national interdisciplinary center for cyber security and cyber 2019-12-19آ  courses in cyber...

Download National Interdisciplinary Center for Cyber Security and Cyber 2019-12-19آ  courses in cyber security,

Post on 10-Mar-2020

0 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • National Interdisciplinary Center for Cyber Security

    and Cyber Defense of Critical Infrastructures

    Manindra Agarwal

    Sandeep K. Shukla

    Subhash Chandra Srivastava

    ANNUAL REPORT 2017 – 2018

    Submitted to the Science and Engineering Research Board (SERB)

    National Interdisciplinary Center for Cyber Security

    and Cyber Defense of Critical Infrastructures

  • C3i Center | Annual Report 2017 - 2018 2

    Contents History ........................................................................................................................................................... 4

    Objectives: .................................................................................................................................................... 6

    Deliverables after 5 years: ............................................................................................................................ 7

    VULNERABILITY AND PENETRATION TESTING RESULTS OF SCADA TESTBED ............................................... 8

    C3I-GUARDIAN: AN INDIGENOUS SECURITY INCIDENT AND EVENT MANAGEMENT (SIEM) SOLUTION

    DEVELOPED AT IIT KANPUR ..................................................................................................................... 9

    A single solution for Cyber Security and Cyber Defense of Critical Infrastructures. ............................ 9

    Milestones Achieved ..................................................................................................................................... 9

    INVENTORY INTELLIGENCE SYSTEMS ..................................................................................................... 10

    SCADA TEST BED PROGRESS ....................................................................................................................... 13

    MALWARE DETECTION, CLASSIFICATION.................................................................................................... 17

    Dataset: ............................................................................................................................................... 18

    Features collected by only 4 seconds of malware execution: ............................................................ 18

    Classification of Zero-day malwares: .................................................................................................. 20

    Training and Testing: ........................................................................................................................... 22

    Improvement over our Past Results ................................................................................................... 23

    AUTOMATIC MALWARE DETECTION USING MEMORY FORENSICS ............................................................ 23

    LINUX MALWARE DETECTION BY HYBRID ANALYSIS .................................................................................. 26

    DEVELOPMENT OF HONEYPOTS FOR THREAT INTELLIGENCE .................................................................... 28

    IOT HONEYPOTS DEPLOYED ........................................................................................................................ 30

    CRYPTANALYSIS AND CRYPTO ENGINEERING ............................................................................................. 33

    Cryptanalysis of 1-Round KECCAK ....................................................................................................... 33

    Resource Efficient Implementation Crypto-primitives in Hardware .................................................. 33

    VLSI ARCHITECTURES FOR CRYPTO PRIMITIVES ......................................................................................... 34

    PUBLICATIONS - CONFERENCES .................................................................................................................. 37

    TECHNICAL REPORTS ................................................................................................................................... 39

    HUMAN RESOURCE DEVELOPMENT ........................................................................................................... 40

    OUTREACH TO RAISE AWARENESS ABOUT CYBER SECURITY ..................................................................... 41

    SUMMER INTERNSHIP PROGRAM .............................................................................................................. 44

    Attacks in Android ............................................................................................................................... 44

    SEMINARS ................................................................................................................................................... 46

    Seminar's by Faculty: .............................................................................................................................. 46

  • C3i Center | Annual Report 2017 - 2018 3

    Seminars and Events @ CSE, IITK: ........................................................................................................... 47

    MEMORANDUM OF UNDERSTANDING ...................................................................................................... 48

    Academic MOUs ...................................................................................................................................... 48

    Industry MOUs ........................................................................................................................................ 49

    TCG MOU ................................................................................................................................................ 49

    Table of Figures:

    Figure 1: Our Malware Classification Architecture ....................................................................................... 5

    Figure 2: Honeypot with Dockers developed in our Lab ............................................................................... 5

    Figure 3: Front End of our SIEM Solution ...................................................................................................... 9

    Figure 4: Alert Generation Example ............................................................................................................ 10

    Figure 5: Threat/Attack Statistics Console of Guardian to Help Security Engineers to find our attacks on

    their system .............................................................................................................................................. 111

    Figure 6: Inventory Intelligence Console Displaying Key points of the Cyber Assets Vulnerabilities ....... 122

    Figure 7: Patch Information on Console ..................................................................................................... 12

    Figure 8: Schematic of the Industrial Scale Cyber Security Test Bed under Procurement ....................... 133

    Figure 9: Factory Automation Test Bed under Procurement ................................................................... 144

    Figure 10: Malware Classification Architecture ........................................................................................ 177

    Figure 11: Architecture of Classification System for Zero-Day Malware .................................................... 21

    Figure 12: Process of detecting malware by using memory forensic. ..................................................... 255

    Figure 13: The process to detect malware by hybrid analysis .................................................................. 278

    Figure 14: A sample of Analytics on the attacks found on IIT Kanpur Network by our Honeypots ........... 31

    Figure 15: Distinguishing Script Based Attacks and Manual Attacks based on inter-command Latency ... 34

    Figure 16: : Operation of the proposed systolic parallel versatile non-vector GF (2^4) LSB first multiplier

    .................................................................................................................................................................. 346

    Figure 17: : (a) The circuit with synchronous pipeline, (b) Asynchronous pipeline with glitches due to

    delay imbalance in the forward path, (c) Existing asynchronous pipeline without glitches (absence of

    delay imbalance in the forward path), (d) Proposed glitch f .................................................................... 378

    Figure 18: Block diagram of the AES/RS-BCH co-processor connected with 32-bit Microblaze using Xilinx

    Vivado.........................................................................................................................................................39

    file:///C:/Users/cse/Documents/DST_Report-fresh.docx%23_Toc516509249 file:///C:/Users/cse/Documents/DST_Report-fresh.docx%23_Toc516509251 file:///C:/Users/cse/Documents/DST_Report-fresh.docx%23_Toc516509251 file:///C:/Users/cse/Documents/DST_Report-fresh.docx%23_Toc516509252 file:///C:/Users/cse/Documents/DST_Report-fresh.docx%23_Toc516509255 file:///C:/Users/cse/Documents/DST_Report-fresh.docx%23_Toc516509256 file:///C:/Users/cse/Documents/DST_Report-fresh.docx%23_Toc516509259 file:///C:/Users/cse/Documents/DST_Report-fresh.docx%23_Toc516509260 file:///C:/Users/cse/Documents/DST_Report-fresh.docx%23_Toc516509261 file:///C:/Users/cse/Documents/DST_Report-fresh.docx%23_Toc516509262 file:///C:/Use

Recommended

View more >