Information Disclosure Detection in Cyber-Physical Systems

Fabian Berner; Johannes Sametinger

doi:10.1007/978-3-030-27684-3_12

Information Disclosure Detection in Cyber-Physical Systems

Research output: Chapter in Book/Report/Conference proceeding › Conference proceedings › peer-review

Abstract

The detection of information disclosure attacks, i.e. the unauthorized disclosure of sensitive data, is a dynamic research field. The disclosure of sensitive data can be detected by various static and dynamic security analysis methods. In the context of Android, dynamic taint-tracking systems like Taintdroid have turned out to be especially promising. Here we present a simulation environment, which is based on existing dynamic taint-tracking systems. It extends these and changes the analysis concept behind the taint-tracking system it uses. While taint-tracking is mainly used for mobile devices running Android, we postulate the importance of detecting information disclosure in any cyber-physical system. In this paper, we explore the detection of information disclosure by simulating devices and monitoring the information flows inside and among the devices.

Original language	English
Title of host publication	IWCFS 2019 - 3rd International Workshop onCyber-Security and Functional Safety in Cyber-Physical Systems,Linz, Austria, August 26-29, 2019
Number of pages	10
Volume	1062
DOIs	https://doi.org/10.1007/978-3-030-27684-3_12
Publication status	Published - 2019

Fields of science

202005 Computer architecture
202017 Embedded systems
102 Computer Sciences
102002 Augmented reality
102006 Computer supported cooperative work (CSCW)
102015 Information systems
102020 Medical informatics
102022 Software development
201305 Traffic engineering
207409 Navigation systems
502032 Quality management
502050 Business informatics

JKU Focus areas

Digital Transformation

Access to Document

10.1007/978-3-030-27684-3_12

Cite this

@inproceedings{17e37a1c66284df6928c860c2a9753fe,

title = "Information Disclosure Detection in Cyber-Physical Systems",

abstract = "The detection of information disclosure attacks, i.e. the unauthorized disclosure of sensitive data, is a dynamic research field. The disclosure of sensitive data can be detected by various static and dynamic security analysis methods. In the context of Android, dynamic taint-tracking systems like Taintdroid have turned out to be especially promising. Here we present a simulation environment, which is based on existing dynamic taint-tracking systems. It extends these and changes the analysis concept behind the taint-tracking system it uses. While taint-tracking is mainly used for mobile devices running Android, we postulate the importance of detecting information disclosure in any cyber-physical system. In this paper, we explore the detection of information disclosure by simulating devices and monitoring the information flows inside and among the devices.",

author = "Fabian Berner and Johannes Sametinger",

year = "2019",

doi = "10.1007/978-3-030-27684-3_12",

language = "English",

volume = "1062",

booktitle = "IWCFS 2019 - 3rd International Workshop onCyber-Security and Functional Safety in Cyber-Physical Systems,Linz, Austria, August 26-29, 2019",

}

TY - GEN

T1 - Information Disclosure Detection in Cyber-Physical Systems

AU - Berner, Fabian

AU - Sametinger, Johannes

PY - 2019

Y1 - 2019

N2 - The detection of information disclosure attacks, i.e. the unauthorized disclosure of sensitive data, is a dynamic research field. The disclosure of sensitive data can be detected by various static and dynamic security analysis methods. In the context of Android, dynamic taint-tracking systems like Taintdroid have turned out to be especially promising. Here we present a simulation environment, which is based on existing dynamic taint-tracking systems. It extends these and changes the analysis concept behind the taint-tracking system it uses. While taint-tracking is mainly used for mobile devices running Android, we postulate the importance of detecting information disclosure in any cyber-physical system. In this paper, we explore the detection of information disclosure by simulating devices and monitoring the information flows inside and among the devices.

AB - The detection of information disclosure attacks, i.e. the unauthorized disclosure of sensitive data, is a dynamic research field. The disclosure of sensitive data can be detected by various static and dynamic security analysis methods. In the context of Android, dynamic taint-tracking systems like Taintdroid have turned out to be especially promising. Here we present a simulation environment, which is based on existing dynamic taint-tracking systems. It extends these and changes the analysis concept behind the taint-tracking system it uses. While taint-tracking is mainly used for mobile devices running Android, we postulate the importance of detecting information disclosure in any cyber-physical system. In this paper, we explore the detection of information disclosure by simulating devices and monitoring the information flows inside and among the devices.

UR - https://www.se.jku.at/information-disclosure-detection-in-cyber-physical-systems/

U2 - 10.1007/978-3-030-27684-3_12

DO - 10.1007/978-3-030-27684-3_12

M3 - Conference proceedings

VL - 1062

BT - IWCFS 2019 - 3rd International Workshop onCyber-Security and Functional Safety in Cyber-Physical Systems,Linz, Austria, August 26-29, 2019

ER -

Information Disclosure Detection in Cyber-Physical Systems

Abstract

Fields of science

JKU Focus areas

Access to Document

Other files and links

Medical Device Security

Software Security

Cite this

Information Disclosure Detection in Cyber-Physical Systems

Abstract

Fields of science

JKU Focus areas

Access to Document

Other files and links

Projects

Medical Device Security

Software Security

Cite this