{"id":436,"date":"2018-04-27T21:39:03","date_gmt":"2018-04-28T02:39:03","guid":{"rendered":"http:\/\/www.ece.iastate.edu\/kcsl\/?p=436"},"modified":"2018-07-27T22:20:08","modified_gmt":"2018-07-28T03:20:08","slug":"springer-verlag-catastrophiccyber-physical-malware","status":"publish","type":"post","link":"https:\/\/www.ece.iastate.edu\/kcsl\/springer-verlag-catastrophiccyber-physical-malware\/","title":{"rendered":"Springer Verlag Publishers &#8211; Catastrophic Cyber-Physical Malware"},"content":{"rendered":"<p><strong>Abstract:<\/strong><\/p>\n<p>With the advent of highly sophisticated cyber-physical malware (CPM) such as Industroyer, a cyberattack could be as destructive as the terrorist attack on 9\/11, it would virtually paralyze the nation. We discuss as the major risks the vulnerability of: telecommunication infrastructure, industrial control systems (ICS), and mission-critical software.<\/p>\n<p>In differentiating CPM from traditional malware, the difference really comes from the open-ended possibilities for malware triggers resulting from the wide spectrum of sensor inputs, and the almost limitless application-specific possibilities for designing malicious payloads.<\/p>\n<p>Fundamentally, the challenges of detecting sophisticated CPM stem from the complexities inherent in the software at the heart of cyber-physical systems. We discuss three fundamental challenges: explosion of execution behaviors, computational intractability of checking feasible behaviors, and difficult-to-analyze programing constructs.<\/p>\n<p>In detecting novel CPM, the tasks are: developing plausible hypotheses for malware trigger and mali- cious payload, analyzing software to gather evidence based on CPM hypotheses, and verifying software to prove or refute a hypothesis based on the gathered evidence. We discuss research directions for effective automation to support these tasks.<\/p>\n<p><strong>Publisher: <\/strong><em>Springer Verlag Publishers, April 2018.<\/em><\/p>\n<p><strong>Authors:\u00a0<\/strong>Suresh Kothari, Ganesh Santhanam, Benjamin Holland, Payas Awadhutkar, Jon Mathews, Ahmed Tamrawi<\/p>\n<p><strong>Paper (PDF):\u00a0<\/strong><a href=\"https:\/\/www.ece.iastate.edu\/kcsl\/files\/2018\/04\/CatastrophicCyber-PhysicalMalware.pdf\">CatastrophicCyber-PhysicalMalware.pdf<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Abstract: With the advent of highly sophisticated cyber-physical malware (CPM) such as Industroyer, a cyberattack could be as destructive as the terrorist attack on 9\/11, it would virtually paralyze the nation. We discuss as the major risks the vulnerability of: telecommunication infrastructure, industrial control systems (ICS), and mission-critical software. In differentiating CPM from traditional malware, [&hellip;]<\/p>\n","protected":false},"author":410,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[24],"tags":[22,10,15,17,16,11],"class_list":["post-436","post","type-post","status-publish","format-standard","hentry","category-book-chapters","tag-ahmed-tamrawi","tag-benjamin-holland","tag-ganesh-ram-santhanam","tag-jon-mathews","tag-payas-awadhutkar","tag-suresh-kothari"],"_links":{"self":[{"href":"https:\/\/www.ece.iastate.edu\/kcsl\/wp-json\/wp\/v2\/posts\/436","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ece.iastate.edu\/kcsl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ece.iastate.edu\/kcsl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ece.iastate.edu\/kcsl\/wp-json\/wp\/v2\/users\/410"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ece.iastate.edu\/kcsl\/wp-json\/wp\/v2\/comments?post=436"}],"version-history":[{"count":4,"href":"https:\/\/www.ece.iastate.edu\/kcsl\/wp-json\/wp\/v2\/posts\/436\/revisions"}],"predecessor-version":[{"id":455,"href":"https:\/\/www.ece.iastate.edu\/kcsl\/wp-json\/wp\/v2\/posts\/436\/revisions\/455"}],"wp:attachment":[{"href":"https:\/\/www.ece.iastate.edu\/kcsl\/wp-json\/wp\/v2\/media?parent=436"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ece.iastate.edu\/kcsl\/wp-json\/wp\/v2\/categories?post=436"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ece.iastate.edu\/kcsl\/wp-json\/wp\/v2\/tags?post=436"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}