More Like this

1. Graphene: Infrastructure Security Posture Analysis with AI-generated Attack Graphs

   Jin, Xin; Katsis, Charalampos; Sang, Fan; Sun, Jiahao; Bertino, Elisa; Kompella, Ramana Rao; Kundu, Ashish (October 2024, The 10th IEEE International Conference on Collaboration and Internet Computing)

   The rampant occurrence of cybersecurity breaches imposes substantial limitations on the progress of network infras- tructures, leading to compromised data, financial losses, potential harm to individuals, and disruptions in essential services. The current security landscape demands the urgent development of a holistic security assessment solution that encompasses vul- nerability analysis and investigates the potential exploitation of these vulnerabilities as attack paths. In this paper, we propose GRAPHENE, an advanced system designed to provide a detailed analysis of the security posture of computing infrastructures. Using user-provided information, such as device details and software versions, GRAPHENE performs a comprehensive secu- rity assessment. This assessment includes identifying associated vulnerabilities and constructing potential attack graphs that adversaries can exploit. Furthermore, it evaluates the exploitabil- ity of these attack paths and quantifies the overall security posture through a scoring mechanism. The system takes a holistic approach by analyzing security layers encompassing hardware, system, network, and cryptography. Furthermore, GRAPHENE delves into the interconnections between these layers, exploring how vulnerabilities in one layer can be leveraged to exploit vulnerabilities in others. In this paper, we present the end-to-end pipeline implemented in GRAPHENE, showcasing the systematic approach adopted for conducting this thorough security analysis. 

   more » « less
2. Towards a Threat Model for Vehicular Fog Computing

   https://doi.org/10.1109/UEMCON47517.2019.8993064  

   Hoque, Mohammad Aminul; Hasan, Ragib (October 2019, IEEE Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON))

   null (Ed.)

   Security is a huge challenge in vehicular networks due to the large size of the network, high mobility of nodes, and continuous change of network topology. These challenges are also applicable to the vehicular fog, which is a new computing paradigm in the context of vehicular networks. In vehicular fog computing, the vehicles serve as fog nodes. This is a promising model for latency-sensitive and location-aware services, which also incurs some unique security and privacy issues. However, there is a lack of a systematic approach to design security solutions of the vehicular fog using a comprehensive threat model. Threat modeling is a step-by-step process to analyze, identify, and prioritize all the potential threats and vulnerabilities of a system and solve them with known security solutions. A well-designed threat model can help to understand the security and privacy threats, vulnerabilities, requirements, and challenges along with the attacker model, the attack motives, and attacker capabilities. Threat model analysis in vehicular fog computing is critical because only brainstorming and threat models of other vehicular network paradigms will not provide a complete scenario of potential threats and vulnerabilities. In this paper, we have explored the threat model of vehicular fog computing and identified the threats and vulnerabilities using STRIDE and CIAA threat modeling processes. We posit that this initiative will help to improve the security and privacy system design of vehicular fog computing. 

   more » « less
3. Towards a Threat Model for Vehicular Fog Computing

   Hoque, Mohammad Aminul; Hasan, Ragib (October 2019, IEEE UEMCON)

   Security is a huge challenge in vehicular networks due to the large size of the network, high mobility of nodes, and continuous change of network topology. These challenges are also applicable to the vehicular fog, which is a new computing paradigm in the context of vehicular networks. In vehicular fog computing, the vehicles serve as fog nodes. This is a promising model for latency-sensitive and location-aware services, which also incurs some unique security and privacy issues. However, there is a lack of a systematic approach to design security solutions of the vehicular fog using a comprehensive threat model. Threat modeling is a step-by-step process to analyze, identify, and prioritize all the potential threats and vulnerabilities of a system and solve them with known security solutions. A well-designed threat model can help to understand the security and privacy threats, vulnerabilities, requirements, and challenges along with the attacker model, the attack motives, and attacker capabilities. Threat model analysis in vehicular fog computing is critical because only brainstorming and threat models of other vehicular network paradigms will not provide a complete scenario of potential threats and vulnerabilities. In this paper, we have explored the threat model of vehicular fog computing and identified the threats and vulnerabilities using STRIDE and CIAA threat modeling processes. We posit that this initiative will help to improve the security and privacy system design of vehicular fog computing. 

   more » « less
4. Physics-Informed Learning-based Attack Analytics for Electric Vehicle Charging Management Systems

   Perry, David; Mohammad, Haider; Kazmi, Kumail; Rahman, Mohammad Ashiqur; Shahriar, Hossain (July 2025, IEEE)

   This work introduces a novel physics-informed neural network (PINN)-based framework for modeling and optimizing false data injection (FDI) attacks on electric vehicle charging station (EVCS) networks, with a focus on centralized charging management system (CMS). By embedding the governing physical laws as constraints within the neural network’s loss function, the proposed framework enables scalable, real-time analysis of cyber-physical vulnerabilities. The PINN models EVCS dynamics under both normal and adversarial conditions while optimizing stealthy attack vectors that exploit voltage and current regulation. Evaluations on the IEEE 33-bus system demonstrate the framework’s capability to uncover critical vulnerabilities. These findings underscore the urgent need for enhanced resilience strategies in EVCS networks to mitigate emerging cyber threats targeting the power grid. Furthermore, the framework lays the groundwork for exploring a broader range of cyber-physical attack scenarios on EVCS networks, offering potential insights into their impact on power grid operations. It provides a flexible platform for studying the interplay between physical constraints and adversarial manipulations, enhancing our understanding of EVCS vulnerabilities. This approach opens avenues for future research into robust mitigation strategies and resilient design principles tailored to the evolving cybersecurity challenges in smart grid systems. 

   more » « less
5. Metrics for Assessing Security of System-on-Chip

   https://doi.org/10.1109/HOST54066.2022.9839854  

   Saha, Sujan Kumar; Mbongue, Joel Mandebi; Bobda, Christophe (August 2022, 2022 IEEE International Symposium on Hardware Oriented Security and Trust (HOST))

   Due to the increasing complexity of modern hetero-geneous System-on-Chips (SoC) and the growing vulnerabilities, security risk assessment and quantification is required to measure the trustworthiness of a SoC. This paper describes a systematic approach to model the security risk of a system for malicious hardware attacks. The proposed method uses graph analysis to assess the impact of an attack and the Common Vulnerability Scoring System (CVSS) is used to quantify the security level of the system. To demonstrate the applicability of the proposed metric, we consider two open source SoC benchmarks with different architectures. The overall risk is calculated using the proposed metric by computing the exploitability and impact of attack on critical components of a SoC. 

   more » « less