Adaptive Response System for Distributed Denial-of-Service Attacks

The continued prevalence and severe damaging effects of the Distributed Denial of Service (DDoS) attacks in today’s Internet raise growing security concerns and call for an immediate response to come up with better solutions to tackle DDoS attacks. The current DDoS prevention mechanisms are usually inflexible and determined attackers with knowledge of these mechanisms, could work around them. Most existing detection and response mechanisms are standalone systems which do not rely on adaptive updates to mitigate attacks. As different responses vary in their “leniency” in treating detected attack traffic, there is a need for an Adaptive Response System. We designed and implemented our DDoS Adaptive ResponsE (DARE) System, which is a distributed DDoS mitigation system capable of executing appropriate detection and mitigation responses automatically and adaptively according to the attacks. It supports easy integrations for both signature-based and anomaly-based detection modules. Additionally, the design of DARE’s individual components takes into consideration the strengths and weaknesses of existing defence mechanisms, and the characteristics and possible future mutations of DDoS attacks. These components consist of an Enhanced TCP SYN Attack Detector and Bloom-based Filter, a DDoS Flooding Attack Detector and Flow Identifier, and a Non Intrusive IP Traceback mechanism. The components work together interactively to adapt the detections and responses in accordance to the attack types. Experiments conducted on DARE show that the attack detection and mitigation are successfully completed within seconds, with about 60% to 86% of the attack traffic being dropped, while availability for legitimate and new legitimate requests is maintained. DARE is able to detect and trigger appropriate responses in accordance to the attacks being launched with high accuracy, effectiveness and efficiency. We also designed and implemented a Traffic Redirection Attack Protection System (TRAPS), a stand-alone DDoS attack detection and mitigation system for IPv6 networks. In TRAPS, the victim under attack verifies the authenticity of the source by performing virtual relocations to differentiate the legitimate traffic from the attack traffic. TRAPS requires minimal deployment effort and does not require modifications to the Internet infrastructure due to its incorporation of the Mobile IPv6 protocol. Experiments to test the feasibility of TRAPS were carried out in a testbed environment to verify that it would work with the existing Mobile IPv6 implementation. It was observed that the operations of each module were functioning correctly and TRAPS was able to successfully mitigate an attack launched with spoofed source IP addresses

Understanding and Advancing the Status Quo of DDoS Defense

Two decades after the first distributed denial-of-service (DDoS) attack, the Internet remains challenged by DDoS attacks as they evolve. Not only is the scale of attacks larger than ever, but they are also harder to detect and mitigate. Nevertheless, the Internet's fundamental design, based on which machines are free to send traffic to any other machines, remains the same. This thesis reinvestigates the prior DDoS defense solutions to find less studied but critical issues in existing defense solutions. It proposes solutions to improve the input, design, and evaluation of DDoS defense. Specifically, we show why DDoS defense systems need a better view of the Internet's traffic at the autonomous system (AS) level. We use a novel attack to expose the inefficiencies in the existing defense systems. Finally, we reason why a defense solution needs a sound empirical evaluation and provide a framework that mimics real-world networks to facilitate DDoS defense evaluation. This dissertation includes published and unpublished co-authored materials

Systematic review of features for co‐simulating security incidents in Cyber‐Physical Systems

Cyber-Physical Systems (CPS) and Internet-of-Things (IoT) plus energy are the enabling technology of modern power systems also known as the Smart Grid (SG). A SG may consist of thousands of interconnected components communicating and exchanging data across layers that stretch beyond technical capabilities, for instance, markets and customer interactions. Cyber-physical security is a major source of concern due to the high reliance of the SG on Information and Communication Technologies (ICT) and their widespread use. Addressing security requires developing modeling and simulation tools that approximate and replicate adversarial behavior in the SG. These tools have in fact two simulators, one handling continuous power flows and another for capturing the discrete behavior when communicating across CPS or IoT components. The technique of composing two models of computation in a global simulation of these coupled systems is called co-simulation. Although there are many frameworks and tools for co-simulation, the set of features for modeling cyber-physical security incidents in the SG lacks thorough understanding. We present a systematic review of features and tools for co-simulating these concerns in CPS. We also highlight and discuss research gaps with respect to the most used tools in industry and academia and comment on their relevant features

Resilience-oriented control and communication framework for cyber-physical microgrids

Climate change drives the energy supply transition from traditional fossil fuel-based power generation to renewable energy resources. This transition has been widely recognised as one of the most significant developing pathways promoting the decarbonisation process toward a zero-carbon and sustainable society. Rapidly developing renewables gradually dominate energy systems and promote the current energy supply system towards decentralisation and digitisation. The manifestation of decentralisation is at massive dispatchable energy resources, while the digitisation features strong cohesion and coherence between electrical power technologies and information and communication technologies (ICT). Massive dispatchable physical devices and cyber components are interdependent and coupled tightly as a cyber-physical energy supply system, while this cyber-physical energy supply system currently faces an increase of extreme weather (e.g., earthquake, flooding) and cyber-contingencies (e.g., cyberattacks) in the frequency, intensity, and duration. Hence, one major challenge is to find an appropriate cyber-physical solution to accommodate increasing renewables while enhancing power supply resilience. The main focus of this thesis is to blend centralised and decentralised frameworks to propose a collaboratively centralised-and-decentralised resilient control framework for energy systems i.e., networked microgrids (MGs) that can operate optimally in the normal condition while can mitigate simultaneous cyber-physical contingencies in the extreme condition. To achieve this, we investigate the concept of "cyber-physical resilience" including four phases, namely prevention/upgrade, resistance, adaption/mitigation, and recovery. Throughout these stages, we tackle different cyber-physical challenges under the concept of microgrid ranging from a centralised-to-decentralised transitional control framework coping with cyber-physical out of service, a cyber-resilient distributed control methodology for networked MGs, a UAV assisted post-contingency cyber-physical service restoration, to a fast-convergent distributed dynamic state estimation algorithm for a class of interconnected systems.Open Acces

Comparison of Ethereum Smart Contract Vulnerability Detection Tools

The thesis aims to reflect on the technical aspects of the Blockchain and Ethereum Smart Contract Vulnerabilities. The thesis has provided an in-depth overview of blockchain technologies, focused on Bitcoin, Ethereum needed to understand for vulnerabilities in blockchain. Application of cryptographic functions, consensus algorithm is explained and Blockchain security vulnerabilities are presented. A summary of public and private blockchains are shown, how these differ from each other and what are the use cases for these various blockchain application is provided. Ethereum Smart Contract are introduced and explained. The vulnerabilities present in smart contract are researched empirically. The second half of thesis is focused on finding security flaws and vulnerabilities on Ethereum Smart contract. The attack vectors that are possible, cyber-attacks which has already happened and how can they be mitigated, if found, are presented. Analysis and comparison of popular Ethereum Smart Contract Vulnerability detection tools has been empirically studied using an automated tool called SmartBugs and the results are presented

Climate Adaptation Modelling

This open access book focuses on an issue only marginally tackled by this literature: the still existing gap between adaptation science and modelling and the possibility to effectively access and exploit the information produced by policy making at different levels, international, national and local. To do so, the book presents the proceedings of a high-level expert workshop on adaptation modelling, integrated with main results from the “Study on Adaptation Modelling” (SAM-PS) commissioned by the European Commission's Directorate-General for Climate Action (DG CLIMA) and implemented by the CMCC Foundation – Euro-Mediterranean Centre on Climate Change, in collaboration with the Institute for Environmental Studies (IVM), Deltares, and Paul Watkiss Associates (PWA). What is the latest development in adaptation modelling? Which tools and information are available for adaptation assessment? How much are they practically usable by the policy community? How their uptake by practitioners can be improved? What are the major research gaps in adaptation modelling that needs to be covered in the next future? How? This book addresses these questions presenting the results of a study on adaptation modelling commissioned by the European Commission's Directorate-General for Climate Action (DG CLIMA) enriched by the outcomes of a high-level expert workshop on adaptation also part of the research. This book aspires to provide a useful support to academics, policy makers and practitioners in the field of adaptation to orient them in the expanding adaptation modelling assessment literature and suggest practical ways for its application. This book, mainly addressed to academics, policy makers and practitioners in the field of adaptation, aims to providing orientation in the large and expanding methodological/quantitative literature, presenting novelties, guiding in the practical application of adaptation assessments and suggesting lines for future research. This open access book focuses on an issue only marginally tackled by this literature: the still existing gap between adaptation science and modelling and the possibility to effectively access and exploit the information produced by policy making at different levels, international, national and local. To do so, the book presents the proceedings of a high-level expert workshop on adaptation modelling, integrated with main results from the “Study on Adaptation Modelling” (SAM-PS) commissioned by the European Commission's Directorate-General for Climate Action (DG CLIMA) and implemented by the CMCC Foundation – Euro-Mediterranean Centre on Climate Change, in collaboration with the Institute for Environmental Studies (IVM), Deltares, and Paul Watkiss Associates (PWA)

Machine Learning-Enabled IoT Security: Open Issues and Challenges Under Advanced Persistent Threats

Despite its technological benefits, Internet of Things (IoT) has cyber weaknesses due to the vulnerabilities in the wireless medium. Machine learning (ML)-based methods are widely used against cyber threats in IoT networks with promising performance. Advanced persistent threat (APT) is prominent for cybercriminals to compromise networks, and it is crucial to long-term and harmful characteristics. However, it is difficult to apply ML-based approaches to identify APT attacks to obtain a promising detection performance due to an extremely small percentage among normal traffic. There are limited surveys to fully investigate APT attacks in IoT networks due to the lack of public datasets with all types of APT attacks. It is worth to bridge the state-of-the-art in network attack detection with APT attack detection in a comprehensive review article. This survey article reviews the security challenges in IoT networks and presents the well-known attacks, APT attacks, and threat models in IoT systems. Meanwhile, signature-based, anomaly-based, and hybrid intrusion detection systems are summarized for IoT networks. The article highlights statistical insights regarding frequently applied ML-based methods against network intrusion alongside the number of attacks types detected. Finally, open issues and challenges for common network intrusion and APT attacks are presented for future research.Comment: ACM Computing Surveys, 2022, 35 pages, 10 Figures, 8 Table

Addressing climate vulnerability : promoting the participatory rights of indigenous peoples and women through Finnish foreign policy

Julkaistu versi

Software Usability

This volume delivers a collection of high-quality contributions to help broaden developers’ and non-developers’ minds alike when it comes to considering software usability. It presents novel research and experiences and disseminates new ideas accessible to people who might not be software makers but who are undoubtedly software users