13,687 research outputs found

    A Firewall Optimization for Threat-Resilient Micro-Segmentation in Power System Networks

    Full text link
    Electric power delivery relies on a communications backbone that must be secure. SCADA systems are essential to critical grid functions and include industrial control systems (ICS) protocols such as the Distributed Network Protocol-3 (DNP3). These protocols are vulnerable to cyber threats that power systems, as cyber-physical critical infrastructure, must be protected against. For this reason, the NERC Critical Infrastructure Protection standard CIP-005-5 specifies that an electronic system perimeter is needed, accomplished with firewalls. This paper presents how these electronic system perimeters can be optimally found and generated using a proposed meta-heuristic approach for optimal security zone formation for large-scale power systems. Then, to implement the optimal firewall rules in a large scale power system model, this work presents a prototype software tool that takes the optimization results and auto-configures the firewall nodes for different utilities in a cyber-physical testbed. Using this tool, firewall policies are configured for all the utilities and their substations within a synthetic 2000-bus model, assuming two different network topologies. Results generate the optimal electronic security perimeters to protect a power system's data flows and compare the number of firewalls, monetary cost, and risk alerts from path analysis.Comment: 12 pages, 22 figure

    CARLA+: An Evolution of the CARLA Simulator for Complex Environment Using a Probabilistic Graphical Model

    Get PDF
    In an urban and uncontrolled environment, the presence of mixed traffic of autonomous vehicles, classical vehicles, vulnerable road users, e.g., pedestrians, and unprecedented dynamic events makes it challenging for the classical autonomous vehicle to navigate the traffic safely. Therefore, the realization of collaborative autonomous driving has the potential to improve road safety and traffic efficiency. However, an obvious challenge in this regard is how to define, model, and simulate the environment that captures the dynamics of a complex and urban environment. Therefore, in this research, we first define the dynamics of the envisioned environment, where we capture the dynamics relevant to the complex urban environment, specifically, highlighting the challenges that are unaddressed and are within the scope of collaborative autonomous driving. To this end, we model the dynamic urban environment leveraging a probabilistic graphical model (PGM). To develop the proposed solution, a realistic simulation environment is required. There are a number of simulators—CARLA (Car Learning to Act), one of the prominent ones, provides rich features and environment; however, it still fails on a few fronts, for example, it cannot fully capture the complexity of an urban environment. Moreover, the classical CARLA mainly relies on manual code and multiple conditional statements, and it provides no pre-defined way to do things automatically based on the dynamic simulation environment. Hence, there is an urgent need to extend the off-the-shelf CARLA with more sophisticated settings that can model the required dynamics. In this regard, we comprehensively design, develop, and implement an extension of a classical CARLA referred to as CARLA+ for the complex environment by integrating the PGM framework. It provides a unified framework to automate the behavior of different actors leveraging PGMs. Instead of manually catering to each condition, CARLA+ enables the user to automate the modeling of different dynamics of the environment. Therefore, to validate the proposed CARLA+, experiments with different settings are designed and conducted. The experimental results demonstrate that CARLA+ is flexible enough to allow users to model various scenarios, ranging from simple controlled models to complex models learned directly from real-world data. In the future, we plan to extend CARLA+ by allowing for more configurable parameters and more flexibility on the type of probabilistic networks and models one can choose. The open-source code of CARLA+ is made publicly available for researchers

    Study of Sound Perception Evaluation in Refrigeration Gases

    Get PDF
    In the past, sound design was focused on the minimization of the emitted sound, understanding that the lower the sound, the better. Nowadays, this concept is outdated; in addition to the sound pressure level, many more aspects of the sound are considered to fulfil the subjective satisfaction of clients. Thus, a new concept called sound quality has emerged to reach more facets of the sound. In refrigeration systems, the recommendations of European Union are aimed at reducing greenhouse emissions by means of the replacement of the hydrochlorofluorocarbons gases with other less pollutant gases. The refrigeration systems are designed to be used with a specific refrigeration gas, and the noise emitted by these systems is certificated using this refrigeration gas. However, the regularizations have changed, and new refrigerant gases should be used. Considering that these new refrigeration gases work at different pressures, it is possible that the noise could be different with these gases. Moreover, the study of sound quality is very important for the manufacture as the perception and therefore the annoyance could change with the use of new gases. (2) Methods: Two different gases, R-449A and R-134A, have been studied. An acoustic camera has been used to measure and identify the sound quality in the refrigeration systems. (3) Results: The results have shown R-134A has better sound quality than R-449A. (4) Conclusions: This study shows that R-449A and R-134A could be a substitute for R-404A in terms of noise level

    Attacker Profiling Through Analysis of Attack Patterns in Geographically Distributed Honeypots

    Full text link
    Honeypots are a well-known and widely used technology in the cybersecurity community, where it is assumed that placing honeypots in different geographical locations provides better visibility and increases effectiveness. However, how geolocation affects the usefulness of honeypots is not well-studied, especially for threat intelligence as early warning systems. This paper examines attack patterns in a large public dataset of geographically distributed honeypots by answering methodological questions and creating behavioural profiles of attackers. Results show that the location of honeypots helps identify attack patterns and build profiles for the attackers. We conclude that not all the intelligence collected from geographically distributed honeypots is equally valuable and that a good early warning system against resourceful attackers may be built with only two distributed honeypots and a production server

    Improved DASH Architecture for Quality Cloud Video Streaming in Automated Systems

    Get PDF
    In modern times, multimedia streaming systems that transmit video across a channel primarily use HTTP services as a delivery component. Encoding the video for all quality levels is avoided thanks to fuzzy based encoders' ability to react to network changes. Additionally, the system frequently uses packet priority assignment utilising a linear error model to enhance the dynamic nature of DASH without buffering. Based on a fuzzy encoder, the decision of video quality is made in consideration of the bandwidth available. This is a component of the MPEG DASH encoder. The Fuzzy DASH system seeks to increase the scalability of online video streaming, making it suitable for live video broadcasts through mobile and other devices

    Federated Learning Based Detection of Ransomware

    Get PDF
    Ransomware is one of the top threats in the world of cyber security. The ransomwarelandscape is growing in sophistication and maturity. The latest developments in ransomware, such as Ransomware as a service (RaaS), have exacerbated the problem by offering would-be criminals ransomware services, lowering the technical barrier to entry. Private and public sector stakeholders are currently investing heavily in ransomware detection. Ransomware detection benefits private businesses and government organizations by reducing the hefty financial cost of a ransomware attack. It is therefore crucial that ransomware detection is accurate and efficient. There are shortcomings in machine learning (ML) models and datasets when working with ransomware detection. Specifically, there is a need for monitoring UDP traffic. One alternative that remains to be properly tested is federated learning. This thesis aims to demonstrate the viability of federated learning as a solution to detect ransomware, by testing speed and accuracy (using metrics such as accuracy, precision, and recall) in a virtual network environment. In addition to the main benefits of federated learning (distributed datasets and privacy), the research will also analyze if federated learning offers performance advantages in Malware detection compared to other machine learning models. The main focus of the research will be analyzing UDP traffic. UDP is not given much attention by organizations since it\u27s a stateless protocol

    A Secure and Privacy-Preserving E-Government Framework using Blockchain and Artificial Immunity

    Get PDF
    Electronic Government (e-Government) systems constantly provide greater services to people, businesses, organisations, and societies by offering more information, opportunities, and platforms with the support of advances in information and communications technologies. This usually results in increased system complexity and sensitivity, necessitating stricter security and privacy-protection measures. The majority of the existing e-Government systems are centralised, making them vulnerable to privacy and security threats, in addition to suffering from a single point of failure. This study proposes a decentralised e-Government framework with integrated threat detection features to address the aforementioned challenges. In particular, the privacy and security of the proposed e-Government system are realised by the encryption, validation, and immutable mechanisms provided by Blockchain. The insider and external threats associated with blockchain transactions are minimised by the employment of an artificial immune system, which effectively protects the integrity of the Blockchain. The proposed e-Government system was validated and evaluated by using the framework of Ethereum Visualisations of Interactive, Blockchain, Extended Simulations (i.e. eVIBES simulator) with two publicly available datasets. The experimental results show the efficacy of the proposed framework in that it can mitigate insider and external threats in e-Government systems whilst simultaneously preserving the privacy of information

    Modelling, Monitoring, Control and Optimization for Complex Industrial Processes

    Get PDF
    This reprint includes 22 research papers and an editorial, collected from the Special Issue "Modelling, Monitoring, Control and Optimization for Complex Industrial Processes", highlighting recent research advances and emerging research directions in complex industrial processes. This reprint aims to promote the research field and benefit the readers from both academic communities and industrial sectors

    Resource Management in Mobile Edge Computing for Compute-intensive Application

    Full text link
    With current and future mobile applications (e.g., healthcare, connected vehicles, and smart grids) becoming increasingly compute-intensive for many mission-critical use cases, the energy and computing capacities of embedded mobile devices are proving to be insufficient to handle all in-device computation. To address the energy and computing shortages of mobile devices, mobile edge computing (MEC) has emerged as a major distributed computing paradigm. Compared to traditional cloud-based computing, MEC integrates network control, distributed computing, and storage to customizable, fast, reliable, and secure edge services that are closer to the user and data sites. However, the diversity of applications and a variety of user specified requirements (viz., latency, scalability, availability, and reliability) add additional complications to the system and application optimization problems in terms of resource management. In this thesis dissertation, we aim to develop customized and intelligent placement and provisioning strategies that are needed to handle edge resource management problems for different challenging use cases: i) Firstly, we propose an energy-efficient framework to address the resource allocation problem of generic compute-intensive applications, such as Directed Acyclic Graph (DAG) based applications. We design partial task offloading and server selection strategies with the purpose of minimizing the transmission cost. Our experiment and simulation results indicate that partial task offloading provides considerable energy savings, especially for resource-constrained edge systems. ii) Secondly, to address the dynamism edge environments, we propose solutions that integrate Dynamic Spectrum Access (DSA) and Cooperative Spectrum Sensing (CSS) with fine-grained task offloading schemes. Similarly, we show the high efficiency of the proposed strategy in capturing dynamic channel states and enforcing intelligent channel sensing and task offloading decisions. iii) Finally, application-specific long-term optimization frameworks are proposed for two representative applications: a) multi-view 3D reconstruction and b) Deep Neural Network (DNN) inference. Here, in order to eliminate redundant and unnecessary reconstruction processing, we introduce key-frame and resolution selection incorporated with task assignment, quality prediction, and pipeline parallelization. The proposed framework is able to provide a flexible balance between reconstruction time and quality satisfaction. As for DNN inference, a joint resource allocation and DNN partitioning framework is proposed. The outcomes of this research seek to benefit the future distributed computing, smart applications, and data-intensive science communities to build effective, efficient, and robust MEC environments
    • …
    corecore