Vulnerability (computing)

Summary

Vulnerabilities are flaws in a computer system that weaken the overall security of the device/system. Vulnerabilities can be weaknesses in either the hardware itself, or the software that runs on the hardware. Vulnerabilities can be exploited by a threat actor, such as an attacker, to cross privilege boundaries (i.e. perform unauthorized actions) within a computer system. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness. In this frame, vulnerabilities are also known as the attack surface. Vulnerability management is a cyclical practice that varies in theory but contains common processes which include: discover all assets, prioritize assets, assess or perform a complete vulnerability scan, report on results, remediate vulnerabilities, verify remediation - repeat. This practice generally refers to software vulnerabilities in computing systems. Agile vulnerability management refers to preventing attacks by i

Official source

https://en.wikipedia.org/wiki/Vulnerability_(computing)

About this result

This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Related publications (43)

Related publications

Related people (6)

Related people

Related units (6)

Related units

Related concepts (61)

Related concepts

Related courses (9)

Related courses

Related lectures (18)

Related lectures

Related publications (43)

Local Vulnerabilities and Global Robustness of Coupled Dynamical Systems on Complex Networks

Melvyn Sandy Tyloo

Coupled dynamical systems are omnipresent in everyday life. In general, interactions between individual elements composing the system are captured by complex networks. The latter greatly impact the way coupled systems are functioning and evolving in time. An important task in such a context, is to identify the most fragile components of a system in a fast and efficient manner. It is also highly desirable to have bounds on the amplitude and duration of perturbations that could potentially drive the system through a transition from one equi- librium to another. A paradigmatic model of coupled dynamical system is that of oscillatory networks. In these systems, a phenomenon known as synchronization where the individual elements start to behave coherently may occur if couplings are strong enough. We propose frameworks to assess vulnerabilities of such synchronous states to external perturbations. We consider transient excursions for both small-signal response and larger perturbations that can potentially drive the system out of its initial basin of attraction. In the first part of this thesis, we investigate the robustness of complex network-coupled oscillators. We consider transient excursions following external perturbations. For ensemble averaged perturbations, quite remarkably we find that robustness of a network is given by a family of network descriptors that we called generalized Kirchhoff indices and which are defined from extensions of the resistance distance to arbitrary powers of the Laplacian matrix of the system. These indices allow an efficient and accurate assessment of the overall vulnera- bility of an oscillatory network and can be used to compare robustness of different networks. Moreover, a network can be made more robust by minimizing its Kirchhoff indices. Then for specific local perturbations, we show that local vulnerabilities are captured by generalized resistance centralities also defined from extensions of the resistance distance. Most fragile nodes are therefore identified as the least central according to resistance centralities. Based on the latter, rankings of the nodes from most to least vulnerable can be established. In summary, we find that both local vulnerabilities and global robustness are accurately evaluated with resistance centralities and Kirchhoff indices. Moreover, the framework that we define is rather general and may be useful to analyze other coupled dynamical systems. In the second part, we focus on the effect of larger perturbations that eventually lead the sys- tem to an escape from its initial basin of attraction. We consider coupled oscillators subjected to noise with various amplitudes and correlation in time. To predict desynchronization and transitions between synchronous states, we propose a simple heuristic criterion based on the distance between the initial stable fixed point and the closest saddle point. Surprisingly, we find numerically that our criterion leads to rather accurate estimates for the survival probability and first escape time. Our criterion is general and may be applied to other dynamical systems.

EPFL2020

Deep Neural Networks (DNNs) have achieved great success in a wide range of applications, such as image recognition, object detection, and semantic segmentation. Even thoughthe discriminative power of DNNs is nowadays unquestionable, serious concerns have arised ever since DNNs have shown to be vulnerable to adversarial examples craftedby adding imperceptible perturbations to clean images. The implications of these malicious attacks are even more significant for DNNs deployed in real-world systems, e.g.,autonomous driving and biometric authentication. Consequently, an intriguing question that we aim to understand is the underlying behavior of DNNs to adversarial attacks.This thesis contributes to a better understanding of the mechanism of adversarial attacks on DNNs. Our main contributions are broadly in two directions: (1) we proposeinterpretable architectures first to understand the reasons for the success of adversarial attacks and then to improve the robustness of DNNs; (2) we design intuitive adversarialattacks to both mislead and use as a tool to expand our present understanding of DNNs' internal workings and their limitations. In the first direction, we introduce deep architectures that allow humans to interpret the reasoning process of DNNs prediction. Specifically, we incorporate Bag-of-visual-wordsrepresentations from the pre-deep learning era into DNNs using an attention scheme. We find key reasons for adversarial attack success and use these insights to propose anadversarial defense by maximally separating the latent features of discriminative regions while minimizing the contribution of non-discriminative regions in the final prediction.The second direction deals with the design of adversarial attacks to understand DNNs' limitations in a real-world environment. To begin with, we show that existing state-of-the-art semantic segmentation networks that achieve superior performance by exploiting the context are highly susceptible to indirect local attacks. Furthermore, we demonstrate the existence of universal directional perturbations that are quasi-independent of the input template but still successfully fool unknown siamese-based visual object trackers. We then identify that the mid-level filter banks across different backbones bear strong similarities and thus can be potential common ground for attack. We, therefore, learn a generator that disrupts mid-level features with high transferability across different target architectures, datasets, and tasks. In short, our attacks highlight critical vulnerabilities of DNNs, which make their deployment challenging in the real-world environment, even in the extreme case when the attacker is unaware of the target architecture or the targetdata used to train it.Furthermore, we go beyond fooling networks and demonstrate the usefulness of adversarial attacks for studying the internal disentangled representations in self-supervised 3D pose estimation networks. We observe that adversarial manipulation of appearance information in the input image alters the pose output, indicating that the pose code contains appearance information and disentanglement is far from complete. Besides the above contributions, an underlying theme that arises multiple times in this thesis is counteracting the adversarial attacks by detecting them.

EPFL2022

Time-Synchronization Attacks against Critical Infrastructures and their Mitigation

Marguerite Marie Nathalie Delcourt

This work focuses on the security of critical infrastructures against time-synchronization attacks (TSA). A TSA can impact any network that relies on the dynamic analysis of data, by altering the time synchronization between its nodes. Such attacked networks can start failing. Some TSAs are thwarted by cyber-security tools such as authentication and confidentiality algorithms. However, such tools cannot counter TSAs that are implemented physically. Such TSAs are undetectable but they may be detected if they lead to non-plausible observations. The identification of TSAs requires in-depth knowledge of the system's operation.We focus on TSAs in two settings. First, we consider smart grids. Their control and operation require the timely knowledge of the system state, which is inferred from an estimate computed from measurements. We consider phasor measurements taken from phasor measurement units (PMUs). However, they require a precise time synchronization, which is a weakness as existing synchronization methods are vulnerable to attacks. We aim to assess the vulnerability of the synchrophasor-based state estimation of a system, by exploring the feasibility and detectability of TSAs on PMUs. A widespread technique to make the state estimation more robust is to couple it with a bad-data detection (BDD) scheme. However, it is known that false data injection attacks and TSAs can impact the state estimation without being detected by the BDD algorithms. We present practical attack strategies for undetectable TSAs and novel vulnerability conditions. One of them is a static condition that does not depend on the measurement values. We propose a security requirement that prevents it and a greedy offline algorithm that enforces it. If this requirement is satisfied, the grid may still be attacked, although we reason that it is unlikely. We identify two sufficient and necessary vulnerability conditions which depend on the measurement values. For each, we provide a metric that shows the distance between the observed and vulnerability conditions. Enforcing our requirement requires increasing the amount of measurement points of the grid. We investigate the benefits of utilizing the three-phase model instead of the direct-sequence model for security. We show that if the power system is unbalanced, then the use of the three-phase model enables to detect attacks that are undetectable if the direct-sequence model is used. Numerical results from simulations with real load profiles from the Lausanne grid, confirm our findings. Second, we consider sensor networks for passive-source localization. We focus on the localization of a passive source from time difference of arrival (TDOA) measurements. Such measurements are highly sensitive to time-synchronization offsets. We first illustrate that TSAs can affect the localization and we show that residual analysis does not enable the detection and identification of TSAs. Second, we propose a two-step TDOA-localization technique that is robust against TSAs. It uses a known source to define a weight for each pair of sensors, reflecting the confidence in their synchronization. We then use the weighted least-squares estimator with the new weights and the TDOA measurements received from the unknown source. Our method either identifies the network as being too corrupt, or gives a corrected estimate of the unknown position along with a confidence metric. Numerical results illustrate the performance of our technique.

EPFL2021