The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
This demo showcases some of the capabilities foreseen for the security infrastructure designed by the H2020 SHIELD project. SHIELD exploits NFV for adaptive monitoring of an IT infrastructure and for feeding the data to an analytics engine to detect attacks in real time. An intelligent reaction system is then activated to reconfigure the SDN/NFV infrastructure so that the attacks are thwarted. The...
Software-defined networking (SDN) addresses pressing networking problems such as network virtualization and data center complexity. By separating the control plane from the data plane, SDN introduces a new abstraction layer. This new abstraction layer is typically implemented by means of a so-called SDN controller. SDN applications can interact with the controller to ensure network functionality....
Attack graphs constitute a powerful security tool aimed at modelling the many ways in which an attacker may compromise different assets in a network. Despite their usefulness in several security-related activities (e.g. hardening, monitoring, forensics), the complexity of these graphs can massively grow as the network becomes denser and larger, thus defying their practical usability. In this presentation,...
We present an approach to tracking the behaviour of an attacker on a decoy system, where the decoy communicates with the real system only through low energy bluetooth. The result is a low-cost solution that does not interrupt the live system, while limiting potential damage. The attacker has no way to detect that they are being monitored, while their actions are being logged for further investigation...
Development and operation of multi-cloud applications, i.e. applications which consume and orchestrate services from multiple independent Cloud Service Providers, are challenging topics nowadays. Systematically addressing security assurance in such applications is an additional issue, unsolved at state of art. This paper introduces the MUSA DevOps approach to holistic security assurance in multi-cloud...
Honeynet is a network architecture that utilizes multiple honeypots to deceive attackers and analyze their malicious behaviors. However, existing honeynet has not evolved much since its latest architecture, Gen-III, which was proposed in 2004. Meanwhile, security threats and techniques used by adversaries have been continuously advanced. As a result, honeypot architecture is suffering from its limited...
Industrial Control System (ICS) is used to monitor and control critical infrastructures. Programmable logic controllers (PLCs) are major components of ICS, which are used to form automation system. It is important to protect PLCs from any attacks and undesired incidents. However, it is not easy to apply traditional tools and techniques to PLCs for security protection and forensics because of its unique...
Enhanced Course of Action (CoA) generation is a fundamental component of effective risk management and mitigation. This paper presents an extension of a system capable of integrating physics-based (hard) and people-generated (soft) data, for the purpose of achieving increased situational assessment and automatic CoA generation upon risk identification. The system's capabilities are enhanced through...
There is a growing need for Vehicular Ad-hoc Networks (VANETs), in which vehicles communicate with each other (i. e., Vehicle to Vehicle, V2V) or with the infrastructure (i. e., Vehicle to Infrastructure, V2I) on a wireless basis. This paper presents an improved traffic monitoring system for VANET applications via a proposed security scheme. Specifically, the proposed model analyzes the monitored...
Devices that monitor and measure various system parameters or physical phenomena form an integral part of cyber-physical systems. Such devices usually operate continuously and gather important data that is often critical for the operation of the underlying system. Thus, it becomes important to understand and detect abnormal or malicious device behavior, false injection of data by an adversary, or...
In this paper, we proposed an IoT-based visitor detection system. It uses an IR sensor to detect human body and two ultrasonic sensors to locate visitor servo motor under the position. When a visitor is detected it drives camera module to locate the visitor. Recoded video and sensor data are stored in the Database. Saved data can see via the PC and Smart device. We developed the system using Raspberry...
Critical Infrastructure Security had always been an issue. With the technological advancements, there has been a continuous inflow of novel methods for critical infrastructure security. In this paper, design, implementation, and field tests of a novel critical infrastructure security system based on wireless sensor networks is presented.
Arctic conditions and the territorial politico-economic crisis in Ukraine are two different types of extreme conditions, where civilian authorities need to use Remotely Piloted Aircraft Systems (RPAS) to support manned processes and other information systems. Due to the lack of adequate research and publications, best practice may remain unshared. Therefore authorities may not be aware of potential...
Code reuse attack (CRA) is a powerful exploitation technique that allows attackers to perform arbitrary computation. To maximize the performance, prior hardware solutions to CRAs require invasive modifications to the CPU architecture or substantial storage overhead to keep the binary analysis result. In this paper, we propose a new debug interface with which CRA solutions can be easily implemented...
The level of trust accorded to certification authorities has been decreasing over the last few years as several cases of misbehavior and compromise have been observed. Log-based approaches, such as Certificate Transparency, ensure that fraudulent TLS certificates become publicly visible. However, a key element that log-based approaches still lack is a way for clients to verify that the log behaves...
Many contexts dealing with sensitive information require high-robustness and high-assurance certified security systems that should not be affected by known vulnerabilities. Covert channels are illicit paths that could be exploited by attackers to convey illicit data flows that contravene the security policies. Many implementations of the so-called Covert Storage Channels exist, whereas no implementation...
Networked infrastructures underpin most social and economical interactions nowadays and have become an integral part of the critical infrastructure. Thus, it is crucial that heterogeneous networked environments provide adequate resilience in order to satisfy the quality requirements of the user. In order to achieve this, a coordinated approach to confront potential challenges is required. These challenges...
Permissions-based security model of Android increasingly shows its vulnerability in protecting users' privacy information. According to the permissions-based security model, an application should have the appropriate permissions before gaining various resources (including data and hardware) in the phone. This model can only restrict an application to access system resources without appropriate permissions,...
Owning a SOC is an important status symbol for many organizations. Although the concept of a 'SOC' can be considered a hype, only a few of them are actually effective in counteracting cybercrime and IT abuse. A literature review reveals that there is no standard framework available and no clear scope or vision on SOCs. In most of the papers, specific implementations are described, although often with...
We propose a Cloud Advisor framework that couples two salient features: trustworthiness and transparency measurement. It provides a mechanism to measure trustworthiness based on the history of the cloud provider taking into account evidence support and to measure transparency based on the Cloud Controls Matrix (CCM) framework. The selection process is based on a set of assurance requirements that...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.