| 1. |
- Adewole, Kayode S., et al.
(författare)
-
DFTMicroagg: a dual-level anonymization algorithm for smart grid data
- 2022
-
Ingår i: International Journal of Information Security. - : Springer. - 1615-5262 .- 1615-5270. ; 21, s. 1299-1321
-
Tidskriftsartikel (refereegranskat)abstract
- The introduction of advanced metering infrastructure (AMI) smart meters has given rise to fine-grained electricity usage data at different levels of time granularity. AMI collects high-frequency daily energy consumption data that enables utility companies and data aggregators to perform a rich set of grid operations such as demand response, grid monitoring, load forecasting and many more. However, the privacy concerns associated with daily energy consumption data has been raised. Existing studies on data anonymization for smart grid data focused on the direct application of perturbation algorithms, such as microaggregation, to protect the privacy of consumers. In this paper, we empirically show that reliance on microaggregation alone is not sufficient to protect smart grid data. Therefore, we propose DFTMicroagg algorithm that provides a dual level of perturbation to improve privacy. The algorithm leverages the benefits of discrete Fourier transform (DFT) and microaggregation to provide additional layer of protection. We evaluated our algorithm on two publicly available smart grid datasets with millions of smart meters readings. Experimental results based on clustering analysis using k-Means, classification via k-nearest neighbor (kNN) algorithm and mean hourly energy consumption forecast using Seasonal Auto-Regressive Integrated Moving Average with eXogenous (SARIMAX) factors model further proved the applicability of the proposed method. Our approach provides utility companies with more flexibility to control the level of protection for their published energy data.
|
|
| 2. |
- Cheng, Peng, et al.
(författare)
-
SonarSnoop : active acoustic side-channel attacks
- 2020
-
Ingår i: International Journal of Information Security. - : Springer. - 1615-5262 .- 1615-5270. ; 19:2, s. 213-228
-
Tidskriftsartikel (refereegranskat)abstract
- We report the first active acoustic side-channel attack. Speakers are used to emit human inaudible acoustic signals, and the echo is recorded via microphones, turning the acoustic system of a smart phone into a sonar system. The echo signal can be used to profile user interaction with the device. For example, a victims finger movements can be inferred to steal Android unlock patterns. In our empirical study, the number of candidate unlock patterns that an attacker must try to authenticate herself to a Samsung S4 phone can be reduced by up to 70% using this novel acoustic side-channel. The attack is entirely unnoticeable to victims. Our approach can be easily applied to other application scenarios and device types. Overall, our work highlights a new family of security threats.
|
|
| 3. |
- Ekstedt, Mathias, 1975-, et al.
(författare)
-
Yet another cybersecurity risk assessment framework
- 2023
-
Ingår i: International Journal of Information Security. - : Springer Nature. - 1615-5262 .- 1615-5270. ; :22, s. 1713-1729
-
Tidskriftsartikel (refereegranskat)abstract
- IT systems pervade our society more and more, and we become heavily dependent on them. At the same time, these systems are increasingly targeted in cyberattacks, making us vulnerable. Enterprise and cybersecurity responsibles face the problem of defining techniques that raise the level of security. They need to decide which mechanism provides the most efficient defense with limited resources. Basically, the risks need to be assessed to determine the best cost-to-benefit ratio. One way to achieve this is through threat modeling; however, threat modeling is not commonly used in the enterprise IT risk domain. Furthermore, the existing threat modeling methods have shortcomings. This paper introduces a metamodel-based approach named Yet Another Cybersecurity Risk Assessment Framework (Yacraf). Yacraf aims to enable comprehensive risk assessment for organizations with more decision support. The paper includes a risk calculation formalization and also an example showing how an organization can use and benefit from Yacraf.
|
|
| 4. |
- Höglund, Joel, 1979-, et al.
(författare)
-
AutoPKI : public key infrastructure for IoT with automated trust transfer
- 2024
-
Ingår i: International Journal of Information Security. - : Springer Science and Business Media Deutschland GmbH. - 1615-5262 .- 1615-5270.
-
Tidskriftsartikel (refereegranskat)abstract
- IoT deployments grow in numbers and size, which makes questions of long-term support and maintainability increasingly important. Without scalable and standard-compliant capabilities to transfer the control of IoT devices between service providers, IoT system owners cannot ensure long-term maintainability, and risk vendor lock-in. The manual overhead must be kept low for large-scale IoT installations to be economically feasible. We propose AutoPKI, a lightweight protocol to update the IoT PKI credentials and shift the trusted domains, enabling the transfer of control between IoT service providers, building upon the latest IoT standards for secure communication and efficient encodings. We show that the overhead for the involved IoT devices is small and that the overall required manual overhead can be minimized. We analyse the fulfilment of the security requirements, and for a subset of them, we demonstrate that the desired security properties hold through formal verification using the Tamarin prover.
|
|
| 5. |
- Picazo-Sanchez, Pablo, 1985, et al.
(författare)
-
After you, please: browser extensions order attacks and countermeasures
- 2020
-
Ingår i: International Journal of Information Security. - : Springer Science and Business Media LLC. - 1615-5262 .- 1615-5270. ; 19:6, s. 623-638
-
Tidskriftsartikel (refereegranskat)abstract
- Browser extensions are small applications executed in the browser context that provide additional capabilities and enrich the user experience while surfing the web. The acceptance of extensions in current browsers is unquestionable. For instance, Chrome's official extension repository has more than 63,000 extensions, with some of them having more than 10M users. When installed, extensions are pushed into an internal queue within the browser. The order in which each extension executes depends on a number of factors, including their relative installation times. In this paper, we demonstrate how this order can be exploited by an unprivileged malicious extension (i.e., one with no more permissions than those already assigned when accessing web content) to get access to any private information that other extensions have previously introduced. We propose a solution that does not require modifying the core browser engine, since it is implemented as another browser extension. We prove that our approach effectively protects the user against usual attackers (i.e., any other installed extension) as well as against strong attackers having access to the effects of all installed extensions (i.e., knowing who did what). We also prove soundness and robustness of our approach under reasonable assumptions.
|
|
| 6. |
- Picazo-Sanchez, Pablo, 1985, et al.
(författare)
-
Are chrome extensions compliant with the spirit of least privilege?
- 2022
-
Ingår i: International Journal of Information Security. - : Springer Science and Business Media LLC. - 1615-5262 .- 1615-5270. ; 21:6, s. 1283-1297
-
Tidskriftsartikel (refereegranskat)abstract
- Extensions are small applications installed by users and enrich the user experience of browsing the Internet. Browsers expose a set of restricted APIs to extensions. To be used, extensions need to list the permissions associated with these APIs in a mandatory extension file named manifest. In particular, Chrome’s permission ecosystem was designed in the spirit of the least privilege. Yet, this paper demonstrates that 39.8% of the analyzed extensions provided by the official Web Store are compliant with the spirit of least privilege. Also, we develop: (1) a browser extension to make aware regular users of the permissions the extensions they install; (2) a web app where extensions developers can check whether their extensions are compliant with the spirit of the least privileged; and (3) a set of scripts that can be part of the vendors’ acceptance criteria such that when developers upload their extensions to the official repositories, the scripts automatically analyze the extensions and generate a report about the permissions and the usage.
|
|
| 7. |
- Picazo-Sanchez, Pablo, 1985, et al.
(författare)
-
Gridchain: an investigation of privacy for the future local distribution grid
- 2023
-
Ingår i: International Journal of Information Security. - : Springer Science and Business Media LLC. - 1615-5262 .- 1615-5270. ; 22:1, s. 29-46
-
Tidskriftsartikel (refereegranskat)abstract
- As part of building the smart grid, there is a massive deployment of so-called smart meters that aggregate information and communicate with the back-end office, apart from measuring properties of the local network. Detailed measurements and communication of, e.g., consumption allows for remote billing, but also in finding problems in the distribution of power and overall to provide data to be used to plan future upgrades of the network. From a security perspective, a massive deployment of such Internet of Things (IoT) components increases the risk that some may be compromised or that collected data are used for privacy-sensitive inference of the consumption of households. In this paper, we investigate the privacy concerns regarding detailed readings of smart meters for billing purposes. We present Gridchain, a solution where households can opt-in to hide their consumption patterns and thus make Non-Intrusive Load Monitoring (NILM) more challenging. Households form groups where they can trade real consumption among themselves to achieve reported consumption that would be resistant to NILM. Gridchain is built on a publish/subscribe model and uses a permissioned blockchain to record any trades, meaning that dishonest households can be discovered and punished if they steal from other households in the group or the electricity company in the end. We implement and release a proof of concept of Gridchain and use public datasets to allow reproducibility. Our results show that even if an attacker has access to the reported electricity consumption of any member of a Gridchain group, this reported consumption is significantly far from the actual consumption to allow for a detailed fingerprint of the household activities.
|
|
| 8. |
- Rasori, Marco, et al.
(författare)
-
Using the ACE framework to enforce access and usage control with notifications of revoked access rights
- 2024
-
Ingår i: International Journal of Information Security. - : Springer Science and Business Media Deutschland GmbH. - 1615-5262 .- 1615-5270.
-
Tidskriftsartikel (refereegranskat)abstract
- The standard ACE framework provides authentication and authorization mechanisms similar to those of the standard OAuth 2.0 framework, but it is intended for use in Internet-of-Things environments. In particular, ACE relies on OAuth 2.0, CoAP, CBOR, and COSE as its core building blocks. In ACE, a non-constrained entity called Authorization Server issues Access Tokens to Clients according to some access control and policy evaluation mechanism. An Access Token is then consumed by a Resource Server, which verifies the Access Token and lets the Client accordingly access a protected resource it hosts. Access Tokens have a validity which is limited over time, but they can also be revoked by the Authorization Server before they expire. In this work, we propose the Usage Control framework as an underlying access control means for the ACE Authorization Server, and we assess its performance in terms of time required to issue and revoke Access Tokens. Moreover, we implement and evaluate a method relying on the Observe extension for CoAP, which allows to notify Clients and Resource Servers about revoked Access Tokens. Through results obtained in a real testbed, we show how this method reduces the duration of illegitimate access to protected resources following the revocation of an Access Token, as well as the time spent by Clients and Resource Servers to learn about their Access Tokens being revoked.
|
|
| 9. |
- Süren, Emre, et al.
(författare)
-
PatrIoT : practical and agile threat research for IoT
- 2023
-
Ingår i: International Journal of Information Security. - : Springer Nature. - 1615-5262 .- 1615-5270. ; 22:1, s. 213-233
-
Tidskriftsartikel (refereegranskat)abstract
- The Internet of things (IoT) products, which have been widely adopted, still pose challenges in the modern cybersecurity landscape. Many IoT devices are resource-constrained and almost constantly online. Furthermore, the security features of these devices are less often of concern, and fewer methods, standards, and guidelines are available for testing them. Although a few approaches are available to assess the security posture of IoT products, the ones in use are mostly based on traditional non-IoT-focused techniques and generally lack the attackers' perspective. This study provides a four-stage IoT vulnerability research methodology built on top of four key elements: logical attack surface decomposition, compilation of top 100 weaknesses, lightweight risk scoring, and step-by-step penetration testing guidelines. Our proposed methodology is evaluated with multiple IoT products. The results indicate that PatrIoT allows cyber security practitioners without much experience to advance vulnerability research activities quickly and reduces the risk of critical IoT penetration testing steps being overlooked.
|
|
| 10. |
- Tiloca, Marco, et al.
(författare)
-
Group rekeying based on member join history
- 2020
-
Ingår i: International Journal of Information Security. - : Springer Berlin/Heidelberg. - 1615-5262 .- 1615-5270. ; 19, s. 343-381
-
Tidskriftsartikel (refereegranskat)abstract
- This paper presents GREP, a novel group rekeying scheme that leverages the history of join events in order to achieve efficiency and high scalability. GREP rekeys thegroup with only two broadcast messages, hence displaying an overhead which is small, constant and independent of the group size. Also, GREP efficiently recovers the group from collusion attack with no recourse to total member reinitialization. Even in the very unlikely worst case, collusion recovery displays a smooth impact on performance that gradually increases with the attack severity. We implemented GREP for the Contiki OS and tested it on different resource-constrained platforms. Our analytical and experimental evaluation confirm that GREP is efficient, highly scalable and deployable also on constrained nodes. The paper extends a previous version of this work, especially through additional security analysis, treatise of probabilities for worst case collusion, and experimental evaluation of performance.
|
|
