Due to the importance of Critical Infrastructure(Cl)in a nation's economy,they have been lucrative targets for cyber attackers.These critical infrastructures are usually Cyber-Physical Systems such as power grids,...Due to the importance of Critical Infrastructure(Cl)in a nation's economy,they have been lucrative targets for cyber attackers.These critical infrastructures are usually Cyber-Physical Systems such as power grids,water,and sewage treatment facilities,oil and gas pipelines,etc.In recent times,these systems have suffered from cyber attacks numer-ous times.Researchers have been developing cyber security solutions for Cls to avoid lasting damages.According to standard frameworks,cyber security based on identification,protection,detection,response,and recovery are at the core of these research.Detection of an ongoing attack that escapes standard protection such as firewall,anti-virus,and host/network intrusion detection has gained importance as such attacks eventually affect the physical dynamics of the system.Therefore,anomaly detection in physical dynamics proves an effective means to implement defense-in-depth.PASAD is one example of anomaly detection in the sensor/actuator data,representing such systems physical dynamics.We present EPASAD,which improves the detection technique used in PASAD to detect these micro-stealthy attacks,as our experiments show that PASAD's spherical boundary-based detection fails to detect.Our method EPASAD overcomes this by using Ellipsoid boundaries,thereby tightening the boundaries in various dimen-sions,whereas a spherical boundary treats all dimensions equally.We validate EPASAD using the dataset produced by the TE-process simulator and the C-town datasets.The results show that EPASAD improves PASAD's average recall by 5.8%and 9.5%for the two datasets,respectively.展开更多
The rise in the adoption of blockchain technology has led to increased illegal activities by cybercriminals costing billions of dollars.Many machine learning algorithms are applied to detect such illegal behavior.Thes...The rise in the adoption of blockchain technology has led to increased illegal activities by cybercriminals costing billions of dollars.Many machine learning algorithms are applied to detect such illegal behavior.These algorithms are often trained on the transaction behavior and,in some cases,trained on the vulnerabilities that exist in the system.In our approach,we study the feasibility of using the Domain Name(DN)associated with the account in the blockchain and identify whether an account should be tagged malicious or not.Here,we leverage the temporal aspects attached to the DN.Our approach achieves 89.53%balanced-accuracy in detecting malicious blockchain DNs.While our results identify 73769 blockchain DNs that show malicious behavior at least once,out of these,34171 blockchain DNs show persistent malicious behavior,resulting in 2479 malicious blockchain DNs over time.Nonetheless,none of these identified malicious DNs were reported in new officially tagged malicious blockchain DNs.展开更多
文摘Due to the importance of Critical Infrastructure(Cl)in a nation's economy,they have been lucrative targets for cyber attackers.These critical infrastructures are usually Cyber-Physical Systems such as power grids,water,and sewage treatment facilities,oil and gas pipelines,etc.In recent times,these systems have suffered from cyber attacks numer-ous times.Researchers have been developing cyber security solutions for Cls to avoid lasting damages.According to standard frameworks,cyber security based on identification,protection,detection,response,and recovery are at the core of these research.Detection of an ongoing attack that escapes standard protection such as firewall,anti-virus,and host/network intrusion detection has gained importance as such attacks eventually affect the physical dynamics of the system.Therefore,anomaly detection in physical dynamics proves an effective means to implement defense-in-depth.PASAD is one example of anomaly detection in the sensor/actuator data,representing such systems physical dynamics.We present EPASAD,which improves the detection technique used in PASAD to detect these micro-stealthy attacks,as our experiments show that PASAD's spherical boundary-based detection fails to detect.Our method EPASAD overcomes this by using Ellipsoid boundaries,thereby tightening the boundaries in various dimen-sions,whereas a spherical boundary treats all dimensions equally.We validate EPASAD using the dataset produced by the TE-process simulator and the C-town datasets.The results show that EPASAD improves PASAD's average recall by 5.8%and 9.5%for the two datasets,respectively.
基金partially funded by the National Blockchain Project(grant number NCSC/CS/2017518)at Indian Institute of Technology KanpurIndia sponsored by the National Cyber Security Coordinator's office of the Government of India and partially by the C3i Center funding from the Science and Engineering Research Board of the Government of India(grant number SERB/CS/2016466).
文摘The rise in the adoption of blockchain technology has led to increased illegal activities by cybercriminals costing billions of dollars.Many machine learning algorithms are applied to detect such illegal behavior.These algorithms are often trained on the transaction behavior and,in some cases,trained on the vulnerabilities that exist in the system.In our approach,we study the feasibility of using the Domain Name(DN)associated with the account in the blockchain and identify whether an account should be tagged malicious or not.Here,we leverage the temporal aspects attached to the DN.Our approach achieves 89.53%balanced-accuracy in detecting malicious blockchain DNs.While our results identify 73769 blockchain DNs that show malicious behavior at least once,out of these,34171 blockchain DNs show persistent malicious behavior,resulting in 2479 malicious blockchain DNs over time.Nonetheless,none of these identified malicious DNs were reported in new officially tagged malicious blockchain DNs.
