Enhanching Security in the Future Cyber Physical Systems

Manandhar, Kebina

11 May 2015

Cyber Physical System (CPS) is a system where cyber and physical components work in a complex co-ordination to provide better performance. By exploiting the communication infrastructure among the sensors, actuators, and control systems, attackers may compromise the security of a CPS. In this dissertation, security measures for different types of attacks/ faults in two CPSs, water supply system (WSS) and smart grid system, are presented. In this context, I also present my study on energy management in Smart Grid. The techniques for detecting attacks/faults in both WSS and Smart grid system adopt Kalman Filter (KF) and χ2 detector. The χ2 -detector can detect myriad of system fault- s/attacks such as Denial of Service (DoS) attack, short term and long term random attacks. However, the study shows that the χ2 -detector is unable to detect the intelligent False Data Injection attack (FDI). To overcome this limitation, I present a Euclidean detector for smart grid which can effectively detect such injection attacks. Along with detecting attack/faults I also present the isolation of the attacked/faulty nodes for smart grid. For isolation the Gen- eralized Observer Scheme (GOS) implementing Kalman Filter is used. As GOS is effective in isolating attacks/faults on a single sensor, it is unable to isolate simultaneous attacks/faults on multiple sensors. To address this issue, an Iterative Observer Scheme (IOS) is presented which is able to detect attack on multiple sensors. Since network is an integral part of the future CPSs, I also present a scheme for pre- serving privacy in the future Internet architecture, namely MobilityFirst architecture. The proposed scheme, called Anonymity in MobilityFirst (AMF), utilizes the three-tiered ap- proach to effectively exploit the inherent properties of MF Network such as Globally Unique Flat Identifier (GUID) and Global Name Resolution Service (GNRS) to provide anonymity to the users. While employing new proposed schemes in exchanging of keys between different tiers of routers to alleviate trust issues, the proposed scheme uses multiple routers in each tier to avoid collaboration amongst the routers in the three tiers to expose the end users.

Smart Grid

Water Supply System

Kalman Filter

False Data Injection Attack

M.I.D.A.S. : metrics identification of attack surfaces / Metrics identification of attack surfaces

Meek, Joshua A.

05 May 2012

This thesis endeavors to determine the feasibility of design metrics as a predictor of attack surface size by finding a positive correlation between one or more design metrics and an application’s attack surface measurement. An attack surface is the set of ways in which an adversary can enter a system and potentially cause damage. For an experimental setting, six open-source java-based projects were analyzed. For each project, the attack surface is assessed using Microsoft’s Attack Surface Analyzer, which takes a snapshot of a system state before and after the installation of product(s) and displays the changes to a number of key elements of the Windows attack surface. A collection of design metrics was collected from each open-source project as well. The goal is to find a metric or set of metrics that predicted the attack surface changes identified by the Attack Surface Analyzer. / Department of Computer Science

Cyberterrorism -- Prevention

Software measurement

Computer security -- Design

Microsoft Attack Surface Analyzer

Pearl Harbor, 1941 : En teoriprövande fallstudie av Japans flygstridskrafter under anfallet mot Pearl Harbor

Hansson, Martina

January 2014

Den 7 december 1941 genomförde japanska flygstridskrafter ett massivt bombanfall mot Pearl Harbor. Intentionen med anfallet var att slå ut den amerikanska Stillahavsflottan och därmed erhålla större inflytanade i Stillahavsområdet. Anfallen riktades huvudsakligen mot amerikanska fartyg som låg vid Pearl Harbors hamn men även flygfält i dess närområde drabbades hårt av den japanska offensiven. Syftet med detta arbete är att, med utgångpunkt från John. A Warden III centrala teorier; tyngdpunkter, fienden som ett system och parallell attack, analysera Japans agerande under attacken mot Pearl Harbor för att därigenom urskilja i vilken utsträckning dessa teorier kan tillämpas på de japanska flygstridskrafterna vid anfallet. Undersökningen syftar även till att utröna om de utvalda teorierna är applicerbara på taktisk nivå. Arbetet genomförs som en teoriprövande fallstudie där Wardens teorier prövas mot det autentiska fallet. Undersökningens slutsatser åskådliggör att de japanska flygstridskrafterna använde Wardens teorier till viss del. Teorierna tyngdpunkter och parallell attack går tydligt att återfinna i Japans agerande, dock tillämpades teorin fienden som ett system enbart i mindre utsträckning. Undersökningen visar även att det är möjligt att tillämpa utvalda teorier på taktisk nivå.

Pearl Harbor

Japan

flygstridskrafter

John A. Warden III

luftmakt

tyngdpunkter

fienden som ett system

parallell attack.

Two Versions Of The Stream Cipher Snow

Yilmaz, Erdem

01 December 2004

Two versions of SNOW, which are word-oriented stream ciphers proposed by P. Ekdahl and T. Johansson in 2000 and 2002, are studied together with cryptanalytic attacks on the first version. The reported attacks on SNOW1.0 are the &ldquo / guess-and-determine attack&rdquo / s by Hawkes and Rose and the &ldquo / distinguishing attack&rdquo / by Coppersmith, Halevi and Jutla in 2002. A review of the distinguishing attack on SNOW1.0 is given using the approach made by the designers of SNOW in 2002 on another cipher, SOBER-t32. However, since the calculation methods for the complexities of the attack are different, the values found with the method of the designers of SNOW are higher than the ones found by Coppersmith, Halevi and Jutla. The correlations in the finite state machine that make the distinguishing attack possible and how these correlations are affected by the operations in the finite state machine are investigated. Since the substitution boxes (S-boxes) play an important role in destroying the correlation and linearity caused by Linear Feedback Shift Register, the s-boxes of the two versions of SNOW are examined for the criteria of Linear Approximation Table (LAT), Difference Distribution Table (DDT) and Auto-correlation Table distributions. The randomness tests are performed using NIST statistical test suite for both of the ciphers. The results of the tests are presented.

QA Analysis 299.6-433

Stroke prevention and hospital management.

Yip, Man-tat (Albert)

January 2008

Stroke is a preventable disease. Minor stroke and transient ischaemic attack (TIA) are important warning signs of the possibility of a major stroke. Worldwide, stroke is the third most common killer and the largest cause of disability. The incidence of stroke is predicted to increase with the predominance of unhealthy lifestyles and the aging population. The adoption of a healthy lifestyle can reduce many of the risk factors. This descriptive study was designed to explore patients’ understanding of modifiable risk factors of cerebrovascular disease. It investigated lifestyle changes actually made, as well as the factors affecting patients’ decisions about whether to make lifestyle changes. The two major factors considered were patients’ sources and level of knowledge and their attitudes and beliefs around making changes. A convenience sample of patients who had suffered a minor stroke or TIA was recruited through a major metropolitan hospital. Thirty-five subjects responded to a postal questionnaire. The mean age was 68 years and 37% of the subjects had sustained some disability as a result of the TIA or minor stroke. The results demonstrated that many subjects had a poor understanding of risk factors of stroke. While smoking was well recognised as a risk factor, subjects showed less awareness of other risk factors, such as excessive alcohol consumption and obesity. Subjects also reported significant confusion regarding diet. Sixty-six percent of subjects depended on doctors as their main source of health information. This may be problematic as the current shortages of General Practitioners has put pressure on doctors to keep appointment times short and reduce the time available for health education. The main barriers to lifestyle change, were lack of motivation, and inadequate, knowledge, guidance, and support and the inability to access good information. Although 83% of subjects suffered from hypertension, medication was the accepted method of control, few subjects realised the significance of lifestyle factors. Nine percent of subjects were only diagnosed with hypertension after their stroke or TIA and few monitor their own blood pressure, despite the wide availability of home monitoring devices. From the findings of this study it is concluded that health promotion and education are very important strategies in the prevention of stroke and it is recommended that this kind of education begins in childhood with tailored, age-specific programs delivered to the public over the lifespan. The role of health screening cannot be underestimated in the detection of risk factors such as hypertension and obesity. Early detection makes effective treatment possible and helps prevent the occurrence of strokes, thus reducing the cost to the community. Long-term health strategies such as improving health resource distribution and enhancing health education are needed where patients and their families participate together in comprehensive education programs. It is hoped that this may lead to a shared understanding, which may translate to patients being more supported, and therefore more able, to make the necessary lifestyle changes. Dysphagia is a common complication following stroke, which can result in significant morbidity and mortality. Multidisciplinary collaboration facilitates management strategies, decision-making and the efficiency of rehabilitation. Nurses are responsible for coordination of management and in particular for continuous monitoring, assessment of swallowing and nutritional state, maintaining safety and preventing complications. An understanding of the issues and strategies relating to management may provide valuable information to enhance the safety, cost-effectiveness and quality of care. A retrospective review of patients’ medical records was used to collect data. A sample of ninety-five adults who were admitted to an Australian public hospital between January 2003 and April 2006, with a diagnosis of dysphagic stroke were recruited. Statistical Package for Social Sciences (SPSS) was used to analyse the quantitative data, while content analysis was used to analyse the qualitative data. All subjects were assessed by a speech pathologist, the mean age was 75 years and 50.5% were male. Except for critically ill subjects, almost all were assessed within three days. Ninety-six percent of subjects had communication problems and 81% had upper limb motor impairment. During hospitalisation almost 60% of subjects had an improvement in their oral intake including 8% resuming their premorbid diet. Eighteen percent were on enteral tube feeding upon discharge, 4% deteriorated and 16% died. It appears that oral intake of most subjects was unsatisfactory. When recorded the mean body weight lost was 2.3kg. At least 22% had malnutrition or dehydration. Forty-five percent aspirated and 22% had respiratory infection. Almost half of the subjects (48%) were discharged to aged care facilities. Eighty percent had no documented follow-up scheduled for management of their dysphagia. Early identification of dysphagia, prudent supervising of appropriate oral intake and mouth care may help to maintain safe swallowing, preventing aspiration and chest infection. Regular checks of body weight, serum albumin level, oral intake and early enteral feeding are essential to guide nutritional support, minimise malnutrition and problematic medication administration. Encouraging oral intake and providing families with support could promote recovery of swallowing skills and help patients to regain the ability to eat independently. Providing helpful information on the care options available may allay patient and family anxiety. A qualified nurse practitioner could assess patients and ensure that a tailored care plan was designed to meet patients’ needs and this may improve the outcomes considerably. / http://proxy.library.adelaide.edu.au/login?url= http://library.adelaide.edu.au/cgi-bin/Pwebrecon.cgi?BBID=1320650 / Thesis (D.Nurs.) - University of Adelaide, School of Population Health and Clinical Practice, 2008

Cerebrovascular disease Prevention.

Cerebrovascular disease Treatment.

Detecting and characterising malicious executable payloads

Andersson, Stig

January 2009

Buffer overflow vulnerabilities continue to prevail and the sophistication of attacks targeting these vulnerabilities is continuously increasing. As a successful attack of this type has the potential to completely compromise the integrity of the targeted host, early detection is vital. This thesis examines generic approaches for detecting executable payload attacks, without prior knowledge of the implementation of the attack, in such a way that new and previously unseen attacks are detectable. Executable payloads are analysed in detail for attacks targeting the Linux and Windows operating systems executing on an Intel IA-32 architecture. The execution flow of attack payloads are analysed and a generic model of execution is examined. A novel classification scheme for executable attack payloads is presented which allows for characterisation of executable payloads and facilitates vulnerability and threat assessments, and intrusion detection capability assessments for intrusion detection systems. An intrusion detection capability assessment may be utilised to determine whether or not a deployed system is able to detect a specific attack and to identify requirements for intrusion detection functionality for the development of new detection methods. Two novel detection methods are presented capable of detecting new and previously unseen executable attack payloads. The detection methods are capable of identifying and enumerating the executable payload’s interactions with the operating system on the targeted host at the time of compromise. The detection methods are further validated using real world data including executable payload attacks.

Targeting during armed conflict: a legal analysis

Henderson, Ian Scott

Unknown Date

This thesis deals with the law applicable to targeting during an armed conflict — in particular, the law concerning military objectives and the rule of proportionality. The law concerning military objectives is further considered in the context of a UN sanctioned military operation.Using the law applicable to Australia as the frame of reference (particularly Additional Protocol I of 1977), the existing treaty law, relevant case law, and the extensive commentary available is analysed. Separate chapters deal with the law concerning human targets, non-human targets, and currently controversial targets (along with effects based operations). Further chapters deal with precautions in attack and proportionality.The law of targeting in the context of United Nations operations is addressed; and in particular, how a United Nations Security Council mandate might affect what objectives are lawful targets.Finally, I put forward a process by which responsibility for individual components of a targeting decision can be analysed. This will allow for the determination of legal responsibility for discrete steps in a targeting decision. This should prove particularly useful in two situations. First, it will enable military commanders to appreciate what needs to be considered in each targeting decision and thereby ensure that somebody is assigned responsibility for each discrete step. Second, in the event of an investigation into an alleged targeting mishap, it will be possible to identify who had, or at least should have had, responsibility for discrete aspects of the overall targeting decision.

Genetic analysis of ischemic stroke and predisposing carotid artery stenosis : a stroke carol /

Kostulas, Konstantinos,

January 2007

Diss. (sammanfattning) Stockholm : Karolinska institutet, 2007. / Härtill 5 uppsatser.

The New York Times and the sleeping giant a quantitative and qualitative content analysis of how myth was used to explain the attack on Pearl Harbor /

Wing, John Alan.

January 2007

Thesis (M.S.)--Ohio University, November, 2007. / Title from PDF t.p. Includes bibliographical references.

The justice of preventive war /

Stephenson, Henry A.

January 2004

Thesis (M.A.)--Naval Postgraduate School, 2004. / "September 2004." Includes bibliographical references (p. 69-73). Also available online.