The Experiences of Sailors with Antiterrorism Force Protection Training at Off-Installation Sites

Harrison, Jessica

01 January 2018

Enhancing antiterrorism force protection (ATFP) training at off-installation sites to allow employees to survive a life threatening situation is a necessity after recent events at such military installations. However, little is known about how service members perceive their current ATFP training experiences and how those experiences impact their self-confidence for responding to a threat. The purpose of this qualitative study was to explore how current training experiences impact confidence levels in learning basic security fundamentals to respond to a threat, as well as possible training changes that might improve confidence levels. This study used social constructivism, andragogy theory, heutagogy, and problem-based learning as the conceptual frameworks. Participants were 15 sailors from 5 off-site locations. Data sources were semistructured interviews. Data were analyzed using provisional and open coding strategies to identify themes of supports and barriers to learning ATFP concepts. Results indicated that existing instruction resulted in sailors engaging in supplemental self-training activities to reach what they believed were strong preparedness levels. They also indicated that instruction that emphasizes authentic adult education practices such as learner-center instruction and hands-on drills under the framework of problem-based learning and heutagogy were necessary to increase self-reported levels of confidence in responding to a threat. This study impacts positive social change by providing guidelines for effective terrorist and threat preparedness instruction, regardless of organization, institution, or location that can be used by administrators to improve their confidence and ability to deal with terrorist actions.

Andragogy

Antiterrorism

Heutagogy

Military Training

Physical Security

Problem-Based Learning

Higher Education Administration

Higher Education and Teaching

Game-Theoretic and Machine-Learning Techniques for Cyber-Physical Security and Resilience in Smart Grid

Wei, Longfei

29 October 2018

The smart grid is the next-generation electrical infrastructure utilizing Information and Communication Technologies (ICTs), whose architecture is evolving from a utility-centric structure to a distributed Cyber-Physical System (CPS) integrated with a large-scale of renewable energy resources. However, meeting reliability objectives in the smart grid becomes increasingly challenging owing to the high penetration of renewable resources and changing weather conditions. Moreover, the cyber-physical attack targeted at the smart grid has become a major threat because millions of electronic devices interconnected via communication networks expose unprecedented vulnerabilities, thereby increasing the potential attack surface. This dissertation is aimed at developing novel game-theoretic and machine-learning techniques for addressing the reliability and security issues residing at multiple layers of the smart grid, including power distribution system reliability forecasting, risk assessment of cyber-physical attacks targeted at the grid, and cyber attack detection in the Advanced Metering Infrastructure (AMI) and renewable resources. This dissertation first comprehensively investigates the combined effect of various weather parameters on the reliability performance of the smart grid, and proposes a multilayer perceptron (MLP)-based framework to forecast the daily number of power interruptions in the distribution system using time series of common weather data. Regarding evaluating the risk of cyber-physical attacks faced by the smart grid, a stochastic budget allocation game is proposed to analyze the strategic interactions between a malicious attacker and the grid defender. A reinforcement learning algorithm is developed to enable the two players to reach a game equilibrium, where the optimal budget allocation strategies of the two players, in terms of attacking/protecting the critical elements of the grid, can be obtained. In addition, the risk of the cyber-physical attack can be derived based on the successful attack probability to various grid elements. Furthermore, this dissertation develops a multimodal data-driven framework for the cyber attack detection in the power distribution system integrated with renewable resources. This approach introduces the spare feature learning into an ensemble classifier for improving the detection efficiency, and implements the spatiotemporal correlation analysis for differentiating the attacked renewable energy measurements from fault scenarios. Numerical results based on the IEEE 34-bus system show that the proposed framework achieves the most accurate detection of cyber attacks reported in the literature. To address the electricity theft in the AMI, a Distributed Intelligent Framework for Electricity Theft Detection (DIFETD) is proposed, which is equipped with Benford’s analysis for initial diagnostics on large smart meter data. A Stackelberg game between utility and multiple electricity thieves is then formulated to model the electricity theft actions. Finally, a Likelihood Ratio Test (LRT) is utilized to detect potentially fraudulent meters.

Cyber-Physical Security

Game Theory

Machine Learning

Reliability

Resilience

Smart Grid

Information Security

Power and Energy

Systems and Communications

Theory and Algorithms

One key to rule them all : Sårbarheter och spårbara artefakter i säkerhetsnycklar / One key to rule them all : Vulnerabilities and traceable artefacts in security keys

Gunnarsson, Philip, Isenstierna, Emmi

January 2023

Att skydda sin data idag kommer med flera utmaningar då lösenord som enda autentiseringsmetod är otillräcklig. Lösenord är ofta användarvänliga, enkla att hålla koll på och är utan kostnad för användaren. Det går alltid att göra lösenord säkrare men det upplevs ofta som svårhanterligt. I stället för detta kan man även använda ytterligare autentiseringsmetod. Många sidor och tjänster använder idag så kallad två- eller flerfaktorsautentisering genom t.ex. BankID eller säkerhetsnycklar. Med all ny teknik följer nya säkerhetsaspekter att ta hänsyn till, speciellt om denna teknik lämnar efter sig spår som kan utnyttjas av t.ex. hackare. Arbetets syfte är att undersöka spårbara artefakter som är kopplade till de fysiska säkerhetsnycklarna Solo 1 och YubiKey 5 NFC i Windows Registret i Windows 10 Pro N, samt utvärdera om tidigare kända sårbarheter kan bidra till insikter om säkerhetsnycklars säkerhet. Detta genomförs med hjälp av två kvalitativa metoder, dels genom en kartläggning av sårbarheter, dels genom ett experiment. Baserat på de funna sårbarheterna som har hittats så går det inte att säga huruvida de säkerhetsnycklarna skiljer sig i säkerhetsnivå, men det är tydligt att det främst är i firmware och mjukvara där sårbarheterna finns. Huruvida den ena säkerhetsnyckeln är säkrare än den andra går inte att fastställa, samt om en öppen källkod har någon betydelse vad gäller säkerhet. Dessutom går det att konstatera att spårbara artefakter från en säkerhetsnyckel kan hittas i ett Windows operativsystem. Baserat på de funna sårbarheterna som har hittats så går det inte att säga huruvida de säkerhetnycklarna skiljer sig i säkerhetsnivå, men det är tydligt att det främst är i firmware och mjukvara där sårbarheterna finns. Huruvida den ena säkerhets-nyckeln är säkrare än den andra går inte att fastställa, samt om öppen källkod har någon betydelse vad gäller säkerhet. Dessutom går det att konstatera att spår-bara artefakter från en säkerhetsnyckel kan hittas i ett Windows operativsystem. / Protecting your data today comes with several challenges since a password as the only authentication method is insufficient. Passwords are often user-friendly, easy to keep track of, and at no cost for the user. Passwords can always be made more secure, but this task is often perceived as tedious. Instead, additional authentication methods may be used. Many sites and services today use so-called two- or multifactor authentication, e.g. BankID (a type of eID) or security keys. all new technology comes with unique security aspects to consider, especially if this technology leaves behind traces that can be exploited by, e.g., hackers. This study aims to investigate traceable artifacts associated with the physical security key Solo 1 and YubiKey 5 NFC in the Windows Registry in Windows 10 Pro N and to evaluate whether previously known vulnerabilities can contribute to insights into security key security. The study uses two qualitative methods, one mapping out the vulnerabilities and another through an experiment. Based on the vulnerabilities that was found, it is not possible to conclude whether the security keys differ in security level. Still, it is mainly in the firmware and software where the vulnerabilities exist. Whether one security key is more secure than the other is inconclusive, and whether open-source code has any implications regarding security. In addition, it is ascertained that traceable artifacts from a security key can be found in a Windows operating system.

Vulnerabilities

physical security key

SoloKeys

YubiKey

Windows Registry

Registry Editor

Sårbarheter

fysisk säkerhetsnyckel

SoloKeys

YubiKey

Windows Registret

Registereditorn

Övrig annan teknik

Návrh přístupového systému jako součást řešení fyzické bezpečnosti / Design of Access System as a Part of Physical Security Solution

Dohnal, Matěj

January 2017

This master’s thesis deals with design of an access system as a part of physical security solution for an energy company in the Czech Republic. The access system is designed to meet all legal requirements and conform to ISO 27001 certification. Implementation of the proposed access system is demonstrated on the selected company object, a representative example of connecting the critical infrastructure element and the company's common facility.

Návrh elektronického zabezpečovacího systému jako část fyzického zabezpečení energetických objektů kritické infrastruktury / Proposal of an electronic security system as part of the physical securing of critical infrastructure energetic objects

Mihálik, Andrej

January 2018

This master's thesis deals with the design of an electronic security system as part of the physical security for the energy company in the Czech Republic. The electronic security system is designed to meet all legal requirements, internal directives and has also passed ISO 27001 certification. The Implementation of the security system is demonstrated on the selected object of the company that belongs to the elements of the critical infrastructure.

Inovace procesů zpracování osobních údajů u státní organizace / Innovation Processes Personal Data for the State Organization

Cahová, Veronika

January 2009

Master's thesis "Innovation processes personal data for the state organization," deals with the protection of personal data for processing, both in paper, as well as electronic form. The main topic is security policy, the assessment of security risks resulting proposals for the introduction of innovative processes aimed to prevent possible leakage and misuse of personal data.

Management informační bezpečnosti ve zdravotnickém zařízení / Information Security Management in Healthcare Organization

Mikulová, Aneta

January 2011

The topic of my thesis is "Information security management in healthcare organization." Medical facilities are generally the ones who should put emphasis on information security. For my thesis I chose aesthetic private clinic called Visage, I underwent safety analysis. The analysis showed that only a small part of the security process is documented in the clinic. This is particularly deficient in terms of business. There may be a leak of sensitive information on the health status of individual patients. It is necessary to better treat the handling of these data. The aim of this thesis is a security manual that will describe the personal, physical and IT security.

Návrh metodiky bezpečnosti informací v podniku provozující elektronický obchod / Draft of Information Security Methodology in Company Running Electronic Commerce

Mráčková, Kateřina

January 2013

The work deals with the analysis of security management in company selling goods trought the stone shop and the electronic commerce. The assets and threats affecting them were identified and an analysis of risks and selected measures was evaluated. The work is based on the theoretical background from series of standards ISO/IEC 27000 given in the first part of it.

Diseño de un sistema de seguridad física mediante Reconocimiento Facial a través del flujo de video, siguiendo las mejores prácticas de las normas ISO 80601, 13154, 19794 y el NISTIR 8238, para el área de seguridad de una empresa minera / Design of a physical security system through Facial Recognition through the video stream, following the best practices of the ISO 80601, 13154, 19794 and NISTIR 8238 standards, for the security area of a mining company

Filio Torres, Edgar Alfredo

24 April 2021

El presente trabajo se basa en el diseño de un sistema de seguridad física, aplicando tecnología de reconocimiento facial, para el control de acceso en una empresa del sector minero, este sistema permite tener un control robusto y confiable de los usuarios que ingresan y transitan por el campamento minero, este sistema se adapta a la nueva realidad que estamos viviendo, donde el distanciamiento social, el contacto físico personal y la medición de la temperatura, es un requisito indispensable. El diseño propuesto toma como referencia las mejores prácticas de las normas IEC 80601-2-59:2017 e ISO/TR 13154:2017, así como las recomendaciones del NISTIR 8238 que nos habla sobre la prueba continua de proveedores de reconocimiento facial. La problemática actual, es con referencia a la desactualización tecnología que tienen casi el 90% de los sistemas de seguridad de las empresas del sector minero, ya que, tras la llegada de la pandemia, estos sistemas se vieron evidenciados del pobre avance tecnológico con el que contaban. El diseño propuesto integra el uso de algoritmos con inteligencia artificial que permiten automatizar el proceso de identificación de los usuarios a través de su rostro, utilizando el flujo de video de las cámaras, analizamos la cobertura de las áreas a cubrir a través de los cálculos ópticos y distancia focal de las cámaras, proponemos también un mecanismo de gestión y tratamiento de las alertas que se generen de las analíticas aplicadas. Finalmente realizamos una comprobación y evidenciamos los resultados del diseño para cada objetivo específico planteado. / This work is based on the design of a physical security system, applying facial recognition technology, for access control in a company in the mining sector, this system allows to have a robust and reliable control of users entering and passing through the mining camp, this system adapts to the new reality we are living, where social distancing, personal physical contact, and temperature measurement, are indispensable requirements. The proposed design takes as a reference the best practices of the IEC 80601-2-59:2017 and ISO/TR 13154:2017 standards, as well as the recommendations of the NISTIR 8238 that tells us about the continuous testing of facial recognition providers. The current problem is related to the technological outdatedness of almost 90% of the security systems of the companies in the mining sector, since, after the arrival of the pandemic, these systems were evidenced by the poor technological progress they had. The proposed design integrates the use of algorithms with artificial intelligence that allow us to automate the process of identifying users through their face, using the video flow of the cameras, we analyse the coverage of the areas to be covered through optical calculations and focal length of the cameras, we also propose a mechanism for the management and treatment of alerts generated from applied analytics. Finally, we verify and show the results of the design for each specific objective set previously. / Tesis

Seguridad física

Reconocimiento facial

Distancia focal

Inteligencia artificial

Physical security

Facial recognition

Focal distance

Artificial intelligence

Detection of attacks against cyber-physical industrial systems / Détection des attaques contre les systèmes cyber-physiques industriels

Rubio Hernan, Jose Manuel

18 July 2017

Nous abordons des problèmes de sécurité dans des systèmes cyber-physiques industriels. Les attaques contre ces systèmes doivent être traitées à la fois en matière de sûreté et de sécurité. Les technologies de contrôles imposés par les normes industrielles, couvrent déjà la sûreté. Cependant, du point de vue de la sécurité, la littérature a prouvé que l’utilisation de techniques cyber pour traiter la sécurité de ces systèmes n’est pas suffisante, car les actions physiques malveillantes seront ignorées. Pour cette raison, on a besoin de mécanismes pour protéger les deux couches à la fois. Certains auteurs ont traité des attaques de rejeu et d’intégrité en utilisant une attestation physique, p. ex., le tatouage des paramètres physiques du système. Néanmoins, ces détecteurs fonctionnent correctement uniquement si les adversaires n’ont pas assez de connaissances pour tromper les deux couches. Cette thèse porte sur les limites mentionnées ci-dessus. Nous commençons en testant l’efficacité d’un détecteur qui utilise une signature stationnaire afin de détecter des actions malveillantes. Nous montrons que ce détecteur est incapable d’identifier les adversaires cyber-physiques qui tentent de connaître la dynamique du système. Nous analysons son ratio de détection sous la présence de nouveaux adversaires capables de déduire la dynamique du système. Nous revisitons le design original, en utilisant une signature non stationnaire, afin de gérer les adversaires visant à échapper à la détection. Nous proposons également une nouvelle approche qui combine des stratégies de contrôle et de communication. Toutes les solutions son validées à l’aide de simulations et maquettes d’entraînement / We address security issues in cyber-physical industrial systems. Attacks against these systems shall be handled both in terms of safety and security. Control technologies imposed by industrial standards already cover the safety dimension. From a security standpoint, the literature has shown that using only cyber information to handle the security of cyber-physical systems is not enough, since physical malicious actions are ignored. For this reason, cyber-physical systems have to be protected from threats to their cyber and physical layers. Some authors handle the attacks by using physical attestations of the underlying processes, f.i., physical watermarking to ensure the truthfulness of the process. However, these detectors work properly only if the adversaries do not have enough knowledge to mislead crosslayer data. This thesis focuses on the aforementioned limitations. It starts by testing the effectiveness of a stationary watermark-based fault detector, to detect, as well, malicious actions produced by adversaries. We show that the stationary watermark-based detector is unable to identify cyber-physical adversaries. We show that the approach only detects adversaries that do not attempt to get any knowledge about the system dynamics. We analyze the detection performance of the original design under the presence of adversaries that infer the system dynamics to evade detection. We revisit the original design, using a non-stationary watermark-based design, to handle those adversaries. We also propose a novel approach that combines control and communication strategies. We validate our solutions using numeric simulations and training cyber-physical testbeds

Sécurité cyber-physique

Théorie du contrôle

Sécurité du réseau

Systèmes contrôlés via un réseau

Infrastructures critiques

Détection d’attaques

Modèle d’adversaire

Adversaire cyber-physique

Cyber-physical security

Control theory

Network security

Networked-control system

Critical infrastructures

Attack detection

Adversary model

Cyber-physical adversary