202 research outputs found
Towards a Layered Architectural View for Security Analysis in SCADA Systems
Supervisory Control and Data Acquisition (SCADA) systems support and control
the operation of many critical infrastructures that our society depend on, such
as power grids. Since SCADA systems become a target for cyber attacks and the
potential impact of a successful attack could lead to disastrous consequences
in the physical world, ensuring the security of these systems is of vital
importance. A fundamental prerequisite to securing a SCADA system is a clear
understanding and a consistent view of its architecture. However, because of
the complexity and scale of SCADA systems, this is challenging to acquire. In
this paper, we propose a layered architectural view for SCADA systems, which
aims at building a common ground among stakeholders and supporting the
implementation of security analysis. In order to manage the complexity and
scale, we define four interrelated architectural layers, and uses the concept
of viewpoints to focus on a subset of the system. We indicate the applicability
of our approach in the context of SCADA system security analysis.Comment: 7 pages, 4 figure
Privacy in Inter-Vehicular Networks: Why simple pseudonym change is not enough
Inter-vehicle communication (IVC) systems disclose rich location information about vehicles. State-of-the-art security architectures are aware of the problem and provide privacy enhancing mechanisms, notably pseudonymous authentication. However, the granularity and the amount of location information IVC protocols divulge, enable an adversary that eavesdrops all traffic throughout an area, to reconstruct long traces of the whereabouts of the majority of vehicles within the same area. Our analysis in this paper confirms the existence of this kind of threat. As a result, it is questionable if strong location privacy is achievable in IVC systems against a powerful adversary.\u
Approaching the Automation of Cyber Security Testing of Connected Vehicles
The advancing digitalization of vehicles and automotive systems bears many
advantages for creating and enhancing comfort and safety-related systems
ranging from drive-by-wire, inclusion of advanced displays, entertainment
systems up to sophisticated driving assistance and autonomous driving. It,
however, also contains the inherent risk of being used for purposes that are
not intended for, raging from small non-authorized customizations to the
possibility of full-scale cyberattacks that affect several vehicles to whole
fleets and vital systems such as steering and engine control. To prevent such
conditions and mitigate cybersecurity risks from affecting the safety of road
traffic, testing cybersecurity must be adopted into automotive testing at a
large scale. Currently, the manual penetration testing processes cannot uphold
the increasing demand due to time and cost to test complex systems. We propose
an approach for an architecture that (semi-)automates automotive cybersecurity
test, allowing for more economic testing and therefore keeping up to the rising
demand induced by new vehicle functions as well as the development towards
connected and autonomous vehicles.Comment: 3 pages, 1 figure, Central European Cybersecurity Conference 2019
(CECC2019), Munic
Learning from Crowds by Modeling Common Confusions
Crowdsourcing provides a practical way to obtain large amounts of labeled
data at a low cost. However, the annotation quality of annotators varies
considerably, which imposes new challenges in learning a high-quality model
from the crowdsourced annotations. In this work, we provide a new perspective
to decompose annotation noise into common noise and individual noise and
differentiate the source of confusion based on instance difficulty and
annotator expertise on a per-instance-annotator basis. We realize this new
crowdsourcing model by an end-to-end learning solution with two types of noise
adaptation layers: one is shared across annotators to capture their commonly
shared confusions, and the other one is pertaining to each annotator to realize
individual confusion. To recognize the source of noise in each annotation, we
use an auxiliary network to choose the two noise adaptation layers with respect
to both instances and annotators. Extensive experiments on both synthesized and
real-world benchmarks demonstrate the effectiveness of our proposed common
noise adaptation solution.Comment: Accepted by AAAI 202
Visual Cortex Inspired CNN Model for Feature Construction in Text Analysis
Recently, biologically inspired models are gradually proposed to solve the problem in text analysis. Convolutional neural networks (CNN) are hierarchical artificial neural networks, which include a various of multilayer perceptrons. According to biological research, CNN can be improved by bringing in the attention modulation and memory processing of primate visual cortex. In this paper, we employ the above properties of primate visual cortex to improve CNN and propose a biological-mechanism-driven-feature-construction based answer recommendation method (BMFC-ARM), which is used to recommend the best answer for the corresponding given questions in community question answering. BMFC-ARM is an improved CNN with four channels respectively representing questions, answers, asker information and answerer information, and mainly contains two stages: biological mechanism driven feature construction (BMFC) and answer ranking. BMFC imitates the attention modulation property by introducing the asker information and answerer information of given questions and the similarity between them, and imitates the memory processing property through bringing in the user reputation information for answerers. Then the feature vector for answer ranking is constructed by fusing the asker-answerer similarities, answerer's reputation and the corresponding vectors of question, answer, asker and answerer. Finally, the Softmax is used at the stage of answer ranking to get best answers by the feature vector. The experimental results of answer recommendation on the Stackexchange dataset show that BMFC-ARM exhibits better performance
Using Content Analysis for Privacy Requirement Extraction and Policy Formalization
Abstract: Privacy in cyberspace is a major concern nowadays and enterprises are required to comply with existing privacy regulations and ensure a certain level of privacy for societal and user acceptance. Privacy is also a multidisciplinary and mercury concept, which makes it challenging to define clear privacy requirements and policies to facilitate compliance check and enforcement at the technical level. This paper investigates the potential of using knowledge engineering approaches to transform legal documents to actionable business process models through the extraction of privacy requirements and formalization of privacy policies. The paper features two contributions: A literature review of existing privacy engineering approaches shows that semi-automatic support for extracting and modeling privacy policies from textual documents is often missing. A case study applying content analysis to five guideline documents on implementing privacy-preserving video surveillance systems yields promising first results towards a methodology on semi-automatic extraction and formalization of privacy policies using knowledge engineering approaches
Multi-wavelength coherent random laser in bio-microfibers
In this paper, pure silk protein was extracted from Bombyx mori silks and fabricated into a new kind of disordered bio-microfiber structure using electrospinning technology. Coherent random lasing emission with low threshold was achieved in the silk fibroin fibers. The random lasing emission wavelength can be tuned in the range of 33 nm by controlling the pump location with different scattering strengths. Therefore, the bio-microfiber random lasers can be a wide spectral light source when the system is doped with a gain or energy transfer medium with a large fluorescence emission band. Application of the random lasers of the bio-microfibers as a low-coherence light source in speckle-free imaging had also been studied
- …