| 1. |
- Atif, Yacine, 1967-, et al.
(författare)
-
Cyber-threat analysis for Cyber-Physical Systems : Technical report for Package 4, Activity 3 of ELVIRA project
- 2018
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- Smart grid employs ICT infrastructure and network connectivity to optimize efficiency and deliver new functionalities. This evolu- tion is associated with an increased risk for cybersecurity threats that may hamper smart grid operations. Power utility providers need tools for assessing risk of prevailing cyberthreats over ICT infrastructures. The need for frameworks to guide the develop- ment of these tools is essential to define and reveal vulnerability analysis indicators. We propose a data-driven approach for design- ing testbeds to evaluate the vulnerability of cyberphysical systems against cyberthreats. The proposed framework uses data reported from multiple components of cyberphysical system architecture layers, including physical, control, and cyber layers. At the phys- ical layer, we consider component inventory and related physi- cal flows. At the control level, we consider control data, such as SCADA data flows in industrial and critical infrastructure control systems. Finally, at the cyber layer level, we consider existing secu- rity and monitoring data from cyber-incident event management tools, which are increasingly embedded into the control fabrics of cyberphysical systems.
|
|
| 2. |
- Atif, Yacine, 1967-, et al.
(författare)
-
Cyber-Threat Intelligence Architecture for Smart-Grid Critical Infrastructures Protection
- 2017
-
Konferensbidrag (refereegranskat)abstract
- Critical infrastructures (CIs) are becoming increasingly sophisticated with embedded cyber-physical systems (CPSs) that provide managerial automation and autonomic controls. Yet these advances expose CI components to new cyber-threats, leading to a chain of dysfunctionalities with catastrophic socio-economical implications. We propose a comprehensive architectural model to support the development of incident management tools that provide situation-awareness and cyber-threats intelligence for CI protection, with a special focus on smart-grid CI. The goal is to unleash forensic data from CPS-based CIs to perform some predictive analytics. In doing so, we use some AI (Artificial Intelligence) paradigms for both data collection, threat detection, and cascade-effects prediction.
|
|
| 3. |
- Atif, Yacine, 1967-, et al.
(författare)
-
Multi-agent Systems for Power Grid Monitoring : Technical report for Package 4.1 of ELVIRA project
- 2018
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- This document reports a technical description of ELVIRA project results obtained as part of Work- package 4.1 entitled “Multi-agent systems for power Grid monitoring”. ELVIRA project is a collaboration between researchers in School of IT at University of Skövde and Combitech Technical Consulting Company in Sweden, with the aim to design, develop and test a testbed simulator for critical infrastructures cybersecurity. This report outlines intelligent approaches that continuously analyze data flows generated by Supervisory Control And Data Acquisition (SCADA) systems, which monitor contemporary power grid infrastructures. However, cybersecurity threats and security mechanisms cannot be analyzed and tested on actual systems, and thus testbed simulators are necessary to assess vulnerabilities and evaluate the infrastructure resilience against cyberattacks. This report suggests an agent-based model to simulate SCADA- like cyber-components behaviour when facing cyber-infection in order to experiment and test intelligent mitigation mechanisms.
|
|
| 4. |
- Jeusfeld, Manfred A., et al.
(författare)
-
Taxonomy of Events and Components in the Power Grid : Technical description for work packages 3.1 and 3.2 of the ELVIRA Project
- 2018
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- This document reports a technical description of ELVIRA project results obtained as part of Work-package 3.1&3.2 entitled “Taxonomy of Critical Infrastructure (Taxonomy of events + Taxonomy of CI component and relationship)”. ELVIRA project is a collaboration between researchers in School of IT at University of Skövde and Combitech Technical Consulting Company in Sweden, with the aim to design, develop and test a testbed simulator for critical infrastructures cybersecurity.
|
|
| 5. |
- Jiang, Xiangyi, et al.
(författare)
-
Molecular design opportunities presented by solvent-exposed regions of target proteins
- 2019
-
Ingår i: Medicinal research reviews (Print). - : John Wiley & Sons. - 0198-6325 .- 1098-1128. ; 39:6, s. 2194-2238
-
Forskningsöversikt (refereegranskat)abstract
- Solvent-exposed regions, or solvent-filled pockets, within or adjacent to the ligand-binding sites of drug-target proteins provide opportunities for substantial modifications of existing small-molecular drug molecules without serious loss of activity. In this review, we present recent selected examples of exploitation of solvent-exposed regions of proteins in drug design and development from the recent medicinal-chemistry literature.
|
|
| 6. |
- Jiang, Yuning, 1993-, et al.
(författare)
-
A Language and Repository for Cyber Security of Smart Grids
- 2018
-
Ingår i: 2018 IEEE 22nd International Enterprise Distributed Object Computing Conference (EDOC 2018). - Los Alamitos, CA : IEEE. - 9781538641392 ; , s. 164-170
-
Konferensbidrag (refereegranskat)abstract
- Power grids form the central critical infrastructure in all developed economies. Disruptions of power supply can cause major effects on the economy and the livelihood of citizens. At the same time, power grids are being targeted by sophisticated cyber attacks. To counter these threats, we propose a domain-specific language and a repository to represent power grids and related IT components that control the power grid. We apply our tool to a standard example used in the literature to assess its expressiveness.
|
|
| 7. |
- Jiang, Yuning, 1993-, et al.
(författare)
-
A selective ensemble model for cognitive cybersecurity analysis
- 2021
-
Ingår i: Journal of Network and Computer Applications. - : Elsevier. - 1084-8045 .- 1095-8592. ; 193
-
Tidskriftsartikel (refereegranskat)abstract
- Dynamic data-driven vulnerability assessments face massive heterogeneous data contained in, and produced by SOCs (Security Operations Centres). Manual vulnerability assessment practices result in inaccurate data and induce complex analytical reasoning. Contemporary security repositories’ diversity, incompleteness and redundancy contribute to such security concerns. These issues are typical characteristics of public and manufacturer vulnerability reports, which exacerbate direct analysis to root out security deficiencies. Recent advances in machine learning techniques promise novel approaches to overcome these notorious diversity and incompleteness issues across massively increasing vulnerability reports corpora. Yet, these techniques themselves exhibit varying degrees of performance as a result of their diverse methods. We propose a cognitive cybersecurity approach that empowers human cognitive capital along two dimensions. We first resolve conflicting vulnerability reports and preprocess embedded security indicators into reliable data sets. Then, we use these data sets as a base for our proposed ensemble meta-classifier methods that fuse machine learning techniques to improve the predictive accuracy over individual machine learning algorithms. The application and implication of this methodology in the context of vulnerability analysis of computer systems are yet to unfold the full extent of its potential. The proposed cognitive security methodology in this paper is shown to improve performances when addressing the above-mentioned incompleteness and diversity issues across cybersecurity alert repositories. The experimental analysis conducted on actual cybersecurity data sources reveals interesting tradeoffs of our proposed selective ensemble methodology, to infer patterns of computer system vulnerabilities.
|
|
| 8. |
- Jiang, Yuning, 1993-, et al.
(författare)
-
A Semantic Framework With Humans in the Loop for Vulnerability-Assessment in Cyber-Physical Production Systems
- 2020
-
Ingår i: Risks and Security of Internet and Systems. - Cham : Springer. - 9783030415679 - 9783030415686 ; , s. 128-143
-
Konferensbidrag (refereegranskat)abstract
- Criticalmanufacturingprocessesinsmartnetworkedsystems such as Cyber-Physical Production Systems (CPPSs) typically require guaranteed quality-of-service performances, which is supported by cyber- security management. Currently, most existing vulnerability-assessment techniques mostly rely on only the security department due to limited communication between di↵erent working groups. This poses a limitation to the security management of CPPSs, as malicious operations may use new exploits that occur between successive analysis milestones or across departmental managerial boundaries. Thus, it is important to study and analyse CPPS networks’ security, in terms of vulnerability analysis that accounts for humans in the production process loop, to prevent potential threats to infiltrate through cross-layer gaps and to reduce the magnitude of their impact. We propose a semantic framework that supports the col- laboration between di↵erent actors in the production process, to improve situation awareness for cyberthreats prevention. Stakeholders with dif- ferent expertise are contributing to vulnerability assessment, which can be further combined with attack-scenario analysis to provide more prac- tical analysis. In doing so, we show through a case study evaluation how our proposed framework leverages crucial relationships between vulner- abilities, threats and attacks, in order to narrow further the risk-window induced by discoverable vulnerabilities.
|
|
| 9. |
- Jiang, Yuning, 1993-, et al.
(författare)
-
Agent Based Testbed Design for Cyber Vulnerability Assessment in Smart-Grids
- 2018
-
Konferensbidrag (övrigt vetenskapligt/konstnärligt)abstract
- Smart grid employs Information and Communication Technology (ICT) infrastructure and network connectivity to optimize efficiency and deliver new functionalities. This evolution is associated with an increased risk for cybersecurity threats that may hamper smart grid operations. Power utility providers need tools for assessing risk of prevailing cyberthreats over ICT infrastructures. The need for frameworks to guide the development of these tools is essential to define and reveal vulnerability analysis indicators. We propose a data-driven approach for designing testbeds to allow the simulation of cyberattacks in order to evaluate the vulnerability and the impact of cyber threat attacks. The proposed framework uses data reported from multiple smart grid components at different smart grid architecture layers, including physical, control, and cyber layers. The multi-agent based framework proposed in this paper would analyze the conglomeration of these data reports to assert malicious attacks.
|
|
| 10. |
- Jiang, Yuning, 1993-, et al.
(författare)
-
An Approach to Discover and Assess Vulnerability Severity Automatically in Cyber-Physical Systems
- 2020
-
Ingår i: Proceedings of the 13th International Conference on Security of Information and Networks. - New York, NY, USA : Association for Computing Machinery (ACM). - 9781450387514
-
Konferensbidrag (refereegranskat)abstract
- Current vulnerability scoring mechanisms in complex cyber-physical systems (CPSs) face challenges induced by the proliferation of both component versions and recurring scoring-mechanism versions. Different data-repository sources like National Vulnerability Database (NVD), vendor websites as well as third party security tool analysers (e.g. ICS CERT and VulDB) may provide conflicting severity scores. We propose a machine-learning pipeline mechanism to compute vulnerability severity scores automatically. This method also discovers score correlations from established sources to infer and enhance the severity consistency of reported vulnerabilities. To evaluate our approach, we show through a CPS-based case study how our proposed scoring system automatically synthesises accurate scores for some vulnerability instances, to support remediation decision-making processes. In this case study, we also analyse the characteristics of CPS vulnerability instances.
|
|
