发布求助
文献互助 智能选刊 最新文献

Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy最新文献

筛选
英文 中文
Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy 2018网络物理系统安全与隐私研讨会论文集
Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy Pub Date : 2018-10-15 DOI: 10.1145/3264888
{"title":"Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy","authors":"","doi":"10.1145/3264888","DOIUrl":"https://doi.org/10.1145/3264888","url":null,"abstract":"","PeriodicalId":247918,"journal":{"name":"Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy","volume":"7 1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-10-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134126949","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Session details: Session 2: Intrusion and Anomaly detection 会话详细信息:会话2:入侵和异常检测
Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy Pub Date : 2018-01-15 DOI: 10.1145/3285936
A. Cárdenas
{"title":"Session details: Session 2: Intrusion and Anomaly detection","authors":"A. Cárdenas","doi":"10.1145/3285936","DOIUrl":"https://doi.org/10.1145/3285936","url":null,"abstract":"","PeriodicalId":247918,"journal":{"name":"Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114962464","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Secure Autonomous Cyber-Physical Systems Through Verifiable Information Flow Control 通过可验证的信息流控制来保护自主网络物理系统
Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy Pub Date : 2018-01-15 DOI: 10.1145/3264888.3264889
Jed Liu
{"title":"Secure Autonomous Cyber-Physical Systems Through Verifiable Information Flow Control","authors":"Jed Liu","doi":"10.1145/3264888.3264889","DOIUrl":"https://doi.org/10.1145/3264888.3264889","url":null,"abstract":"Modern cyber-physical systems are complex networked computing systems that electronically control physical systems. Autonomous road vehicles are an important and increasingly ubiquitous instance. Unfortunately, their increasing complexity often leads to security vulnerabilities. Network connectivity exposes these vulnerable systems to remote software attacks that can result in real-world physical damage, including vehicle crashes and loss of control authority. We introduce an integrated architecture to provide provable security and safety assurance for cyber-physical systems by ensuring that safety-critical operations and control cannot be unintentionally affected by potentially malicious parts of the system. Fine-grained information flow control is used to design both hardware and software, determining how low-integrity information can affect high-integrity control decisions. This security assurance is used to improve end-to-end security across the entire cyber-physical system. We demonstrate this integrated approach by developing a mobile robotic testbed modeling a self-driving system and testing it with a malicious attack.","PeriodicalId":247918,"journal":{"name":"Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114836278","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Science Hackathons for Cyberphysical System Security Research: Putting CPS testbed platforms to good use 网络物理系统安全研究的科学黑客马拉松:善用CPS测试平台
Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy Pub Date : 2018-01-15 DOI: 10.1145/3264888.3264897
S. Foley, F. Autrel, Edwin Bourget, Thomas Clédel, Stephane Grunenwald, José Rubio-Hernán, Alexandre Kabil, Raphaël M. J. I. Larsen, V. Rooney, Kirsten Vanhulst
{"title":"Science Hackathons for Cyberphysical System Security Research: Putting CPS testbed platforms to good use","authors":"S. Foley, F. Autrel, Edwin Bourget, Thomas Clédel, Stephane Grunenwald, José Rubio-Hernán, Alexandre Kabil, Raphaël M. J. I. Larsen, V. Rooney, Kirsten Vanhulst","doi":"10.1145/3264888.3264897","DOIUrl":"https://doi.org/10.1145/3264888.3264897","url":null,"abstract":"A challenge is to develop cyber-physical system scenarios that reflect the diversity and complexity of real-life cyber-physical systems in the research questions that they address. Time-bounded collaborative events, such as hackathons, jams and sprints, are increasingly used as a means of bringing groups of individuals together, in order to explore challenges and develop solutions. This paper describes our experiences, using a science hackathon to bring individual researchers together, in order to develop a common use-case implemented on a shared CPS testbed platform that embodies the diversity in their own security research questions. A qualitative study of the event was conducted, in order to evaluate the success of the process, with a view to improving future similar events.","PeriodicalId":247918,"journal":{"name":"Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123669942","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
ACE: Advanced CIP Evaluator ACE:高级CIP评估员
Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy Pub Date : 2018-01-15 DOI: 10.1145/3264888.3264891
Kiel Gordon, M. Davis, Zachary Birnbaum, A. Dolgikh
{"title":"ACE: Advanced CIP Evaluator","authors":"Kiel Gordon, M. Davis, Zachary Birnbaum, A. Dolgikh","doi":"10.1145/3264888.3264891","DOIUrl":"https://doi.org/10.1145/3264888.3264891","url":null,"abstract":"Industrial control systems (ICS) are key enabling systems that drive the productivity and efficiency of omnipresent industries such as power, gas, water treatment, transportation, and manufacturing. These systems consist of interconnected components that communicate over industrial networks using industrial protocols such as the Common Industrial Protocol (CIP). CIP is one of the most commonly used network-based process control protocols, and utilizes an object-oriented communication structure for device to device interaction. Due to this object-oriented structure, CIP communication reveals detailed information about the devices, the communication patterns, and the system, providing an in-depth view of the system. The details from this in-depth system perspective can be utilized as part of a system cybersecurity or discovery approach. However, due to the variety of commands, corresponding parameters, and variable layer structure of the CIP network layer, processing this layer is a challenging task. This paper presents a tool, Advanced CIP Evaluator (ACE), which passively processes the CIP communication layer and automatically extracts device, communication, and system information from observed network traffic. ACE was tested and verified using a representative ICS power generation testbed. Since ACE operates passively, without generating any network traffic of its own, system operations are not disturbed. This novel tool provides ICS information, such as networked devices, communication patterns, and system operation, at a depth and breadth that is unique compared with other known tools.","PeriodicalId":247918,"journal":{"name":"Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132803087","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
CORGIDS: A Correlation-based Generic Intrusion Detection System corgid:一个基于关联的通用入侵检测系统
Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy Pub Date : 2018-01-15 DOI: 10.1145/3264888.3264893
Ekta Aggarwal, Mehdi Karimibiuki, K. Pattabiraman, A. Ivanov
{"title":"CORGIDS: A Correlation-based Generic Intrusion Detection System","authors":"Ekta Aggarwal, Mehdi Karimibiuki, K. Pattabiraman, A. Ivanov","doi":"10.1145/3264888.3264893","DOIUrl":"https://doi.org/10.1145/3264888.3264893","url":null,"abstract":"Cyber-physical systems (CPS) consist of software and physical components which are knitted together and interact with each other continuously. CPS have been targets of security attacks due to their safety-critical nature and relative lack of protection. Specification based intrusion detection systems (IDS) using data, temporal, data temporal and time, and logical correlations have been proposed in the past. But none of the approaches except the ones using logical correlations take into account the main ingredient in the operation of CPS, namely the use of physical properties. On the other hand, IDS that use physical properties either require the developer to define invariants manually, or have designed their IDS for a specific CPS. This paper proposes CORGIDS, a generic IDS capable of detecting security attacks by inferring the logical correlations of the physical properties of a CPS, and checking if they adhere to the predefined framework. We build a CORGIDS-based prototype and demonstrate its use for detecting attacks in the two CPS. We find that CORGIDS achieves a precision of 95.70%, and a recall of 87.90%, with modest memory and performance overheads.","PeriodicalId":247918,"journal":{"name":"Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy","volume":"113 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115084152","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 17
Session details: Session 4: Industrial Control and SCADA Systems 会议详情:会议4:工业控制和SCADA系统
Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy Pub Date : 2018-01-15 DOI: 10.1145/3285938
R. Bobba
{"title":"Session details: Session 4: Industrial Control and SCADA Systems","authors":"R. Bobba","doi":"10.1145/3285938","DOIUrl":"https://doi.org/10.1145/3285938","url":null,"abstract":"","PeriodicalId":247918,"journal":{"name":"Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129602284","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Temporal Phase Shifts in SCADA Networks SCADA网络中的时间相移
Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy Pub Date : 2018-01-15 DOI: 10.1145/3264888.3264898
Chen Markman, A. Wool, A. Cárdenas
{"title":"Temporal Phase Shifts in SCADA Networks","authors":"Chen Markman, A. Wool, A. Cárdenas","doi":"10.1145/3264888.3264898","DOIUrl":"https://doi.org/10.1145/3264888.3264898","url":null,"abstract":"In Industrial Control Systems (ICS/SCADA), machine to machine data traffic is highly periodic. Previous work showed that in many cases, it is possible to create an automata-based model of the traffic between each individual Programmable Logic Controller (PLC) and the SCADA server, and to use the model to detect anomalies in the traffic. When testing the validity of previous models, we noticed that overall, the models have difficulty in dealing with communication patterns that change over time. In this paper we show that in many cases the traffic exhibits phases in time, where each phase has a unique pattern, and the transition between the different phases is rather sharp. We suggest a method to automatically detect traffic phase shifts, and a new anomaly detection model that incorporates multiple phases of the traffic. Furthermore we present a new sampling mechanism for training set assembly, which enables the model to learn all phases during the training stage with lower complexity. The model presented has similar accuracy and much less permissiveness compared to the previous general Deterministic Finite Automata (DFA) model. Moreover, the model can provide the operator with information about the state of the controlled process at any given time, as seen in the traffic phases.","PeriodicalId":247918,"journal":{"name":"Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123526861","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
A Specification-based State Replication Approach for Digital Twins 基于规范的数字孪生状态复制方法
Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy Pub Date : 2018-01-15 DOI: 10.1145/3264888.3264892
Matthias Eckhart, Andreas Ekelhart
{"title":"A Specification-based State Replication Approach for Digital Twins","authors":"Matthias Eckhart, Andreas Ekelhart","doi":"10.1145/3264888.3264892","DOIUrl":"https://doi.org/10.1145/3264888.3264892","url":null,"abstract":"Digital twins play a key role in realizing the vision of a smart factory. While this concept is often associated with maintenance, optimization, and simulation, digital twins can also be leveraged to enhance the security and safety of cyber-physical systems (CPSs). In particular, digital twins can run in parallel to a CPS, allowing to perform a security and safety analysis during operation without the risk of disrupting live systems. However, replicating states of physical devices within a CPS in functionally equivalent virtual replicas, so that they precisely mirror the internal behavior of their counterparts, is an open research topic. In this paper, we propose a novel state replication approach that first identifies stimuli based on the system's specification and then replicates them in a virtual environment. We believe that replicating states of CPSs is a prerequisite for a multitude of security and safety enhancing features that can be implemented on the basis of digital twins. To demonstrate the feasibility of the specification-based state replication approach, we provide a prototypical implementation and evaluate it in an experimental CPS test bed. The results of this paper show that attacks against CPSs can be successfully detected by leveraging the proposed state replication approach.","PeriodicalId":247918,"journal":{"name":"Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131566558","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 58
Detecting Cyber Attacks in Industrial Control Systems Using Convolutional Neural Networks 利用卷积神经网络检测工业控制系统中的网络攻击
Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy Pub Date : 2018-01-15 DOI: 10.1145/3264888.3264896
Moshe Kravchik, A. Shabtai
{"title":"Detecting Cyber Attacks in Industrial Control Systems Using Convolutional Neural Networks","authors":"Moshe Kravchik, A. Shabtai","doi":"10.1145/3264888.3264896","DOIUrl":"https://doi.org/10.1145/3264888.3264896","url":null,"abstract":"This paper presents a study on detecting cyber attacks on industrial control systems (ICS) using convolutional neural networks. The study was performed on a Secure Water Treatment testbed (SWaT) dataset, which represents a scaled-down version of a real-world industrial water treatment plant. We suggest a method for anomaly detection based on measuring the statistical deviation of the predicted value from the observed value. We applied the proposed method by using a variety of deep neural network architectures including different variants of convolutional and recurrent networks. The test dataset included 36 different cyber attacks. The proposed method successfully detected 31 attacks with three false positives thus improving on previous research based on this dataset. The results of the study show that 1D convolutional networks can be successfully used for anomaly detection in industrial control systems and outperform recurrent networks in this setting. The findings also suggest that 1D convolutional networks are effective at time series prediction tasks which are traditionally considered to be best solved using recurrent neural networks. This observation is a promising one, as 1D convolutional neural networks are simpler, smaller, and faster than the recurrent neural networks.","PeriodicalId":247918,"journal":{"name":"Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123881849","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 208
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信