Results 1 - 10 of 67
Results 1 - 10 of 67. Search took: 0.015 seconds
|Sort by: date | relevance|
[en] The SIP (Session Initiation Protocol) is an application and presentation layer signaling protocol used for initiating, continuing and terminating multimedia session for the end user. It gains much attention of the researchers because it is exposed to several threats and noticed challenging vulnerabilities from time to time. Consequently, the security of SIP is a crucial task and many efforts have been made by different researchers and tried to divert the attention towards its solution. But still, no one claims with conviction about a foolproof secure mechanism for SIP. As users extensively use SIP services, the mutual authentication and key agreement among the participants is an important issue. So, robust authentication and key agreement scheme are mandatory for enhancing security, legitimacy and better complexities. Therefore, we present an improved three-factor authentication scheme that caters all the weakness and known attacks in Mishra et al. scheme. The proposed scheme not only guarantees for security but performance can also be made lightweight. As performance and security contradict each other, the change in one inversely affects the other. The proposed scheme has been analyzed both formally using BAN (Burrows-Abadi-Needham) logic and ProVerif1.93 software verification toolkit, and informally using assumptions which show a delicate balance of security with performance. (author)
[en] IT/OT convergence brings significant benefits but poses challenges as well, especially regarding how to assure IT (cyber) security in the OT world. In this paper, we take a lifecycle perspective to systematically analyze the challenges to building IT security into OT environments. Based on that, we present strategies and new research proposals for addressing some identified gaps. (author)
[en] Nowadays, there are a lot of defense mechanisms to secure IT-systems against Cyber attacks. Thus, Cyber attacks have to be more sophisticated than they used to be in order to stay undetected as long as possible and to bypass defense mechanisms. As a result, current threats frequently use steganographic techniques to hide malicious functions in a harmless looking carrier. In  an attack for Siemens S7 Sirnatic Programmable Logic Controllers (PLCs) is presented, where the control logic of the PLC is modified while the source code which the PLC presents the engineering station is retained. As a result, the PLCs functionality is different from the control logic presented to the engineering station. Furthermore, steganographic techniques are frequently used to hide information in media files.
[en] This paper focuses on the response to computer intrusions which could deeply affect the safe and stable operation of Nuclear Power Plants (NPPs) via the digital Instrumentation and Control (I&C) system. The I&C system of a modern NPP usually consists of sensors, transmitters, actuators and digital control equipment. It takes measurements of the nuclear reaction and thermal process, monitors key parameters of equipment, and makes automatic adjustments to the plant operation. The computer attacks on the I&C system of NPPs may cause the release of radioactivity, thus turn a computer security incident into a nuclear and radiation incident. The current computer security approaches from information systems are often inadequate or inapplicable in addressing challenges associate with digital I&C systems. The computer attacks on the I&C systems not only affect the cyber space of I&C systems, but also could cause negative effects on the physical world, including the abnormal change of process states, the malfunction of equipment or systems, or even the accident condition of the reactor. The proposed the intrusion-tolerant control paradigm is a cyber-physical response approach which supports the maintenance of system functions during computer attack incidents. It assures that the whole system remains operational against the computer attacks. It will take advantages of I&C systems of NPPs, such as redundancy components, diverse attribute designs. (author)
[en] In this paper, we investigate the group consensus for leaderless multi-agent systems. The group consensus protocol based on the position information from neighboring agents is designed. The network may be subjected to frequent cyber-attacks, which is close to an actual case. The cyber-attacks are assumed to be recoverable. By utilizing algebraic graph theory, linear matrix inequality (LMI) and Lyapunov stability theory, the multi-agent systems can achieve group consensus under the proposed control protocol. The sufficient conditions of the group consensus for the multi-agent networks subjected to cyber-attacks are given. Furthermore, the results are extended to the consensus issue of multiple subgroups with cyber-attacks. Numerical simulations are performed to demonstrate the effectiveness of the theoretical results. (paper)
[en] Cyber-physical systems are engineered systems that integrate physical processes and computational resources. But, by integrating cyber and physical worlds, the physical assets are vulnerable to cyber-attack. Two things are of importance for the security of cyber-physical assets: access to control inputs by the attacker, and the ability of an attacker to mask inputs. This combination of attacker control and masking measurements can allow an attacker to cause significant damage to a system while remaining undetected. By masking certain measurement signals, an attacker may affect the observability of the system and create a condition where part of the state space is unobservable, meaning that it is impossible to reconstruct those states. This is called an observability attack. This paper presents a technique for analyzing observability attacks. How an attacker can design an attack to maximize the impact on the unobservable states while minimizing the possibility of detection is discussed. Criteria for maintaining a stealthy attack are given, and a design method is provided. For a nuclear balance of plant system, combinations of sensor omissions are analyzed to find an observability attack with maximum impact and minimum detection. An appropriate attack input signal is created, an attack is simulated, and the system response is shown.
[en] Ensuring the security of nuclear facilities is a critical element in preventing theft of nuclear materials and sabotage that could result in a radiological release. While the international community has traditionally focused on improving physical security to prevent these outcomes by investing in the “guns, guards, and gates” trifecta, a newer threat has gained attention: the cyber threat. A cyber-attack perpetrated by a terrorist group on a nuclear facility could have physical consequences leading to either an act of theft or sabotage. This threat presents new challenges to facility operators as well as national authorities. Given the increasing reliance upon digital controls, it is expected that these challenges will only continue to grow. A security lapse at a nuclear facility leading to theft of nuclear material or a catastrophic radiological release would have global implications—an incident anywhere would have consequences everywhere, and would cast doubt on industry-wide security practices. Therefore, all countries must have effective cybersecurity measures in place. Currently, government authorities and facility operators are struggling to keep pace with this new threat, battling issues such as high costs, bureaucratic inertia, highly complex systems, cultures of compliance, and a shortage of demonstrably qualified personnel. National and international guidance has evolved over the past year, but not quickly enough to address the growing gap between attacker and defender capabilities in cyberspace. Recognizing that the growing sophistication of cyber threats increasingly taxes the capabilities of governments, national regulators, and facility operators around the world, the Nuclear Threat Initiative (NTI) has concluded that a fresh look at the overarching framework that guides cybersecurity implementation at nuclear facilities is an urgent, necessary precursor to achieving essential progress in this area. Despite valuable ongoing efforts at the national and international level, more must be done. A more effective and perhaps disruptive approach, based on a set of high-level priorities, is critical to getting ahead of this threat. Over the past year, NTI has engaged in conversation with experts and undertaken research to identify and further develop high-level priorities to guide the implementation of cybersecurity at nuclear facilities. Such a framework would be a crucial first step in shaping an international, ambitious, forward-looking global strategy in this area. This paper defines the fundamental priorities that make up this framework while situating them in a broader context of the cyber threat to nuclear facilities and the challenges faced by national authorities and facility operators. (author)
[en] Full text: Nation states depend upon credible national nuclear security regimes for the protection of nuclear and other radioactive material and associated facilities. Physical protection programs play a key role in this paradigm and as such their deployment strategies are subject to ongoing review, assessment and compliance with a variety of both international and domestic regulatory guidelines. International Atomic Energy Agency (IAEA) publications: Nuclear Security Series No. 13, Nuclear Security Recommendations on Physical Protection of Nuclear Material and Nuclear Facilities (INFCIRC225.Rev 5), and Services Series 29, International Physical Protection Advisory Service (IPPAS) Guidelines address cyber security as a key component of a successful physical protection program. This recent inclusion of cyber threat has shown light on the need for nuclear security programs to both address cyber security concerns and continually assess the efficacy of those measures. This paper will step through best of breed cyber self assessment processes for computing systems in critical environments, selecting those methods recommended by international standards bodies and others as prudent in the execution of a facility cyber self assessment with specific attention paid to industrial control, physical protection and other operational technologies. This paper will then take a comprehensive look at the newly created module 5 of IAEA Service Series 29 IPPAS guidance, Computer Security Review, and identify those specific areas in the selfassessment processes and their complementary computer security disciplines necessary to implement a credible cyber self-assessment activity keyed at addressing the areas of concern identified within the IPPAS performer guidance. The intent is to both to inform on the value of the self-assessment process and to provide a usable methodology for the facility staff. Finally, this paper explores the prospect of balancing in house computer security staff with contractual resources in order to implement best practices, successfully protect from cyber attack and to perform effective ongoing validation of computer security elements within the nuclear physical security program. Properly executed, the cyber self-assessment methodology should both provide valuable insight to the facility operator in the identification and elimination of cyber threats, and also prepare the facility to better anticipate the actions or areas explored during execution of the new cyber security module as an integrated component of an actual IAEA IPPAS mission. (author)
[en] Malware attacks are deployed in order to achieve one of the following goals: To disrupt system functionality; To gather sensitive information; To gain access to private data. The top areas that become primary targets for malware to attack are: Availability, Integrity, Confidentiality. Malware forensics is a particular field where the execution and methods of a malware are studied. Malware activity has increased on unprotected mobile devices. Establishing an accurate and ethical approach is critical when assessing security issues. Knowing the method of execution leads to fewer security risks and prevention of future attacks. Our intentions are not to create a new wave of malware attacks, but to study them and point to possible vulnerabilities that can occur. To create a work-flow for desktop computers, the following benchmarks are used: Using an isolated environment, tracing the host processes, using dynamic analysis to isolate the malware and destroy it. The isolated environment will prevent any malignant code from activating and risking the rest of the computers in the vicinity and/or network. Tracing the host processes, will allow us to read the host and user processes, giving us valuable information on the activities of the device. Using dynamic analysis will allow us to manipulate the malware in a number of ways, such as using a debugger to try and change it. We used a virus and a Trojan to infiltrate a desktop computer for the following reasons: A - The virus will inject itself to force data to connect using a port. B - The Trojan will unlock and grant access to an unauthorized port. With the desktop work-flow in place as a systematic approach for mobile applications, we will investigate how to apply the same methods to the mobile devices. We are currently looking into different ways to develop 'friendly' malware to launch on the Android. We will then try to use malignant Windows malware to infect an Android, and using the work-flow try to come to the same conclusion as with the Android and Desktop, separately
[en] Despite the scientific and engineering challenges facing the development of quantum computers, considerable progress is being made toward applying the technology to commercial applications. In this article, we discuss the solutions that some companies are already building using quantum hardware. Framing these as examples of combinatorics problems, we illustrate their application in four industry verticals: cybersecurity, materials and pharmaceuticals, banking and finance, and advanced manufacturing. While quantum computers are not yet available at the scale needed to solve all of these combinatorics problems, we identify three types of near-term opportunities resulting from advances in quantum computing: quantum-safe encryption, material and drug discovery, and quantum-inspired algorithms.