Biblio

The proliferation of autonomous and connected vehicles on our roads is increasingly felt. However, the problems related to the optimization of the energy consumed, to the safety, and to the security of these do not cease to arise on the tables of debates bringing together the various stakeholders. By focusing on the security aspect of such systems, we can realize that there is a family of problems that must be investigated as soon as possible. In particular, those that may manifest as the system expands. Therefore, this work aims to model and simulate the behavior of a system of autonomous and connected vehicles in the face of a malware invasion. In order to achieve the set objective, we propose a model to our system which is inspired by those used in epidimology, such as SI, SIR, SIER, etc. This being adapted to our case study, stochastic processes are defined in order to characterize its dynamics. After having fixed the values of the various parameters, as well as those of the initial conditions, we run 100 simulations of our system. After which we visualize the results got, we analyze them, and we give some interpretations. We end by outlining the lessons and recommendations drawn from the results.

IoBTs must feature collaborative, context-aware, multi-modal fusion for real-time, robust decision-making in adversarial environments. The integration of machine learning (ML) models into IoBTs has been successful at solving these problems at a small scale (e.g., AiTR), but state-of-the-art ML models grow exponentially with increasing temporal and spatial scale of modeled phenomena, and can thus become brittle, untrustworthy, and vulnerable when interpreting large-scale tactical edge data. To address this challenge, we need to develop principles and methodologies for uncertainty-quantified neuro-symbolic ML, where learning and inference exploit symbolic knowledge and reasoning, in addition to, multi-modal and multi-vantage sensor data. The approach features integrated neuro-symbolic inference, where symbolic context is used by deep learning, and deep learning models provide atomic concepts for symbolic reasoning. The incorporation of high-level symbolic reasoning improves data efficiency during training and makes inference more robust, interpretable, and resource-efficient. In this paper, we identify the key challenges in developing context-aware collaborative neuro-symbolic inference in IoBTs and review some recent progress in addressing these gaps.

Metaverse is becoming the new standard for social networks and 3D virtual worlds when Facebook officially rebranded to Metaverse in October 2021. Many relevant technologies are used in the metaverse to offer 3D immersive and customized experiences at the user’s fingertips. Despite the fact that the metaverse receives a lot of attention and advantages, one of the most pressing concerns for its users is the safety of their digital material and data. As a result of its decentralization, immutability, and transparency, blockchain is a possible alternative. Our goal is to conduct a comprehensive assessment of blockchain systems in the metaverse to properly appreciate its function in the metaverse. To begin with, the paper introduces blockchain and the metaverse and explains why it’s necessary for the metaverse to adopt blockchain technology. Aside from these technological considerations, this article focuses on how blockchain-based approaches for the metaverse may be used from a privacy and security standpoint. There are several technological challenegs that need to be addressed for making the metaverse a reality. The influence of blockchain on important key technologies with in metaverse, such as Artifical Intelligence, big data and the Internet-of-Things (IoT) is also examined. Several prominent initiatives are also shown to demonstrate the importance of blockchain technology in the development of metaverse apps and services. There are many possible possibilities for future development and research in the application of blockchain technology in the metaverse.

In this decade, digital transactions have risen exponentially demanding more reliable and secure authentication systems. CAPTCHA (Completely Automated Public Turing Test to tell Computers and Humans Apart) system plays a major role in these systems. These CAPTCHAs are available in character sequence, picture-based, and audio-based formats. It is very essential that these CAPTCHAs should be able to differentiate a computer program from a human precisely. This work tests the strength of text-based CAPTCHAs by breaking them using an algorithm built on CNN (Convolution Neural Network) and RNN (Recurrent Neural Network). The algorithm is designed in such a way as an attempt to break the security features designers have included in the CAPTCHAs to make them hard to be cracked by machines. This algorithm is tested against the synthetic dataset generated in accordance with the schemes used in popular websites. The experiment results exhibit that the model has shown a considerable performance against both the synthetic and real-world CAPTCHAs.

In this paper, we proposed a data security model of a big data analytical environment in the financial sector. Big Data can be seen as a trend in the advancement of technology that has opened the door to a new approach to understanding and decision making that is used to describe the vast amount of data (structured, unstructured and semi-structured) that is too time consuming and costly to load a relational database for analysis. The increase in cybercriminal attacks on an organization’s assets results in organizations beginning to invest in and care more about their cybersecurity points and controls. The management of business-critical data is an important point for which robust cybersecurity controls should be considered. The proposed model is applied in a datalake and allows the identification of security gaps on an analytical repository, a cybersecurity risk analysis, design of security components and an assessment of inherent risks on high criticality data in a repository of a regulated financial institution. The proposal was validated in financial entities in Lima, Peru. Proofs of concept of the model were carried out to measure the level of maturity focused on: leadership and commitment, risk management, protection control, event detection and risk management. Preliminary results allowed placing the entities in level 3 of the model, knowing their greatest weaknesses, strengths and how these can affect the fulfillment of business objectives.

In the Smart Grid paradigm, this critical infrastructure operation is increasingly exposed to cyber-threats due to the increased dependency on communication networks. An adversary can launch an attack on a power grid operation through False Data Injection into system measurements and/or through attacks on the communication network, such as flooding the communication channels with unnecessary data or intercepting messages. A cross-layered strategy that combines power grid data, communication grid monitoring and Machine Learning-based processing is a promising solution for detecting cyber-threats. In this paper, an implementation of an integrated solution of a cross-layer framework is presented. The advantage of such a framework is the augmentation of valuable data that enhances the detection of anomalies in the operation of power grid. IEEE 118-bus system is built in Simulink to provide a power grid testing environment and communication network data is emulated using SimComponents. The performance of the framework is investigated under various FDI and communication attacks.

While 5G Edge Computing along with IoT technology has transformed the future of healthcare data transmission, it presents security vulnerabilities and risks when transmitting patients' confidential information. Currently, there are very few reliable security solutions available for healthcare data that routes through SDN routers in 5G Edge Computing. These solutions do not provide cryptographic security from IoT sensor devices. In this paper, we studied how 5G edge computing integrated with IoT network helps healthcare data transmission for remote medical treatment, explored security risks associated with unsecured data transmission, and finally proposed a cryptographic end-to-end security solution initiated at IoT sensor devices and routed through SDN routers. Our proposed solution with cryptographic security initiated at IoT sensor goes through SDN control plane and data plane in 5G edge computing and provides an end-to-end secured communication from IoT device to doctor's office. A prototype built with two-layer encrypted communication has been lab tested with promising results. This analysis will help future security implementation for eHealth in 5G and beyond networks.

Digital forensics is essential when performing in-depth crime investigations and evidence extraction, especially in the field of the Internet of Things, where there is a ton of information every second boosted with latest and smartest technological devices. However, the enormous growth of data and the nature of its complexity could constrain the data examination process since traditional data acquisition techniques are not applicable nowadays. Therefore, if the knowledge gap between digital forensics and the Internet of Things is not bridged, investigators will jeopardize the loss of a possible rich source of evidence that otherwise could act as a lead in solving open cases. The work aims to introduce examples of employing the latest Internet of Things forensics approaches as a panacea in this regard. The paper covers a variety of articles presenting the new Blockchain, fog, and video-based applications that can aid in easing the process of digital forensics investigation with a focus on the Internet of Things. The results of the review indicated that the above current trends are very promising procedures in the field of Internet of Things digital forensics and need to be explored and applied more actively.

Cyber threats have been a major issue in the cyber security domain. Every hacker follows a series of cyber-attack stages known as cyber kill chain stages. Each stage has its norms and limitations to be deployed. For a decade, researchers have focused on detecting these attacks. Merely watcher tools are not optimal solutions anymore. Everything is becoming autonomous in the computer science field. This leads to the idea of an Autonomous Cyber Resilience Defense algorithm design in this work. Resilience has two aspects: Response and Recovery. Response requires some actions to be performed to mitigate attacks. Recovery is patching the flawed code or back door vulnerability. Both aspects were performed by human assistance in the cybersecurity defense field. This work aims to develop an algorithm based on Reinforcement Learning (RL) with a Convoluted Neural Network (CNN), far nearer to the human learning process for malware images. RL learns through a reward mechanism against every performed attack. Every action has some kind of output that can be classified into positive or negative rewards. To enhance its thinking process Markov Decision Process (MDP) will be mitigated with this RL approach. RL impact and induction measures for malware images were measured and performed to get optimal results. Based on the Malimg Image malware, dataset successful automation actions are received. The proposed work has shown 98% accuracy in the classification, detection, and autonomous resilience actions deployment.

Cyber threats can cause severe damage to computing infrastructure and systems as well as data breaches that make sensitive data vulnerable to attackers and adversaries. It is therefore imperative to discover those threats and stop them before bad actors penetrating into the information systems.Threats hunting algorithms based on machine learning have shown great advantage over classical methods. Reinforcement learning models are getting more accurate for identifying not only signature-based but also behavior-based threats. Quantum mechanics brings a new dimension in improving classification speed with exponential advantage. The accuracy of the AI/ML algorithms could be affected by many factors, from algorithm, data, to prejudicial, or even intentional. As a result, AI/ML applications need to be non-biased and trustworthy.In this research, we developed a machine learning-based cyber threat detection and assessment tool. It uses two-stage (both unsupervised and supervised learning) analyzing method on 822,226 log data recorded from a web server on AWS cloud. The results show the algorithm has the ability to identify the threats with high confidence.

Cyber attacks keep states, companies and individuals at bay, draining precious resources including time, money, and reputation. Attackers thereby seem to have a first mover advantage leading to a dynamic defender attacker game. Automated approaches taking advantage of Cyber Threat Intelligence on past attacks bear the potential to empower security professionals and hence increase cyber security. Consistently, there has been a lot of research on automated approaches in cyber risk management including works on predictive attack algorithms and threat hunting. Combining data on countermeasures from “MITRE Detection, Denial, and Disruption Framework Empowering Network Defense” and adversarial data from “MITRE Adversarial Tactics, Techniques and Common Knowledge” this work aims at developing methods that enable highly precise and efficient automatic incident response. We introduce Attack Incident Responder, a methodology working with simple heuristics to find the most efficient sets of counter-measures for hypothesized attacks. By doing so, the work contributes to narrowing the attackers first mover advantage. Experimental results are promising high average precisions in predicting effiective defenses when using the methodology. In addition, we compare the proposed defense measures against a static set of defensive techniques offering robust security against observed attacks. Furthermore, we combine the approach of automated incidence response to an approach for threat hunting enabling full automation of security operation centers. By this means, we define a threshold in the precision of attack hypothesis generation that must be met for predictive defense algorithms to outperform the baseline. The calculated threshold can be used to evaluate attack hypothesis generation algorithms. The presented methodology for automated incident response may be a valuable support for information security professionals. Last, the work elaborates on the combination of static base defense with adaptive incidence response for generating a bio-inspired artificial immune system for computerized networks.

Artificial intelligence (AI) and machine learning (ML) have been used in transforming our environment and the way people think, behave, and make decisions during the last few decades [1]. In the last two decades everyone connected to the Internet either an enterprise or individuals has become concerned about the security of his/their computational resources. Cybersecurity is responsible for protecting hardware and software resources from cyber attacks e.g. viruses, malware, intrusion, eavesdropping. Cyber attacks either come from black hackers or cyber warfare units. Artificial intelligence (AI) and machine learning (ML) have played an important role in developing efficient cyber security tools. This paper presents Latest Cyber Security Tools Based on Machine Learning which are: Windows defender ATP, DarckTrace, Cisco Network Analytic, IBM QRader, StringSifter, Sophos intercept X, SIME, NPL, and Symantec Targeted Attack Analytic.

This paper proposes a cybersecurity maturity model to assess the capabilities of medical organizations to identify their level of maturity, prioritizing privacy and personal data protection. There are problems such as data breaches, the lack of security measures in health information, and the poor capacity of organizations to handle cybersecurity threats that generate concern in the health sector as they seek to mitigate risks in cyberspace. The proposal, based upon C2M2 (Cybersecurity Capability Maturity Model), incorporates practices and controls which allow organizations to identify security gaps generated through cyberattacks on sensitive health patient data. This model seeks to integrate the best practices related to privacy and protection of personal data in the Peruvian legal framework through the Administrative Directive No. 294-MINSA and the personal data protection Act No. 29733. The model consists of 3 evaluation phases. 1. Assessment planning; 2. Execution of the evaluation; 3. Implementation of improvements. The model was validated and tested in a public sector medical organization in Lima, Peru. The preliminary results showed that the organization is at Level 1 with 14% of compliance with established controls, 34% in risk, threat and vulnerability management practices and 19% in supply chain management. These the 3 highest percentages of the 10 evaluated domains.

The development of new types of technology actualizes the issues of ensuring their information security. The aim of the work is to increase the security of the collective decision-making process in swarm robotic systems from negative impacts by identifying malicious robots. It is proposed to use confidence in choosing an alternative when reaching a consensus as a criterion for identifying malicious robots - a malicious robot, having a special behavior strategy, does not fully take into account the signs of the external environment and information from other robots, which means that such a robot will change its mind with characteristic features for each malicious strategy, and its degree of confidence will be different from the usual voting robot. The modeling performed and the obtained experimental data on three types of malicious behavioral strategies demonstrate the possibility of using the degree of confidence to identify malicious robots. The advantages of the approach are taking into account a large number of alternatives and universality, which lies in the fact that the method is based on the mechanisms of collective decision-making, which proceed in the same way on various hardware platforms of swarm robotic systems. The proposed method can serve as a basis for the development of more complex security mechanisms in swarm robotic systems.

On the one hand, laparoscopic surgery as medical state-of-the-art method is minimal invasive, and thus less stressful for patients. On the other hand, laparoscopy implies higher demands on physicians, such as mental load or preparation time, hence appropriate technical support is essential for quality and suc-cess. Medical Digital Twins provide an integrated and virtual representation of patients' and organs' data, and thus a generic concept to make complex information accessible by surgeons. In this way, minimal invasive surgery could be improved significantly, but requires also a much more complex software system to achieve the various resulting requirements. The biggest challenges for these systems are the safe and precise mapping of the digital twin to reality, i.e. dealing with deformations, movement and distortions, as well as balance out the competing requirement for intuitive and immersive user access and security. The case study ARAILIS is presented as a proof in concept for such a system and provides a starting point for further research. Based on the insights delivered by this prototype, a vision for future Medical Digital Twins in surgery is derived and discussed.

The suggested IsoQuadratic Exponentiation Randomized isocryptosystem design is the unique approach for public key encipher algorithm using IsoPartial Discrete Logarithm Problem and preservation of the recommended IsoQuadratic Exponentiation Randomized isocryptosystem be established against hardness of IsoPartial Discrete Logarithm Problem. Therewith, we demonstrated the possibility of an additional secured algorithm. The offered unique IsoQuadratic Exponentiation Randomized isocryptosystem is suitable for low bandwidth transmission, low storage and low numeration in cyberspace.

Phishing is a method of online fraud where attackers are targeted to gain access to the computer systems for monetary benefits or personal gains. In this case, the attackers pose themselves as legitimate entities to gain the users' sensitive information. Phishing has been significant concern over the past few years. The firms are recording an increase in phishing attacks primarily aimed at the firm's intellectual property and the employees' sensitive data. As a result, these attacks force firms to spend more on information security, both in technology-centric and human-centric approaches. With the advancements in cyber-security in the last ten years, many techniques evolved to detect phishing-related activities through websites and emails. This study focuses on the latest techniques used for detecting phishing attacks, including the usage of Visual selection features, Machine Learning (ML), and Artificial Intelligence (AI) to see the phishing attacks. New strategies for identifying phishing attacks are evolving, but limited standardized knowledge on phishing identification and mitigation is accessible from user awareness training. So, this study also focuses on the role of security-awareness movements to minimize the impact of phishing attacks. There are many approaches to train the user regarding these attacks, such as persona-centred training, anti-phishing techniques, visual discrimination training and the usage of spam filters, robust firewalls and infrastructure, dynamic technical defense mechanisms, use of third-party certified software to mitigate phishing attacks from happening. Therefore, the purpose of this paper is to carry out a systematic analysis of literature to assess the state of knowledge in prominent scientific journals on the identification and prevention of phishing. Forty-three journal articles with the perspective of phishing detection and prevention through awareness training were reviewed from 2011 to 2020. This timely systematic review also focuses on the gaps identified in the selected primary studies and future research directions in this area.

For a long time, online attacks were regarded to pose a severe threat to web - based applications, websites, and clients. It can bypass authentication methods, steal sensitive information from datasets and clients, and also gain ultimate authority of servers. A variety of ways for safeguarding online apps have been developed and used to deal the website risks. Based on the studies about the intersection of cybersecurity and machine learning, countermeasures for identifying typical web assaults have recently been presented (ML). In order to establish a better understanding on this essential topic, it is necessary to study ML methodologies, feature extraction techniques, evaluate datasets, and performance metrics utilised in a systematic manner. In this paper, we go through web security flaws like SQLi, XSS, malicious URLs, phishing attacks, path traversal, and CMDi in detail. We also go through the existing security methods for detecting these threats using machine learning approaches for URL classification. Finally, we discuss potential research opportunities for ML and DL-based techniques in this category, based on a thorough examination of existing solutions in the literature.

The demand for increasing flexibility use in power systems is stressed by the changing grid utilization. Making use of largely untapped flexibility potential is possible through novel flexibility markets. Different approaches for these markets are being developed and vary considering their handling of transaction schemes and relation of participating entities. This paper delivers the conceptual development of a holistic system architecture for the realization of an interregional flexibility market, which targets a market based congestion management in the transmission and distribution system through trading between system operators and flexibility providers. The framework combines a market mechanism with the required supplements like appropriate control algorithms for emergency situations, cyber-physical system monitoring and cyber-security assessment. The resulting methods are being implemented and verified in a remote-power-hardware-in-the-loop setup coupling a real world low voltage grid with a geographically distant real time simulation using state of the art control system applications with an integration of the aforementioned architecture components.

The problem of information security of critical information infrastructure objects in the conditions of openness is formulated. The concept of information infrastructure openness is analyzed. An approach to assessing the openness of an information system is presented. A set-theoretic model of information resources openness was developed. The formulation of the control problem over the degree of openness with restrictions on risk was carried out. An example of solving the problem of finding the coefficient of openness is presented.

Malware attacks in the cyber world continue to increase despite the efforts of Malware analysts to combat this problem. Recently, Malware samples have been presented as binary sequences and assembly codes. However, most researchers focus only on the raw Malware sequence in their proposed solutions, ignoring that the assembly codes may contain important details that enable rapid Malware detection. In this work, we leveraged the capabilities of deep autoencoders to investigate the presence of feature disparities in the assembly and raw binary Malware samples. First, we treated the task as outliers to investigate whether the autoencoder would identify and justify features as samples from the same family. Second, we added noise to all samples and used Deep Autoencoder to reconstruct the original samples by denoising. Experiments with the Microsoft Malware dataset showed that the byte samples' features differed from the assembly code samples.

A huge amount of stored and transferred data is expanding rapidly. Therefore, managing and securing the big volume of diverse applications should have a high priority. However, Structured Query Language Injection Attack (SQLIA) is one of the most common dangerous threats in the world. Therefore, a large number of approaches and models have been presented to mitigate, detect or prevent SQL injection attack but it is still alive. Most of old and current models are created based on static, dynamic, hybrid or machine learning techniques. However, SQL injection attack still represents the highest risk in the trend of web application security risks based on several recent studies in 2021. In this paper, we present a review of the latest research dealing with SQL injection attack and its types, and demonstrating several types of most recent and current techniques, models and approaches which are used in mitigating, detecting or preventing this type of dangerous attack. Then, we explain the weaknesses and highlight the critical points missing in these techniques. As a result, we still need more efforts to make a real, novel and comprehensive solution to be able to cover all kinds of malicious SQL commands. At the end, we provide significant guidelines to follow in order to mitigate such kind of attack, and we strongly believe that these tips will help developers, decision makers, researchers and even governments to innovate solutions in the future research to stop SQLIA.

The robustness of the encryption systems in all of their types depends on the key generation. Thus, an encryption system can be said robust if the generated key(s) are very complex and random which prevent attackers or other analytical tools to break the encryption system. This paper proposed an enhanced key generation based on iris image as biometric, to be implemented dynamically in both of authentication process and data encryption. The captured iris image during the authentication process will be stored in a cloud server to be used in the next login to decrypt data. While in the current login, the previously stored iris image in the cloud server would be used to decrypt data in the current session. The results showed that the generated key meets the required randomness for several NIST tests that is reasonable for one use. The strength of the proposed approach produced unrepeated keys for encryption and each key will be used once. The weakness of the produced key may be enhanced to become more random.

Intrusion detection for Controller Area Network (CAN) protocol requires modern methods in order to compete with other electrical architectures. Fingerprint Intrusion Detection Systems (IDS) provide a promising new approach to solve this problem. By characterizing network traffic from known ECUs, hazardous messages can be discriminated. In this article, a modified version of Fingerprint IDS is employed utilizing both step response and spectral characterization of network traffic via neural network training. With the addition of feature set reduction and hyperparameter tuning, this method accomplishes a 99.4% detection rate of trusted ECU traffic.

The effective security system improvement from malware attacks on the Android operating system should be updated and improved. Effective malware detection increases the level of data security and high protection for the users. Malicious software or malware typically finds a means to circumvent the security procedure, even when the user is unaware whether the application can act as malware. The effectiveness of obfuscated android malware detection is evaluated by collecting static analysis data from a data set. The experiment assesses the risk level of which malware dataset using the hash value of the malware and records malware behavior. A set of hash SHA256 malware samples has been obtained from an internet dataset and will be analyzed using static analysis to record malware behavior and evaluate which risk level of the malware. According to the results, most of the algorithms provide the same total score because of the multiple crime inside the malware application.