-
A Reinforcement Learning Approach for RIS-aided Fair Communications
Authors:
Alex Pierron,
Michel Barbeau,
Luca De Cicco,
Jose Rubio-Hernan,
Joaquin Garcia-Alfaro
Abstract:
Reconfigurable Intelligent Surfaces (RISs) are composed of physical elements that can dynamically alter electromagnetic wave properties to enhance beamforming and leading to improvements in areas with low coverage properties. They have the potential to be combined with Reinforcement Learning (RL) techniques to achieve network performance and energy efficiency via optimization techniques. In additi…
▽ More
Reconfigurable Intelligent Surfaces (RISs) are composed of physical elements that can dynamically alter electromagnetic wave properties to enhance beamforming and leading to improvements in areas with low coverage properties. They have the potential to be combined with Reinforcement Learning (RL) techniques to achieve network performance and energy efficiency via optimization techniques. In addition to performance and energy improvements, it is also crucial to consider the concept of fair communications. RISs must ensure that User Equipment (UE) units receive their signals with adequate strength, without other UE being deprived of service due to insufficient power. In this paper, we address such a problem. We explore the fairness properties of previous work and propose a novel method that aims at obtaining an efficient and fair duplex RIS-RL system for multiple legitimate UE units. We report and discuss our experimental work and simulation results. We also release our code and datasets to foster further research in the topic.
△ Less
Submitted 11 June, 2025; v1 submitted 1 June, 2025;
originally announced June 2025.
-
Graph Analytics for Cyber-Physical System Resilience Quantification
Authors:
Romain Dagnas,
Michel Barbeau,
Joaquin Garcia-Alfaro,
Reda Yaich
Abstract:
Critical infrastructures integrate a wide range of smart technologies and become highly connected to the cyber world. This is especially true for Cyber-Physical Systems (CPSs), which integrate hardware and software components. Despite the advantages of smart infrastructures, they remain vulnerable to cyberattacks. This work focuses on the cyber resilience of CPSs. We propose a methodology based on…
▽ More
Critical infrastructures integrate a wide range of smart technologies and become highly connected to the cyber world. This is especially true for Cyber-Physical Systems (CPSs), which integrate hardware and software components. Despite the advantages of smart infrastructures, they remain vulnerable to cyberattacks. This work focuses on the cyber resilience of CPSs. We propose a methodology based on knowledge graph modeling and graph analytics to quantify the resilience potential of complex systems by using a multilayered model based on knowledge graphs. Our methodology also allows us to identify critical points. These critical points are components or functions of an architecture that can generate critical failures if attacked. Thus, identifying them can help enhance resilience and avoid cascading effects. We use the SWaT (Secure Water Treatment) testbed as a use case to achieve this objective. This system mimics the actual behavior of a water treatment station in Singapore. We model three resilient designs of SWaT according to our multilayered model. We conduct a resilience assessment based on three relevant metrics used in graph analytics. We compare the results obtained with each metric and discuss their accuracy in identifying critical points. We perform an experimentation analysis based on the knowledge gained by a cyber adversary about the system architecture. We show that the most resilient SWaT design has the necessary potential to bounce back and absorb the attacks. We discuss our results and conclude this work by providing further research axes.
△ Less
Submitted 2 April, 2025;
originally announced April 2025.
-
Empower Healthcare through a Self-Sovereign Identity Infrastructure for Secure Electronic Health Data Access
Authors:
Antonio López Martínez,
Montassar Naghmouchi,
Maryline Laurent,
Joaquin Garcia-Alfaro,
Manuel Gil Pérez,
Antonio Ruiz Martínez,
Pantaleone Nespoli
Abstract:
Health data is one of the most sensitive data for people, which attracts the attention of malicious activities. We propose an open-source health data management framework, that follows a patient-centric approach. The proposed framework implements the Self-Sovereign Identity paradigm with innovative technologies such as Decentralized Identifiers and Verifiable Credentials. The framework uses Blockc…
▽ More
Health data is one of the most sensitive data for people, which attracts the attention of malicious activities. We propose an open-source health data management framework, that follows a patient-centric approach. The proposed framework implements the Self-Sovereign Identity paradigm with innovative technologies such as Decentralized Identifiers and Verifiable Credentials. The framework uses Blockchain technology to provide immutability, verifiable data registry, and auditability, as well as an agent-based model to provide protection and privacy for the patient data. We also define different use cases regarding the daily patient-practitioner-laboratory interactions and specific functions to cover patient data loss, data access revocation, and emergency cases where patients are unable to give consent and access to their data. To address this design, a proof of concept is created with an interaction between patient and doctor. The most feasible technologies are selected and the created design is validated. We discuss the differences and novelties of this framework, which includes the patient-centric approach also for data storage, the designed recovery and emergency plan, the defined backup procedure, and the selected blockchain platform.
△ Less
Submitted 21 January, 2025;
originally announced January 2025.
-
A Shapley Value Estimation Speedup for Efficient Explainable Quantum AI
Authors:
Iain Burge,
Michel Barbeau,
Joaquin Garcia-Alfaro
Abstract:
This work focuses on developing efficient post-hoc explanations for quantum AI algorithms. In classical contexts, the cooperative game theory concept of the Shapley value adapts naturally to post-hoc explanations, where it can be used to identify which factors are important in an AI's decision-making process. An interesting question is how to translate Shapley values to the quantum setting and whe…
▽ More
This work focuses on developing efficient post-hoc explanations for quantum AI algorithms. In classical contexts, the cooperative game theory concept of the Shapley value adapts naturally to post-hoc explanations, where it can be used to identify which factors are important in an AI's decision-making process. An interesting question is how to translate Shapley values to the quantum setting and whether quantum effects could be used to accelerate their calculation. We propose quantum algorithms that can extract Shapley values within some confidence interval. Our method is capable of quadratically outperforming classical Monte Carlo approaches to approximating Shapley values up to polylogarithmic factors in various circumstances. We demonstrate the validity of our approach empirically with specific voting games and provide rigorous proofs of performance for general cooperative games.
△ Less
Submitted 17 April, 2025; v1 submitted 19 December, 2024;
originally announced December 2024.
-
LUMIA: Linear probing for Unimodal and MultiModal Membership Inference Attacks leveraging internal LLM states
Authors:
Luis Ibanez-Lissen,
Lorena Gonzalez-Manzano,
Jose Maria de Fuentes,
Nicolas Anciaux,
Joaquin Garcia-Alfaro
Abstract:
Large Language Models (LLMs) are increasingly used in a variety of applications, but concerns around membership inference have grown in parallel. Previous efforts focus on black-to-grey-box models, thus neglecting the potential benefit from internal LLM information. To address this, we propose the use of Linear Probes (LPs) as a method to detect Membership Inference Attacks (MIAs) by examining int…
▽ More
Large Language Models (LLMs) are increasingly used in a variety of applications, but concerns around membership inference have grown in parallel. Previous efforts focus on black-to-grey-box models, thus neglecting the potential benefit from internal LLM information. To address this, we propose the use of Linear Probes (LPs) as a method to detect Membership Inference Attacks (MIAs) by examining internal activations of LLMs. Our approach, dubbed LUMIA, applies LPs layer-by-layer to get fine-grained data on the model inner workings. We test this method across several model architectures, sizes and datasets, including unimodal and multimodal tasks. In unimodal MIA, LUMIA achieves an average gain of 15.71 % in Area Under the Curve (AUC) over previous techniques. Remarkably, LUMIA reaches AUC>60% in 65.33% of cases -- an increment of 46.80% against the state of the art. Furthermore, our approach reveals key insights, such as the model layers where MIAs are most detectable. In multimodal models, LPs indicate that visual inputs can significantly contribute to detect MIAs -- AUC>60% is reached in 85.90% of experiments.
△ Less
Submitted 10 January, 2025; v1 submitted 29 November, 2024;
originally announced November 2024.
-
Quantum CORDIC -- Arcsin on a Budget
Authors:
Iain Burge,
Michel Barbeau,
Joaquin Garcia-Alfaro
Abstract:
This work introduces a quantum algorithm for computing the arcsine function to an arbitrary accuracy. We leverage a technique from embedded computing and field-programmable gate array (FPGA), called COordinate Rotation DIgital Computer (CORDIC). CORDIC is a family of iterative algorithms that, in a classical context, can approximate various trigonometric, hyperbolic, and elementary functions using…
▽ More
This work introduces a quantum algorithm for computing the arcsine function to an arbitrary accuracy. We leverage a technique from embedded computing and field-programmable gate array (FPGA), called COordinate Rotation DIgital Computer (CORDIC). CORDIC is a family of iterative algorithms that, in a classical context, can approximate various trigonometric, hyperbolic, and elementary functions using only bit shifts and additions. Adapting CORDIC to the quantum context is non-trivial, as the algorithm traditionally uses several non-reversible operations. We detail a method for CORDIC which avoids such non-reversible operations. We propose multiple approaches to calculate the arcsine function reversibly with CORDIC. For n bits of precision, our method has space complexity of order n qubits, a layer count in the order of n times log n, and a CNOT count in the order of n squared. This primitive function is a required step for the Harrow-Hassidim-Lloyd (HHL) algorithm, is necessary for quantum digital-to-analog conversion, can simplify a quantum speed-up for Monte-Carlo methods, and has direct applications in the quantum estimation of Shapley values.
△ Less
Submitted 2 November, 2024;
originally announced November 2024.
-
Security Approaches for Data Provenance in the Internet of Things: A Systematic Literature Review
Authors:
Omair Faraj,
David Megias,
Joaquin Garcia-Alfaro
Abstract:
The Internet of Things (IoT) relies on resource-constrained devices deployed in unprotected environments. Given their constrained nature, IoT systems are vulnerable to security attacks. Data provenance, which tracks the origin and flow of data, provides a potential solution to guarantee data security, including trustworthiness, confidentiality, integrity, and availability in IoT systems. Different…
▽ More
The Internet of Things (IoT) relies on resource-constrained devices deployed in unprotected environments. Given their constrained nature, IoT systems are vulnerable to security attacks. Data provenance, which tracks the origin and flow of data, provides a potential solution to guarantee data security, including trustworthiness, confidentiality, integrity, and availability in IoT systems. Different types of risks may be faced during data transmission in single-hop and multi-hop scenarios, particularly due to the interconnectivity of IoT systems, which introduces security and privacy concerns. Attackers can inject malicious data or manipulate data without notice, compromising data integrity and trustworthiness. Data provenance offers a way to record the origin, history, and handling of data to address these vulnerabilities. A systematic literature review of data provenance in IoT is presented, exploring existing techniques, practical implementations, security requirements, and performance metrics. Respective contributions and shortcomings are compared. A taxonomy related to the development of data provenance in IoT is proposed. Open issues are identified, and future research directions are presented, providing useful insights for the evolution of data provenance research in the context of the IoT.
△ Less
Submitted 2 November, 2024; v1 submitted 3 July, 2024;
originally announced July 2024.
-
SCORPION Cyber Range: Fully Customizable Cyberexercises, Gamification, and Learning Analytics to Train Cybersecurity Competencies
Authors:
Pantaleone Nespoli,
Mariano Albaladejo-González,
José A. Ruipérez-Valiente,
Joaquin Garcia-Alfaro
Abstract:
It is undeniable that we are witnessing an unprecedented digital revolution. However, recent years have been characterized by the explosion of cyberattacks, making cybercrime one of the most profitable businesses on the planet. That is why training in cybersecurity is increasingly essential to protect the assets of cyberspace. One of the most vital tools to train cybersecurity competencies is the…
▽ More
It is undeniable that we are witnessing an unprecedented digital revolution. However, recent years have been characterized by the explosion of cyberattacks, making cybercrime one of the most profitable businesses on the planet. That is why training in cybersecurity is increasingly essential to protect the assets of cyberspace. One of the most vital tools to train cybersecurity competencies is the Cyber Range, a virtualized environment that simulates realistic networks. The paper at hand introduces SCORPION, a fully functional and virtualized Cyber Range, which manages the authoring and automated deployment of scenarios. In addition, SCORPION includes several elements to improve student motivation, such as a gamification system with medals, points, or rankings, among other elements. Such a gamification system includes an adaptive learning module that is able to adapt the cyberexercise based on the users' performance. Moreover, SCORPION leverages learning analytics that collects and processes telemetric and biometric user data, including heart rate through a smartwatch, which is available through a dashboard for instructors. Finally, we developed a case study where SCORPION obtained 82.10% in usability and 4.57 out of 5 in usefulness from the viewpoint of a student and an instructor. The positive evaluation results are promising, indicating that SCORPION can become an effective, motivating, and advanced cybersecurity training tool to help fill current gaps in this context.
△ Less
Submitted 10 December, 2024; v1 submitted 23 January, 2024;
originally announced January 2024.
-
ZIRCON: Zero-watermarking-based approach for data integrity and secure provenance in IoT networks
Authors:
Omair Faraj,
David Megías,
Joaquin Garcia-Alfaro
Abstract:
The Internet of Things (IoT) is integrating the Internet and smart devices in almost every domain such as home automation, e-healthcare systems, vehicular networks, industrial control and military applications. In these sectors, sensory data, which is collected from multiple sources and managed through intermediate processing by multiple nodes, is used for decision-making processes. Ensuring data…
▽ More
The Internet of Things (IoT) is integrating the Internet and smart devices in almost every domain such as home automation, e-healthcare systems, vehicular networks, industrial control and military applications. In these sectors, sensory data, which is collected from multiple sources and managed through intermediate processing by multiple nodes, is used for decision-making processes. Ensuring data integrity and keeping track of data provenance is a core requirement in such a highly dynamic context, since data provenance is an important tool for the assurance of data trustworthiness. Dealing with such requirements is challenging due to the limited computational and energy resources in IoT networks. This requires addressing several challenges such as processing overhead, secure provenance, bandwidth consumption and storage efficiency. In this paper, we propose ZIRCON, a novel zero-watermarking approach to establish end-to-end data trustworthiness in an IoT network. In ZIRCON, provenance information is stored in a tamper-proof centralized network database through watermarks, generated at source node before transmission. We provide an extensive security analysis showing the resilience of our scheme against passive and active attacks. We also compare our scheme with existing works based on performance metrics such as computational time, energy utilization and cost analysis. The results show that ZIRCON is robust against several attacks, lightweight, storage efficient, and better in energy utilization and bandwidth consumption, compared to prior art.
△ Less
Submitted 29 April, 2023;
originally announced May 2023.
-
Repeated Purification versus Concatenated Error Correction in Fault Tolerant Quantum Networks
Authors:
Michel Barbeau,
Joaquin Garcia-Alfaro,
Evangelos Kranakis
Abstract:
Entanglement distribution is a core mechanism for the future quantum Internet. The quantum world is, however, a faulty environment. Hence, successful entanglement swapping is error-prone. The occurrence of quantum state errors can be mitigated using purification and error correction, which can be repeated in the former case and concatenated in the latter case. Repeated purification merges low-fide…
▽ More
Entanglement distribution is a core mechanism for the future quantum Internet. The quantum world is, however, a faulty environment. Hence, successful entanglement swapping is error-prone. The occurrence of quantum state errors can be mitigated using purification and error correction, which can be repeated in the former case and concatenated in the latter case. Repeated purification merges low-fidelity qubits into higher-quality ones, while concatenated error correction builds upon the redundancy of quantum information. In this article, we study in-depth and compare the two options: repeated purification and concatenated error correction. We consider using repeated purification and concatenated error correction to mitigate the presence of faults that occur during the establishment of Bell pairs between remote network nodes. We compare their performance versus the number of repetitions or concatenations, to reach a certain level of fidelity in quantum networks. We study their resource requirements, namely, their work memory complexity (e.g., number of stored qubits) and operational complexity (e.g., number of operations). Our analysis demonstrates that concatenated error correction, versus repeated purification, requires fewer iterations and has lower operational complexity than repeated purification to reach high fidelity at the expense of increased memory requirements.
△ Less
Submitted 27 February, 2023;
originally announced February 2023.
-
A Survey on Cyber-Resilience Approaches for Cyber-Physical Systems
Authors:
Mariana Segovia-Ferreira,
Jose Rubio-Hernan,
Ana Rosa Cavalli,
Joaquin Garcia-Alfaro
Abstract:
Concerns for the resilience of Cyber-Physical Systems (CPS)s in critical infrastructure are growing. CPS integrate sensing, computation, control, and networking into physical objects and mission-critical services, connecting traditional infrastructure to internet technologies. While this integration increases service efficiency, it has to face the possibility of new threats posed by the new functi…
▽ More
Concerns for the resilience of Cyber-Physical Systems (CPS)s in critical infrastructure are growing. CPS integrate sensing, computation, control, and networking into physical objects and mission-critical services, connecting traditional infrastructure to internet technologies. While this integration increases service efficiency, it has to face the possibility of new threats posed by the new functionalities. This leads to cyber-threats, such as denial-of-service, modification of data, information leakage, spreading of malware, and many others. Cyber-resilience refers to the ability of a CPS to prepare, absorb, recover, and adapt to the adverse effects associated with cyber-threats, e.g., physical degradation of the CPS performance resulting from a cyber-attack. Cyber-resilience aims at ensuring CPS survival by keeping the core functionalities of the CPS in case of extreme events. The literature on cyber-resilience is rapidly increasing, leading to a broad variety of research works addressing this new topic. In this article, we create a systematization of knowledge about existing scientific efforts of making CPSs cyber-resilient. We systematically survey recent literature addressing cyber-resilience with a focus on techniques that may be used on CPSs. We first provide preliminaries and background on CPSs and threats, and subsequently survey state-of-the-art approaches that have been proposed by recent research work applicable to CPSs. In particular, we aim at differentiating research work from traditional risk management approaches based on the general acceptance that it is unfeasible to prevent and mitigate all possible risks threatening a CPS. We also discuss questions and research challenges, with a focus on the practical aspects of cyber-resilience, such as the use of metrics and evaluation methods as well as testing and validation environments.
△ Less
Submitted 16 May, 2024; v1 submitted 10 February, 2023;
originally announced February 2023.
-
A Quantum Algorithm for Shapley Value Estimation
Authors:
Iain Burge,
Michel Barbeau,
Joaquin Garcia-Alfaro
Abstract:
In the classical context, the cooperative game theory concept of the Shapley value has been adapted for post hoc explanations of machine learning models. However, this approach does not easily translate to eXplainable Quantum ML (XQML). Finding Shapley values can be highly computationally complex. We propose quantum algorithms which can extract Shapley values within some confidence interval. Our r…
▽ More
In the classical context, the cooperative game theory concept of the Shapley value has been adapted for post hoc explanations of machine learning models. However, this approach does not easily translate to eXplainable Quantum ML (XQML). Finding Shapley values can be highly computationally complex. We propose quantum algorithms which can extract Shapley values within some confidence interval. Our results perform in polynomial time. We demonstrate the validity of each approach under specific examples of cooperative voting games.
△ Less
Submitted 3 November, 2024; v1 submitted 11 January, 2023;
originally announced January 2023.
-
Cyber-Physical Defense in the Quantum Era
Authors:
Michel Barbeau,
Joaquin Garcia-Alfaro
Abstract:
Networked-Control Systems (NCSs), a type of cyber-physical systems, consist of tightly integrated computing, communication and control technologies. While being very flexible environments, they are vulnerable to computing and networking attacks. Recent NCSs hacking incidents had major impact. They call for more research on cyber-physical security. Fears about the use of quantum computing to break…
▽ More
Networked-Control Systems (NCSs), a type of cyber-physical systems, consist of tightly integrated computing, communication and control technologies. While being very flexible environments, they are vulnerable to computing and networking attacks. Recent NCSs hacking incidents had major impact. They call for more research on cyber-physical security. Fears about the use of quantum computing to break current cryptosystems make matters worse. While the quantum threat motivated the creation of new disciplines to handle the issue, such as post-quantum cryptography, other fields have overlooked the existence of quantum-enabled adversaries. This is the case of cyber-physical defense research, a distinct but complementary discipline to cyber-physical protection. Cyber-physical defense refers to the capability to detect and react in response to cyber-physical attacks. Concretely, it involves the integration of mechanisms to identify adverse events and prepare response plans, during and after incidents occur. In this paper, we make the assumption that the eventually available quantum computer will provide an advantage to adversaries against defenders, unless they also adopt this technology. We envision the necessity for a paradigm shift, where an increase of adversarial resources because of quantum supremacy does not translate into higher likelihood of disruptions. Consistently with current system design practices in other areas, such as the use of artificial intelligence for the reinforcement of attack detection tools, we outline a vision for next generation cyber-physical defense layers leveraging ideas from quantum computing and machine learning. Through an example, we show that defenders of NCSs can learn and improve their strategies to anticipate and recover from attacks.
△ Less
Submitted 21 February, 2022;
originally announced February 2022.
-
Ontology-based Attack Graph Enrichment
Authors:
Kéren Saint-Hilaire,
Frédéric Cuppens,
Nora Cuppens,
Joaquin Garcia-Alfaro
Abstract:
Attack graphs provide a representation of possible actions that adversaries can perpetrate to attack a system. They are used by cybersecurity experts to make decisions, e.g., to decide remediation and recovery plans. Different approaches can be used to build such graphs. We focus on logical attack graphs, based on predicate logic, to define the causality of adversarial actions. Since networks and…
▽ More
Attack graphs provide a representation of possible actions that adversaries can perpetrate to attack a system. They are used by cybersecurity experts to make decisions, e.g., to decide remediation and recovery plans. Different approaches can be used to build such graphs. We focus on logical attack graphs, based on predicate logic, to define the causality of adversarial actions. Since networks and vulnerabilities are constantly changing (e.g., new applications get installed on system devices, updated services get publicly exposed, etc.), we propose to enrich the attack graph generation approach with a semantic augmentation post-processing of the predicates. Graphs are now mapped to monitoring alerts confirming successful attack actions and updated according to network and vulnerability changes. As a result, predicates get periodically updated, based on attack evidences and ontology enrichment. This allows to verify whether changes lead the attacker to the initial goals or to cause further damage to the system not anticipated in the initial graphs. We illustrate the approach under the specific domain of cyber-physical security affecting smart cities. We validate the approach using existing tools and ontologies.
△ Less
Submitted 8 February, 2022;
originally announced February 2022.
-
Anonymous proof-of-asset transactions using designated blind signatures
Authors:
Neetu Sharma,
Rajeev Anand Sahu,
Vishal Saraswat,
Joaquin Garcia-Alfaro
Abstract:
We propose a scheme to preserve the anonymity of users in proof-of-asset transactions. We assume bitcoin-like cryptocurrency systems in which a user must prove the strength of its assets (i.e., solvency), prior conducting further transactions. The traditional way of addressing such a problem is the use of blind signatures, i.e., a kind of digital signature whose properties satisfy the anonymity of…
▽ More
We propose a scheme to preserve the anonymity of users in proof-of-asset transactions. We assume bitcoin-like cryptocurrency systems in which a user must prove the strength of its assets (i.e., solvency), prior conducting further transactions. The traditional way of addressing such a problem is the use of blind signatures, i.e., a kind of digital signature whose properties satisfy the anonymity of the signer. Our work focuses on the use of a designated verifier signature scheme that limits to only a single authorized party (within a group of signature requesters) to verify the correctness of the transaction.
△ Less
Submitted 26 October, 2020; v1 submitted 29 September, 2020;
originally announced September 2020.
-
Cyber-Resilience Evaluation of Cyber-Physical Systems
Authors:
Mariana Segovia,
Jose Rubio-Hernan,
Ana Rosa Cavalli,
Joaquin Garcia-Alfaro
Abstract:
Cyber-Physical Systems (CPS) use computational resources to control physical process and provide critical services. For this reason, an attack in these systems may have dangerous consequences in the physical world. Hence, resilience is a fundamental property to ensure the safety of the people, the environment and the controlled physical process. In this paper, we present metrics to quantify the re…
▽ More
Cyber-Physical Systems (CPS) use computational resources to control physical process and provide critical services. For this reason, an attack in these systems may have dangerous consequences in the physical world. Hence, resilience is a fundamental property to ensure the safety of the people, the environment and the controlled physical process. In this paper, we present metrics to quantify the resilience level based on the design, structure, stability, and performance under the attack of a given CPS. The metrics provide reference points to evaluate whether the system is better prepared or not to face the adversaries. This way, it is possible to quantify the ability to recover from an adversary using its mathematical model based on switched linear systems and actuators saturation. Finally, we validate our approach using a numeric simulation on the Tennesse Eastman control challenge problem.
△ Less
Submitted 15 September, 2020;
originally announced September 2020.
-
Misconfiguration Management of Network Security Components
Authors:
Frédéric Cuppens,
Nora Cuppens-Boulahia,
Joaquin Garcia-Alfaro
Abstract:
Many companies and organizations use firewalls to control the access to their network infrastructure. Firewalls are network security components which provide means to filter traffic within corporate networks, as well as to police incoming and outcoming interaction with the Internet. For this purpose, it is necessary to configure firewalls with a set of filtering rules. Nevertheless, the existence…
▽ More
Many companies and organizations use firewalls to control the access to their network infrastructure. Firewalls are network security components which provide means to filter traffic within corporate networks, as well as to police incoming and outcoming interaction with the Internet. For this purpose, it is necessary to configure firewalls with a set of filtering rules. Nevertheless, the existence of errors in a set of filtering rules is very likely to degrade the network security policy. The discovering and removal of these configuration errors is a serious and complex problem to solve. In this paper, we present a set of algorithms for such a management. Our approach is based on the analysis of relationships between the set of filtering rules. Then, a subsequent rewriting of rules will derive from an initial firewall setup -- potentially misconfigured -- to an equivalent one completely free of errors. At the same time, the algorithms will detect useless rules in the initial firewall configuration.
△ Less
Submitted 16 December, 2019;
originally announced December 2019.
-
Next Generation Resilient Cyber-Physical Systems
Authors:
Michel Barbeau,
Georg Carle,
Joaquin Garcia-Alfaro,
Vicenç Torra
Abstract:
Cyber-Physical Systems (CPS) consist of distributed engineered environments where the monitoring and surveillance tasks are governed by tightly integrated computing, communication and control technologies. CPS are omnipresent in our everyday life. Hacking and failures of such systems have impact on critical services with potentially significant and lasting consequences. In this paper, we review wh…
▽ More
Cyber-Physical Systems (CPS) consist of distributed engineered environments where the monitoring and surveillance tasks are governed by tightly integrated computing, communication and control technologies. CPS are omnipresent in our everyday life. Hacking and failures of such systems have impact on critical services with potentially significant and lasting consequences. In this paper, we review which requirements a CPS must meet to address the challenges of tomorrow. Two key challenges are understanding and reinforcing the resilience of CPS.
△ Less
Submitted 8 November, 2019; v1 submitted 20 July, 2019;
originally announced July 2019.
-
Faking and Discriminating the Navigation Data of a Micro Aerial Vehicle Using Quantum Generative Adversarial Networks
Authors:
Michel Barbeau,
Joaquin Garcia-Alfaro
Abstract:
We show that the Quantum Generative Adversarial Network (QGAN) paradigm can be employed by an adversary to learn generating data that deceives the monitoring of a Cyber-Physical System (CPS) and to perpetrate a covert attack. As a test case, the ideas are elaborated considering the navigation data of a Micro Aerial Vehicle (MAV). A concrete QGAN design is proposed to generate fake MAV navigation d…
▽ More
We show that the Quantum Generative Adversarial Network (QGAN) paradigm can be employed by an adversary to learn generating data that deceives the monitoring of a Cyber-Physical System (CPS) and to perpetrate a covert attack. As a test case, the ideas are elaborated considering the navigation data of a Micro Aerial Vehicle (MAV). A concrete QGAN design is proposed to generate fake MAV navigation data. Initially, the adversary is entirely ignorant about the dynamics of the CPS, the strength of the approach from the point of view of the bad guy. A design is also proposed to discriminate between genuine and fake MAV navigation data. The designs combine classical optimization, qubit quantum computing and photonic quantum computing. Using the PennyLane software simulation, they are evaluated over a classical computing platform. We assess the learning time and accuracy of the navigation data generator and discriminator versus space complexity, i.e., the amount of quantum memory needed to solve the problem.
△ Less
Submitted 10 November, 2019; v1 submitted 5 July, 2019;
originally announced July 2019.
-
Error Tolerant Path Planning for Swarms of Micro Aerial Vehicles with Quality Amplification
Authors:
Michel Barbeau,
Joaquin Garcia-Alfaro,
Evangelos Kranakis,
Fillipe Santos
Abstract:
We present an error tolerant path planning algorithm for Micro Aerial Vehicle (MAV) swarms. We assume navigation without GPS-like techniques. The MAVs find their path using sensors and cameras, identifying and following a series of visual landmarks. The visual landmarks lead the MAVs towards their destination. MAVs are assumed to be unaware of the terrain and locations of the landmarks. They hold…
▽ More
We present an error tolerant path planning algorithm for Micro Aerial Vehicle (MAV) swarms. We assume navigation without GPS-like techniques. The MAVs find their path using sensors and cameras, identifying and following a series of visual landmarks. The visual landmarks lead the MAVs towards their destination. MAVs are assumed to be unaware of the terrain and locations of the landmarks. They hold a priori information about landmarks, whose interpretation is prone to errors. Errors are of two types, recognition or advice. Recognition errors follow from misinterpretation of sensed data or a priori information, or confusion of objects, e.g., due to faulty sensors. Advice errors are consequences of outdated or wrong information about landmarks, e.g., due to weather conditions. Our path planning algorithm is cooperative. MAVs communicate and exchange information wirelessly, to minimize the number of recognition and advice errors. Hence, the quality of the navigation decision process is amplified. Our solution successfully achieves an adaptive error tolerant navigation system. Quality amplification is parameterized with respect to the number of MAVs. We validate our approach with theoretical proofs and numeric simulations.
△ Less
Submitted 3 June, 2021; v1 submitted 22 June, 2019;
originally announced June 2019.
-
Cyber-Physical Architecture Assisted by Programmable Networking
Authors:
Jose Rubio-Hernan,
Rishikesh Sahay,
Luca De Cicco,
Joaquin Garcia-Alfaro
Abstract:
Cyber-physical technologies are prone to attacks, in addition to faults and failures. The issue of protecting cyber-physical systems should be tackled by jointly addressing security at both cyber and physical domains, in order to promptly detect and mitigate cyber-physical threats. Towards this end, this letter proposes a new architecture combining control-theoretic solutions together with program…
▽ More
Cyber-physical technologies are prone to attacks, in addition to faults and failures. The issue of protecting cyber-physical systems should be tackled by jointly addressing security at both cyber and physical domains, in order to promptly detect and mitigate cyber-physical threats. Towards this end, this letter proposes a new architecture combining control-theoretic solutions together with programmable networking techniques to jointly handle crucial threats to cyber-physical systems. The architecture paves the way for new interesting techniques, research directions, and challenges which we discuss in our work.
△ Less
Submitted 7 February, 2018;
originally announced February 2018.
-
Security of Cyber-Physical Systems. From Theory to Testbeds and Validation
Authors:
Jose Rubio-Hernan,
Juan Rodolfo-Mejias,
Joaquin Garcia-Alfaro
Abstract:
Traditional control environments connected to physical systems are being upgraded with novel information and communication technologies. The resulting systems need to be adequately protected. Experimental testbeds are crucial for the study and analysis of ongoing threats against those resulting cyber-physical systems. The research presented in this paper discusses some actions towards the developm…
▽ More
Traditional control environments connected to physical systems are being upgraded with novel information and communication technologies. The resulting systems need to be adequately protected. Experimental testbeds are crucial for the study and analysis of ongoing threats against those resulting cyber-physical systems. The research presented in this paper discusses some actions towards the development of a replicable and affordable cyber-physical testbed for training and research. The architecture of the testbed is based on real-world components, and emulates cyber-physical scenarios commanded by SCADA (Supervisory Control And Data Acquisition) technologies. We focus on two representative protocols, Modbus and DNP3. The paper reports as well the development of some adversarial scenarios, in order to evaluate the testbed under cyber-physical threat situations. Some detection strategies are evaluated using our proposed testbed.
△ Less
Submitted 30 November, 2017;
originally announced November 2017.
-
An n-sided polygonal model to calculate the impact of cyber security events
Authors:
Gustavo Gonzalez-Granadillo,
Joaquin Garcia-Alfaro,
Hervé Debar
Abstract:
This paper presents a model to represent graphically the impact of cyber events (e.g., attacks, countermeasures) in a polygonal systems of n-sides. The approach considers information about all entities composing an information system (e.g., users, IP addresses, communication protocols, physical and logical resources, etc.). Every axis is composed of entities that contribute to the execution of the…
▽ More
This paper presents a model to represent graphically the impact of cyber events (e.g., attacks, countermeasures) in a polygonal systems of n-sides. The approach considers information about all entities composing an information system (e.g., users, IP addresses, communication protocols, physical and logical resources, etc.). Every axis is composed of entities that contribute to the execution of the security event. Each entity has an associated weighting factor that measures its contribution using a multi-criteria methodology named CARVER. The graphical representation of cyber events is depicted as straight lines (one dimension) or polygons (two or more dimensions). Geometrical operations are used to compute the size (i.e, length, perimeter, surface area) and thus the impact of each event. As a result, it is possible to identify and compare the magnitude of cyber events. A case study with multiple security events is presented as an illustration on how the model is built and computed.
△ Less
Submitted 16 November, 2017;
originally announced November 2017.
-
Quantum Computing Assisted Medium Access Control for Multiple Client Station Networks
Authors:
Michel Barbeau,
Steve R. Cloutier,
Joaquin Garcia-Alfaro
Abstract:
A medium access control protocol based on quantum entanglement has been introduced by Berces and Imre (2006) and Van Meter (2012). This protocol entirely avoids collisions. It is assumed that the network consists of one access point and two client stations. We extend this scheme to a network with an arbitrary number of client stations. We propose three approaches, namely, the qubit distribution, t…
▽ More
A medium access control protocol based on quantum entanglement has been introduced by Berces and Imre (2006) and Van Meter (2012). This protocol entirely avoids collisions. It is assumed that the network consists of one access point and two client stations. We extend this scheme to a network with an arbitrary number of client stations. We propose three approaches, namely, the qubit distribution, transmit first election and temporal ordering protocols. The qubit distribution protocol leverages the concepts of Bell-EPR pair or W state triad. It works for networks of up to four CSs. With up to three CSs, there is no probability of collision. In a four-CS network, there is a low probability of collision. The transmit first election protocol and temporal ordering protocols work for a network with any number of CSs. The transmit first election builds upon the concept of W state of size corresponding to the number of client stations. It is fair and collision free. The temporal ordering protocol employs the concepts of Lehmer code and quantum oracle. It is collision free, has a normalized throughput of 100% and achieves quasi-fairness.
△ Less
Submitted 1 July, 2015;
originally announced July 2015.
-
Proceedings 2014 International Workshop on Advanced Intrusion Detection and Prevention
Authors:
Joaquin Garcia-Alfaro,
Gürkan Gür
Abstract:
This volume contains the proceedings of the 2014 International Advanced Intrusion Detection and Prevention (AIDP'14) Workshop, held in Marrakesh, Morocco, on the 5th of June 2014, in conjunction with the 29th IFIP TC-11 SEC 2014 International Conference. It includes a revised version of the papers selected for presentation at the work- shop.
This volume contains the proceedings of the 2014 International Advanced Intrusion Detection and Prevention (AIDP'14) Workshop, held in Marrakesh, Morocco, on the 5th of June 2014, in conjunction with the 29th IFIP TC-11 SEC 2014 International Conference. It includes a revised version of the papers selected for presentation at the work- shop.
△ Less
Submitted 13 October, 2014;
originally announced October 2014.
-
On the Use of Latency Graphs for the Construction of Tor Circuits
Authors:
Sergio Castillo-Perez,
Joaquin Garcia-Alfaro
Abstract:
The use of anonymity-based infrastructures and anonymisers is a plausible solution to mitigate privacy problems on the Internet. Tor (short for The onion router) is a popular low-latency anonymity system that can be installed as an end-user application on a wide range of operating systems to redirect the traffic through a series of anonymising proxy circuits. The construction of these circuits det…
▽ More
The use of anonymity-based infrastructures and anonymisers is a plausible solution to mitigate privacy problems on the Internet. Tor (short for The onion router) is a popular low-latency anonymity system that can be installed as an end-user application on a wide range of operating systems to redirect the traffic through a series of anonymising proxy circuits. The construction of these circuits determines both the latency and the anonymity degree of the Tor anonymity system. While some circuit construction strategies lead to delays which are tolerated for activities like Web browsing, they can make the system vulnerable to linking attacks. We evaluate in this paper three classical strategies for the construction of Tor circuits, with respect to their de-anonymisation risk and latency performance. We then develop a new circuit selection algorithm that considerably reduces the success probability of linking attacks while keeping a good degree of performance. We finally conduct experiments on a real-world Tor deployment over PlanetLab. Our experimental results confirm the validity of our strategy and its performance increase for Web browsing.
△ Less
Submitted 18 August, 2012;
originally announced August 2012.
-
Evaluation of Anonymized ONS Queries
Authors:
Joaquin Garcia-Alfaro,
Michel Barbeau,
Evangelos Kranakis
Abstract:
Electronic Product Code (EPC) is the basis of a pervasive infrastructure for the automatic identification of objects on supply chain applications (e.g., pharmaceutical or military applications). This infrastructure relies on the use of the (1) Radio Frequency Identification (RFID) technology to tag objects in motion and (2) distributed services providing information about objects via the Interne…
▽ More
Electronic Product Code (EPC) is the basis of a pervasive infrastructure for the automatic identification of objects on supply chain applications (e.g., pharmaceutical or military applications). This infrastructure relies on the use of the (1) Radio Frequency Identification (RFID) technology to tag objects in motion and (2) distributed services providing information about objects via the Internet. A lookup service, called the Object Name Service (ONS) and based on the use of the Domain Name System (DNS), can be publicly accessed by EPC applications looking for information associated with tagged objects. Privacy issues may affect corporate infrastructures based on EPC technologies if their lookup service is not properly protected. A possible solution to mitigate these issues is the use of online anonymity. We present an evaluation experiment that compares the of use of Tor (The second generation Onion Router) on a global ONS/DNS setup, with respect to benefits, limitations, and latency.
△ Less
Submitted 22 November, 2009;
originally announced November 2009.
-
A Survey on Cross-Site Scripting Attacks
Authors:
Joaquin Garcia-Alfaro,
Guillermo Navarro-Arribas
Abstract:
Web applications are becoming truly pervasive in all kinds of business models and organizations. Today, most critical systems such as those related to health care, banking, or even emergency response, are relying on these applications. They must therefore include, in addition to the expected value offered to their users, reliable mechanisms to ensure their security. In this paper, we focus on th…
▽ More
Web applications are becoming truly pervasive in all kinds of business models and organizations. Today, most critical systems such as those related to health care, banking, or even emergency response, are relying on these applications. They must therefore include, in addition to the expected value offered to their users, reliable mechanisms to ensure their security. In this paper, we focus on the specific problem of cross-site scripting attacks against web applications. We present a study of this kind of attacks, and survey current approaches for their prevention. Applicability and limitations of each proposal are also discussed.
△ Less
Submitted 29 May, 2009;
originally announced May 2009.
-
Reliable Process for Security Policy Deployment
Authors:
Stere Preda,
Nora Cuppens-Boulahia,
Frederic Cuppens,
Joaquin Garcia-Alfaro,
Laurent Toutain
Abstract:
We focus in this paper on the problem of configuring and managing network security devices, such as Firewalls, Virtual Private Network (VPN) tunnels, and Intrusion Detection Systems (IDSs). Our proposal is the following. First, we formally specify the security requirements of a given system by using an expressive access control model. As a result, we obtain an abstract security policy, which is…
▽ More
We focus in this paper on the problem of configuring and managing network security devices, such as Firewalls, Virtual Private Network (VPN) tunnels, and Intrusion Detection Systems (IDSs). Our proposal is the following. First, we formally specify the security requirements of a given system by using an expressive access control model. As a result, we obtain an abstract security policy, which is free of ambiguities, redundancies or unnecessary details. Second, we deploy such an abstract policy through a set of automatic compilations into the security devices of the system. This proposed deployment process not only simplifies the security administrator's job, but also guarantees a resulting configuration free of anomalies and/or inconsistencies.
△ Less
Submitted 8 May, 2009;
originally announced May 2009.
-
Aggregating and Deploying Network Access Control Policies
Authors:
Joaquin Garcia-Alfaro,
Frederic Cuppens,
Nora Cuppens-Boulahia
Abstract:
The existence of errors or inconsistencies in the configuration of security components, such as filtering routers and/or firewalls, may lead to weak access control policies -- potentially easy to be evaded by unauthorized parties. We present in this paper a proposal to create, manage, and deploy consistent policies in those components in an efficient way. To do so, we combine two main approaches…
▽ More
The existence of errors or inconsistencies in the configuration of security components, such as filtering routers and/or firewalls, may lead to weak access control policies -- potentially easy to be evaded by unauthorized parties. We present in this paper a proposal to create, manage, and deploy consistent policies in those components in an efficient way. To do so, we combine two main approaches. The first approach is the use of an aggregation mechanism that yields consistent configurations or signals inconsistencies. Through this mechanism we can fold existing policies of a given system and create a consistent and global set of access control rules -- easy to maintain and manage by using a single syntax. The second approach is the use of a refinement mechanism that guarantees the proper deployment of such a global set of rules into the system, yet free of inconsistencies.
△ Less
Submitted 5 March, 2008;
originally announced March 2008.
-
Preventing Coordinated Attacks Via Distributed Alert Exchange
Authors:
Joaquin Garcia-Alfaro,
Michael A. Jaeger,
Gero Muehl,
Joan Borrell
Abstract:
Attacks on information systems followed by intrusions may cause large revenue losses. The prevention of both is not always possible by just considering information from isolated sources of the network. A global view of the whole system is necessary to recognize and react to the different actions of such an attack. The design and deployment of a decentralized system targeted at detecting as well…
▽ More
Attacks on information systems followed by intrusions may cause large revenue losses. The prevention of both is not always possible by just considering information from isolated sources of the network. A global view of the whole system is necessary to recognize and react to the different actions of such an attack. The design and deployment of a decentralized system targeted at detecting as well as reacting to information system attacks might benefit from the loose coupling realized by publish/subscribe middleware. In this paper, we present the advantages and convenience in using this communication paradigm for a general decentralized attack prevention framework. Furthermore, we present the design and implementation of our approach based on existing publish/subscribe middleware and evaluate our approach for GNU/Linux systems.
△ Less
Submitted 26 February, 2008;
originally announced February 2008.
