Intrusion Detection System for Network Security in Synchrophasor Systems

Synchrophasor systems will play a crucial role in next generation Smart Grid monitoring, protection and control. However these systems also introduce a multitude of potential vulnerabilities from malicious and inadvertent attacks, which may render erroneous operation or severe damage. This paper proposes a Synchrophasor Specific Intrusion Detection System (SSIDS) for malicious cyber attack and unintended misuse. The SSIDS comprises a heterogeneous whitelist and behavior-based approach to detect known attack types and unknown and so-called ‘zero-day’ vulnerabilities and attacks. The paper describes reconnaissance, Man-in-the-Middle (MITM) and Denial-of-Service (DoS) attack types executed against a practical synchrophasor system which are used to validate the real-time effectiveness of the proposed SSIDS cyber detection method.

Providing User Security Guarantees in Public Infrastructure Clouds

The infrastructure cloud (IaaS) service model offers improved resource flexibility and availability, where tenants - insulated from the minutiae of hardware maintenance - rent computing resources to deploy and operate complex systems. Large-scale services running on IaaS platforms demonstrate the viability of this model; nevertheless, many organizations operating on sensitive data avoid migrating operations to IaaS platforms due to security concerns. In this paper, we describe a framework for data and operation security in IaaS, consisting of protocols for a trusted launch of virtual machines and domain-based storage protection. We continue with an extensive theoretical analysis with proofs about protocol resistance against attacks in the defined threat model. The protocols allow trust to be established by remotely attesting host platform configuration prior to launching guest virtual machines and ensure confidentiality of data in remote storage, with encryption keys maintained outside of the IaaS domain. Presented experimental results demonstrate the validity and efficiency of the proposed protocols. The framework prototype was implemented on a test bed operating a public electronic health record system, showing that the proposed protocols can be integrated into existing cloud environments.

Contexts-management strategy in considering the security in urban computing based on urban design

Urban Computing (UrC) provides users with the situation-proper information by considering context of users, devices, and social and physical environment in urban life. With social network services, UrC makes it possible for people with common interests to organize a virtual-society through exchange of context information among them. In these cases, people and personal devices are vulnerable to fake and misleading context information which is transferred from unauthorized and unauthenticated servers by attackers. So called smart devices which run automatically on some context events are more vulnerable if they are not prepared for attacks. In this paper, we illustrate some UrC service scenarios, and show important context information, possible threats, protection method, and secure context management for people.

Benchmarking de uma aproximação de ticketing as a service (Taas)

Dissertação de natureza científica realizada para obtenção do grau de Mestre em Engenharia de Redes de Computadores e Multimédia

The role of the intelligence service in preventing and combating transnational terrorism

Outrora dominado por ameaças provenientes de Estados-nação, o cenário global actual, dominado por uma rápida mudança de poderes que nos apresenta uma interacção complexa entre múltiplos actores, onde inimigos desconhecidos, anteriormente bem identificados, é actualmente controlado por grupos terroristas bem preparados e bem organizados. Hezbollah é reconhecido como um dos grupos terroristas mais capazes, com uma extensa rede fora do Líbano dedicada a tráfico de droga, armas e seres humanos, tal como o branqueamento de capitais para financiar o terrorismo, representando um grande foco de instabilidade à segurança. Como instrumento de Estado, os serviços de informações detêm a capacidade de estar na linha da frente na prevenção e combate ao terrorismo. Todavia, para compreender este fenómeno é necessário analisar os actores desta ameaça. À luz desta conjuntura, esta dissertação está dividida em três capítulos principais que visam responder às seguintes questões fundamentais: O que é o terrorismo? Como opera um grupo terrorista transnacional? Será que os serviços de informações têm as ferramentas necessárias para prevenir e combater estas ameaças?

INFO6003: Network Security: DDoS

A run through various aspects of Distributed Denial of Service attacks

A Focus on Distributed Denial of Service

An Arbor Networks paper describing DDoS attacks and related attacks. The first 9-10 pages or so are good background reading for INFO6003. Students may also find the rest of the paper interesting.

Poland’s internal security as exemplified by the tasks and activities of the Internal Security Agency in the period 2007–2015

The text analyses Poland's internal security illustrated with the example of the tasks and activities of one of the Polish special services, the Internal Security Agency (pol. Agencja Bezpieczeństwa Wewnętrznego – ABW). Although the Internal Security Agency was established as a counter-intelligence service, the scope of its tasks and activities places it among the criminal intelligence services, which is poorly effective in terms of the eradication of crime targeted at the state's internal security. The analysis of the issues of state security in the context of the ISA's activity has been elaborated in the present text with the following research questions: (1) To what extent does the statutory scope of the ISA's tasks lower the effectiveness of the actions aimed at combating crime threatening state security? (2) To what extent does the structural pathology inside the ISA lower the effectiveness of the actions aimed at combating crime threatening state security? The text features an extensive analysis of three major issues: (1) the ISA's statutory tasks (with particular consideration of de lege lata and de lege ferenda regulations), (2) the dysfunctional character of the ISA's activity in relation to the scope of its statutory tasks, and (3) the structural pathology resulting from the 'politicisation' of the Internal Security Agency.

Beyond retrenchment over Iran: can the EU offer a framework for regional security? CEPS Commentary, 3 September 2012

A new and far-reaching round of sanctions imposed recently on Iran by the EU is starting to hurt the country, its economy and its citizens. Yet Iran’s leadership seems deaf to demands for international weapons inspectors to be allowed unhindered access to its nuclear enrichment facilities. With a regime that is not likely to sway to international and domestic pressure, and in view of the shifting strategic landscape in the Middle East, the question is whether the twin-track approach of sanctions and diplomacy should be kept up, or whether it should make way for an alternative set of policies that could preserve the fragile stability in the wider Middle East and turn a vicious circle into a virtuous one. In this new Commentary, CEPS Senior Research Fellow Steven Blockmans argues that the High Representative of the EU for Foreign Affairs and Security Policy, supported by the European External Action Service, is in a good position to offer a negotiated way out of this seemingly intractable situation.

Reviewing Member States’ Commitment to the European External Action Service. EPIN Working Paper No. 34, 20 November 2012

Based on interviews with diplomats from a representative cross-section of nine member states and members of the EEAS itself, the research findings of this EPIN Working Paper confirm long-standing traditions and member state perceptions of cooperation with European institutions. The paper also reveals new aspects of the intergovernmental method of foreign policy shaping and making in the European Union; in particular how different national positions can positively or negatively affect the consolidation of the EEAS and the role of the EU as an international actor. As such, the Working Paper makes an original contribution to the existing literature on one of most discussed actors in the European Union’s post-Lisbon architecture in the domain of EU external action.

Ecological intensification: harnessing ecosystem services for food security

Rising demands for agricultural products will increase pressure to further intensify crop production, while negative environmental impacts have to be minimized. Ecological intensification entails the environmentally friendly replacement of anthropogenic inputs and/or enhancement of crop productivity, by including regulating and supporting ecosystem services management in agricultural practices. Effective ecological intensification requires an understanding of the relations between land use at different scales and the community composition of ecosystem service-providing organisms above and below ground, and the flow, stability, contribution to yield, and management costs of the multiple services delivered by these organisms. Research efforts and investments are particularly needed to reduce existing yield gaps by integrating context-appropriate bundles of ecosystem services into crop production systems.

Threats to an ecosystem service: pressures on pollinators

Insect pollinators of crops and wild plants are under threat globally and their decline or loss could have profound economic and environmental consequences. Here, we argue that multiple anthropogenic pressures – including land-use intensification, climate change, and the spread of alien species and diseases – are primarily responsible for insect-pollinator declines. We show that a complex interplay between pressures (eg lack of food sources, diseases, and pesticides) and biological processes (eg species dispersal and interactions) at a range of scales (from genes to ecosystems) underpins the general decline in insect-pollinator populations. Interdisciplinary research on the nature and impacts of these interactions will be needed if human food security and ecosystem function are to be preserved. We highlight key areas that require research focus and outline some practical steps to alleviate the pressures on pollinators and the pollination services they deliver to wild and crop plants.

Enhanced three-factor security protocol for consumer USB mass storage devices

The Universal Serial Bus (USB) is an extremely popular interface standard for computer peripheral connections and is widely used in consumer Mass Storage Devices (MSDs). While current consumer USB MSDs provide relatively high transmission speed and are convenient to carry, the use of USB MSDs has been prohibited in many commercial and everyday environments primarily due to security concerns. Security protocols have been previously proposed and a recent approach for the USB MSDs is to utilize multi-factor authentication. This paper proposes significant enhancements to the three-factor control protocol that now makes it secure under many types of attacks including the password guessing attack, the denial-of-service attack, and the replay attack. The proposed solution is presented with a rigorous security analysis and practical computational cost analysis to demonstrate the usefulness of this new security protocol for consumer USB MSDs.

Service oriented approach to facility management using extended building information modelling

Facility management (FM), from a service oriented approach, addresses the functions and requirements of different services such as energy management, space planning and security service. Different service requires different information to meet the needs arising from the service. Object-based Building Information Modelling (BIM) is limited to support FM services; though this technology is able to generate 3D models that semantically represent facility’s information dynamically over the lifecycle of a building. This paper presents a semiotics-inspired framework to extend BIM from a service-oriented perspective. The extended BIM, which specifies FM services and required information, will be able to express building service information in the right format for the right purposes. The service oriented approach concerns pragmatic aspect of building’s information beyond semantic level. The pragmatics defines and provides context for utilisation of building’s information. Semiotics theory adopted in this paper is to address pragmatic issues of utilisation of BIM for FM services.

Scalable model-based configuration management of security services in complex enterprise networks

Security administrators face the challenge of designing, deploying and maintaining a variety of configuration files related to security systems, especially in large-scale networks. These files have heterogeneous syntaxes and follow differing semantic concepts. Nevertheless, they are interdependent due to security services having to cooperate and their configuration to be consistent with each other, so that global security policies are completely and correctly enforced. To tackle this problem, our approach supports a comfortable definition of an abstract high-level security policy and provides an automated derivation of the desired configuration files. It is an extension of policy-based management and policy hierarchies, combining model-based management (MBM) with system modularization. MBM employs an object-oriented model of the managed system to obtain the details needed for automated policy refinement. The modularization into abstract subsystems (ASs) segment the system-and the model-into units which more closely encapsulate related system components and provide focused abstract views. As a result, scalability is achieved and even comprehensive IT systems can be modelled in a unified manner. The associated tool MoBaSeC (Model-Based-Service-Configuration) supports interactive graphical modelling, automated model analysis and policy refinement with the derivation of configuration files. We describe the MBM and AS approaches, outline the tool functions and exemplify their applications and results obtained. Copyright (C) 2010 John Wiley & Sons, Ltd.