Visible Light Communication Cyber Security Vulnerabilities For Indoor And Outdoor Vehicle-To-Vehicle Communication

Light fidelity (Li-Fi), developed from the approach of Visible Light Communication (VLC), is a great replacement or complement to existing radio frequency-based (RF) networks. Li-Fi is expected to be deployed in various environments were, due to Wi-Fi congestion and health limitations, RF should not be used. Moreover, VLC can provide the future fifth generation (5G) wireless technology with higher data rates for device connectivity which will alleviate the traffic demand. 5G is playing a vital role in encouraging the modern applications. In 2023, the deployment of all the cellular networks will reach more than 5 billion users globally. As a result, the security and privacy of 5G wireless networks is an essential problem as those modern applications are in people\u27s life everywhere. VLC security is as one of the core physical-layer security (PLS) solutions for 5G networks. Due to the fact that light does not penetrate through solid objects or walls, VLC naturally has higher security and privacy for indoor wireless networks compared to RF networks. However, the broadcasting nature of VLC caused concerns, e.g., eavesdropping, have created serious attention as it is a crucial step to validate the success of VLC in wild. The aim of this thesis is to properly address the security issues of VLC and further enhance the VLC nature security. We analyzed the secrecy performance of a VLC model by studying the characteristics of the transmitter, receiver and the visible light channel. Moreover, we mitigated the security threats in the VLC model for the legitimate user, by 1) implementing more access points (APs) in a multiuser VLC network that are cooperated, 2) reducing the semi-angle of LED to help improve the directivity and secrecy and, 3) using the protected zone strategy around the AP where eavesdroppers are restricted. According to the model\u27s parameters, the results showed that the secrecy performance in the proposed indoor VLC model and the vehicle-to-vehicle (V2V) VLC outdoor model using a combination of multiple PLS techniques as beamforming, secure communication zones, and friendly jamming is enhanced. The proposed model security performance was measured with respect to the signal to noise ratio (SNR), received optical power, and bit error rate (BER) Matlab simulation results

Attack graph approach to dynamic network vulnerability analysis and countermeasures

A thesis submitted to the University of Bedfordshire, in partial fulfilment of the requirements for the degree of Doctor of PhilosophyIt is widely accepted that modern computer networks (often presented as a heterogeneous collection of functioning organisations, applications, software, and hardware) contain vulnerabilities. This research proposes a new methodology to compute a dynamic severity cost for each state. Here a state refers to the behaviour of a system during an attack; an example of a state is where an attacker could influence the information on an application to alter the credentials. This is performed by utilising a modified variant of the Common Vulnerability Scoring System (CVSS), referred to as a Dynamic Vulnerability Scoring System (DVSS). This calculates scores of intrinsic, time-based, and ecological metrics by combining related sub-scores and modelling the problem’s parameters into a mathematical framework to develop a unique severity cost. The individual static nature of CVSS affects the scoring value, so the author has adapted a novel model to produce a DVSS metric that is more precise and efficient. In this approach, different parameters are used to compute the final scores determined from a number of parameters including network architecture, device setting, and the impact of vulnerability interactions. An attack graph (AG) is a security model representing the chains of vulnerability exploits in a network. A number of researchers have acknowledged the attack graph visual complexity and a lack of in-depth understanding. Current attack graph tools are constrained to only limited attributes or even rely on hand-generated input. The automatic formation of vulnerability information has been troublesome and vulnerability descriptions are frequently created by hand, or based on limited data. The network architectures and configurations along with the interactions between the individual vulnerabilities are considered in the method of computing the Cost using the DVSS and a dynamic cost-centric framework. A new methodology was built up to present an attack graph with a dynamic cost metric based on DVSS and also a novel methodology to estimate and represent the cost-centric approach for each host’ states was followed out. A framework is carried out on a test network, using the Nessus scanner to detect known vulnerabilities, implement these results and to build and represent the dynamic cost centric attack graph using ranking algorithms (in a standardised fashion to Mehta et al. 2006 and Kijsanayothin, 2010). However, instead of using vulnerabilities for each host, a CostRank Markov Model has developed utilising a novel cost-centric approach, thereby reducing the complexity in the attack graph and reducing the problem of visibility. An analogous parallel algorithm is developed to implement CostRank. The reason for developing a parallel CostRank Algorithm is to expedite the states ranking calculations for the increasing number of hosts and/or vulnerabilities. In the same way, the author intends to secure large scale networks that require fast and reliable computing to calculate the ranking of enormous graphs with thousands of vertices (states) and millions of arcs (representing an action to move from one state to another). In this proposed approach, the focus on a parallel CostRank computational architecture to appraise the enhancement in CostRank calculations and scalability of of the algorithm. In particular, a partitioning of input data, graph files and ranking vectors with a load balancing technique can enhance the performance and scalability of CostRank computations in parallel. A practical model of analogous CostRank parallel calculation is undertaken, resulting in a substantial decrease in calculations communication levels and in iteration time. The results are presented in an analytical approach in terms of scalability, efficiency, memory usage, speed up and input/output rates. Finally, a countermeasures model is developed to protect against network attacks by using a Dynamic Countermeasures Attack Tree (DCAT). The following scheme is used to build DCAT tree (i) using scalable parallel CostRank Algorithm to determine the critical asset, that system administrators need to protect; (ii) Track the Nessus scanner to determine the vulnerabilities associated with the asset using the dynamic cost centric framework and DVSS; (iii) Check out all published mitigations for all vulnerabilities. (iv) Assess how well the security solution mitigates those risks; (v) Assess DCAT algorithm in terms of effective security cost, probability and cost/benefit analysis to reduce the total impact of a specific vulnerability

Human-centric verification for software safety and security

Software forms a critical part of our lives today. Verifying software to avoid violations of safety and security properties is a necessary task. It is also imperative to have an assurance that the verification process was correct. We propose a human-centric approach to software verification. This involves enabling human-machine collaboration to detect vulnerabilities and to prove the correctness of the verification. We discuss two classes of vulnerabilities. The first class is Algorithmic Complexity Vulnerabilities (ACV). ACVs are a class of software security vulnerabilities that cause denial-of-service attacks. The description of an ACV is not known a priori. The problem is equivalent to searching for a needle in the haystack when we don\u27t know what the needle looks like. We present a novel approach to detect ACVs in web applications. We present a case study audit from DARPA\u27s Space/Time Analysis for Cybersecurity (STAC) program to illustrate our approach. The second class of vulnerabilities is Memory Leaks. Although the description of the Memory Leak (ML) problem is known, a proof of the correctness of the verification is needed to establish trust in the results. We present an approach inspired by the works of Alan Perlis to compute evidence of the verification which can be scrutinized by a human to prove the correctness of the verification. We present a novel abstraction, the Evidence Graph, that succinctly captures the verification evidence and show how to compute the evidence. We evaluate our approach against ML instances in the Linux kernel and report improvement over the state-of-the-art results. We also present two case studies to illustrate how the Evidence Graph can be used to prove the correctness of the verification

Assessing Resilience in Power Grids as a Particular Case of Supply Chain Management

Electrical power grids represent a critical infrastructure for a nation as well as strategically important. Literature review identified that power grids share basic characteristics with Supply Chain Management. This thesis presents a linear programming model to assess power grid resilience as a particular case of Supply Chain Management. Since resilient behavior is not an individual or specific system\u27s attribute but a holistic phenomenon based on the synergic interaction within complex systems, resilience drivers in power grids were identified. Resilience is a function of Reliability, Recovery Capability, Vulnerability and Pipeline Capacity. In order to embed heterogeneous variables into the model, parameterization of resilience drivers were developed. A principle of improving resilience through redundancy was applied in the model by using a virtual redundancy in each link which allows reliability improvement throughout the entire network. Vulnerability was addressed through the standard MIL-STD 882D, and mitigated through security allocation. A unique index (R) integrates the resilience complexity to facilitate alternate scenarios analysis toward strategic decision making. Decision makers are enabled to improve overall power grid performance through reliability development as well as security allocation at the more strategic links identified by the optimal solutions. Moreover, this tool lets decision makers fix grid variables such as reliability, reduced pipeline capacity, or vulnerabilities within the model in order to find optimal solutions that withstand disruptions. The model constitutes an effective tool not only for efficient reliability improvement but also for rational security allocation in the most critical links within the network. Finally, this work contributes to the federal government mandates accomplishment, intended to address electrical power-related risks and vulnerabilities

Security Aspects of Internet of Things aided Smart Grids: a Bibliometric Survey

The integration of sensors and communication technology in power systems, known as the smart grid, is an emerging topic in science and technology. One of the critical issues in the smart grid is its increased vulnerability to cyber threats. As such, various types of threats and defense mechanisms are proposed in literature. This paper offers a bibliometric survey of research papers focused on the security aspects of Internet of Things (IoT) aided smart grids. To the best of the authors' knowledge, this is the very first bibliometric survey paper in this specific field. A bibliometric analysis of all journal articles is performed and the findings are sorted by dates, authorship, and key concepts. Furthermore, this paper also summarizes the types of cyber threats facing the smart grid, the various security mechanisms proposed in literature, as well as the research gaps in the field of smart grid security.Comment: The paper is published in Elsevier's Internet of Things journal. 25 pages + 20 pages of reference

The Global Risks Report 2016, 11th Edition

Now in its 11th edition, The Global Risks Report 2016 draws attention to ways that global risks could evolve and interact in the next decade. The year 2016 marks a forceful departure from past findings, as the risks about which the Report has been warning over the past decade are starting to manifest themselves in new, sometimes unexpected ways and harm people, institutions and economies. Warming climate is likely to raise this year's temperature to 1° Celsius above the pre-industrial era, 60 million people, equivalent to the world's 24th largest country and largest number in recent history, are forcibly displaced, and crimes in cyberspace cost the global economy an estimated US$445 billion, higher than many economies' national incomes. In this context, the Reportcalls for action to build resilience – the "resilience imperative" – and identifies practical examples of how it could be done.The Report also steps back and explores how emerging global risks and major trends, such as climate change, the rise of cyber dependence and income and wealth disparity are impacting already-strained societies by highlighting three clusters of risks as Risks in Focus. As resilience building is helped by the ability to analyse global risks from the perspective of specific stakeholders, the Report also analyses the significance of global risks to the business community at a regional and country-level