Identification of fake news : a semantic driven technique for transfer domain
- Authors: Ferdush, Jannatul , Kamruzzaman, Joarder , Karmakar, Gour , Gondal, Iqbal , Das, Raj
- Date: 2023
- Type: Text , Conference paper
- Relation: 29th International Conference on Neural Information Processing, ICONIP 2022, Virtual, online, 22-26 November 2022, Communications in Computer and Information Science Vol. 1793 CCIS, p. 564-575
- Full Text: false
- Reviewed:
- Description: Fake news spreads quickly on online social media and adversely impacts political, social, religious, and economic stability. This necessitates an efficient fake news detector which is now feasible due to advances in natural language processing and artificial intelligence. However, existing fake news detection (FND) systems are built on tokenization, embedding, and structure-based feature extraction, and fail drastically in real life because of the difference in vocabulary and its distribution across various domains. This article evaluates the effectiveness of various categories of traditional features in cross-domain FND and proposes a new method. Our proposed method shows significant improvement over recent methods in the literature for cross-domain fake news detection in terms of widely used performance metrics. © 2023, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
Cyber resilience modelling for the operations of hybrid network
- Authors: Ur-Rehman, Attiq , Kamruzzuman, Joarder , Gondal, Iqbal , Jolfaei, Alireza
- Date: 2022
- Type: Text , Conference paper
- Relation: 20th IEEE International Conference on Dependable, Autonomic and Secure Computing, 20th IEEE International Conference on Pervasive Intelligence and Computing, 7th IEEE International Conference on Cloud and Big Data Computing, 2022 IEEE International Conference on Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2022, Falerna, Italy, 12-15 September 2022, Proceedings 2022 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech)
- Full Text: false
- Reviewed:
- Description: Cyber resilience is referred to as the ability to resist cyber-attacks and it has several dimensions to evaluate. This study focuses on cyber resilience evaluation of nodes in hybrid network operations. This paper proposes a framework to evaluate cyber resilience and its integration with the CVSS (Common Vulnerability Scoring System) framework. CVSS is an industry standard to assess node vulnerabilities. The integration of cyber resilience with the CVSS framework will help cyber industry to standardise the node resilience capabilities for their operations. The proposed modelling is assessed and compared with our previous work on CVSS-based vulnerability evaluation for IoT and industrial integrated systems called CVSSIoT-ICS. The comparison results validate that the proposed model better evaluates the node vulnerabilities by incorporating the resilience capability of that nodes. © 2022 IEEE.
Fuzzy-based operational resilience modelling
- Authors: Ur-Rehman, Attiq , Kamruzzuman, Joarder , Gondal, Iqbal , Jolfaei, Alireza
- Date: 2022
- Type: Text , Conference paper
- Relation: 9th IEEE International Conference on Data Science and Advanced Analytics, DSAA 2022, Shenzhen, China, 13-16 October 2022, Proceedings - 2022 IEEE 9th International Conference on Data Science and Advanced Analytics, DSAA 2022
- Full Text: false
- Reviewed:
- Description: Resilience is an increasingly important concept in current socio-economic landscapes. Due to the competitive global context and security attacks, the organisations are looking for realistic resilience assessments for operations of their digital networks. This study proposes a node Operational Resilience evaluation based on the fuzzy logic by assessing various cyber security dynamics; including node threat protection, avoiding degradation, attack identification and recovery vectors. Through extensive experiments and analysis, we reached to a better understanding of diverse relationships between cyber security factors for the evaluation of Operational Resilience. © 2022 IEEE.
Spam email categorization with nlp and using federated deep learning
- Authors: Ul Haq, Ikram , Black, Paul , Gondal, Iqbal , Kamruzzaman, Joarder , Watters, Paul , Kayes, A.
- Date: 2022
- Type: Text , Conference paper
- Relation: 18th International Conference on Advanced Data Mining and Applications, ADMA 2022, Brisbane, Australia, 28-30 November 2022, Advanced Data Mining and Applications, 18th International Conference, ADMA 2022 Vol. 13726 LNAI, p. 15-27
- Full Text: false
- Reviewed:
- Description: Emails are the most popular and efficient communication method that makes them vulnerable to misuse. Federated learning (FL) provides a decentralized machine learning (ML) model, where a central server coordinates clients that collaboratively train a shared ML model. This paper proposes Federated Phishing Filtering (FPF) technique based on federated learning, natural language processing, and deep learning. FL for intelligent algorithms fuses trained models of ML algorithms from multiple sites for collective learning. This approach improves ML performance by utilizing large collective training data sets across the corporate client base, resulting in higher phishing email detection accuracy. FPF techniques preserve email privacy using local feature extraction on client email servers. Thus, the contents of emails do not need to be transmitted across the network or stored on third-party servers. We have applied FL and Natural Language Processing (NLP) for email phishing detection. This technique provides four training modes that perform FL without sharing email content. Our research categorizes emails as benign, spam, and phishing. Empirical evaluations with publicly available datasets show that accuracy is improved by the use of our Federated Deep Learning model. © 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG.
Vulnerability assessment framework for a smart grid
- Authors: Rashed, Muhammad , Kamruzzaman, Joarder , Gondal, Iqbal , Islam, Syed
- Date: 2022
- Type: Text , Conference paper
- Relation: 4th IEEE Global Power, Energy and Communication Conference, GPECOM 2022, Cappadocia, Turkey, 14-17 June 2022, Proceedings - 2022 IEEE 4th Global Power, Energy and Communication Conference, GPECOM 2022 p. 449-454
- Full Text: false
- Reviewed:
- Description: The increasing demand for the interconnected IoT based smart grid is facing threats from cyber-attacks due to inherent vulnerability in the smart grid network. There is a pressing need to evaluate and model these vulnerabilities in the network to avoid cascading failures in power systems. In this paper, we propose and evaluate a vulnerability assessment framework based on attack probability for the protection and security of a smart grid. Several factors were taken into consideration such as the probability of attack, propagation of attack from a parent node to child nodes, effectiveness of basic metering system, Kalman estimation and Advanced Metering Infrastructure (AMI). The IEEE-300 bus smart grid was simulated using MATPOWER to study the effectiveness of the proposed framework by injecting false data injection attacks (FDIA); and studying their propagation. Our results show that the use of severity assessment standards such as Common Vulnerability Scoring System (CVSS), AMI measurements and Kalman estimates were very effective for evaluating the vulnerability assessment of smart grid in the presence of FDIA attack scenarios. © 2022 IEEE.
Assessing reliability of smart grid against cyberattacks using stability index
- Authors: Rashed, Muhammad , Gondal, Iqbal , Kamruzzaman, Joarder , Islam, Syed
- Date: 2021
- Type: Text , Conference paper
- Relation: 31st Australasian Universities Power Engineering Conference, AUPEC 2021, Virtual, Online 26 to 30 September 2021, Proceedings of 2021 31st Australasian Universities Power Engineering Conference, AUPEC 2021
- Full Text: false
- Reviewed:
- Description: The degradation of stability index within smart grid leads to incorrect power generation and poor load balancing. The remote data dependency of the central energy management system (CEMS) causes communication delay that further leads to poor synchronization within the system. This becomes worse in the presence of cyber-attacks such as stealth or false data injection attack (FDIA). We used dynamic estimation to obtain state data after the inception of false data attack and analyzed its impact on the stability index of the smart grid. A lookup table was constructed based on the fluctuations within the voltage estimates of IEEE-Bus system. An index number was assigned to output estimates at the bus that highlights the level of severity within the grid. We used IEEE-57 Bus using MATLAB to capture and plot the results related to voltage estimates, latency, and inception time delay. The results demonstrate a clear relationship between stability index and state estimates especially when the system is under the influence of a cyber-attack. © 2021 IEEE.
API based discrimination of ransomware and benign cryptographic programs
- Authors: Black, Paul , Sohail, Ammar , Gondal, Iqbal , Kamruzzaman, Joarder , Vamplew, Peter , Watters, Paul
- Date: 2020
- Type: Text , Conference paper
- Relation: 27th International Conference on Neural Information Processing, ICONIP 2020, Bangkok, 18 to 22 November 2020, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) Vol. 12533 LNCS, p. 177-188
- Full Text: false
- Reviewed:
- Description: Ransomware is a widespread class of malware that encrypts files in a victim’s computer and extorts victims into paying a fee to regain access to their data. Previous research has proposed methods for ransomware detection using machine learning techniques. However, this research has not examined the precision of ransomware detection. While existing techniques show an overall high accuracy in detecting novel ransomware samples, previous research does not investigate the discrimination of novel ransomware from benign cryptographic programs. This is a critical, practical limitation of current research; machine learning based techniques would be limited in their practical benefit if they generated too many false positives (at best) or deleted/quarantined critical data (at worst). We examine the ability of machine learning techniques based on Application Programming Interface (API) profile features to discriminate novel ransomware from benign-cryptographic programs. This research provides a ransomware detection technique that provides improved detection accuracy and precision compared to other API profile based ransomware detection techniques while using significantly simpler features than previous dynamic ransomware detection research. © 2020, Springer Nature Switzerland AG.
Identifying cross-version function similarity using contextual features
- Authors: Black, Paul , Gondal, Iqbal , Vamplew, Peter , Lakhotia, Arun
- Date: 2020
- Type: Text , Conference paper
- Relation: 19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020 p. 810-818
- Full Text: false
- Reviewed:
- Description: The identification of similar functions in malware assists analysis by supporting the exclusion of functions that have been previously analysed, allows the identification of new variants, supports authorship attribution, and the analysis of malware phylogeny. A function's context is a set comprising the function itself and all the program functions that may be executed when this function is called. Contextual features consist of data that is extracted from the functions contained in the function context. This paper presents a novel technique called Cross Version Contextual Function Similarity (CVCFS) to identify function pairs in two programs using features based on both individual functions and function context. The CVCFS technique uses Support Vector Machine (SVM) machine learning of function similarity features to pre-filter function pairs and then applies an edit distance technique using function semantics to reduce false positives. A case study is provided where individual and contextual features are extracted from three versions of Zeus malware. The SVM pre-filtering, followed by the use of an edit distance technique to filter false positives, gives a function pair identification accuracy of 85 percent. © 2020 IEEE.
Mobile malware detection with imbalanced data using a novel synthetic oversampling strategy and deep learning
- Authors: Khoda, Mahbub , Kamruzzaman, Joarder , Gondal, Iqbal , Imam, Tasadduq , Rahman, Ashfaqur
- Date: 2020
- Type: Text , Conference paper
- Relation: 16th International Conference on Wireless and Mobile Computing, Networking and Communications (IEEE WiMob), Virtual, Thessaloniki, 12 to 14 October 2020, International Conference on Wireless and Mobile Computing, Networking and Communications
- Full Text: false
- Reviewed:
- Description: Mobile malware detection is inherently an imbalanced data problem since the number of benign applications in the market is far greater than the number of malicious applications. Existing methods to handle imbalanced data, such as synthetic minority over-sampling, do not translate well into this domain since mobile malware detection generally deals with binary features and these methods are designed for continuous features. Also, methods adapted for categorical features cannot be applied here since random modifications of features can result in invalid sample generation. In this work, we propose a novel technique for generating synthetic samples for mobile malware detection with imbalanced data. Our proposed method adds new data points in the sample space by generating synthetic malware samples which also preserves the original functionality of the malicious apps. Experiments show that the proposed approach outperforms existing techniques in terms of precision, recall, F1score, and AUC. This study will be useful in building deep neural network-based systems to handle imbalanced data for mobile malware detection. © 2020 IEEE.
Partial undersampling of imbalanced data for cyber threats detection
- Authors: Moniruzzaman, Md , Bagirov, Adil , Gondal, Iqbal
- Date: 2020
- Type: Text , Conference proceedings , Conference paper
- Relation: 2020 Australasian Computer Science Week Multiconference, ACSW 2020
- Full Text:
- Reviewed:
- Description: Real-time detection of cyber threats is a challenging task in cyber security. With the advancement of technology and ease of access to the internet, more and more individuals and organizations are becoming the target for various cyber attacks such as malware, ransomware, spyware. The target of these attacks is to steal money or valuable information from the victims. Signature-based detection methods fail to keep up with the constantly evolving new threats. Machine learning based detection has drawn more attention of researchers due to its capability of detecting new and modified attacks based on previous attack's behaviour. The number of malicious activities in a certain domain is significantly low compared to the number of normal activities. Therefore, cyber threats detection data sets are imbalanced. In this paper, we proposed a partial undersampling method to deal with imbalanced data for detecting cyber threats. © 2020 ACM.
- Description: E1
State estimation in the presence of cyber attacks using distributed partition technique
- Authors: Rashed, Muhammad , Gondal, Iqbal , Kamruzzuman, Joarder , Islam, Syed
- Date: 2020
- Type: Text , Conference paper
- Relation: 2020 Australasian Universities Power Engineering Conference, AUPEC 2020, Hobart, 29 November 2020 to 2 December 2020, 2020 Australasian Universities Power Engineering Conference, AUPEC 2020 - Proceedings
- Full Text: false
- Reviewed:
- Description: The security of smart grid (SG) is an open problem. False data injection attacks (FDIAs) could pose serious risks to automated smart grid and can cause power system outages which eventually could lead to huge economical losses. Cyber-attacks on critical infrastructure are big concerns to the nation's energy reliability; and attackers come up with new attack strategies that couldn't be detected by the traditional bad data detection methods. Although bad data detection (BDD) schemes based on traditional state estimation and chi-square tests within power systems have been used and considered very reliable in detecting false measurements, these BDD schemes and state estimators have been found vulnerable and failed to combat engineered cyber-attacks. In this paper, a novel chi-square detector has been used with a combination of two state estimators in Distributed Partitioning State Estimation (DPSE), results show it is very effective to combat FDIAs when compared with traditional state estimation techniques. The main idea of DPSE is to increase the sensitivity of the chi-square tests by partitioning the large grids into small blocks and applying the tests on each partition individually. State estimator modelled on a novel chi-square detector which is based on particle swarm optimization (PSO) algorithm significantly improved the results. Numerical simulations conducted in MATPOWER confirm the feasibility and effectiveness of the proposed method. © 2020 University of Tasmania.
An efficient selective miner consensus protocol in blockchain oriented iot smart monitoring
- Authors: Uddin, Ashraf , Stranieri, Andrew , Gondal, Iqbal , Balasubramanian, Venki
- Date: 2019
- Type: Text , Conference proceedings , Conference paper
- Relation: 2019 IEEE International Conference on Industrial Technology, ICIT 2019; Melbourne; Australia; 13th-15th February 2019 Vol. 2019-February, p. 1135-1142
- Full Text:
- Reviewed:
- Description: Blockchains have been widely used in Internet of Things(IoT) applications including smart cities, smart home and smart governance to provide high levels of security and privacy. In this article, we advance a Blockchain based decentralized architecture for the storage of IoT data produced from smart home/cities. The architecture includes a secure communication protocol using a sign-encryption technique between power constrained IoT devices and a Gateway. The sign encryption also preserves privacy. We propose that a Software Agent executing on the Gateway selects a Miner node using performance parameters of Miners. Simulations demonstrate that the recommended Miner selection outperforms Proof of Works selection used in Bitcoin and Random Miner Selection.
- Description: Proceedings of the IEEE International Conference on Industrial Technology
Blockchain leveraged task migration in body area sensor networks
- Authors: Uddin, Ashraf , Stranieri, Andrew , Gondal, Iqbal , Balasubramanian, Venki
- Date: 2019
- Type: Text , Conference proceedings , Conference paper
- Relation: 25th Asia-Pacific Conference on Communications, APCC 2019 p. 177-184
- Full Text:
- Reviewed:
- Description: Blockchain technologies emerging for healthcare support secure health data sharing with greater interoperability among different heterogeneous systems. However, the collection and storage of data generated from Body Area Sensor Net-works(BASN) for migration to high processing power computing services requires an efficient BASN architecture. We present a decentralized BASN architecture that involves devices at three levels; 1) Body Area Sensor Network-medical sensors typically on or in patient's body transmitting data to a Smartphone, 2) Fog/Edge, and 3) Cloud. We propose that a Patient Agent(PA) replicated on the Smartphone, Fog and Cloud servers processes medical data and execute a task offloading algorithm by leveraging a Blockchain. Performance analysis is conducted to demonstrate the feasibility of the proposed Blockchain leveraged, distributed Patient Agent controlled BASN. © 2019 IEEE.
- Description: E1
Categorical features transformation with compact one-hot encoder for fraud detection in distributed environment
- Authors: Ul Haq, Ikram , Gondal, Iqbal , Vamplew, Peter , Brown, Simon
- Date: 2019
- Type: Text , Conference proceedings , Conference paper
- Relation: 2019 16th Australasian Conference on Data Mining, AusDM 2018; Bathurst, NSW; 28 November 2018 through 30 November 2018 Vol. 996, p. 69-80
- Full Text: false
- Reviewed:
- Description: Fraud detection for online banking is an important research area, but one of the challenges is the heterogeneous nature of transactions data i.e. a combination of numeric as well as mixed attributes. Usually, numeric format data gives better performance for classification, regression and clustering algorithms. However, many machine learning problems have categorical, or nominal features, rather than numeric features only. In addition, some machine learning platforms such as Apache Spark accept numeric data only. One-hot Encoding (OHE) is a widely used approach for transforming categorical features to numerical features in traditional data mining tasks. The one-hot approach has some challenges as well: the sparseness of the transformed data and that the distinct values of an attribute are not always known in advance. Other than the model accuracy, compactness of machine learning models is equally important due to growing memory and storage needs. This paper presents an innovative technique to transform categorical features to numeric features by compacting sparse data even if all the distinct values are not known. The transformed data can be used for the development of fraud detection systems. The accuracy of the results has been validated on synthetic and real bank fraud data and a publicly available anomaly detection (KDD-99) dataset on a multi-node data cluster. © Springer Nature Singapore Pte Ltd. 2019.
Generative malware outbreak detection
- Authors: Park, Sean , Gondal, Iqbal , Kamruzzaman, Joarder , Oliver, Jon
- Date: 2019
- Type: Text , Conference proceedings , Conference paper
- Relation: 2019 IEEE International Conference on Industrial Technology, ICIT 2019 Vol. 2019-February, p. 1149-1154
- Full Text: false
- Reviewed:
- Description: Recently several deep learning approaches have been attempted to detect malware binaries using convolutional neural networks and stacked deep autoencoders. Although they have shown respectable performance on a large corpus of dataset, practical defense systems require precise detection during the malware outbreaks where only a handful of samples are available. This paper demonstrates the effectiveness of the latent representations obtained through the adversarial autoencoder for malware outbreak detection. Using instruction sequence distribution mapped to a semantic latent vector, the model provides a highly effective neural signature that helps detecting variants of a previously identified malware within a campaign mutated with minor functional upgrade, function shuffling, or slightly modified obfuscations. The method demonstrates how adversarial autoencoder can turn a multiclass classification task into a clustering problem when the sample set size is limited and the distribution is biased. The model performance is evaluated on OS X malware dataset against traditional machine learning models. © 2019 IEEE.
- Description: E1
Instruction cognitive one-shot malware outbreak detection
- Authors: Park, Sean , Gondal, Iqbal , Kamruzzaman, Joarder , Oliver, Jon
- Date: 2019
- Type: Text , Conference paper
- Relation: 26th International Conference on Neural Information Processing [ICONIP 2019] December 12-15 2019, Proceedings, Part IV Vol. 1142, p. 769-778
- Full Text: false
- Reviewed:
- Description: New malware outbreaks cannot provide thousands of training samples which are required to counter malware campaigns. In some cases, there could be just one sample. So, the defense system at the firing line must be able to quickly detect many automatically generated variants using a single malware instance observed from the initial outbreak by tatically inspecting the binary executables. As previous research works show, statistical features such as term frequency-inverse document frequency and n-gram are significantly vulnerable to attacks by mutation through reinforcement learning. Recent studies focus on raw binary executable as a base feature which contains instructions describing the core logic of the sample. However, many approaches using image-matching neural networks are insufficient due to the malware mutation technique that generates a large number of samples with high entropy data. Deriving instruction cognitive representation that disambiguates legitimate instructions from the context is necessary for accurate detection over raw binary executables. In this paper, we present a novel method of detecting semantically similar malware variants within a campaign using a single raw binary malware executable. We utilize Discrete Fourier Transform of instruction cognitive representation extracted from self-attention transformer network. The experiments were conducted with in-the-wild malware samples from ransomware and banking Trojan campaigns. The proposed method outperforms several state of the art binary classification models.
- Description: E1
Multi-source cyber-attacks detection using machine learning
- Authors: Taheri, Sona , Gondal, Iqbal , Bagirov, Adil , Harkness, Greg , Brown, Simon , Chi, Chihung
- Date: 2019
- Type: Text , Conference proceedings , Conference paper
- Relation: 2019 IEEE International Conference on Industrial Technology, ICIT 2019; Melbourne, Australia; 13th-15th February 2019 Vol. 2019-February, p. 1167-1172
- Full Text:
- Reviewed:
- Description: The Internet of Things (IoT) has significantly increased the number of devices connected to the Internet ranging from sensors to multi-source data information. As the IoT continues to evolve with new technologies number of threats and attacks against IoT devices are on the increase. Analyzing and detecting these attacks originating from different sources needs machine learning models. These models provide proactive solutions for detecting attacks and their sources. In this paper, we propose to apply a supervised machine learning classification technique to identify cyber-attacks from each source. More precisely, we apply the incremental piecewise linear classifier that constructs boundary between sources/classes incrementally starting with one hyperplane and adding more hyperplanes at each iteration. The algorithm terminates when no further significant improvement of the separation of sources/classes is possible. The construction and usage of piecewise linear boundaries allows us to avoid any possible overfitting. We apply the incremental piecewise linear classifier on the multi-source real world cyber security data set to identify cyber-attacks and their sources.
- Description: Proceedings of the IEEE International Conference on Industrial Technology
One-shot malware outbreak detection using spatio-temporal isomorphic dynamic features
- Authors: Park, Sean , Gondal, Iqbal , Kamruzzaman, Joarder , Zhang, Leo
- Date: 2019
- Type: Text , Conference proceedings , Conference paper
- Relation: 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering, TrustCom/BigDataSE 2019 p. 751-756
- Full Text: false
- Reviewed:
- Description: Fingerprinting the malware by its behavioural signature has been an attractive approach for malware detection due to the homogeneity of dynamic execution patterns across different variants of similar families. Although previous researches show reasonably good performance in dynamic detection using machine learning techniques on a large corpus of training set, decisions must be undertaken based upon a scarce number of observable samples in many practical defence scenarios. This paper demonstrates the effectiveness of generative adversarial autoencoder for dynamic malware detection under outbreak situations where in most cases a single sample is available for training the machine learning algorithm to detect similar samples that are in the wild. © 2019 IEEE.
- Description: E1
Selective adversarial learning for mobile malware
- Authors: Khoda, Mahbub , Imam, Tasadduq , Kamruzzaman, Joarder , Gondal, Iqbal , Rahman, Ashfaqur
- Date: 2019
- Type: Text , Conference proceedings , Conference paper
- Relation: 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering, TrustCom/BigDataSE 2019 p. 272-279
- Full Text: false
- Reviewed:
- Description: Machine learning models, including deep neural networks, have been shown to be vulnerable to adversarial attacks. Adversarial samples are crafted from legitimate inputs by carefully introducing small perturbation to the input so that the classifier is fooled. Adversarial retraining, which involves retraining the classifier using adversarial samples, has been shown to improve the robustness of the classifier against adversarial attacks. However, it has been also shown that retraining with too many samples can lead to performance degradation. Hence, a careful selection of the adversarial samples that are used to retrain the classifier is necessary, yet existing works select these samples in a randomized fashion. In our work, we propose two novel approaches for selecting adversarial samples: based on the distance from cluster center of malware and based on the probability derived from a kernel based learning (KBL). Our experiment results show that both of our selective mechanisms for adversarial retraining outperform the random selection technique and significantly improve the classifier performance against adversarial attacks. In particular, selection with KBL delivers above 6% improvement in detection accuracy compared to random selection. The method proposed here has greater impact in designing robust machine learning system for security applications. © 2019 IEEE.
- Description: E1
Vulnerability modelling for hybrid IT systems
- Authors: Ur-Rehman, Attiq , Gondal, Iqbal , Kamruzzuman, Joarder , Jolfaei, Alireza
- Date: 2019
- Type: Text , Conference proceedings , Conference paper
- Relation: 2019 IEEE International Conference on Industrial Technology, ICIT 2019; Melbourne, Australia; 13th-15th February 2019 Vol. 2019-February, p. 1186-1191
- Full Text:
- Reviewed:
- Description: Common vulnerability scoring system (CVSS) is an industry standard that can assess the vulnerability of nodes in traditional computer systems. The metrics computed by CVSS would determine critical nodes and attack paths. However, traditional IT security models would not fit IoT embedded networks due to distinct nature and unique characteristics of IoT systems. This paper analyses the application of CVSS for IoT embedded systems and proposes an improved vulnerability scoring system based on CVSS v3 framework. The proposed framework, named CVSSIoT, is applied to a realistic IT supply chain system and the results are compared with the actual vulnerabilities from the national vulnerability database. The comparison result validates the proposed model. CVSSIoT is not only effective, simple and capable of vulnerability evaluation for traditional IT system, but also exploits unique characteristics of IoT devices.
- Description: Proceedings of the IEEE International Conference on Industrial Technology