• Publications
  • Influence
STPA-SafeSec: Safety and security analysis for cyber-physical systems
STPA-SafeSec is presented, a novel analysis methodology for both safety and security that shows the dependencies between cybersecurity vulnerabilities and system safety and the most effective mitigation strategies can be readily identified.
Obfuscation: The Hidden Malware
Obfuscation is one of the latest strategies to camouflage the telltale signs of malware, undermine antimalware software, and thwart malware analysis.
N-opcode analysis for android malware classification and categorization
An n-opcode analysis based approach that utilizes machine learning to classify and categorize Android malware and enables automated feature discovery that eliminates the need for applying expert or domain knowledge to define the needed features.
Multiattribute SCADA-Specific Intrusion Detection System for Power Networks
The increased interconnectivity and complexity of supervisory control and data acquisition (SCADA) systems in power system networks has exposed the systems to a multitude of potential
STRIDE-based threat modeling for cyber-physical systems
The paper identifies that STRIDE is a light-weight and effective threat modeling methodology for CPS that simplifies the task for security analysts to identify vulnerabilities and plan appropriate component level security measures at the system design stage.
Towards Understanding Man-in-the-middle Attacks on IEC 60870-5-104 SCADA Networks
This paper investigates cyber attacks on ICS which rely on IEC 60870-5-104 for telecontrol communications, covering modification and injection of commands, and details capture and replay attacks.
Rule-Based Intrusion Detection System for SCADA Networks
Increased interconnectivity of Supervisory Control and Data Acquisition (SCADA) systems in renewable power system networks can potentially mean greater susceptibility to malicious attackers. SCADA
Investigating cyber-physical attacks against IEC 61850 photovoltaic inverter installations
An investigation of attacks against the manufacturing message specification of IEC 61850, which is expected to become one of the most widely used communication services in Smart Grids, is addressed to help understand the potential for attacks, and to aid the development and testing of cyber security solutions.
N-gram Opcode Analysis for Android Malware Detection
An n-gram opcode features based approach that utilizes machine learning to identify and categorize Android malware and enables automated feature discovery without relying on prior expert or domain knowledge for pre-determined features is presented.
Threat Analysis of BlackEnergy Malware for Synchrophasor based Real-time Control and Monitoring in Smart Grid
This paper presents a basic cyber attack model used by BlackEnergy for targeting industrial control systems and analyzes cyber threats of Black energy for synchrophasor based systems which are used for real-time control and monitoring functionalities in smart grid.