-
A Survey of Cyber Security Countermeasures Using Hardware Performance Counters
Authors:
James Christopher Foreman
Abstract:
Cyber attacks and malware are now more prevalent than ever and the trend is ever upward. There have been several approaches to attack detection including resident software applications at the root or user level, e.g., virus detection, and modifications to the OS, e.g., encryption, application signing, etc. Some approaches have moved to lower level detection and preven- tion, e.g., Data Execution P…
▽ More
Cyber attacks and malware are now more prevalent than ever and the trend is ever upward. There have been several approaches to attack detection including resident software applications at the root or user level, e.g., virus detection, and modifications to the OS, e.g., encryption, application signing, etc. Some approaches have moved to lower level detection and preven- tion, e.g., Data Execution Prevention. An emerging approach in countermeasure development is the use of hardware performance counters existing in the micro-architecture of modern processors. These are at the lowest level, implemented in processor hardware, and the wealth of data collected by these counters affords some very promising countermeasures with minimal overhead as well as protection from being sabotaged themselves by attackers. Here, we conduct a survey of recent techniques in realizing effective countermeasures for cyber attack detection from these hardware performance counters.
△ Less
Submitted 27 July, 2018;
originally announced July 2018.
-
Architecture for Community-scale Critical Infrastructure Coordination for Security and Resilience
Authors:
James Christopher Foreman
Abstract:
Our Critical Infrastructure (CI) systems are, by definition, critical to the safe and proper functioning of society. Nearly all of these systems utilize industrial Process Control Systems (PCS) to provide clean water, reliable electricity, critical manufacturing, and many other services within our communities - yet most of these PCS incorporate very little cyber-security countermeasures. Cyber-att…
▽ More
Our Critical Infrastructure (CI) systems are, by definition, critical to the safe and proper functioning of society. Nearly all of these systems utilize industrial Process Control Systems (PCS) to provide clean water, reliable electricity, critical manufacturing, and many other services within our communities - yet most of these PCS incorporate very little cyber-security countermeasures. Cyber-attacks on CI are becoming an attractive target. While many vendor solutions are starting to be deployed at CI sites, these solutions are largely based on network monitoring for intrusion detection. As such, they are not process-aware, nor do they account for inter dependencies among other CI sites in their community. What is proposed is an architecture for coordinating all CI within a community, which defines characteristics to enhance its integration, its resilience to failure and attack, and its ultimate acceptance by CI operators.
△ Less
Submitted 23 July, 2016;
originally announced July 2016.
-
Aggregation Architecture for Data Reduction and Privacy in Advanced Metering Infrastructure
Authors:
James Christopher Foreman,
Franklin Pacheco
Abstract:
Advanced Metering Infrastructure (AMI) have rapidly become a topic of international interest as governments have sponsored their deployment for the purposes of utility service reliability and efficiency, e.g., water and electricity conservation. Two problems plague such deployments. First is the protection of consumer privacy. Second is the problem of huge amounts of data from such deployments. A…
▽ More
Advanced Metering Infrastructure (AMI) have rapidly become a topic of international interest as governments have sponsored their deployment for the purposes of utility service reliability and efficiency, e.g., water and electricity conservation. Two problems plague such deployments. First is the protection of consumer privacy. Second is the problem of huge amounts of data from such deployments. A new architecture is proposed to address these problems through the use of Aggregators, which incorporate temporary data buffering and the modularization of utility grid analysis. These Aggregators are used to deliver anonymized summary data to the central utility while preserving billing and automated connection services.
△ Less
Submitted 19 July, 2016;
originally announced July 2016.
-
New Software Metrics for Evaluation and Comparison of Advanced Power Management Systems
Authors:
James Christopher Foreman,
Rammohan K. Ragade,
James H. Graham
Abstract:
A set of software metrics for the evaluation of power management systems (PMSs) is presented. Such systems for managing power need to be autonomous, scalable, low in complexity, and comprised of portable algorithms in order to be well applied across the varying implementations that utilize power systems. Although similar metrics exist for software in general, their definitions do not readily lend…
▽ More
A set of software metrics for the evaluation of power management systems (PMSs) is presented. Such systems for managing power need to be autonomous, scalable, low in complexity, and comprised of portable algorithms in order to be well applied across the varying implementations that utilize power systems. Although similar metrics exist for software in general, their definitions do not readily lend themselves to the unique characteristics of power management systems or systems of similar architecture.
△ Less
Submitted 16 July, 2016;
originally announced July 2016.
-
Cyber Attack Surface Analysis of Advanced Metering Infrastructure
Authors:
James Christopher Foreman,
Dheeraj Gurugubelli
Abstract:
Cyber attacks on critical infrastructure have been an issue of importance in industry over the past several years, as well as a focus of academic research. Cyber attacks of various types and magnitude have been on the rise targeted specifically at power grids. A successful attack on the power grid could result in significant impacts including grid shutdown, cascading failures, damage to the infras…
▽ More
Cyber attacks on critical infrastructure have been an issue of importance in industry over the past several years, as well as a focus of academic research. Cyber attacks of various types and magnitude have been on the rise targeted specifically at power grids. A successful attack on the power grid could result in significant impacts including grid shutdown, cascading failures, damage to the infrastructure, and potential harm to people. Power grid infrastructure are critical in nature, they enable operations for residential, commercial, industrial, and government users across critical infrastructure such as water, communication, banking, transportation, manufacturing, and more. The compromise of these operations introduces threats, which span from economic to public safety. The Advanced Metering Infrastructure (AMI) is now being rapidly deployed throughout the power grid, and is an enabling technology for smart grid. Identifying the attack surface is a necessary step in achieving cyber security in smart grids and AMI. The purpose of this paper is to quantify and examine the cyber attack surface of AMI in order to lay the foundation for mitigating approaches to AMI cyber security.
△ Less
Submitted 16 July, 2016;
originally announced July 2016.
