Defending Against Firmware Cyber Attacks on Safety-Critical Systems

In the past, it was not possible to update the underlying software in many industrial control devices. Engineering teams had to ‘rip and replace’ obsolete components. However, the ability to make firmware updates has provided significant benefits to the companies who use Programmable Logic Controllers (PLCs), switches, gateways and bridges as well as an array of smart sensor/actuators. These updates include security patches when vulnerabilities are identified in existing devices; they can be distributed by physical media but are increasingly downloaded over Internet connections. These mechanisms pose a growing threat to the cyber security of safety-critical applications, which are illustrated by recent attacks on safety-related infrastructures across the Ukraine. Subsequent sections explain how malware can be distributed within firmware updates. Even when attackers cannot reverse engineer the code necessary to disguise their attack, they can undermine a device by forcing it into a constant upload cycle where the firmware installation never terminates. In this paper, we present means of mitigating the risks of firmware attack on safety-critical systems as part of wider initiatives to secure national critical infrastructures. Technical solutions, including firmware hashing, must be augmented by organizational measures to secure the supply chain within individual plants, across companies and throughout safety-related industries

Defending Servers Against Naptha Attack By Using An Early Client Authentication Method [TK5105.585. C518 2008 f rb].

Serangan Naptha bertujuan mengganggu layanan TCP yang ditawarkan oleh sesuatu pelayan dengan menjanakan banyak sambungan palsu terhadap pelayan tersebut. Naptha attack aims to disrupt TCP service a server provides by generating large amount of forged connections to the server

On packet marking and Markov modeling for IP Traceback: A deep probabilistic and stochastic analysis

From many years, the methods to defend against Denial of Service attacks have been very attractive from different point of views, although network security is a large and very complex topic. Different techniques have been proposed and so-called packet marking and IP tracing procedures have especially demonstrated a good capacity to face different malicious attacks. While host-based DoS attacks are more easily traced and managed, network-based DoS attacks are a more challenging threat. In this paper, we discuss a powerful aspect of the IP traceback method, which allows a router to mark and add information to attack packets on the basis of a fixed probability value. We propose a potential method for modeling the classic probabilistic packet marking algorithm as Markov chains, allowing a closed form to be obtained for evaluating the correct number of received marked packets in order to build a meaningful attack graph and analyze how marking routers must behave to minimize the overall overhead

A survey of intrusion detection techniques in Cloud

Cloud computing provides scalable, virtualized on-demand services to the end users with greater flexibility and lesser infrastructural investment. These services are provided over the Internet using known networking protocols, standards and formats under the supervision of different managements. Existing bugs and vulnerabilities in underlying technologies and legacy protocols tend to open doors for intrusion. This paper, surveys different intrusions affecting availability, confidentiality and integrity of Cloud resources and services. It examines proposals incorporating Intrusion Detection Systems (IDS) in Cloud and discusses various types and techniques of IDS and Intrusion Prevention Systems (IPS), and recommends IDS/IPS positioning in Cloud architecture to achieve desired security in the next generation networks

Mitigating Denial of Service Attacks in Fog-Based Wireless Sensor Networks Using Machine Learning Techniques

Wireless sensor networks are considered to be among the most significant and innovative technologies in the 21st century due to their wide range of industrial applications. Sensor nodes in these networks are susceptible to a variety of assaults due to their special qualities and method of deployment. In WSNs, denial of service attacks are common attacks in sensor networks. It is difficult to design a detection and prevention system that would effectively reduce the impact of these attacks on WSNs. In order to identify assaults on WSNs, this study suggests using two machine learning models: decision trees and XGBoost. The WSNs dataset was the subject of extensive tests to identify denial of service attacks. The experimental findings demonstrate that the XGBoost model, when applied to the entire dataset, has a higher true positive rate (98.3%) than the Decision tree approach (97.3%) and a lower false positive rate (1.7%) than the Decision tree technique (2.7%). Like this, with selected dataset assaults, the XGBoost approach has a higher true positive rate (99.01%) than the Decision tree technique (97.50%) and a lower false positive rate (0.99%) than the Decision tree technique (2.50%)