26,967 research outputs found

    Availability by Design:A Complementary Approach to Denial-of-Service

    Get PDF

    Blindspot: Indistinguishable Anonymous Communications

    Get PDF
    Communication anonymity is a key requirement for individuals under targeted surveillance. Practical anonymous communications also require indistinguishability - an adversary should be unable to distinguish between anonymised and non-anonymised traffic for a given user. We propose Blindspot, a design for high-latency anonymous communications that offers indistinguishability and unobservability under a (qualified) global active adversary. Blindspot creates anonymous routes between sender-receiver pairs by subliminally encoding messages within the pre-existing communication behaviour of users within a social network. Specifically, the organic image sharing behaviour of users. Thus channel bandwidth depends on the intensity of image sharing behaviour of users along a route. A major challenge we successfully overcome is that routing must be accomplished in the face of significant restrictions - channel bandwidth is stochastic. We show that conventional social network routing strategies do not work. To solve this problem, we propose a novel routing algorithm. We evaluate Blindspot using a real-world dataset. We find that it delivers reasonable results for applications requiring low-volume unobservable communication.Comment: 13 Page

    EFFECTS OF DEFEND FORWARD ON SECURITY, STABILITY, AND U.S. INTERESTS IN THE CYBERSPACE DOMAIN

    Get PDF
    The defend forward cyber defense strategy is predicated on the notion of persistent engagement with adversaries in gray and red network space, to cause friction for adversaries before they can carry out malicious activity in U.S. network space. The U.S. Cyber Defense Strategy seeks to overmatch adversaries and cause friction by actively engaging adversaries outside of U.S. network space, albeit below the threshold of armed conflict. This strategy is designed to advance the security of U.S. national interests in the cyberspace domain. U.S. security strategies may have varying effects on stability in specific domains and in overall international relations. Defend forward is often criticized for being destabilizing in the cyberspace domain, and as such, security gains from defend forward are potentially outweighed by negative effects of a further destabilized domain. This thesis answers the following questions: What is the impact of defend forward on the security of U.S. interests and overall stability in the cyberspace domain? The thesis seeks to separate the effects that defend forward has on security and stability in order to understand how, and to what extent, the strategy impacts both. This ultimately enables a determination of the immediate and long-term efficacy of defend forward and the role stability has in relation to the security of U.S. interests in the cyberspace domain.Lieutenant, United States NavyApproved for public release. Distribution is unlimited

    A critical review of cyber-physical security for building automation systems

    Full text link
    Modern Building Automation Systems (BASs), as the brain that enables the smartness of a smart building, often require increased connectivity both among system components as well as with outside entities, such as optimized automation via outsourced cloud analytics and increased building-grid integrations. However, increased connectivity and accessibility come with increased cyber security threats. BASs were historically developed as closed environments with limited cyber-security considerations. As a result, BASs in many buildings are vulnerable to cyber-attacks that may cause adverse consequences, such as occupant discomfort, excessive energy usage, and unexpected equipment downtime. Therefore, there is a strong need to advance the state-of-the-art in cyber-physical security for BASs and provide practical solutions for attack mitigation in buildings. However, an inclusive and systematic review of BAS vulnerabilities, potential cyber-attacks with impact assessment, detection & defense approaches, and cyber-secure resilient control strategies is currently lacking in the literature. This review paper fills the gap by providing a comprehensive up-to-date review of cyber-physical security for BASs at three levels in commercial buildings: management level, automation level, and field level. The general BASs vulnerabilities and protocol-specific vulnerabilities for the four dominant BAS protocols are reviewed, followed by a discussion on four attack targets and seven potential attack scenarios. The impact of cyber-attacks on BASs is summarized as signal corruption, signal delaying, and signal blocking. The typical cyber-attack detection and defense approaches are identified at the three levels. Cyber-secure resilient control strategies for BASs under attack are categorized into passive and active resilient control schemes. Open challenges and future opportunities are finally discussed.Comment: 38 pages, 7 figures, 6 tables, submitted to Annual Reviews in Contro

    Towards Cyber Security for Low-Carbon Transportation: Overview, Challenges and Future Directions

    Full text link
    In recent years, low-carbon transportation has become an indispensable part as sustainable development strategies of various countries, and plays a very important responsibility in promoting low-carbon cities. However, the security of low-carbon transportation has been threatened from various ways. For example, denial of service attacks pose a great threat to the electric vehicles and vehicle-to-grid networks. To minimize these threats, several methods have been proposed to defense against them. Yet, these methods are only for certain types of scenarios or attacks. Therefore, this review addresses security aspect from holistic view, provides the overview, challenges and future directions of cyber security technologies in low-carbon transportation. Firstly, based on the concept and importance of low-carbon transportation, this review positions the low-carbon transportation services. Then, with the perspective of network architecture and communication mode, this review classifies its typical attack risks. The corresponding defense technologies and relevant security suggestions are further reviewed from perspective of data security, network management security and network application security. Finally, in view of the long term development of low-carbon transportation, future research directions have been concerned.Comment: 34 pages, 6 figures, accepted by journal Renewable and Sustainable Energy Review
    • …
    corecore