Biblio

Export results:
Author Title Type [ Year(Desc)]
Filters: First Letter Of Title is C  [Clear All Filters]
C. Alcaraz, and S.. Zeadally, "Critical Control System Protection in the 21st Century: Threats and Solutions",
IEEE Computer, vol. 46, no. 10, IEEE Computer Society, pp. 74 - 83, 2013. DOI (I.F.: 1.438)More..

Abstract

Information systems, networks, and technologies have become an integral part of modern critical control systems that manage many of today’s critical infrastructures. The continuous operation, maintenance, and protection of critical infrastructures have become a high national priority for governments around the world because our society heavily depends on them for most of our daily activities (travel, power usage, banking transactions, telecommunications, etc) and safety. It is therefore critical that these infrastructures have to be protected from potential accidental incidents or cyberattacks. We present the fundamental architectural components of critical control systems which manage most critical infrastructures. We identify some of the vulnerabilities and threats to modern critical control systems followed by protection solutions that can be deployed to mitigate attacks exploiting these vulnerabilities.

Impact Factor: 1.438
Journal Citation Reports® Science Edition (Thomson Reuters, 2013)

C. Alcaraz, L. Cazorla, and G. Fernandez, "Context-Awareness using Anomaly-based Detectors for Smart Grid Domains",
9th International Conference on Risks and Security of Internet and Systems , vol. 8924, Springer International Publishing, pp. 17-34, 04/2015. DOI More..

Abstract

Anomaly-based detection applied in strongly interdependent systems, like Smart Grids, has become one of the most challenging research areas in recent years. Early detection of anomalies so as to detect and prevent unexpected faults or stealthy threats is attracting a great deal of attention from the scientific community because it offers potential solutions for context-awareness. These solutions can also help explain the conditions leading up to a given situation and help determine the degree of its severity. However, not all the existing approaches within the literature are equally effective in covering the needs of a particular scenario. It is necessary to explore the control requirements of the domains that comprise a Smart Grid, identify, and even select, those approaches according to these requirements and the intrinsic conditions related to the application context, such as technological heterogeneity and complexity. Therefore, this paper analyses the functional features of existing anomaly-based approaches so as to adapt them, according to the aforementioned conditions. The result of this investigation is a guideline for the construction of preventive solutions that will help improve the context-awareness in the control of Smart Grid domains in the near future.

PDF icon 931.pdf (134.49 KB)
C. Alcaraz, and S. Zeadally, "Critical Infrastructure Protection: Requirements and Challenges for the 21st Century",
International Journal of Critical Infrastructure Protection (IJCIP), vol. 8, Elsevier Science, pp. 53–66, 01/2015. DOI (I.F.: 1.351)More..

Abstract

Critical infrastructures play a vital role in supporting modern society. The reliability, performance, continuous operation, safety, maintenance and protection of critical infrastructures are national priorities for countries around the world. This paper explores the vulnerabilities and threats facing modern critical infrastructures with special emphasis on industrial control systems, and describes a number of protection measures. The paper also discusses some of the challenging areas related to critical infrastructure protection such as governance and security management, secure network architectures, self-healing, modeling and simulation, wide-area situational awareness, forensics and learning, and trust management and privacy.

Impact Factor: 1.351
Journal Citation Reports® Science Edition (Thomson Reuters, 2015)

PDF icon alcaraz2015CRI.pdf (4.03 MB)
C. Alcaraz, L. Cazorla, and J. Lopez, "Cyber-Physical Systems for Wide-Area Situational Awareness",
Cyber-Physical Systems: Foundations, Principles and Applications, no. Intelligent Data-Centric Systems, Academic Press, pp. 305 - 317, 2017. DOI More..

Abstract

Abstract Cyber-physical systems (CPSs), integrated in critical infrastructures, could provide the minimal services that traditional situational awareness (SA) systems demand. However, their application in SA solutions for the protection of large control distributions against unforeseen faults may be insufficient. Dynamic protection measures have to be provided not only to locally detect unplanned deviations but also to prevent, respond, and restore from these deviations. The provision of these services as an integral part of the SA brings about a new research field known as wide-area situational awareness (WASA), highly dependent on CPSs for control from anywhere across multiple interconnections, and at any time. Thus, we review the state-of-the art of this new paradigm, exploring the different preventive and corrective measures considering the heterogeneity of CPSs, resulting in a guideline for the construction of automated WASA systems.

PDF icon 1590.pdf (544.05 KB)
C. Alcaraz, "Cloud-Assisted Dynamic Resilience for Cyber-Physical Control Systems",
IEEE Wireless Communications, vol. 25, no. 1, IEEE, pp. 76-82, 02/2018. DOI (I.F.: 11)More..
Impact Factor: 11
Journal Citation Reports® Science Edition (Thomson Reuters, 2018)

PDF icon Alcaraz2018a.pdf (3.46 MB)
L. Cazorla, C. Alcaraz, and J. Lopez, "Cyber Stealth Attacks in Critical Information Infrastructures",
IEEE Systems Journal, vol. 12, issue 2, IEEE, pp. 1778-1792, 06/2018. DOI (I.F.: 4.463)More..

Abstract

Current Critical Infrastructures (CIs) are complex interconnected industrial systems that, in recent years, have incorporated information and communications technologies such as connection to the Internet and commercial off-the-shelf components. This makes them easier to operate and maintain, but exposes them to the threats and attacks that inundate conventional networks and systems. This paper contains a comprehensive study on the main stealth attacks that threaten CIs, with a special focus on Critical Information Infrastructures (CIIs). This type of attack is characterized by an adversary who is able to finely tune his actions to avoid detection while pursuing his objectives. To provide a complete analysis of the scope and potential dangers of stealth attacks we determine and analyze their stages and range, and we design a taxonomy to illustrate the threats to CIs, offering an overview of the applicable countermeasures against these attacks. From our analysis we understand that these types of attacks, due to the interdependent nature of CIs, pose a grave danger to critical systems where the threats can easily cascade down to the interconnected systems. 

Impact Factor: 4.463
Journal Citation Reports® Science Edition (Thomson Reuters, 2018)

PDF icon cazorla2016cyber.pdf (689.18 KB)
C. Alcaraz, and J. Lopez, "A Cyber-Physical Systems-Based Checkpoint Model for Structural Controllability",
IEEE Systems Journal, vol. 12, issue 4, IEEE, pp. 3543-3554, 12/2018. DOI (I.F.: 4.463)More..

Abstract

The protection of critical user-centric applications, such as Smart Grids and their monitoring systems, has become one of the most cutting-edge research areas in recent years. The dynamic complexity of their cyber-physical systems (CPSs) and their strong inter-dependencies with power systems, are bringing about a significant increase in security problems that may be exploited by attackers. These security holes may, for example, trigger the disintegration of the structural controllability properties due to the problem of non-locality, affecting, sooner or later, the provision of the essential services to end-users. One way to address these situations could be through automatic checkpoints in charge of inspecting the healthy status of the control network and its critical nature. This inspection can be subject to special mechanisms composed of trustworthy cyberphysical elements capable of detecting structural changes in the control and activating restoration procedures with support for warning. This is precisely the aim of this paper, which presents a CPSs-based checkpoint model with the capacity to manage heterogeneous replications that help ensure data redundancy, thereby guaranteeing the validity of the checkpoints. As a support to this study, a theoretical and practical analysis is addressed to show the functionality of the approach in real contexts.

Impact Factor: 4.463
Journal Citation Reports® Science Edition (Thomson Reuters, 2018)

PDF icon alcarazlopez-IEEESystems-2017.pdf (890.76 KB)
C. Alcaraz, G. Bernieri, F. Pascucci, J. Lopez, and R. Setola, "Covert Channels-based Stealth Attacks in Industry 4.0",
IEEE Systems Journal., vol. 13, issue 4, IEEE, pp. 3980-3988, 12/2019. DOI (I.F.: 3.987)More..

Abstract

Industry 4.0 advent opens several cyber-threats scenarios originally designed for classic information technology, drawing the attention to the serious risks for the modern industrial control networks. To cope with this problem, in this paper we address the security issues related to covert channels applied to industrial networks, identifying the new vulnerability points when information technologies converge with operational technologies such as edge computing infrastructures. Specifically, we define two signaling strategies where we exploit the Modbus/TCP protocol as target to set up a covert channel. Once the threat channel is established, passive and active offensive attacks (i.e. data exfiltration and command an control, respectively) are further exploited by implementing and testing them on a real Industrial Internet of Things testbed. The experimental results highlight the potential damage of such specific threats, and the easy extrapolation of the attacks to other types of channels in order to show the new risks for Industry 4.0. Related to this, we discuss some countermeasures to offer an overview of possible mitigation and defense measures.
 

Impact Factor: 3.987
Journal Citation Reports® Science Edition (Thomson Reuters, 2019)

PDF icon alcaraz2019a.pdf (938.98 KB)
J. E. Rubio, C. Alcaraz, R. Roman, and J. Lopez, "Current Cyber-Defense Trends in Industrial Control Systems",
Computers & Security Journal, vol. 87, Elsevier, 11/2019. DOI (I.F.: 3.579)More..

Abstract

Advanced Persistent Threats (APTs) have become a serious hazard for any critical infrastructure, as a single solution to protect all industrial assets from these complex attacks does not exist. It is then essential to understand what are the defense mechanisms that can be used as a first line of defense. For this purpose, this article will firstly study the spectrum of attack vectors that APTs can use against existing and novel elements of an industrial ecosystem. Afterwards, this article will provide an analysis of the evolution and applicability of Intrusion Detection Systems (IDS) that have been proposed in both the industry and academia.

Impact Factor: 3.579
Journal Citation Reports® Science Edition (Thomson Reuters, 2019)

PDF icon rub2019cose.pdf (190.71 KB)
A. D. Syrmakesis, C. Alcaraz, and N. D. Hatziargyriou, "Classifying resilience approaches for protecting smart grids against cyber threats",
International Journal of Information Security, vol. 21, Springer, pp. 1189–1210, 05/2022. DOI (I.F.: 2.427)More..

Abstract

Smart grids (SG) draw the attention of cyber attackers due to their vulnerabilities, which are caused by the usage of heterogeneous communication technologies and their distributed nature. While preventing or detecting cyber attacks is a well-studied field of research, making SG more resilient against such threats is a challenging task. This paper provides a classification of the proposed cyber resilience methods against cyber attacks for SG. This classification includes a set of studies that propose cyber-resilient approaches to protect SG and related cyber-physical systems against unforeseen anomalies or deliberate attacks. Each study is briefly analyzed and is associated with the proper cyber resilience technique which is given by the National Institute of Standards and Technology in the Special Publication 800-160. These techniques are also linked to the different states of the typical resilience curve. Consequently, this paper highlights the most critical challenges for achieving cyber resilience, reveals significant cyber resilience aspects that have not been sufficiently considered yet and, finally, proposes scientific areas that should be further researched in order to enhance the cyber resilience of SG.

Impact Factor: 2.427
Journal Citation Reports® Science Edition (Thomson Reuters, 2021)

PDF icon Syrmakesis2022.pdf (257.14 KB)
J. Cumplido, C. Alcaraz, and J. Lopez, "Collaborative anomaly detection system for charging stations",
The 27th European Symposium on Research in Computer Security (ESORICS 2022), vol. 13555, Springer, Cham, pp. 716–736, 09/2022. DOI More..

Abstract

In recent years, the deployment of charging infrastructures has been increasing exponentially due to the high energy demand of electric vehicles, forming complex charging networks. These networks pave the way for the emergence of new unknown threats in both the energy and transportation sectors. Economic damages and energy theft are the most frequent risks in these environments. Thus, this paper aims to present a solution capable of accurately detecting unforeseen events and possible fraud threats that arise during charging sessions at charging stations through the current capabilities of the Machine Learning (ML) algorithms. However, these algorithms have the drawback of not fitting well in large networks and generating a high number of false positives and negatives, mainly due to the mismatch with the distribution of data over time. For that reason, a Collaborative Anomaly Detection System for Charging Stations (here referred to as CADS4CS) is proposed as an optimization measure. CADS4CS has a central analysis unit that coordinates a group of independent anomaly detection systems to provide greater accuracy using a voting algorithm. In addition, CADS4CS has the feature of continuously retraining ML models in a collaborative manner to ensure that they are adjusted to the distribution of the data. To validate the approach, different use cases and practical studies are addressed to demonstrate the effectiveness and efficiency of the solution.

PDF icon Alcaraz2022c.pdf (1.76 MB)
L. Faramondi, M. Grassi, S. Guarino, R. Setola, and C. Alcaraz, "Configuration vulnerability in SNORT for Windows operating systems",
2022 IEEE International Conference on Cyber Security and Resilience (IEEE CSR), IEEE, pp. 82-89, 08/2022. DOI More..

Abstract

Cyber-attacks against Industrial Control Systems (ICS) can lead to catastrophic events which can be prevented by the use of security measures such as the Intrusion Prevention Systems (IPS). In this work we experimentally demonstrate how to exploit the configuration vulnerabilities of SNORT one of the most adopted IPSs to significantly degrade the effectiveness of the IPS and consequently allowing successful cyber-attacks. We illustrate how to design a batch script able to retrieve and modify the configuration files of SNORT in order to disable its ability to detect and block Denial of Service (DoS) and ARP poisoning-based Man-In-The-Middle (MITM) attacks against a Programmable Logic Controller (PLC) in an ICS network. Experimental tests performed on a water distribution testbed show that, despite the presence of IPS, the DoS and ARP spoofed packets reach the destination causing respectively the disconnection of the PLC from the ICS network and the modification of packets payload.

R. Roman, C. Alcaraz, J. Lopez, and K. Sakurai, "Current Perspectives on Securing Critical Infrastructures’ Supply Chains",
IEEE Security & Privacy, IEEE, In Press. (I.F.: 3.105)More..
Impact Factor: 3.105
Journal Citation Reports® Science Edition (Thomson Reuters, 2021)

Modify or remove your filters and try again.