Detection and prevention of Denial-of-Service in cloud-based smart grid

Smart Grid (SG), components with historical set of security challenges, becomes more vulnerable because Information and Communications Technology (ICT) has its own share of problems while Cloud infrastructure adds yet another unpredicted layer of threats. Scalability and availability, which are strong aspects of the cloud platform making it attractive to users, also attracts security threats for the same reasons. The malware installed on single host offers very limited scope compared to attack magnitude that compromised Cloud platform can offer. Therefore, the strongest aspect of Cloud itself becomes a nightmare in Cloud-Based SG. A breach in such a delicate system can cause severe consequences including interruption of electricity, equipment damage, data breach, complete blackouts, or even life-threatening consequences. We mimic Denial-of-Service (DoS) attacks to demonstrate interruption of electricity in SG with open-source solution to co-simulate power and communication systems

{SoK}: {An} Analysis of Protocol Design: Avoiding Traps for Implementation and Deployment

Today's Internet utilizes a multitude of different protocols. While some of these protocols were first implemented and used and later documented, other were first specified and then implemented. Regardless of how protocols came to be, their definitions can contain traps that lead to insecure implementations or deployments. A classical example is insufficiently strict authentication requirements in a protocol specification. The resulting Misconfigurations, i.e., not enabling strong authentication, are common root causes for Internet security incidents. Indeed, Internet protocols have been commonly designed without security in mind which leads to a multitude of misconfiguration traps. While this is slowly changing, to strict security considerations can have a similarly bad effect. Due to complex implementations and insufficient documentation, security features may remain unused, leaving deployments vulnerable. In this paper we provide a systematization of the security traps found in common Internet protocols. By separating protocols in four classes we identify major factors that lead to common security traps. These insights together with observations about end-user centric usability and security by default are then used to derive recommendations for improving existing and designing new protocols---without such security sensitive traps for operators, implementors and users

Dealing with non-functional requirements in model-driven development

The impact of non-functional requirements (NFRs) over software systems has been widely documented. Consequently, cost-effective software production method shall provide means to integrate this type of requirements into the development process. In this vision paper we analyze this assumption over a particular type of software production paradigm: model-driven development (MDD). We report first the current state of MDD approaches with respect to NFRs and remark that, in general, NFRs are not addressed in MDD methods and processes, and we discuss the effects of this situation. Next, we outline a general framework that integrates NFRs into the core of the MDD process and provide a detailed comparison among all the MDD approaches considered. Last, we identify some research issues related to this framework.Preprin

{SoK}: {An} Analysis of Protocol Design: Avoiding Traps for Implementation and Deployment

Today's Internet utilizes a multitude of different protocols. While some of these protocols were first implemented and used and later documented, other were first specified and then implemented. Regardless of how protocols came to be, their definitions can contain traps that lead to insecure implementations or deployments. A classical example is insufficiently strict authentication requirements in a protocol specification. The resulting Misconfigurations, i.e., not enabling strong authentication, are common root causes for Internet security incidents. Indeed, Internet protocols have been commonly designed without security in mind which leads to a multitude of misconfiguration traps. While this is slowly changing, to strict security considerations can have a similarly bad effect. Due to complex implementations and insufficient documentation, security features may remain unused, leaving deployments vulnerable. In this paper we provide a systematization of the security traps found in common Internet protocols. By separating protocols in four classes we identify major factors that lead to common security traps. These insights together with observations about end-user centric usability and security by default are then used to derive recommendations for improving existing and designing new protocols---without such security sensitive traps for operators, implementors and users

Applying Formal Methods to Networking: Theory, Techniques and Applications

Despite its great importance, modern network infrastructure is remarkable for the lack of rigor in its engineering. The Internet which began as a research experiment was never designed to handle the users and applications it hosts today. The lack of formalization of the Internet architecture meant limited abstractions and modularity, especially for the control and management planes, thus requiring for every new need a new protocol built from scratch. This led to an unwieldy ossified Internet architecture resistant to any attempts at formal verification, and an Internet culture where expediency and pragmatism are favored over formal correctness. Fortunately, recent work in the space of clean slate Internet design---especially, the software defined networking (SDN) paradigm---offers the Internet community another chance to develop the right kind of architecture and abstractions. This has also led to a great resurgence in interest of applying formal methods to specification, verification, and synthesis of networking protocols and applications. In this paper, we present a self-contained tutorial of the formidable amount of work that has been done in formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial

Exploring The Role Of Cyber Security Measures (Encryption, Firewalls, And Authentication Protocols) In Preventing Cyber-Attacks On E-Commerce Platforms

The present study seeks to examine the significance of cybersecurity measures, specifically encryption strength (ES), firewall configuration (FC), and authentication protocols (AP), in protecting e-commerce platforms against cyber-attacks. The data collection process involved the administration of a survey to IT professionals responsible for overseeing e-commerce operations in a range of organisations located in Saudi Arabia. A convenience sampling method was employed to distribute a total of 300 questionnaires, out of which 190 completed responses were selected for analysis. The measurement model, which encompassed variables such as ES, FC, AP, security training (ST), cyber-attack incidents (CAI), customer trust (CT), and incident response time (IRT), was estimated using the structural equation model in Amos. The results of this study provide insights into the relationship between cybersecurity measures and their influence on the frequency of cyberattacks. The study highlights the significance of encryption, firewall configuration, and authentication protocols in strengthening e- commerce platforms. Additionally, this study examines the impact of security training on the improvement of overall cybersecurity posture and its subsequent effect on customer trust. The examination also takes into account the duration of incident response as a critical element in minimising the consequences of cyber incidents. The findings obtained from this study contribute to a more comprehensive comprehension of the cybersecurity environment within the realm of electronic commerce