Browsing by Autor "Sandra Rueda"

Now showing 1 - 4 of 4

Developing a Secure Cyberphysical System for Altitude Chambers
(Hindawi Publishing Corporation, 2026) Jennifer Aguirre; Sergio Cruz; Carlos Lozano-Garzon; Sandra Rueda
Altitude chambers are used to train crews of the military and civil aviation by creating a high‐altitude environment in which the vital signs of the people in the chamber are monitored to assess their health and identify symptoms that indicate there may be a physical condition that needs to be managed. Human observers monitor the process and react when required to avoid health damage to the people in the altitude chamber. However, considering that human observers may miss some effects and are slower to react than an automated device, this work proposes designing and implementing a cyberphysical system to automate the monitoring process while protecting the collected data. The system includes an Internet of Things (IoT)‐based glove with a sensor that measures pulse rate and oxygen saturation and sends data, via MQTT, to a gateway that activates an alert if a crew member inside the chamber experiences hypoxia symptoms. The system also includes servers to store and process the collected data. Since the system collects sensitive health‐related data, its design must follow architectural principles for building secure IoT‐based healthcare applications. Most papers on IoT‐based healthcare application security only identify design principles without applying them to specific implementations, or work with isolated components of a larger end‐to‐end system. This work, in contrast, addresses the design and implementation of a system that considers the complete end‐to‐end architecture of an IoT‐based healthcare application. Furthermore, considering computational and storage limitations of IoT devices, our prototype runs ASCON, a lightweight encryption algorithm, to provide encryption and hashing functions that secure data exchange between IoT devices and processing servers. Our design meets the functional and security requirements and can be used as a use case to enhance developers’ understanding of the design and implementation principles to build secure IoT‐based healthcare applications.
FlowFence: Um Sistema de Defesa contra Ataques de Negação de Serviço para Redes Definidas por Software
(2015) Andrés Felipe Murillo Piedrahita; Sandra Rueda; Diogo M. F. Mattos; Otto Carlos M. B. Duarte
Este artigo propõe o FlowFence, um sistema eficiente e de reação rápida para a detecção e a mitigação de ataques de negação de serviço em Redes Definidas por Software. A mitigação da inanição dos usuários legítimos da rede ocorre através da alocação de uma banda média para os fluxos, enquanto os fluxos superiores à média são penalizados com o acesso a uma banda menor. A penalização de diminuição de banda é exponencial à diferença entre o valor médio e o valor atual de uso de banda do fluxo. Um protótipo do sistema foi implementado e avaliado no Future Internet Testbed with Security (FITS).
Leveraging Software-Defined Networking for Incident Response in Industrial Control Systems
(IEEE Computer Society, 2017) Andrés Felipe Murillo Piedrahita; Vikram Gaur; Jairo Giraldo; Álvaro A. Cárdenas; Sandra Rueda
In the past decade, the security of industrial control systems has emerged as a research priority in order to safeguard our critical infrastructures. A large number of research efforts have focused on intrusion detection in industrial networks; however, few of them discuss what to do after an intrusion has been detected. Because the safety of most of these control systems is time sensitive, we need new research on automatic incident response. This article shows how software-defined networks and network function virtualization can facilitate automatic incident response to a variety of attacks against industrial networks. It also presents a prototype of an incident-response solution that detects and responds automatically to sensor attacks and controller attacks. This work shows the promise that cloud-enabled software-defined networks and virtual infrastructures hold as a way to provide novel defense-in-depth solutions for industrial systems. This article is part of a special issue on Software Safety and Security Risk Mitigation in Cyber-physical Systems.
Transforming commodity security policies to enforce Clark-Wilson integrity
(2012) Divya Muthukumaran; Sandra Rueda; Nirupama Talele; Hayawardh Vijayakumar; Jason Teutsch; Trent Jaeger
Modern distributed systems are composed from several off-the-shelf components, including operating systems, virtualization infrastructure, and application packages, upon which some custom application software (e.g., web application) is often deployed. While several commodity systems now include mandatory access control (MAC) enforcement to protect the individual components, the complexity of such MAC policies and the myriad of possible interactions among individual hosts in distributed systems makes it difficult to identify the attack paths available to adversaries. As a result, security practitioners react to vulnerabilities as adversaries uncover them, rather than proactively protecting the system's data integrity. In this paper, we develop a mostly-automated method to transform a set of commodity MAC policies into a system-wide policy that proactively protects system integrity, approximating the Clark-Wilson integrity model. The method uses the insights from the Clark-Wilson model, which requires integrity verification of security-critical data and mediation at program entrypoints, to extend existing MAC policies with the proactive mediation necessary to protect system integrity. We demonstrate the practicality of producing Clark-Wilson policies for distributed systems on a web application running on virtualized Ubuntu SELinux hosts, where our method finds: (1) that only 27 additional entrypoint mediators are sufficient to mediate the threats of remote adversaries over the entire distributed system and (2) and only 20 additional local threats require mediation to approximate Clark-Wilson integrity comprehensively. As a result, available security policies can be used as a foundation for proactive integrity protection from both local and remote threats.