18,968 research outputs found
Security and Privacy Issues of Big Data
This chapter revises the most important aspects in how computing
infrastructures should be configured and intelligently managed to fulfill the
most notably security aspects required by Big Data applications. One of them is
privacy. It is a pertinent aspect to be addressed because users share more and
more personal data and content through their devices and computers to social
networks and public clouds. So, a secure framework to social networks is a very
hot topic research. This last topic is addressed in one of the two sections of
the current chapter with case studies. In addition, the traditional mechanisms
to support security such as firewalls and demilitarized zones are not suitable
to be applied in computing systems to support Big Data. SDN is an emergent
management solution that could become a convenient mechanism to implement
security in Big Data systems, as we show through a second case study at the end
of the chapter. This also discusses current relevant work and identifies open
issues.Comment: In book Handbook of Research on Trends and Future Directions in Big
Data and Web Intelligence, IGI Global, 201
Design-Time Quantification of Integrity in Cyber-Physical-Systems
In a software system it is possible to quantify the amount of information
that is leaked or corrupted by analysing the flows of information present in
the source code. In a cyber-physical system, information flows are not only
present at the digital level, but also at a physical level, and to and fro the
two levels. In this work, we provide a methodology to formally analyse a
Cyber-Physical System composite model (combining physics and control) using an
information flow-theoretic approach. We use this approach to quantify the level
of vulnerability of a system with respect to attackers with different
capabilities. We illustrate our approach by means of a water distribution case
study
Development and Performance Evaluation of a Connected Vehicle Application Development Platform (CVDeP)
Connected vehicle (CV) application developers need a development platform to build,
test and debug real-world CV applications, such as safety, mobility, and environmental
applications, in edge-centric cyber-physical systems. Our study objective is to develop
and evaluate a scalable and secure CV application development platform (CVDeP)
that enables application developers to build, test and debug CV applications in realtime.
CVDeP ensures that the functional requirements of the CV applications meet the
corresponding requirements imposed by the specific applications. We evaluated the
efficacy of CVDeP using two CV applications (one safety and one mobility application)
and validated them through a field experiment at the Clemson University Connected
Vehicle Testbed (CU-CVT). Analyses prove the efficacy of CVDeP, which satisfies the
functional requirements (i.e., latency and throughput) of a CV application while
maintaining scalability and security of the platform and applications
Information Flow for Security in Control Systems
This paper considers the development of information flow analyses to support
resilient design and active detection of adversaries in cyber physical systems
(CPS). The area of CPS security, though well studied, suffers from
fragmentation. In this paper, we consider control systems as an abstraction of
CPS. Here, we extend the notion of information flow analysis, a well
established set of methods developed in software security, to obtain a unified
framework that captures and extends system theoretic results in control system
security. In particular, we propose the Kullback Liebler (KL) divergence as a
causal measure of information flow, which quantifies the effect of adversarial
inputs on sensor outputs. We show that the proposed measure characterizes the
resilience of control systems to specific attack strategies by relating the KL
divergence to optimal detection techniques. We then relate information flows to
stealthy attack scenarios where an adversary can bypass detection. Finally,
this article examines active detection mechanisms where a defender
intelligently manipulates control inputs or the system itself in order to
elicit information flows from an attacker's malicious behavior. In all previous
cases, we demonstrate an ability to investigate and extend existing results by
utilizing the proposed information flow analyses
Subspace Methods for Data Attack on State Estimation: A Data Driven Approach
Data attacks on state estimation modify part of system measurements such that
the tempered measurements cause incorrect system state estimates. Attack
techniques proposed in the literature often require detailed knowledge of
system parameters. Such information is difficult to acquire in practice. The
subspace methods presented in this paper, on the other hand, learn the system
operating subspace from measurements and launch attacks accordingly. Conditions
for the existence of an unobservable subspace attack are obtained under the
full and partial measurement models. Using the estimated system subspace, two
attack strategies are presented. The first strategy aims to affect the system
state directly by hiding the attack vector in the system subspace. The second
strategy misleads the bad data detection mechanism so that data not under
attack are removed. Performance of these attacks are evaluated using the IEEE
14-bus network and the IEEE 118-bus network.Comment: 12 page
- …