Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

Simulating social relations in multi-agent systems

Open distributed systems are comprised of a large number of heterogeneous nodes with disparate requirements and objectives, a number of which may not conform to the system specification. This thesis argues that activity in such systems can be regulated by using distributed mechanisms inspired by social science theories regarding similarity /kinship, trust, reputation, recommendation and economics. This makes it possible to create scalable and robust agent societies which can adapt to overcome structural impediments and provide inherent defence against malicious and incompetent action, without detriment to system functionality and performance. In particular this thesis describes: • an agent based simulation and animation platform (PreSage), which offers the agent developer and society designer a suite of powerful tools for creating, simulating and visualising agent societies from both a local and global perspective. • a social information dissemination system (SID) based on principles of self organisation which personalises recommendation and directs information dissemination. • a computational socio-cognitive and economic framework (CScEF) which integrates and extends socio-cognitive theories of trust, reputation and recommendation with basic economic theory. • results from two simulation studies investigating the performance of SID and the CScEF. The results show the production of a generic, reusable and scalable platform for developing and animating agent societies, and its contribution to the community as an open source tool. Secondly specific results, regarding the application of SID and CScEF, show that revealing outcomes of using socio-technical mechanisms to condition agent interactions can be demonstrated and identified by using Presage.Open Acces

TRULLO - local trust bootstrapping for ubiquitous devices

Handheld devices have become sufficiently powerful that it is easy to create, disseminate, and access digital content (e.g., photos, videos) using them. The volume of such content is growing rapidly and, from the perspective of each user, selecting relevant content is key. To this end, each user may run a trust model - a software agent that keeps track of who disseminates content that its user finds relevant. This agent does so by assigning an initial trust value to each producer for a specific category (context); then, whenever it receives new content, the agent rates the content and accordingly updates its trust value for the producer in the content category. However, a problem with such an approach is that, as the number of content categories increases, so does the number of trust values to be initially set. This paper focuses on how to effectively set initial trust values. The most sophisticated of the current solutions employ predefined context ontologies, using which initial trust in a given context is set based on that already held in similar contexts. However, universally accepted (and time invariant) ontologies are rarely found in practice. For this reason, we propose a mechanism called TRULLO (TRUst bootstrapping by Latently Lifting cOntext) that assigns initial trust values based only on local information (on the ratings of its user’s past experiences) and that, as such, does not rely on third-party recommendations. We evaluate the effectiveness of TRULLO by simulating its use in an informal antique market setting. We also evaluate the computational cost of a J2ME implementation of TRULLO on a mobile phone

Trust beyond reputation: A computational trust model based on stereotypes

Models of computational trust support users in taking decisions. They are commonly used to guide users' judgements in online auction sites; or to determine quality of contributions in Web 2.0 sites. However, most existing systems require historical information about the past behavior of the specific agent being judged. In contrast, in real life, to anticipate and to predict a stranger's actions in absence of the knowledge of such behavioral history, we often use our "instinct"- essentially stereotypes developed from our past interactions with other "similar" persons. In this paper, we propose StereoTrust, a computational trust model inspired by stereotypes as used in real-life. A stereotype contains certain features of agents and an expected outcome of the transaction. When facing a stranger, an agent derives its trust by aggregating stereotypes matching the stranger's profile. Since stereotypes are formed locally, recommendations stem from the trustor's own personal experiences and perspective. Historical behavioral information, when available, can be used to refine the analysis. According to our experiments using Epinions.com dataset, StereoTrust compares favorably with existing trust models that use different kinds of information and more complete historical information

REPUTATION MANAGEMENT ALGORITHMS IN DISTRIBUTED APPLICATIONS

Nowadays, several distributed systems and applications rely on interactions between unknown agents that cooperate in order to exchange resources and services. The distributed nature of these systems, and the consequent lack of a single centralized point of control, let agents to adopt selfish and malicious behaviors in order to maximize their own utility. To address such issue, many applications rely on Reputation Management Systems (RMSs) to estimate the future behavior of unknown agents before establishing actual interactions. The relevance of these systems is even greater if the malicious or selfish behavior exhibited by a few agents may reduce the utility perceived by cooperative agents, leading to a damage to the whole community. RMSs allow to estimate the expected outcome of a given interaction, thus providing relevant information that can be exploited to take decisions about the convenience of interacting with a certain agent. Agents and their behavior are constantly evolving and becoming even more complex, so it is increasingly difficult to successfully develop the RMS, able to resist the threats presented. A possible solution to this problem is the use of agent-based simulation software designed to support researchers in evaluating distributed reputation management systems since the design phase. This dissertation presents the design and the development of a distributed simulation platform based on HPC technologies called DRESS. This solution allows researchers to assess the performance of a generic reputation management system and provides a comprehensive assessment of its ability to withstand security attacks. In the scientific literature, a tool that allows the comparison of distinct RMS and different design choices through a set of defined metrics, also supporting large-scale simulations, is still missing. The effectiveness of the proposed approach is demonstrated by the application scenario of user energy sharing systems within smart-grids and by considering user preferences differently from other work. The platform has proved to be useful for the development of an energy sharing system among users, which with the aim of maximizing the amount of energy transferred has exploited the reputation of users once learned their preferences

Defining tools for phishing campaigns

The objective of this project is to carry out a real phishing campaign in order to assess the impact on a company and its employees, to be affected by these malicious practices, to raise awareness and train workers to detect possible malicious emails and to create an action plan that can be used to teach employees how to act in case of detecting these emails or being a victim of them. The project will cover all the essential points to carry out a successful phishing campaign, from the creation of a social engineering plan to make the employees of the company fall into the campaign, the creation and configuration of all the technical infrastructure for this, this point includes the realization of a mail server (SMTP), the use of tools to automate and track the phishing campaign as the creation of emails and web pages necessary to carry out such practice.El objetivo de este proyecto es llevar a cabo una campaña real de phishing con el fin de evaluar el impacto en una empresa y sus empleados al verse afectados por estas prácticas maliciosas, concienciar y formar a los trabajadores para detectar posibles correos electrónicos maliciosos y crear un plan de acción que pueda servir para enseñar a los empleados cómo actuar en caso de detectar estos correos electrónicos o ser víctima de ellos. El proyecto abarcará todos los puntos esenciales para llevar a cabo una exitosa campaña de phishing, desde la creación de un plan de ingeniería social para hacer que los empleados de la empresa caigan en la campaña, la creación y configuración de toda la infraestructura técnica para ello, este punto incluye la realización de un servidor de correo (SMTP), el uso de herramientas para automatizar y rastrear la campaña de phishing como la creación de correos electrónicos y páginas web necesarias para llevar a cabo dicha práctica.L'objectiu d'aquest projecte és dur a terme una campanya real de phishing amb la finalitat d'avaluar l'impacte en una empresa i els seus empleats en veure's afectats per aquestes pràctiques malicioses, conscienciar i formar als treballadors per a detectar possibles correus electrònics maliciosos i crear un pla d'acció que pugui servir per a ensenyar als empleats com actuar en cas de detectar aquests correus electrònics o ser víctima d'ells. El projecte abastarà tots els punts essencials per a dur a terme una reeixida campanya de phishing, des de la creació d'un pla d'enginyeria social per a fer que els empleats de l'empresa caiguin en la campanya, la creació i configuració de tota la infraestructura tècnica per a això, aquest punt inclou la realització d'un servidor de correu (SMTP), l'ús d'eines per a automatitzar i rastrejar la campanya de phishing com la creació de correus electrònics i pàgines web necessàries per a dur a terme aquesta pràctic

An Empirical Study on Android for Saving Non-shared Data on Public Storage

With millions of apps that can be downloaded from official or third-party market, Android has become one of the most popular mobile platforms today. These apps help people in all kinds of ways and thus have access to lots of user's data that in general fall into three categories: sensitive data, data to be shared with other apps, and non-sensitive data not to be shared with others. For the first and second type of data, Android has provided very good storage models: an app's private sensitive data are saved to its private folder that can only be access by the app itself, and the data to be shared are saved to public storage (either the external SD card or the emulated SD card area on internal FLASH memory). But for the last type, i.e., an app's non-sensitive and non-shared data, there is a big problem in Android's current storage model which essentially encourages an app to save its non-sensitive data to shared public storage that can be accessed by other apps. At first glance, it seems no problem to do so, as those data are non-sensitive after all, but it implicitly assumes that app developers could correctly identify all sensitive data and prevent all possible information leakage from private-but-non-sensitive data. In this paper, we will demonstrate that this is an invalid assumption with a thorough survey on information leaks of those apps that had followed Android's recommended storage model for non-sensitive data. Our studies showed that highly sensitive information from billions of users can be easily hacked by exploiting the mentioned problematic storage model. Although our empirical studies are based on a limited set of apps, the identified problems are never isolated or accidental bugs of those apps being investigated. On the contrary, the problem is rooted from the vulnerable storage model recommended by Android. To mitigate the threat, we also propose a defense framework