1,027 research outputs found
On-device Security and Privacy Mechanisms for Resource-limited Devices: A Bottom-up Approach
This doctoral dissertation introduces novel mechanisms to provide on-device security and privacy for resource-limited smart devices and their applications. These mechanisms aim to cover five fundamental contributions in the emerging Cyber-Physical Systems (CPS), Internet of Things (IoT), and Industrial IoT (IIoT) fields. First, we present a host-based fingerprinting solution for device identification that is complementary to other security services like device authentication and access control. Then, we design a kernel- and user-level detection framework that aims to discover compromised resource-limited devices based on behavioral analysis. Further we apply dynamic analysis of smart devices’ applications to uncover security and privacy risks in real-time. Then, we describe a solution to enable digital forensics analysis on data extracted from interconnected resource-limited devices that form a smart environment. Finally, we offer to researchers from industry and academia a collection of benchmark solutions for the evaluation of the discussed security mechanisms on different smart domains. For each contribution, this dissertation comprises specific novel tools and techniques that can be applied either independently or combined to enable a broader security services for the CPS, IoT, and IIoT domains
Centralized and Distributed Detection of Compromised Smart Grid Devices using Machine Learning and Convolution Techniques
The smart grid concept has further transformed the traditional power grid into a massive cyber-physical system that depends on advanced two-way communication infrastructure. While the introduction of cyber components has improved the grid, it has also broadened the attack surface. In particular, the threat stemming from compromised devices pose a significant danger: An attacker can control the devices to change the behavior of the grid and can impact the measurements or damage the grid equipment. In this thesis, to detect such malicious smart grid devices, we propose a novel machine learning and convolution-based framework, named PowerWatch, that is able to run in centralized and distributed settings. After gathering library and system calls, the framework is able to identify how close the observed device is behaving with respect to its normal operations, with mispredictions having the implication of compromise. We evaluated the framework through a state-machine-based computational model of the smart grid devices that explore a wide variety of possible cases that may occur in grid operations: attaining 95.1% accuracy at 0.03% false positive rate over 37500 experiments. The framework was then further tested on a realistic smart grid testbed, where it was able to successfully detect the compromised device in every attack scenario considered in the threat model
PDNPulse: Sensing PCB Anomaly with the Intrinsic Power Delivery Network
The ubiquitous presence of printed circuit boards (PCBs) in modern electronic
systems and embedded devices makes their integrity a top security concern. To
take advantage of the economies of scale, today's PCB design and manufacturing
are often performed by suppliers around the globe, exposing them to many
security vulnerabilities along the segmented PCB supply chain. Moreover, the
increasing complexity of the PCB designs also leaves ample room for numerous
sneaky board-level attacks to be implemented throughout each stage of a PCB's
lifetime, threatening many electronic devices. In this paper, we propose
PDNPulse, a power delivery network (PDN) based PCB anomaly detection framework
that can identify a wide spectrum of board-level malicious modifications.
PDNPulse leverages the fact that the PDN's characteristics are inevitably
affected by modifications to the PCB, no matter how minuscule. By detecting
changes to the PDN impedance profile and using the Frechet distance-based
anomaly detection algorithms, PDNPulse can robustly and successfully discern
malicious modifications across the system. Using PDNPulse, we conduct extensive
experiments on seven commercial-off-the-shelf PCBs, covering different design
scales, different threat models, and seven different anomaly types. The results
confirm that PDNPulse creates an effective security asymmetry between attack
and defense
Deep Learning-Based Dynamic Watermarking for Secure Signal Authentication in the Internet of Things
Securing the Internet of Things (IoT) is a necessary milestone toward
expediting the deployment of its applications and services. In particular, the
functionality of the IoT devices is extremely dependent on the reliability of
their message transmission. Cyber attacks such as data injection,
eavesdropping, and man-in-the-middle threats can lead to security challenges.
Securing IoT devices against such attacks requires accounting for their
stringent computational power and need for low-latency operations. In this
paper, a novel deep learning method is proposed for dynamic watermarking of IoT
signals to detect cyber attacks. The proposed learning framework, based on a
long short-term memory (LSTM) structure, enables the IoT devices to extract a
set of stochastic features from their generated signal and dynamically
watermark these features into the signal. This method enables the IoT's cloud
center, which collects signals from the IoT devices, to effectively
authenticate the reliability of the signals. Furthermore, the proposed method
prevents complicated attack scenarios such as eavesdropping in which the cyber
attacker collects the data from the IoT devices and aims to break the
watermarking algorithm. Simulation results show that, with an attack detection
delay of under 1 second the messages can be transmitted from IoT devices with
an almost 100% reliability.Comment: 6 pages, 9 figure
Smart Grid challenges - Device Trustworthiness
The Power Grid development brings about technological design changes, resulting in increased connectivity and dependency on IoT devices. The changes offer opportunities to manipulate the IoT hardware as the root of trust. Although terrifying, hardware attacks are considered resource-demanding and rare. Nonetheless, Power Grids are attractive targets for resourceful attackers. As such, the Ukraine attacks boosted Power Grid cybersecurity focus. However, physical assurance and hardware device trustworthiness received less attention. Overhead Line Sensors are utilized in Dynamic Line Rating doctrines for Power Grids. They are potentially essential in the future to optimize conductor ampacity. Conductor optimization is crucial for Power Grids because future throughput volatility demands a high level of grid flexibility. However, there may be challenges to the integrity and availability of the data collected using Overhead Line sensors. We believe that in securing the future Smart Grid, stakeholders need to raise attention to device trustworthiness entailing the hardware layer. That said, integrated into cloud-enhanced digital ecosystems, Overhead Line Sensors can also be manipulated through the network, software, and supply chain to impact their trustworthiness
- …