Cybersecurity and Software Assurance

Permanent URI for this collection

https://hdl.handle.net/10125/102620

Browse

Recent Submissions

Now showing 1 - 7 of 7
  • Item
    Hardening Honeypots for Industrial Control Systems
    ( 2023-01-03) Meier, Joseph ; Nguyen, Thuy ; Rowe, Neil
    Honeypots are computers that collect intelligence about new cyberattacks and malware behavior. To be successful, these decoys must allow attackers to probe a system without compromising data collection. Previously, we developed an industrial control system (ICS) honeypot simulating a small electric-distribution system, but this honeypot was attacked, and its log data was deleted. The current work analyzed the attacks and developed methods to harden the main weaknesses of the public user interface. The hardened honeypot included more robust data collection and logging capabilities, and was deployed in a commercial cloud environment. We observed significant scanning and new attacks, including the well-known BlueKeep exploit and activity related to Russian cyberattacks on Ukraine. Our results showed that the added security controls, monitoring, and logging were more effective in protecting the honeypot’s data and event logs.
  • Item
    Success Factors in Secure Software Development of Cloud Applications in Germany: A Qualitative-explorative Expert Study
    ( 2023-01-03) Schubert, Marc ; Pagel, Sven ; Von Korflesch, Harald
    The use of cloud computing continues to increase in Germany, according to Germany’s digital association. However, threats to information security stand in the way of a comprehensive acceptance and penetration of cloud computing. Secure software development is described in the standard ISO/IEC 27001, security control A.14.2 “Security in development and support processes” and in the cloud related code of practice standard ISO/IEC 27017 in chapter 14.2 “Security in development and support processes”. Secure software development has the potential to reduce vulnerabilities and thus increase the security level of applications. When implementing a secure software development process of cloud applications, the question for organizations is which factors have a positive influence on success, where success is defined as an increased security level of cloud applications. This paper contributes to answering the questions of (RQ1) what potential success factors exist in secure software development of cloud applications in Germany and (RQ2) what role does strategic and operational aspects play.
  • Item
    Dynamical Systems that Heal
    ( 2023-01-03) Fiske, Michael
    Malware plays a key role in attacking critical infrastructure. With this problem in mind, we introduce systems that heal from a broader perspective than the standard digital computer model: Our goal in a more general theory is to be applicable to systems that contain subsystems that do not solely rely on the execution of register machine instructions. Our broader approach assumes a dynamical system that performs tasks. Our primary contribution defines a principle of self-modifiability in dynamical systems and demonstrates how it can be used to heal a malfunctioning dynamical system. As far as we know, to date there has not been a mathematical notion of self-modifiability in dynamical systems; hitherto there has not been a formal system for describing how to heal damaged computer instructions or to heal differential equations that perform tasks.
  • Item
    Formal Verification of Prim’s Algorithm in SPARK
    ( 2023-01-03) Wheelhouse, Brian ; Hopkinson, Kenneth ; Humphrey, Laura
    Many distributed systems use a minimum spanning tree (MST) as the backbone of efficient communication within the system. Given its critical role, it is important that the MST be implemented correctly. One way to ensure its correctness with a high degree of confidence is to use formal methods, i.e. mathematically-based tools and approaches for design and verification of software and hardware. Toward this end, we implement Prim’s algorithm for construction of MSTs in SPARK, which is both a programming language and associated set of formal verification tools. At the most basic levels, formal verification in SPARK requires proving that code satisfies contracts on data flow and initialization and is free of run-time errors, which often reveals rare or subtle errors that are hard to detect through testing alone. Once errors are corrected and formal verification is complete, the result is code that is mathematically proven to satisfy the verified properties. In this paper, we provide background on SPARK and describe the process of using it to implement and verify basic properties of MSTs constructed using Prim’s algorithm.
  • Item
    Implementation and Validation of non-semantic Out-of-Distribution Detection on Image Data in Manufacturing
    ( 2023-01-03) Jin, Meng ; Rajesh, Mehta Dharmil ; Xing, Wenting ; Schniertshauer, Johannes ; Neuhüttler, Jens ; Zimmermann, Felix
    Small changes in the production environment can have a negative impact on the performance of machine learning models. This study investigates the feasibility of various methods for detecting non-semantic Out-of-Distribution (OOD) cases in input images, which could be caused by hardware-side malfunctions, such as a defective camera flash. For this purpose, we design four experiments based on a real-world computer vision use case to simulate hardware problems that may occur in manufacturing and verify the performance of the various methods for detecting OOD cases. Furthermore, we explore the optimal sample size of input data to ensure that OOD cases can be found efficiently and successfully. The experimental results show that the tested methods can effectively and correctly detect the presence of non-semantic OOD data. The next step is to focus on securing ML models to identify malignant OOD cases, which negatively affects the performance of deep learning models.
  • Item
    Understanding Software Obfuscation and Diversification as Defensive Measures for the Cybersecurity of Internet of Things
    ( 2023-01-03) Rauti, Sampsa ; Laato, Samuli
    Internet of Things (IoT) has emerged as an umbrella term to describe connecting smart everyday objects (such as washing machines, toilets and sound systems), sensors and industrial machines to the internet. While IoT devices hold potential to greatly enhance quality of life through automating and optimizing mundane tasks, there are a great deal of security and privacy challenges. For this reason, practitioners and academics have explored various ways to enhance the multi-layered security of IoT devices. One of these methods is obfuscation, which has been successfully applied to make accessing devices more difficult for adversaries. In this study, we systematically processed the literature on applying obfuscation and diversification to improve IoT cybersecurity (81 articles) and clustered this research according the obfuscation target (code, data, interface, location, traffic). We then conducted a follow-up bibliometric review of the entire research profile of IoT cybersecurity (3,682 articles) to understand how these obfuscation and diversification approaches relate to the general cybersecurity landscape and solutions of IoT. We also derive a comprehensive list of benefits and shortcomings of enhancing IoT security through diversification, and present points of departure for future research.
  • Item
    Introduction to the Minitrack on Cybersecurity and Software Assurance
    ( 2023-01-03) George, Richard ; Chamberlain, Luanne ; Llanso, Thomas