According to the idea of zero trust, this paper proposed an anonymous identity authentication scheme based on hash functions and pseudo-random number generators, which effectively increased the anonymity and confidentiality when users use the mobile networks, and ensure the security of the server. This scheme first used single-packet authentication technology to realize the application stealth. Secondly, hash functions and pseudo-random number generators were used to replace public key cryptosystems and time synchronization systems, which improved system performance. Thirdly, different methods were set to save encrypted information on the user s mobile device and the server, which realized different forms of anonymous authentication and negotiates a secure session key. Through security analysis, function and performance comparison, the results showed that the scheme had better security, flexibility and practicality, while maintained good communication efficiency.

The development of science and technology has led to the construction of smart cities, and in this scenario, there are many applications that need to provide their real-time location information, which is very likely to cause the leakage of personal location privacy. To address this situation, this paper designs a location privacy protection scheme based on graph anonymity, which is based on the privacy protection idea of K-anonymity, and represents the spatial distribution among APs in the form of a graph model, using the method of finding clustered noisy fingerprint information in the graph model to ensure a similar performance to the real location fingerprint in the localization process, and thus will not be distinguished by the location providers. Experiments show that this scheme can improve the effectiveness of virtual locations and reduce the time cost using greedy strategy, which can effectively protect location privacy.

The paper presents a Tbps-class anonymity router that supports both an anonymity protocol and IP by leveraging a programmable switch. The key design issue is to place both the compute-intensive header decryption function for anonymity protocol forwarding and the memory-intensive IP forwarding function on the processing pipes of a switch with satisfying its hardware requirements. A prototype router on a programmable switch achieves Tbps-scale forwarding.

Anonymity systems are widely used nowadays to protect user identity, but there are various threats currently in the anonymity network, such as virtual private networks, onion routing, and proxy servers. This paper looked at the different anonymity networks that are already out there and proposed a new model to stay anonymous on the internet by using open source tools and methods. This eliminates the current threats. It works by creating a virtual instance on the cloud server and configuring it using open source technologies such as OpenVPN. This model uses elastic cloud computing technology running over existing technologies such as virtual private networks and onion routing. The framework is a new way to stay anonymous on the internet. It is made up of only open source technologies.

The infrastructure required for data storage and processing has become increasingly feasible, and hence, there has been a massive growth in the field of data acquisition and analysis. This acquired data is published, empowering organizations to make informed data-driven decisions based on previous trends. However, data publishing has led to the compromise of privacy as a result of the release of entity-specific information. PrivacyPreserving Data Publishing [1] can be accomplished by methods such as Data S wapping, Differential Privacy, and the likes of k-Anonymity. k-Anonymity is a well-established method used to protect the privacy of the data published. We propose a clustering-based novel algorithm named SAC or the S core, Arrange, and Cluster Algorithm to pre serve privacy based on k-Anonymity. This method outperforms existing methods such as the Mondrian Algorithm by K. LeFevre and the One-pass K-means Algorithm by Jun-Lin Lin from a data quality perspective. S AC can be used to overcome temporal attack across subsequent releases of published data. To measure data quality post anonymization we present a metric that takes into account the relative loss in the information, that occurs while generalizing attribute values.

State-of-the-art template reconstruction attacks assume that an adversary has access to a part or whole of the functionality of a target model. However, in a practical scenario, rigid protection of the target system prevents them from gaining knowledge of the target model. In this paper, we propose a novel template reconstruction attack method utilizing a feature converter. The feature converter enables an adversary to reconstruct an image from a corresponding compromised template without knowledge about the target model. The proposed method was evaluated with qualitative and quantitative measures. We achieved the Successful Attack Rate(SAR) of 0.90 on Labeled Faces in the Wild Dataset(LFW) with compromised templates of only 1280 identities.

Satellite technologies are used for both civil and military purposes in the modern world, and typical applications include Communication, Navigation and Surveillance (CNS) services, which have a direct impact several economic, social and environmental protection activity. The increasing reliance on satellite services for safety-of-life and mission-critical applications (e.g., transport, defense and public safety services) creates a severe, although often overlooked, security problem, particularly when it comes to cyber threats. Like other increasingly digitized services, satellites and space platforms are vulnerable to cyberattacks. Thus, the existence of cybersecurity flaws may pose major threats to space-based assets and associated key infrastructure on the ground. These dangers could obstruct global economic progress and, by implication, international security if they are not properly addressed. Mega-constellations make protecting space infrastructure from cyberattacks much more difficult. This emphasizes the importance of defensive cyber countermeasures to minimize interruptions and ensure efficient and reliable contributions to critical infrastructure operations. Very importantly, space systems are inherently complex Cyber-Physical System (CPS) architectures, where communication, control and computing processes are tightly interleaved, and associated hardware/software components are seamlessly integrated. This represents a new challenge as many known physical threats (e.g., conventional electronic warfare measures) can now manifest their effects in cyberspace and, vice-versa, some cyber-threats can have detrimental effects in the physical domain. The concept of cyberspace underlies nearly every aspect of modern society s critical activities and relies heavily on critical infrastructure for economic advancement, public safety and national security. Many governments have expressed the desire to make a substantial contribution to secure cyberspace and are focusing on different aspects of the evolving industrial ecosystem, largely under the impulse of digital transformation and sustainable development goals. The level of cybersecurity attained in this framework is the sum of all national and international activities implemented to protect all actions in the cyber-physical ecosystem. This paper focuses on cybersecurity threats and vulnerabilities in various segments of space CPS architectures. More specifically, the paper identifies the applicable cyber threat mechanisms, conceivable threat actors and the associated space business implications. It also presents metrics and strategies for countering cyber threats and facilitating space mission assurance.

Recommender systems are powerful tools which touch on numerous aspects of everyday life, from shopping to consuming content, and beyond. However, as other machine learning models, recommender system models are vulnerable to adversarial attacks and their performance could drop significantly with a slight modification of the input data. Most of the studies in the area of adversarial machine learning are focused on the image and vision domain. There are very few work that study adversarial attacks on recommender systems and even fewer work that study ways to make the recommender systems robust and reliable. In this study, we explore two stateof-the-art adversarial attack methods proposed by Tang et al. [1] and Christakopoulou et al. [2] and we report our proposed defenses and experimental evaluations against these attacks. In particular, we observe that low-rank reconstructions and/or transformation of the attacked data has a significant alleviating effect on the attack, and we present extensive experimental evidence to demonstrate the effectiveness of this approach. We also show that a simple classifier is able to learn to detect fake users from real users and can successfully discard them from the dataset. This observation elaborates the fact that the threat model does not generate fake users that mimic the same behavior of real users and can be easily distinguished from real users’ behavior. We also examine how transforming latent factors of the matrix factorization model into a low-dimensional space impacts its performance. Furthermore, we combine fake users from both attacks to examine how our proposed defense is able to defend against multiple attacks at the same time. Local lowrank reconstruction was able to reduce the hit ratio of target items from 23.54\% to 15.69\% while the overall performance of the recommender system was preserved.

Probabilistic model checking is a useful technique for specifying and verifying properties of stochastic systems including randomized protocols and reinforcement learning models. However, these methods rely on the assumed structure and probabilities of certain system transitions. These assumptions may be incorrect, and may even be violated by an adversary who gains control of some system components.

With the increased commercialization of deep learning (DL) models, there is also a growing need to protect them from illicit usage. For cost- and ease of deployment reasons it is becoming increasingly common to run DL models on the hardware of third parties. Although there are some hardware mechanisms, such as Trusted Execution Environments (TEE), to protect sensitive data, their availability is still limited and not well suited to resource demanding tasks, like DL models, that benefit from hardware accelerators. In this work, we make model stealing more difficult, presenting a novel way to divide up a DL model, with the main part on normal infrastructure and a small part in a remote TEE, and train it using adversarial techniques. In initial experiments on image classification models for the Fashion MNIST and CIFAR 10 datasets, we observed that this obfuscation protection makes it significantly more difficult for an adversary to leverage the exposed model components.

Proactive approaches to security, such as adversary emulation, leverage information about threat actors and their techniques (Cyber Threat Intelligence, CTI). However, most CTI still comes in unstructured forms (i.e., natural language), such as incident reports and leaked documents. To support proactive security efforts, we present an experimental study on the automatic classification of unstructured CTI into attack techniques using machine learning (ML). We contribute with two new datasets for CTI analysis, and we evaluate several ML models, including both traditional and deep learning-based ones. We present several lessons learned about how ML can perform at this task, which classifiers perform best and under which conditions, which are the main causes of classification errors, and the challenges ahead for CTI analysis.

In recent days, security and privacy is becoming a challenge due to the rapid development of technology. In 2021, Khan et al. proposed an authentication and key agreement framework for smart grid network and claimed that the proposed protocol provides security against all well-known attacks. However, in this paper, we present the analysis and shows that the protocol proposed by Khan et al has failed to protect the secrecy of the shared session key between the user and service provider. An adversary can derive the session key (online) by intercepting the communicated messages under the Dolev-Yao threat model. We simulated Khan et al.’s protocol for formal security verification using Tamarin Prover and found a trace for deriving the temporary key. It is used to encrypt the login request that includes the user’s secret credentials. Hence, it also fails to preserve the privacy of the user’s credentials, and therefore any adversary can impersonate the user. As a result, the protocol proposed by Khan et al. is not suitable for practical applications.

Security evaluation can be performed using a variety of analysis methods, such as attack trees, attack graphs, threat propagation models, stochastic Petri nets, and so on. These methods analyze the effect of attacks on the system, and estimate security attributes from different perspectives. However, they require information from experts in the application domain for properly capturing the key elements of an attack scenario: i) the attack paths a system could be subject to, and ii) the different characteristics of the possible adversaries. For this reason, some recent works focused on the generation of low-level security models from a high-level description of the system, hiding the technical details from the modeler.

The traditional threat modeling methodologies work well on a small scale, when evaluating targets such as a data field, a software application, or a system component—but they do not allow for comprehensive evaluation of an entire enterprise architecture. They also do not enumerate and consider a comprehensive set of actual threat actions observed in the wild. Because of the lack of adequate threat modeling methodologies for determining cybersecurity protection needs on an enterprise scale, cybersecurity executives and decision makers have traditionally relied upon marketing pressure as the main input into decision making for investments in cybersecurity capabilities (tools). A new methodology, originally developed by the Department of Defense then further expanded by the Department of Homeland Security, for the first time allows for a threat-based, end-to-end evaluation of cybersecurity architectures and determination of gaps or areas in need of future investments. Although in the public domain, this methodology has not been used outside of the federal government. This paper examines the new threat modeling approach that allows organizations to look at their cybersecurity protections from the standpoint of an adversary. The methodology enumerates threat actions that have been observed in the wild using a cyber threat framework and scores cybersecurity architectural capabilities for their ability to protect, detect, and recover from each threat action. The results of the analysis form a matrix called capability coverage map that visually represents the coverage, gaps, and overlaps against threat actions. The threat actions can be further prioritized using a threat heat map – a visual representation of the prevalence and maneuverability of threat actions that can be overlaid on top of a coverage map.

Network Intrusion Detection Systems (NIDS) monitor networking environments for suspicious events that could compromise the availability, integrity, or confidentiality of the network’s resources. To ensure NIDSs play their vital roles, it is necessary to identify how they can be attacked by adopting a viewpoint similar to the adversary to identify vulnerabilities and defenses hiatus. Accordingly, effective countermeasures can be designed to thwart any potential attacks. Machine learning (ML) approaches have been adopted widely for network anomaly detection. However, it has been found that ML models are vulnerable to adversarial attacks. In such attacks, subtle perturbations are inserted to the original inputs at inference time in order to evade the classifier detection or at training time to degrade its performance. Yet, modeling adversarial attacks and the associated threats of employing the machine learning approaches for NIDSs was not addressed. One of the growing challenges is to avoid ML-based systems’ diversity and ensure their security and trust. In this paper, we conduct threat modeling for ML-based NIDS using STRIDE and Attack Tree approaches to identify the potential threats on different levels. We model the threats that can be potentially realized by exploiting vulnerabilities in ML algorithms through a simplified structural attack tree. To provide holistic threat modeling, we apply the STRIDE method to systems’ data flow to uncover further technical threats. Our models revealed a noticing of 46 possible threats to consider. These presented models can help to understand the different ways that a ML-based NIDS can be attacked; hence, hardening measures can be developed to prevent these potential attacks from achieving their goals.

The number of Internet of Things (IoT) devices being deployed into networks is growing at a phenomenal pace, which makes IoT networks more vulnerable in the wireless medium. Advanced Persistent Threat (APT) is malicious to most of the network facilities and the available attack data for training the machine learning-based Intrusion Detection System (IDS) is limited when compared to the normal traffic. Therefore, it is quite challenging to enhance the detection performance in order to mitigate the influence of APT. Therefore, Prior Knowledge Input (PKI) models are proposed and tested using the SCVIC-APT2021 dataset. To obtain prior knowledge, the proposed PKI model pre-classifies the original dataset with unsupervised clustering method. Then, the obtained prior knowledge is incorporated into the supervised model to decrease training complexity and assist the supervised model in determining the optimal mapping between the raw data and true labels. The experimental findings indicate that the PKI model outperforms the supervised baseline, with the best macro average F1-score of 81.37\%, which is 10.47\% higher than the baseline.

The last decade witnessed a gradual shift from cloudbased computing towards ubiquitous computing, which has put at a greater security risk every element of the computing ecosystem including devices, data, network, and decision making. Indeed, emerging pervasive computing paradigms have introduced an uncharted territory of security vulnerabilities and a wider attack surface, mainly due to network openness, the underlying mechanics that enable intelligent functions, and the deeply integrated physical and cyber spaces. Furthermore, interconnected computing environments now enjoy many unconventional characteristics that mandate a radical change in security engineering tools. This need is further exacerbated by the rapid emergence of new Advanced Persistent Threats (APTs) that target critical infrastructures and aim to stealthily undermine their operations in innovative and intelligent ways. To enable system and network designers to be prepared to face this new wave of dangerous threats, this paper overviews recent APTs in emerging computing systems and proposes a new approach to APTs that is more tailored towards such systems compared to traditional IT infrastructures. The proposed APT lifecycle will inform security decisions and implementation choices in future pervasive networked systems.

Currently, there are no mission-capable systems that can successfully detect advanced persistent threats (APTs). These types of threats are hazardous in critical infrastructures (CIs). Due to the integration of operational technology (OT) and information communication technology (ICT), CI systems are particularly vulnerable to cyberattacks. In addition, power systems, in particular, are an attractive target for attackers, as they are responsible for the operation of modern infrastructures and are thus of great importance for modern warfare or even for strategic purposes of other criminal activities. Virtual power plants (VPPs) are a new implementation of power plants for energy management. The protection of virtual power plants against APTs is not yet sufficiently researched. This circumstance raises the research question - What might an APT detection system architecture for VPPs look like? Our methodology is based on intensive literature research to bundle knowledge from different sub-areas to solve a superordinate problem. After the literature review and domain analysis, a synthesis of new knowledge is provided in the presentation of a possible architecture. The in-depth proposal for a potential system architecture relies on the study of VPPs, APTs, and previous prevention mechanisms. The architecture is then evaluated for its effectiveness based on the challenges identified.

Traditional defense methods can only evaluate a single security element and cannot determine the threat of Advanced Persistent Threat (APT) according to multi-source data. This paper proposes a network security situation awareness (NSSA) model to get the network situation under APT attacks based on knowledge graph. Firstly, the vulnerability knowledge graph and APT attack knowledge graph are constructed using public security databases and ATT\&CK (Adversarial Tactics, Techniques, and Common Knowledge), and the targeted knowledge graph APT-NSKG is obtained by combining the two using Bidirectional Encoder Representations from Transformers (BERT). Then, according to the Endsley model and the characteristics of APT , the NSSA model for APT is proposed. The model uses APTNSKG to obtain situation elements, and then comprehensively assesses and predicts the network situation from the perspectives of network asset dimension, vulnerability dimension, security dimension and threat dimension. Finally, the effectiveness of the model is verified by the data from the U.S. Cybersecurity and Infrastructure Security Agency.

The paper focus on the application of Systems Dynamics Modelling (SDM) for simulating socio-technical vulnerabilities of Advanced Persistent Threats (APT) to unravel Human Computer Interaction (HCI) for strategic visibility of threat actors. SDM has been widely applied to analyze nonlinear, complex, and dynamic systems in social sciences and technology. However, its application in the cyber security domain especially APT that involve complex and dynamic human computer interaction is a promising but scant research domain. While HCI deals with the interaction between one or more humans and between one or more computers for greater usability, this same interactive process is exploited by the APT actor. In this respect, using a data breach case study, we applied the socio-technical vulnerabilities classification as a theoretical lens to model socio and technical vulnerabilities on systems dynamics using Vensim software. The variables leading to the breach were identified, entered into Vensim software, and simulated to get the results. The results demonstrated an optimal interactive mix of one or more of the six socio variables and three technical variables leading to the data breach. SDM approach thus provides insights into the dynamics of the threat as well as throw light on the strategies to undertake for minimizing APT risks. This can assist in the reduction of the attack surface and reinforce mitigation efforts (prior to exfiltration) should an APT attack occur. In this paper, we thus propose and validate the application of system dynamics approach for designing a dynamic threat assessment framework for socio-technical vulnerabilities of APT.

Advanced persistent threat (APT) attacks have caused severe damage to many core information infrastructures. To tackle this issue, the graph-based methods have been proposed due to their ability for learning complex interaction patterns of network entities with discrete graph snapshots. However, such methods are challenged by the computer networking model characterized by a natural continuous-time dynamic heterogeneous graph. In this paper, we propose a heterogeneous graph neural network based APT detection method in smart grid clouds. Our model is an encoderdecoder structure. The encoder uses heterogeneous temporal memory and attention embedding modules to capture contextual information of interactions of network entities from the time and spatial dimensions respectively. We implement a prototype and conduct extensive experiments on real-world cyber-security datasets with more than 10 million records. Experimental results show that our method can achieve superior detection performance than state-of-the-art methods.

With the proliferation of Low Earth Orbit (LEO) spacecraft constellations, comes the rise of space-based wireless cognitive communications systems (CCS) and the need to safeguard and protect data against potential hostiles to maintain widespread communications for enabling science, military and commercial services. For example, known adversaries are using advanced persistent threats (APT) or highly progressive intrusion mechanisms to target high priority wireless space communication systems. Specialized threats continue to evolve with the advent of machine learning and artificial intelligence, where computer systems inherently can identify system vulnerabilities expeditiously over naive human threat actors due to increased processing resources and unbiased pattern recognition. This paper presents a disruptive abuse case for an APT-attack on such a CCS and describes a trade-off analysis that was performed to evaluate a variety of machine learning techniques that could aid in the rapid detection and mitigation of an APT-attack. The trade results indicate that with the employment of neural networks, the CCS s resiliency would increase its operational functionality, and therefore, on-demand communication services reliability would increase. Further, modelling, simulation, and analysis (MS\&A) was achieved using the Knowledge Discovery and Data Mining (KDD) Cup 1999 data set as a means to validate a subset of the trade study results against Training Time and Number of Parameters selection criteria. Training and cross-validation learning curves were computed to model the learning performance over time to yield a reasonable conclusion about the application of neural networks.

Counteracting the most dangerous attacks –advanced persistent threats – is an actual problem of modern enterprises. Usually these threats aimed not only at information resources but also at software and hardware resources of automated systems of industrial plants. As a rule, attackers use a number of methods including social engineering methods. The article is devoted to development of the methods for timely prevention from advanced persistent threats based on analysis of attackers’ tactics. Special attention in the article is paid to methods for detection provocations of the modernization of protection systems, as well as methods for monitoring the state of resources of the main automated system. Technique of identification of suspicious changes in the resources is also considered in the article. The result of applying this set of methods will help to increase the protection level of automated systems’ resources.

Data management systems in smart grids have to address advanced persistent threats (APTs), where malware injection methods are performed by the attacker to launch stealthy attacks and thus steal more data for illegal advantages. In this paper, we present a hierarchical deep reinforcement learning based APT detection scheme for smart grids, which enables the control center of the data management system to choose the APT detection policy to reduce the detection delay and improve the data protection level without knowing the attack model. Based on the state that consists of the size of the gathered power usage data, the priority level of the data, and the detection history, this scheme develops a two-level hierarchical structure to compress the high-dimensional action space and designs four deep dueling networks to accelerate the optimization speed with less over-estimation. Detection performance bound is provided and simulation results show that the proposed scheme improves both the data protection level and the utility of the control center with less detection delay.

To meet the high safety and reliability requirements of today’s power transformers, advanced online diagnosis systems using seamless communications and information technologies have been developed, which potentially presents growing cybersecurity concerns. This paper provides practical attack models breaching a power transformer diagnosis system (PTDS) in a digital substation by advanced persistent threats (APTs) and proposes a security testbed for developing future security built-in PTDS against APTs. The proposed security testbed includes: 1) a real-time substation power system simulator, 2) a real-time cyber system, and 3) penetration testing tools. Several real cyber-attacks are generated and the impact on a digital substation are provided to validate the feasibility of the proposed security testbed. The proposed PTDS-focused security testbed will be used to develop self-safe defense strategies against malicious cyber-attacks in a digital substation environment.