Bernardi Pranggono | University of Leeds (original) (raw)

Uploads

Papers by Bernardi Pranggono

... Bernardi Pranggono Corresponding Author Contact Information , a , E-mail The Corresponding Au... more ... Bernardi Pranggono Corresponding Author Contact Information , a , E-mail The Corresponding Author and Jaafar Elmirghani a. ... The main advantage of using a sub-carrier multiplexed header is that the header to data ratio is no longer a limitation on bandwidth efficiency as the ...

Selecting the Best Tool for the Test, 2014

2013 19th International Conference on Control Systems and Computer Science, 2013

This work is part of the research to study trends and challenges of cyber security to smart devic... more This work is part of the research to study trends and challenges of cyber security to smart devices in smart homes. We have seen the development and demand for seamless interconnectivity of smart devices to provide various functionality and abilities to users. While these devices provide more features and functionality, they also introduce new risks and threats. Subsequently, current cyber security issues related to smart devices are discussed and analyzed. The paper begins with related background and motivation. We identified mobile malware as one of the main issue in the smart devices' security. In the near future, mobile smart device users can expect to see a striking increase in malware and notable advancements in malware-related attacks, particularly on the Android platform as the user base has grown exponentially. We discuss and analyzed mobile malware in details and identified challenges and future trends in this area. Then we propose and discuss an integrated security solution for cyber security in smart devices to tackle the issue.

The State of the Art in Intrusion Prevention and Detection, 2013

Optik - International Journal for Light and Electron Optics, 2012

... Bernardi Pranggono Corresponding Author Contact Information , a , E-mail The Corresponding Au... more ... Bernardi Pranggono Corresponding Author Contact Information , a , E-mail The Corresponding Author and Jaafar Elmirghani a. ... The main advantage of using a sub-carrier multiplexed header is that the header to data ratio is no longer a limitation on bandwidth efficiency as the ...

Optical Fiber Technology, 2011

In this paper, we discuss and evaluate two proposed metro wavelength division multiplexing (WDM) ... more In this paper, we discuss and evaluate two proposed metro wavelength division multiplexing (WDM) ring network architectures for variable-length packet traffic in storage area networks (SANs) settings. The paper begins with a brief review of the relevant architectures and ...

IEEE Transactions on Power Delivery, 2000

ABSTRACT The increased interconnectivity and complexity of Supervisory Control and Data Acquisiti... more ABSTRACT The increased interconnectivity and complexity of Supervisory Control and Data Acquisition (SCADA) systems in power system networks has exposed the systems to a multitude of potential vulnerabilities. In this paper we present a novel approach for a next generation SCADA-specific Intrusion Detection System (IDS). The proposed system analyses multiple attributes in order to provide a comprehensive solution able to mitigate varied cyber attack threats. The multi-attribute IDS comprises a heterogeneous whitelist and behaviour-based concept in order to make SCADA cyber systems more secure. This paper also proposes a multilayer cyber-security framework based on IDS for protecting SCADA cyber-security in Smart Grids without compromising the availability of normal data. In addition, this paper presents a SCADA-specific cyber-security test-bed to investigate simulated attacks and which has been used in the paper to validate the proposed approach.

Journal of Optical Communications and Networking, 2012

With increasing demands on storage devices in the modern communication environment, the storage a... more With increasing demands on storage devices in the modern communication environment, the storage area network (SAN) has evolved to provide a direct connection allowing these storage devices to be accessed efficiently. To optimize the performance of a SAN, a three-stage hybrid electronic/optical switching node architecture based on the concept of a MPLS label switching mechanism, aimed at serving as a multi-protocol label switching (MPLS) ingress label edge router (LER) for a SAN-enabled application, has been designed. New shutter-based free-space multi-channel optical switching cores are employed as the core switch fabric to solve the packet contention and switching path conflict problems. The system-level node architecture design constraints are evaluated through self-similar traffic sourced from real gigabit Ethernet network traces and storage systems. The extension performance of a SAN over a proposed WDM ring network, aimed at serving as an MPLS-enabled transport network, is also presented and demonstrated.

Synchrophasor systems will play a significant role in next generation Smart Grid monitoring, prot... more Synchrophasor systems will play a significant role in next generation Smart Grid monitoring, protection and control. However, these systems also introduce a multitude of potential vulnerabilities and cyber threats from malicious attackers or disgruntled employees, which may cause erroneous situational awareness or severe damage. This paper proposes a Synchrophasor Specific Intrusion Detection System (SSIDS) for malicious cyber attacks and unintended misuse. The SSIDS involves a heterogeneous whitelist and behaviour-based approach to detect known and unknown attacks. The paper investigates and simulates reconnaissance, Man-in-the-Middle (MITM) and Denial-of-Service (DoS) attacks against a practical synchrophasor system that is used to validate the effectiveness of the proposed SSIDS detection tool. In contrast to previous research in this area that generally has investigated known attacks, this research actively considers the operational features of the IEEE C37.118 protocol and presents a more comprehensive and general solution to deal with not only known attacks but also unknown attacks.

The increased complexity and interconnectivity of Supervisory Control and Data Acquisition (SCADA... more The increased complexity and interconnectivity of Supervisory Control and Data Acquisition (SCADA) systems in the Smart Grid has exposed them to a wide range of cybersecurity issues, and there are a multitude of potential access points for cyber attackers. This paper presents a SCADAspecific cyber-security test-bed which contains SCADA software and communication infrastructure. This test-bed is used to investigate an Address Resolution Protocol (ARP) spoofing based man-in-the-middle attack. Finally, the paper proposes a future work plan which focuses on applying intrusion detection and prevention technology to address cyber-security issues in SCADA systems.

… , 2006. ICC'06, Jan 1, 2006

I. I NTRODUCTION A simple WDM ring network architecture intended to serve as a metropolitan acces... more I. I NTRODUCTION A simple WDM ring network architecture intended to serve as a metropolitan access network has been proposed in [1], and is designed to interconnect several access nodes (ANs) on a regional scale. In the proposed architecture, a single-fibre multi-channel time-...

ieeexplore.ieee.org

ABSTRACT This paper proposes and evaluates network survivability of optical paths in metro wavele... more ABSTRACT This paper proposes and evaluates network survivability of optical paths in metro wavelength division multiplexing (WDM) based storage area networks (SANs). The paper begins with a background and motivation. Subsequently, the network architectures along with ...

International …, Jan 1, 2010

… , 2007. ICC'07, Jan 1, 2007

ieeexplore.ieee.org

ABSTRACT First-generation storage area networks (SANs) were designed to operate within limited di... more ABSTRACT First-generation storage area networks (SANs) were designed to operate within limited distances. However, with the destructive effects of catastrophic events in a limited distance environment and the need of large organizations to connect their campuses over large ...

… , 2006. ICC'06, Jan 1, 2006

Abstract—As storage area networks (SANs) are increasingly replacing traditional direct-attached s... more Abstract—As storage area networks (SANs) are increasingly replacing traditional direct-attached storage (DAS) in many large data centers, many studies are considering extending SANs over large distances. SANs in a metropolitan wavelength-division multiplexing (WDM) ...

... Bernardi Pranggono Corresponding Author Contact Information , a , E-mail The Corresponding Au... more ... Bernardi Pranggono Corresponding Author Contact Information , a , E-mail The Corresponding Author and Jaafar Elmirghani a. ... The main advantage of using a sub-carrier multiplexed header is that the header to data ratio is no longer a limitation on bandwidth efficiency as the ...

Selecting the Best Tool for the Test, 2014

2013 19th International Conference on Control Systems and Computer Science, 2013

This work is part of the research to study trends and challenges of cyber security to smart devic... more This work is part of the research to study trends and challenges of cyber security to smart devices in smart homes. We have seen the development and demand for seamless interconnectivity of smart devices to provide various functionality and abilities to users. While these devices provide more features and functionality, they also introduce new risks and threats. Subsequently, current cyber security issues related to smart devices are discussed and analyzed. The paper begins with related background and motivation. We identified mobile malware as one of the main issue in the smart devices' security. In the near future, mobile smart device users can expect to see a striking increase in malware and notable advancements in malware-related attacks, particularly on the Android platform as the user base has grown exponentially. We discuss and analyzed mobile malware in details and identified challenges and future trends in this area. Then we propose and discuss an integrated security solution for cyber security in smart devices to tackle the issue.

The State of the Art in Intrusion Prevention and Detection, 2013

Optik - International Journal for Light and Electron Optics, 2012

... Bernardi Pranggono Corresponding Author Contact Information , a , E-mail The Corresponding Au... more ... Bernardi Pranggono Corresponding Author Contact Information , a , E-mail The Corresponding Author and Jaafar Elmirghani a. ... The main advantage of using a sub-carrier multiplexed header is that the header to data ratio is no longer a limitation on bandwidth efficiency as the ...

Optical Fiber Technology, 2011

In this paper, we discuss and evaluate two proposed metro wavelength division multiplexing (WDM) ... more In this paper, we discuss and evaluate two proposed metro wavelength division multiplexing (WDM) ring network architectures for variable-length packet traffic in storage area networks (SANs) settings. The paper begins with a brief review of the relevant architectures and ...

IEEE Transactions on Power Delivery, 2000

ABSTRACT The increased interconnectivity and complexity of Supervisory Control and Data Acquisiti... more ABSTRACT The increased interconnectivity and complexity of Supervisory Control and Data Acquisition (SCADA) systems in power system networks has exposed the systems to a multitude of potential vulnerabilities. In this paper we present a novel approach for a next generation SCADA-specific Intrusion Detection System (IDS). The proposed system analyses multiple attributes in order to provide a comprehensive solution able to mitigate varied cyber attack threats. The multi-attribute IDS comprises a heterogeneous whitelist and behaviour-based concept in order to make SCADA cyber systems more secure. This paper also proposes a multilayer cyber-security framework based on IDS for protecting SCADA cyber-security in Smart Grids without compromising the availability of normal data. In addition, this paper presents a SCADA-specific cyber-security test-bed to investigate simulated attacks and which has been used in the paper to validate the proposed approach.

Journal of Optical Communications and Networking, 2012

With increasing demands on storage devices in the modern communication environment, the storage a... more With increasing demands on storage devices in the modern communication environment, the storage area network (SAN) has evolved to provide a direct connection allowing these storage devices to be accessed efficiently. To optimize the performance of a SAN, a three-stage hybrid electronic/optical switching node architecture based on the concept of a MPLS label switching mechanism, aimed at serving as a multi-protocol label switching (MPLS) ingress label edge router (LER) for a SAN-enabled application, has been designed. New shutter-based free-space multi-channel optical switching cores are employed as the core switch fabric to solve the packet contention and switching path conflict problems. The system-level node architecture design constraints are evaluated through self-similar traffic sourced from real gigabit Ethernet network traces and storage systems. The extension performance of a SAN over a proposed WDM ring network, aimed at serving as an MPLS-enabled transport network, is also presented and demonstrated.

Synchrophasor systems will play a significant role in next generation Smart Grid monitoring, prot... more Synchrophasor systems will play a significant role in next generation Smart Grid monitoring, protection and control. However, these systems also introduce a multitude of potential vulnerabilities and cyber threats from malicious attackers or disgruntled employees, which may cause erroneous situational awareness or severe damage. This paper proposes a Synchrophasor Specific Intrusion Detection System (SSIDS) for malicious cyber attacks and unintended misuse. The SSIDS involves a heterogeneous whitelist and behaviour-based approach to detect known and unknown attacks. The paper investigates and simulates reconnaissance, Man-in-the-Middle (MITM) and Denial-of-Service (DoS) attacks against a practical synchrophasor system that is used to validate the effectiveness of the proposed SSIDS detection tool. In contrast to previous research in this area that generally has investigated known attacks, this research actively considers the operational features of the IEEE C37.118 protocol and presents a more comprehensive and general solution to deal with not only known attacks but also unknown attacks.

The increased complexity and interconnectivity of Supervisory Control and Data Acquisition (SCADA... more The increased complexity and interconnectivity of Supervisory Control and Data Acquisition (SCADA) systems in the Smart Grid has exposed them to a wide range of cybersecurity issues, and there are a multitude of potential access points for cyber attackers. This paper presents a SCADAspecific cyber-security test-bed which contains SCADA software and communication infrastructure. This test-bed is used to investigate an Address Resolution Protocol (ARP) spoofing based man-in-the-middle attack. Finally, the paper proposes a future work plan which focuses on applying intrusion detection and prevention technology to address cyber-security issues in SCADA systems.

… , 2006. ICC'06, Jan 1, 2006

I. I NTRODUCTION A simple WDM ring network architecture intended to serve as a metropolitan acces... more I. I NTRODUCTION A simple WDM ring network architecture intended to serve as a metropolitan access network has been proposed in [1], and is designed to interconnect several access nodes (ANs) on a regional scale. In the proposed architecture, a single-fibre multi-channel time-...

ieeexplore.ieee.org

ABSTRACT This paper proposes and evaluates network survivability of optical paths in metro wavele... more ABSTRACT This paper proposes and evaluates network survivability of optical paths in metro wavelength division multiplexing (WDM) based storage area networks (SANs). The paper begins with a background and motivation. Subsequently, the network architectures along with ...

International …, Jan 1, 2010

… , 2007. ICC'07, Jan 1, 2007

ieeexplore.ieee.org

ABSTRACT First-generation storage area networks (SANs) were designed to operate within limited di... more ABSTRACT First-generation storage area networks (SANs) were designed to operate within limited distances. However, with the destructive effects of catastrophic events in a limited distance environment and the need of large organizations to connect their campuses over large ...

… , 2006. ICC'06, Jan 1, 2006

Abstract—As storage area networks (SANs) are increasingly replacing traditional direct-attached s... more Abstract—As storage area networks (SANs) are increasingly replacing traditional direct-attached storage (DAS) in many large data centers, many studies are considering extending SANs over large distances. SANs in a metropolitan wavelength-division multiplexing (WDM) ...