The steady growth in the number of deployed Internet Things (IoT) devices has been paralleled with an equal malicious software (malware) targeting those devices. In this paper, we build a detection mechanism IoT malware utilizing control flow graphs (CFGs). To motivate for our mechanism, contrast underlying characteristics to other types malware—Android malware, which are also Linux-based—across multiple features. preliminary analyses reveal that Android have high density, strong closeness...

Recently, the Blockchain-based cryptocurrency market witnessed enormous growth. Bitcoin, leading cryptocurrency, reached all-time highs many times over year to speculations explain trend in its In this article, we study Bitcoin and Ethereum explore features their network that price hikes. We gather data analyze user activity highly impact of these cryptocurrencies. monitor change activities time relate them economic theories. identify key help us determine demand supply dynamics a...

Cybersecurity of photovoltaic (PV) systems entails a much larger scope than just encryption and firewall communications. For instance, integrity data in transit between inverters cloud server can be compromised by authorized third-party, devices, internal network within security perimeter (i.e., man-in-the-middle (MITM) attack). To address this challenge, paper proposes blockchain-based MITM attack detection method for PV system. A breakthrough includes screening data, intrusion detection,...

Biometric verification systems have security issues regarding the storage of biometric data in that a user's features cannot be changed into other ones even when system is compromised. To address this issue, it may safe to store biometrics on reliable remote server instead storing them local device. However, approach raise privacy issue. In paper, we propose where are stored an encrypted form and similarity user input registered computed domain using homomorphic encryption. We evaluated...

Cybersecurity of power electronics (PE) is increasingly essential as more systems from renewable energy systems, storage and electric vehicle charging stations utilize PE devices to connect them into grids with complex communication computation for advanced control situational awareness improvement in smart grid environments. However, cybersecurity research development (R&D) networked hampered by the lack real-time security testbed incorporating real cyber events. This paper proposes a...

The lack of security measures among the Internet Things (IoT) devices and their persistent online connection give adversaries a prime opportunity to target them or even abuse as intermediary targets in larger attacks such distributed denial-of-service (DDoS) campaigns. In this paper, we analyze IoT malware focus on endpoints reachable public Internet, play an essential part ecosystem. Namely, acting dropzones gain insights into underlying dynamics ecosystem, affinity between IP addresses,...

The importance of cybersecurity for inverters has been significantly increasing as become smarter by using advanced network and computing power from cyber systems. This paper explores potential attacks targeting firmware smart how blockchain technology can be applied to mitigate the modification attacks. A breakthrough method includes an automated integrity check, anomaly detection algorithm, recovery creating patch local distributed ledgers. proposed is implemented in Internet-of-Thing...

Quantum computing is a game-changing technology that will push the boundaries of cybersecurity and cryptography power infrastructures including distributed energy resources (DER). This paper explores new security vulnerabilities caused by potential quantum attacks defense strategies using key distribution (QKD) post-quantum (PQC) in DER network systems. be used as baseline reference toward quantum-safe system.

Advanced Persistent Threat (APT) is a professional stealthy threat actor who uses continuous and sophisticated attack techniques which have not been well mitigated by existing defense strategies. This paper proposes an APT-style cyber-attack tested for distributed energy resources (DER) in cyber-physical environments. The proposed security testbed consists of: 1) real-time DER simulator; 2) cyber system using real network systems server; 3) penetration testing tools generating attacks as...

As the traditional inverters are transforming toward more intelligent with advanced information and communication technologies, cyber-attack surface has been remarkably expanded. Specifically, securing firmware of smart from cyber-attacks is crucial. This paper provides expanded attack targeting inverters. Moreover, this proposes a security module for conventional inverter to built-in by preventing potential malware unauthorized update attacks as well fast automated recovery zero-day...

Increasing penetration of networked distributed energy resources (DER) in electric power systems managed by multiparty are expanding the system attack surface. An outstanding threat is sophisticated attackers who possess extensive knowledge and keep trying to DER systems, which have not been well mitigated existing defense strategies. This paper explores a cyber kill chain model for aggregation based on latest METRE's possible phases requirement defensive actions per each step, eventually...

Proxy servers act as an intermediary and a gateway between users other on the Internet, have many beneficial applications targeting privacy of users, including bypassing server-side blocking, regional restrictions, etc. Despite proxies, they are also used by adversaries to hide their identity launch attacks. As such, websites restrict access from resulting in blacklists filter out those proxies aid blocking. In this work, we explore ecosystem understanding affinities distributions...

In this paper, we analyze the Internet of Things (IoT) Linux malware binaries to understand dependencies among malware. Towards end, use static analysis extract endpoints that communicates with, and classify such into targets dropzones (equivalent Command Control). total, extracted 1,457 unique dropzone IP addresses target 294 1,018 masked addresses. We highlight various characteristics those targets, including spatial, network, organizational affinities. dropzones' interdependencies...

IEEE 2030.5 standard is drawing special attention among communication protocols for smart inverters and distributed energy resources (DER). Moreover, California Rule 21 mandates new DER must be ready to communicate a host utility using the standard. Therefore, development of an effective real-time simulation method managing network crucial. This paper presents hardware-in-the-loop (HIL) system testbed The proposed co-simulation consists physical OP AL-RT simulator cyber including gateways...

Cybersecurity of inverters has been significantly important as become smarter in cyber-physical environments. However, firmware security smart against attacks from various attack vectors less studied. This paper proposes a secure update and device authentication method using blockchain-based public key infrastructure (PKI) management system physically unclonable function (PUF)-embedded module inverter. The proposed is validated by experiments.

Ransomware attacks are one of the most dangerous cyber-attacks which can disrupt operation photovoltaic (PV) systems and incur an enormous economic loss. This paper introduces a ransomware security threat modeling method that identifies potential vulnerabilities, threats, impacts targeting PV system. The consists three steps: 1) system identification, 2) finds existing 3) attack designs profiles to succeed attacks, 4) penetration testing performs authorized analyzes using real-time...

스마트기기가 보편화되고 있고 무선랜의 사용량이 증가함에 따라 로그 AP를 이용한 공격 가능성도 높아지고 있다. AP에 접속할 경우, AP는 중간자 공격(Man-in-the-middle attack)을 수행할 수 있으므로, 매우 쉽게 개인 정보를 획득할 있게 된다. 다양한 종류의 탐지하는 방법에 관해 많은 연구가 이루어지고 있고, 이 논문에서는 그 중, 정상 무선으로 연결하고 이를 중계해서 자신은 AP의 SSID를 보여줌으로써 AP인 것처럼 하여 사용자를 속이는 방법을 제안한다. 이런 데 있어서 기계 학습 알고리즘의 일종인 SVM(Support Vector Machine)을 사용하여, 사용자의 환경에 자동으로 탐지 기준을 설정하여 90% 이상의 확률로 알고리즘을 제안하고, 이의 성능을 실험을 통해 입증한다. Widespread use of smartphones and wireless LAN accompany a threat called rogue AP. When user...

Log-Structured Merge (LSM) tree-based Key-Value Stores (KVSs) are widely adopted for their high performance in write-intensive environments, but they often face degradation due to write stalls during compaction. Prior solutions, such as regulating I/O traffic or using multiple compaction threads, can cause unexpected drops throughput increase host CPU usage, while hardware-based approaches FPGA, GPU, and DPU aimed at reducing duration introduce additional hardware costs. In this study, we...

Distributed energy resource management system (DERMS) is a supervision managing distributed resources (DERs) in distribution system. However, the centralized DERMS has potential risk of single point failure posed by cyber-attacks (e.g., denial service attacks and ransomware attacks). This will cause visibility control losses DER In this paper, blockchain (BC) technology leveraged to enhance resilience recovering operation during outage. The proposed BC governance platform for proving...

The growth in the number of Android and Internet Things (IoT) devices has witnessed a parallel increase malicious software (malware), calling for new analysis approaches. We represent binaries using their graph properties Control Flow Graph (CFG) structure conduct an in-depth graphs extracted from IoT malware to understand differences. Using 2,874 2,891 corresponding samples, we analyze both general characteristics algorithmic properties. CFG as abstract structure, then emphasize various...

The centralized zone data service (CZDS) was introduced by the Internet Corporation for Assigned Names and Numbers (ICANN) to facilitate sharing access of new generic Top-Level Domains (gTLDs). CZDS aims improve security transparency naming system Internet. In this paper, we investigate CZDS's measurement evaluation. By requesting all gTLDs listed in portal, analyze various aspects CZDS, including status, responsiveness provided reasons granting or denial. Among other findings, find that...