Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: security – Page 94

Validation of Covert Cognizance Active Defenses

(2021). Nuclear Science and Engineering: Vol. 195 No. 9 pp. 977–989.

Earlier work has demonstrated the theoretical development of covert OT defenses and their application to representative control problems in a nuclear reactor. Given their ability to store information in the system nonobservable space using one-time-pad randomization techniques, the new C2 modeling paradigm6 has emerged allowing the system to build memory or self-awareness about its past and current state. The idea is to store information using randomized mathematical operators about one system subcomponent, e.g., the reactor core inlet and exit temperature, into the nonobservable space of another subcomponent, e.g., the water level in a steam generator, creating an incorruptible record of the system state. If the attackers attempt to falsify the sensor data in an attempt to send the system along an undesirable trajectory, they will have to learn all the inserted signatures across the various system subcomponents and the C2 embedding process.

We posit that this is extremely unlikely given the huge size of the nonobservable space for most complex systems, and the use of randomized techniques for signature insertion, rendering a level of security that matches the Vernam-Cipher gold standard. The Vernam Cipher, commonly known as a one-time pad, is a cipher that encrypts a message using a random key (pad) and can only be decrypted using this key. Its strength is derived from Shannon’s notion of perfect secrecy 8 and requires the key to be truly random and nonreusable (one time). To demonstrate this, this paper will validate the implementation of C2 using sophisticated AI tools such as long short-term memory (LSTM) neural networks 9 and the generative adversarial learning [generative adversarial networks (GANs)] framework, 10 both using a supervised learning setting, i.e., by assuming that the AI training phase can distinguish between original data and the data containing the embedded signatures. While this is an unlikely scenario, it is assumed to demonstrate the resilience of the C2 signatures to discovery by AI techniques.

The paper is organized as follows. Section II provides a brief summary of existing passive and active OT defenses against various types of data deception attacks, followed by an overview of the C2 modeling paradigm in Sec. III. Section IV formulates the problem statement of the C2 implementation in a generalized control system and identifies the key criteria of zero impact and zero observability. Section V implements a rendition of the C2 approach in a representative nuclear reactor model and highlights the goal of the paper, i.e., to validate the implementation using sophisticated AI tools. It also provides a rationale behind the chosen AI framework. Last, Sec. VI summarizes the validation results of the C2 implementation and discusses several extensions to the work.

What Role Can Artificial Intelligence Play in Fixing the Security Skills Shortage?

Demand for highly desirable digital skills is hitting new heights. A recent Learning and Work Institute report noted that one in four (27%) employers now need the majority of their workers to have in-depth specialist knowledge in one or more technology areas. And 60% of those surveyed expect their reliance on advanced digital skills to increase over the next five years.

The skills gap is particularly prevalent in the security tech sector. A global study from the Center for Cyber Safety and Education predicted a terrifying shortage of 1.8 million security workers by 2022. This is made worse by the number of young people taking IT-related GCSEs in the UK, falling by 40% since 2015 (according to Learning and Work Institute data).

This scarcity of qualified professionals has inflated salaries, making it hard for firms that cannot afford to offer large paychecks and grand benefit packages to secure top talent.

AI Weekly: EU facial recognition ban highlights need for U.S. legislation

This week, The European Parliament, the body responsible for adopting European Union (EU) legislation, passed a non-binding resolution calling for a ban on law enforcement use of facial recognition technology in public places. The resolution, which also proposes a moratorium on the deployment of predictive policing software, would restrict the use of remote biometric identification unless it’s to fight “serious” crime, such as kidnapping and terrorism.

The approach stands in contrast to that of U.S. agencies, which continue to embrace facial recognition even in light of studies showing the potential for ethnic, racial, and gender bias. A recent report from the U.S. Government Accountability Office found that 10 branches including the Departments of Agriculture, Commerce, Defense, and Homeland Security plan to expand their use of facial recognition between 2020 and 2023 as they implement as many as 17 different facial recognition systems.

Commercial face-analyzing systems have been critiqued by scholars and activists alike throughout the past decade, if not longer. The technology and techniques — everything from sepia-tinged film to low-contrast digital cameras — often favor lighter skin, encoding racial bias in algorithms. Indeed, independent benchmarks of vendors’ systems by the Gender Shades project and others have revealed that facial recognition technologies are susceptible to a range of prejudices exacerbated by misuse in the field. For example, a report from Georgetown Law’s Center on Privacy and Technology details how police feed facial recognition software flawed data, including composite sketches and pictures of celebrities who share physical features with suspects.

Quenching the world’s thirst with off-grid water desalination

Desalination is the answer to long-term water security, but it’s also expensive and energy-intensive. The good news is that scientists are developing some viable solutions.

The first plant in Europe was built in Spain nearly a half century ago. Since then, facilities have sprung up in water-stressed regions throughout Europe. Just a few years ago, the residents of the small Greek island of Ikaria finally got access to an abundant source of clean drinking water—all thanks to a new desalination plant.

The growing importance of desalinising water is undeniable. Once only an issue in Southern Europe, countries in the north like the Netherlands and Belgium are now also investing in desalination technology.

Chinese espionage group deploys new rootkit compatible with Windows 10 systems

At the SAS 2021 security conference today, analysts from security firm Kaspersky Lab have published details about a new Chinese cyber-espionage group that has been targeting high-profile entities across South East Asia since at least July 2020.

Named GhostEmperor, Kaspersky said the group uses highly sophisticated tools and is often focused on gaining and keeping long-term access to its victims through the use of a powerful rootkit that can even work on the latest versions of Windows 10 operating systems.

“We observed that the underlying actor managed to remain under the radar for months,” Kaspersky researchers explained today.

The U.S. Is Losing the Global Race to Decide the Future of Money —and It Could Doom the Almighty Dollar

What must the US do Eric Klien?

Read More: How China’s Digital Currency Could Challenge the Almighty Dollar

China has already largely moved away from coin and paper currency; Chinese consumers have racked up more than $41 trillion in mobile transactions, according to a recent research paper from the Brookings Institution, with the lion’s share (92%) going through digital payment processors WeChat Pay and Alipay.

“The reason you could say the U.S. is behind in the digital currency race is I don’t think the U.S. is aware there is a race,” Yaya Fanusie, an Adjunct Senior Fellow at the Center for a New American Security, and a former CIA analyst, tells TIME in an interview. “A lot of policymakers are looking at it and concerned…but even with that I just don’t think there’s this sense of urgency because the risk from China is not an immediate threat.”

AI-powered supply chain visibility platform Altana nabs $15M

Altana AI, a startup building a database for global supply chain networks, today announced that it raised $15 million in a series A funding round led by GV with participation from Floating Point, Ridgeline Partners, Amadeus Capital Partners, and Schematic Ventures. The proceeds, which bring the company’s total raised to $22 million to date, will be used to further develop Altana’s data and AI systems and launch new machine learning and network analysis tools, according to CEO Evan Smith.

Trade wars, the rise of ecommerce, pandemic supply chain shocks, and sustainability concerns are driving fundamental changes to supply chain networks and global trade flows. Nearly 75% of companies report supply chain disruptions in some capacity due to pandemic-related transportation restrictions. And in a recent IBM survey, 40% of executives stressed the need for spare capacity to weather future crises.

Altana’s product aims to solve these challenges with a platform that connects and learns from billions of supply chain data points. It answers questions about products, shipments, companies, and networks, filtering out illicit trade and targeting bad actors and security threats across global commerce networks.

We created holograms you can touch: You could soon shake a virtual colleague’s hand

The TV show “Star Trek: The Next Generation” introduced millions of people to the idea of a holodeck: an immersive, realistic 3D holographic projection of a complete environment that you could interact with and even touch.

In the 21st century, holograms are already being used in a variety of ways such as medical systems, education, art, security and defense. Scientists are still developing ways to use lasers, modern digital processors, and motion-sensing technologies to create several different types of holograms which could change the way we interact.

My colleagues and I working in the University of Glasgow’s bendable electronics and sensing technologies research group have now developed a system of holograms of people using “aerohaptics,” creating feelings of touch with jets of air. Those jets of air deliver a sensation of touch on people’s fingers, hands and wrists.

US Government’s New Chevy Suburbans Cost $3.6 Million Each

GM Defense, a subsidiary of General Motors, was recently awarded a contract to develop next-generation SUVs for the government’s fleet.

This specific contract was awarded by the US Department of State, and the vehicles will be built to support the Diplomatic Security Service. Diplomatic Security is a federal law enforcement agency charged with securing diplomatic assets and personnel. In 2,020 GM Defense also got the contract to build the army’s new infantry squad vehicle based on the Chevrolet Colorado ZR2. That particular contract was more extensive and, at the time of writing, valued at $213.4 million. The eventual goal was 2,065 vehicles.

/* */