An open virtual testbed for industrial control system security research

ICS security has been a topic of scrutiny and research for several years, and many security issues are well known. However, research efforts are impeded by a lack of an open virtual industrial control system testbed for security research. This thesis describes a virtual testbed framework using Python to create discrete testbed components (including virtual devices and process simulators). This testbed is designed such that the testbeds are interoperable with real ICS devices and that the virtual testbeds can provide comparable ICS network behavior to a laboratory testbed. Two testbeds based on laboratory testbeds have been developed and have been shown to be interoperable with real industrial control systemequipment and vulnerable to attacks in the samemanner as a real system. Additionally, these testbeds have been quantitatively shown to produce traffic close to laboratory systems (within 90% similarity on most metrics)

Ghera: A Repository of Android App Vulnerability Benchmarks

Security of mobile apps affects the security of their users. This has fueled the development of techniques to automatically detect vulnerabilities in mobile apps and help developers secure their apps; specifically, in the context of Android platform due to openness and ubiquitousness of the platform. Despite a slew of research efforts in this space, there is no comprehensive repository of up-to-date and lean benchmarks that contain most of the known Android app vulnerabilities and, consequently, can be used to rigorously evaluate both existing and new vulnerability detection techniques and help developers learn about Android app vulnerabilities. In this paper, we describe Ghera, an open source repository of benchmarks that capture 25 known vulnerabilities in Android apps (as pairs of exploited/benign and exploiting/malicious apps). We also present desirable characteristics of vulnerability benchmarks and repositories that we uncovered while creating Ghera.Comment: 10 pages. Accepted at PROMISE'1

VFCFinder: Seamlessly Pairing Security Advisories and Patches

Security advisories are the primary channel of communication for discovered vulnerabilities in open-source software, but they often lack crucial information. Specifically, 63% of vulnerability database reports are missing their patch links, also referred to as vulnerability fixing commits (VFCs). This paper introduces VFCFinder, a tool that generates the top-five ranked set of VFCs for a given security advisory using Natural Language Programming Language (NL-PL) models. VFCFinder yields a 96.6% recall for finding the correct VFC within the Top-5 commits, and an 80.0% recall for the Top-1 ranked commit. VFCFinder generalizes to nine different programming languages and outperforms state-of-the-art approaches by 36 percentage points in terms of Top-1 recall. As a practical contribution, we used VFCFinder to backfill over 300 missing VFCs in the GitHub Security Advisory (GHSA) database. All of the VFCs were accepted and merged into the GHSA database. In addition to demonstrating a practical pairing of security advisories to VFCs, our general open-source implementation will allow vulnerability database maintainers to drastically improve data quality, supporting efforts to secure the software supply chain

On SCADA control system command and response injection and intrusion detection," in 2010 eCrime Researchers Summit (eCrime),

Abstract-SCADA systems are widely used in critical infrastructure sectors, including electricity generation and distribution, oil and gas production and distribution, and water treatment and distribution. SCADA process control systems are typically isolated from the internet via firewalls. However, they may still be subject to illicit cyber penetrations and may be subject to cyber threats from disgruntled insiders. We have developed a set of command injection, data injection, and denial of service attacks which leverage the lack of authentication in many common control system communication protocols including MODBUS, DNP3, and EtherNETIIP. We used these exploits to aid in development of a neural network based intrusion detection system which monitors control system physical behavior to detect artifacts of command and response injection attacks. Finally, we present intrusion detection accuracy results for our neural network based IDS which includes input features derived from physical properties of the control system

Challenging the roles of CD44 and lipolysis stimulated lipoprotein receptor in conveying Clostridium perfringens iota toxin cytotoxicity in breast cancer.

International audienceBACKGROUND: Translational exploration of bacterial toxins has come to the forefront of research given their potential as a chemotherapeutic tool. Studies in select tissues have demonstrated that Clostridium perfringens iota toxin binds to CD44 and lipolysis stimulated lipoprotein receptor (LSR) cell-surface proteins. We recently demonstrated that LSR expression correlates with estrogen receptor positive breast cancers and that LSR signaling directs aggressive, tumor-initiating cell behaviors. Herein, we identify the mechanisms of iota toxin cytotoxicity in a tissue-specific, breast cancer model with the ultimate goal of laying the foundation for using iota toxin as a targeted breast cancer therapy. METHODS: In vitro model systems were used to determine the cytotoxic effect of iota toxin on breast cancer intrinsic subtypes. The use of overexpression and knockdown technologies confirmed the roles of LSR and CD44 in regulating iota toxin endocytosis and induction of cell death. Lastly, cytotoxicity assays were used to demonstrate the effect of iota toxin on a validated set of tamoxifen resistant breast cancer cell lines. RESULTS: Treatment of 14 breast cancer cell lines revealed that LSR+/CD44- lines were highly sensitive, LSR+/CD44+ lines were slightly sensitive, and LSR-/CD44+ lines were resistant to iota cytotoxicity. Reduction in LSR expression resulted in a significant decrease in toxin sensitivity; however, overexpression of CD44 conveyed toxin resistance. CD44 overexpression was correlated with decreased toxin-stimulated lysosome formation and decreased cytosolic levels of iota toxin. These findings indicated that expression of CD44 drives iota toxin resistance through inhibition of endocytosis in breast cancer cells, a role not previously defined for CD44. Moreover, tamoxifen-resistant breast cancer cells exhibited robust expression of LSR and were highly sensitive to iota-induced cytotoxicity. CONCLUSIONS: Collectively, these data are the first to show that iota toxin has the potential to be an effective, targeted therapy for breast cancer