| 1. |
- Almgren, Magnus, 1972, et al.
(författare)
-
Mapping Systems Security Research at Chalmers
- 2011
-
Ingår i: First SysSec Workshop (SysSec 2011). - 9780769545301 ; , s. 67-70
-
Konferensbidrag (refereegranskat)abstract
- The department of Computer Science and Engineering at Chalmers University has a long tradition of research in systems security, including security metrics, attack detection, and mitigation. We focus on security issues arising in four specific environments: (1) backbone links, (2) sensor networks, (3) the connected car, and (4) the smart grid. In this short summary we describe recent results as well as open research questions we are exploring.
|
|
| 2. |
- ANGHOLT, JONAS, et al.
(författare)
-
A First Security Analysis of a Secure Intermodal Goods Transport System
- 2013
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- The goods transport business involves a lot of money and is a big part of the infrastructure of any European country. There are often many different actors involved in each transport and the communication network is rather complex due to the point-topoint communication structure. It is easy to understand why there is a high demand for increased simplicity and effectiveness. With this in mind, the e-Freight project which is based on PEPPOL has moved towards a standardized solution by developing a communication system based on access points (APs). These APs act as the interface to the system and makes it easy to establish communication between any two connected actors.With PEPPOL and e-Freight as a foundation, VOLVO leads the SITS project in close cooperation with Stena Line and DSV. The goal is to develop a harmonized communication framework that promotes increased sharing of information between actors and enable new applications to increase effectiveness and security in the chain of transportation. This leads to simplified accessibility for actors to a set of services by being connected to an AP. At the same time service providers benefit from being able to easily set up cloud services available for all actors. In addition to the back-office communication between APs, external devices such as cellphones, in-vehicle computers and check-in terminals can communicate directly with each other over short distances. This type of communication is only partially specified and a mutual standard is yet to be decided upon.In this report we have analyzed the SITS project from an IT-security perspective. The back-end system derived from e-Freight is looked into and communication links, access points, protocols, certificate handling etc., are examined. Another concern in the SITS project is the short-range communication between trucks and terminals. Since RFID is a highly potential candidate for use in this area, we have studied the technology by categorizing a typical RFID system into three distinct layers and researched important security threats with the classic CIA approach. Based on the security issues found, countermeasures such as encryption, authentication and protection against man-in-themiddle attacks are reviewed.
|
|
| 3. |
- Aoudi, Wissam, 1983, et al.
(författare)
-
Spectra: Detecting Attacks on In-Vehicle Networks through Spectral Analysis of CAN-Message Payloads
- 2021
-
Ingår i: Proceedings of the ACM Symposium on Applied Computing. - New York, NY, USA : ACM. ; , s. 1588-1597
-
Konferensbidrag (refereegranskat)abstract
- Nowadays, vehicles have complex in-vehicle networks that have recently been shown to be increasingly vulnerable to cyber-attacks capable of taking control of the vehicles, thereby threatening the safety of the passengers. Several countermeasures have been proposed in the literature in response to the arising threats, however, hurdle requirements imposed by the industry is hindering their adoption in practice. In this paper, we propose SPECTRA, a data-driven anomaly-detection mechanism that is based on spectral analysis of CAN-message payloads. SPECTRA does not abide by the strict specifications predefined for every vehicle model and addresses key real-world deployability challenges.
|
|
| 4. |
- Brocklehurst, Sarah, et al.
(författare)
-
On measurement of operational security
- 1994
-
Ingår i: IEEE Aerospace and Electronic Systems Magazine. - : Institute of Electrical and Electronics Engineers (IEEE). - 0885-8985. ; 9:10, s. 7-16
-
Tidskriftsartikel (refereegranskat)abstract
- Ideally, a measure of the security of a system should capture quantitatively the intuitive notion of "the ability of the system to resist attack." That is, it should be operational, reflecting the degree to which the system can be expected to remain free of security breaches under particular conditions of operation (including attack). Instead, current security levels at best merely reflect the extensiveness of safeguards introduced during the design and development of a system. Whilst we might expect a system developed to a higher level than another to exhibit "more secure behavior" in operation, this cannot be guaranteed; more particularly, we cannot infer what the actual security behavior will be from knowledge of such a level. In the paper we discuss similarities between reliability and security with the intention of working toward measures of "operational security" similar to those that we have for reliability of systems. Very informally, these measures could involve expressions such as the rate of occurrence of security breaches, or the probability that a specified "mission" can be accomplished without a security breach. This new approach is based on the analogy between system failure and security breach, but it raises several issues which invite empirical investigation. We briefly describe a pilot experiment that we have conducted to judge the feasibility of collecting data to examine these issues.
|
|
| 5. |
- Dubrefjord, Dennis, et al.
(författare)
-
Security of In-Vehicle Communication Systems
- 2021
-
Ingår i: Decision Support Systems and Industrial IoT in Smart Grid, Factories, and Cities. - : IGI Global. ; , s. 162-179
-
Bokkapitel (övrigt vetenskapligt/konstnärligt)abstract
- The automotive industry has seen remarkable growth in the use of network and communication technology. These technologies can be vulnerable to attacks. Several examples of confirmed attacks have been documented in academic studies, and many vehicular communications systems have been designed without security aspects in mind. Furthermore, all the security implications mentioned here would affect the functionality of decision support systems (DSS) of IoT and vehicular networks. This chapter focuses on in-vehicle security and aims to categorize some attacks in this field according to the exploited vulnerability by showing common patterns. The conclusion suggests that an ethernet-based architecture could be a good architecture for future vehicular systems; it enables them to meet future security needs while still allowing network communication with outside systems.
|
|
| 6. |
- Grimm, Daniel, et al.
(författare)
-
Gap analysis of ISO/SAE 21434 – Improving the automotive cybersecurity engineering life cycle
- 2023
-
Ingår i: IEEE Conference on Intelligent Transportation Systems, Proceedings, ITSC. - 2153-0017 .- 2153-0009. ; , s. 1904-1911
-
Konferensbidrag (refereegranskat)abstract
- Due to the ongoing legislative shift towards mandated cybersecurity for road vehicles, the automotive cybersecurity engineering standard ISO/SAE 21434 is seeing fast adoption throughout the industry. Early efforts are focusing on threat analysis and risk assessment (TARA) in the concept and development phases, exposing the challenge of managing TARA results coherently throughout the supply chain and life cycle. While the industry focuses on TARA, other aspects such as vulnerability or incident handling are receiving less attention. However, the increasing threat landscape makes these processes increasingly important, posing another industry challenge. In order to better address these two challenges, we analyze the cybersecurity engineering framework of ISO/SAE 21434 for gaps or deficiencies regarding TARA management and vulnerability and incident handling, as well as similar processes for incident handling in IT security. The result is a proposal for modifications and augmentations of the ISO/SAE 21434 cybersecurity engineering framework. In particular, we propose a TARA management process to facilitate the coordination and information exchange between different systems and life cycle phases, and we propose improvements to the vulnerability and incident handling processes in ISO/SAE 21434 so that they are more aligned with established standards. This amounts to 13 new terminology definitions, 4 new process steps, 2 modified process steps and 1 entirely new process.
|
|
| 7. |
- Gustafson, Ulf, et al.
(författare)
-
On the modelling of preventive security based on a PC network intrusion experiment
- 1996
-
Ingår i: ACISP '96 Proceedings of the First Australasian Conference on Information Security and Privacy. - 3540619917 ; 1172, s. 242-252
-
Konferensbidrag (refereegranskat)abstract
- This paper describes a realistic intrusion experiment intended to investigate whether such experiments can yield data suitable for use in quantitative modelling of preventive security, which denotes the system's ability to protect itself from external intrusions. The target system was a network of Personal Computer clients connected to a server. A number of undergraduate students served as attackers and continuously reported relevant data with respect to their intrusion activities. This paper briefly describes the experiment and presents a compilation of all the types of data recorded. A first interpretation and classification of the data are made, and its possible use for modelling purposes is discussed. Summaries of breach parameters and a number of informtive diagrams and tables reflecting the intrusion process are presented.
|
|
| 8. |
- Gustafson, Ulf, 1967, et al.
(författare)
-
Security Evaluation of a PC Network based on Intrusion Experiments
- 1995
-
Ingår i: Proc. 14th Int'l Congress on Computer and Communications Security, SECURICOM '96, Paris, France. ; , s. 187-203
-
Konferensbidrag (refereegranskat)abstract
- This paper presents an intrusion experiment in which the target system was a Novell NetWare 3.12 server to which Personal Computer clients were connected. Undergraduate students with little security expertise and hardly any knowledge of the system served as attackers and were given the task of performing as many intrusions as possible. The objectives of the experiment were twofold: first, to learn more about how to gather and process data from intrusion experiments and to form a methodology applicable to a generic class of computer systems; and, second, to find out whether it is actually possible to create a secure system based on insecure PC workstations. This paper deals mainly with the latter objective, and investigates how and to what extent unevenly distributed security features, such as a “secure” file server with untrusted clients, affect overall system security. Furthermore, in experiments, as opposed to real life situations, it is possible to collect information about how the attacking process is carried out.Before the experiment, we anticipated that the attackers would create Trojan Horses on the clients to spoof other users during the login process, but we did not expect them to find as many serious vulnerabilities in the concept as they did. The experiment shows that untrusted PC clients have ample intrusion possibilities, and that the vulnerabilities can not be compensated by security features elsewhere in the system. Novell has undoubtedly spent more effort in securing the file server and its assets than in securing the clients in the system. This paper contains a summary of the security problems the attackers found, from which it is evident that several new security mechanisms must be added before a NetWare 3.12 system can be regarded as secure.
|
|
| 9. |
- Gustafson, Ulf, 1967, et al.
(författare)
-
Security Evaluation of a PC Network based on Intrusion Experiments
- 1996
-
Ingår i: SECURICOM 1996 - 14th Worldwide Congress on Computer and Communications Security Protection.
-
Tidskriftsartikel (refereegranskat)abstract
- This paper presents an intrusion experiment in which the target system was a Personal Computer network connected to a Novell NetWare 3.12 server. Undergraduate students with little security expertise and hardly any knowledge of the system served as attackers and were given the task of performing as many intrusions as possible. The objectives of the experiment were twofold: first, to learn more about how to gather and process data from intrusion experiments and to form a methodology applicable to a generic class of computer systems; and, second, to find out whether it is actually possible to create a secure system based on insecure PC workstations. This paper deals mainly with the latter objective, and investigates how and to what extent unevenly distributed security features, such as a “secure” file server with untrusted clients, affect overall system security. Furthermore, in experiments, as opposed to real life situations, it is possible to collect information about how the attacking process is carried out.Before the experiment, we anticipated that the attackers would create Trojan Horses on the clients to spoof other users during the login process, but we did not expect them to find as many serious vulnerabilities in the concept as they did. The experiment shows that untrusted PC clients have ample intrusion possibilities, and that the vulnerabilities can not be compensated by security features elsewhere in the system. Novell has undoubtedly spent more effort in securing the file server and its assets than in securing the clients in the system. This paper contains a summary of the security problems the attackers found, from which it is evident that several new security mechanisms must be added before a NetWare 3.12 system can be regarded as secure.
|
|
| 10. |
- Habib, Sheikh Mahbub, et al.
(författare)
-
A Practical Analysis of the Robustness and Stability of the Network Stack in Smartphones
- 2008
-
Ingår i: IEEE International Conference on Computer and Information Technology, ICCIT 2008. - 9781424421367
-
Konferensbidrag (refereegranskat)abstract
- Smartphones are widely used nowadays and their popularity will certainly not slow down in the near future due to improved functionality and new technology improvements. Becoming more and more similar to PCs and laptops, they will also begin to face the same security problems especially in terms of network security. In this paper, we provide an overview of security issues for smartphones and give a brief introduction of the network stack architecture of Windows Mobile 5.0 platform in order to motivate and plan for efficient penetration tests against Windows Mobile 5.0 powered smartphones.Furthermore, a number of attacks have been done against different layers of the network stack and a list of supporting penetration tools are provided for interested practitioners. Detailed results are provided from the penetration tests performed which should be very useful for security vendors, researchers and OS vendors to give more attention to security architectures and development of security software (e.g. firewalls, antivirus) for the mobile operating systems. In a whole, robustness and stability will be assessed for the mobile OSs used by the smartphones throughout the paper.
|
|
