Real-time Adaptive Sensor Attack Detection and Recovery in Autonomous Cyber-physical Systems

Cyber-Physical Systems (CPS) tightly couple information technology with physical processes, which rises new vulnerabilities such as physical attacks that are beyond conventional cyber attacks.Attackers may non-invasively compromise sensors and spoof the controller to perform unsafe actions. This issue is even emphasized with the increasing autonomy in CPS. While this fact has motivated many defense mechanisms against sensor attacks, a clear vision of the timing and usability (or the false alarm rate) of attack detection still remains elusive. Existing works tend to pursue an unachievable goal of minimizing the detection delay and false alarm rate at the same time, while there is a clear trade-off between the two metrics. Instead, this dissertation argues that attack detection should bias different metrics (detection delay and false alarm) when a system sits in different states. For example, if the system is close to unsafe states, reducing the detection delay is preferable to lowering the false alarm rate, and vice versa. This dissertation proposes two real-time adaptive sensor attack detection frameworks. The frameworks can dynamically adapt the detection delay and false alarm rate so as to meet a detection deadline and improve usability according to different system statuses. We design and implement the proposed frameworks and validate them using realistic sensor data of automotive CPS to demonstrate its efficiency and efficacy. Further, this dissertation proposes \textit{Recovery-by-Learning}, a data-driven attack recovery framework that restores CPS from sensor attacks. The importance of attack recovery is emphasized by the need to mitigate the attack\u27s impact on a system and restore it to continue functioning. We propose a double sliding window-based checkpointing protocol to remove compromised data and keep trustful data for state estimation. Together, the proposed solutions enable a holistic attack resilient solution for automotive cyber-physical systems

Assessing The Security Posture Of Openemr Using Capec Attack Patterns

Attack patterns describe the common methods of exploiting software. Good software engineering practices and principles alone are not enough to produce secure software. It is also important to know how software it attacked and to guard against it. Knowledge of attack patterns provides a good perspective of an attacker, thus enabling developers and testers to build secure software. CAPEC list is a taxonomy of attack patterns which we believe can enhance security testing. This research seeks to assess the security posture of OpenEMR 4.1.1, an open source Electronic Medical Record (EMR) system, based on CAPEC attack patterns. Five categories of CAPEC attack patterns were analyzed to find their relevance and applicability to OpenEMR. Whereas inapplicable attack patterns were not further considered, applicable attack patterns were further tested to assess OpenEMR vulnerability to them. Various security testing tools were used to carry out the tests. Attack patterns helped to focus black-box and white-box testing procedures on what and where to test. OpenEMR was found to be vulnerable to a number of vulnerabilities such as cross site scripting, authentication bypass, session sidejacking, among others. A number of exploitations were carried out based on the vulnerabilities discovered

DarkneTZ: towards model privacy at the edge using trusted execution environments

We present DarkneTZ, a framework that uses an edge device's Trusted Execution Environment (TEE) in conjunction with model partitioning to limit the attack surface against Deep Neural Networks (DNNs). Increasingly, edge devices (smartphones and consumer IoT devices) are equipped with pre-trained DNNs for a variety of applications. This trend comes with privacy risks as models can leak information about their training data through effective membership inference attacks (MIAs). We evaluate the performance of DarkneTZ, including CPU execution time, memory usage, and accurate power consumption, using two small and six large image classification models. Due to the limited memory of the edge device's TEE, we partition model layers into more sensitive layers (to be executed inside the device TEE), and a set of layers to be executed in the untrusted part of the operating system. Our results show that even if a single layer is hidden, we can provide reliable model privacy and defend against state of the art MIAs, with only 3% performance overhead. When fully utilizing the TEE, DarkneTZ provides model protections with up to 10% overhead

Techno-Economic Models for Optimised Utilisation of Jatropha curcas Linnaeus under an Out-Grower Farming Scheme in Ghana

Techno-economic models for optimised utilisation of jatropha oil under an out-grower farming scheme were developed based on different considerations for oil and by-product utilisation. Model 1: Out-grower scheme where oil is exported and press cake utilised for compost. Model 2: Out-grower scheme with six scenarios considered for the utilisation of oil and by-products. Linear programming models were developed based on outcomes of the models to optimise the use of the oil through profit maximisation. The findings revealed that Model 1 was financially viable from the processors’ perspective but not for the farmer at seed price of $0.07/kg. All scenarios considered under Model 2 were financially viable from the processors perspective but not for the farmer at seed price of$0.07/kg; however, at seed price of $0.085/kg, financial viability was achieved for both parties. Optimising the utilisation of the oil resulted in an annual maximum profit of$123,300

The need for adoption of improved technologies to address challenges in small-scale cassava processing in Ghana

The cassava processing industry in Ghana is dominated by small-scale processors who contribute valuably in terms of processed products such as gari, cassava flour, and cassava dough, among others, and as a result play a major role in the postharvest food system of the country. Their activities depend mostly on traditional methods of processing which have limitations in relation to the quality and quantity of the processed cassava products. They also rely mostly on manual labour which can be slow, costly or unavailable. Mechanisation of key operations in cassava processing activities has been identified as a means of increasing production, reducing postharvest losses as well as saving time. This study sought to assess the need for adoption of interventions to address challenges encountered during processing of cassava into a local staple known as gari (roasted fermented cassava grits). Cassava processors in selected parts of Ashanti and Bono East regions of Ghana were involved in the study. Focus group discussions and semi-structured questionnaires were employed for data collection. Results show that the main technological interventions used by small-scale processors in gari production are the grating machine and screw press. It was, however, noted that other key areas that require interventions are peeling and roasting. All the processors interviewed use manual means for cassava peeling and it was identified as the operation that requires the highest number of persons (15-18 people), to peel about 5-6 tonnes of cassava using about 6-9 hours. The process of manual peeling was identified as the main source of postharvest loss during small-scale processing of gari, resulting in about 13.90 (±1.26) % loss of fresh cassava which can produce about 178 kg of gari (from 5-6 tonnes of cassava). An effective mechanical peeler is therefore identified as key to facilitate gari processing in terms of operation speed and eliminating the over-dependence on manual labour. Other important developed interventions like mechanical roasters and improved stoves are also recommended to enhance gari processing. Outcome from this study is useful to researchers, investors, processors, policy makers and other stakeholders on the specific aspects of the gari processing to focus on in terms of research and investment

Phytochemical analysis, enumeration, isolation, and antimicrobial activity of lemongrass and moringa leaves extracts

The study aimed at enumerating and isolating Lactobacillus from sorghum beer (Pito) which is one of the food spoilage bacteria in pito, evaluating the antibacterial potency of lemongrass (Cymbopogon citratus) and Moringa leave methanolic extract (Moringa oleifera) on the Lactobacillus isolates at different concentrations (12.5%, 25%, 50%, and 100%) and also to investigate the phytochemical constituents of these plants. Leaves of Moringa and Lemongrass were collected, cleaned, and air-dried for 72 h. The powder obtained was soaked in 100% methanol for 72 h to attain crude extract. The extract was used to test for the presence of phytochemicals and antibacterial activity. de Man Rogosa and Sharpe agar was used to isolating the organism. Biochemical tests including the API test was used to confirm the Lactobacillus isolates.The results showed that Lactobacillus load on de Man Rogosa and Sharpe (MRS) on the first day (5.92 × 104 Cfu/ml) of fermentation was low but increased on the second (2.848 × 105 Cfu/ml) and third days (2.232 × 106 Cfu/ml) after fermentation. Lemongrass from the study proved to contain most of the phytochemical constituents whilst Moringa proved to contain the least number of the phytochemical constituents. Lemongrass was observed to have a better effect on Lactobacillus at a concentration of 100% with a zone diameter of 30 mm than moringa leaves extract. From the study, there is a high difference in the antibacterial effectiveness of lemongrass and moringa leaves extract concentrations of 12.5%, 25%, 50%, and 100%, absolute methanol, and ampicillin in inhibiting the growth of the Lactobacillus, therefore, lemongrass extracts flavor can be used to extend the shelf life of pito in the brewing industries

Comparable Detection of SARS-CoV-2 in Sputum and Oropharyngeal Swab Samples of Suspected COVID-19 Patients

The accurate detection of SARS-CoV-2 through respiratory sampling is critical for the prevention of further transmission and timely initiation of treatment. There is a diverse range of SARS-CoV-2 detection rates in reported studies, with uncertainty regarding the optimal sampling method for COVID-19 diagnosis and monitoring. Oropharyngeal sampling (OPS) is one of the most commonly used methods of respiratory sampling in Ghana and other parts of the world for the detection of SARS-CoV-2 viral RNA. However, this sampling technique has a number of drawbacks, which include difficulty in obtaining high-quality swab samples, increased risk of infection to healthcare workers, and increased cost from a regular supply of swabs, transport media, and personal protective equipment (PPE). This study, therefore, sought to evaluate the diagnostic performance of sputum specimens in the diagnosis of COVID-19. This was a cross-sectional analytical study conducted in two health facilities in Kumasi, Ghana, between April and September 2021. Paired samples (an oropharyngeal swab and sputum) were taken from each recruited patient and run concurrently for the detection of SARS-CoV-2 genes (the N and ORF1ab genes) using RT-qPCR. Of the 317 patients recruited, 50.8% were males, and 60.4% were young adults aged 20–39 years. A significant proportion (65.9%) of the patients did not have any co-morbidity, and the majority were with symptoms; predominantly cough (36.3%), headache (31.5%), general weakness (24.0%), fever (20.2%), and sore throat (16.1%). Being symptomatic (p = 0.003), having comorbidity (p = 0.001), and the reporting facility (p = 0.010) were significantly associated with the COVID-19 status. The sputum samples yielded more COVID-positive, 120/317 (37.9%), as compared to OPS, 83/317 (26.2%). The sputum samples were 85.5% (95% CI, 76.4–91.5) sensitive, 79.1% (95% CI, 73.4–83.7) specific, and with positive and negative predictive values of 59.2% and 93.9%, respectively, when compared with OPS. The overall median of the SARS-CoV-2 viral loads for sputum (3.70 × 103 copies/mL) were significantly higher than in OPS (1.18 × 102 copies/mL) (p = 0.003). Findings from the study suggest self-collected sputum as a useful alternative to OPS for the diagnosis of COVID-19, providing a comparable diagnostic performance and, thereby, easing the uncomfortable process and mitigating risk of aerosol transmission to healthcare workers