Context-aware Automotive Intrusion Detection
|
|
- Dortha Hood
- 5 years ago
- Views:
Transcription
1 Context-aware Automotive Intrusion Detection Armin Wasicek 1 Mert D.Pesé 2, André Weimerskirch 2, Yelizaveta Burakova 2, Karan Singh 2 1 Technical University Vienna, Austria 2 University of Michigan ESCAR USA June 21, 2017
2 Motivation for Security Dominant motives of organizations for security: Avoiding and mitigating loss Avoiding negligence Enhancing strategic business values Security is the enabler of business models Armin Wasicek 2
3 Who is willing to pay for Security? Incentives for investment in security are lacking Making a strong business case for security is hard: Quantifying risk in a dynamic environment Rapidly changing, unpredictable threats Demonstrating consequences of attacks Who is willing to pay for security? Armin Wasicek 3
4 Vulnerability Black Market Zero-day exploits are a tradable asset Full disclosure to improve software is utopia New professionalism in security market Cost of exploit: $ 1k-5k (2k), good >10 month Realistically, we re selling cyberweaponry There is already a market for security! Armin Wasicek 4
5 Rising need for Security Automotive security requirements Cost effective Reusable Adaptive Cyber-Physical nature Security toolkit ECU security Secure On-board Comm. Perimeter security Intrusion detection Raise the bar to prevent (simple) attacks Armin Wasicek 5
6 What is Intrusion Detection? Gathers and analyzes information Identifies potential security breaches Intrusions Misuse/Fraud Reports to users Perimeter Users System IDS Sensor Armin Wasicek 6
7 Manipulation and Fault tolerance Triggering unsafe states will stop the system Manipulations are subtle Stay within safe states, but modified behavior Recognition and Recovery NTHSA: Misbehavior Detection [DOT HS ] Development of the processes, algorithms, reporting requirements, and data requirements for both local and global detection functions; Armin Wasicek 7
8 Types of IDS IDS S Knowledge-based IDS Patterns/Signatures of malicious activities Low false positive rate, needs frequent updates Heuristic-based IDS Look for abnormal behavior, e.g., higher entropy Detect new attack patterns Context-aware IDS Compare to reference model, include semantics Check against specifications and regulations Armin Wasicek 8
9 Automotive System Architecture On-board networks Segregation Malicious devices Eth Backbone Cloud ECU Switch GW Over-the-air Updates Environmental info. Board computer External communication Host-based IDS monitors ECU CPU & memory usage, syscalls, # processes, Network IDS monitors communication Message frequency, patterns, entropy, Identify anomalies and outliers Armin Wasicek 9
10 Chip tuning Modify control algorithm parameters in ECU Parameters are stored in a table in flash memory Reprogram ECU with new values Debug interface, 3 rd party device Messages emitted by ECU seem original! Armin Wasicek 10
11 Power boxing Improves low end torque. Plug-in installation in less than 30 minutes. Modify commands to ECU Replace the ECU in the communication system Insert device between the ECU and actuators Communication pattern does not change! Armin Wasicek 11
12 Cyber-Physical Attacks Automotive systems are Cyber-Physical Checking only cyber properties like CAN message frequency might miss important attack vectors IDS needs to target attack on the physical part Compare actual behavior to reference model enabling misbehavior detection Armin Wasicek 12
13 Automotive System Architecture Chip Tuning ECU RPM, torque Switch Backbone IDS GW Cloud Threat defense Over-the-air Updates Detect misbehavior Wheel speed Road conditions Integrate firewall, authentication, and detection Fuse information from diverse sources Use semantics of control msg to reason about manipulation Armin Wasicek 13
14 Feature Selection Select parameters capturing engine behavior Engine control measures many useful parameters Speed velocity of vehicle RPM angular velocity of engine Torque turning force We want to detect modifications, like going around the curve slightly faster, having more torque on a slope, etc. 14
15 Intrusion Detection Layer Compares current to reference behavior Trained model reconstructs some features poorly These are considered as outliers Manipulation, if num. of outliers exceeds threshold Armin Wasicek 15
16 Feature Extraction Convert a time series to a feature vector Processing pipeline works on a time slice Use original signal and its differentiation Use statistical moments to expand features Normalize feature vector Armin Wasicek 16
17 Artificial Neural Networks Solve a one-class classification problem Autoencoder Neural Network: Hidden layer generalizes ratio between features Stores the typical behavior of an engine Trained using same vector for input X, output Y Anomaly score is error between input and output Armin Wasicek 17
18 Evaluation Racing car simulation TORCS Car model p406 simulating a Peugeot 406 Increase engine torque by 10 Nm and 30 Nm Let the robot do the driving! Armin Wasicek 18
19 Engine tuning Modification Modify RPM/Torque ratio Recognizing manipulation Bottleneck ANN 8 hidden perceptron ROC curve looks promising Note: This is unsupervised learning! Armin Wasicek 19
20 Experimental Setup Perform analytics, detect presence Power boxing to manipulate engine control Read out data via OBD II Urban/Highway driving cycles Armin Wasicek 20
21 Min/max values Real car data original modified Data points Vehicle speed Engine RPM Fuel rate Fuel/Air commanded equivalence Accelerator pedal position D Calculated load value Absolute throttle position O2 sensor lambda wide range Absolute throttle position B Catalyst temperature Armin Wasicek 21
22 Anomaly score Recognition result ANN w. 16 hidden ANN w. 32 hidden ANN w. 43 hidden Ratio anomaly score of X mod / X val ANN w. 43 hidden ANN w. 32 hidden ANN w. 16 hidden Size of subset (% of dataset) Iterations ANN with 43 hidden nodes has 6-8 times higher anomaly score than validation set. 16 ~ factor 1.5 Armin Wasicek 22
23 Integration options Software Component (SWC) in AUTOSAR terminology Subscribe to relevant data via Virtual Function Bus (VFB) CAID integration options o Standalone: on the CAN bus connecting the Central Gateway (CGW) to the OBD port o Integrated: Part of the CGW Armin Wasicek 23
24 Related Work CAN message statistics [Hoppe et al., 2007] Entropy-based IDS [Muter et al., 2011] Commercial IDS/IPS: Deep Packet Inspection identifies abnormal behavior Context-aware IDS [Wasicek and Weimerskirch, 2015] Armin Wasicek 24
25 Conclusion and Outlook Automotive systems are Cyber-Physical IDS need to recognize cyber and physical attacks Integrate with other security mechanisms Intelligently use the cloud to recognize attacks Faults, ageing, and repair effects are challenging Armin Wasicek 25
26 Thanks for your attention! Contact me: Yelizaveta Burakova
27 Response and Recovery What to do after an intrusion has been detected? Not yet clear Depends on location, current state of vehicle Log threat Disable/inhibit features Service procedure What are means to react on intrusions/misuse? Armin Wasicek 27
28 Automotive IDS Architecture Armin Wasicek 28
Context-aware Intrusion Detection in Automotive Control Systems
Context-aware Intrusion Detection in Automotive Control Systems Armin R. Wasicek University of California, Berkeley Yelizaveta Burakova University of Michigan Mert D. Pesé University of Michigan Karan
More informationAutomotive Anomaly Monitors and Threat Analysis in the Cloud
Automotive Anomaly Monitors and Threat Analysis in the Cloud Dr. André Weimerskirch Vector Automotive Cyber Security Symposium October 12, 2017 Cybersecurity Components Secure Internal & External Communications
More informationDevelopment of Intrusion Detection System for vehicle CAN bus cyber security
Development of Intrusion Detection System for vehicle CAN bus cyber security Anastasia Cornelio, Elisa Bragaglia, Cosimo Senni, Walter Nesci Technology Innovation - SSEC 14 Workshop Automotive SPIN Italia
More informationCyber security mechanisms for connected vehicles
Infineon Security Partner Network Partner Use Case Cyber security mechanisms for connected vehicles Protecting automotive vehicle networks and business models from cyber security attacks Products AURIX
More informationNEXT GENERATION SECURITY OPERATIONS CENTER
DTS SOLUTION NEXT GENERATION SECURITY OPERATIONS CENTER SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 - SUCCESS FACTORS SOC 2.0 - FUNCTIONAL COMPONENTS DTS SOLUTION SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 Protecting
More informationCybersecurity Challenges for Connected and Automated Vehicles. Robert W. Heller, Ph.D. Program Director R&D, Southwest Research Institute
Cybersecurity Challenges for Connected and Automated Vehicles Robert W. Heller, Ph.D. Program Director R&D, Southwest Research Institute Cars are becoming complex (and CAV is only part of it) 1965: No
More informationUsing Threat Analytics to Protect Privileged Access and Prevent Breaches
Using Threat Analytics to Protect Privileged Access and Prevent Breaches Under Attack Protecting privileged access and preventing breaches remains an urgent concern for companies of all sizes. Attackers
More informationPreventing Cyber Attacks on Aftermarket Connectivity Solutions Zach Blumenstein, BD Director Argus Cyber Security
Preventing Cyber Attacks on Aftermarket Connectivity Solutions Zach Blumenstein, BD Director Argus Cyber Security In less than a year, 100s of millions connected cars Aftermarket connectivity most prevalent
More informationSecurity Information & Event Management (SIEM)
Security Information & Event Management (SIEM) Datasheet SIEM in a nutshell The variety of cyber-attacks is extraordinarily large. Phishing, DDoS attacks in combination with ransomware demanding bitcoins
More informationData Sources for Cyber Security Research
Data Sources for Cyber Security Research Melissa Turcotte mturcotte@lanl.gov Advanced Research in Cyber Systems, Los Alamos National Laboratory 14 June 2018 Background Advanced Research in Cyber Systems,
More informationCountermeasures against Cyber-attacks
Countermeasures against Cyber-attacks Case of the Automotive Industry Agenda Automotive Basics ECU, domains, CAN Automotive Security Motivation, trends Hardware and Software Security EVITA, SHE, HSM Secure
More informationExperimental Security Analysis of a Modern Automobile
Experimental Security Analysis of a Modern Automobile Matthias Lange TU Berlin June 29th, 2010 Matthias Lange (TU Berlin) Experimental Security Analysis of a Modern Automobile June 29th, 2010 1 / 16 Paper
More informationARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin
ARC VIEW FEBRUARY 1, 2018 Critical Industries Need Continuous ICS Security Monitoring By Sid Snitkin Keywords Anomaly and Breach Detection, Continuous ICS Security Monitoring, Nozomi Networks Summary Most
More informationalign security instill confidence
align security instill confidence cyber security Securing data has become a top priority across all industries. High-profile data breaches and the proliferation of advanced persistent threats have changed
More informationIC32E - Pre-Instructional Survey
Name: Date: 1. What is the primary function of a firewall? a. Block all internet traffic b. Detect network intrusions c. Filter network traffic d. Authenticate users 2. A system that monitors traffic into
More informationPENETRATION TESTING OF AUTOMOTIVE DEVICES. Dr. Ákos Csilling Robert Bosch Kft., Budapest HUSTEF 15/11/2017
PENETRATION TESTING OF AUTOMOTIVE DEVICES Dr. Ákos Csilling Robert Bosch Kft., Budapest HUSTEF 15/11/2017 Imagine your dream car 2 Image: 2017 ESCRYPT. Exemplary attack demonstration only. This is NOT
More informationFuture and Emerging Threats in ICT
Future and Emerging Threats in ICT www.ict-forward.eu Edita Djambazova Institute for Parallel Processing Bulgarian Academy of Sciences 1 Description ICT-FORWARD is a Coordination Action that aims at promoting
More informationK12 Cybersecurity Roadmap
K12 Cybersecurity Roadmap Introduction Jason Brown, CISSP Chief Information Security Officer Merit Network, Inc jbrown@merit.edu @jasonbrown17 https://linkedin.com/in/jasonbrown17 2 Agenda 3 Why Use the
More informationTHE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION
BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive
More informationThe Oracle Trust Fabric Securing the Cloud Journey
The Oracle Trust Fabric Securing the Cloud Journey Eric Olden Senior Vice President and General Manager Cloud Security and Identity 05.07.2018 Safe Harbor Statement The following is intended to outline
More informationCISCO EXAM QUESTIONS & ANSWERS
CISCO 650-377 EXAM QUESTIONS & ANSWERS Number: 650-377 Passing Score: 800 Time Limit: 120 min File Version: 45.5 http://www.gratisexam.com/ CISCO 650-377 EXAM QUESTIONS & ANSWERS Exam Name: ABNAME Advanced
More informationSecuring the future of mobility
Kaspersky Transportation System Security AVL Software and Functions Securing the future of mobility www.kaspersky.com #truecybersecurity Securing the future of mobility Connected car benefits The need
More informationPULLING OUR SOCS UP VODAFONE GROUP AT RSAC Emma Smith. Andy Talbot. Group Technology Security Director Vodafone Group Plc
#RSAC SESSION ID: AIR-R04 PULLING OUR SOCS UP VODAFONE GROUP AT RSAC 2018 Emma Smith Group Technology Security Director Vodafone Group Plc Andy Talbot Global Head of Cyber Defence Vodafone Group Plc Pulling
More informationDistributed Anomaly Detection using Autoencoder Neural Networks in WSN for IoT
Distributed Anomaly Detection using Autoencoder Neural Networks in WSN for IoT Tony T. Luo, Institute for Infocomm Research, A*STAR, Singapore - https://tonylt.github.io Sai G. Nagarajan, Singapore University
More informationHeavy Vehicle Cyber Security Bulletin
Heavy Vehicle Cyber Security Update National Motor Freight Traffic Association, Inc. 1001 North Fairfax Street, Suite 600 Alexandria, VA 22314 (703) 838-1810 Heavy Vehicle Cyber Security Bulletin Bulletin
More informationSicherheitsaspekte für Flashing Over The Air in Fahrzeugen. Axel Freiwald 1/2017
Sicherheitsaspekte für Flashing Over The Air in Fahrzeugen Axel Freiwald 1/2017 All OEMs Will Implement Software OTA As Soon As Possible IHS Study Motivation: Save on recalls caused by software bugs Evolution
More informationAutomotive Cybersecurity: Why is it so Difficult? Steven W. Dellenback, Ph.D. Vice President R&D Intelligent Systems Division
Automotive Cybersecurity: Why is it so Difficult? Steven W. Dellenback, Ph.D. Vice President R&D Intelligent Systems Division Cybersecurity is not one Entry Point Four Major Aspects of Cybersecurity How
More informationPresenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.
Presenter Jakob Drescher Industry Cyber Security 1 Cyber Security? Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks. Malware or network traffic
More informationResilient Smart Grids
Resilient Smart Grids André Teixeira Kaveh Paridari, Henrik Sandberg KTH Royal Institute of Technology, Sweden SPARKS 2nd Stakeholder Workshop Cork, Ireland March 25th, 2015 Legacy Distribution Grids Main
More informationAnalytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS
Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS Overview Cyberattacks are increasingly getting more frequent, more sophisticated and more widespread than ever
More informationFuture Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group
Future Challenges and Changes in Industrial Cybersecurity Sid Snitkin VP Cybersecurity Services ARC Advisory Group Srsnitkin@ARCweb.com Agenda Industrial Cybersecurity Today Scope, Assumptions and Strategies
More informationNotes U695. (1) Vehicle power supply must meet the normal operating voltage, such as
STATEMENT (1) This manual is designed for the U695 product, any company or individual are not permit to replicate and backup it in any form if they don't have the authority license from UIFTECH CO., LTD
More informationNetDefend Firewall UTM Services
NetDefend Firewall UTM Services Unified Threat Management D-Link NetDefend UTM firewalls (DFL-260/860/1660/2560/2560G) integrate an Intrusion Prevention System (IPS), gateway AntiVirus (AV), and Web Content
More informationMASP Chapter on Safety and Security
MASP Chapter on Safety and Security Daniel Watzenig Graz, Austria https://artemis.eu MASP Chapter on Safety & Security Daniel Watzenig daniel.watzenig@v2c2.at Francois Tuot francois.tuot@gemalto.com Antonio
More informationTrusted Platform Modules Automotive applications and differentiation from HSM
Trusted Platform Modules Automotive applications and differentiation from HSM Cyber Security Symposium 2017, Stuttgart Martin Brunner, Infineon Technologies Axiom: Whatever is connected can (and will)
More informationGreen Lights Forever: Analyzing the Security of Traffic Infrastructure
Green Lights Forever: Analyzing the Security of Traffic Infrastructure RAJSHAKHAR PAUL Outline Introduction Anatomy of a Traffic Infrastructure Case Study Threat Model Types of Attack Recommendation Broader
More informationAn Experimental Analysis of the SAE J1939 Standard
Truck Hacking: An Experimental Analysis of the SAE J1939 Standard 10th USENIX Workshop On Offensive Technologies (WOOT 16) Liza Burakova, Bill Hass, Leif Millar & Andre Weimerskirch Are trucks more secure
More informationLTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security
LTI Security Intelligent & integrated Approach to Cyber & Digital Security Overview As businesses are expanding globally into new territories, propelled and steered by digital disruption and technological
More informationCyber Security and Vehicle Diagnostics. Mark Zachos DG Technologies
Cyber Security and Vehicle Diagnostics Mark Zachos DG Technologies SAE INTERNATIONAL SAE J3061 Cybersecurity Guidebook for Cyber-Physical Automotive Systems Published January 2016; drive to a risk-based,
More informationCYSE 411/AIT 681 Secure Software Engineering. Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun
CYSE 411/AIT 681 Secure Software Engineering Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun Reading This lecture [McGraw]: Ch. 7-9 2 Seven Touchpoints 1. Code review 2. Architectural
More information4. Risk-Based Security Testing. Reading. CYSE 411/AIT 681 Secure Software Engineering. Seven Touchpoints. Application of Touchpoints
Reading This lecture [McGraw]: Ch. 7-9 CYSE 411/AIT 681 Secure Software Engineering Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun 2 Seven Touchpoints Application of Touchpoints
More informationDetect Cyber Threats with Securonix Proxy Traffic Analyzer
Detect Cyber Threats with Securonix Proxy Traffic Analyzer Introduction Many organizations encounter an extremely high volume of proxy data on a daily basis. The volume of proxy data can range from 100
More informationDiscover threats quickly, remediate immediately, and mitigate the impact of malware and breaches
Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches Introduction No matter how hard you work to educate your employees about the constant and evolving threats
More informationInternet infrastructure
Internet infrastructure Prof. dr. ir. André Mariën (c) A. Mariën 04/03/2014 1 Topic Vulnerability and patch management (c) A. Mariën 04/03/2014 2 Requirements Security principle: Everything can and will
More informationEmerging Threat Intelligence using IDS/IPS. Chris Arman Kiloyan
Emerging Threat Intelligence using IDS/IPS Chris Arman Kiloyan Who Am I? Chris AUA Graduate (CS) Thesis : Cyber Deception Automation and Threat Intelligence Evaluation Using IDS Integration with Next-Gen
More informationMcAfee Network Security Platform Administration Course
McAfee Network Security Platform Administration Course Education Services administration course The McAfee Network Security Platform Administration course from McAfee Education Services is an essential
More informationWhite Paper. Why IDS Can t Adequately Protect Your IoT Devices
White Paper Why IDS Can t Adequately Protect Your IoT Devices Introduction As a key component in information technology security, Intrusion Detection Systems (IDS) monitor networks for suspicious activity
More informationISC2 EXAM - CISSP. Certified Information Systems Security Professional. Buy Full Product.
ISC2 EXAM - CISSP Certified Information Systems Security Professional Buy Full Product http://www.examskey.com/cissp.html Examskey ISC2 CISSP exam demo product is here for you to test the quality of the
More informationUNECE WP29/TFCS Regulation standards on threats analysis (cybersecurity) and OTA (software update)
UNECE WP29/TFCS Regulation standards on threats analysis (cybersecurity) and OTA (software update) Koji NAKAO, NICT, Japan (Expert of UNECE WP29/TFCS) General Flow of works in WP29/TFCS and OTA Data protection
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationCONTROLLER AREA NETWORK (CAN) DEEP PACKET INSPECTION. Görkem Batmaz, Systems Engineer Ildikó Pete, Systems Engineer 28 th March, 2018
CONTROLLER AREA NETWORK (CAN) DEEP PACKET INSPECTION Görkem Batmaz, Systems Engineer Ildikó Pete, Systems Engineer 28 th March, 2018 Car Hacking Immediately my accelerator stopped working. As I frantically
More informationThe Gartner Security Information and Event Management Magic Quadrant 2010: Dealing with Targeted Attacks
The Gartner Security Information and Event Management Magic Quadrant 2010: Dealing with Targeted Attacks Mark Nicolett Notes accompany this presentation. Please select Notes Page view. These materials
More informationSecure Ethernet Communication for Autonomous Driving. Jared Combs June 2016
Secure Ethernet Communication for Autonomous Driving Jared Combs June 2016 Agenda Motivation for Security The Multi-Level Security Architecture Proposal Level 1: Restrict access to the network Level 2:
More informationAn AI-Assisted Cyber Attack Detection Framework for Software Defined Mobile Networks
An AI-Assisted Cyber Attack Detection Framework for Software Defined Mobile Networks G. Catania 1, L. Ganga 1, S. Milardo 2, G. Morabito 3, A. Mursia 1 1 Land & Naval Defence Electronics Division - Leonardo
More informationCommunication Pattern Anomaly Detection in Process Control Systems
Communication Pattern Anomaly Detection in Process Control Systems Sponsored by the Department of Energy National SCADA Test Bed Program Managed by the National Energy Technology Laboratory The views herein
More informationRiccardo Mariani, Intel Fellow, IOTG SEG, Chief Functional Safety Technologist
Riccardo Mariani, Intel Fellow, IOTG SEG, Chief Functional Safety Technologist Internet of Things Group 2 Internet of Things Group 3 Autonomous systems: computing platform Intelligent eyes Vision. Intelligent
More informationDesigning and Building a Cybersecurity Program
Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity
More informationThe Top 6 WAF Essentials to Achieve Application Security Efficacy
The Top 6 WAF Essentials to Achieve Application Security Efficacy Introduction One of the biggest challenges IT and security leaders face today is reducing business risk while ensuring ease of use and
More informationDefense in Depth Security in the Enterprise
Defense in Depth Security in the Enterprise Mike Mulville SAIC Cyber Chief Technology Officer MulvilleM@saic.com Agenda The enterprise challenge - threat; vectors; and risk Traditional data protection
More informationScalable and Flexible Software Platforms for High-Performance ECUs. Christoph Dietachmayr Sr. Engineering Manager, Elektrobit November 8, 2018
Scalable and Flexible Software Platforms for High-Performance ECUs Christoph Dietachmayr Sr. Engineering Manager, November 8, Agenda A New E/E Architectures and High-Performance ECUs B Non-Functional Aspects:
More informationHOLY ANGEL UNIVERSITY COLLEGE OF INFORMATION AND COMMUNICATIONS TECHNOLOGY CYBER SECURITY COURSE SYLLABUS
HOLY ANGEL UNIVERSITY LLEGE OF INFORMATION AND MMUNICATIONS TECHNOLOGY CYBER SECURITY URSE SYLLABUS Course Code : 6CSEC Prerequisite : 6MPRO2L Course Credit : 3 Units (2 hours LEC,3 hours LAB) Year Level:
More informationHow to Create, Deploy, & Operate Secure IoT Applications
How to Create, Deploy, & Operate Secure IoT Applications TELIT WHITEPAPER INTRODUCTION As IoT deployments accelerate, an area of growing concern is security. The likelihood of billions of additional connections
More informationiobd2 MFi BT VAG Adapter User Manual
iobd2 MFi BT VAG Adapter User Manual VW, AUDI, SKODA, SEAT Preface Thank you for using this product. Please read instructions carefully before operating this unit. This manual guides the users how to operate
More informationIntelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales
Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales The Industrialization of Hacking Sophisticated Attacks, Complex Landscape Hacking Becomes an Industry Phishing,
More informationBeyond Firewalls: The Future Of Network Security
Beyond Firewalls: The Future Of Network Security XChange University: IT Security Jennifer Blatnik 20 August 2016 Security Trends Today Network security landscape has expanded CISOs Treading Water Pouring
More informationSTATEMENT. (2) PS701 is just offered for the professional and technical personnel of vehicle maintenance
STATEMENT (1) This manual is designed for the PS701 product, any company or individual are not permit to replicate and backup it in any form if they don't have the authority license from XTOOLTECH CO.,
More informationRSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1
RSA Advanced Security Operations Richard Nichols, Director EMEA 1 What is the problem we need to solve? 2 Attackers Are Outpacing Defenders..and the Gap is Widening Attacker Capabilities The defender-detection
More informationHoney, I Hacked the SCADA! :Industrial CONTROLLED Systems!
Honey, I Hacked the SCADA! :Industrial CONTROLLED Systems! Jon L. Korecki Executive Director Cyber Security and Information Assurance ViaSat Inc. - Carlsbad, CA jon.korecki@viasat.com Agenda History of
More informationWHY SIEMS WITH ADVANCED NETWORK- TRAFFIC ANALYTICS IS A POWERFUL COMBINATION. A Novetta Cyber Analytics Brief
WHY SIEMS WITH ADVANCED NETWORK- TRAFFIC ANALYTICS IS A POWERFUL COMBINATION A Novetta Cyber Analytics Brief Why SIEMs with advanced network-traffic analytics is a powerful combination. INTRODUCTION Novetta
More informationHow will cyber risk management affect tomorrow's business?
How will cyber risk management affect tomorrow's business? The "integrated" path towards continuous improvement of information security Cyber Risk as a Balance Sheet Risk exposing Board and C-Levels 2018
More informationBoston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018
Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security BRANDEIS UNIVERSITY PROFESSOR ERICH SCHUMANN MAY 2018 1 Chinese military strategist Sun Tzu: Benchmark If you know your
More informationBuilding a Resilient Security Posture for Effective Breach Prevention
SESSION ID: GPS-F03B Building a Resilient Security Posture for Effective Breach Prevention Avinash Prasad Head Managed Security Services, Tata Communications Agenda for discussion 1. Security Posture 2.
More informationJune 2 nd, 2016 Security Awareness
June 2 nd, 2016 Security Awareness Security is the degree of resistance to, or protection from, harm. if security breaks down, technology breaks down Protecting People, Property and Business Assets Goal
More informationCybersecurity Roadmap: Global Healthcare Security Architecture
SESSION ID: TECH-W02F Cybersecurity Roadmap: Global Healthcare Security Architecture Nick H. Yoo Chief Security Architect Disclosure No affiliation to any vendor products No vendor endorsements Products
More informationFP7 NEMESYS Project: Advances on Mobile Network Security
Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem FP7 NEMESYS Project: Advances on Mobile Network Security Elina Theodoropoulou R&D Projects Section Manager etheodorop@cosmote.gr
More informationWHAT CIOs NEED TO KNOW TO CAPITALIZE ON HYBRID CLOUD
WHAT CIOs NEED TO KNOW TO CAPITALIZE ON HYBRID CLOUD 2 A CONVERSATION WITH DAVID GOULDEN Hybrid clouds are rapidly coming of age as the platforms for managing the extended computing environments of innovative
More informationMission Aware Cybersecurity
Mission Aware Cybersecurity Cody Fleming (UVA) Scott Lucero (OSD) Peter Beling, Barry Horowitz (UVA), Calk Elks (VCU) October 2016 1 Systems Engineering Research Center (SERC) Overview DoD and the Intelligence
More informationADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY
ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY OUTLINE Advanced Threat Landscape (genv) Why is endpoint protection essential? Types of attacks and how to prevent them
More informationDoes someone else own your company s reputation? EY Global Information Security Survey 2018
Does someone else own your company s reputation? EY Global Information Security Survey 2018 Perspectives for technology, media and entertainment, and telco companies Risking cyber reputations Are TMT companies
More informationAutomotive Networks Are New Busses and Gateways the Answer or Just Another Challenge? ESWEEK Panel Oct. 3, 2007
Automotive Networks Are New Busses and Gateways the Answer or Just Another Challenge? ESWEEK Panel Oct. 3, 2007 Automotive Networks complex networks hundreds of functions 50+ ECUs (Electronic Control Unit)
More informationIntrusion Detection Systems Overview
Intrusion Detection Systems Overview Chris Figueroa East Carolina University figueroac13@ecu.edu Abstract Modern intrusion detection systems provide a first line of defense against attackers for organizations.
More informationExternal Supplier Control Obligations. Cyber Security
External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place
More informationAcalvio Deception and the NIST Cybersecurity Framework 1.1
Acalvio Deception and the NIST Cybersecurity Framework 1.1 June 2018 The Framework enables organizations regardless of size, degree of cybersecurity risk, or cybersecurity sophistication to apply the principles
More informationRSA INCIDENT RESPONSE SERVICES
RSA INCIDENT RESPONSE SERVICES Enabling early detection and rapid response EXECUTIVE SUMMARY Technical forensic analysis services RSA Incident Response services are for organizations that need rapid access
More informationCompTIA Exam CAS-002 CompTIA Advanced Security Practitioner (CASP) Version: 6.0 [ Total Questions: 532 ]
s@lm@n CompTIA Exam CAS-002 CompTIA Advanced Security Practitioner (CASP) Version: 6.0 [ Total Questions: 532 ] Topic break down Topic No. of Questions Topic 1: Volume A 117 Topic 2: Volume B 122 Topic
More informationTechnology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 04/12/2017
Technology Roadmap for Managed IT and Security Michael Kirby II, Scott Yoshimura 04/12/2017 Agenda Managed IT Roadmap Operational Risk and Compliance Cybersecurity Managed Security Services 2 Managed IT
More informationInternet of Things Toolkit for Small and Medium Businesses
Your Guide #IoTatWork to IoT Security #IoTatWork Internet of Things Toolkit for Small and Medium Businesses Table of Contents Introduction 1 The Internet of Things (IoT) 2 Presence of IoT in Business Sectors
More informationecuexplorer User Guide
Installation...2 Getting Started...3 User Interface...3 Menu Structure...3 Initial Configuration...4 Hotkeys...4 Navigation Tree...5 User-Defined Data Items...5 Known Trouble Codes...6 Saved Log Files...7
More informationAutomotive Security: Challenges and Solutions
Automotive Security: Challenges and Solutions 8 th Vector Congress 30 th November 2016 V2.01.00 2016-11-22 Agenda Introduction Services Embedded Security Mechanisms Tools Summary 2 Introduction Vehicle
More informationThink Oslo 2018 Where Technology Meets Humanity. Oslo. Felicity March Cyber Resilience - Europe
Think Oslo 2018 Where Technology Meets Humanity Oslo Felicity March Cyber Resilience - Europe Cyber Resilience Cyber Resilience is the ability of an organisation to maintain its core purpose and integrity
More informationWITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:
SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE Protecting your business assets and sensitive data requires regular vulnerability assessment,
More information10 th AUTOSAR Open Conference
10 th AUTOSAR Open Conference Dr. Moritz Neukirchner Elektrobit Automotive GmbH Building Performance ECUs with Adaptive AUTOSAR AUTOSAR Nov-2017 Major market trends and their impact Trends Impact on E/E
More informationPrescriptive Security Operations Centers. Leveraging big data capabilities to build next generation SOC
Prescriptive Security Operations Centers Leveraging big data capabilities to build next generation SOC Cyber Security Industry in constant renewal in 2016 and 2017 1 Tbps Mirai IoT Botnet broke the Internet
More informationOTA and Remote Diagnostics
OTA and Remote Diagnostics Vector ongress 26, Stuttgart, 26--29 V. 26--29 onnectivity offers greater Benefit to the automotive industry At a glance onnectivity offers greater benefit to the Automotive
More informationPT Unified Application Security Enforcement. ptsecurity.com
PT Unified Application Security Enforcement ptsecurity.com Positive Technologies: Ongoing research for the best solutions Penetration Testing ICS/SCADA Security Assessment Over 700 employees globally Over
More informationUser Guide. Subaru Turbo (North American Models)
User Guide Subaru Turbo (North American Models) Page 2 Table of Contents Product Introduction 4 Supported Vehicle List 4 In-Box Contents 5 What Is A Map? 7 AccessPORT Installation 8 Pre-Installation 8
More informationTechnology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 05/24/2017
Technology Roadmap for Managed IT and Security Michael Kirby II, Scott Yoshimura 05/24/2017 Agenda Managed IT Roadmap Operational Risk and Compliance Cybersecurity Managed Security Services 2 Managed IT
More informationGuide to Network Defense and Countermeasures Second Edition. Chapter 2 Security Policy Design: Risk Analysis
Guide to Network Defense and Countermeasures Second Edition Chapter 2 Security Policy Design: Risk Analysis Objectives Explain the fundamental concepts of risk analysis Describe different approaches to
More informationIS CAR HACKING OVER? AUTOSAR SECURE ONBOARD COMMUNICATION
SESSION ID: SBX3-W1 IS CAR HACKING OVER? AUTOSAR SECURE ONBOARD COMMUNICATION Jeffrey Quesnelle Director of Software Development Intrepid Control Systems @IntrepidControl Introduction Spent 15 years working
More informationThe New Normal. Unique Challenges When Monitoring Hybrid Cloud Environments
The New Normal Unique Challenges When Monitoring Hybrid Cloud Environments The Evolving Cybersecurity Landscape Every day, the cybersecurity landscape is expanding around us. Each new device connected
More information