More Like this

1. CYBER-PHYSICAL SECURITY OF AIR TRAFFIC SURVEILLANCE SYSTEMS

   Thudimilla, Anusha; McMillin, Bruce (March 2020, Critical Infrastructure Protection XIV)

   Cyber-physical system security is a significant concern in the critical infrastructure. Strong interdependencies between cyber and physical components render cyber-physical systems highly susceptible to integrity attacks such as injecting malicious data and projecting fake sensor measurements. Traditional security models partition cyber-physical systems into just two domains – high and low. This absolute partitioning is not well suited to cyber-physical systems because they comprise multiple overlapping partitions. Information flow properties, which model how inputs to a system affect its outputs across security partitions, are important considerations in cyber-physical systems. Information flows support traceability analysis that helps detect vulnerabilities and anomalous sources, contributing to the implementation of mitigation measures. This chapter describes an automated model with graph-based information flow traversal for identifying information flow paths in the Automatic Dependent Surveillance-Broadcast (ADS-B) system used in civilian aviation, and subsequently partitioning the flows into security domains. The results help identify ADS-B system vulnerabilities to failures and attacks, and determine potential mitigation measures. 

   more » « less
2. Directed Test Generation for Activation of Security Assertions in RTL Models

   https://doi.org/10.1145/3441297  

   Witharana, Hasini; Lyu, Yangdi; Mishra, Prabhat (April 2021, ACM Transactions on Design Automation of Electronic Systems)

   null (Ed.)

   Assertions are widely used for functional validation as well as coverage analysis for both software and hardware designs. Assertions enable runtime error detection as well as faster localization of errors. While there is a vast literature on both software and hardware assertions for monitoring functional scenarios, there is limited effort in utilizing assertions to monitor System-on-Chip (SoC) security vulnerabilities. We have identified common SoC security vulnerabilities and defined several classes of assertions to enable runtime checking of security vulnerabilities. A major challenge in assertion-based validation is how to activate the security assertions to ensure that they are valid. While existing test generation using model checking is promising, it cannot generate directed tests for large designs due to state space explosion. We propose an automated and scalable mechanism to generate directed tests using a combination of symbolic execution and concrete simulation of RTL models. Experimental results on diverse benchmarks demonstrate that the directed tests are able to activate security assertions non-vacuously. 

   more » « less
3. Interdependent Security Games in the Stackelberg Style: How First-Mover Advantage Impacts Free-Riding and Security (Under-)Investment

   Huang, Ziyuan; Naghizadeh, Parinaz; Liu, Mingyan (June 2023, The 22nd Workshop on the Economics of Information Security (WEIS'23))

   Network games are commonly used to capture the strategic interactions among interconnected agents in simultaneous moves. The agents’ actions in a Nash equilibrium must take into account the mutual dependencies connecting them, which is typically obtained by solving a set of fixed point equations. Stackelberg games, on the other hand, model the sequential moves between agents that are categorized as leaders and followers. The corresponding solution concept, the subgame perfect equilibrium, is typically obtained using backward induction. Both game forms enjoy very wide use in the (cyber)security literature, the network game often as a template to study security investment and externality – also referred to as the Interdependent Security (IDS) games – and the Stackelberg game as a formalism to model a variety of attacker-defender scenarios. In this study we examine a model that combines both types of strategic reasoning: the interdependency as well as sequential moves. Specifically, we consider a scenario with a network of interconnected first movers (firms or defenders, whose security efforts and practices collectively determine the security posture of the eco-system) and one or more second movers, the attacker(s), who determine how much effort to exert on attacking the many potential targets. This gives rise to an equilibrium concept that embodies both types of equilibria mentioned above. We will examine how its existence and uniqueness conditions differ from that for a standard network game. Of particular interest are comparisons between the two game forms in terms of effort exerted by the defender(s) and the attacker(s), respectively, and the free-riding behavior among the defenders. 

   more » « less
4. An Integrated Modeling Framework for Application Layer Security

   Kannan U; Swamidurai R (July 2022, Neuroquantology)

   Cybersecurity is a complex problem. To study the complexity underneath the system and forecast possible future cyber events, we used system dynamics (SD)modeling and simulation.Network operations are normally modeled and simulated using the discrete-event simulation (DES) techniques. Since the primary focus of the DES modeling is packet traffic, the cyberattacks and resulting defenses are viewed from the layer 3 (network layer) of the open system interconnection (OSI) model. This does not discover more harmful attacks that might occur at higher(layer 4 and above) OSI layers. There are 32 million small businesses across the United States and 81 percent of them do not have cybersecurity personnel. Today’s extraordinary (COVID-19) situation, application layer (layer 7) security is the key concern for everyone, because every business revenue is heavily dependent on online/always-on presence. Research shows that almost 70 percent of successful cyber attacks are happening at the application layer. This paper presents a new integrated SD modeling framework for the application layer security to help small businesses from cyberattacks. 

   more » « less
5. Detecting Spurious Correlations With Sanity Tests for Artificial Intelligence Guided Radiology Systems

   https://doi.org/10.3389/fdgth.2021.671015  

   Mahmood, Usman; Shrestha, Robik; Bates, David D.; Mannelli, Lorenzo; Corrias, Giuseppe; Erdi, Yusuf Emre; Kanan, Christopher (August 2021, Frontiers in Digital Health)

   Artificial intelligence (AI) has been successful at solving numerous problems in machine perception. In radiology, AI systems are rapidly evolving and show progress in guiding treatment decisions, diagnosing, localizing disease on medical images, and improving radiologists' efficiency. A critical component to deploying AI in radiology is to gain confidence in a developed system's efficacy and safety. The current gold standard approach is to conduct an analytical validation of performance on a generalization dataset from one or more institutions, followed by a clinical validation study of the system's efficacy during deployment. Clinical validation studies are time-consuming, and best practices dictate limited re-use of analytical validation data, so it is ideal to know ahead of time if a system is likely to fail analytical or clinical validation. In this paper, we describe a series of sanity tests to identify when a system performs well on development data for the wrong reasons. We illustrate the sanity tests' value by designing a deep learning system to classify pancreatic cancer seen in computed tomography scans. 

   more » « less