Methods, media, and systems for detecting attack on a digital processing device

Stolfo, Salvatore J.; Li, Wei-Jen; Keromytis, Angelos D.; Androulaki, Elli

Title: Methods, media, and systems for detecting attack on a digital processing device

Full Record
Other Related Research

Abstract

Methods, media, and systems for detecting attack are provided. In some embodiments, the methods include: comparing at least part of a document to a static detection model; determining whether attacking code is included in the document based on the comparison of the document to the static detection model; executing at least part of the document; determining whether attacking code is included in the document based on the execution of the at least part of the document; and if attacking code is determined to be included in the document based on at least one of the comparison of the document to the static detection model and the execution of the at least part of the document, reporting the presence of an attack. In some embodiments, the methods include: selecting a data segment in at least one portion of an electronic document; determining whether the arbitrarily selected data segment can be altered without causing the electronic document to result in an error when processed by a corresponding program; in response to determining that the arbitrarily selected data segment can be altered, arbitrarily altering the data segment in the at least one portion of the electronic document to produce an altered electronic document;more » « less

Inventors:: Stolfo, Salvatore J.; Li, Wei-Jen; Keromytis, Angelos D.; Androulaki, Elli

Issue Date:: 2021-01-26

Research Org.:: Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Columbia Univ., New York, NY (United States)

Sponsoring Org.:: USDOE

OSTI Identifier:: 1805432

Patent Number(s):: 10902111

Application Number:: 16/215,976

Assignee:: The Trustees of Columbia University in the City of New York (New York, NY)

DOE Contract Number:: AC05-76RL01830

Resource Type:: Patent

Resource Relation:: Patent File Date: 12/11/2018

Country of Publication:: United States

Language:: English

Citation Formats


                    Stolfo, Salvatore J., Li, Wei-Jen, Keromytis, Angelos D., and Androulaki, Elli. Methods, media, and systems for detecting attack on a digital processing device.  United States: N. p., 2021. 
        Web.

Copy to clipboard


                    Stolfo, Salvatore J., Li, Wei-Jen, Keromytis, Angelos D., & Androulaki, Elli. Methods, media, and systems for detecting attack on a digital processing device.  United States.

Copy to clipboard


                    Stolfo, Salvatore J., Li, Wei-Jen, Keromytis, Angelos D., and Androulaki, Elli. Tue .  
        "Methods, media, and systems for detecting attack on a digital processing device".  United States.  https://www.osti.gov/servlets/purl/1805432.

Copy to clipboard


                    
@article{osti_1805432,

  title        = {Methods, media, and systems for detecting attack on a digital processing device},

  author       = {Stolfo, Salvatore J. and Li, Wei-Jen and Keromytis, Angelos D. and Androulaki, Elli},

  abstractNote = {Methods, media, and systems for detecting attack are provided. In some embodiments, the methods include: comparing at least part of a document to a static detection model; determining whether attacking code is included in the document based on the comparison of the document to the static detection model; executing at least part of the document; determining whether attacking code is included in the document based on the execution of the at least part of the document; and if attacking code is determined to be included in the document based on at least one of the comparison of the document to the static detection model and the execution of the at least part of the document, reporting the presence of an attack. In some embodiments, the methods include: selecting a data segment in at least one portion of an electronic document; determining whether the arbitrarily selected data segment can be altered without causing the electronic document to result in an error when processed by a corresponding program; in response to determining that the arbitrarily selected data segment can be altered, arbitrarily altering the data segment in the at least one portion of the electronic document to produce an altered electronic document; and determining whether the corresponding program produces an error state when the altered electronic document is processed by the corresponding program.},

  doi          = {},

  journal      = {},
number       = ,

  volume       = ,

  place        = {United States},

  year         = {2021},

  month        = {1}

}

Copy to clipboard

Patent:

Save / Share:

Export Metadata

Save to My Library

Similar Records in DOE Patents and OSTI.GOV collections:

Methods, media, and systems for detecting attack on a digital processing device

Patent Stolfo, Salvatore J.; Li, Wei-Jen; Keromytis, Angelos D.; ...

Methods, media, and systems for detecting attack are provided. In some embodiments, the methods include: comparing at least part of a document to a static detection model; determining whether attacking code is included in the document based on the comparison of the document to the static detection model; executing at least part of the document; determining whether attacking code is included in the document based on the execution of the at least part of the document; and if attacking code is determined to be included in the document based on at least one of the comparison of the document tomore » « less
Full Text Available
Methods, media, and systems for detecting attack on a digital processing device

Patent Stolfo, Salvatore J.; Li, Wei-Jen; Keromytis, Angelos D.; ...

Methods, media, and systems for detecting attack are provided. In some embodiments, the methods include: comparing at least part of a document to a static detection model; determining whether attacking code is included in the document based on the comparison of the document to the static detection model; executing at least part of the document; determining whether attacking code is included in the document based on the execution of the at least part of the document; and if attacking code is determined to be included in the document based on at least one of the comparison of the document tomore » « less
Full Text Available
Methods, media, and systems for detecting attack on a digital processing device

Patent Stolfo, Salvatore J.; Li, Wei-Jen; Keromylis, Angelos D.; ...

Methods, media, and systems for detecting attack are provided. In some embodiments, the methods include: comparing at least part of a document to a static detection model; determining whether attacking code is included in the document based on the comparison of the document to the static detection model; executing at least part of the document; determining whether attacking code is included in the document based on the execution of the at least part of the document; and if attacking code is determined to be included in the document based on at least one of the comparison of the document tomore » « less
Full Text Available
Systems and methods for detecting and mitigating cyber attacks on power systems comprising distributed energy resources

Patent Johnson, Jay Tillay

Extensive deployment of interoperable distributed energy resources (DER) on power systems is increasing the power system cybersecurity attack surface. National and jurisdictional interconnection standards require DER to include a range of autonomous and commanded grid-support functions which can drastically influence power quality, voltage, and the generation-load balance. Investigations of the impact to the power system in scenarios where communications and operations of DER are controlled by an adversary show that each grid-support function exposes the power system to distinct types and magnitudes of risk. The invention provides methods for minimizing the risks to distribution and transmission systems using an engineeredmore » « less
Full Text Available
Methods and systems for detection of man-in-the-middle attacks for SCADA communication networks and applications of same

Patent McCann, Roy A.; Albunashee, Hamdi Mansour

A system for detecting MITM for SCADA communication networks includes secure substation-substation communication links for providing secure and reliable paths to exchange OT data between substations for OT data consistency check; a SIB in each substation for sampling CT and PT measurements to calculate voltage magnitude and phase angle thereof; a S&C server in each substation coupled to the SIB for receiving the voltage magnitude and phase angle from the SIB and obtaining a packet carrying active power flow in transmission lines between two substations and a time stamp; an IDS server placed in a SCADA center for collecting themore » « less
Full Text Available

Similar Records