1,033 research outputs found
Recommended from our members
Analysis of operating system diversity for intrusion tolerance
One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct behavior in the presence of attacks and intrusions. These security gains are directly dependent on the components exhibiting failure diversity. To what extent failure diversity is observed in practical deployment depends on how diverse are the components that constitute the system. In this paper, we present a study with operating system's (OS's) vulnerability data from the NIST National Vulnerability Database (NVD). We have analyzed the vulnerabilities of 11 different OSs over a period of 18 years, to check how many of these vulnerabilities occur in more than one OS. We found this number to be low for several combinations of OSs. Hence, although there are a few caveats on the use of NVD data to support definitive conclusions, our analysis shows that by selecting appropriate OSs, one can preclude (or reduce substantially) common vulnerabilities from occurring in the replicas of the intrusion-tolerant system
SPIRT: A Fault-Tolerant and Reliable Peer-to-Peer Serverless ML Training Architecture
The advent of serverless computing has ushered in notable advancements in
distributed machine learning, particularly within parameter server-based
architectures. Yet, the integration of serverless features within peer-to-peer
(P2P) distributed networks remains largely uncharted. In this paper, we
introduce SPIRT, a fault-tolerant, reliable, and secure serverless P2P ML
training architecture. designed to bridge this existing gap.
Capitalizing on the inherent robustness and reliability innate to P2P
systems, SPIRT employs RedisAI for in-database operations, leading to an 82\%
reduction in the time required for model updates and gradient averaging across
a variety of models and batch sizes. This architecture showcases resilience
against peer failures and adeptly manages the integration of new peers, thereby
highlighting its fault-tolerant characteristics and scalability. Furthermore,
SPIRT ensures secure communication between peers, enhancing the reliability of
distributed machine learning tasks. Even in the face of Byzantine attacks, the
system's robust aggregation algorithms maintain high levels of accuracy. These
findings illuminate the promising potential of serverless architectures in P2P
distributed machine learning, offering a significant stride towards the
development of more efficient, scalable, and resilient applications
A critical review of cyber-physical security for building automation systems
Modern Building Automation Systems (BASs), as the brain that enables the
smartness of a smart building, often require increased connectivity both among
system components as well as with outside entities, such as optimized
automation via outsourced cloud analytics and increased building-grid
integrations. However, increased connectivity and accessibility come with
increased cyber security threats. BASs were historically developed as closed
environments with limited cyber-security considerations. As a result, BASs in
many buildings are vulnerable to cyber-attacks that may cause adverse
consequences, such as occupant discomfort, excessive energy usage, and
unexpected equipment downtime. Therefore, there is a strong need to advance the
state-of-the-art in cyber-physical security for BASs and provide practical
solutions for attack mitigation in buildings. However, an inclusive and
systematic review of BAS vulnerabilities, potential cyber-attacks with impact
assessment, detection & defense approaches, and cyber-secure resilient control
strategies is currently lacking in the literature. This review paper fills the
gap by providing a comprehensive up-to-date review of cyber-physical security
for BASs at three levels in commercial buildings: management level, automation
level, and field level. The general BASs vulnerabilities and protocol-specific
vulnerabilities for the four dominant BAS protocols are reviewed, followed by a
discussion on four attack targets and seven potential attack scenarios. The
impact of cyber-attacks on BASs is summarized as signal corruption, signal
delaying, and signal blocking. The typical cyber-attack detection and defense
approaches are identified at the three levels. Cyber-secure resilient control
strategies for BASs under attack are categorized into passive and active
resilient control schemes. Open challenges and future opportunities are finally
discussed.Comment: 38 pages, 7 figures, 6 tables, submitted to Annual Reviews in Contro
Towards a Secure and Resilient Vehicle Design: Methodologies, Principles and Guidelines
The advent of autonomous and connected vehicles has brought new cyber security challenges to the automotive industry. It requires vehicles to be designed to remain dependable in the occurrence of cyber-attacks. A modern vehicle can contain over 150 computers, over 100 million lines of code, and various connection interfaces such as USB ports, WiFi, Bluetooth, and 4G/5G. The continuous technological advancements within the automotive industry allow safety enhancements due to increased control of, e.g., brakes, steering, and the engine. Although the technology is beneficial, its complexity has the side-effect to give rise to a multitude of vulnerabilities that might leverage the potential for cyber-attacks. Consequently, there is an increase in regulations that demand compliance with vehicle cyber security and resilience requirements that state vehicles should be designed to be resilient to cyber-attacks with the capability to detect and appropriately respond to these attacks. Moreover, increasing requirements for automotive digital forensic capabilities are beginning to emerge. Failures in automated driving functions can be caused by hardware and software failures as well as cyber security issues. It is imperative to investigate the cause of these failures. However, there is currently no clear guidance on how to comply with these regulations from a technical perspective.In this thesis, we propose a methodology to predict and mitigate vulnerabilities in vehicles using a systematic approach for security analysis; a methodology further used to develop a framework ensuring a resilient and secure vehicle design concerning a multitude of analyzed vehicle cyber-attacks. Moreover, we review and analyze scientific literature on resilience techniques, fault tolerance, and dependability for attack detection, mitigation, recovery, and resilience endurance. These techniques are then further incorporated into the above-mentioned framework. Finally, to meet requirements to hastily and securely patch the increasing number of bugs in vehicle software, we propose a versatile framework for vehicle software updates
An Agent-Based Intrusion Detection System for Local Area Networks
Since it is impossible to predict and identify all the vulnerabilities of a
network beforehand, and penetration into a system by malicious intruders cannot
always be prevented, intrusion detection systems (IDSs) are essential entities
to ensure the security of a networked system. To be effective in carrying out
their functions, the IDSs need to be accurate, adaptive, and extensible. Given
these stringent requirements and the high level of vulnerabilities of the
current days' networks, the design of an IDS has become a very challenging
task. Although, an extensive research has been done on intrusion detection in a
distributed environment, distributed IDSs suffer from a number of drawbacks
e.g., high rates of false positives, low detection efficiency etc. In this
paper, the design of a distributed IDS is proposed that consists of a group of
autonomous and cooperating agents. In addition to its ability to detect
attacks, the system is capable of identifying and isolating compromised nodes
in the network thereby introducing fault-tolerance in its operations. The
experiments conducted on the system have shown that it has a high detection
efficiency and low false positives compared to some of the currently existing
systems.Comment: 13 pages, 5 figures, 2 table
Byzantine-Resilient Federated Learning with Heterogeneous Data Distribution
For mitigating Byzantine behaviors in federated learning (FL), most
state-of-the-art approaches, such as Bulyan, tend to leverage the similarity of
updates from the benign clients. However, in many practical FL scenarios, data
is non-IID across clients, thus the updates received from even the benign
clients are quite dissimilar. Hence, using similarity based methods result in
wasted opportunities to train a model from interesting non-IID data, and also
slower model convergence. We propose DiverseFL to overcome this challenge in
heterogeneous data distribution settings. Rather than comparing each client's
update with other client updates to detect Byzantine clients, DiverseFL
compares each client's update with a guiding update of that client. Any client
whose update diverges from its associated guiding update is then tagged as a
Byzantine node. The FL server in DiverseFL computes the guiding update in every
round for each client over a small sample of the client's local data that is
received only once before start of the training. However, sharing even a small
sample of client's data with the FL server can compromise client's data privacy
needs. To tackle this challenge, DiverseFL creates a Trusted Execution
Environment (TEE)-based enclave to receive each client's sample and to compute
its guiding updates. TEE provides a hardware assisted verification and
attestation to each client that its data is not leaked outside of TEE. Through
experiments involving neural networks, benchmark datasets and popular Byzantine
attacks, we demonstrate that DiverseFL not only performs Byzantine mitigation
quite effectively, it also almost matches the performance of OracleSGD, where
the server only aggregates the updates from the benign clients
Secure Federated Learning against Model Poisoning Attacks via Client Filtering
Given the distributed nature, detecting and defending against the backdoor
attack under federated learning (FL) systems is challenging. In this paper, we
observe that the cosine similarity of the last layer's weight between the
global model and each local update could be used effectively as an indicator of
malicious model updates. Therefore, we propose CosDefense, a
cosine-similarity-based attacker detection algorithm. Specifically, under
CosDefense, the server calculates the cosine similarity score of the last
layer's weight between the global model and each client update, labels
malicious clients whose score is much higher than the average, and filters them
out of the model aggregation in each round. Compared to existing defense
schemes, CosDefense does not require any extra information besides the received
model updates to operate and is compatible with client sampling. Experiment
results on three real-world datasets demonstrate that CosDefense could provide
robust performance under the state-of-the-art FL poisoning attack
- …