Hotmodellering och attacksimulering

In order to reach climate and energy goals in viable cities digital solutions are needed, however increased digitization makes cities increasingly vulnerable to cyber attacks. The higher the degree of digitization, the more devastating the potential attacks.

In order to mitigate cyber threats, vulnerabilities first need to be identified. This is generally very difficult, because it requires (i) a detailed understanding of the system architecture, and (ii) significant security expertise. The task can be significantly facilitated by dedicated engineering tool support in the form of threat modeling and attack simulations. Threat modeling supports requirement no 1 by documenting the design of the system architecture. Attack simulation supports requirement no 2 by automating the identification of vulnerabilities.

The main goal is to develop a threat modeling and attack simulation approach specifically designed for smart facilities, a key concept in viable cities. Ethical hacking of smart components will also take place in order to improve the attack simulations.

Denna satsning är en fortsättning på Hotmodellering och attacksimulering av livskraftiga städer.

Information

Projektledare: Robert Lagerström, KTH Royal Institute of Technology
Partners: KTH, Foreseeti, JM, Stena, Coor
Total budget: 6 000 000 SEK
Sökt bidrag: 3 000 000 SEK
Startdatum: 2020-01-01
Slutdatum: 2022-12-31
Typ av satsning: innovation
Nyckelord: cyber security, threat modeling, attack simulation, risk management, vulnerabilities, smart facilities, internet of things

Mer om satsningen

Media

Blog post about phishing in the Infosecurity Magazine, “The Five Strategies Users Use to Determine Phishing: Which Work and Which Don’t?” 2021-04-26.

SVT, Hon fixade systemets kryphål: ”Ditt garage kan bli kriminellt” Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström, 2020-07-13

Article in Förvaltarforum “Ny modell för säkrare digitalisering”, 2020-03-31

Presentationer

Lecture about #290cybersecurity and Forskardrömmar for four classes during the Järva-week, 2021-06-02.
Popular science presentation for kids and youth at Vetenskapenshus on “cyber security, ethical hacking and simulations”, 2021-04-28.
World book day, video for teachers and kids. with me talking about cyber security and Forskardrömmar, 2021-04-23.
Swedish news media Dagens Industri reports on the increased cyber attack acitvity during the pandemic, with comments from Robert, 2020-12-15.
Moderated the annual Nordic SCADA security conference, Nov. 16-17 2020.
Presented our work on threat modeling and attack simulations in the Digital Futures Dive Deep Lunch Seminar series, 2020-11-12.
Presented Cyber security of smart electronics at the Stora Elektronikdagen med SUMMIT, 2020-09-10.
Webinar: Energy transformation and the way there including a discussion on “Is cyber security a threat to sustainable innovation?”, 2020-06-16.
Robert Lagerström presented cyber security challenges for Swedish real estate businesses at the HBV “Hållbara dagar” conference, 2020-03-09.
Robert Lagerström presented cyber security challenges for CIOs in the buildings and property managements sector, 2020-02-11.

Publikationer

Cyber security threat modeling based on the MITRE Enterprise ATT&CK Matrix, Xiong, Legrand, Åberg och Lagerström, in Journal of Software and systems Modeling, 2021.
A Method for Assigning Probability Distributions in Attack Simulation Languages, Xiong, Hacks & Lagerström, in Complex systems Informatics and Modeling Quarterly (CSIMQ), 2021.
Why Phishing Works on Smartphones: A Preliminary Study, Loxdal, Andersson, Hacks & Lagerström, in Proc. of the 54th Hawaii International Conference on System Sciences (HICSS), 2021.
Ethical Principles for conducting responsible offensive security training, Heiding & Lagerström, in Proc. of IFIP Advances in Information and Communication Technology, 2021.
powerLang: A Probabilistic Attack Simulation Language for the Power Domain, Hacks, Katsikeas, Ling, Lagerström & Ekstedt, in Energy Informatics 3 (30) 2020.
Automating threat modeling using an ontology framework: Validated with data from critical infrastructures, Välja, Heiding, Franke & Lagerström, in Cybersecurity 3 (19) 2020.
A Systematic Literature Review of Information Sources for Threat Modeling in the Power Systems Domain, Ling, Lagerström & Ekstedt, in Proc. of International Conference on Critical Information Infrastructures Security (CRITIS), 2020.
A probabilistic attack simulation language for the IT domain, Katsikeas, Hacks, Johnson, Ekstedt, Lagerström, Jacobsson, Wällstedt & Eliasson, in Proc. of the 7th International Workshop on Graphical Models for Security (GraMSec), 2020.
Threat modeling and attack simulations of smart cities: A literature review and explorative study,
R Lagerström, W Xiong, M Ekstedt, International Conference on Information Systems Security and Privacy (ICISSP), 2020.
Securing IoT devices using Geographic and Continuous Login Blocking: A honeypot study, F Heiding, MA Omer, A Wallström, R Lagerström, International Conference on Information Systems Security and Privacy (ICISSP), 2020.

Uppsatser

J. Olegård, “Security and Forensic Analysis of an Internet of Things Smart Home Ecosystem“, KTH, 2020
Khorsravi Joashaghani, Mohammadmahdi, Enhanced password recovery through user profiling: Improving password guessing accuracy by utilizing user metadata
Aasberg, Freddy, HypervisorLang: Attack Simulations of the OpenStack Nova Compute Node
Lindeberg, Axel, Hacking Into Someone’s Home using Radio Waves: Ethical Hacking of Securitas’ Alarm System
Wester, Philip, Anomaly-based intrusion detection using Tree Augmented Naive Bayes Classifier
Where’s my car: Hacking of a smart garage, Madeleine Berner
Achkoudir, Rami, Ethical Hacking of a Smart Plug
Sjövald, Sebastian, Firmware security analysis of an Industrial Control System
Dzidic, Elvira, Penetration Testinga Saia Unit: A Control System for Water, Ventilation, and Heating in Smart Buildings
Feng, Jesse, Denial-of-service attacks against the Parrot ANAFI drone
Fjellborg, Joakim, Identifiering och Utnyttjande av Sårbarheter hos en IP-Kamera
Florez Cardenas, Mateo, Ethical Hacking of a Smart Fridge: Evaluating the cybersecurity of an IoT device through gray box hacking
Grenfeldt, Mattias, Empirical Study of HTTP Request Smuggling in Open-Source Servers and Proxies
Gripenstedt, Daniel, A security analysis in a life science environment: a case study
Malkhasian, Rafi Aram Yadward, Ethical hacking of Danalock V3: A cyber security analysis of a consumer IoT device
Nordgren, Isak, Validating enterpriseLang: A Domain- Specific Language Derived from the Meta Attack Language Framework
Palm, Alexander, Ethical Hacking of Android Auto in the Context of Road Safety
Persman, Pontus, Security analysis of a smartlock
Rubbestad, Gustav, Hacking a Wi-Fi based drone
Salih, Raman, Adagio For The Internet Of Things: IoT penetration testing and security analysis of a smart plug
Öberg, Jesper, Can a robot’s confidentiality be trusted?
Security Analysis of Smart Buildings (PDF), Nelly Friman
Threat modeling of large-scale computer systems: Implementing and evaluating threat modeling at Company X, Love Wessman and Niklas Wessman
A Process for Threat Modeling of Large-Scale Computer Systems: A Case Study, Christian Weigelt and Douglas Fischer Horn af Rantzien
Legal and Security Issues of Data Processing when Implementing IoT Solutions in Apartments (PDF), Johan Edman and Wilhelm Ågren
Ethical Hacking of a Robot Vacuum Cleaner (PDF), Christoffer Torgilsman and Eric Bröndum
Ethical Hacking of an IoT-device: Threat Assessment and Penetration Testing A Survey on Security of a Smart Refrigerator, Fredrik Radholm and Niklas Abelfelt
IoT-lang: Hotmodellering av sakernas internet, Filip Wilén och Andreas Westman

Sårbarheter

CVE-2021-32715 – hyper Crate HTTP Proxy request smuggling
CVE-2021-32714 – Request smuggling or desync attacks in hyper
CVE-2020-29664 – local arbitrary code execution without any hardware modifications on the DJI Mavic 2 Remote Controller and Leadcore processor on the DJI Mavic 2 Zoom drone
Eleven vulnerabilities related to the ismartgate PRO 1.5.9 were discovered
CVE-2019-12941 – AutoPi Wi-Fi/NB and 4G/LTE devices allows an attacker to perform a brute-force attack or dictionary attack to gain access to the WiFi network, which provides root access to the device
CVE-2019-12944 – Glue Smart Lock 2.7.8 devices do not properly block guest access in certain situations where the network connection is unavailable
CVE-2019-12943 – Insecure permission, password reset function, in TTLock Open Platform.
CVE-2019-12942 – Insecure permission, account revocation mechanism, in TTLock Open Platform
CVE-2019-12821 – Vulnerability in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code
CVE-2019-12820 – Vulnerability in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, possible MiTM attack on http
CVE-2019-12797 – Vulnerability in a clone version of an ELM327 OBD2 Bluetooth device, hardcoded PIN leading to arbitrary commands to an OBD-II bus of a vehicle

Utforska

Kontakt och information

Håll dig uppdaterad

Viable Cities är ett strategiskt innovationsprogram med missionen Klimatneutrala städer 2030 med ett gott liv för alla inom planetens gränser. Programmet finansieras av Energimyndigheten, Vinnova och Formas och samordnas av KTH.

centrala områden

Klimatkontrakt 2030

Viable Cities Transition Lab

Systemdemonstrator

Förändringskommunikation

Utforska mer

Klimatneutrala städer 2030 3.0

Klimatneutrala städer 2030