Environmental Obfuscation of a Cyber Physical System - Vehicle Example

Cyber-Physical Systems (CPSs) are deeply embedded infrastructures that have significant cyber and physical components that interact with each other in complex ways. These interactions can violate a system\u27s security policy, leading to unintended information flow. The physical portion of such systems is inherently observable, and, as such, many methods of preserving confidentiality are not applicable. This fundamental property of CPSs presents new security challenges. To illustrate this, a vehicle composed of an embedded computer system, its operator, and its environment show how information is disclosed to an observer that is watching from the outside. The example is made of up a vehicle with an automated engine management system (smart cruise control) traveling across some terrain with an observer watching the vehicle. The information that is to be protected is the controller of the vehicle. This model is analyzed using formal models of information flow, namely nondeducibility and noninference. The vehicle\u27s operation, in context with the terrain of the road, discloses information to the observer. Context is important; the same information that was disclosed with one terrain type is hidden with a different terrain. This problem, its methodology, and results uncover problems, and solutions, based on the theory of information flow, to quantify security in these new types of systems

Security analysis of a cyber physical system : a car example

Deeply embedded Cyber Physical Systems (CPS) are infrastructures that have significant cyber and physical components that interact with each other in complex ways. These interactions can violate a system\u27s security policy, leading to the leakage of rights and unintended information flow. This thesis will explore information flow as it uses a public channel. In order to exemplify the use of the public channel, a vehicle being composed of the computer system and its operators will show how information is disclosed to an observer. The example is made up of a vehicle traveling across some terrain with an observer watching the car. The information that is trying to be hidden is the controller of the vehicle. The observer then uses the contextual information, based on the topography and previous knowledge about an automobile, to attempt to learn some of the events taking place in the car\u27s computer system and the actions of the driver. The combination of the observer and the passage of information from the car to the observer forms a public channel. This model is analyzed for both nondeducibility, noninference, and properties about its information flow. The investigation reveals that the same information that was disclosed with one topography is hidden with a different topography. In security, the knowledge that information flow exists is a violation. This is known as leakage. To remedy the weaknesses observed during the analysis, a method to obfuscate the information flow is introduced. The fact that important information can be camouflaged, even while it flows over a public channel, is an important observation of this thesis. This process of obfuscation can be applied to other cyber physical systems to secure the public channel --Abstract, page iii

Software Protection and Secure Authentication for Autonomous Vehicular Cloud Computing

Artificial Intelligence (AI) is changing every technology we deal with. Autonomy has been a sought-after goal in vehicles, and now more than ever we are very close to that goal. Vehicles before were dumb mechanical devices, now they are becoming smart, computerized, and connected coined as Autonomous Vehicles (AVs). Moreover, researchers found a way to make more use of these enormous capabilities and introduced Autonomous Vehicles Cloud Computing (AVCC). In these platforms, vehicles can lend their unused resources and sensory data to join AVCC. In this dissertation, we investigate security and privacy issues in AVCC. As background, we built our vision of a layer-based approach to thoroughly study state-of-the-art literature in the realm of AVs. Particularly, we examined some cyber-attacks and compared their promising mitigation strategies from our perspective. Then, we focused on two security issues involving AVCC: software protection and authentication. For the first problem, our concern is protecting client’s programs executed on remote AVCC resources. Such a usage scenario is susceptible to information leakage and reverse-engineering. Hence, we proposed compiler-based obfuscation techniques. What distinguishes our techniques, is that they are generic and software-based and utilize the intermediate representation, hence, they are platform agnostic, hardware independent and support different high level programming languages. Our results demonstrate that the control-flow of obfuscated code versions are more complicated making it unintelligible for timing side-channels. For the second problem, we focus on protecting AVCC from unauthorized access or intrusions, which may cause misuse or service disruptions. Therefore, we propose a strong privacy-aware authentication technique for users accessing AVCC services or vehicle sharing their resources with the AVCC. Our technique modifies robust function encryption, which protects stakeholder’s confidentiality and withstands linkability and “known-ciphertexts” attacks. Thus, we utilize an authentication server to search and match encrypted data by performing dot product operations. Additionally, we developed another lightweight technique, based on KNN algorithm, to authenticate vehicles at computationally limited charging stations using its owner’s encrypted iris data. Our security and privacy analysis proved that our schemes achieved privacy-preservation goals. Our experimental results showed that our schemes have reasonable computation and communications overheads and efficiently scalable

Matters of Biocybersecurity with Consideration to Propaganda Outlets and Biological Agents

The modern era holds vast modalities in human data utilization. Within Biocybersecurity (BCS), categories of biological information, especially medical information transmitted online, can be viewed as pathways to destabilize organizations. Therefore, analysis of how the public, along with medical providers, process such data, and the methods by which false information, particularly propaganda, can be used to upset the flow of verified information to populations of medical professionals, is important for maintenance of public health. Herein, we discuss some interplay of BCS within the scope of propaganda and considerations for navigating the field

ODIN: Obfuscation-based privacy-preserving consensus algorithm for Decentralized Information fusion in smart device Networks

The large spread of sensors and smart devices in urban infrastructures are motivating research in the area of the Internet of Things (IoT) to develop new services and improve citizens’ quality of life. Sensors and smart devices generate large amounts of measurement data from sensing the environment, which is used to enable services such as control of power consumption or traffic density. To deal with such a large amount of information and provide accurate measurements, service providers can adopt information fusion, which given the decentralized nature of urban deployments can be performed by means of consensus algorithms. These algorithms allow distributed agents to (iteratively) compute linear functions on the exchanged data, and take decisions based on the outcome, without the need for the support of a central entity. However, the use of consensus algorithms raises several security concerns, especially when private or security critical information is involved in the computation. In this article we propose ODIN, a novel algorithm allowing information fusion over encrypted data. ODIN is a privacy-preserving extension of the popular consensus gossip algorithm, which prevents distributed agents from having direct access to the data while they iteratively reach consensus; agents cannot access even the final consensus value but can only retrieve partial information (e.g., a binary decision). ODIN uses efficient additive obfuscation and proxy re-encryption during the update steps and garbled circuits to make final decisions on the obfuscated consensus. We discuss the security of our proposal and show its practicability and efficiency on real-world resource-constrained devices, developing a prototype implementation for Raspberry Pi devices

ODIN: Obfuscation-based privacy-preserving consensus algorithm for Decentralized Information fusion in smart device Networks

The large spread of sensors and smart devices in urban infrastructures are motivating research in the area of the Internet of Things (IoT) to develop new services and improve citizens’ quality of life. Sensors and smart devices generate large amounts of measurement data from sensing the environment, which is used to enable services such as control of power consumption or traffic density. To deal with such a large amount of information and provide accurate measurements, service providers can adopt information fusion, which given the decentralized nature of urban deployments can be performed by means of consensus algorithms. These algorithms allow distributed agents to (iteratively) compute linear functions on the exchanged data, and take decisions based on the outcome, without the need for the support of a central entity. However, the use of consensus algorithms raises several security concerns, especially when private or security critical information is involved in the computation. In this article we propose ODIN, a novel algorithm allowing information fusion over encrypted data. ODIN is a privacy-preserving extension of the popular consensus gossip algorithm, which prevents distributed agents from having direct access to the data while they iteratively reach consensus; agents cannot access even the final consensus value but can only retrieve partial information (e.g., a binary decision). ODIN uses efficient additive obfuscation and proxy re-encryption during the update steps and garbled circuits to make final decisions on the obfuscated consensus. We discuss the security of our proposal and show its practicability and efficiency on real-world resource-constrained devices, developing a prototype implementation for Raspberry Pi devices

Security for Machine Learning-based Systems: Attacks and Challenges during Training and Inference

The exponential increase in dependencies between the cyber and physical world leads to an enormous amount of data which must be efficiently processed and stored. Therefore, computing paradigms are evolving towards machine learning (ML)-based systems because of their ability to efficiently and accurately process the enormous amount of data. Although ML-based solutions address the efficient computing requirements of big data, they introduce (new) security vulnerabilities into the systems, which cannot be addressed by traditional monitoring-based security measures. Therefore, this paper first presents a brief overview of various security threats in machine learning, their respective threat models and associated research challenges to develop robust security measures. To illustrate the security vulnerabilities of ML during training, inferencing and hardware implementation, we demonstrate some key security threats on ML using LeNet and VGGNet for MNIST and German Traffic Sign Recognition Benchmarks (GTSRB), respectively. Moreover, based on the security analysis of ML-training, we also propose an attack that has a very less impact on the inference accuracy. Towards the end, we highlight the associated research challenges in developing security measures and provide a brief overview of the techniques used to mitigate such security threats