TY - GEN A1 - Sianipar, Johannes Harungguan A1 - Sukmana, Muhammad Ihsan Haikal A1 - Meinel, Christoph T1 - Moving sensitive data against live memory dumping, spectre and meltdown attacks T2 - 26th International Conference on Systems Engineering (ICSEng) N2 - The emergence of cloud computing allows users to easily host their Virtual Machines with no up-front investment and the guarantee of always available anytime anywhere. But with the Virtual Machine (VM) is hosted outside of user's premise, the user loses the physical control of the VM as it could be running on untrusted host machines in the cloud. Malicious host administrator could launch live memory dumping, Spectre, or Meltdown attacks in order to extract sensitive information from the VM's memory, e.g. passwords or cryptographic keys of applications running in the VM. In this paper, inspired by the moving target defense (MTD) scheme, we propose a novel approach to increase the security of application's sensitive data in the VM by continuously moving the sensitive data among several memory allocations (blocks) in Random Access Memory (RAM). A movement function is added into the application source code in order for the function to be running concurrently with the application's main function. Our approach could reduce the possibility of VM's sensitive data in the memory to be leaked into memory dump file by 2 5% and secure the sensitive data from Spectre and Meltdown attacks. Our approach's overhead depends on the number and the size of the sensitive data. KW - Virtual Machine KW - Memory Dumping KW - Security KW - Cloud Computing KW - Spectre KW - Meltdown Y1 - 2019 SN - 978-1-5386-7834-3 PB - IEEE CY - New York ER - TY - JOUR A1 - Kayem, Anne Voluntas dei Massah A1 - Wolthusen, Stephen D. A1 - Meinel, Christoph T1 - Power Systems BT - a matter of security and privacy JF - Smart Micro-Grid Systems Security and Privacy N2 - Studies indicate that reliable access to power is an important enabler for economic growth. To this end, modern energy management systems have seen a shift from reliance on time-consuming manual procedures, to highly automated management, with current energy provisioning systems being run as cyber-physical systems. Operating energy grids as a cyber-physical system offers the advantage of increased reliability and dependability, but also raises issues of security and privacy. In this chapter, we provide an overview of the contents of this book showing the interrelation between the topics of the chapters in terms of smart energy provisioning. We begin by discussing the concept of smart-grids in general, proceeding to narrow our focus to smart micro-grids in particular. Lossy networks also provide an interesting framework for enabling the implementation of smart micro-grids in remote/rural areas, where deploying standard smart grids is economically and structurally infeasible. To this end, we consider an architectural design for a smart micro-grid suited to low-processing capable devices. We model malicious behaviour, and propose mitigation measures based properties to distinguish normal from malicious behaviour. KW - Lossy networks KW - Low-processing capable devices KW - Smart micro-grids KW - Security KW - Privacy KW - Energy Y1 - 2018 SN - 978-3-319-91427-5 SN - 978-3-319-91426-8 U6 - https://doi.org/10.1007/978-3-319-91427-5_1 VL - 71 SP - 1 EP - 8 PB - Springer CY - Dordrecht ER -