak traffic. CPDLC offers the ability to conduct most ATC actions in the form of digital text-based messages. As with voice-based ATC, CPDLC has no built-in security mechanisms. Furthermore, the links which carry CPDLC do not have security mechanisms either. In this paper, we analyze the susceptibility of CPDLC to attacks by a software-defined radio (SDR)-equipped attacker. Crucially, this is different to attacks on aviation surveillance systems, as it requires the attacker to comply with a larger authentication protocol. We identify attacks on CPDLC, including a man-in-the-middle attack on the protocol. This attack enables a take-over of an aircraft's communication on an attacker-specified frequency, after which arbitrary CPDLC commands can be transmitted to the target without alerting the legitimate controller. We empirically assess the likely effectiveness of this attack through a data collection and analysis exercise. In order to counteract this type of attack, we propose three countermeasures of different complexities, including logical checks and a public key infrastructure approach. We also estimate to what extent these countermeasures can be implemented without altering the underlying protocol.","PeriodicalId":239758,"journal":{"name":"Proceedings of the 7th ACM on Cyber-Physical System Security Workshop","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124421845","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Session details: Session 2: Side-Channels in CPS 会话详细信息:会话2:CPS中的侧通道
Proceedings of the 7th ACM on Cyber-Physical System Security Workshop Pub Date : 2021-05-24 DOI: 10.1145/3468025
{"title":"Session details: Session 2: Side-Channels in CPS","authors":"","doi":"10.1145/3468025","DOIUrl":"https://doi.org/10.1145/3468025","url":null,"abstract":"","PeriodicalId":239758,"journal":{"name":"Proceedings of the 7th ACM on Cyber-Physical System Security Workshop","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134645574","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
High we Fly: Wireless Witnessing and Crowdsourcing for Air-Traffic Communication Security 高空飞行:空中交通通信安全的无线见证和众包
Proceedings of the 7th ACM on Cyber-Physical System Security Workshop Pub Date : 2021-05-24 DOI: 10.1145/3457339.3457979
C. Pöpper
{"title":"High we Fly: Wireless Witnessing and Crowdsourcing for Air-Traffic Communication Security","authors":"C. Pöpper","doi":"10.1145/3457339.3457979","DOIUrl":"https://doi.org/10.1145/3457339.3457979","url":null,"abstract":"In this talk I will address aviation security and secure surveillance/control that are crucial for the safety of air traffic. Two wireless systems widely deployed in this context are the Global Positioning System (GPS) and ADS-B (Automatic Dependent Surveillance Broadcast). I will discuss why wireless systems like GPS and ADS-B are hard to fully secure and I will present novel mechanisms to improve air-traffic-related security at the intersection of these two systems. In particular, I will talk about (1) Crowd-GPS-Sec, a system to detect and localize GPS spoofing attacks on moving airborne targets such as UAVs or commercial airliners, as well as (2) ADS-B-Trust, an approach to leverage machine learning for ADS-B and GPS attack detection. These systems demonstrate the potential of sensor-based crowdsourcing and wireless witnessing for attack detection purposes in a typically rather closed industry sector.","PeriodicalId":239758,"journal":{"name":"Proceedings of the 7th ACM on Cyber-Physical System Security Workshop","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130851403","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Semantic Framework for Direct Information Flows in Hybrid-Dynamic Systems 混合动态系统中直接信息流的语义框架
Proceedings of the 7th ACM on Cyber-Physical System Security Workshop Pub Date : 2021-05-24 DOI: 10.1145/3457339.3457981
Sepehr Amir-Mohammadian
{"title":"A Semantic Framework for Direct Information Flows in Hybrid-Dynamic Systems","authors":"Sepehr Amir-Mohammadian","doi":"10.1145/3457339.3457981","DOIUrl":"https://doi.org/10.1145/3457339.3457981","url":null,"abstract":"Hybrid-dynamic models provide an underlying framework to study the evergrowing cyber-physical systems with an emphasis on the integration of their discrete computational steps and the associated continuous physical dynamics. Ubiquity of cyber-physical systems necessitates some level of assurance about the secure flow of information through different discrete and continuous components. In recent years, different logical frameworks have been proposed to analyze indirect information flows in cyber-physical systems. While these frameworks are used to verify secure flow of information in a metalevel, they naturally fall short in support of implementing information flow analyzers that could effectively enforce policies at runtime. This practical limitation has triggered the implementation of direct information flow analyzers in different language settings. In this paper, we focus on direct flows of information confidentiality in hybrid-dynamic environments and propose a semantic framework through which we can judge about such flows. This semantic framework can be used to study the correctness of enforced policies by these analyzers, and in particular taint tracking tools. In this regard, we specify a dynamic taint tracking policy for hybrid dynamic systems and prove its soundness based on the proposed semantic framework. As a case study, we consider the flow of information in a public transportation control system, and the effectiveness of our enforced policy on this system.","PeriodicalId":239758,"journal":{"name":"Proceedings of the 7th ACM on Cyber-Physical System Security Workshop","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122721992","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Towards Secure and Robust Autonomy Software in Autonomous Driving and Smart Transportation 在自动驾驶和智能交通中实现安全、稳健的自主软件
Proceedings of the 7th ACM on Cyber-Physical System Security Workshop Pub Date : 2021-05-24 DOI: 10.1145/3457339.3457978
Qi Alfred Chen
{"title":"Towards Secure and Robust Autonomy Software in Autonomous Driving and Smart Transportation","authors":"Qi Alfred Chen","doi":"10.1145/3457339.3457978","DOIUrl":"https://doi.org/10.1145/3457339.3457978","url":null,"abstract":"Autonomous Driving (AD) technology has always been an international pursuit due to its significant benefit in driving safety, efficiency, and mobility. Over 15 years after the first DARPA Grand Challenge, its development and deployment are becoming increasingly mature and practical, with some AD vehicles already providing services on public roads (e.g., Google Waymo One in Phoenix and Baidu Apollo Go in China). In AD technology, the autonomy software stack, or the AD software, is highly security critical: it is in charge of safety-critical driving decisions such as collision avoidance and lane keeping, and thus any security problems in it can directly impact road safety. In this talk, I will describe my recent research that initiates the first systematic effort towards understanding and addressing the security problems in production AD software. I will be focusing on two critical modules: perception and localization, and talk about how we are able to discover novel and practical sensor/physical-world attacks that can cause end-to-end safety impacts such as crashing into obstacles or driving off road. Besides AD software, I will also briefly talk about my recent research on autonomy software security in smart transportation in general, especially those enabled by Connected Vehicle (CV) technology. I will conclude with a discussion on defense and future research directions.","PeriodicalId":239758,"journal":{"name":"Proceedings of the 7th ACM on Cyber-Physical System Security Workshop","volume":"53 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128849655","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Session details: Session 3: Communication Security in CPS 会话详细信息:会话3:CPS中的通信安全
Proceedings of the 7th ACM on Cyber-Physical System Security Workshop Pub Date : 2021-05-24 DOI: 10.1145/3468026
{"title":"Session details: Session 3: Communication Security in CPS","authors":"","doi":"10.1145/3468026","DOIUrl":"https://doi.org/10.1145/3468026","url":null,"abstract":"","PeriodicalId":239758,"journal":{"name":"Proceedings of the 7th ACM on Cyber-Physical System Security Workshop","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121372001","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Session details: Keynote Talks 会议详情:主题演讲
Proceedings of the 7th ACM on Cyber-Physical System Security Workshop Pub Date : 2021-05-24 DOI: 10.1145/3468023
{"title":"Session details: Keynote Talks","authors":"","doi":"10.1145/3468023","DOIUrl":"https://doi.org/10.1145/3468023","url":null,"abstract":"","PeriodicalId":239758,"journal":{"name":"Proceedings of the 7th ACM on Cyber-Physical System Security Workshop","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123731713","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Lightweight Delegated Authentication with Identity Fraud Detection for Cyber-physical Systems 基于信息物理系统身份欺诈检测的轻量级委托认证
Proceedings of the 7th ACM on Cyber-Physical System Security Workshop Pub Date : 2021-05-24 DOI: 10.1145/3457339.3457984
Zheng Yang, Chao Yin, Chenglu Jin, Jianting Ning, Jianying Zhou
{"title":"Lightweight Delegated Authentication with Identity Fraud Detection for Cyber-physical Systems","authors":"Zheng Yang, Chao Yin, Chenglu Jin, Jianting Ning, Jianying Zhou","doi":"10.1145/3457339.3457984","DOIUrl":"https://doi.org/10.1145/3457339.3457984","url":null,"abstract":"Delegated authentication is a very popular and effective paradigm to deal with entity authentication problems for resource-constrained clients in cyber-physical systems; namely, the authentication between two clients is proxied by a trusted authentication server. However, an attacker may compromise the authentication server to impersonate the clients for sabotaging the cyber-physical systems. To detect the identity fraud attacks caused by an authentication server compromise, we propose two mutual authentication protocols by using a pseudo-random function family and a one-time signature (OTS) scheme. Our idea is to leverage the continuously evolving OTS signing and verifying keys at the signer and the verifier sides respectively for identity fraud detection because an identity fraud attack would violate the victim's honest OTS key update procedure. The proposed protocols are proven secure under a new mutual authentication security model that formulates the identity fraud detection.","PeriodicalId":239758,"journal":{"name":"Proceedings of the 7th ACM on Cyber-Physical System Security Workshop","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125508343","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
MoveAR: Continuous Biometric Authentication for Augmented Reality Headsets MoveAR:用于增强现实耳机的连续生物识别认证
Proceedings of the 7th ACM on Cyber-Physical System Security Workshop Pub Date : 2021-05-24 DOI: 10.1145/3457339.3457983
Arman Bhalla, Ivo Sluganovic, Klaudia Krawiecka, I. Martinovic
{"title":"MoveAR: Continuous Biometric Authentication for Augmented Reality Headsets","authors":"Arman Bhalla, Ivo Sluganovic, Klaudia Krawiecka, I. Martinovic","doi":"10.1145/3457339.3457983","DOIUrl":"https://doi.org/10.1145/3457339.3457983","url":null,"abstract":"Augmented Reality (AR) headsets are rapidly coming to consumer and professional markets. The lack of traditional input interfaces for these devices motivates the need to research novel methods of achieving security primitives such as user authentication. Given the various inertial sensors that the headsets use to position users in their environment, we propose, investigate, and evaluate the potential for a continuous biometric authentication system based on the distinct ways in which people move their heads and interact with their virtual environments. We collect samples of the spatial and behavioural patterns from a group of users wearing an AR headset. Using this data, we propose a multitude of novel models and machine learning pipelines that learn the unique signature of AR users as they interact with the virtual environment and AR objects. We evaluate multiple supervised machine learning algorithms, including k-Nearest Neighbours, Random Forest, Support Vector Machine (SVM), and Bag of Symbolic-Fourier-Approximation Symbols (BOSS) for two different sets of input data and parameters. We achieve a balanced accuracy score of 92.675% and an EER of 11% using an Adaptive Boost Random Forest classifier together with our proposed series of novel, AR-specific preprocessing methods used on our current dataset. This demonstrates that it is indeed possible to profile and authenticate AR head-mounted display users based on their head movements and gestures.","PeriodicalId":239758,"journal":{"name":"Proceedings of the 7th ACM on Cyber-Physical System Security Workshop","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133523068","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信