eBook - ePub
Cyber-Physical Attacks
A Growing Invisible Threat
George Loukas
This is a test
Condividi libro
- 270 pagine
- English
- ePUB (disponibile sull'app)
- Disponibile su iOS e Android
eBook - ePub
Cyber-Physical Attacks
A Growing Invisible Threat
George Loukas
Dettagli del libro
Anteprima del libro
Indice dei contenuti
Citazioni
Informazioni sul libro
Cyber-Physical Attacks: A Growing Invisible Threat presents the growing list of harmful uses of computers and their ability to disable cameras, turn off a building's lights, make a car veer off the road, or a drone land in enemy hands. In essence, it details the ways cyber-physical attacks are replacing physical attacks in crime, warfare, and terrorism.
The book explores how attacks using computers affect the physical world in ways that were previously only possible through physical means. Perpetrators can now cause damage without the same risk, and without the political, social, or moral outrage that would follow a more overt physical attack.
Readers will learn about all aspects of this brave new world of cyber-physical attacks, along with tactics on how to defend against them. The book provides an accessible introduction to the variety of cyber-physical attacks that have already been employed or are likely to be employed in the near future.
- Demonstrates how to identify and protect against cyber-physical threats
- Written for undergraduate students and non-experts, especially physical security professionals without computer science background
- Suitable for training police and security professionals
- Provides a strong understanding of the different ways in which a cyber-attack can affect physical security in a broad range of sectors
- Includes online resources for those teaching security management
Domande frequenti
Come faccio ad annullare l'abbonamento?
È semplicissimo: basta accedere alla sezione Account nelle Impostazioni e cliccare su "Annulla abbonamento". Dopo la cancellazione, l'abbonamento rimarrà attivo per il periodo rimanente già pagato. Per maggiori informazioni, clicca qui
È possibile scaricare libri? Se sì, come?
Al momento è possibile scaricare tramite l'app tutti i nostri libri ePub mobile-friendly. Anche la maggior parte dei nostri PDF è scaricabile e stiamo lavorando per rendere disponibile quanto prima il download di tutti gli altri file. Per maggiori informazioni, clicca qui
Che differenza c'è tra i piani?
Entrambi i piani ti danno accesso illimitato alla libreria e a tutte le funzionalità di Perlego. Le uniche differenze sono il prezzo e il periodo di abbonamento: con il piano annuale risparmierai circa il 30% rispetto a 12 rate con quello mensile.
Cos'è Perlego?
Perlego è un servizio di abbonamento a testi accademici, che ti permette di accedere a un'intera libreria online a un prezzo inferiore rispetto a quello che pagheresti per acquistare un singolo libro al mese. Con oltre 1 milione di testi suddivisi in più di 1.000 categorie, troverai sicuramente ciò che fa per te! Per maggiori informazioni, clicca qui.
Perlego supporta la sintesi vocale?
Cerca l'icona Sintesi vocale nel prossimo libro che leggerai per verificare se è possibile riprodurre l'audio. Questo strumento permette di leggere il testo a voce alta, evidenziandolo man mano che la lettura procede. Puoi aumentare o diminuire la velocità della sintesi vocale, oppure sospendere la riproduzione. Per maggiori informazioni, clicca qui.
Cyber-Physical Attacks è disponibile online in formato PDF/ePub?
Sì, puoi accedere a Cyber-Physical Attacks di George Loukas in formato PDF e/o ePub, così come ad altri libri molto apprezzati nelle sezioni relative a Ciencia de la computación e Ciberseguridad. Scopri oltre 1 milione di libri disponibili nel nostro catalogo.
Informazioni
Argomento
Ciencia de la computaciónCategoria
Ciberseguridad1
A Cyber-Physical World
Chapter Summary
Conventional cyber attacks affect primarily the confidentiality, integrity, and availability of data and services in cyberspace. Cyber-physical attacks are the particular category of cyber attacks that, whether intentionally or not, also adversely affect physical space by targeting the computational and communication infrastructure that allows people and systems to monitor and control sensors and actuators. This chapter provides a brief introduction to the concepts and components that bridge cyberspace with physical space, and defines what is and what is not a cyber-physical attack in relation to its impact on sensing and actuation.
Key Terms
Actuator; sensor; wireless sensor network; controller; embedded system; cyber-physical system; Internet of Things; cyber-physical attack
In the past, it was safe to assume that the primary aim of a cyber attack would be to cause damage in cyberspace, and of a physical attack to cause damage in physical space. This is no longer the case.
Our increasing dependence on computerized and highly networked environments is generating considerable new threats where the two spaces overlap. For clarity, by physical space, we refer to the space governed by the laws of physics. Cyberspace cannot be defined as succinctly. For our purposes, it is a metaphor referring to the electronic transmission, manipulation, storage, and retrieval of information in computer systems and networks.
Modern automobiles, smart buildings, wireless implants, intelligent traffic lights, full-body scanners, and industrial control systems are realistic targets for an attacker who wants to cause damage in physical space. An autonomous vehicle that has been compromised electronically can be used to intercept communications, transmit false data, launch a cyber attack from a convenient location, or even drive or fly itself into a crowd. Because documentation and code for exploiting weaknesses of widely used industrial control systems are available online, a cyber attack against a gas pipeline or water management facility may require considerably less planning and resources than a physical attack with the same aim.
Note that an attack in cyberspace can affect one or more of the three basic information security attributes collectively known as the CIA triad: confidentiality, integrity, and availability. In broad terms, confidentiality ensures that information can be accessed only by those authorized to access it; integrity ensures that information or a system’s configuration can be modified only by those authorized to modify it; and availability ensures that those authorized to access particular information or a service can indeed access it when necessary. To these, it is common to add authenticity, accountability, nonrepudiation, and other increasingly overlapping attributes.1 For the sake of simplicity, throughout this book we will refer mainly to the CIA triad and occasionally to authenticity. We will also frequently use five information security terms: adversary, threat, vulnerability, attack, and countermeasure, for which the explanations (following the Internet Engineering Task Force’s Internet Security glossary2) can be seen in Box 1.1, Basic Information Security Terminology.
Basic Concepts and Definitions of a Cyber-Physical World
Few like definitions. They can be too specific and limiting, or so general and vague as to be of little use in practice. Different schools of thought lead to distinctly different definitions, which are almost always incomplete. More than anything, definitions show what the industrial or research team behind each one considers a challenge and where it has focused its attention. But that is precisely why they are useful for areas of science and technology that are new and rapidly changing, currently expanding their real-world applications and impact to society. To appreciate and understand how an attack in cyberspace can have an impact in physical space, it is useful to have a basic understanding of the devices and systems involved, including sensors, actuators, controllers, embedded systems, cyber-physical systems, and recent computing paradigms such as the Internet of Things. We will use some of the most popular definitions proposed to describe these, although it is possible that some of these terms will be out of fashion in the near future. Nevertheless, they all point toward a world where cyber and physical spaces meet and new security threats appear where the two overlap.
Transducers
Computers are designed to generate, manipulate, transmit, and receive information in the form of pulses of electrical energy. (For example, a 0 may be represented as a low-voltage pulse and a 1 as a high-voltage pulse.) To be able to cross the cyber-physical boundary from information to physical effect and vice versa, they need transducers, which are devices that can convert between different forms of energy.3 Within the scope of this book, we are interested in transducers that can be classified as sensors or actuators.
Sensors are devices “that transform real-world data into electrical form”4 for the purpose of measurement or observation of the physical environment. The quantity, property, or condition measured is called stimulus or measurand, and can be acoustic, biological, chemical, electric, magnetic, mechanical, optical, radiation, or thermal. They may involve a number of transducers converting energy from one form into another until one produces an electrical signal that can be interpreted by an information processing system, such as a computer.
Strictly speaking, a sensor does not need to be a man-made object. Natural sensors on living organisms can also be included. For example, at the back of the human eye’s retina there is a layer of photoreceptors (light-sensitive nerve cells), whose job is to convert light rays into an electrical signal.5 This signal is then transmitted through the optic nerve to the brain, where it is processed and converted into an image. From our point of view, natural sensors should not be outright excluded from a discussion on cyber-physical attacks, as it is possible for an information security breach to lead to a stimulus that can be intentionally damaging to a human being (see the section, Health, in Chapter 2).
Thanks to advances in low-cost electronics and a variety of energy-efficient communication technologies, it is possible to deploy large numbers of inexpensive sensors that can communicate and report their measurements through a wireless network. Wireless sensor networks were originally conceived for military applications, where the sensors would be airdropped on an otherwise inaccessible terrain and would remotely report information about the battlefield. Today, they are commonly used in disaster response, detecting pollutants in the environment, monitoring a smart home, and so on.6
Electric actuators are in a sense the reverse of sensors, as their job is to initiate a physical action when instructed to do so by an electrical signal.7 For example, in wheeled vehicles, a rotary encoder is a sensor that measures position or speed by converting the angular motion of a wheel into an electrical signal. On the other hand, the electric motor that moves the vehicle is an actuator because it converts electrical energy into torque (the rotary force) that rotates the wheel...