Search

Your search keyword '"Faruk Kazi"' showing total 19 results
Start Over Author "Faruk Kazi" Publication Type Academic Journals
19 results on '"Faruk Kazi"'

1. Security analysis of cyber physical system using digital forensic incident response

Author

Pranita Binnar, Sunil Bhirud, and Faruk Kazi

Subjects
Digital forensics incident response (DFIR), Industrial IoT (IIoT), Security, Internet of Things (IoT), SCADA, Cyber physical systems (CPS), Electronic computers. Computer science, QA75.5-76.95
Abstract

There is a great demand for an efficient security tool which can secure IIoT systems from potential adversarial attacks. However, it is challenging to design a suitable security model for IIoT considering the closed, dynamic and distributed architecture. This motivates the researchers to focus more on investigating the role of forensic tools such as DFIR in the designing of security models. A brief analysis of the security issues, challenges and attacks on IIoT systems is presented in this paper with an emphasis of DFIR for the security of ICS, CPS, and SCADA. The security recommendations for IIoT, forensic challenges in SCADA, ICS and CPS are discussed. The study suggests that forensic tools can overcome the drawbacks of conventional security solutions in terms of maintaining the privacy of data while sharing information with other systems. The study discusses different models, overview, comparisons, and summarization of DFIR and intrusion detection systems (IDS)-based techniques for IIoT security. In addition, this review analyzes the challenges and research gaps based on the existing literary works.

Published
2024
Full Text
View/download PDF

2. Exploiting Control Device Vulnerabilities: Attacking Cyber-Physical Water System

Author

Parul Sindhwad and Faruk Kazi

Subjects
cyber security, cyber attack, stride, buffer over flow, dos, mitm, Telecommunication, TK5101-6720
Abstract

Industrial Control Systems (ICS) are transitioning from isolated, custom built systems to those employing general purpose computer hosts, wireless networks, and artificial intelligence. An increasing number of vulnerabilities in ICS devices is a major cause for concern since it provides potential adversaries with a simple approach to exploit and attack unpatched ICS systems. In light of this, the paper explores attack vectors that target unpatched system vulnerabilities and their impact on the ICS, demonstrated using Waste Water Treatment Plant (WWTP) testbed. Denial of Service (DoS), Buffer overflow, privilege escalation, unauthorized command injection attacks are executed and their impacts are investigated using CIA and STRIDE threat modeling. The main outcomes of the study are, 1) An update on public advisory CVE-2021-33834 by Moxa. 2) Demonstration of attack on a device with publicly accessible Proof of Concept (POC) of another device using Modbus buffer overflow vulnerability. Finally, various recommendations are made that can be used for security penetration testing to identify security flaws, as well as directions for product developers to implement security by design.

Published
2022
Full Text
View/download PDF

3. Dynamic Modeling and Cascade Failure Analysis of the Mumbai Grid Incident of October 12, 2020

Author

Abhishek Pandey, Sunny Kumar, Shravan Mohire, Polagani Pentayya, and Faruk Kazi

Subjects
Blackout, cascade failure, critical infrastructure, islanding, power system modelling and simulator for engineering (PSS/E), rate of change of frequency (ROCOF), Electrical engineering. Electronics. Nuclear engineering, TK1-9971
Abstract

The Mumbai region in India experienced a massive outage on October 12, 2020, due to cascade failure. The event taught some serious lessons to the grid operators and highlighted the need for energy security and reliability. In this incident, the cascade tripping of the external transmission network resulted in an unexpected island containing Mumbai city isolating it from the rest of Indian power grid. Although the Mumbai islanding scheme was operational, it failed to survive due to high rate of change of frequency (ROCOF). Globally, such blackouts occur due to low probability, high impact events. Major blackouts are caused by a set of triggering events that are usually preceded by some incidents that weaken the power system. Further, the failure of important security mechanisms and protections can compound the effect of disturbances. In view of this, the paper focuses on the consequences of cascading events that led to several blackouts in history. This paper analyses the October 12, 2020, Mumbai power grid failure by recreating various scenarios that resulted in the blackout through dynamic modelling on the PSS/E platform. The results were validated using data collected from phasor measurement units (PMUs) and SCADA. In this article various challenges faced during unfolding of the event are presented. Lessons learnt such as appropriate settings and tuning were identified to ensure the survival of islanding scheme. Assessment of Mumbai power system’s transfer capability is done to facilitate the optimal mix of imported and embedded generation.

Published
2022
Full Text
View/download PDF

Catalog

Books, media, physical & digital resources
See catalog results