ISSN: 2032-9393
Downloads: 208557
Submit Article
Submission Instructions
Open Access Information
Ethics and Malpractice Statement
Most Recent Issue
2021
Issue 30Issue 29Issue 28Issue 27
2020
Issue 24Issue 26Issue 25Issue 23
2019
Issue 22Issue 21Issue 20Issue 19
2018
Issue 18Issue 17Issue 16Issue 15
2017
Issue 14Issue 13Issue 12Issue 11
2016
Issue 10Issue 9Issue 8Issue 7
2015
Issue 6Issue 5Issue 4Issue 3
2011
Issue 2Issue 1

EAI Endorsed Transactions on Security and Safety

Visit the new journal website to submit and consult our contents: https://publications.eai.eu/index.php/sesa/index

Editor(s)-in-Chief: Sanjay Goel

Growing threats and increasingly also failures due to complexity may compromise the security and resilience of network and service infrastructures. Applications and services require the security of data handling and we need new security architectures and scalable and interoperable security policies for this. There is a need to guarantee end-to-end security in data communications and storage, including identity management and authentication.

Moreover, we need technology to enable network security monitoring and tracing and to assess the trustworthiness of infrastructures and services. It must ensure the protection of personal data and privacy and properly assign liability and risks, together with the appropriate governance models needed to do so. Furthermore, this is applied to the settings of Public Safety in general.

  • Yao Liu (University of South Florida, USA)
  • Kai Zeng (George Mason University, USA)
  • Linhai Song (Penn State University, USA)
  • Zhiguo Wan (Shangdong University, China)
  • Issa Khalil (Qatar Computing Research Institute, Qatar)
  • George Kesidis (Penn State University, USA)
  • Amro Awad (University of Central Florida, USA)
  • Eric Chan-Tin (Loyola University Chicago, USA)
  • Karim Elish (Florida Polytechnic University, USA)
  • Joongheon Kim (Korea University, Korea)
  • Eugene Vasserman (Kansas State University, USA)
  • An Wang (Case Western Reserve University, USA)
  • Jiawei Yuan (Embry-Riddle Aeronautical University, USA)
  • Mohammad Ashiqur Rahman (Florida International University, USA)
  • Sachin Shetty (Old Dominion University, USA)
  • Jeffrey Spaulding (Niagara University, USA)
  • Zhongshu Gu (IBM, USA)
  • Shujun Li (University of Kent, UK)
  • Heng Zhang (Western Sydney University, Australia)
  • Kaiqi Xiong (University of South Florida, USA)
  • Mohamed Amine Ferrag (Guelma University, Algeria)
  • Bo Luo (University of Kansas, USA)
  • Zhen Huang (DePaul University, USA)
  • Ziming Zhao, University at Buffalo, USA

  • How data-sharing nudges influence people's privacy preferences: A machine learning-based analysis

    Appears in:
    sesa 22(30): 3

    Authors:
    Yang Lu, Shujun Li, Alex Freitas, Athina Ioannou

    Published:
    16th Aug 2022

    Abstract:
    INTRODUCTION: Many online services use data-sharing nudges to solicit personal data from their customers for personalized services. OBJECTIVES: This study aims to study people’s privacy preferences in sharing different types of personal data under different nudging conditions, how digital nudging …INTRODUCTION: Many online services use data-sharing nudges to solicit personal data from their customers for personalized services.
    OBJECTIVES: This study aims to study people’s privacy preferences in sharing different types of personal data under different nudging conditions, how digital nudging can change their data sharing willingness, and if people’s data sharing preferences can be predicted using their responses to a questionnaire.
    METHODS: This paper reports a machine learning-based analysis on people’s privacy preference patterns under four different data-sharing nudging conditions (without nudging, monetary incentives, non-monetary incentives, and privacy assurance). The analysis is based on data collected from 685 UK residents who participated in a panel survey. Their self-reported willingness levels towards sharing 23 different types of personal data were analyzed by using both unsupervised (clustering) and supervised (classification) machine learning algorithms.
    RESULTS: The results led to a better understanding of people’s privacy preference patterns across different data-sharing nudging conditions, e.g., our participants’ preferences are distributed in a space of 48 possible profiles more sparsely than we expected, and the unexpected observation that all the three data-sharing nudging strategies led to an overall negative effect: they led to a reduced level of self-reported willingness for more participants, comparing with the case of no nudging at all. Our experiments with supervised machine learning models also showed that people’s privacy (data-sharing) preference profiles can be automatically predicted with a good accuracy, even when a small questionnaire with just seven questions is used.
    CONCLUSION: Our work revealed a more complicated structure of people’s privacy preference profiles, which have some dependencies on the type of data nudging and the type of personal data shared. Such complicated privacy preference profiles can be effectively analyzed using machine learning methods, including automatic prediction based on a small questionnaire. The negative results on the overall effect of different data-sharing nudges imply that service providers should consider if and how to use such mechanisms to incentivise their consumers to share personal data. We believe that more consumer-centric and transparent methods and tools should be used to help improve trust between consumers and service providers.
    more »

  • A Systemic Security and Privacy Review: Attacks and Prevention Mechanisms over IOT Layers

    Appears in:
    sesa 22(30): 5

    Authors:
    Muhammad Shoaib Akhtar, Tao Feng

    Published:
    5th Aug 2022

    Abstract:
    In this contemporary era internet of things are used in every realm of life. Recent software’s (e.g., vehicle networking, smart grid, and wearable) are established in result of its use: furthermore, as development, consolidation, and revolution of varied ancient areas (e.g., medical and automotive)…In this contemporary era internet of things are used in every realm of life. Recent software’s (e.g., vehicle networking, smart grid, and wearable) are established in result of its use: furthermore, as development, consolidation, and revolution of varied ancient areas (e.g., medical and automotive). The number of devices connected in conjunction with the ad-hoc nature of the system any exacerbates the case. Therefore, security and privacy has emerged as a big challenge for the IoT. This paper provides an outline of IoT security attacks on Three-Layer Architecture: Three-layer such as application layer, network layer, perception layer/physical layer and attacks that are associated with these layers will be discussed. Moreover, this paper will provide some possible solution mechanisms for such attacks. The aim is to produce a radical survey associated with the privacy and security challenges of the IoT. This paper addresses these challenges from the attitude of technologies and design used. The objective of this paper is to rendering possible solution for various attacks on different layers of IoT architecture. It also presents comparison based on reviewing multiple solutions and defines the best one solution for a specific attack on particular layer.
    more »

  • Mitigating Vulnerabilities in Closed Source Software

    Appears in:
    sesa 22(30): 4

    Authors:
    Zhen Huang, Gang Tan, Xiaowei Yu

    Published:
    4th Aug 2022

    Abstract:
    Many techniques have been proposed to harden programs with protection mechanisms to defend against vulnerability exploits. Unfortunately the vast majority of them cannot be applied to closed source software because they require access to program source code. This paper presents our work on automati…Many techniques have been proposed to harden programs with protection mechanisms to defend against vulnerability exploits. Unfortunately the vast majority of them cannot be applied to closed source software because they require access to program source code. This paper presents our work on automatically hardening binary code with security workarounds, a protection mechanism that prevents vulnerabilities from being triggered by disabling vulnerable code. By working solely with binary code, our approach is applicable to closed source software. To automatically synthesize security workarounds, we develop binary program analysis techniques to identify existing error handling code in binary code, synthesize security workarounds in the form of binary code, and instrument security workarounds into binary programs. We designed and implemented a prototype or our approach for Windows and Linux binary programs. Our evaluation shows that our approach can apply security workarounds to an average of 69.3% of program code and the security workarounds successfully prevents exploits to trigger real-world vulnerabilities.
    more »

  • Comparing Online Surveys for Cybersecurity: SONA and MTurk

    Appears in:
    sesa 22(30): 2

    Authors:
    Anne Wagner, Anna Bakas, Shelia Kennison, Eric Chan-Tin

    Published:
    8th Feb 2022

    Abstract:
    People have many accounts and usually need to create a password for each. They tend to create insecure passwords and re-use passwords, which can lead to compromised data. This research examines if there is a link between personality type and password security among a variety of participants in two …People have many accounts and usually need to create a password for each. They tend to create insecure passwords and re-use passwords, which can lead to compromised data. This research examines if there is a link between personality type and password security among a variety of participants in two groups of participants: SONA and MTurk. Each participant in both surveys answered questions based on password security and their personality type. Our results show that participants in the MTurk survey were more likely to choose a strong password and to exhibit better security behaviors and knowledge than participants in the SONA survey. This is mostly attributed to the age difference. However, the distribution of the results was similar for both MTurk and SONA. In the second part of our study, we found that security behaviors actually went down – this could be due to the pandemic or indicative of a need for more regular messaging/training.
    more »

  • Dynamic Risk Assessment and Analysis Framework for Large-Scale Cyber-Physical Systems

    Appears in:
    sesa 22(30): 1

    Authors:
    Adeel A. Malik, Deepak K. Tosh

    Published:
    25th Jan 2022

    Abstract:
    Cyberspace is growing at full tilt creating an amalgamation of disparate systems. This heterogeneity leads to increased system complexity and security flaws. It is crucial to understand and identify these flaws to prevent catastrophic events. However, the current state-of-the-art solutions are thre…Cyberspace is growing at full tilt creating an amalgamation of disparate systems. This heterogeneity leads to increased system complexity and security flaws. It is crucial to understand and identify these flaws to prevent catastrophic events. However, the current state-of-the-art solutions are threat-specific and focus on either risk, vulnerabilities, or adversary emulation. In this work, we present a scalable Cyber-threats and Vulnerability Information Analyzer (CyVIA) framework. CyVIA analyzes cyber risks and abnormalities in real-time using multi-formatted knowledge bases derived from open-source vulnerability databases. CyVIA achieves the following goals: 1) assess the target network for risk and vulnerabilities, 2) map services and policies to network nodes, 3) classify nodes based on severity, and 4) provide consequences, mitigation, and relationships for the found vulnerabilities. We use CyVIA and other tools to examine a simulated network for threats and compare the results.
    more »

  • Device Authentication Codes based on RF Fingerprinting using Deep Learning

    Appears in:
    sesa 21(29): e5

    Authors:
    Joshua Bassey, Xiangfang Li, Lijun Qian

    Published:
    30th Nov 2021

    Abstract:
    In this paper, we propose Device Authentication Code (DAC), a novel method for authenticating IoT devices with wireless interface, by exploiting their radio frequency (RF) signatures. The proposed DAC is based on RF fingerprinting, an information-theoretic method, feature learning, and the discrim…In this paper, we propose Device Authentication Code (DAC), a novel method for authenticating IoT devices
    with wireless interface, by exploiting their radio frequency (RF) signatures. The proposed DAC is based on RF fingerprinting, an information-theoretic method, feature learning, and the discriminatory power of deep learning. Specifically, an autoencoder is used to automatically extract features from the RF traces and the reconstruction error is used as the DAC, and this DAC is unique to each individual device. Then Kolmogorov-Smirnov (K-S) test is used to match the distribution of the reconstruction error generated by the receiver and the DAC in the received message, and the result will determine whether the device of interest is an intruder. We validate this concept on two experimentally collected RF traces from six ZigBee devices and five universal software defined radio peripheral devices, respectively. The traces span a range of Signal-to-Noise Ratio by varying locations, mobility of the devices, channel interference, and noise to ensure robustness of
    the model. Experimental results demonstrate that DAC is able to prevent device impersonation by extracting salient features that are unique to each wireless device of interest and can be used to identify radio frequency devices. Furthermore, the proposed method does not need the RF traces of the intruder during model training to be able to identify devices not seen during training, which makes it practical.
     more »

  • FedADMP: A Joint Anomaly Detection and Mobility Prediction Framework via Federated Learning

    Appears in:
    sesa 21(29): e4

    Authors:
    Zezhang Yang, Jian Li, Ping Yang

    Published:
    21st Oct 2021

    Abstract:
    With the proliferation of mobile devices and smart cameras, detecting anomalies and predicting their mobility are critical for enhancing safety in ubiquitous computing systems. Due to data privacy regulations and limited communication bandwidth, it is infeasible to collect, transmit, and store all …With the proliferation of mobile devices and smart cameras, detecting anomalies and predicting their mobility are critical for enhancing safety in ubiquitous computing systems. Due to data privacy regulations and limited communication bandwidth, it is infeasible to collect, transmit, and store all data from mobile devices at a central location. To overcome this challenge, we propose FedADMP, a federated learning based joint Anomaly Detection and Mobility Prediction framework. FedADMP adaptively splits the training process between the server and clients to reduce computation loads on clients. To protect the privacy of user data, clients in FedADMP upload only intermediate model parameters to the cloud server. We also develop a differential privacy method to prevent the cloud server and external attackers from inferring private information during the model upload procedure. Extensive experiments using real-world datasets show that FedADMP consistently outperforms existing methods.
     more »

  • A Comprehensive Survey on Intrusion Detection based Machine Learning for IoT Networks

    Appears in:
    sesa 21(29): e3

    Authors:
    Hela Mliki, Abir Hadj Kaceam, Lamia Chaari

    Published:
    6th Oct 2021

    Abstract:
    The Internet of things (IoT) is a new ubiquitous technology that relies on heterogeneous devices and protocols. The IoT technologies are expected to offer a new level of connectivity thanks to its smart devices able to enhance everyday tasks and facilitate smart decisions based on sensed data. Th…The Internet of things (IoT) is a new ubiquitous technology that relies on heterogeneous devices and protocols.
    The IoT technologies are expected to offer a new level of connectivity thanks to its smart devices able to
    enhance everyday tasks and facilitate smart decisions based on sensed data. The IoT could collect sensitive
    data and should be able to face attacks and privacy issues. The IoT security issue is a hot topic of research
    and industrial concern. Indeed, threats against IoT devices and services could cause security breaches and
    data leakage. Aiming to identify attempts to abuse the IoT systems and mitigate malicious events, this paper
    studied the Intrusion Detection Systems (IDS) based on Machine Learning (ML) techniques. The ML approach
    could provide good tools to detect novel intrusion activities in a timely manner. This paper, therefore,
    highlighted the related issues to develop secured and efficient IoT services. It tried to allow a comprehensive
    review of IoT features and design. It mainly focused on intrusion detection based on the machine learning
    schema and built a taxonomy of different IoT attacks and threats. This paper also compared between the
    different intrusion detection techniques and established a taxonomy of machine leaning methods for intrusion
    detection solutions.
     more »

  • Leveraging attention-based deep neural networks for security vetting of Android applications

    Appears in:
    sesa 21(29): e2

    Authors:
    Prabesh Pathak, Prabesh Poudel, Sankardas Roy, Doina Caragea

    Published:
    27th Sep 2021

    Abstract:
    Many traditional machine learning and deep learning algorithms work as a black box and lack interpretability. Attention-based mechanisms can be used to address the interpretability of such models by providing insights into the features that a model uses to make its decisions. Recent success of atte…Many traditional machine learning and deep learning algorithms work as a black box and lack interpretability. Attention-based mechanisms can be used to address the interpretability of such models by providing insights into the features that a model uses to make its decisions. Recent success of attention-based mechanisms in natural language processing motivates us to apply the idea for security vetting of Android apps. An Android app’s code contains API-calls that can provide clues regarding the malicious or benign nature of an app. By observing the pattern of the API-calls being invoked, we can interpret the predictions of a model trained to separate benign apps from malicious apps. In this paper, using the attention mechanism, we aim to find the API-calls that are predictive with respect to the maliciousness of Android apps. More specifically, we target to identify a set of API-calls that malicious apps exploit, which might help the community discover new signatures of malware. In our experiment, we work with two attention-based models: Bi-LSTM Attention
    and Self-Attention. Our classification models achieve high accuracy in malware detection. Using the attention weights, we also extract the top 200 API-calls (that reflect the malicious behavior of the apps) from each of these two models, and we observe that there is significant overlap between the top 200 API-calls identified by the two models. This result increases our confidence that the top 200 API-calls can be used to improve the interpretability of the models.
     more »

  • Binary Code Similarity Detection through LSTM and Siamese Neural Network

    Appears in:
    sesa 21(29): e1

    Authors:
    Zhengping Luo, Tao Hou, Xiangrong Zhou, Hui Zeng, Zhuo Lu

    Published:
    14th Sep 2021

    Abstract:
    Given the fact that many software projects are closed-source, analyzing security-related vulnerabilities at the binary level is quintessential to protect computer systems from attacks of malware. Binary code similarity detection is a potential solution for detecting malware from the binaries genera…Given the fact that many software projects are closed-source, analyzing security-related vulnerabilities at the binary level is quintessential to protect computer systems from attacks of malware. Binary code similarity detection is a potential solution for detecting malware from the binaries generated by the processor. In this paper, we proposed a malware detection mechanism based on the binaries using machine learning techniques. Through utilizing the Recurrent Neural Network (RNN), more specifically Long Short-Term Memory (LSTM) network, we generate the uniformed feature embedding of each binary file and further take advantage of the Siamese Neural Network to compute the similarity measure of the extracted features. Therefore, the security risks of the software projects can be evaluated through the similarity measure of the corresponding binaries with existing trained malware. Our real-world experimental results demonstrate a convincing performance in
    distinguishing out the outliers, and achieved slightly better performance compared with existing state-of-the-art methods.
     more »

  • A Deep Learning Approach for Network Intrusion Detection System

    Appears in:
    sesa 16(9): e2

    Authors:
    Ahmad Javaid, Quamar Niyaz, Weiqing Sun, Mansoor Alam

    Downloads:
    19827

    Abstract:
    A Network Intrusion Detection System (NIDS) helps system administrators to detect network security breaches in their organizations. However, many challenges arise while developing a flexible and efficient NIDS for unforeseen and unpredictable attacks. We propose a deep learning based approach for…A Network Intrusion Detection System (NIDS) helps system administrators to detect network security breaches in
    their organizations. However, many challenges arise while
    developing a flexible and efficient NIDS for unforeseen and unpredictable attacks. We propose a deep learning based approach for developing such an efficient and flexible NIDS.
    We use Self-taught Learning (STL), a deep learning based technique, on NSL-KDD - a benchmark dataset for network
    intrusion. We present the performance of our approach and compare it with a few previous work. Compared metrics include accuracy, precision, recall, and f-measure values.
     more »

  • Mouse Underlaying: Global Key and Mouse Listener Based on an Almost Invisible Window with Local Listeners and Sophisticated Focus

    Appears in:
    sesa 18(15): e5

    Author:
    Tim Niklas Witte

    Downloads:
    15319

    Abstract:
    Keyloggers are serious threats for computer users both private and commercial. If an attacker is capable of installing this malware on the victim’s machine then he or she is able to monitor keystrokes of a user. This keylog contains login information. As a consequence, protection and detection tech…Keyloggers are serious threats for computer users both private and commercial. If an attacker is capable of installing this malware on the victim’s machine then he or she is able to monitor keystrokes of a user. This keylog contains login information. As a consequence, protection and detection techniques against keyloggers become increasingly better. This article presents the method of Mouse Underlaying for creating a new kind of software based keyloggers. This method is implemented in Java for testing countermeasures concerning keylogger protection, virtual keyboard, signatures and behavior detection by anti-virus programs. Products of various manufacturers are used for demonstration purposes. All of them failed without an exception. In addition, the reasons why these products failed are analyzed, and moreover, measures against Mouse Underlaying are developed based on the demonstration results.
     more »

  • Threats, Countermeasures and Attribution of Cyber Attacks on Critical Infrastructures

    Appears in:
    sesa 18(16): e1

    Authors:
    Leandros Maglaras, Mohamed Amine Ferrag, Abdelouahid Derhab, Mithun Mukherjee, Helge Janicke, Stylianos Rallis

    Downloads:
    5585

    Abstract:
    As Critical National Infrastructures are becoming more vulnerable to cyber attacks, their protection becomes a significant issue for any organization as well as a nation. Moreover, the ability to attribute is a vital element of avoiding impunity in cyberspace. In this article, we present main threat…As Critical National Infrastructures are becoming more vulnerable to cyber attacks, their protection becomes a significant issue for any organization as well as a nation. Moreover, the ability to attribute is a vital element of avoiding impunity in cyberspace. In this article, we present main threats to critical infrastructures along with protective measures that one nation can take, and which are classified according to legal, technical, organizational, capacity building, and cooperation aspects. Finally we provide an overview of current methods and practices regarding cyber attribution and cyber peace keeping.
     more »

  • Evaluation of Cryptography Usage in Android Applications

    Appears in:
    sesa 16(9): e4

    Authors:
    Alexia Chatzikonstantinou, Christoforos Ntantogian, Georgios Karopoulos, Christos Xenakis

    Downloads:
    4907

    Abstract:
    Mobile application developers are using cryptography in their products to protect sensitive data like passwords, short messages, documents etc. In this paper, we study whether cryptography and related techniques are employed in a proper way, in order to protect these private data. To this end, we d…Mobile application developers are using cryptography in their products to protect sensitive data like passwords, short messages, documents etc. In this paper, we study whether cryptography and related techniques are employed in a proper way, in order to protect these private data. To this end, we downloaded 49 Android applications from the Google Play marketplace and performed static and dynamic analysis in an attempt to detect possible cryptographic misuses. The results showed that 87.8% of the applications present some kind of misuse, while for the rest of them no cryptography usage was detected during the analysis. Finally, we suggest countermeasures, mainly intended for developers, to alleviate the issues identified by the analysis.
     more »

  • Threat Modeling for Cloud Infrastructures

    Appears in:
    sesa 18(17): e5

    Authors:
    Nawaf Alhebaishi, Lingyu Wang, Anoop Singhal

    Downloads:
    4772

    Abstract:
    Today’s businesses are increasingly relying on the cloud as an alternative IT solution due to its flexibility and lower cost. Compared to traditional enterprise networks, a cloud infrastructure is typically much larger and more complex. Understanding the potential security threats in such infrastruc…Today’s businesses are increasingly relying on the cloud as an alternative IT solution due to its flexibility and lower cost. Compared to traditional enterprise networks, a cloud infrastructure is typically much larger and more complex. Understanding the potential security threats in such infrastructures is naturally more challenging than in traditional networks. This is evidenced by the fact that there are limited efforts on threat modeling for cloud infrastructures. In this paper, we conduct comprehensive threat modeling exercises based on two representative cloud infrastructures using several popular threat modeling methods, including attack surface, attack trees, attack graphs, and security metrics based on attack trees and attack graphs, respectively. Those threat modeling efforts may provide cloud providers useful lessons toward better understanding and improving the security of their cloud infrastructures. In addition, we show how hardening solution can be applied based on the threat models and security metrics through extended exercises. Such results may not only benefit the cloud provider but also embed more confidence in cloud tenants by providing them a clearer picture of the potential threats and mitigation solutions.
     more »

  • A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN)

    Appears in:
    sesa 17(12): e2

    Authors:
    Quamar Niyaz, Weiqing Sun, Ahmad Y. Javaid

    Downloads:
    3057

    Abstract:
    Distributed Denial of Service (DDoS) is one of the most prevalent attacks that an organizational network infrastructure comes across nowadays. Poor network management, low-priced Internet subscriptions, and readily available attack tools can be attributed to their rise. The recently emerged softwar…Distributed Denial of Service (DDoS) is one of the most prevalent attacks that an organizational network infrastructure comes across nowadays. Poor network management, low-priced Internet subscriptions, and readily available attack tools can be attributed to their rise. The recently emerged software-defined networking (SDN) and deep learning (DL) concepts promise to revolutionize their respective domains. SDN keeps the global view of the entire managed the network from a single point, i.e., the controller, thus making the network management easier. DL-based approaches improve feature extraction/reduction from a high-dimensional dataset such as network traffic headers. This work proposes a deep learning based multi-vector DDoS detection system in an SDN environment. The detection system is implemented as a network application on top of the SDN controller and can monitor the managed network traÿc. Performance evaluation is based on different metrics by applying the system on traÿc traces collected from different scenarios. A high accuracy with low false-positive rate is observed in attack detection for the proposed system.
     more »

  • Forget the Myth of the Air Gap: Machine Learning for Reliable Intrusion Detection in SCADA Systems

    Appears in:
    sesa 19(19): e3

    Authors:
    Rocio Lopez Perez, Florian Adamsky, Ridha Soua, Thomas Engel

    Downloads:
    2760

    Abstract:
    Since Critical Infrastructures (CIs) use systems and equipment that are separated by long distances, Supervisory Control And Data Acquisition (SCADA) systems are used to monitor their behaviour and to send commands remotely. For a long time, operator of CIs applied the air gap principle, a security…Since Critical Infrastructures (CIs) use systems and equipment that are separated by long distances, Supervisory Control And Data Acquisition (SCADA) systems are used to monitor their behaviour and to send commands remotely. For a long time, operator of CIs applied the air gap principle, a security strategy that physically isolates the control network from other communication channels. True isolation, however, is difficult nowadays due to the massive spread of
    connectivity: using open protocols and more connectivity opens new network attacks against CIs. To cope with this dilemma, sophisticated security measures are needed to address malicious intrusions, which are steadily increasing in number and
    variety. However, traditional Intrusion Detection Systems (IDSs) cannot detect attacks that are not already present in their databases. To this end, we assess in this paper Machine Learning (ML) techniques for anomaly detection in SCADA systems
    using a real data set collected from a gas pipeline system and provided by the Mississippi State University (MSU). The contribution of this paper is two-fold: 1) The evaluation of four techniques for missing data estimation and two techniques for data normalization, 2) The performances of Support Vector Machine (SVM), Random Forest (RF), Bidirectional Long
    Short Term Memory (BLSTM) are assessed in terms of accuracy, precision, recall and F1 score for intrusion detection. Two cases are differentiated: binary and categorical classifications. Our experiments reveal that RF and BLSTM detect intrusions effectively, with an F1 score of respectively > 99% and > 96%.
     more »

  • A V2X Message Evaluation Methodology and Cross-Domain Modelling of Safety Applications in V2X-enabled E/E-Architectures

    Appears in:
    sesa 16(8): e1

    Authors:
    Harald Bucher, Marius-Florin Buciuman, Alexander Klimm, Oliver Sander, Jürgen Becker

    Downloads:
    2673

    Abstract:
    The introduction of Vehicular Ad-Hoc Networks (VANETs) enables great potential for improving road traffic flow and especially active safety applications such as cooperative adaptive cruise control (CACC). Such applications not only rely on continuous broadcast of vehicle state information (beacons)…The introduction of Vehicular Ad-Hoc Networks (VANETs) enables great potential for improving road traffic flow and especially active safety applications such as cooperative adaptive cruise control (CACC). Such applications not only rely on continuous broadcast of vehicle state information (beacons) of all vehicles, but also have strict real-time requirements. Regarding automotive E/E architectures this continuous broadcasting adds heavy internal E/E data traffic that needs to be processed in real-time by Electronic Control Units (ECUs).
    In this work we address this issue by proposing a novel cluster-based message evaluation methodology to significantly reduce internal E/E network traffic by discarding irrelevant messages. The approach is only depending on information received over beacons. It combines a vehicle clustering strategy as well as network and vehicle state monitoring capabilities in order to correctly evaluate messages under real-time constraints. The proposed methodology is modeled inside an abstract ECU. It is evaluated by simulating a model-based CACC application under different traffic scenarios. It is shown that a significant reduction of messages is achievable, while still guaranteeing accident-free behavior of CACC.
     more »

  • Reviewing the book “Principles of Cyber-physical Systems” from a security perspective

    Appears in:
    sesa 15(4): e6

    Authors:
    Minghui Zhu, Peng Liu

    Downloads:
    2570

    Abstract:
    This is a review of the book “Principles of Cyber-physical Systems” authored by Rajeev Alur and published by the MIT Press at 2015.This is a review of the book “Principles of Cyber-physical Systems” authored by Rajeev Alur and published by the MIT Press at 2015.
     more »

  • ITFComp: A Compression Algorithm for ARM Architecture Instruction Trace Files

    Appears in:
    sesa 16(8): e2

    Authors:
    Mohammad Qasem, Lukas Pustina

    Downloads:
    2177

    Abstract:
    Testing the performance of a new computational component is costly due to the need of prototyping different setups. Therefore, trace driven hardware simulations are used. Instruction Trace Files (ITFs) are files containing traces of executed instructions in a program's run and are used as an input …Testing the performance of a new computational component is costly due to the need of prototyping different setups. Therefore, trace driven hardware simulations are used. Instruction Trace Files (ITFs) are files containing traces of executed instructions in a program's run and are used as an input for hardware simulations. ITFs tend to be large in size, causing a storage challenge. Many trace reduction techniques exist to deal with the ITFs' storage challenge. In this paper we introduce ITFComp, a compression algorithm that combines general purpose compression methods with knowledge about ARM architecture ITFs' structure to reduce their size. ITFComp also works on compressing data memory addresses accessed by instructions within ITFs to further reduce an ITF size. Results show a reduction of 600 times on average when combined with LZMA compression algorithm. This reduction is 4 times better than when using LZMA alone, and 10 times better than when using DEFLATE. ITFComp introduces a negligible overhead in the decompression time (less than 1%).
     more »
Publisher
EAI
ISSN
2032-9393
Number of Volumes
8
Last Published
2022-08-05