Survey : self-empowered wireless sensor networks security taxonomy, challenges, and future research directions
- Adil, Muhammad, Menon, Varun, Balasubramanian, Venki, Alotaibi, Sattam, Song, Houbing, Jin, Zhanpeng, Farouk, Ahmed
- Authors: Adil, Muhammad , Menon, Varun , Balasubramanian, Venki , Alotaibi, Sattam , Song, Houbing , Jin, Zhanpeng , Farouk, Ahmed
- Date: 2023
- Type: Text , Journal article
- Relation: IEEE Sensors Journal Vol. 23, no. 18 (2023), p. 20519-20535
- Full Text:
- Reviewed:
- Description: In the recent past, patient-wearable devices and implantable biosensors revealed exponential growth in digital healthcare, because they have the capability to allow access to information anywhere and every time to improve the life standard of multifarious disease-affected patients followed by healthy people. Following these advantages, digital healthcare demands a secure wireless communication infrastructure for interconnected self-empowered biosensor devices to maintain the trust of patients, doctors, pharmacologists, nursing staff, and other associated stakeholders. Several authentications, privacy, and data preservation schemes had been used in the literature to ensure the security of this emerging technology, but with time, these counteraction prototypes become vulnerable to new security threats, as the hackers work tirelessly to compromise them and steal the legitimate information of user's or disrupt the operation of an employed self-empowered wireless sensor network (SWSN). To discuss the security problems of SWSN applications, in this review article, we have presented a detailed survey of the present literature from 2019 to 2022, to familiarize the readers with different security threats and their counteraction schemes. Following this, we will highlight the pros and cons of these countermeasure techniques in the context of SWSN security requirements to underscore their limitations. Thereafter, we will follow-up on the underlined limitations to discuss the open security challenges of SWSNs that need the concerned authorities' attention. Based on this, we will pave a road map for future research work that could be useful for every individual associated with this technology. For the novelty and uniqueness of this work, we will make a comparative analysis with present survey papers published on this topic to answer the question of reviewers, readers, editors, and students why this article is in time and needed in the presence of rival papers. © 2022 IEEE.
- Authors: Adil, Muhammad , Menon, Varun , Balasubramanian, Venki , Alotaibi, Sattam , Song, Houbing , Jin, Zhanpeng , Farouk, Ahmed
- Date: 2023
- Type: Text , Journal article
- Relation: IEEE Sensors Journal Vol. 23, no. 18 (2023), p. 20519-20535
- Full Text:
- Reviewed:
- Description: In the recent past, patient-wearable devices and implantable biosensors revealed exponential growth in digital healthcare, because they have the capability to allow access to information anywhere and every time to improve the life standard of multifarious disease-affected patients followed by healthy people. Following these advantages, digital healthcare demands a secure wireless communication infrastructure for interconnected self-empowered biosensor devices to maintain the trust of patients, doctors, pharmacologists, nursing staff, and other associated stakeholders. Several authentications, privacy, and data preservation schemes had been used in the literature to ensure the security of this emerging technology, but with time, these counteraction prototypes become vulnerable to new security threats, as the hackers work tirelessly to compromise them and steal the legitimate information of user's or disrupt the operation of an employed self-empowered wireless sensor network (SWSN). To discuss the security problems of SWSN applications, in this review article, we have presented a detailed survey of the present literature from 2019 to 2022, to familiarize the readers with different security threats and their counteraction schemes. Following this, we will highlight the pros and cons of these countermeasure techniques in the context of SWSN security requirements to underscore their limitations. Thereafter, we will follow-up on the underlined limitations to discuss the open security challenges of SWSNs that need the concerned authorities' attention. Based on this, we will pave a road map for future research work that could be useful for every individual associated with this technology. For the novelty and uniqueness of this work, we will make a comparative analysis with present survey papers published on this topic to answer the question of reviewers, readers, editors, and students why this article is in time and needed in the presence of rival papers. © 2022 IEEE.
Cybersecurity indexes for eHealth
- Burke, Wendy, Oseni, Taiwo, Jolfaei, Alireza, Gondal, Iqbal
- Authors: Burke, Wendy , Oseni, Taiwo , Jolfaei, Alireza , Gondal, Iqbal
- Date: 2019
- Type: Text , Conference proceedings
- Relation: 2019 Australasian Computer Science Week Multiconference, ACSW 2019; Sydney, Australia; 29th-31st January 2019 p. 1-8
- Full Text: false
- Reviewed:
- Description: This study aimed to explore the cybersecurity landscape to identify cybersecurity indexes that may be relevant to the health industry. While the healthcare sector poses security concerns regarding patients' records, cybersecurity in the healthcare sector has not been given much consideration. Cybersecurity indexes are a survey that measures security preparedness and capabilities of a country or organisation. An index is made up of a series of questions, often broken into categories. These categories target areas such as law, technical responses, organisational threats, capacity building and social context. Some indexes provide ranking capabilities against other countries, while others directly evaluate what it means to be cyber-ready. In this paper, cybersecurity indexes were reviewed regarding the level of assessment (country level/organisation level), and their consideration of the wider community, the health sector, and their appearance in academic literature. Results from this study found that there was no consistency between the indexes investigated, with each index having a diverse number of categories and indicators. Some indexes resulted in a score; others did not rank their results in league tables. Evidence to calculate the level of adherence was often obtained from secondary sources, with four of the country indexes using both primary and secondary sources. Eight (out of fourteen) indexes measured wider community indicators and only one index specifically measured eHealth services. Findings from the initial systematic review suggest that hardly any peer-reviewed journal articles exist on the topic of cybersecurity indexes. The paper concludes that most of the indexes studied are broad and do not consider the eHealth sector specifically. Each index relies on a different process to gauge cybersecurity, with little to no academic rigour. It is expected that this research will contribute to the current (limited) literature addressing cybersecurity indexes.
- Description: ACM International Conference Proceeding Series
An IIoT-Based Networked Industrial Control System Architecture to Secure Industrial Applications
- Authors: Sen, Sachin , Song, Lei
- Date: 2021
- Type: Text , Conference paper
- Relation: 2nd IEEE Industrial Electronics and Applications Conference, IEACon 2021, Virtual, Online,22-23 November 2021, IEACon 2021 - 2021 IEEE Industrial Electronics and Applications Conference p. 280-285
- Full Text: false
- Reviewed:
- Description: Behind the great success of the current internet, Open Systems Interconnect (OSI) and Transport Control Protocol/Internet Protocol (TCP/IP) standards play the most important role. Whereas, due to a lack of standard architectures, industrial internet is lagging behind. This makes industrial internet applications experience increased security risks due to their integration with the information technology and exposure to the public internet. In this research, we propose a layered architecture for industrial internet of things (IIoT) based networked industrial control systems (n-ICS). Layer-wise functionality of this architecture could be useful in identifying necessary security protocols for each layer. Subsequently, this might assist in allocating resources towards the secure operation of industrial applications. To validate the proposed architecture, we modelled a water flow control system, where we demonstrated a data deception attack on its operation at the physical layer. This demonstration validates that from within the close proximity of networked control systems, threat actors can launch possible attacks to deceive physical industrial applications. Our proposed system includes a network communication architecture and a corresponding security architecture aligning with the network architecture. This will facilitate the design of security suites and/or the allocation of security resources on the basis of layered network functionalities. © 2021 IEEE.
BCT-CS : blockchain technology applications for cyber defense and cybersecurity : a survey and solutions
- Kshetri, Naresh, Bhushal, Chandra, Pandey, Purnendu, Vasudha,
- Authors: Kshetri, Naresh , Bhushal, Chandra , Pandey, Purnendu , Vasudha,
- Date: 2022
- Type: Text , Journal article
- Relation: International Journal of Advanced Computer Science and Applications Vol. 13, no. 11 (2022), p. 364-370
- Full Text:
- Reviewed:
- Description: Blockchain technology has now emerged as a ground-breaking technology with possible solutions to applications from securing smart cities to e-voting systems. Although it started as a digital currency or cryptocurrency, bitcoin, there is no doubt that blockchain is influencing and will influence business and society more in the near future. We present a comprehensive survey of how blockchain technology is applied to provide security over the web and to counter ongoing threats as well as increasing cybercrimes and cyber-attacks. During the review, we also investigate how blockchain can affect cyber data and information over the web. Our contributions included the following: (i) summarizing the Blockchain architecture and models for cybersecurity (ii) classifying and discussing recent and relevant works for cyber countermeasures using blockchain (iii) analyzing the main challenges and obstacles of blockchain technology in response to cyber defense and cybersecurity and (iv) recommendations for improvement and future research on the integration of blockchain with cyber defense. © 2022,International Journal of Advanced Computer Science and Applications. All Rights Reserved.
- Authors: Kshetri, Naresh , Bhushal, Chandra , Pandey, Purnendu , Vasudha,
- Date: 2022
- Type: Text , Journal article
- Relation: International Journal of Advanced Computer Science and Applications Vol. 13, no. 11 (2022), p. 364-370
- Full Text:
- Reviewed:
- Description: Blockchain technology has now emerged as a ground-breaking technology with possible solutions to applications from securing smart cities to e-voting systems. Although it started as a digital currency or cryptocurrency, bitcoin, there is no doubt that blockchain is influencing and will influence business and society more in the near future. We present a comprehensive survey of how blockchain technology is applied to provide security over the web and to counter ongoing threats as well as increasing cybercrimes and cyber-attacks. During the review, we also investigate how blockchain can affect cyber data and information over the web. Our contributions included the following: (i) summarizing the Blockchain architecture and models for cybersecurity (ii) classifying and discussing recent and relevant works for cyber countermeasures using blockchain (iii) analyzing the main challenges and obstacles of blockchain technology in response to cyber defense and cybersecurity and (iv) recommendations for improvement and future research on the integration of blockchain with cyber defense. © 2022,International Journal of Advanced Computer Science and Applications. All Rights Reserved.
A tree-based stacking ensemble technique with feature selection for network intrusion detection
- Rashid, Mamanur, Kamruzzaman, Joarder, Imam, Tasadduq, Wibowo, Santoso, Gordon, Steven
- Authors: Rashid, Mamanur , Kamruzzaman, Joarder , Imam, Tasadduq , Wibowo, Santoso , Gordon, Steven
- Date: 2022
- Type: Text , Journal article
- Relation: Applied Intelligence Vol. 52, no. 9 (2022), p. 9768-9781
- Full Text: false
- Reviewed:
- Description: Several studies have used machine learning algorithms to develop intrusion systems (IDS), which differentiate anomalous behaviours from the normal activities of network systems. Due to the ease of automated data collection and subsequently an increased size of collected data on network traffic and activities, the complexity of intrusion analysis is increasing exponentially. A particular issue, due to statistical and computation limitations, a single classifier may not perform well for large scale data as existent in modern IDS contexts. Ensemble methods have been explored in literature in such big data contexts. Although more complicated and requiring additional computation, literature has a note that ensemble methods can result in better accuracy than single classifiers in different large scale data classification contexts, and it is interesting to explore how ensemble approaches can perform in IDS. In this research, we introduce a tree-based stacking ensemble technique (SET) and test the effectiveness of the proposed model on two intrusion datasets (NSL-KDD and UNSW-NB15). We further enhance incorporate feature selection techniques to select the best relevant features with the proposed SET. A comprehensive performance analysis shows that our proposed model can better identify the normal and anomaly traffic in network than other existing IDS models. This implies the potentials of our proposed system for cybersecurity in Internet of Things (IoT) and large scale networks. © 2022, The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature.
Investigating the effectiveness of novel support vector neural network for anomaly detection in digital forensics data
- Islam, Umar, Alwageed, Hathal, Farooq, Malik, Khan, Inayat, Awwad, Fuad, Ali, Ijaz, Abonazel, Mohamed
- Authors: Islam, Umar , Alwageed, Hathal , Farooq, Malik , Khan, Inayat , Awwad, Fuad , Ali, Ijaz , Abonazel, Mohamed
- Date: 2023
- Type: Text , Journal article
- Relation: Sensors Vol. 23, no. 12 (2023), p.
- Full Text:
- Reviewed:
- Description: As criminal activity increasingly relies on digital devices, the field of digital forensics plays a vital role in identifying and investigating criminals. In this paper, we addressed the problem of anomaly detection in digital forensics data. Our objective was to propose an effective approach for identifying suspicious patterns and activities that could indicate criminal behavior. To achieve this, we introduce a novel method called the Novel Support Vector Neural Network (NSVNN). We evaluated the performance of the NSVNN by conducting experiments on a real-world dataset of digital forensics data. The dataset consisted of various features related to network activity, system logs, and file metadata. Through our experiments, we compared the NSVNN with several existing anomaly detection algorithms, including Support Vector Machines (SVM) and neural networks. We measured and analyzed the performance of each algorithm in terms of the accuracy, precision, recall, and F1-score. Furthermore, we provide insights into the specific features that contribute significantly to the detection of anomalies. Our results demonstrated that the NSVNN method outperformed the existing algorithms in terms of anomaly detection accuracy. We also highlight the interpretability of the NSVNN model by analyzing the feature importance and providing insights into the decision-making process. Overall, our research contributes to the field of digital forensics by proposing a novel approach, the NSVNN, for anomaly detection. We emphasize the importance of both performance evaluation and model interpretability in this context, providing practical insights for identifying criminal behavior in digital forensics investigations. © 2023 by the authors.
- Authors: Islam, Umar , Alwageed, Hathal , Farooq, Malik , Khan, Inayat , Awwad, Fuad , Ali, Ijaz , Abonazel, Mohamed
- Date: 2023
- Type: Text , Journal article
- Relation: Sensors Vol. 23, no. 12 (2023), p.
- Full Text:
- Reviewed:
- Description: As criminal activity increasingly relies on digital devices, the field of digital forensics plays a vital role in identifying and investigating criminals. In this paper, we addressed the problem of anomaly detection in digital forensics data. Our objective was to propose an effective approach for identifying suspicious patterns and activities that could indicate criminal behavior. To achieve this, we introduce a novel method called the Novel Support Vector Neural Network (NSVNN). We evaluated the performance of the NSVNN by conducting experiments on a real-world dataset of digital forensics data. The dataset consisted of various features related to network activity, system logs, and file metadata. Through our experiments, we compared the NSVNN with several existing anomaly detection algorithms, including Support Vector Machines (SVM) and neural networks. We measured and analyzed the performance of each algorithm in terms of the accuracy, precision, recall, and F1-score. Furthermore, we provide insights into the specific features that contribute significantly to the detection of anomalies. Our results demonstrated that the NSVNN method outperformed the existing algorithms in terms of anomaly detection accuracy. We also highlight the interpretability of the NSVNN model by analyzing the feature importance and providing insights into the decision-making process. Overall, our research contributes to the field of digital forensics by proposing a novel approach, the NSVNN, for anomaly detection. We emphasize the importance of both performance evaluation and model interpretability in this context, providing practical insights for identifying criminal behavior in digital forensics investigations. © 2023 by the authors.
Security and privacy in IoT using machine learning and blockchain : threats and countermeasures
- Waheed, Nazar, He, Xiangjian, Ikram, Muhammad, Usman, Muhammad, Hashmi, Saad
- Authors: Waheed, Nazar , He, Xiangjian , Ikram, Muhammad , Usman, Muhammad , Hashmi, Saad
- Date: 2021
- Type: Text , Journal article , Review
- Relation: ACM Computing Surveys Vol. 53, no. 6 (2021), p.
- Full Text:
- Reviewed:
- Description: Security and privacy of users have become significant concerns due to the involvement of the Internet of Things (IoT) devices in numerous applications. Cyber threats are growing at an explosive pace making the existing security and privacy measures inadequate. Hence, everyone on the Internet is a product for hackers. Consequently, Machine Learning (ML) algorithms are used to produce accurate outputs from large complex databases, where the generated outputs can be used to predict and detect vulnerabilities in IoT-based systems. Furthermore, Blockchain (BC) techniques are becoming popular in modern IoT applications to solve security and privacy issues. Several studies have been conducted on either ML algorithms or BC techniques. However, these studies target either security or privacy issues using ML algorithms or BC techniques, thus posing a need for a combined survey on efforts made in recent years addressing both security and privacy issues using ML algorithms and BC techniques. In this article, we provide a summary of research efforts made in the past few years, from 2008 to 2019, addressing security and privacy issues using ML algorithms and BC techniques in the IoT domain. First, we discuss and categorize various security and privacy threats reported in the past 12 years in the IoT domain. We then classify the literature on security and privacy efforts based on ML algorithms and BC techniques in the IoT domain. Finally, we identify and illuminate several challenges and future research directions using ML algorithms and BC techniques to address security and privacy issues in the IoT domain. © 2020 ACM.
- Authors: Waheed, Nazar , He, Xiangjian , Ikram, Muhammad , Usman, Muhammad , Hashmi, Saad
- Date: 2021
- Type: Text , Journal article , Review
- Relation: ACM Computing Surveys Vol. 53, no. 6 (2021), p.
- Full Text:
- Reviewed:
- Description: Security and privacy of users have become significant concerns due to the involvement of the Internet of Things (IoT) devices in numerous applications. Cyber threats are growing at an explosive pace making the existing security and privacy measures inadequate. Hence, everyone on the Internet is a product for hackers. Consequently, Machine Learning (ML) algorithms are used to produce accurate outputs from large complex databases, where the generated outputs can be used to predict and detect vulnerabilities in IoT-based systems. Furthermore, Blockchain (BC) techniques are becoming popular in modern IoT applications to solve security and privacy issues. Several studies have been conducted on either ML algorithms or BC techniques. However, these studies target either security or privacy issues using ML algorithms or BC techniques, thus posing a need for a combined survey on efforts made in recent years addressing both security and privacy issues using ML algorithms and BC techniques. In this article, we provide a summary of research efforts made in the past few years, from 2008 to 2019, addressing security and privacy issues using ML algorithms and BC techniques in the IoT domain. First, we discuss and categorize various security and privacy threats reported in the past 12 years in the IoT domain. We then classify the literature on security and privacy efforts based on ML algorithms and BC techniques in the IoT domain. Finally, we identify and illuminate several challenges and future research directions using ML algorithms and BC techniques to address security and privacy issues in the IoT domain. © 2020 ACM.
A study into the impact of data breaches of electronic health records
- Pilla, Ravi, Oseni, Taiwo, Stranieri, Andrew
- Authors: Pilla, Ravi , Oseni, Taiwo , Stranieri, Andrew
- Date: 2023
- Type: Text , Conference paper
- Relation: 2023 Australasian Computer Science Week, ACSW 2023, Melbourne Australia, 31 January-3 February 2023, ACSW '23: Proceedings of the 2023 Australasian Computer Science Week p. 252-254
- Full Text: false
- Reviewed:
- Description: The research study deals with electronic health records (EHRs) data breaches, their impact., Electronic health records play an important role in digital healthcare services. However, confidentiality and integrity of sensitive EHRs are critical to ensure patient privacy. Although the existing traditional cybersecurity practices provide some protection, they cannot prevent EHRs data breaches. Therefore, this research's primary focus will be critically reviewing the impact of data breaches and current cybersecurity practices. Finally, the paper's key findings highlight the type of cyberattacks and options to reduce them. © 2023 ACM.
A patient agent controlled customized blockchain based framework for internet of things
- Authors: Uddin, Md Ashraf
- Date: 2021
- Type: Text , Thesis , PhD
- Full Text:
- Description: Although Blockchain implementations have emerged as revolutionary technologies for various industrial applications including cryptocurrencies, they have not been widely deployed to store data streaming from sensors to remote servers in architectures known as Internet of Things. New Blockchain for the Internet of Things models promise secure solutions for eHealth, smart cities, and other applications. These models pave the way for continuous monitoring of patient’s physiological signs with wearable sensors to augment traditional medical practice without recourse to storing data with a trusted authority. However, existing Blockchain algorithms cannot accommodate the huge volumes, security, and privacy requirements of health data. In this thesis, our first contribution is an End-to-End secure eHealth architecture that introduces an intelligent Patient Centric Agent. The Patient Centric Agent executing on dedicated hardware manages the storage and access of streams of sensors generated health data, into a customized Blockchain and other less secure repositories. As IoT devices cannot host Blockchain technology due to their limited memory, power, and computational resources, the Patient Centric Agent coordinates and communicates with a private customized Blockchain on behalf of the wearable devices. While the adoption of a Patient Centric Agent offers solutions for addressing continuous monitoring of patients’ health, dealing with storage, data privacy and network security issues, the architecture is vulnerable to Denial of Services(DoS) and single point of failure attacks. To address this issue, we advance a second contribution; a decentralised eHealth system in which the Patient Centric Agent is replicated at three levels: Sensing Layer, NEAR Processing Layer and FAR Processing Layer. The functionalities of the Patient Centric Agent are customized to manage the tasks of the three levels. Simulations confirm protection of the architecture against DoS attacks. Few patients require all their health data to be stored in Blockchain repositories but instead need to select an appropriate storage medium for each chunk of data by matching their personal needs and preferences with features of candidate storage mediums. Motivated by this context, we advance third contribution; a recommendation model for health data storage that can accommodate patient preferences and make storage decisions rapidly, in real-time, even with streamed data. The mapping between health data features and characteristics of each repository is learned using machine learning. The Blockchain’s capacity to make transactions and store records without central oversight enables its application for IoT networks outside health such as underwater IoT networks where the unattended nature of the nodes threatens their security and privacy. However, underwater IoT differs from ground IoT as acoustics signals are the communication media leading to high propagation delays, high error rates exacerbated by turbulent water currents. Our fourth contribution is a customized Blockchain leveraged framework with the model of Patient-Centric Agent renamed as Smart Agent for securely monitoring underwater IoT. Finally, the smart Agent has been investigated in developing an IoT smart home or cities monitoring framework. The key algorithms underpinning to each contribution have been implemented and analysed using simulators.
- Description: Doctor of Philosophy
- Authors: Uddin, Md Ashraf
- Date: 2021
- Type: Text , Thesis , PhD
- Full Text:
- Description: Although Blockchain implementations have emerged as revolutionary technologies for various industrial applications including cryptocurrencies, they have not been widely deployed to store data streaming from sensors to remote servers in architectures known as Internet of Things. New Blockchain for the Internet of Things models promise secure solutions for eHealth, smart cities, and other applications. These models pave the way for continuous monitoring of patient’s physiological signs with wearable sensors to augment traditional medical practice without recourse to storing data with a trusted authority. However, existing Blockchain algorithms cannot accommodate the huge volumes, security, and privacy requirements of health data. In this thesis, our first contribution is an End-to-End secure eHealth architecture that introduces an intelligent Patient Centric Agent. The Patient Centric Agent executing on dedicated hardware manages the storage and access of streams of sensors generated health data, into a customized Blockchain and other less secure repositories. As IoT devices cannot host Blockchain technology due to their limited memory, power, and computational resources, the Patient Centric Agent coordinates and communicates with a private customized Blockchain on behalf of the wearable devices. While the adoption of a Patient Centric Agent offers solutions for addressing continuous monitoring of patients’ health, dealing with storage, data privacy and network security issues, the architecture is vulnerable to Denial of Services(DoS) and single point of failure attacks. To address this issue, we advance a second contribution; a decentralised eHealth system in which the Patient Centric Agent is replicated at three levels: Sensing Layer, NEAR Processing Layer and FAR Processing Layer. The functionalities of the Patient Centric Agent are customized to manage the tasks of the three levels. Simulations confirm protection of the architecture against DoS attacks. Few patients require all their health data to be stored in Blockchain repositories but instead need to select an appropriate storage medium for each chunk of data by matching their personal needs and preferences with features of candidate storage mediums. Motivated by this context, we advance third contribution; a recommendation model for health data storage that can accommodate patient preferences and make storage decisions rapidly, in real-time, even with streamed data. The mapping between health data features and characteristics of each repository is learned using machine learning. The Blockchain’s capacity to make transactions and store records without central oversight enables its application for IoT networks outside health such as underwater IoT networks where the unattended nature of the nodes threatens their security and privacy. However, underwater IoT differs from ground IoT as acoustics signals are the communication media leading to high propagation delays, high error rates exacerbated by turbulent water currents. Our fourth contribution is a customized Blockchain leveraged framework with the model of Patient-Centric Agent renamed as Smart Agent for securely monitoring underwater IoT. Finally, the smart Agent has been investigated in developing an IoT smart home or cities monitoring framework. The key algorithms underpinning to each contribution have been implemented and analysed using simulators.
- Description: Doctor of Philosophy
Attacks on self-driving cars and their countermeasures : a survey
- Chowdhury, Abdullahi, Karmakar, Gour, Kamruzzaman, Joarder, Jolfaei, Alireza, Das, Rajkumar
- Authors: Chowdhury, Abdullahi , Karmakar, Gour , Kamruzzaman, Joarder , Jolfaei, Alireza , Das, Rajkumar
- Date: 2020
- Type: Text , Journal article , Review
- Relation: IEEE Access Vol. 8, no. (2020), p. 207308-207342
- Full Text:
- Reviewed:
- Description: Intelligent Traffic Systems (ITS) are currently evolving in the form of a cooperative ITS or connected vehicles. Both forms use the data communications between Vehicle-To-Vehicle (V2V), Vehicle-To-Infrastructure (V2I/I2V) and other on-road entities, and are accelerating the adoption of self-driving cars. The development of cyber-physical systems containing advanced sensors, sub-systems, and smart driving assistance applications over the past decade is equipping unmanned aerial and road vehicles with autonomous decision-making capabilities. The level of autonomy depends upon the make-up and degree of sensor sophistication and the vehicle's operational applications. As a result, self-driving cars are being compromised perceived as a serious threat. Therefore, analyzing the threats and attacks on self-driving cars and ITSs, and their corresponding countermeasures to reduce those threats and attacks are needed. For this reason, some survey papers compiling potential attacks on VANETs, ITSs and self-driving cars, and their detection mechanisms are available in the current literature. However, up to our knowledge, they have not covered the real attacks already happened in self-driving cars. To bridge this research gap, in this paper, we analyze the attacks that already targeted self-driving cars and extensively present potential cyber-Attacks and their impacts on those cars along with their vulnerabilities. For recently reported attacks, we describe the possible mitigation strategies taken by the manufacturers and governments. This survey includes recent works on how a self-driving car can ensure resilient operation even under ongoing cyber-Attack. We also provide further research directions to improve the security issues associated with self-driving cars. © 2013 IEEE.
- Authors: Chowdhury, Abdullahi , Karmakar, Gour , Kamruzzaman, Joarder , Jolfaei, Alireza , Das, Rajkumar
- Date: 2020
- Type: Text , Journal article , Review
- Relation: IEEE Access Vol. 8, no. (2020), p. 207308-207342
- Full Text:
- Reviewed:
- Description: Intelligent Traffic Systems (ITS) are currently evolving in the form of a cooperative ITS or connected vehicles. Both forms use the data communications between Vehicle-To-Vehicle (V2V), Vehicle-To-Infrastructure (V2I/I2V) and other on-road entities, and are accelerating the adoption of self-driving cars. The development of cyber-physical systems containing advanced sensors, sub-systems, and smart driving assistance applications over the past decade is equipping unmanned aerial and road vehicles with autonomous decision-making capabilities. The level of autonomy depends upon the make-up and degree of sensor sophistication and the vehicle's operational applications. As a result, self-driving cars are being compromised perceived as a serious threat. Therefore, analyzing the threats and attacks on self-driving cars and ITSs, and their corresponding countermeasures to reduce those threats and attacks are needed. For this reason, some survey papers compiling potential attacks on VANETs, ITSs and self-driving cars, and their detection mechanisms are available in the current literature. However, up to our knowledge, they have not covered the real attacks already happened in self-driving cars. To bridge this research gap, in this paper, we analyze the attacks that already targeted self-driving cars and extensively present potential cyber-Attacks and their impacts on those cars along with their vulnerabilities. For recently reported attacks, we describe the possible mitigation strategies taken by the manufacturers and governments. This survey includes recent works on how a self-driving car can ensure resilient operation even under ongoing cyber-Attack. We also provide further research directions to improve the security issues associated with self-driving cars. © 2013 IEEE.
A survey on representation learning efforts in cybersecurity domain
- Usman, Muhammad, Jan, Mian, He, Xiangjian, Chen, Jinjun
- Authors: Usman, Muhammad , Jan, Mian , He, Xiangjian , Chen, Jinjun
- Date: 2020
- Type: Text , Journal article
- Relation: ACM computing surveys Vol. 52, no. 6 (2020), p. 1-28
- Full Text: false
- Reviewed:
- Description: In this technology-based era, network-based systems are facing new cyber-attacks on daily bases. Traditional cybersecurity approaches are based on old threat-knowledge databases and need to be updated on a daily basis to stand against new generation of cyber-threats and protect underlying network-based systems. Along with updating threat-knowledge databases, there is a need for proper management and processing of data generated by sensitive real-time applications. In recent years, various computing platforms based on representation learning algorithms have emerged as a useful resource to manage and exploit the generated data to extract meaningful information. If these platforms are properly utilized, then strong cybersecurity systems can be developed to protect the underlying network-based systems and support sensitive real-time applications. In this survey, we highlight various cyber-threats, real-life examples, and initiatives taken by various international organizations. We discuss various computing platforms based on representation learning algorithms to process and analyze the generated data. We highlight various popular datasets introduced by well-known global organizations that can be used to train the representation learning algorithms to predict and detect threats. We also provide an in-depth analysis of research efforts based on representation learning algorithms made in recent years to protect the underlying network-based systems against current cyber-threats. Finally, we highlight various limitations and challenges in these efforts and available datasets that need to be considered when using them to build cybersecurity systems.
- Ali, Sajid, Abusabha, Omar, Ali, Farman, Imran, Muhammad, Abuhmed, Tamer
- Authors: Ali, Sajid , Abusabha, Omar , Ali, Farman , Imran, Muhammad , Abuhmed, Tamer
- Date: 2023
- Type: Text , Journal article
- Relation: IEEE Transactions on Network and Service Management Vol. 20, no. 2 (2023), p. 1199-1209
- Full Text: false
- Reviewed:
- Description: Despite the benefits of the Internet of Things (IoT), the growing influx of IoT-specific malware coordinating large-scale cyberattacks via infected IoT devices has created a substantial threat to the Internet ecosystem. Assessing IoT systems' security and developing mitigation measures to prevent the spread of IoT malware is therefore critical. Furthermore, for training and testing the fidelity of cyber security-based Machine Learning (ML) and Deep Learning (DL) approaches, the collection and exploration of information from multiple sources from the IoT are crucial. In this regard, we propose a multitask DL model for detecting IoT malware. Our proposed Long Short-Term Memory (LSTM) based model efficiently performs two tasks: 1) determination of whether the provided traffic is benign or malicious, and 2) determination of the malware type for identifying malicious network traffic. We used large-scale traffic data of 145. pcap files of benign and malicious traffic collected from 18 different IoT devices. We performed a time-series analysis on the packets of traffic flows, which were then used to train the proposed model. The features extracted from the dataset were categorized into three modalities: flow-related, traffic flag-related, and packet payload-related features. A feature selection approach was employed at the feature and modality levels, and the best modalities and features were utilized for performance enhancement. For tasks 1 and 2 and multitask classification, the flow-related and flag-related modalities showed the best testing accuracies of 92.63%, 88.45%, and 95.83%, respectively. © 2004-2012 IEEE.
Measuring trustworthiness of image data in the internet of things environment
- Authors: Islam, Mohammad
- Date: 2021
- Type: Text , Thesis , PhD
- Full Text:
- Description: Internet of Things (IoT) image sensors generate huge volumes of digital images every day. However, easy availability and usability of photo editing tools, the vulnerability in communication channels and malicious software have made forgery attacks on image sensor data effortless and thus expose IoT systems to cyberattacks. In IoT applications such as smart cities and surveillance systems, the smooth operation depends on sensors’ sharing data with other sensors of identical or different types. Therefore, a sensor must be able to rely on the data it receives from other sensors; in other words, data must be trustworthy. Sensors deployed in IoT applications are usually limited to low processing and battery power, which prohibits the use of complex cryptography and security mechanism and the adoption of universal security standards by IoT device manufacturers. Hence, estimating the trust of the image sensor data is a defensive solution as these data are used for critical decision-making processes. To our knowledge, only one published work has estimated the trustworthiness of digital images applied to forensic applications. However, that study’s method depends on machine learning prediction scores returned by existing forensic models, which limits its usage where underlying forensics models require different approaches (e.g., machine learning predictions, statistical methods, digital signature, perceptual image hash). Multi-type sensor data correlation and context awareness can improve the trust measurement, which is absent in that study’s model. To address these issues, novel techniques are introduced to accurately estimate the trustworthiness of IoT image sensor data with the aid of complementary non-imagery (numeric) data-generating sensors monitoring the same environment. The trust estimation models run in edge devices, relieving sensors from computationally intensive tasks. First, to detect local image forgery (splicing and copy-move attacks), an innovative image forgery detection method is proposed based on Discrete Cosine Transformation (DCT), Local Binary Pattern (LBP) and a new feature extraction method using the mean operator. Using Support Vector Machine (SVM), the proposed method is extensively tested on four well-known publicly available greyscale and colour image forgery datasets and on an IoT-based image forgery dataset that we built. Experimental results reveal the superiority of our proposed method over recent state-of-the-art methods in terms of widely used performance metrics and computational time and demonstrate robustness against low availability of forged training samples. Second, a robust trust estimation framework for IoT image data is proposed, leveraging numeric data-generating sensors deployed in the same area of interest (AoI) in an indoor environment. As low-cost sensors allow many IoT applications to use multiple types of sensors to observe the same AoI, the complementary numeric data of one sensor can be exploited to measure the trust value of another image sensor’s data. A theoretical model is developed using Shannon’s entropy to derive the uncertainty associated with an observed event and Dempster-Shafer theory (DST) for decision fusion. The proposed model’s efficacy in estimating the trust score of image sensor data is analysed by observing a fire event using IoT image and temperature sensor data in an indoor residential setup under different scenarios. The proposed model produces highly accurate trust scores in all scenarios with authentic and forged image data. Finally, as the outdoor environment varies dynamically due to different natural factors (e.g., lighting condition variations in day and night, presence of different objects, smoke, fog, rain, shadow in the scene), a novel trust framework is proposed that is suitable for the outdoor environments with these contextual variations. A transfer learning approach is adopted to derive the decision about an observation from image sensor data, while also a statistical approach is used to derive the decision about the same observation from numeric data generated from other sensors deployed in the same AoI. These decisions are then fused using CertainLogic and compared with DST-based fusion. A testbed was set up using Raspberry Pi microprocessor, image sensor, temperature sensor, edge device, LoRa nodes, LoRaWAN gateway and servers to evaluate the proposed techniques. The results show that CertainLogic is more suitable for measuring the trustworthiness of image sensor data in an outdoor environment.
- Description: Doctor of Philosophy
- Authors: Islam, Mohammad
- Date: 2021
- Type: Text , Thesis , PhD
- Full Text:
- Description: Internet of Things (IoT) image sensors generate huge volumes of digital images every day. However, easy availability and usability of photo editing tools, the vulnerability in communication channels and malicious software have made forgery attacks on image sensor data effortless and thus expose IoT systems to cyberattacks. In IoT applications such as smart cities and surveillance systems, the smooth operation depends on sensors’ sharing data with other sensors of identical or different types. Therefore, a sensor must be able to rely on the data it receives from other sensors; in other words, data must be trustworthy. Sensors deployed in IoT applications are usually limited to low processing and battery power, which prohibits the use of complex cryptography and security mechanism and the adoption of universal security standards by IoT device manufacturers. Hence, estimating the trust of the image sensor data is a defensive solution as these data are used for critical decision-making processes. To our knowledge, only one published work has estimated the trustworthiness of digital images applied to forensic applications. However, that study’s method depends on machine learning prediction scores returned by existing forensic models, which limits its usage where underlying forensics models require different approaches (e.g., machine learning predictions, statistical methods, digital signature, perceptual image hash). Multi-type sensor data correlation and context awareness can improve the trust measurement, which is absent in that study’s model. To address these issues, novel techniques are introduced to accurately estimate the trustworthiness of IoT image sensor data with the aid of complementary non-imagery (numeric) data-generating sensors monitoring the same environment. The trust estimation models run in edge devices, relieving sensors from computationally intensive tasks. First, to detect local image forgery (splicing and copy-move attacks), an innovative image forgery detection method is proposed based on Discrete Cosine Transformation (DCT), Local Binary Pattern (LBP) and a new feature extraction method using the mean operator. Using Support Vector Machine (SVM), the proposed method is extensively tested on four well-known publicly available greyscale and colour image forgery datasets and on an IoT-based image forgery dataset that we built. Experimental results reveal the superiority of our proposed method over recent state-of-the-art methods in terms of widely used performance metrics and computational time and demonstrate robustness against low availability of forged training samples. Second, a robust trust estimation framework for IoT image data is proposed, leveraging numeric data-generating sensors deployed in the same area of interest (AoI) in an indoor environment. As low-cost sensors allow many IoT applications to use multiple types of sensors to observe the same AoI, the complementary numeric data of one sensor can be exploited to measure the trust value of another image sensor’s data. A theoretical model is developed using Shannon’s entropy to derive the uncertainty associated with an observed event and Dempster-Shafer theory (DST) for decision fusion. The proposed model’s efficacy in estimating the trust score of image sensor data is analysed by observing a fire event using IoT image and temperature sensor data in an indoor residential setup under different scenarios. The proposed model produces highly accurate trust scores in all scenarios with authentic and forged image data. Finally, as the outdoor environment varies dynamically due to different natural factors (e.g., lighting condition variations in day and night, presence of different objects, smoke, fog, rain, shadow in the scene), a novel trust framework is proposed that is suitable for the outdoor environments with these contextual variations. A transfer learning approach is adopted to derive the decision about an observation from image sensor data, while also a statistical approach is used to derive the decision about the same observation from numeric data generated from other sensors deployed in the same AoI. These decisions are then fused using CertainLogic and compared with DST-based fusion. A testbed was set up using Raspberry Pi microprocessor, image sensor, temperature sensor, edge device, LoRa nodes, LoRaWAN gateway and servers to evaluate the proposed techniques. The results show that CertainLogic is more suitable for measuring the trustworthiness of image sensor data in an outdoor environment.
- Description: Doctor of Philosophy
SoK : a holistic view of cyberattacks prediction with digital twins
- Luzzi, Juan, Naha, Ranesh, Arulappan, Arunkumar, Mahanti, Aniket
- Authors: Luzzi, Juan , Naha, Ranesh , Arulappan, Arunkumar , Mahanti, Aniket
- Date: 2024
- Type: Text , Conference paper
- Relation: 2nd International Conference on Emerging Trends in Information Technology and Engineering, ic-ETITE 2024, Vellore, India, 22-23 February 2024, 2nd International Conference on Emerging Trends in Information Technology and Engineering, ic-ETITE 2024
- Full Text: false
- Reviewed:
- Description: Digital Twins (DTs) are a relatively new technology that has the potential to transform entire fields such as construction, health, and every field one can imagine, including cybersecurity. DTs represent a cutting-edge solution to mitigate cyber risks as they can accurately emulate hardware, software, and firmware. By collecting and providing data, they allow realtime monitoring, analysis, and emulation. This paper digs into the current practices followed to predict cyberattacks, it then explores the fundamental principles of digital twins and their current common uses in the industry. Finally, it examines how digital twins can be employed to enhance the organisation's overall cybersecurity maturity level. © 2024 IEEE.
Software-defined access control in smart grids
- Karmakar, Gour, Naha, Ranesh, Shah, Rakibuzzaman, Kamruzzaman, Joarder, Das, Rajkumar
- Authors: Karmakar, Gour , Naha, Ranesh , Shah, Rakibuzzaman , Kamruzzaman, Joarder , Das, Rajkumar
- Date: 2023
- Type: Text , Conference paper
- Relation: 33rd Australasian Universities Power Engineering Conference, AUPEC 2023, Ballarat, 25-27 September 2023, 2023 33rd Australasian Universities Power Engineering Conference, AUPEC 2023
- Full Text: false
- Reviewed:
- Description: The smart grids make the electricity power systems automated and intelligent by using advanced technologies such as IoT smart sensors and meters, and communication technologies. This automation and intelligent processing render the power systems more vulnerable to different types of severe cyberattacks like DDoS, man-in-the-middle and desynchronization attacks. Making smart grids robust against attacks requires to use strong access control and encryption techniques. The existing access control models in smart grids focus on user authentication and data encryption, limiting the model's ability to respond effectively to various types of known and unknown cyberattacks. To bridge this research gap, in this paper, we propose a software-defined (SD) access control model in smart grids. SD-access programmatically deploys an appropriate access control model in the edge routers/devices based on the user and their endpoint authentication and context, leveraging CISCO's digital network architecture and identity services engine. To the best of our knowledge, SD-access control has not been applied in smart grids yet. The security group policy is formulated considering the application and network security contexts. The efficacy of the proposed model is analyzed with the scenarios of electrical smart grids. Access control based on SD-access will make the smart grids more reliable, resilient and robust against known and unknown cyberattacks. © 2023 IEEE.
Digital resilience framework for managing crisis : a qualitative study in the higher education and research sector
- Mahmood, Samreen, Chadhar, Mehmood, Firmin, Sally
- Authors: Mahmood, Samreen , Chadhar, Mehmood , Firmin, Sally
- Date: 2024
- Type: Text , Journal article
- Relation: Journal of Contingencies and Crisis Management Vol. 32, no. 1 (2024), p.
- Full Text:
- Reviewed:
- Description: Australia's Higher Education and Research Sector (HERS) must adopt digital resilience strategies to tackle cybersecurity challenges and manage major crises effectively. In this study, we have developed a digital resilience framework to mitigate these cybersecurity issues. Our findings suggest a range of keystone factors for crisis management, such as implementing cybersecurity awareness programmes, providing cyber support, redefining roles and responsibilities, implying risk management tools, partnerships with external security organizations, introducing policies, reconfiguring technologies, adopting new technologies, and evaluating current changes to combat these issues. These keystone factors will help achieve digital resilience and significantly minimize cybersecurity issues in HERS, not only during the current major crisis but also in the future. This research offers valuable theoretical and practical contributions that can be applied beyond the context of the recent crisis. © 2024 The Authors. Journal of Contingencies and Crisis Management published by John Wiley & Sons Ltd.
- Authors: Mahmood, Samreen , Chadhar, Mehmood , Firmin, Sally
- Date: 2024
- Type: Text , Journal article
- Relation: Journal of Contingencies and Crisis Management Vol. 32, no. 1 (2024), p.
- Full Text:
- Reviewed:
- Description: Australia's Higher Education and Research Sector (HERS) must adopt digital resilience strategies to tackle cybersecurity challenges and manage major crises effectively. In this study, we have developed a digital resilience framework to mitigate these cybersecurity issues. Our findings suggest a range of keystone factors for crisis management, such as implementing cybersecurity awareness programmes, providing cyber support, redefining roles and responsibilities, implying risk management tools, partnerships with external security organizations, introducing policies, reconfiguring technologies, adopting new technologies, and evaluating current changes to combat these issues. These keystone factors will help achieve digital resilience and significantly minimize cybersecurity issues in HERS, not only during the current major crisis but also in the future. This research offers valuable theoretical and practical contributions that can be applied beyond the context of the recent crisis. © 2024 The Authors. Journal of Contingencies and Crisis Management published by John Wiley & Sons Ltd.
Assessment of IIoT sensor security vulnerabilities in digital wine manufacturing leveraging the CVSS
- Sen, Sachin, Karmakar, Gour, Pang, Shaoning
- Authors: Sen, Sachin , Karmakar, Gour , Pang, Shaoning
- Date: 2024
- Type: Text , Journal article
- Relation: IEEE Access Vol. 12, no. (2024), p. 141489-141513
- Full Text:
- Reviewed:
- Description: Integrating IIoT into manufacturing has significantly enhanced connectivity and production precision, but it also introduces a complex cybersecurity landscape, particularly in digital manufacturing systems. Current vulnerability assessment tools are often system-specific and need more scalability for large IIoT networks. While CVSS offers a standardized framework for assessing vulnerabilities across entire systems, practical adaptations for specific manufacturing contexts are yet to be developed. To address this gap, we present a novel framework to evaluate CVSS impact metrics tailored to the unique environmental and operational contexts of wine manufacturing. This approach leverages the correlation between wine characteristics and quality to assess potential threats and vulnerability exposures in IIoT wine sensors. Our findings show that vulnerability scores derived from CVSS 4.0 demonstrate greater resilience against cyber-attacks than CVSS 3.1 due to the incorporation of newly developed system impact and threat metric assessments. A pair-wise t-test reveals a significant difference between CVSS 4.0 and 3.1 scores, with a p-value of 0.002, highlighting the comprehensiveness of CVSS 4.0 that incorporates system impact and threat metric values assessed by our proposed framework. The proposed methodology is adaptable for evaluating security vulnerabilities in various manufacturing systems, tailored to their specific applications and deployment contexts. © 2013 IEEE.
Assessment of IIoT sensor security vulnerabilities in digital wine manufacturing leveraging the CVSS
- Authors: Sen, Sachin , Karmakar, Gour , Pang, Shaoning
- Date: 2024
- Type: Text , Journal article
- Relation: IEEE Access Vol. 12, no. (2024), p. 141489-141513
- Full Text:
- Reviewed:
- Description: Integrating IIoT into manufacturing has significantly enhanced connectivity and production precision, but it also introduces a complex cybersecurity landscape, particularly in digital manufacturing systems. Current vulnerability assessment tools are often system-specific and need more scalability for large IIoT networks. While CVSS offers a standardized framework for assessing vulnerabilities across entire systems, practical adaptations for specific manufacturing contexts are yet to be developed. To address this gap, we present a novel framework to evaluate CVSS impact metrics tailored to the unique environmental and operational contexts of wine manufacturing. This approach leverages the correlation between wine characteristics and quality to assess potential threats and vulnerability exposures in IIoT wine sensors. Our findings show that vulnerability scores derived from CVSS 4.0 demonstrate greater resilience against cyber-attacks than CVSS 3.1 due to the incorporation of newly developed system impact and threat metric assessments. A pair-wise t-test reveals a significant difference between CVSS 4.0 and 3.1 scores, with a p-value of 0.002, highlighting the comprehensiveness of CVSS 4.0 that incorporates system impact and threat metric values assessed by our proposed framework. The proposed methodology is adaptable for evaluating security vulnerabilities in various manufacturing systems, tailored to their specific applications and deployment contexts. © 2013 IEEE.
Cyberattacks detection in iot-based smart city applications using machine learning techniques
- Rashid, Md Mamunur, Kamruzzaman, Joarder, Hassan, Mohammad, Imam, Tasadduq, Gordon, Steven
- Authors: Rashid, Md Mamunur , Kamruzzaman, Joarder , Hassan, Mohammad , Imam, Tasadduq , Gordon, Steven
- Date: 2020
- Type: Text , Journal article
- Relation: International Journal of Environmental Research and Public Health Vol. 17, no. 24 (2020), p. 1-21
- Full Text:
- Reviewed:
- Description: In recent years, the widespread deployment of the Internet of Things (IoT) applications has contributed to the development of smart cities. A smart city utilizes IoT-enabled technologies, communications and applications to maximize operational efficiency and enhance both the service providers’ quality of services and people’s wellbeing and quality of life. With the growth of smart city networks, however, comes the increased risk of cybersecurity threats and attacks. IoT devices within a smart city network are connected to sensors linked to large cloud servers and are exposed to malicious attacks and threats. Thus, it is important to devise approaches to prevent such attacks and protect IoT devices from failure. In this paper, we explore an attack and anomaly detection technique based on machine learning algorithms (LR, SVM, DT, RF, ANN and KNN) to defend against and mitigate IoT cybersecurity threats in a smart city. Contrary to existing works that have focused on single classifiers, we also explore ensemble methods such as bagging, boosting and stacking to enhance the performance of the detection system. Additionally, we consider an integration of feature selection, cross-validation and multi-class classification for the discussed domain, which has not been well considered in the existing literature. Experimental results with the recent attack dataset demonstrate that the proposed technique can effectively identify cyberattacks and the stacking ensemble model outperforms comparable models in terms of accuracy, precision, recall and F1-Score, implying the promise of stacking in this domain. © 2020 by the authors. Licensee MDPI, Basel, Switzerland.
- Authors: Rashid, Md Mamunur , Kamruzzaman, Joarder , Hassan, Mohammad , Imam, Tasadduq , Gordon, Steven
- Date: 2020
- Type: Text , Journal article
- Relation: International Journal of Environmental Research and Public Health Vol. 17, no. 24 (2020), p. 1-21
- Full Text:
- Reviewed:
- Description: In recent years, the widespread deployment of the Internet of Things (IoT) applications has contributed to the development of smart cities. A smart city utilizes IoT-enabled technologies, communications and applications to maximize operational efficiency and enhance both the service providers’ quality of services and people’s wellbeing and quality of life. With the growth of smart city networks, however, comes the increased risk of cybersecurity threats and attacks. IoT devices within a smart city network are connected to sensors linked to large cloud servers and are exposed to malicious attacks and threats. Thus, it is important to devise approaches to prevent such attacks and protect IoT devices from failure. In this paper, we explore an attack and anomaly detection technique based on machine learning algorithms (LR, SVM, DT, RF, ANN and KNN) to defend against and mitigate IoT cybersecurity threats in a smart city. Contrary to existing works that have focused on single classifiers, we also explore ensemble methods such as bagging, boosting and stacking to enhance the performance of the detection system. Additionally, we consider an integration of feature selection, cross-validation and multi-class classification for the discussed domain, which has not been well considered in the existing literature. Experimental results with the recent attack dataset demonstrate that the proposed technique can effectively identify cyberattacks and the stacking ensemble model outperforms comparable models in terms of accuracy, precision, recall and F1-Score, implying the promise of stacking in this domain. © 2020 by the authors. Licensee MDPI, Basel, Switzerland.
Countermeasure strategies to address cybersecurity challenges amidst major crises in the higher education and research sector : an organisational learning perspective
- Mahmood, Samreen, Chadhar, Mehmood, Firmin, Sally
- Authors: Mahmood, Samreen , Chadhar, Mehmood , Firmin, Sally
- Date: 2024
- Type: Text , Journal article
- Relation: Information (Switzerland) Vol. 15, no. 2 (2024), p.
- Full Text:
- Reviewed:
- Description: Purpose: The purpose of this research paper was to analyse the counterstrategies to mitigate cybersecurity challenges using organisational learning loops amidst major crises in the Higher Education and Research Sector (HERS). The authors proposed the learning loop framework revealing several counterstrategies to mitigate cybersecurity issues in HERS. The counterstrategies are explored, and their implications for research and practice are discussed. Methodology: The qualitative methodology was adopted, and semi-structured interviews with cybersecurity experts and top managers were conducted. Results: This exploratory paper proposed the learning loop framework revealing introducing new policies and procedures, changing existing systems, partnership with other companies, integrating new software, improving employee learning, enhancing security, and monitoring and evaluating security measures as significant counterstrategies to ensure the cyber-safe working environment in HERS. These counterstrategies will help to tackle cybersecurity in HERS, not only during the current major crisis but also in the future. Implications: The outcomes provide insightful implications for both theory and practice. This study proposes a learning framework that prioritises counterstrategies to mitigate cybersecurity challenges in HERS amidst a major crisis. The proposed model can help HERS be more efficient in mitigating cybersecurity issues in future crises. The counterstrategies can also be tested, adopted, and implemented by practitioners working in other sectors to mitigate cybersecurity issues during and after major crises. Future research can focus on addressing the shortcomings and limitations of the proposed learning framework adopted by HERS. © 2024 by the authors.
- Authors: Mahmood, Samreen , Chadhar, Mehmood , Firmin, Sally
- Date: 2024
- Type: Text , Journal article
- Relation: Information (Switzerland) Vol. 15, no. 2 (2024), p.
- Full Text:
- Reviewed:
- Description: Purpose: The purpose of this research paper was to analyse the counterstrategies to mitigate cybersecurity challenges using organisational learning loops amidst major crises in the Higher Education and Research Sector (HERS). The authors proposed the learning loop framework revealing several counterstrategies to mitigate cybersecurity issues in HERS. The counterstrategies are explored, and their implications for research and practice are discussed. Methodology: The qualitative methodology was adopted, and semi-structured interviews with cybersecurity experts and top managers were conducted. Results: This exploratory paper proposed the learning loop framework revealing introducing new policies and procedures, changing existing systems, partnership with other companies, integrating new software, improving employee learning, enhancing security, and monitoring and evaluating security measures as significant counterstrategies to ensure the cyber-safe working environment in HERS. These counterstrategies will help to tackle cybersecurity in HERS, not only during the current major crisis but also in the future. Implications: The outcomes provide insightful implications for both theory and practice. This study proposes a learning framework that prioritises counterstrategies to mitigate cybersecurity challenges in HERS amidst a major crisis. The proposed model can help HERS be more efficient in mitigating cybersecurity issues in future crises. The counterstrategies can also be tested, adopted, and implemented by practitioners working in other sectors to mitigate cybersecurity issues during and after major crises. Future research can focus on addressing the shortcomings and limitations of the proposed learning framework adopted by HERS. © 2024 by the authors.
Coding observer nodes for sybil attacks detection in mobile wireless sensor networks
- Sassani Sarrafpour, Bahman, Alomirah, Alomirah, Pang, Shaoning, Sarrafpour, Soshian
- Authors: Sassani Sarrafpour, Bahman , Alomirah, Alomirah , Pang, Shaoning , Sarrafpour, Soshian
- Date: 2021
- Type: Text , Conference paper
- Relation: 19th IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2021, Shenyang, China. 20-22 October 2021, Proceedings - 2021 IEEE 19th International Conference on Embedded and Ubiquitous Computing, EUC 2021 p. 87-94
- Full Text: false
- Reviewed:
- Description: Sybil attack is one of the most common and serious attacks in wireless sensor networks, in which a malicious node illegitimately forges several (fake) identities. These fake copies confuse and collapse the network. Sybil attack causes too many threats to the routing algorithm, data aggregation, fair resource allocation, voting system, and misbehavior detection. In this paper, we propose a new lightweight algorithm for detecting the Sybil attack in mobile wireless sensor networks using observer nodes. Observer nodes are normal, trustful nodes which have been initially programmed to observe the network and report malicious behaviors. An observer node counts the number of times a node has appeared as a common neighbor between itself and its neighbors. After collecting some information about its neighbors, each observer node considers the nodes whose counters are above a threshold as critical, and nodes having all critical nodes in their neighborhood are considered suspicious nodes. The results show that the true detection rate of the proposed algorithm is 98.1%, and its false detection rate is 0.5%, while similar algorithms could not achieve better than 95.4% and 1.2% for these metrics, respectively. In addition, the proposed algorithm outperforms other algorithms in terms of overhead. © 2021 IEEE.