SCA-LFD : side-channel analysis-based load forecasting disturbance in the energy internet
- Authors: Ding, Li , Wu, Jun , Li, Changlian , Jolfaei, Alireza , Zheng, Xi
- Date: 2023
- Type: Text , Journal article
- Relation: IEEE Transactions on Industrial Electronics Vol. 70, no. 3 (2023), p. 3199-3208
- Full Text: false
- Reviewed:
- Description: The energy Internet (EI) equipment may face threats that attackers poison federated learning (FL) models to disturb electricity load forecasting. To mitigate this vulnerability, it is important to study load forecasting disturbance approaches. This article proposes a side-channel analysis (SCA)-based disturbance approach. First, we design an FL SCA scheme to extract power information from the FL chip running forecasting model. Second, we propose an FL data speculation method using an optimized convolutional neural network trained with SCA information. Third, we design a label-flipping-based poisoning scheme with speculated data characteristics for load forecasting disturbance. Experimental results show attackers can successfully poison and disturb FL-based load forecasting. The average accuracy of EI load data speculation is 99.8%. This work is the first to study EI load forecasting disturbance from an SCA perspective. © 1982-2012 IEEE.
A novel real-time deterministic scheduling mechanism in industrial cyber-physical systems for energy internet
- Authors: Peng, Yuhuai , Jolfaei, Alireza , Yu, Keping
- Date: 2022
- Type: Text , Journal article
- Relation: IEEE Transactions on Industrial Informatics Vol. 18, no. 8 (2022), p. 5670-5680
- Full Text: false
- Reviewed:
- Description: As an effective distributed renewable energy utilization paradigm, a microgrid is expected to realize the high integration of the industrial cyber-physical systems (CPS), which has attracted extensive attention from academia and industry. However, the real-time interaction and feedback loop between physical systems and cyber systems have posed severe challenges to the reliability, determinacy, and energy efficiency of the multiway flow of information and communication transmission. In order to solve the problem of slot scheduling and data transmission (SSDT) in the microgrid, a novel real-time deterministic scheduling (RTDS) scheme for industrial CPS is proposed in this article. First, the SSDT is formulated as a multiway flow scheduling problem, and it is theoretically proved that the SSDT problem is NP-hard. Then, the RTDS scheme designs two heuristic algorithms: scheduling request preprocessing and greedy-based multichannel time slot allocation for an optimal scheduling solution. Practical experimental results demonstrate that the proposed RTDS scheme has significant advantages in packet loss rate, deadline guarantee rate, and energy consumption compared with the traditional schemes, and thus, is more suitable for deployment in microgrid systems. © 2005-2012 IEEE.
Cyber resilience modelling for the operations of hybrid network
- Authors: Ur-Rehman, Attiq , Kamruzzuman, Joarder , Gondal, Iqbal , Jolfaei, Alireza
- Date: 2022
- Type: Text , Conference paper
- Relation: 20th IEEE International Conference on Dependable, Autonomic and Secure Computing, 20th IEEE International Conference on Pervasive Intelligence and Computing, 7th IEEE International Conference on Cloud and Big Data Computing, 2022 IEEE International Conference on Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2022, Falerna, Italy, 12-15 September 2022, Proceedings 2022 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech)
- Full Text: false
- Reviewed:
- Description: Cyber resilience is referred to as the ability to resist cyber-attacks and it has several dimensions to evaluate. This study focuses on cyber resilience evaluation of nodes in hybrid network operations. This paper proposes a framework to evaluate cyber resilience and its integration with the CVSS (Common Vulnerability Scoring System) framework. CVSS is an industry standard to assess node vulnerabilities. The integration of cyber resilience with the CVSS framework will help cyber industry to standardise the node resilience capabilities for their operations. The proposed modelling is assessed and compared with our previous work on CVSS-based vulnerability evaluation for IoT and industrial integrated systems called CVSSIoT-ICS. The comparison results validate that the proposed model better evaluates the node vulnerabilities by incorporating the resilience capability of that nodes. © 2022 IEEE.
Fuzzy-based operational resilience modelling
- Authors: Ur-Rehman, Attiq , Kamruzzuman, Joarder , Gondal, Iqbal , Jolfaei, Alireza
- Date: 2022
- Type: Text , Conference paper
- Relation: 9th IEEE International Conference on Data Science and Advanced Analytics, DSAA 2022, Shenzhen, China, 13-16 October 2022, Proceedings - 2022 IEEE 9th International Conference on Data Science and Advanced Analytics, DSAA 2022
- Full Text: false
- Reviewed:
- Description: Resilience is an increasingly important concept in current socio-economic landscapes. Due to the competitive global context and security attacks, the organisations are looking for realistic resilience assessments for operations of their digital networks. This study proposes a node Operational Resilience evaluation based on the fuzzy logic by assessing various cyber security dynamics; including node threat protection, avoiding degradation, attack identification and recovery vectors. Through extensive experiments and analysis, we reached to a better understanding of diverse relationships between cyber security factors for the evaluation of Operational Resilience. © 2022 IEEE.
Sensitivity analysis for vulnerability mitigation in hybrid networks
- Authors: Ur‐rehman, Attiq , Gondal, Iqbal , Kamruzzaman, Joarder , Jolfaei, Alireza
- Date: 2022
- Type: Text , Journal article
- Relation: Electronics (Switzerland) Vol. 11, no. 2 (2022), p.
- Full Text:
- Reviewed:
- Description: The development of cyber‐assured systems is a challenging task, particularly due to the cost and complexities associated with the modern hybrid networks architectures, as well as the recent advancements in cloud computing. For this reason, the early detection of vulnerabilities and threat strategies are vital for minimising the risks for enterprise networks configured with a variety of node types, which are called hybrid networks. Existing vulnerability assessment techniques are unable to exhaustively analyse all vulnerabilities in modern dynamic IT networks, which utilise a wide range of IoT and industrial control devices (ICS). This could lead to having a less optimal risk evaluation. In this paper, we present a novel framework to analyse the mitigation strategies for a variety of nodes, including traditional IT systems and their dependability on IoT devices, as well as industrial control systems. The framework adopts avoid, reduce, and manage as its core principles in characterising mitigation strategies. Our results confirmed the effectiveness of our mitigation strategy framework, which took node types, their criticality, and the network topology into account. Our results showed that our proposed framework was highly effective at reducing the risks in dynamic and resource constraint environments, in contrast to the existing techniques in the literature. © 2022 by the authors. Licensee MDPI, Basel, Switzerland.
A scalable framework for healthcare monitoring application using the Internet of Medical Things
- Authors: Balasubramanian, Venki , Jolfaei, Alireza
- Date: 2021
- Type: Text , Journal article
- Relation: Software - Practice and Experience Vol. 51, no. 12 (2021), p. 2457-2468
- Full Text:
- Reviewed:
- Description: Internet of Things (IoT) is finding application in many areas, particularly in health care where an IoT can be effectively used in the form of an Internet of Medical Things (IoMT) to monitor the patients remotely. The quality of life of the patients and health care outcomes can be improved with the deployment of an IoMT because health care professionals can monitor conditions; access the electronic medical records and communicates with each other. This remote monitoring and consultations might reduce the traditional stressful and costly exercise of frequent hospitalization. Also, the rising costs of health care in many developed countries have influenced the introduction of the Healthcare Monitoring Application (HMA) to their existing health care practices. To materialize the HMA concepts for successful deployment for civilian and commercial use with ease, application developers can benefit from a generic, scalable framework that provides significant components for building an HMA. In this chapter, a generic maintainable HMA is advanced by amalgamating the advantages of event-driven and the layered architecture. The proposed framework is used to establish an HMA with an end-to-end Assistive Care Loop Framework (ACLF) to provide a real-time alarm and assistance to monitor pregnant women. © 2020 John Wiley & Sons, Ltd.
SPEED: A deep learning assisted privacy-preserved framework for intelligent transportation systems
- Authors: Usman, Muhammad , Jan, Mian , Jolfaei, Alireza
- Date: 2021
- Type: Text , Journal article
- Relation: IEEE Transactions on Intelligent Transportation Systems Vol. 22, no. 7 (2021), p. 4376-4384
- Full Text: false
- Reviewed:
- Description: Roadside cameras in an Intelligent Transportation System (ITS) are used for various purposes, e.g., monitoring the speed of vehicles, violations of laws, and detection of suspicious activities in parking lots, streets, and side roads. These cameras generate big multimedia data, and as a result, the ITS faces challenges like data management, redundancy, and privacy breaching in end-to-end communication. To solve these challenges, we propose a framework, called SPEED, based on a multi-level edge computing architecture and machine learning algorithms. In this framework, data captured by end-devices, e.g., smart cameras, is distributed among multiple Level-One Edge Devices (LOEDs) to deal with data management issue and minimize packet drop due to buffer overflowing on end-devices and LOEDs. The data is forwarded from LOEDs to Level-Two Edge Devices (LTEDs) in a compressed sensed format. The LTEDs use an online Least-Squares Support-Vector Machines (LS-SVMs) model to determine distribution characteristics and index values of compressed sensed data to preserve its privacy during transmission between LTEDs and High-Level Edge Devices (HLEDs). The HLEDs estimate the redundancy in forwarded data using a deep learning architecture, i.e., a Convolutional Neural Network (CNN). The CNN is used to detect the presence of moving objects in the forwarded data. If a movement is detected, the data is forwarded to cloud servers for further analysis otherwise discarded. Experimental results show that the use of a multi-level edge computing architecture helps in managing the generated data. The machine learning algorithms help in addressing issues like data redundancy and privacy-preserving in end-to-end communication. © 2000-2011 IEEE.
A distributed and anonymous data collection framework based on multilevel edge computing architecture
- Authors: Usman, Muhammad , Jan, Mian , Jolfaei, Alireza , Xu, Min , He, Xiangjian , Chen, Jinjun
- Date: 2020
- Type: Text , Journal article
- Relation: IEEE Transactions on Industrial Informatics Vol. 16, no. 9 (2020), p. 6114-6123
- Full Text: false
- Reviewed:
- Description: Industrial Internet of Things applications demand trustworthiness in terms of quality of service (QoS), security, and privacy, to support the smooth transmission of data. To address these challenges, in this article, we propose a distributed and anonymous data collection (DaaC) framework based on a multilevel edge computing architecture. This framework distributes captured data among multiple level-one edge devices (LOEDs) to improve the QoS and minimize packet drop and end-to-end delay. Mobile sinks are used to collect data from LOEDs and upload to cloud servers. Before data collection, the mobile sinks are registered with a level-two edge-device to protect the underlying network. The privacy of mobile sinks is preserved through group-based signed data collection requests. Experimental results show that our proposed framework improves QoS through distributed data transmission. It also helps in protecting the underlying network through a registration scheme and preserves the privacy of mobile sinks through group-based data collection requests. © 2005-2012 IEEE.
A low-complexity equalizer for video broadcasting in cyber-physical social systems through handheld mobile devices
- Authors: Solyman, Ahmad , Attar, Hani , Khosravi, Mohammad , Menon, Varun , Jolfaei, Alireza , Balasubramanian, Venki , Selvaraj, Buvana , Tavallali, Pooya
- Date: 2020
- Type: Text , Journal article
- Relation: IEEE Access Vol. 8, no. (2020), p. 67591-67602
- Full Text:
- Reviewed:
- Description: In Digital Video Broadcasting-Handheld (DVB-H) devices for cyber-physical social systems, the Discrete Fractional Fourier Transform-Orthogonal Chirp Division Multiplexing (DFrFT-OCDM) has been suggested to enhance the performance over Orthogonal Frequency Division Multiplexing (OFDM) systems under time and frequency-selective fading channels. In this case, the need for equalizers like the Minimum Mean Square Error (MMSE) and Zero-Forcing (ZF) arises, though it is excessively complex due to the need for a matrix inversion, especially for DVB-H extensive symbol lengths. In this work, a low complexity equalizer, Least-Squares Minimal Residual (LSMR) algorithm, is used to solve the matrix inversion iteratively. The paper proposes the LSMR algorithm for linear and nonlinear equalizers with the simulation results, which indicate that the proposed equalizer has significant performance and reduced complexity over the classical MMSE equalizer and other low complexity equalizers, in time and frequency-selective fading channels. © 2013 IEEE.
Attacks on self-driving cars and their countermeasures : a survey
- Authors: Chowdhury, Abdullahi , Karmakar, Gour , Kamruzzaman, Joarder , Jolfaei, Alireza , Das, Rajkumar
- Date: 2020
- Type: Text , Journal article , Review
- Relation: IEEE Access Vol. 8, no. (2020), p. 207308-207342
- Full Text:
- Reviewed:
- Description: Intelligent Traffic Systems (ITS) are currently evolving in the form of a cooperative ITS or connected vehicles. Both forms use the data communications between Vehicle-To-Vehicle (V2V), Vehicle-To-Infrastructure (V2I/I2V) and other on-road entities, and are accelerating the adoption of self-driving cars. The development of cyber-physical systems containing advanced sensors, sub-systems, and smart driving assistance applications over the past decade is equipping unmanned aerial and road vehicles with autonomous decision-making capabilities. The level of autonomy depends upon the make-up and degree of sensor sophistication and the vehicle's operational applications. As a result, self-driving cars are being compromised perceived as a serious threat. Therefore, analyzing the threats and attacks on self-driving cars and ITSs, and their corresponding countermeasures to reduce those threats and attacks are needed. For this reason, some survey papers compiling potential attacks on VANETs, ITSs and self-driving cars, and their detection mechanisms are available in the current literature. However, up to our knowledge, they have not covered the real attacks already happened in self-driving cars. To bridge this research gap, in this paper, we analyze the attacks that already targeted self-driving cars and extensively present potential cyber-Attacks and their impacts on those cars along with their vulnerabilities. For recently reported attacks, we describe the possible mitigation strategies taken by the manufacturers and governments. This survey includes recent works on how a self-driving car can ensure resilient operation even under ongoing cyber-Attack. We also provide further research directions to improve the security issues associated with self-driving cars. © 2013 IEEE.
RaSEC : an intelligent framework for reliable and secure multilevel edge computing in industrial environments
- Authors: Usman, Muhammad , Jolfaei, Alireza , Jan, Mian
- Date: 2020
- Type: Text , Journal article
- Relation: IEEE Transactions on Industry Applications Vol. 56, no. 4 (2020), p. 4543-4551
- Full Text:
- Reviewed:
- Description: Industrial applications generate big data with redundant information that is transmitted over heterogeneous networks. The transmission of big data with redundant information not only increases the overall end-to-end delay but also increases the computational load on servers which affects the performance of industrial applications. To address these challenges, we propose an intelligent framework named Reliable and Secure multi-level Edge Computing (RaSEC), which operates in three phases. In the first phase, level-one edge devices apply a lightweight aggregation technique on the generated data. This technique not only reduces the size of the generated data but also helps in preserving the privacy of data sources. In the second phase, a multistep process is used to register level-two edge devices (LTEDs) with high-level edge devices (HLEDs). Due to the registration process, only legitimate LTEDs can forward data to the HLEDs, and as a result, the computational load on HLEDs decreases. In the third phase, the HLEDs use a convolutional neural network to detect the presence of moving objects in the data forwarded by LTEDs. If a movement is detected, the data is uploaded to the cloud servers for further analysis; otherwise, the data is discarded to minimize the use of computational resources on cloud computing platforms. The proposed framework reduces the response time by forwarding useful information to the cloud servers and can be utilized by various industrial applications. Our theoretical and experimental results confirm the resiliency of our framework with respect to security and privacy threats. © 1972-2012 IEEE.
Security challenges and solutions for 5G HetNet
- Authors: Sharma, Aakanksha , Balasubramanian, Venki , Jolfaei, Alireza
- Date: 2020
- Type: Text , Conference paper
- Relation: 19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) p. 1318-1323
- Full Text: false
- Reviewed:
- Description: The exponential growth of smartphones and other smart communicating devices has led to the proliferation of the Internet of Things (IoT) applications. Literature shows, one person will have more than six intelligent connected devices in future. The existing network infrastructure and bandwidth will be unable to accommodate the growing number of smart connected devices, therefore, achieving the expected Quality of Service (QoS) and Quality of Experience (QoE) remains a challenge. The advent and deployment of 5G network bring a massive number of innovative network services and exceptional user experience by providing superior data rates. Despite numerous benefits that 5G offers, the security and privacy in 5G is a challenge due to the existing large number of heterogeneous networks (HetNet). To harvest the numerous benefits of 5G, it is imperative to provide adequate protection mechanisms to maintain the user and data privacy in growing HetNet. This article comprehensively addresses the existing security issues in 5G HetNet and solutions for the identified problems in the HetNet edge. © 2020 IEEE.
Vulnerability modelling for hybrid industrial control system networks
- Authors: Ur-Rehman, Attiq , Gondal, Iqbal , Kamruzzaman, Joarder , Jolfaei, Alireza
- Date: 2020
- Type: Text , Journal article
- Relation: Journal of Grid Computing Vol. 18, no. 4 (2020), p. 863-878
- Full Text: false
- Reviewed:
- Description: With the emergence of internet-based devices, the traditional industrial control system (ICS) networks have evolved to co-exist with the conventional IT and internet enabled IoT networks, hence facing various security challenges. The IT industry around the world has widely adopted the common vulnerability scoring system (CVSS) as an industry standard to numerically evaluate the vulnerabilities in software systems. This mathematical score of vulnerabilities is combined with environmental knowledge to determine the vulnerable nodes and attack paths. IoT and ICS systems have unique dynamics and specific functionality as compared to traditional computer networks, and therefore, the legacy cyber security models would not fit these advanced networks. In this paper, we studied the CVSS v3.1 framework’s application to ICS embedded networks and an improved vulnerability framework, named CVSSIoT-ICS, is proposed. CVSSIoT-ICS and CVSS v3.1 are applied to a realistic supply chain hybrid network which consists of IT, IoT, and ICS nodes. This hybrid network is assigned with actual vulnerabilities listed in the national vulnerability database (NVD). The comparison results confirm the effectiveness of CVSSIoT-ICS framework as it is equally applicable to all nodes of a hybrid network and evaluates the vulnerabilities based on the distinct features of each node type. © 2020, Springer Nature B.V.
A lightweight integrity protection scheme for low latency smart grid applications
- Authors: Jolfaei, Alireza , Kant, Krishna
- Date: 2019
- Type: Text , Journal article
- Relation: Computers and Security Vol. 86, no. (2019), p. 471-483
- Full Text:
- Reviewed:
- Description: The substation communication protocol used in smart grid allows the transmission of messages without integrity protection for applications that require very low communication latency. This leaves the real-time measurements taken by phasor measurement units (PMUs) vulnerable to man-in-the-middle attacks, and hence makes high voltage to medium voltage (HV/MV) substations vulnerable to cyber-attacks. In this paper, a lightweight and secure integrity protection algorithm has been proposed to maintain the integrity of PMU data, which fills the missing integrity protection in the IEC 61850-90-5 standard, when the MAC identifier is declared 0. The rigorous security analysis proves the security of the proposed integrity protection method against ciphertext-only attacks and known/chosen plaintext attacks. A comparison with existing integrity protection methods shows that our method is much faster, and is also the only integrity protection scheme that meets the strict timing requirement. Not only the proposed method can be used in power protection applications, but it also can be used in emerging anomaly detection scenarios, where a fast integrity check coupled with low latency communications is used for multiple rounds of message exchanges. This paper is an extension of work originally reported in Proceedings of 14th International Conference on Security and Cryptography (Jolfaei and Kant, 2017).
Cybersecurity indexes for eHealth
- Authors: Burke, Wendy , Oseni, Taiwo , Jolfaei, Alireza , Gondal, Iqbal
- Date: 2019
- Type: Text , Conference proceedings
- Relation: 2019 Australasian Computer Science Week Multiconference, ACSW 2019; Sydney, Australia; 29th-31st January 2019 p. 1-8
- Full Text: false
- Reviewed:
- Description: This study aimed to explore the cybersecurity landscape to identify cybersecurity indexes that may be relevant to the health industry. While the healthcare sector poses security concerns regarding patients' records, cybersecurity in the healthcare sector has not been given much consideration. Cybersecurity indexes are a survey that measures security preparedness and capabilities of a country or organisation. An index is made up of a series of questions, often broken into categories. These categories target areas such as law, technical responses, organisational threats, capacity building and social context. Some indexes provide ranking capabilities against other countries, while others directly evaluate what it means to be cyber-ready. In this paper, cybersecurity indexes were reviewed regarding the level of assessment (country level/organisation level), and their consideration of the wider community, the health sector, and their appearance in academic literature. Results from this study found that there was no consistency between the indexes investigated, with each index having a diverse number of categories and indicators. Some indexes resulted in a score; others did not rank their results in league tables. Evidence to calculate the level of adherence was often obtained from secondary sources, with four of the country indexes using both primary and secondary sources. Eight (out of fourteen) indexes measured wider community indicators and only one index specifically measured eHealth services. Findings from the initial systematic review suggest that hardly any peer-reviewed journal articles exist on the topic of cybersecurity indexes. The paper concludes that most of the indexes studied are broad and do not consider the eHealth sector specifically. Each index relies on a different process to gauge cybersecurity, with little to no academic rigour. It is expected that this research will contribute to the current (limited) literature addressing cybersecurity indexes.
- Description: ACM International Conference Proceeding Series
Detection and compensation of covert service-degrading intrusions in cyber physical systems through intelligent adaptive control
- Authors: Farivar, Faezeh , Haghighi, Mohammad , Barchinezhad, Soheila , Jolfaei, Alireza
- Date: 2019
- Type: Text , Conference proceedings , Conference paper
- Relation: 2019 IEEE International Conference on Industrial Technology, ICIT 2019; Melbourne, Australia; 13th-15th February 2019 Vol. 2019-February, p. 1143-1148
- Full Text:
- Reviewed:
- Description: Cyber-Physical Systems (CPS) are playing important roles in the critical infrastructure now. A prominent family of CPSs are networked control systems in which the control and feedback signals are carried over computer networks like the Internet. Communication over insecure networks make system vulnerable to cyber attacks. In this article, we design an intrusion detection and compensation framework based on system/plant identification to fight covert attacks. We collect error statistics of the output estimation during the learning phase of system operation and after that, monitor the system behavior to see if it significantly deviates from the expected outputs. A compensating controller is further designed to intervene and replace the classic controller once the attack is detected. The proposed model is tested on a DC motor as the plant and is put against a deception signal amplification attack over the forward link. Simulation results show that the detection algorithm well detects the intrusion and the compensator is also successful in alleviating the attack effects.
Differentially private streaming to untrusted edge servers in intelligent transportation system
- Authors: Ezabadi, Soheila , Jolfaei, Alireza , Kulik, Lars , Ramamohanarao, Kotagiri
- Date: 2019
- Type: Text , Conference paper , Conference proceedings
- Relation: 2019 18th Ieee International Conference on Trust, Security and Privacy in Computing and Communications/13th Ieee International Conference on Big Data Science and Engineering; Rotorua, New Zealand; 5th- 8th August 2019 p. 781-786
- Full Text: false
- Reviewed:
- Description: This paper considers the privacy issues in the intelligent transportation system, in which the data is largely communicated based upon vehicle-to-infrastructure and vehicle-to-vehicle protocols. The sensory data communicated by the vehicles contain sensitive information, such as location and speed, which could violate the driver's privacy if they are leaked with no perturbation. Recent studies suggested mechanisms for randomizing the stream of vehicular data to ensure individuals' privacy. Although the past works on differential privacy provide a strong privacy guarantee, they are limited to applications where communication parties are trusted and/or data is limited to a few types. In this paper, we address this gap by proposing a differentially private mechanism that adds noise in the user side rather than the server. Also, our mechanism is able to perturb various types of data as pointed out by the dedicated short-range communication protocols in the automotive industry. The proposed mechanism is data adaptive and scales the noise with respect to the data type and distribution. Our extensive experiments show the accuracy of our mechanism compared to the recent approaches.
Microgrid communications - protocols and standards
- Authors: Kumar, Shantanu , Islam, Syed , Jolfaei, Alireza
- Date: 2019
- Type: Text , Book chapter
- Relation: Variability, Scalability and stability of microgrids Chapter 9 p.291-326
- Full Text: false
- Reviewed:
Privacy and Security of Connected Vehicles in Intelligent Transportation System
- Authors: Jolfaei, Alireza , Kant, Krishna
- Date: 2019
- Type: Text , Conference proceedings , Conference paper
- Relation: 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks - Supplemental Volume, DSN-S 2019, Portland, United States; 24-27 June 2019. p. 9-10
- Full Text:
- Reviewed:
- Description: The paper considers data security and privacy issues in intelligent transportation systems which involve data streams coming out from individual vehicles to road side units. In this environment, there are issues in regards to the scalability of key management and computation limitations at the edge of the network. To address these issues, we suggest the formation of groups in the vehicular layer, where a group leader is assigned to communicate with group members and the road side unit. We propose a lightweight permutation mechanism for preserving the confidentiality and privacy of sensory data. © 2019 IEEE.
- Description: E1
Security hardening of implantable cardioverter defibrillators
- Authors: Jaffar, Iram , Usman, Muhammad , Jolfaei, Alireza
- Date: 2019
- Type: Text , Conference proceedings , Conference paper
- Relation: 2019 IEEE International Conference on Industrial Technology, ICIT 2019; Melbourne, Australia; 13th-15th February 2019 Vol. 2019-February, p. 1173-1178
- Full Text:
- Reviewed:
- Description: Contemporary healthcare has witnessed a wide deployment of Implantable Cardioverter Defibrillators (ICDs), which have the capability to be controlled remotely, making them equally accessible from both home and hospitals. The therapeutic benefits of ICDs seem to outweigh potential security concerns, yet overlooking the presence of malicious attacks cannot be justified. This study investigates the scenario where an adversary falsifies a controller command and sends instructions to issue high electric shocks in succession. We propose a novel security hardening mechanism to protect data communications between ICD and controller from malicious data manipulations. Our proposed method verifies the correctness of an external command with respect to the history of heart rhythms. The proposed method is evaluated using real data. Multi-aspect analyses show the effectiveness of the proposed scheme.
- Description: Proceedings of the IEEE International Conference on Industrial Technology