Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 3 of 3
Full-Text Articles in Systems Architecture
Aligning The Transit Industry And Their Vendors In The Face Of Increasing Cyber Risk: Recommendations For Identifying And Addressing Cybersecurity Challenges, Scott Belcher, Terri Belcher, Kathryn Seckman, Brandon Thomas, Homayun Yaqub
Aligning The Transit Industry And Their Vendors In The Face Of Increasing Cyber Risk: Recommendations For Identifying And Addressing Cybersecurity Challenges, Scott Belcher, Terri Belcher, Kathryn Seckman, Brandon Thomas, Homayun Yaqub
Mineta Transportation Institute
Public transit agencies in the United States depend on external vendors to help deliver and maintain many essential services and to provide critical technologies, from ticket purchases to scheduling to email management. While the integration of new, advanced technologies into the public transit industry brings important advancements to U.S. critical transportation infrastructure, the application of digital technologies also brings with it a new assortment of digital risks. Transit agencies of all sizes are finding themselves subject to cyber incidents—most notably ransomware attacks—like those experienced by larger, more prominent companies and critical infrastructure providers. The findings in this report focus on …
Passing Time And Syncing Secrets: Demonstrating Covert Channel Vulnerabilities In Precision Time Protocol (Ptp), Aron J. Smith-Donovan
Passing Time And Syncing Secrets: Demonstrating Covert Channel Vulnerabilities In Precision Time Protocol (Ptp), Aron J. Smith-Donovan
Mathematics, Statistics, and Computer Science Honors Projects
Covert channels use steganographic approaches to transfer secret digital communications; when applied to network protocols, these strategies can facilitate undetectable data exfiltration and insertion attacks. Because covert channel techniques are protocol- and implementation-specific, individual case studies are necessary to assess for vulnerabilities under different conditions. While several investigations have been published evaluating covert channel potential in infrastructure- and manufacturing-based contexts, no existing research explores Precision Time Protocol (PTP), a time synchronization protocol commonly used in industrial control systems. This study aims to fill this gap by demonstrating the feasibility of a covert channel-based attack on a PTP-enabled network.
Ready Raider One: Exploring The Misuse Of Cloud Gaming Services, Guannan Liu, Daiping Liu, Shuai Hao, Xing Gao, Kun Sun, Haining Wang
Ready Raider One: Exploring The Misuse Of Cloud Gaming Services, Guannan Liu, Daiping Liu, Shuai Hao, Xing Gao, Kun Sun, Haining Wang
Computer Science Faculty Publications
Cloud gaming has become an emerging computing paradigm in recent years, allowing computer games to offload complex graphics and logic computation to the cloud. To deliver a smooth and high-quality gaming experience, cloud gaming services have invested abundant computing resources in the cloud, including adequate CPUs, top-tier GPUs, and high-bandwidth Internet connections. Unfortunately, the abundant computing resources offered by cloud gaming are vulnerable to misuse and exploitation for malicious purposes. In this paper, we present an in-depth study on security vulnerabilities in cloud gaming services. Specifically, we reveal that adversaries can purposely inject malicious programs/URLs into the cloud gaming services …