ASIA-CCS

In this talk, we discuss the first two known pieces of malware that attempted to create power grid blackouts. While previous research had described the malware at a high level, in this talk, we take a deep dive into the payload targeting the operational ...

Recent years have been pivotal in the field of Industrial Control Systems (ICS) security, with a large number of high-profile attacks exposing the lack of a design-for-security initiative in ICS. The evolution of ICS abstracting the control logic to a ...

An Industrial Control System (ICS) plays a vital role in controlling and managing industrial processes. ICS predominantly operates without human supervision. This (mostly) autonomous role makes them an attractive target for adversaries. In recent years, ...

The growing popularity of Internet-of-Things devices makes them a desired target for malicious actors. Most attacks start with a reconnaissance phase where the attacker gathers information about the services running on the device, the open ports, and any ...

Adversarial machine learning (ML) has demonstrated vulnerabilities of neural network methods against well-crafted perturbations when added to perfectly acceptable samples. These vulnerabilities get exacerbated when neural network methods are deployed as ...

Reversible data hiding techniques have increasingly garnered attention from researchers in the field of information security due to their capacity to recover the original image non-destructively and their substantial embedding capacity. Over recent years,...

The Internet is rapidly transitioning from a network of personal computers, laptops and mobile phones to a network that will soon connect 32 billion smart devices (or "things"), many of which are extremely constrained in terms of computational resources ...

This paper investigates cyber-physical attacks on avionics data buses, specifically focusing on the ARINC 429 protocol. The objective is to demonstrate how message injection, modification, and deletion attacks can be executed, enabling an attacker to ...

Industrial robots are widely used in industrial production as mechanical devices. It is essential to guarantee that their control software operates safely and properly, as any functional or security-related defects may lead to serious incidents. However, ...

The detection of process anomalies is a critical step in defending a physical plant against cyber-attacks. We propose a framework named DRACE that includes a set of metrics to evaluate the effectiveness of anomaly detectors, referred to as Intrusion ...

Currently, Federated Learning is one of the most widely accepted distributed learning frameworks for privacy-sensitive applications. Despite the popularity gained, FL frameworks struggle to perform well in terms of accuracy and model convergence for ...

Industrial Control Systems (ICS) are integral to critical infrastructure, necessitating advanced cybersecurity training. Addressing the urgent need for specialized cybersecurity training, this paper details the UK's first Capture-The-Flag (CTF) event ...