发布求助
文献互助 智能选刊 最新文献

2021 IEEE International Conference on Cyber Security and Resilience (CSR)最新文献

筛选
英文 中文
Impact assessment of anomaly propagation in a naval water distribution cyber-physical system 海军配水网络物理系统异常传播影响评估
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527952
Nicolas Pelissero, Pedro Merino Laso, J. Puentes
{"title":"Impact assessment of anomaly propagation in a naval water distribution cyber-physical system","authors":"Nicolas Pelissero, Pedro Merino Laso, J. Puentes","doi":"10.1109/CSR51186.2021.9527952","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527952","url":null,"abstract":"Cyber-Physical Systems (CPS) are composed by multiple subsystems that encompass numerous interdependencies. Although indispensable and highly performant from a functional perspective, complex interconnectivity constitutes paradoxically a significant vulnerability when an anomaly occurs. Anomalies could propagate and impact the entire CPS with irreversible consequences. This paper presents an approach to assess the anomaly propagation impact risk on a three layers oriented graph which represents the physical, digital, and system variables of a CPS components and interdependencies. Anomalies are detected applying information quality measures, while potential propagation paths are assessed computing the cumulated risk represented by weights assigned to the graph edges. To verify the cascading impact of different anomalies four cyber-attacks - denial of service, sensor offset alteration, false data injection, and replay attack - were implemented on a simulated naval water distribution CPS. The propagation impact of three anomalies was successfully assessed and the corresponding estimated propagation path, if applicable, confirmed.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"144 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132018175","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
The Current State of The Art and Future of European Cyber Range Ecosystem 欧洲网络范围生态系统的现状和未来
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527931
Csaba Virág, Jakub Cegan, Tomáš Lieskovan, Matteo Merialdo
{"title":"The Current State of The Art and Future of European Cyber Range Ecosystem","authors":"Csaba Virág, Jakub Cegan, Tomáš Lieskovan, Matteo Merialdo","doi":"10.1109/CSR51186.2021.9527931","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527931","url":null,"abstract":"The Cyber Range Focus Group (CRFG) is established in the context of the four Horizon 2020 pilots contributing to the establishment of a European Cybersecurity Competence Network, with the purpose to horizontally coordinate the activities related to cyber ranges across the four pilots and contribute to the creation of a European ecosystem for cyber ranges, bringing together providers of both range infrastructure and range content. As the cyber domain is a non-deterministic complex one with a constantly evolving knowledge and threat landscape, simulation environments are emerging as the means to raise cyber resilience and dexterity. The EU cyber range ecosystem is constantly developing as the services become more affordable and accessible for more organizations and individuals through open-source technologies and federation of those resources. In contrast, a cyber range ecosystem-focused marketplace is foreseen to boost the market implementation, accessibility, and affordability.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126600521","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Cyber Resilience for Self-Monitoring IoT Devices 自我监控物联网设备的网络弹性
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527995
M. Medwed, V. Nikov, Joost Renes, Tobias Schneider, Nikita Veshchikov
{"title":"Cyber Resilience for Self-Monitoring IoT Devices","authors":"M. Medwed, V. Nikov, Joost Renes, Tobias Schneider, Nikita Veshchikov","doi":"10.1109/CSR51186.2021.9527995","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527995","url":null,"abstract":"Modern embedded IoT devices are an attractive target for cyber attacks. For example, they can be used to disable entire factories and ask for ransom. Recovery of compromised devices is not an easy task, because malware can subvert the original software and make itself persistent. In addition, many embedded devices do not implement remote recovery procedures and, therefore, require manual intervention.Recent proposals from NIST and TCG define concepts and building blocks for cyber resilience: protection, detection and recovery. In this paper, we describe a system which allows implementing cyber resilient IoT devices that can be recovered remotely and timely. The proposed architecture consists of trusted data monitoring, local and remote attack detection, and enforced connections to remote services as building blocks for attack detection and recovery. Further, hardware- and software-based implementations of such a system are presented.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126703478","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Fast Dual-Field ECDSA Accelerator with Increased Resistance against Horizontal SCA Attacks 快速双场ECDSA加速器增加抵抗水平SCA攻击
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527912
I. Kabin, D. Klann, Z. Dyka, P. Langendoerfer
{"title":"Fast Dual-Field ECDSA Accelerator with Increased Resistance against Horizontal SCA Attacks","authors":"I. Kabin, D. Klann, Z. Dyka, P. Langendoerfer","doi":"10.1109/CSR51186.2021.9527912","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527912","url":null,"abstract":"Elliptic Curve Cryptography (ECC) is one of the common used standard methods for encrypting and signing messages which is essential when it comes to IoT communication. In this paper we discuss the side channel analysis attack resistance of our fast dual-field ECDSA accelerator. We present our implementation of a design supporting four different NIST Elliptic Curves to allow the reader to understand the discussion of the resistance aspects. Our key findings concerning the resistance are that the dual field design is by far more resistant against SCA than individual designs for B-curves. Here we were able to determine only two key candidates with a correctness above 85% for B-233 compared to the individual design of B-233 for which 6 key candidates with a correctness of more than 95% were revealed. In addition we were able to retrieve 4 candidates with a correctness of more than 97% for P-224 and even 3 fully correct key candidates for P-256. This is especially important as the design for ECs over GF(p) is realized using atomic patterns which is considered in the literature to ensure resistance against horizontal side-channel analysis attacks.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126714800","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Analyzing Cascading Effects of Spoofing Attacks on ADS-B Using a Discrete Model of Air Traffic Control Responses and AGMOD Dynamics 利用空中交通管制响应和AGMOD动力学的离散模型分析ADS-B欺骗攻击的级联效应
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527914
M. R. Kamaruzzaman, Bernard Ousmane Sané, Doudou Fall, Yuzo Taenaka, Y. Kadobayashi
{"title":"Analyzing Cascading Effects of Spoofing Attacks on ADS-B Using a Discrete Model of Air Traffic Control Responses and AGMOD Dynamics","authors":"M. R. Kamaruzzaman, Bernard Ousmane Sané, Doudou Fall, Yuzo Taenaka, Y. Kadobayashi","doi":"10.1109/CSR51186.2021.9527914","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527914","url":null,"abstract":"Cyber attacks on civil aviation critical information infrastructure such as Automatic Surveillance Dependent-Broadcast (ADS-B) spoofing targeting ground stations could cause major detrimental impacts to the performance of Air Traffic Management (ATM) operations. To mitigate the risks of spoofing attacks, a deep understanding of the possible impacts is crucial. Therefore, we analyzed the perturbated states of the flight ‘Arrivals-Ground Movement-Departures’ (AGMOD) dynamics during an emergency using a discrete events model. We simulated attack scenarios and observed the emerged cascading effects in the form of flight delay propagation through quantification of delayed time steps and number of affected aircraft within the AGMOD phases. Besides proving how ADS-B spoofing attacks propagate flight delays, our model is also able to render the dynamics of AGMOD key events based on Air Traffic Controller (ATC)’s response time during cyber-physical incidences. This capability is ideal for decision makers in forming mitigation plans to enhance operational resilience.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130112621","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
STRIDE-AI: An Approach to Identifying Vulnerabilities of Machine Learning Assets STRIDE-AI:一种识别机器学习资产漏洞的方法
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527917
Lara Mauri, E. Damiani
{"title":"STRIDE-AI: An Approach to Identifying Vulnerabilities of Machine Learning Assets","authors":"Lara Mauri, E. Damiani","doi":"10.1109/CSR51186.2021.9527917","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527917","url":null,"abstract":"We propose a security methodology for Machine Learning (ML) pipelines, supporting the definition of key security properties of ML assets, the identification of threats to them as well as the selection, test and verification of security controls. Our proposal is based on STRIDE, a widely used approach to threat modeling originally developed by Microsoft. We adapt STRIDE to the Artificial Intelligence domain by taking a security property-driven approach that also provides guidance in selecting the security controls needed to alleviate the identified threats. Our proposal is illustrated via an industrial case study.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132824957","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Web Bot Detection Evasion Using Generative Adversarial Networks 基于生成对抗网络的网络机器人检测规避
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527915
Christos Iliou, Theodoros Kostoulas, T. Tsikrika, Vasilis Katos, S. Vrochidis, Y. Kompatsiaris
{"title":"Web Bot Detection Evasion Using Generative Adversarial Networks","authors":"Christos Iliou, Theodoros Kostoulas, T. Tsikrika, Vasilis Katos, S. Vrochidis, Y. Kompatsiaris","doi":"10.1109/CSR51186.2021.9527915","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527915","url":null,"abstract":"Web bots are programs that can be used to browse the web and perform automated actions. These actions can be benign, such as web indexing and website monitoring, or malicious, such as unauthorised content scraping and scalping. To detect bots, web servers consider bots’ fingerprint and behaviour, with research showing that techniques that examine the visitor’s mouse movements can be very effective. In this work, we showcase that web bots can leverage the latest advances in machine learning to evade detection based on their mouse movements and touchscreen trajectories (for the case of mobile web bots). More specifically, the proposed web bots utilise Generative Adversarial Networks (GANs) to generate images of trajectories similar to those of humans, which can then be used by bots to evade detection. We show that, even if the web server is aware of the attack method, web bots can generate behaviours that can evade detection.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128115500","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
On the detection of Channel Switch Announcement Attack in 802.11 networks 802.11网络中信道交换公告攻击检测研究
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527971
Constantinos Louca, A. Peratikou, S. Stavrou
{"title":"On the detection of Channel Switch Announcement Attack in 802.11 networks","authors":"Constantinos Louca, A. Peratikou, S. Stavrou","doi":"10.1109/CSR51186.2021.9527971","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527971","url":null,"abstract":"During Channel Switch Announcement attacks [1][2], a malicious individual sends a forged channel switch announcement to manipulate a device to connect to a rogue access point (AP) or cause a Denial of Service (DoS). In this work we demonstrate with off-the shelf devices, a MiTM 802.11 detection mechanism which can detect if the channel switch announcement is triggered by the legitimate presence of a radar system, or by an attacker aiming to perform a Wi-Fi Evil Twin attack. The attack could be detected either operating in Dynamic Frequency Selection (DFS) or non DFS channels and the proposed detection mechanism can be integrated into an 802.11 intrusion detection system.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131795056","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
X-BaD: A Flexible Tool for Explanation-Based Bias Detection X-BaD:一个灵活的基于解释的偏差检测工具
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527956
M. Pacini, F. Nesti, Alessandro Biondi, G. Buttazzo
{"title":"X-BaD: A Flexible Tool for Explanation-Based Bias Detection","authors":"M. Pacini, F. Nesti, Alessandro Biondi, G. Buttazzo","doi":"10.1109/CSR51186.2021.9527956","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527956","url":null,"abstract":"As widely known, machine learning has been thriving during the last two decades on the strength of two key factors: significant and continuous improvements in hardware performance and the possibility to produce large datasets through automated procedures. However, it has been shown that datasets often contain biases that can significantly affect the performance and resilience of machine learning models, e.g., when deployed to realize functionality for cyber-physical systems. For this reason, a lot of research has been devoted to methodologies and tools for detecting biases in the dataset.This paper presents X-BaD, a tool for bias detection designed to inject and discover biases in a neural network. It is implemented as an open-source Python library that extends the Spectral Relevance Analysis methodology. It allows data reusability and user customization by parameter configurations, and offers built-in functions to inject artificial biases into popular image datasets such as CIFAR-10, Pascal VOC, and ImageNet, for test purposes. This tool is compatible and extensible with features that are commonly used in machine learning frameworks, such as PyTorch and Pytorch Lightning datasets and models, Captum attributions, and Sci-kit Learn clustering algorithms and clustering performance evaluation methods. It also includes functions to interpret and assess the processed data. A set of experiments is finally presented to evaluate the effectiveness of the proposed tool.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"49 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127579198","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Towards Selecting Informative Content for Cyber Threat Intelligence 网络威胁情报信息内容选择研究
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527909
Panos Panagiotou, Christos Iliou, Konstantinos Apostolou, T. Tsikrika, S. Vrochidis, P. Chatzimisios, I. Kompatsiaris
{"title":"Towards Selecting Informative Content for Cyber Threat Intelligence","authors":"Panos Panagiotou, Christos Iliou, Konstantinos Apostolou, T. Tsikrika, S. Vrochidis, P. Chatzimisios, I. Kompatsiaris","doi":"10.1109/CSR51186.2021.9527909","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527909","url":null,"abstract":"Nowadays, there is an increasing need for cyber security professionals to make use of tools that automatically extract Cyber Threat Intelligence (CTI) relying on information collected from relevant blogs and news sources that are publicly available. When such sources are used, an important part of the CTI extraction process is content selection, in which pages that do not contain CTI-related information should be filtered out. For this task, we apply supervised machine learning-based text classification techniques, trained on a new dataset created for the purposes of this work. Furthermore, we show in practice the importance of a good content selection process in a commonly used CTI extraction pipeline, by inspecting the results of the Named Entity Recognition (NER) process that normally follows.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133117148","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信