269 research outputs found
Fake-Acknowledgment Attack on ACK-based Sensor Power Schedule for Remote State Estimation
We consider a class of malicious attacks against remote state estimation. A
sensor with limited resources adopts an acknowledgement (ACK)-based online
power schedule to improve the remote state estimation performance. A malicious
attacker can modify the ACKs from the remote estimator and convey fake
information to the sensor. When the capability of the attacker is limited, we
propose an attack strategy for the attacker and analyze the corresponding
effect on the estimation performance. The possible responses of the sensor are
studied and a condition for the sensor to discard ACKs and switch from online
schedule to offline schedule is provided.Comment: submitted to IEEE CDC 201
Three Decades of Deception Techniques in Active Cyber Defense -- Retrospect and Outlook
Deception techniques have been widely seen as a game changer in cyber
defense. In this paper, we review representative techniques in honeypots,
honeytokens, and moving target defense, spanning from the late 1980s to the
year 2021. Techniques from these three domains complement with each other and
may be leveraged to build a holistic deception based defense. However, to the
best of our knowledge, there has not been a work that provides a systematic
retrospect of these three domains all together and investigates their
integrated usage for orchestrated deceptions. Our paper aims to fill this gap.
By utilizing a tailored cyber kill chain model which can reflect the current
threat landscape and a four-layer deception stack, a two-dimensional taxonomy
is developed, based on which the deception techniques are classified. The
taxonomy literally answers which phases of a cyber attack campaign the
techniques can disrupt and which layers of the deception stack they belong to.
Cyber defenders may use the taxonomy as a reference to design an organized and
comprehensive deception plan, or to prioritize deception efforts for a budget
conscious solution. We also discuss two important points for achieving active
and resilient cyber defense, namely deception in depth and deception lifecycle,
where several notable proposals are illustrated. Finally, some outlooks on
future research directions are presented, including dynamic integration of
different deception techniques, quantified deception effects and deception
operation cost, hardware-supported deception techniques, as well as techniques
developed based on better understanding of the human element.Comment: 19 page
Cyber-physical security of a smart grid infrastructure
permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of Carnegie Mellon University's products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to [email protected]. By choosing to view this document, you agree to all provisions of the copyright laws protecting it.INVITE
When Mobile Blockchain Meets Edge Computing
Blockchain, as the backbone technology of the current popular Bitcoin digital
currency, has become a promising decentralized data management framework.
Although blockchain has been widely adopted in many applications, e.g.,
finance, healthcare, and logistics, its application in mobile services is still
limited. This is due to the fact that blockchain users need to solve preset
proof-of-work puzzles to add new data, i.e., a block, to the blockchain.
Solving the proof-of-work, however, consumes substantial resources in terms of
CPU time and energy, which is not suitable for resource-limited mobile devices.
To facilitate blockchain applications in future mobile Internet of Things
systems, multiple access mobile edge computing appears to be an auspicious
solution to solve the proof-of-work puzzles for mobile users. We first
introduce a novel concept of edge computing for mobile blockchain. Then, we
introduce an economic approach for edge computing resource management.
Moreover, a prototype of mobile edge computing enabled blockchain systems is
presented with experimental results to justify the proposed concept.Comment: Accepted by IEEE Communications Magazin
State of the art of cyber-physical systems security: An automatic control perspective
Cyber-physical systems are integrations of computation, networking, and physical processes. Due to the tight cyber-physical coupling and to the potentially disrupting consequences of failures, security here is one of the primary concerns. Our systematic mapping study sheds light on how security is actually addressed when dealing with cyber-physical systems from an automatic control perspective. The provided map of 138 selected studies is defined empirically and is based on, for instance, application fields, various system components, related algorithms and models, attacks characteristics and defense strategies. It presents a powerful comparison framework for existing and future research on this hot topic, important for both industry and academia
Cyber Security Politics
This book examines new and challenging political aspects of cyber security and presents it as an issue defined by socio-technological uncertainty and political fragmentation. Structured along two broad themes and providing empirical examples for how socio-technical changes and political responses interact, the first part of the book looks at the current use of cyber space in conflictual settings, while the second focuses on political responses by state and non-state actors in an environment defined by uncertainties. Within this, it highlights four key debates that encapsulate the complexities and paradoxes of cyber security politics from a Western perspective – how much political influence states can achieve via cyber operations and what context factors condition the (limited) strategic utility of such operations; the role of emerging digital technologies and how the dynamics of the tech innovation process reinforce the fragmentation of the governance space; how states attempt to uphold stability in cyberspace and, more generally, in their strategic relations; and how the shared responsibility of state, economy, and society for cyber security continues to be re-negotiated in an increasingly trans-sectoral and transnational governance space. This book will be of much interest to students of cyber security, global governance, technology studies, and international relations
- …