Jay Prakash

Chuadhry Mujeeb Ahmed, Jay Prakash, Jianying Zhou

In an Industrial Control System (ICS), its complex network of sensors, actuators and controllers have raised security concerns for critical infrastructures and industrial production units. This opinion paper strives to initiate discussion on the design algorithms which can segregate attacks from faults. Most of the proposed anomaly detection mechanisms are not able to differentiate between an attack and an anomaly due to a fault. We argue on the need of solving this important problem form our experiences in CPS security research. First, we motivate using analysis of studies and interviews though economical and psychological aspects. Then main challenges are highlighted. Further, we propose multiple directions of approach with suitable reasoning and examples from ICS systems.

Andrei Bytes, Jay Prakash, Jianying Zhou et al.

The number of active users of Wi-Fi Direct Device-to-Device file sharing applications on Android has exceeded 1.8 billion. Wi-Fi Direct, also known as Wi-Fi P2P, is commonly used for peer-to-peer, high-speed file transfer between mobile devices, as well as a close proximity connection mode for wireless cameras, network printers, TVs and other IoT and mobile devices. For its end users, such type of direct file transfer does not incur cellular data charges. However, despite the popularity of such applications, we observe that the software vendors tend to prioritize the ease of user flow over the security in their implementations, which leads to serious security flaws. We perform a comprehensive security analysis in the context of security and usability and report our findings in the form of 17 Common Vulnerabilities and Exposures (CVE) which have been disclosed to the corresponding vendors. To address the similar flaws at the early stage of the application design, we propose a joint consideration of security and usability for such applications and their protocols that can be visualized in form of a customised User Journey Map (UJM).