scholarly journals ExSol

2021 ◽  
Vol 2 (3) ◽  
pp. 1-23
Author(s):  
Josephine Lamp ◽  
Carlos E. Rubio-Medrano ◽  
Ziming Zhao ◽  
Gail-Joon Ahn
Keyword(s):  
Risk Analysis ◽  
Current System ◽  
Real Life ◽  
Structural Diversity ◽  
Cyber Attacks ◽  
Security Requirements ◽  
System State ◽  
Energy Delivery ◽  
Multiple Granularities ◽  
Economical Losses

No longer just prophesied about, cyber-attacks to Energy Delivery Systems (EDS) (e.g., the power grid, gas and oil industries) are now very real dangers that result in non-trivial economical losses and inconveniences to modern societies. In such a context, risk analysis has been proposed as a valuable way to identify, analyze, and mitigate potential vulnerabilities, threats, and attack vectors. However, performing risk analysis for EDS is difficult due to their innate structural diversity and interdependencies, along with an always-increasing threatscape. Therefore, there is a need for a methodology to evaluate the current system state, identify vulnerabilities, and qualify risk at multiple granularities in a collaborative manner among different actors in the context of EDS. With this in mind, this article presents ExSol , a collaborative, real-time, risk assessment ecosystem that features an approach for modeling real-life EDS infrastructures, an ontology traversal technique that retrieves well-defined security requirements from well-reputed documents on cyber-protection for EDS infrastructures, as well as a methodology for calculating risk for a single asset and for an entire system. Moreover, we also provide experimental evidence involving a series of attack scenarios in both simulated and real-world EDS environments, which ultimately encourage the adoption of ExSol in practice.

scholarly journals A Bi-Level Model for Detecting and Correcting Parameter Cyber-Attacks in Power System State Estimation

2021 ◽  
Vol 11 (14) ◽  
pp. 6540
Author(s):  
Nader Aljohani ◽  
Arturo Bretas
Keyword(s):  
State Estimation ◽  
State Of The Art ◽  
Real Life ◽  
Measurement Model ◽  
Cyber Attacks ◽  
Model Parameters ◽  
System State ◽  
Power System State Estimation ◽  
False Data Injection ◽  
Level Model

Power system state estimation is an important component of the status and healthiness of the underlying electric power grid real-time monitoring. However, such a component is prone to cyber-physical attacks. The majority of research in cyber-physical power systems security focuses on detecting measurements False-Data Injection attacks. While this is important, measurement model parameters are also a most important part of the state estimation process. Measurement model parameters though, also known as static-data, are not monitored in real-life applications. Measurement model solutions ultimately provide estimated states. A state-of-the-art model presents a two-step process towards simultaneous false-data injection security: detection and correction. Detection steps are χ2 statistical hypothesis test based, while correction steps consider the augmented state vector approach. In addition, the correction step uses an iterative solution of a relaxed non-linear model with no guarantee of optimal solution. This paper presents a linear programming method to detect and correct cyber-attacks in the measurement model parameters. The presented bi-level model integrates the detection and correction steps. Temporal and spatio characteristics of the power grid are used to provide an online detection and correction tool for attacks pertaining the parameters of the measurement model. The presented model is implemented on the IEEE 118 bus system. Comparative test results with the state-of-the-art model highlight improved accuracy. An easy-to-implement model, built on the classical weighted least squares solution, without hard-to-derive parameters, highlights potential aspects towards real-life applications.

Risk assessment for health insurance using equation modeling and machine learning

2021 ◽  
Vol 25 (2) ◽  
pp. 201-225
Author(s):  
Amrik Singh ◽  
K.R. Ramkumar
Keyword(s):  
Machine Learning ◽  
Health Insurance ◽  
Risk Analysis ◽  
Real Life ◽  
Equation Model ◽  
Least Square ◽  
Parameter Analysis ◽  
Risk Indicators ◽  
Equation Modeling ◽  
Pairwise Correlation

Due to the advancement of medical sensor technologies new vectors can be added to the health insurance packages. Such medical sensors can help the health as well as the insurance sector to construct mathematical risk equation models with parameters that can map the real-life risk conditions. In this paper parameter analysis in terms of medical relevancy as well in terms of correlation has been done. Considering it as ‘inverse problem’ the mathematical relationship has been found and are tested against the ground truth between the risk indicators. The pairwise correlation analysis gives a stable mathematical equation model can be used for health risk analysis. The equation gives coefficient values from which classification regarding health insurance risk can be derived and quantified. The Logistic Regression equation model gives the maximum accuracy (86.32%) among the Ridge Bayesian and Ordinary Least Square algorithms. Machine learning algorithm based risk analysis approach was formulated and the series of experiments show that K-Nearest Neighbor classifier has the highest accuracy of 93.21% to do risk classification.

scholarly journals Cloud Computing Technique Applied to Detect Cyber-Attacks on Web Application

2020 ◽  
Vol 9 (4) ◽  
pp. 1498-1500
Keyword(s):  
Cloud Computing ◽  
Web Application ◽  
Current System ◽  
Cyber Attacks ◽  
Individual Data ◽  
Computing Technique ◽  
Correct Number ◽  
Proposed Model

The targeted malignant emails (TME) for PC arrange misuse have become progressively deceptive and all the more generally common as of late. Aside from spam or phishing which is intended to fool clients into uncovering individual data, TME can misuse PC systems and accumulate touchy data which can be a major issue for the association. They can comprise of facilitated and industrious battles that can be terrible. Another email-separating procedure which depends on bowl classifier and beneficiary arranged highlights with an arbitrary backwoods classifier which performs superior to two conventional recognition techniques, Spam Assassin and Clam AV, while keeping up sensible bogus positive rates. This proposed model deals with how to recognize a pernicious bundle (email) for ordinary system into current system. We build up an undermined protocol of network detection that powerfully concludes the correct number of congestive loss of packets that is going to happen. On the chance that one damages the steering convention itself, at that point aggressor may make enormous segments of the system become untreatable. We build up an option shifting technique by utilizing TME explicit element extraction. Our conventions naturally anticipate clog in a deliberate manner, as it is vital in making any such flaw in network recognition reasonable.

Development of a clustering-based model for enhancing acoustic leak detection

2019 ◽  
Vol 46 (4) ◽  
pp. 278-286 ◽  
Author(s):  
Samer El-Zahab ◽  
Ahmed Asaad ◽  
Eslam Mohammed Abdelkader ◽  
Tarek Zayed
Keyword(s):  
Current System ◽  
Real Life ◽  
Pilot Project ◽  
Leak Detection ◽  
Water Systems ◽  
Life Conditions ◽  
Novel Approach ◽  
Water And Wastewater ◽  
The City ◽  
Main Shortcoming

According to the Canadian Infrastructure Report of 2016, Canada’s water and wastewater infrastructures are in a declining state. One of the problems plaguing water systems is leakage. Leaks are costly as they create losses in precious water resources as well as treatment chemicals and energy required to produce drinking water. Therefore, the city of Montréal has implemented a pilot project to detect the leaks in a portion of its water supply network using noise loggers. The main shortcoming tackled is the inaccuracy of the current system as it can regularly present false rulings on new events. This article presents a novel approach for the analysis of the signals using k-means clustering and provides a set of models for leak detection. The developed model was tested against real-life conditions and detected two possible leaks that were undetected by the current system in addition to its ability to detect all confirmed leak conditions.

scholarly journals Nonfragile Integral-Based Event-Triggered Control of Uncertain Cyber-Physical Systems under Cyber‐Attacks

Complexity ◽  
2019 ◽  
Vol 2019 ◽  
pp. 1-14 ◽  
Author(s):  
Shen Yan ◽  
Sing Kiong Nguang ◽  
Liruo Zhang
Keyword(s):  
Sufficient Conditions ◽  
Cyber Physical Systems ◽  
Cyber Attacks ◽  
Linear Matrix ◽  
Time Interval ◽  
System State ◽  
Network Resources ◽  
Physical Systems ◽  
Mean Square Stability ◽  
Event Triggered

This article studies the problem of nonfragile integral-based event-triggered control for uncertain cyber-physical systems under cyber-attacks. An integral-based event-triggered scheme is proposed to reduce the data transmissions and save the limited network resources. The triggering condition is related to the mean of system state over a finite time interval instead of instant system state. Random cyber-attacks in a communication channel are taken into account and described by a stochastic variable subject to Bernoulli distribution. A novel Lyapunov–Krasovskii functional based on Legendre polynomials is constructed, and the Bessel–Legendre inequality technique is employed to handle the integral term induced by the integral-based event-triggered scheme. Resorting to these treatments, sufficient conditions are established via a set of linear matrix inequalities to guarantee the asymptotic mean-square stability of the closed-loop system. Finally, a numerical example shows that the presented method is effective.

A Pattern-Based and Tool-Supported Risk Analysis Method Compliant to ISO 27001 for Cloud Systems

2015 ◽  
Vol 6 (1) ◽  
pp. 24-46
Author(s):  
Azadeh Alebrahim ◽  
Denis Hatebur ◽  
Stephan Fassbender ◽  
Ludger Goeke ◽  
Isabelle Côté
Keyword(s):  
Cloud Computing ◽  
Information Security ◽  
Risk Analysis ◽  
Computing System ◽  
Security Requirements ◽  
Analysis Method ◽  
Computing Systems ◽  
Cloud Systems ◽  
Cloud Computing System ◽  
Iso 27001

To benefit from cloud computing and the advantages it offers, obstacles regarding the usage and acceptance of clouds have to be cleared. For cloud providers, one way to obtain customers' confidence is to establish security mechanisms when using clouds. The ISO 27001 standard provides general concepts for establishing information security in an organization. Risk analysis is an essential part in the ISO 27001 standard for achieving information security. This standard, however, contains ambiguous descriptions. In addition, it does not stipulate any method to identify assets, threats, and vulnerabilities. In this paper, the authors present a method for cloud computing systems to perform risk analysis according to the ISO 27001. The authors' structured method is tailored to SMEs. It relies upon patterns to describe context and structure of a cloud computing system, elicit security requirements, identify threats, and select controls, which ease the effort for these activities. The authors' method guides companies through the process of risk analysis in a structured manner. Furthermore, the authors provide a model-based tool for supporting the ISO 27001 standard certification. The authors' tool consists of various plug-ins for conducting different steps of their method.

Sign in / Sign up

Export Citation Format

Share Document