Global ETD Search

61	Cyber security in power systems Sridharan, Venkatraman 06 April 2012 (has links) Many automation and power control systems are integrated into the 'Smart Grid' concept for efficiently managing and delivering electric power. This integrated approach created several challenges that need to be taken into consideration such as cyber security issues, information sharing, and regulatory compliance. There are several issues that need to be addressed in the area of cyber security. Currently, there are no metrics for evaluating cyber security and methodologies to detect cyber attacks are in their infancy. There is a perceived lack of security built into the smart grid systems, but there is no mechanism for information sharing on cyber security incidents. In this thesis, we discuss the vulnerabilities in power system devices, and present ideas and a proposal towards multiple-threat system intrusion detection. We propose to test the multiple-threat methods for cyber security monitoring on a multi-laboratory test bed, and aid the development of a SCADA test bed, to be constructed on the Georgia Tech Campus. Cyber security SCADA NERC PLA Electric power distribution Cyberterrorism Computer security Computer networks Security measures
62	Reconnaissance de forme dans cybersécurité Vashaee, Ali January 2014 (has links) Résumé : L’expansion des images sur le Web a provoqué le besoin de mettre en œuvre des méthodes de classement d’images précises pour plusieurs applications notamment la cybersécurité. L’extraction des caractéristiques est une étape primordiale dans la procédure du classement des images vu son impact direct sur la performance de la catégorisation finale des images et de leur classement. L’objectif de cette étude est d’analyser l’état de l’art des différents espaces de caractéristiques pour évaluer leur efficacité dans le contexte de la reconnaissance de forme pour les applications de cybersécurité. Les expériences ont montré que les descripteurs de caractéristiques HOG et GIST ont une performance élevée. Par contre, cette dernière se dégrade face aux transformations géométriques des objets dans les images. Afin d’obtenir des systèmes de classement d’image plus fiables basés sur ces descripteurs, nous proposons deux méthodes. Dans la première méthode (PrMI) nous nous concentrons sur l’amélioration de la propriété d’invariance du système de classement par tout en maintenant la performance du classement. Dans cette méthode, un descripteur invariant par rapport à la rotation dérivé de HOG est utilisé (RIHOG) dans une technique de recherche "top-down" pour le classement des images. La méthode (PrMI) proposée donne non seulement une robustesse face aux transformations géométriques des objets, mais aussi une performance élevée similaire à celle de HOG. Elle est aussi efficace en terme de coût de calcul avec une complexité de l’ordre de O(n). Dans la deuxième méthode proposée (PrMII), nous nous focalisons sur la performance du classement en maintenant la propriété d’invariance du système de classement. Les objets sont localisés d’une façon invariante aux changement d’échelle dans l’espace de caractéristiques de covariance par région. Ensuite elles sont décrites avec les descripteurs HOG et GIST. Cette méthode procure une performance de classement meilleure en comparaison avec les méthodes implémentées dans l’étude et quelques méthodes CBIR expérimentées sur les données Caltech-256 dans les travaux antérieurs. // Abstract : The tremendous growth of accessible online images (Web images), provokes the need to perform accurate image ranking for applications like cyber-security. Feature extraction is an important step in image ranking procedures due to its direct impact on final categorization and ranking performance. The goal of this study is to analyse the state of the art feature spaces in order to evaluate their efficiency in the abject recognition context and image ranking framework for cyber-security applications. Experiments show that HOG and GIST feature descriptors exhibit high ranking performance. Whereas, these features are not rotation and scale invariant. In order to obtain more reliable image ranking systems based on these feature spaces, we proposed two methods. In the first method (PrMI) we focused on improving the invariance property of the ranking system while maintaining the ranking performance. In this method, a rotation invariant feature descriptor is derived from HOC (RIHOC). This descriptor is used in a top-down searching technique to caver the scale variation of the abjects in the images. The proposed method (PrMI) not only pro vides robustness against geometrical transformations of objects but also provides high ranking performance close to HOC performance. It is also computationally efficient with complexity around O(n). In the second proposed method (PrMII) we focused on the ranking performance while maintaining the invariance property of the ranking system. Objects are localized in a scale invariant fashion under a Region Covariance feature space, then they are described using HOC and CIST features. Finally to ob tain better evaluation over the performance of proposed method we compare it with existing research in the similar domain(CBIR) on Caltech-256. Proposed methods provide highest ranking performance in comparison with implemented methods in this study, and some of the CBIR methods on Caltech-256 dataset in previous works. Reconnaissance de forme Cyber-sécurité Sélection des fonctionnalités Object recognition Cyber-security Feature selection
63	Advanced Methodologies for Power System Security and Vulnerability Analysis Guo Chen Unknown Date (has links) Nowadays, with the rapid expansion of increasing utilization of renewable energy sources, power grid is evolving into a much complex man-made system in the technological age. Under the new circumstances, traditional methodologies for power system security analysis are facing a serious challenge. For the past decade, many countries have experienced large blackouts, which expose potential problems of current models and methodologies in power industry. On the other hand, since the 9.11 event and frequent suicide bombing attacks in some countries, terrorism has become a major threat for national security. With the extensive growth of terrorism activities, power system, the significant critical infrastructure, probably becomes the target of terrorists. If this happens, the impact is dramatically severe and may yield more frequent blackouts. This Ph.D. thesis aims at developing some advanced models and methodologies for exploring the vulnerability of power system and protecting it against potential terrorism threat. The dissertation mainly consists of the following four parts. (1)Complex network theory based power system security and vulnerability analysis methodologies are introduced. Mathematically, an interconnected complex power grid can be described as a complex network of nodes connected by edges. Generally speaking, topology parameters of network structure include important information of the structure. That is to say, some critical nodes and lines can have significant impact on large-scale blackouts. The thesis will present a new methodology to recognize those critical nodes and lines in power grids. (2)Complex system theory based power grid security and vulnerability analysis methodologies are presented. Power grid is a complex dynamic evolutionary system over years with continuous expansion so as to underpin the ongoing increase of power demand. Some properties of complex systems may have important relationship with large-scale blackouts. In other words, there may be some stages of evolutionary power systems that would be more likely to cause large blackouts. The thesis will investigate the relationship to identify those critical stages of power grids. (3)Game theory is applied to methodologies for power system security and vulnerability analysis. Terrorists are often considered as fully intelligent and strategic actors who can even hire scientists and power engineers to seek the vulnerability of power systems and then launch a vital attack. Game theory does treat actors as fully strategic players and has been successfully applied to many disciplines including economics, political science and military. The thesis will present new models and analysis methods for protecting power systems under terrorism attacks. (4)Cyber security technology is considered in power system security and vulnerability analysis. It is known that information technology plays an import role in today and next generation grid. In this situation, cyber security should be an important issue. If it is vulnerable to malicious threats such as hackers and cyber-terrorists, power grid will not reach its full capabilities. The thesis will present an initial framework to reduce the vulnerability of power grid against potential cyber attack. 09 Engineering
64	Advanced Methodologies for Power System Security and Vulnerability Analysis Guo Chen Unknown Date (has links) Nowadays, with the rapid expansion of increasing utilization of renewable energy sources, power grid is evolving into a much complex man-made system in the technological age. Under the new circumstances, traditional methodologies for power system security analysis are facing a serious challenge. For the past decade, many countries have experienced large blackouts, which expose potential problems of current models and methodologies in power industry. On the other hand, since the 9.11 event and frequent suicide bombing attacks in some countries, terrorism has become a major threat for national security. With the extensive growth of terrorism activities, power system, the significant critical infrastructure, probably becomes the target of terrorists. If this happens, the impact is dramatically severe and may yield more frequent blackouts. This Ph.D. thesis aims at developing some advanced models and methodologies for exploring the vulnerability of power system and protecting it against potential terrorism threat. The dissertation mainly consists of the following four parts. (1)Complex network theory based power system security and vulnerability analysis methodologies are introduced. Mathematically, an interconnected complex power grid can be described as a complex network of nodes connected by edges. Generally speaking, topology parameters of network structure include important information of the structure. That is to say, some critical nodes and lines can have significant impact on large-scale blackouts. The thesis will present a new methodology to recognize those critical nodes and lines in power grids. (2)Complex system theory based power grid security and vulnerability analysis methodologies are presented. Power grid is a complex dynamic evolutionary system over years with continuous expansion so as to underpin the ongoing increase of power demand. Some properties of complex systems may have important relationship with large-scale blackouts. In other words, there may be some stages of evolutionary power systems that would be more likely to cause large blackouts. The thesis will investigate the relationship to identify those critical stages of power grids. (3)Game theory is applied to methodologies for power system security and vulnerability analysis. Terrorists are often considered as fully intelligent and strategic actors who can even hire scientists and power engineers to seek the vulnerability of power systems and then launch a vital attack. Game theory does treat actors as fully strategic players and has been successfully applied to many disciplines including economics, political science and military. The thesis will present new models and analysis methods for protecting power systems under terrorism attacks. (4)Cyber security technology is considered in power system security and vulnerability analysis. It is known that information technology plays an import role in today and next generation grid. In this situation, cyber security should be an important issue. If it is vulnerable to malicious threats such as hackers and cyber-terrorists, power grid will not reach its full capabilities. The thesis will present an initial framework to reduce the vulnerability of power grid against potential cyber attack. 09 Engineering
65	Advanced Methodologies for Power System Security and Vulnerability Analysis Guo Chen Unknown Date (has links) Nowadays, with the rapid expansion of increasing utilization of renewable energy sources, power grid is evolving into a much complex man-made system in the technological age. Under the new circumstances, traditional methodologies for power system security analysis are facing a serious challenge. For the past decade, many countries have experienced large blackouts, which expose potential problems of current models and methodologies in power industry. On the other hand, since the 9.11 event and frequent suicide bombing attacks in some countries, terrorism has become a major threat for national security. With the extensive growth of terrorism activities, power system, the significant critical infrastructure, probably becomes the target of terrorists. If this happens, the impact is dramatically severe and may yield more frequent blackouts. This Ph.D. thesis aims at developing some advanced models and methodologies for exploring the vulnerability of power system and protecting it against potential terrorism threat. The dissertation mainly consists of the following four parts. (1)Complex network theory based power system security and vulnerability analysis methodologies are introduced. Mathematically, an interconnected complex power grid can be described as a complex network of nodes connected by edges. Generally speaking, topology parameters of network structure include important information of the structure. That is to say, some critical nodes and lines can have significant impact on large-scale blackouts. The thesis will present a new methodology to recognize those critical nodes and lines in power grids. (2)Complex system theory based power grid security and vulnerability analysis methodologies are presented. Power grid is a complex dynamic evolutionary system over years with continuous expansion so as to underpin the ongoing increase of power demand. Some properties of complex systems may have important relationship with large-scale blackouts. In other words, there may be some stages of evolutionary power systems that would be more likely to cause large blackouts. The thesis will investigate the relationship to identify those critical stages of power grids. (3)Game theory is applied to methodologies for power system security and vulnerability analysis. Terrorists are often considered as fully intelligent and strategic actors who can even hire scientists and power engineers to seek the vulnerability of power systems and then launch a vital attack. Game theory does treat actors as fully strategic players and has been successfully applied to many disciplines including economics, political science and military. The thesis will present new models and analysis methods for protecting power systems under terrorism attacks. (4)Cyber security technology is considered in power system security and vulnerability analysis. It is known that information technology plays an import role in today and next generation grid. In this situation, cyber security should be an important issue. If it is vulnerable to malicious threats such as hackers and cyber-terrorists, power grid will not reach its full capabilities. The thesis will present an initial framework to reduce the vulnerability of power grid against potential cyber attack. 09 Engineering
66	CyberCog A Synthetic Task Environment for Measuring Cyber Situation Awareness January 2011 (has links) abstract: This thesis describes a synthetic task environment, CyberCog, created for the purposes of 1) understanding and measuring individual and team situation awareness in the context of a cyber security defense task and 2) providing a context for evaluating algorithms, visualizations, and other interventions that are intended to improve cyber situation awareness. CyberCog provides an interactive environment for conducting human-in-loop experiments in which the participants of the experiment perform the tasks of a cyber security defense analyst in response to a cyber-attack scenario. CyberCog generates the necessary performance measures and interaction logs needed for measuring individual and team cyber situation awareness. Moreover, the CyberCog environment provides good experimental control for conducting effective situation awareness studies while retaining realism in the scenario and in the tasks performed. / Dissertation/Thesis / M.C.St. Computing Studies 2011 Computer Science Cognitive Psychology CND Analyst Cyber Security Situation Awareness Synthetic Task Environment Testbed
67	Cybersecurity: Stochastic Analysis and Modelling of Vulnerabilities to Determine the Network Security and Attackers Behavior Kaluarachchi, Pubudu Kalpani 26 June 2017 (has links) Development of Cybersecurity processes and strategies should take two main approaches. One is to develop an efficient and effective set of methodologies to identify software vulnerabilities and patch them before being exploited. Second is to develop a set of methodologies to predict the behavior of attackers and execute defending techniques based on attacking behavior. Managing of Vulnerabilities and analyzing them is directly related to the first approach. Developing of methodologies and models to predict the behavior of attackers is related to the second approach. Both these approaches are inseparably interconnected. Our effort in this study mainly focuses on developing useful statistical models that can give us signals about the behavior of cyber attackers. Analytically understanding of vulnerabilities in statistical point of view helps to develop a set of statistical models that works as a bridge between Cybersecurity and Abstract Statistical and Mathematical knowledge. Any such effort should begin with properly understanding the nature of Vulnerabilities in a computer network system. We start this study with analyzing "Vulnerability" based on inferences that can be taken from National Vulnerability Database (NVD). In Cybersecurity context, we apply Markov approach to develop suitable predictive models to successfully estimate the minimum number of steps to compromise a security goal that an attacker would take using the concept of Expected Path Length (EPL). We have further developed Non-Homogeneous Stochastic model by improving EPL estimates in to a time dependent variable. This approach analytically applied in a simple model of computer network with discovered vulnerabilities resulted in several useful observations exemplifying the applicability in real world computer systems. The methodology indicated a measure of the "Risk" associated with the model network as a function of time indicating defending professionals on the threats they are facing and should anticipate to face. Furthermore, using a similar approach taken in well-known Google page rank algorithm, a new ranking algorithm of vulnerability ranks with respect to time for computer network system is also presented in this study. With better IT resources analytical models and methodologies presented in this study can be developed into more generalized versions and apply in real world computer network environments. Cyber Security Markov Model Vulnerability Risk Rank Arts and Humanities Statistics and Probability
68	Cybersecurity: Probabilistic Behavior of Vulnerability and Life Cycle Rajasooriya, Sasith Maduranga 28 June 2017 (has links) Analysis on Vulnerabilities and Vulnerability Life Cycle is at the core of Cybersecurity related studies. Vulnerability Life Cycle discussed by S. Frei and studies by several other scholars have noted the importance of this approach. Application of Statistical Methodologies in Cybersecurity related studies call for a greater deal of new information. Using currently available data from National Vulnerability Database this study develops and presents a set of useful Statistical tools to be applied in Cybersecurity related decision making processes. In the present study, the concept of Vulnerability Space is defined as a probability space. Relevant theoretical analyses are conducted and observations in the vulnerability space in aspects of events and states are discussed. Transforming IT related cybersecurity issues into analytical formation so that abstract and conceptual knowledge from Mathematics and Statistics can be applied is a challenge. However, to overcome rising threats from Cyber-attacks such an integration of analytical foundation to understand the issues and develop strategies is essential. In the present study we apply well known Markov approach in a new approach of Vulnerability Life Cycle to develop useful analytical methods to assess the Risk associated with a vulnerability. We also presents, a new Risk Index integrating the results obtained and details from the Common Vulnerability Scoring System (CVSS). In addition, a comprehensive study on the Vulnerability Space is presented discussing the likelihood of probable events in the probability sub-spaces of vulnerabilities. Finally, an Extended Vulnerability Life Cycle model is presented and discussed in relation to States and Events in the Vulnerability Space that lays down a strong foundation for any future vulnerability related analytical research efforts. Cyber Security Markov Model Vulnerability Risk Factor Vulnerability Life Cycle Mathematics Statistics and Probability
69	A Context Aware Anomaly Behavior Analysis Methodology for Building Automation Systems Pan, Zhiwen, Pan, Zhiwen January 2017 (has links) Advances in mobile and pervasive computing, electronics technology, and the exponential growth in Internet of Things (IoT) applications and services has led to Building Automation System (BAS) that enhanced the buildings we live by delivering more energy-saving, intelligent, comfortable, and better utilization. Through the use of integrated protocols, a BAS can interconnects a wide range of building assets so that the control and management of asset operations and their services can be performed in one protocol. Moreover, through the use of distributed computing and IP based communication, a BAS can implement remote monitor and control in adaptive and real-time manner. However, the use of IoT and distributed computing techniques in BAS are leading to challenges to secure and protect information and services due to the significant increase in the attack surface and the inherent vulnerabilities of BAS integrated protocols. Since there is no intrusion detection and prevention available for BAS network, proposing a reliable security mechanism which can monitor the behavior of BAS assets becomes a major design issue. Anomaly Based Intrusion Detection is a security mechanism that uses baseline model to describe the normal behaviors of a system, so that malicious behaviors occurred in a system can be detected by comparing the observed behavior to the baseline model. With its ability of detecting novel and new attacks, Anomaly based Behavior Analysis (ABA) has been actively pursued by researchers for designing Intrusion Detection Systems. Since the information acquired from a BAS system can be from a variety of sources (e.g. sensors, network protocols, temporal and spatial information), the traditional ABA methodology which merely focuses on analyzing the behavior of communication protocols will not be effective in protecting BAS networks. In this dissertation we aim at developing a general methodology named Context Aware Anomaly based Behavior Analysis (CAABA) which combines Context Awareness technique with Anomaly based Behavior Analysis in order to detect any type of anomaly behaviors occurred in Building Automation Systems. Context Awareness is a technique which is widely used in pervasive computing and it aims at gathering information about a system's environment so it can accurately characterize the current operational context of the BAS network and its services. The CAABA methodology can be used to protect a variety of BAS networks in a sustainable and reliable way. To handle the heterogeneous BAS information, we developed a novel Context Aware Data Structure to represent the information acquired from the sensors and resources during execution of the BAS system which can explicitly describe the system's behavior. By performing Anomaly based Behavior Analysis over the set of context arrays using either data mining algorithm or statistical functions, the BAS baseline models are generated. To validate our methodology, we have applied it to two different building application scenarios: a smart building system which is usually implemented in industrial and commercial office buildings and a smart home system which is implemented in residential buildings, where we have achieved good detection results with low detection errors. Building Automation Systems Context Awareness Cyber Security Internet of Things Intrusion Detection System Smart Buildings
70	The What, When, and How of Strategic Movement in Adversarial Settings: A Syncretic View of AI and Security January 2020 (has links) abstract: The field of cyber-defenses has played catch-up in the cat-and-mouse game of finding vulnerabilities followed by the invention of patches to defend against them. With the complexity and scale of modern-day software, it is difficult to ensure that all known vulnerabilities are patched; moreover, the attacker, with reconnaissance on their side, will eventually discover and leverage them. To take away the attacker's inherent advantage of reconnaissance, researchers have proposed the notion of proactive defenses such as Moving Target Defense (MTD) in cyber-security. In this thesis, I make three key contributions that help to improve the effectiveness of MTD. First, I argue that naive movement strategies for MTD systems, designed based on intuition, are detrimental to both security and performance. To answer the question of how to move, I (1) model MTD as a leader-follower game and formally characterize the notion of optimal movement strategies, (2) leverage expert-curated public data and formal representation methods used in cyber-security to obtain parameters of the game, and (3) propose optimization methods to infer strategies at Strong Stackelberg Equilibrium, addressing issues pertaining to scalability and switching costs. Second, when one cannot readily obtain the parameters of the game-theoretic model but can interact with a system, I propose a novel multi-agent reinforcement learning approach that finds the optimal movement strategy. Third, I investigate the novel use of MTD in three domains-- cyber-deception, machine learning, and critical infrastructure networks. I show that the question of what to move poses non-trivial challenges in these domains. To address them, I propose methods for patch-set selection in the deployment of honey-patches, characterize the notion of differential immunity in deep neural networks, and develop optimization problems that guarantee differential immunity for dynamic sensor placement in power-networks. / Dissertation/Thesis / Doctoral Dissertation Computer Science 2020 Artificial intelligence Cyber-security Equilibrium Computation Equilibrium Learning Game Theory Leader-Follower Games Moving Target Defense

Search results