Architecture, Services and Protocols for CRUTIAL

This document describes the complete specification of the architecture, services and protocols of the project CRUTIAL. The CRUTIAL Architecture intends to reply to a grand challenge of computer science and control engineering: how to achieve resilience of critical information infrastructures (CII), in particular in the electrical sector. In general lines, the document starts by presenting the main architectural options and components of the architecture, with a special emphasis on a protection device called the CRUTIAL Information Switch (CIS). Given the various criticality levels of the equipments that have to be protected, and the cost of using a replicated device, we define a hierarchy of CIS designs incrementally more resilient. The different CIS designs offer various trade offs in terms of capabilities to prevent and tolerate intrusions, both in the device itself and in the information infrastructure. The Middleware Services, APIs and Protocols chapter describes our approach to intrusion tolerant middleware. The CRUTIAL middleware comprises several building blocks that are organized on a set of layers. The Multipoint Network layer is the lowest layer of the middleware, and features an abstraction of basic communication services, such as provided by standard protocols, like IP, IPsec, UDP, TCP and SSL/TLS. The Communication Support layer features three important building blocks: the Randomized Intrusion-Tolerant Services (RITAS), the CIS Communication service and the Fosel service for mitigating DoS attacks. The Activity Support layer comprises the CIS Protection service, and the Access Control and Authorization service. The Access Control and Authorization service is implemented through PolyOrBAC, which defines the rules for information exchange and collaboration between sub-modules of the architecture, corresponding in fact to different facilities of the CII’s organizations. The Monitoring and Failure Detection layer contains a definition of the services devoted to monitoring and failure detection activities. The Runtime Support Services, APIs, and Protocols chapter features as a main component the Proactive-Reactive Recovery service, whose aim is to guarantee perpetual correct execution of any components it protects.Project co-funded by the European Commission within the Sixth Frame-work Programme (2002-2006

Fault-Tolerant Earliest-Deadline-First Scheduling Algorithm ∗

The general approach to fault tolerance in uniprocessor systems is to maintain enough time redundancy in the schedule so that any task instance can be re-executed in presence of faults during the execution. In this paper a scheme is presented to add enough and efficient time redundancy to the Earliest-Deadline-First (EDF) scheduling policy for periodic real-time tasks. This scheme can be used to tolerate transient faults during the execution of tasks. We describe a recovery scheme which can be used to re-execute tasks in the event of transient faults and discuss conditions that must be met by any such recovery scheme. For performance evaluation of this idea a tool is developed. Keywords: Time-redundancy, real-time scheduling, fault-tolerance, uniprocessor embedded systems, earliestdeadline-first. 1

FOSeL: Filtering by helping an Overlay Secure Layer to Mitigate DoS Attacks

Denial of service (DoS) attacks are major threat against availability in the Internet. A large number of countermeasure techniques try to detect attack and then filter out DoS attack packets. Unfortunately these techniques that filter DoS traffic by looking at known attack patterns or statistical anomalies in the traffic patterns can be defeated by changing the attack patterns and masking the anomalies that are sought by the filter. Hence, detecting DoS traffic is one of the main challenges for filtering techniques. Furthermore techniques that drop any malicious packet need to process the packet and processing is time-consuming. This paper addresses how an efficient and good filter can be designed by helping an overlay network layer to mitigate DoS attacks. Fosel (Filtering by helping an Overlay Security Layer) filter is independent from DoS attack types, so we do not worry about the changing attack patterns. Furthermore it reduces processing time noticeably. Through simulation this paper shows by employing Fosel filter, DoS attacks have a negligible chance to saturate the target by malicious packets. Our simulation demonstrates that Fosel architecture reduces the probability of successful attack to minuscule levels. Furthermore Fosel is between 10% and 50% faster than SOS (Secure Overlay Services) [8] architecture to drop malicious packets based on attack rate. © 2008 IEEE.status: publishe

Application Layer DDoS Attack Detection Using Cuckoo Search Algorithm-Trained Radial Basis Function

In an application-layer distributed denial of service (App-DDoS) attack, zombie computers bring down the victim server with valid requests. Intrusion detection systems (IDS) cannot identify these requests since they have legal forms of standard TCP connections. Researchers have suggested several techniques for detecting App-DDoS traffic. There is, however, no clear distinction between legitimate and attack traffic. In this paper, we go a step further and propose a Machine Learning (ML) solution by combining the Radial Basis Function (RBF) neural network with the cuckoo search algorithm to detect App-DDoS traffic. We begin by collecting training data and cleaning them, then applying data normalizing and finding an optimal subset of features using the Genetic Algorithm (GA). Next, an RBF neural network is trained by the optimal subset of features and the optimizer algorithm of cuckoo search. Finally, we compare our proposed technique to the well-known k-nearest neighbor (k-NN), Bootstrap Aggregation (Bagging), Support Vector Machine (SVM), Multi-layer Perceptron) MLP, and (Recurrent Neural Network) RNN methods. Our technique outperforms previous standard and well-known ML techniques as it has the lowest error rate according to error metrics. Moreover, according to standard performance metrics, the results of the experiments demonstrate that our proposed technique detects App-DDoS traffic more accurately than previous techniques. © 2013 IEEE

Fault-tolerant earliest-deadlinefirst scheduling algorithm

The general approach to fault tolerance in uniprocessor systems is to maintain enough time redundancy in the schedule so that any task instance can be re-executed in presence of faults during the execution. In this paper a scheme is presented to add enough and efficient time redundancy to the Earliest-Deadline-First (EDF) scheduling policy for periodic real-time tasks. This scheme can be used to tolerate transient faults during the execution of tasks. We describe a recovery scheme which can be used to re-execute tasks in the event of transient faults and discuss conditions that must be met by any such recovery scheme. For performance evaluation of this idea a tool is developed

Detection of Application-Layer DDoS Attacks Produced by Various Freely Accessible Toolkits Using Machine Learning

Distributed Denial of Service (DDoS) attacks are a growing threat to online services, and various methods have been developed to detect them. However, past research has mainly focused on identifying attack patterns and types, without specifically addressing the role of freely available DDoS attack tools in the escalation of these attacks. This study aims to fill this gap by investigating the impact of the easy availability of DDoS attack tools on the frequency and severity of attacks. In this paper, a machine learning solution to detect DDoS attacks is proposed, which employs a feature selection technique to enhance its speed and efficiency, resulting in a substantial reduction in the feature subset. The provided evaluation metrics demonstrate that the model has a high accuracy level of 99.9%, a precision score of 96%, a recall score of 98%, and an F1 score of 97%. Moreover, the examination found that by utilizing a deliberate approach for feature selection, our model’s efficacy was massively raised

Testbeds for Assessing Critical Scenarios in Power Control Systems

The paper presents a set of control system scenarios implemented in two testbeds developed in the context of the European Project CRUTIAL - CRitical UTility InfrastructurAL Resilience. The selected scenarios refer to power control systems encompassing information and communication security of SCADA systems for grid teleoperation, impact of attacks on inter-operator communications in power emergency conditions, impact of intentional faults on the secondary and tertiary control in power grids with distributed generators. Two testbeds have been developed for assessing the effect of the attacks and prototyping resilient architectures. © 2009 Springer Berlin Heidelberg.status: publishe

ICT Resilience of Power Control Systems: Experimental Results from the CRUTIAL Testbeds

Distributed intelligence and secure interconnected communication networks constitute recognized key factors for the economic operation of electricity infrastructures in competitive power markets. Hence, electric power utilities need to extend risk management frameworks with adequate tools for assessing consequences of ICT (Information and Communication Technologies) threats on their critical business. This requires realistic probability estimates to cyber threat occurrences and consequent failure modes. Due to data sensitivity and rapid discovery of new vulnerability exploits, historical data series of ICT failures affecting power control infrastructures are not sufficient for a timely risk treatment. Such lack of data can partially be overcome by setting up testbeds to run controlled experiments and collect otherwise unavailable data related to cyber misbehaviours in power system operation. Within the project CRUTIAL (CRitical UTility InfrastructurAL resilience) two testbed platforms have been set up for experimentally evaluating malicious threats on macro and micro grid control scenarios. Results from experimental campaigns are analyzed in the paper by means of an evaluation framework. ©2009 IEEE.status: publishe