-
Can We Trust Large Language Models Generated Code? A Framework for In-Context Learning, Security Patterns, and Code Evaluations Across Diverse LLMs
Authors:
Ahmad Mohsin,
Helge Janicke,
Adrian Wood,
Iqbal H. Sarker,
Leandros Maglaras,
Naeem Janjua
Abstract:
Large Language Models (LLMs) such as ChatGPT and GitHub Copilot have revolutionized automated code generation in software engineering. However, as these models are increasingly utilized for software development, concerns have arisen regarding the security and quality of the generated code. These concerns stem from LLMs being primarily trained on publicly available code repositories and internet-ba…
▽ More
Large Language Models (LLMs) such as ChatGPT and GitHub Copilot have revolutionized automated code generation in software engineering. However, as these models are increasingly utilized for software development, concerns have arisen regarding the security and quality of the generated code. These concerns stem from LLMs being primarily trained on publicly available code repositories and internet-based textual data, which may contain insecure code. This presents a significant risk of perpetuating vulnerabilities in the generated code, creating potential attack vectors for exploitation by malicious actors. Our research aims to tackle these issues by introducing a framework for secure behavioral learning of LLMs through In-Content Learning (ICL) patterns during the code generation process, followed by rigorous security evaluations. To achieve this, we have selected four diverse LLMs for experimentation. We have evaluated these coding LLMs across three programming languages and identified security vulnerabilities and code smells. The code is generated through ICL with curated problem sets and undergoes rigorous security testing to evaluate the overall quality and trustworthiness of the generated code. Our research indicates that ICL-driven one-shot and few-shot learning patterns can enhance code security, reducing vulnerabilities in various programming scenarios. Developers and researchers should know that LLMs have a limited understanding of security principles. This may lead to security breaches when the generated code is deployed in production systems. Our research highlights LLMs are a potential source of new vulnerabilities to the software supply chain. It is important to consider this when using LLMs for code generation. This research article offers insights into improving LLM security and encourages proactive use of LLMs for code generation to ensure software system safety.
△ Less
Submitted 18 June, 2024;
originally announced June 2024.
-
ExplainableDetector: Exploring Transformer-based Language Modeling Approach for SMS Spam Detection with Explainability Analysis
Authors:
Mohammad Amaz Uddin,
Muhammad Nazrul Islam,
Leandros Maglaras,
Helge Janicke,
Iqbal H. Sarker
Abstract:
SMS, or short messaging service, is a widely used and cost-effective communication medium that has sadly turned into a haven for unwanted messages, commonly known as SMS spam. With the rapid adoption of smartphones and Internet connectivity, SMS spam has emerged as a prevalent threat. Spammers have taken notice of the significance of SMS for mobile phone users. Consequently, with the emergence of…
▽ More
SMS, or short messaging service, is a widely used and cost-effective communication medium that has sadly turned into a haven for unwanted messages, commonly known as SMS spam. With the rapid adoption of smartphones and Internet connectivity, SMS spam has emerged as a prevalent threat. Spammers have taken notice of the significance of SMS for mobile phone users. Consequently, with the emergence of new cybersecurity threats, the number of SMS spam has expanded significantly in recent years. The unstructured format of SMS data creates significant challenges for SMS spam detection, making it more difficult to successfully fight spam attacks in the cybersecurity domain. In this work, we employ optimized and fine-tuned transformer-based Large Language Models (LLMs) to solve the problem of spam message detection. We use a benchmark SMS spam dataset for this spam detection and utilize several preprocessing techniques to get clean and noise-free data and solve the class imbalance problem using the text augmentation technique. The overall experiment showed that our optimized fine-tuned BERT (Bidirectional Encoder Representations from Transformers) variant model RoBERTa obtained high accuracy with 99.84\%. We also work with Explainable Artificial Intelligence (XAI) techniques to calculate the positive and negative coefficient scores which explore and explain the fine-tuned model transparency in this text-based spam SMS detection task. In addition, traditional Machine Learning (ML) models were also examined to compare their performance with the transformer-based models. This analysis describes how LLMs can make a good impact on complex textual-based spam data in the cybersecurity field.
△ Less
Submitted 12 May, 2024;
originally announced May 2024.
-
Critical Infrastructure Protection: Generative AI, Challenges, and Opportunities
Authors:
Yagmur Yigit,
Mohamed Amine Ferrag,
Iqbal H. Sarker,
Leandros A. Maglaras,
Christos Chrysoulas,
Naghmeh Moradpoor,
Helge Janicke
Abstract:
Critical National Infrastructure (CNI) encompasses a nation's essential assets that are fundamental to the operation of society and the economy, ensuring the provision of vital utilities such as energy, water, transportation, and communication. Nevertheless, growing cybersecurity threats targeting these infrastructures can potentially interfere with operations and seriously risk national security…
▽ More
Critical National Infrastructure (CNI) encompasses a nation's essential assets that are fundamental to the operation of society and the economy, ensuring the provision of vital utilities such as energy, water, transportation, and communication. Nevertheless, growing cybersecurity threats targeting these infrastructures can potentially interfere with operations and seriously risk national security and public safety. In this paper, we examine the intricate issues raised by cybersecurity risks to vital infrastructure, highlighting these systems' vulnerability to different types of cyberattacks. We analyse the significance of trust, privacy, and resilience for Critical Infrastructure Protection (CIP), examining the diverse standards and regulations to manage these domains. We also scrutinise the co-analysis of safety and security, offering innovative approaches for their integration and emphasising the interdependence between these fields. Furthermore, we introduce a comprehensive method for CIP leveraging Generative AI and Large Language Models (LLMs), giving a tailored lifecycle and discussing specific applications across different critical infrastructure sectors. Lastly, we discuss potential future directions that promise to enhance the security and resilience of critical infrastructures. This paper proposes innovative strategies for CIP from evolving attacks and enhances comprehension of cybersecurity concerns related to critical infrastructure.
△ Less
Submitted 8 May, 2024;
originally announced May 2024.
-
Ransomware: Analysis and Evaluation of Live Forensic Techniques and the Impact on Linux based IoT Systems
Authors:
Salko Korac,
Leandros Maglaras,
Naghmeh Moradpoor,
Bill Buchanan,
Berk Canberk
Abstract:
Ransomware has been predominantly a threat to Windows systems. But, Linux systems became interesting for cybercriminals and this trend is expected to continue. This endangers IoT ecosystems, whereas many IoT systems are based on Linux (e.g. cloud infrastructure and gateways). This paper researches how currently employed forensic techniques can be applied to Linux ransomware and evaluates the matur…
▽ More
Ransomware has been predominantly a threat to Windows systems. But, Linux systems became interesting for cybercriminals and this trend is expected to continue. This endangers IoT ecosystems, whereas many IoT systems are based on Linux (e.g. cloud infrastructure and gateways). This paper researches how currently employed forensic techniques can be applied to Linux ransomware and evaluates the maturity as well as the impact on the system. While Windows-based ransomware predominantly uses RSA and AES for key management, a variety of approaches was identified for Linux. Cybercriminals appear to be deliberately moving away from RSA and AES to make Live forensic investigations more difficult. Linux ransomware is developed for a predefined goal and does not exploit the full potential of damage. It appears in an early stage and is expected to reach a similar potential to Windows-based malware. The results generated provided an excellent basic understanding to discuss and assess implications on the IoT industry at an early stage of development.
△ Less
Submitted 26 March, 2024;
originally announced March 2024.
-
Review of Generative AI Methods in Cybersecurity
Authors:
Yagmur Yigit,
William J Buchanan,
Madjid G Tehrani,
Leandros Maglaras
Abstract:
Over the last decade, Artificial Intelligence (AI) has become increasingly popular, especially with the use of chatbots such as ChatGPT, Gemini, and DALL-E. With this rise, large language models (LLMs) and Generative AI (GenAI) have also become more prevalent in everyday use. These advancements strengthen cybersecurity's defensive posture and open up new attack avenues for adversaries as well. Thi…
▽ More
Over the last decade, Artificial Intelligence (AI) has become increasingly popular, especially with the use of chatbots such as ChatGPT, Gemini, and DALL-E. With this rise, large language models (LLMs) and Generative AI (GenAI) have also become more prevalent in everyday use. These advancements strengthen cybersecurity's defensive posture and open up new attack avenues for adversaries as well. This paper provides a comprehensive overview of the current state-of-the-art deployments of GenAI, covering assaults, jailbreaking, and applications of prompt injection and reverse psychology. This paper also provides the various applications of GenAI in cybercrimes, such as automated hacking, phishing emails, social engineering, reverse cryptography, creating attack payloads, and creating malware. GenAI can significantly improve the automation of defensive cyber security processes through strategies such as dataset construction, safe code development, threat intelligence, defensive measures, reporting, and cyberattack detection. In this study, we suggest that future research should focus on develo** robust ethical norms and innovative defense mechanisms to address the current issues that GenAI creates and to also further encourage an impartial approach to its future application in cybersecurity. Moreover, we underscore the importance of interdisciplinary approaches further to bridge the gap between scientific developments and ethical considerations.
△ Less
Submitted 19 March, 2024; v1 submitted 13 March, 2024;
originally announced March 2024.
-
Cyber-Twin: Digital Twin-boosted Autonomous Attack Detection for Vehicular Ad-Hoc Networks
Authors:
Yagmur Yigit,
Ioannis Panitsas,
Leandros Maglaras,
Leandros Tassiulas,
Berk Canberk
Abstract:
The rapid evolution of Vehicular Ad-hoc NETworks (VANETs) has ushered in a transformative era for intelligent transportation systems (ITS), significantly enhancing road safety and vehicular communication. However, the intricate and dynamic nature of VANETs presents formidable challenges, particularly in vehicle-to-infrastructure (V2I) communications. Roadside Units (RSUs), integral components of V…
▽ More
The rapid evolution of Vehicular Ad-hoc NETworks (VANETs) has ushered in a transformative era for intelligent transportation systems (ITS), significantly enhancing road safety and vehicular communication. However, the intricate and dynamic nature of VANETs presents formidable challenges, particularly in vehicle-to-infrastructure (V2I) communications. Roadside Units (RSUs), integral components of VANETs, are increasingly susceptible to cyberattacks, such as jamming and distributed denial of service (DDoS) attacks. These vulnerabilities pose grave risks to road safety, potentially leading to traffic congestion and vehicle malfunctions. Existing methods face difficulties in detecting dynamic attacks and integrating digital twin technology and artificial intelligence (AI) models to enhance VANET cybersecurity. Our study proposes a novel framework that combines digital twin technology with AI to enhance the security of RSUs in VANETs and address this gap. This framework enables real-time monitoring and efficient threat detection while also improving computational efficiency and reducing data transmission delay for increased energy efficiency and hardware durability. Our framework outperforms existing solutions in resource management and attack detection. It reduces RSU load and data transmission delay while achieving an optimal balance between resource consumption and high attack detection effectiveness. This highlights our commitment to secure and sustainable vehicular communication systems for smart cities.
△ Less
Submitted 15 March, 2024; v1 submitted 25 January, 2024;
originally announced January 2024.
-
Toward a real-time TCP SYN Flood DDoS mitigation using Adaptive Neuro-Fuzzy classifier and SDN Assistance in Fog Computing
Authors:
Radjaa Bensaid,
Nabila Labraoui,
Ado Adamou Abba Ari,
Leandros Maglaras,
Hafida Saidi,
Ahmed Mahmoud Abdu Lwahhab,
Sihem Benfriha
Abstract:
The growth of the Internet of Things (IoT) has recently impacted our daily lives in many ways. As a result, a massive volume of data is generated and needs to be processed in a short period of time. Therefore, the combination of computing models such as cloud computing is necessary. The main disadvantage of the cloud platform is its high latency due to the centralized mainframe. Fortunately, a dis…
▽ More
The growth of the Internet of Things (IoT) has recently impacted our daily lives in many ways. As a result, a massive volume of data is generated and needs to be processed in a short period of time. Therefore, the combination of computing models such as cloud computing is necessary. The main disadvantage of the cloud platform is its high latency due to the centralized mainframe. Fortunately, a distributed paradigm known as fog computing has emerged to overcome this problem, offering cloud services with low latency and high-access bandwidth to support many IoT application scenarios. However, Attacks against fog servers can take many forms, such as Distributed Denial of Service (DDoS) attacks that severely affect the reliability and availability of fog services. To address these challenges, we propose mitigation of Fog computing-based SYN Flood DDoS attacks using an Adaptive Neuro-Fuzzy Inference System (ANFIS) and Software Defined Networking (SDN) Assistance (FASA). The simulation results show that FASA system outperforms other algorithms in terms of accuracy, precision, recall, and F1-score. This shows how crucial our system is for detecting and mitigating TCP SYN floods DDoS attacks.
△ Less
Submitted 27 November, 2023;
originally announced November 2023.
-
Distance-Only Task Orchestration Algorithm for Energy Efficiency in Satellite-Based Mist Computing
Authors:
Messaoud Babaghayou,
Noureddine Chaib,
Leandros Maglaras,
Yagmur Yigit,
Mohamed Amine Ferrag
Abstract:
This paper addresses the challenge of efficiently offloading heavy computing tasks from ground mobile devices to the satellite-based mist computing environment. With ground-based edge and cloud servers often being inaccessible, the exploitation of satellite mist computing becomes imperative. Existing offloading algorithms have shown limitations in adapting to the unique characteristics of heavy co…
▽ More
This paper addresses the challenge of efficiently offloading heavy computing tasks from ground mobile devices to the satellite-based mist computing environment. With ground-based edge and cloud servers often being inaccessible, the exploitation of satellite mist computing becomes imperative. Existing offloading algorithms have shown limitations in adapting to the unique characteristics of heavy computing tasks. Thus, we propose a heavy computing task offloading algorithm that prioritizes satellite proximity. This approach not only reduces energy consumption during telecommunications but also ensures tasks are executed within the specified timing constraints, which are typically non-time-critical. Our proposed algorithm outperforms other offloading schemes in terms of satellites energy consumption, average end-to-end delay, and tasks success rates. Although it exhibits a higher average VM CPU usage, this increase does not pose critical challenges. This distance-based approach offers a promising solution to enhance energy efficiency in satellite-based mist computing, making it well-suited for heavy computing tasks demands.
△ Less
Submitted 24 November, 2023;
originally announced November 2023.
-
Reliability Analysis of Fault Tolerant Memory Systems
Authors:
Yagmur Yigit,
Leandros Maglaras,
Mohamed Amine Ferrag,
Naghmeh Moradpoor,
Georgios Lambropoulos
Abstract:
This paper delves into a comprehensive analysis of fault-tolerant memory systems, focusing on recovery techniques modeled using Markov chains to address transient errors. The study revolves around the application of scrubbing methods in conjunction with Single Error Correction and Double Error Detection (SEC-DED) codes. It explores three primary models: 1) Exponentially distributed scrubbing, invo…
▽ More
This paper delves into a comprehensive analysis of fault-tolerant memory systems, focusing on recovery techniques modeled using Markov chains to address transient errors. The study revolves around the application of scrubbing methods in conjunction with Single Error Correction and Double Error Detection (SEC-DED) codes. It explores three primary models: 1) Exponentially distributed scrubbing, involving periodic checks of memory words within exponentially distributed time intervals; 2) Deterministic scrubbing, featuring regular, periodic word checks; and 3) Mixed scrubbing, which combines both probabilistic and deterministic scrubbing approaches. The research encompasses the estimation of reliability and Mean Time to Failure (MTTF) values for each model. Notably, the findings highlight the superior performance of mixed scrubbing over simpler scrubbing methods in terms of reliability and MTTF.
△ Less
Submitted 23 November, 2023; v1 submitted 16 October, 2023;
originally announced November 2023.
-
Scalable Multi-domain Trust Infrastructures for Segmented Networks
Authors:
Sam Grierson,
William J Buchanan,
Craig Thomson,
Baraq Ghaleb,
Leandros Maglaras,
Chris Eckl
Abstract:
Within a trust infrastructure, a private key is often used to digitally sign a transaction, which can be verified with an associated public key. Using PKI (Public Key Infrastructure), a trusted entity can produce a digital signature, verifying the authenticity of the public key. However, what happens when external entities are not trusted to verify the public key or in cases where there is no Inte…
▽ More
Within a trust infrastructure, a private key is often used to digitally sign a transaction, which can be verified with an associated public key. Using PKI (Public Key Infrastructure), a trusted entity can produce a digital signature, verifying the authenticity of the public key. However, what happens when external entities are not trusted to verify the public key or in cases where there is no Internet connection within an isolated or autonomously acting collection of devices? For this, a trusted entity can be elected to generate a key pair and then split the private key amongst trusted devices. Each node can then sign part of the transaction using their split of the shared secret. The aggregated signature can then define agreement on a consensus within the infrastructure. Unfortunately, this process has two significant problems. The first is when no trusted node can act as a dealer of the shares. The second is the difficulty of scaling the digital signature scheme. This paper outlines a method of creating a leaderless approach to defining trust domains to overcome weaknesses in the scaling of the elliptic curve digital signature algorithm. Instead, it proposes the usage of the Edwards curve digital signature algorithm for the definition of multiple trust zones. The paper shows that the computational overhead of the distributed key generation phase increases with the number of nodes in the trust domain but that the distributed signing has a relatively constant computational overhead.
△ Less
Submitted 10 October, 2023; v1 submitted 7 October, 2023;
originally announced October 2023.
-
Digital Twin-Empowered Smart Attack Detection System for 6G Edge of Things Networks
Authors:
Yagmur Yigit,
Christos Chrysoulas,
Gokhan Yurdakul,
Leandros Maglaras,
Berk Canberk
Abstract:
As global Internet of Things (IoT) devices connectivity surges, a significant portion gravitates towards the Edge of Things (EoT) network. This shift prompts businesses to deploy infrastructure closer to end-users, enhancing accessibility. However, the growing EoT network expands the attack surface, necessitating robust and proactive security measures. Traditional solutions fall short against dyna…
▽ More
As global Internet of Things (IoT) devices connectivity surges, a significant portion gravitates towards the Edge of Things (EoT) network. This shift prompts businesses to deploy infrastructure closer to end-users, enhancing accessibility. However, the growing EoT network expands the attack surface, necessitating robust and proactive security measures. Traditional solutions fall short against dynamic EoT threats, highlighting the need for proactive and intelligent systems. We introduce a digital twin-empowered smart attack detection system for 6G EoT networks. Leveraging digital twin and edge computing, it monitors and simulates physical assets in real time, enhancing security. An online learning module in the proposed system optimizes the network performance. Our system excels in proactive threat detection, ensuring 6G EoT network security. The performance evaluations demonstrate its effectiveness, robustness, and adaptability using real datasets.
△ Less
Submitted 5 October, 2023;
originally announced October 2023.
-
Double Public Key Signing Function Oracle Attack on EdDSA Software Implementations
Authors:
Sam Grierson,
Konstantinos Chalkias,
William J Buchanan,
Leandros Maglaras
Abstract:
EdDSA is a standardised elliptic curve digital signature scheme introduced to overcome some of the issues prevalent in the more established ECDSA standard. Due to the EdDSA standard specifying that the EdDSA signature be deterministic, if the signing function were to be used as a public key signing oracle for the attacker, the unforgeability notion of security of the scheme can be broken. This pap…
▽ More
EdDSA is a standardised elliptic curve digital signature scheme introduced to overcome some of the issues prevalent in the more established ECDSA standard. Due to the EdDSA standard specifying that the EdDSA signature be deterministic, if the signing function were to be used as a public key signing oracle for the attacker, the unforgeability notion of security of the scheme can be broken. This paper describes an attack against some of the most popular EdDSA implementations, which results in an adversary recovering the private key used during signing. With this recovered secret key, an adversary can sign arbitrary messages that would be seen as valid by the EdDSA verification function. A list of libraries with vulnerable APIs at the time of publication is provided. Furthermore, this paper provides two suggestions for securing EdDSA signing APIs against this vulnerability while it additionally discusses failed attempts to solve the issue.
△ Less
Submitted 10 October, 2023; v1 submitted 29 August, 2023;
originally announced August 2023.
-
Data-Driven Intelligence can Revolutionize Today's Cybersecurity World: A Position Paper
Authors:
Iqbal H. Sarker,
Helge Janicke,
Leandros Maglaras,
Seyit Camtepe
Abstract:
As cyber threats evolve and grow progressively more sophisticated, cyber security is becoming a more significant concern in today's digital era. Traditional security measures tend to be insufficient to defend against these persistent and dynamic threats because they are mainly intuitional. One of the most promising ways to handle this ongoing problem is utilizing the potential of data-driven intel…
▽ More
As cyber threats evolve and grow progressively more sophisticated, cyber security is becoming a more significant concern in today's digital era. Traditional security measures tend to be insufficient to defend against these persistent and dynamic threats because they are mainly intuitional. One of the most promising ways to handle this ongoing problem is utilizing the potential of data-driven intelligence, by leveraging AI and machine learning techniques. It can improve operational efficiency and saves response times by automating repetitive operations, enabling real-time threat detection, and facilitating incident response. In addition, it augments human expertise with insightful information, predictive analytics, and enhanced decision-making, enabling them to better understand and address evolving problems. Thus, data-driven intelligence could significantly improve real-world cybersecurity solutions in a wide range of application areas like critical infrastructure, smart cities, digital twin, industrial control systems and so on. In this position paper, we argue that data-driven intelligence can revolutionize the realm of cybersecurity, offering not only large-scale task automation but also assist human experts for better situation awareness and decision-making in real-world scenarios.
△ Less
Submitted 9 August, 2023;
originally announced August 2023.
-
A Blockchain-based two Factor Honeytoken Authentication System
Authors:
Vasilis Papaspirou,
Leandros Maglaras,
Ioanna Kantzavelou,
Naghmeh Moradpoor,
Sokratis Katsikas
Abstract:
This paper extends and advances our recently introduced two-factor Honeytoken authentication method by incorporating blockchain technology. This novel approach strengthens the authentication method to prevent many attacks including tampering attacks. Evaluation results show that integrating blockchain into the Honeytoken method could improve performance and operational efficiency.
This paper extends and advances our recently introduced two-factor Honeytoken authentication method by incorporating blockchain technology. This novel approach strengthens the authentication method to prevent many attacks including tampering attacks. Evaluation results show that integrating blockchain into the Honeytoken method could improve performance and operational efficiency.
△ Less
Submitted 12 July, 2023; v1 submitted 11 July, 2023;
originally announced July 2023.
-
Generative Adversarial Networks-Driven Cyber Threat Intelligence Detection Framework for Securing Internet of Things
Authors:
Mohamed Amine Ferrag,
Djallel Hamouda,
Merouane Debbah,
Leandros Maglaras,
Abderrahmane Lakas
Abstract:
While the benefits of 6G-enabled Internet of Things (IoT) are numerous, providing high-speed, low-latency communication that brings new opportunities for innovation and forms the foundation for continued growth in the IoT industry, it is also important to consider the security challenges and risks associated with the technology. In this paper, we propose a two-stage intrusion detection framework f…
▽ More
While the benefits of 6G-enabled Internet of Things (IoT) are numerous, providing high-speed, low-latency communication that brings new opportunities for innovation and forms the foundation for continued growth in the IoT industry, it is also important to consider the security challenges and risks associated with the technology. In this paper, we propose a two-stage intrusion detection framework for securing IoTs, which is based on two detectors. In the first stage, we propose an adversarial training approach using generative adversarial networks (GAN) to help the first detector train on robust features by supplying it with adversarial examples as validation sets. Consequently, the classifier would perform very well against adversarial attacks. Then, we propose a deep learning (DL) model for the second detector to identify intrusions. We evaluated the proposed approach's efficiency in terms of detection accuracy and robustness against adversarial attacks. Experiment results with a new cyber security dataset demonstrate the effectiveness of the proposed methodology in detecting both intrusions and persistent adversarial examples with a weighted avg of 96%, 95%, 95%, and 95% for precision, recall, f1-score, and accuracy, respectively.
△ Less
Submitted 12 April, 2023;
originally announced April 2023.
-
Review of the NIST Light-weight Cryptography Finalists
Authors:
William J Buchanan,
Leandros Maglaras
Abstract:
Since 2016, NIST has been assessing lightweight encryption methods, and, in 2022, NIST published the final 10: ASCON, Elephant, GIFT-COFB, Grain128-AEAD, ISAP, Photon-Beetle, Romulus, Sparkle, TinyJambu, and Xoodyak. At the time that the article was written, NISC announced ASCOn as the chosen method that will be published as NIST'S lightweight cryptography standard later in 2023. In this article,…
▽ More
Since 2016, NIST has been assessing lightweight encryption methods, and, in 2022, NIST published the final 10: ASCON, Elephant, GIFT-COFB, Grain128-AEAD, ISAP, Photon-Beetle, Romulus, Sparkle, TinyJambu, and Xoodyak. At the time that the article was written, NISC announced ASCOn as the chosen method that will be published as NIST'S lightweight cryptography standard later in 2023. In this article, we provide a comparison between these methods in terms of energy efficiency, time for encryption, and time for hashing.
△ Less
Submitted 28 March, 2023; v1 submitted 26 March, 2023;
originally announced March 2023.
-
Inferring probabilistic Boolean networks from steady-state gene data samples
Authors:
Vytenis Å liogeris,
Leandros Maglaras,
Sotiris Moschoyiannis
Abstract:
Probabilistic Boolean Networks have been proposed for estimating the behaviour of dynamical systems as they combine rule-based modelling with uncertainty principles. Inferring PBNs directly from gene data is challenging however, especially when data is costly to collect and/or noisy, e.g., in the case of gene expression profile data. In this paper, we present a reproducible method for inferring PB…
▽ More
Probabilistic Boolean Networks have been proposed for estimating the behaviour of dynamical systems as they combine rule-based modelling with uncertainty principles. Inferring PBNs directly from gene data is challenging however, especially when data is costly to collect and/or noisy, e.g., in the case of gene expression profile data. In this paper, we present a reproducible method for inferring PBNs directly from real gene expression data measurements taken when the system was at a steady state. The steady-state dynamics of PBNs is of special interest in the analysis of biological machinery. The proposed approach does not rely on reconstructing the state evolution of the network, which is computationally intractable for larger networks. We demonstrate the method on samples of real gene expression profiling data from a well-known study on metastatic melanoma. The pipeline is implemented using Python and we make it publicly available.
△ Less
Submitted 10 November, 2022;
originally announced November 2022.
-
A Health Focused Text Classification Tool (HFTCT)
Authors:
Baadr Suleman M Alwheepy,
Leandros Maglaras,
Nick Ayres
Abstract:
Due to the high number of users on social media and the massive amounts of queries requested every second to share a new video, picture, or message, social platforms struggle to manage this humungous amount of data that is endlessly coming in. HFTCT relies on wordlists to classify opinions. It can carry out its tasks reasonably well; however, sometimes, the wordlists themselves fail to be reliable…
▽ More
Due to the high number of users on social media and the massive amounts of queries requested every second to share a new video, picture, or message, social platforms struggle to manage this humungous amount of data that is endlessly coming in. HFTCT relies on wordlists to classify opinions. It can carry out its tasks reasonably well; however, sometimes, the wordlists themselves fail to be reliable as they are a limited source of positive and negative words.
△ Less
Submitted 23 October, 2022;
originally announced November 2022.
-
Cybersecurity Revisited: Honeytokens meet Google Authenticator
Authors:
Vasilis Papaspirou,
Maria Papathanasaki,
Leandros Maglaras,
Ioanna Kantzavelou,
Christos Douligeris,
Mohamed Amine Ferrag,
Helge Janicke
Abstract:
Although sufficient authentication mechanisms were enhanced by the use of two or more factors that resulted in new multi factor authentication schemes, more sophisticated and targeted attacks have shown they are also vulnerable. This research work proposes a novel two factor authentication system that incorporates honeytokens into the two factor authentication process. The current implementation c…
▽ More
Although sufficient authentication mechanisms were enhanced by the use of two or more factors that resulted in new multi factor authentication schemes, more sophisticated and targeted attacks have shown they are also vulnerable. This research work proposes a novel two factor authentication system that incorporates honeytokens into the two factor authentication process. The current implementation collaborates with Google authenticator. The novelty and simplicity of the presented approach aims at providing additional layers of security and protection into a system and thus making it more secure through a stronger and more efficient authentication mechanism.
△ Less
Submitted 15 December, 2021;
originally announced December 2021.
-
A novel Two-Factor HoneyToken Authentication Mechanism
Authors:
Vassilis Papaspirou,
Leandros Maglaras,
Mohamed Amine Ferrag,
Ioanna Kantzavelou,
Helge Janicke,
Christos Douligeris
Abstract:
The majority of systems rely on user authentication on passwords, but passwords have so many weaknesses and widespread use that easily raise significant security concerns, regardless of their encrypted form. Users hold the same password for different accounts, administrators never check password files for flaws that might lead to a successful cracking, and the lack of a tight security policy regar…
▽ More
The majority of systems rely on user authentication on passwords, but passwords have so many weaknesses and widespread use that easily raise significant security concerns, regardless of their encrypted form. Users hold the same password for different accounts, administrators never check password files for flaws that might lead to a successful cracking, and the lack of a tight security policy regarding regular password replacement are a few problems that need to be addressed. The proposed research work aims at enhancing this security mechanism, prevent penetrations, password theft, and attempted break-ins towards securing computing systems. The selected solution approach is two-folded; it implements a two-factor authentication scheme to prevent unauthorized access, accompanied by Honeyword principles to detect corrupted or stolen tokens. Both can be integrated into any platform or web application with the use of QR codes and a mobile phone.
△ Less
Submitted 20 January, 2021; v1 submitted 16 December, 2020;
originally announced December 2020.
-
Smart Homes: Security Challenges and Privacy Concerns
Authors:
Fraser Hall,
Leandros Maglaras,
Theodoros Aivaliotis,
Loukas Xagoraris,
Ioanna Kantzavelou
Abstract:
Development and growth of Internet of Things (IoT) technology has exponentially increased over the course of the last 10 years since its inception, and as a result has directly influenced the popularity and size of smart homes. In this article we present the main technologies and applications that constitute a smart home, we identify the main security and privacy challenges that smart home face an…
▽ More
Development and growth of Internet of Things (IoT) technology has exponentially increased over the course of the last 10 years since its inception, and as a result has directly influenced the popularity and size of smart homes. In this article we present the main technologies and applications that constitute a smart home, we identify the main security and privacy challenges that smart home face and we provide good practices to mitigate those threats.
△ Less
Submitted 29 October, 2020;
originally announced October 2020.
-
From Cyber Terrorism to Cyber Peacekee**: Are we there yet?
Authors:
Maria Papathanasaki,
Georgios Dimitriou,
Leandros Maglaras,
Ismini Vasileiou,
Helge Janicke
Abstract:
In Cyberspace nowadays, there is a burst of information that everyone has access. However, apart from the advantages the Internet offers, it also hides numerous dangers for both people and nations. Cyberspace has a dark side, including terrorism, bullying, and other types of violence. Cyberwarfare is a kind of virtual war that causes the same destruction that a physical war would also do. In this…
▽ More
In Cyberspace nowadays, there is a burst of information that everyone has access. However, apart from the advantages the Internet offers, it also hides numerous dangers for both people and nations. Cyberspace has a dark side, including terrorism, bullying, and other types of violence. Cyberwarfare is a kind of virtual war that causes the same destruction that a physical war would also do. In this article, we discuss what Cyberterrorism is and how it can lead to Cyberwarfare.
△ Less
Submitted 27 September, 2020;
originally announced October 2020.
-
ZKPs: Does This Make The Cut? Recent Advances and Success of Zero-Knowledge Security Protocols
Authors:
Stavros Kassaras,
Leandros Maglaras
Abstract:
How someone can get health insurance without sharing his health information? How you can get a loan without disclosing your credit score? There is a method to certify certain attributes of various data, either this is health metrics or finance information, without revealing the data itself or any other kind of personal data. This method is known as zero-knowledge proofs. Zero-Knowledge techniques…
▽ More
How someone can get health insurance without sharing his health information? How you can get a loan without disclosing your credit score? There is a method to certify certain attributes of various data, either this is health metrics or finance information, without revealing the data itself or any other kind of personal data. This method is known as zero-knowledge proofs. Zero-Knowledge techniques are mathematical methods used to verify things without sharing or revealing underlying data. Zero-Knowledge protocols have vast applications from simple identity schemes and blockchains to defense research programs and nuclear arms control
△ Less
Submitted 17 June, 2020;
originally announced June 2020.
-
A NIS Directive compliant Cybersecurity Maturity Assessment Framework
Authors:
George Drivas,
Argyro Chatzopoulou,
Leandros Maglaras,
Costas Lambrinoudakis,
Allan Cook,
Helge Janicke
Abstract:
The NIS Directive introduces obligations for the security of the network and information systems of operators of essential services and of digital service providers and require from the national competent authorities to assess their compliance to these obligations. This paper describes a novel cybersecurity maturity assessment framework (CMAF) that is tailored to the NIS Directive requirements and…
▽ More
The NIS Directive introduces obligations for the security of the network and information systems of operators of essential services and of digital service providers and require from the national competent authorities to assess their compliance to these obligations. This paper describes a novel cybersecurity maturity assessment framework (CMAF) that is tailored to the NIS Directive requirements and can be used either as a self assessment tool from critical national infrastructures either as an audit tool from the National Competent Authorities for cybersecurity.
△ Less
Submitted 22 April, 2020;
originally announced April 2020.
-
Cooperative Speed Estimation of an RF Jammer in Wireless Vehicular Networks
Authors:
Dimitrios Kosmanos,
Savvas Chatzisavvas,
Antonios Argyriou,
Leandros Maglaras
Abstract:
In this paper, we are concerned with the problem of estimating the speed of an RF jammer that moves towards a group/platoon of moving wireless communicating nodes. In our system model, the group of nodes receives an information signal from a master node, that they want to decode, while the Radio Frequency (RF) jammer desires to disrupt this communication as it approaches them. For this system mode…
▽ More
In this paper, we are concerned with the problem of estimating the speed of an RF jammer that moves towards a group/platoon of moving wireless communicating nodes. In our system model, the group of nodes receives an information signal from a master node, that they want to decode, while the Radio Frequency (RF) jammer desires to disrupt this communication as it approaches them. For this system model, we propose first a transmission scheme where the master node remains silent for a time period while it transmits in a subsequent slot. Second, we develop a joint data and jamming estimation algorithm that uses Linear Minimum Mean Square Error (LMMSE) estimation. We develop analytical closed-form expressions that characterize the Mean Square Error (MSE) of the data and jamming signal estimates. Third, we propose a cooperative jammer speed estimation algorithm based on the jamming signal estimates at each node of the network. Our numerical and simulation results for different system configurations prove the ability of our overall system to estimate with high accuracy and the RF jamming signals and the speed of the jammer.
△ Less
Submitted 21 April, 2020;
originally announced April 2020.
-
Authentication and Authorization for Mobile IoT Devices using Bio-features: Recent Advances and Future Trends
Authors:
Mohamed Amine Ferrag,
Leandros Maglaras,
Abdelouahid Derhab
Abstract:
Bio-features are fast becoming a key tool to authenticate the IoT devices; in this sense, the purpose of this investigation is to summaries the factors that hinder biometrics models' development and deployment on a large scale, including human physiological (e.g., face, eyes, fingerprints-palm, or electrocardiogram) and behavioral features (e.g., signature, voice, gait, or keystroke). The differen…
▽ More
Bio-features are fast becoming a key tool to authenticate the IoT devices; in this sense, the purpose of this investigation is to summaries the factors that hinder biometrics models' development and deployment on a large scale, including human physiological (e.g., face, eyes, fingerprints-palm, or electrocardiogram) and behavioral features (e.g., signature, voice, gait, or keystroke). The different machine learning and data mining methods used by authentication and authorization schemes for mobile IoT devices are provided. Threat models and countermeasures used by biometrics-based authentication schemes for mobile IoT devices are also presented. More specifically, We analyze the state of the art of the existing biometric-based authentication schemes for IoT devices. Based on the current taxonomy, We conclude our paper with different types of challenges for future research efforts in biometrics-based authentication schemes for IoT devices.
△ Less
Submitted 27 January, 2019;
originally announced January 2019.
-
Threats, Protection and Attribution of Cyber Attacks on Critical Infrastructures
Authors:
Leandros Maglaras,
Mohamed Amine Ferrag,
Abdelouahid Derhab,
Mithun Mukherjee,
Helge Janicke,
Stylianos Rallis
Abstract:
As Critical National Infrastructures are becoming more vulnerable to cyber attacks, their protection becomes a significant issue for any organization as well as a nation. Moreover, the ability to attribute is a vital element of avoiding impunity in cyberspace. In this article, we present main threats to critical infrastructures along with protective measures that one nation can take, and which are…
▽ More
As Critical National Infrastructures are becoming more vulnerable to cyber attacks, their protection becomes a significant issue for any organization as well as a nation. Moreover, the ability to attribute is a vital element of avoiding impunity in cyberspace. In this article, we present main threats to critical infrastructures along with protective measures that one nation can take, and which are classified according to legal, technical, organizational, capacity building, and cooperation aspects. Finally we provide an overview of current methods and practices regarding cyber attribution and cyber peace kee**
△ Less
Submitted 12 January, 2019;
originally announced January 2019.
-
Develo** Cyber Buffer Zones
Authors:
Michael Robinson,
Kevin Jones,
Helge Janicke,
Leandros Maglaras
Abstract:
The United Nations conducts peace operations around the world, aiming tomaintain peace and security in conflict torn areas. Whilst early operations werelargely successful, the changing nature of warfare and conflict has often left peaceoperations strugglingto adapt. In this article, we make a contribution towardsefforts to plan for the next evolution in both intra and inter-state conflict: cyberwa…
▽ More
The United Nations conducts peace operations around the world, aiming tomaintain peace and security in conflict torn areas. Whilst early operations werelargely successful, the changing nature of warfare and conflict has often left peaceoperations strugglingto adapt. In this article, we make a contribution towardsefforts to plan for the next evolution in both intra and inter-state conflict: cyberwarfare. It is now widely accepted that cyber warfare will be a component offuture conflicts, and much researchhas been devoted to how governments andmilitaries can prepare for and fight in this new domain [1]. Despite the vastamount of research relating to cyber warfare, there has been less discussion onits impact towards successful peace operations. This is agap in knowledge thatis important to address, since the restoration of peace following conflict of anykind is of global importance. It is however a complex topic requiring discussionacross multiple domains. Input from the technical, political, governmental andsocietal domains are critical in forming the concept of cyber peacekee**.Previous work on this topic has sought to define the concept of cyber peacekee**[2, 3, 4]. We build upon this work by exploring the practicalities ofstarting up a cyber peacekee** component and setting up a Cyber Buffer Zone (CBZ).
△ Less
Submitted 31 December, 2018;
originally announced December 2018.
-
RF Jamming Classification using Relative Speed Estimation in Vehicular Wireless Networks
Authors:
Dimitrios Kosmanos,
Dimitrios Karagiannis,
Antonios Argyriou,
Spyros Lalis,
Leandros Maglaras
Abstract:
Wireless communications are vulnerable against radio frequency (RF) jamming which might be caused either intentionally or unintentionally. A particular subset of wireless networks, vehicular ad-hoc networks (VANET) which incorporate a series of safety-critical applications, may be a potential target of RF jamming with detrimental safety effects. To ensure secure communication and defend it against…
▽ More
Wireless communications are vulnerable against radio frequency (RF) jamming which might be caused either intentionally or unintentionally. A particular subset of wireless networks, vehicular ad-hoc networks (VANET) which incorporate a series of safety-critical applications, may be a potential target of RF jamming with detrimental safety effects. To ensure secure communication and defend it against this type of attacks, an accurate detection scheme must be adopted. In this paper we introduce a detection scheme that is based on supervised learning. The machine-learning algorithms, KNearest Neighbors (KNN) and Random Forests (RF), utilize a series of features among which is the metric of the variations of relative speed (VRS) between the jammer and the receiver that is passively estimated from the combined value of the useful and the jamming signal at the receiver. To the best of our knowledge, this metric has never been utilized before in a machine-learning detection scheme in the literature. Through offline training and the proposed KNN-VRS, RF-VRS classification algorithms, we are able to efficiently detect various cases of Denial of Service Attacks (DoS) jamming attacks, differentiate them from cases of interference as well as foresee a potential danger successfully and act accordingly.
△ Less
Submitted 31 December, 2018;
originally announced December 2018.
-
Estimating the Relative Speed of RF Jammers in VANETs
Authors:
Dimitrios Kosmanos,
Antonios Argyriou,
Leandros Maglaras
Abstract:
Vehicular Ad-Hoc Networks (VANETs) aim at enhancing road safety and providing a comfortable driving environment by delivering early warning and infotainment messages to the drivers. Jamming attacks, however, pose a significant threat to their performance. In this paper, we propose a novel Relative Speed Estimation Algorithm (RSEA) of a moving interfering vehicle that approaches a Transmitter (…
▽ More
Vehicular Ad-Hoc Networks (VANETs) aim at enhancing road safety and providing a comfortable driving environment by delivering early warning and infotainment messages to the drivers. Jamming attacks, however, pose a significant threat to their performance. In this paper, we propose a novel Relative Speed Estimation Algorithm (RSEA) of a moving interfering vehicle that approaches a Transmitter ($Tx$) - Receiver ($Rx$) pair, that interferes with their Radio Frequency (RF) communication by conducting a Denial of Service (DoS) attack. Our scheme is completely sensorless and passive and uses a pilot-based received signal without hardware or computational cost in order to, firstly, estimate the combined channel between the transmitter - receiver and jammer - receiver and secondly, to estimate the jamming signal and the relative speed between the jammer - receiver using the RF Doppler shift. Moreover, the relative speed metric exploits the Angle of Projection (AOP) of the speed vector of the jammer in the axis of its motion in order to form a two-dimensional representation of the geographical area. This approach can effectively be applied both for a jamming signal completely unknown to the receiver and for a jamming signal partly known to the receiver. Our speed estimator method is proven to have quite accurate performance, with a Mean Absolute Error (MAE) value of approximately $10\%$ compared to the optimal zero MAE value under different jamming attack scenarios.
△ Less
Submitted 31 December, 2018;
originally announced December 2018.
-
A Novel Hierarchical Intrusion Detection System based on Decision Tree and Rules-based Models
Authors:
Ahmed Ahmim,
Leandros Maglaras,
Mohamed Amine Ferrag,
Makhlouf Derdour,
Helge Janicke
Abstract:
This paper proposes a novel intrusion detection system (IDS) that combines different classifier approaches which are based on decision tree and rules-based concepts, namely, REP Tree, JRip algorithm and Forest PA. Specifically, the first and second method take as inputs features of the data set, and classify the network traffic as Attack/Benign. The third classifier uses features of the initial da…
▽ More
This paper proposes a novel intrusion detection system (IDS) that combines different classifier approaches which are based on decision tree and rules-based concepts, namely, REP Tree, JRip algorithm and Forest PA. Specifically, the first and second method take as inputs features of the data set, and classify the network traffic as Attack/Benign. The third classifier uses features of the initial data set in addition to the outputs of the first and the second classifier as inputs. The experimental results obtained by analyzing the proposed IDS using the CICIDS2017 dataset, attest their superiority in terms of accuracy, detection rate, false alarm rate and time overhead as compared to state of the art existing schemes.
△ Less
Submitted 21 December, 2018;
originally announced December 2018.
-
Blockchain Technologies for the Internet of Things: Research Issues and Challenges
Authors:
Mohamed Amine Ferrag,
Makhlouf Derdour,
Mithun Mukherjee,
Abdelouahid Derhab,
Leandros Maglaras,
Helge Janicke
Abstract:
This paper presents a comprehensive survey of the existing blockchain protocols for the Internet of Things (IoT) networks. We start by describing the blockchains and summarizing the existing surveys that deal with blockchain technologies. Then, we provide an overview of the application domains of blockchain technologies in IoT, e.g, Internet of Vehicles, Internet of Energy, Internet of Cloud, Fog…
▽ More
This paper presents a comprehensive survey of the existing blockchain protocols for the Internet of Things (IoT) networks. We start by describing the blockchains and summarizing the existing surveys that deal with blockchain technologies. Then, we provide an overview of the application domains of blockchain technologies in IoT, e.g, Internet of Vehicles, Internet of Energy, Internet of Cloud, Fog computing, etc. Moreover, we provide a classification of threat models, which are considered by blockchain protocols in IoT networks, into five main categories, namely, identity-based attacks, manipulation-based attacks, cryptanalytic attacks, reputation-based attacks, and service-based attacks. In addition, we provide a taxonomy and a side-by-side comparison of the state-of-the-art methods towards secure and privacy-preserving blockchain technologies with respect to the blockchain model, specific security goals, performance, limitations, computation complexity, and communication overhead. Based on the current survey, we highlight open research challenges and discuss possible future research directions in the blockchain technologies for IoT.
△ Less
Submitted 24 June, 2018;
originally announced June 2018.
-
Develo** Cyber Peacekee**: Observation, Monitoring and Reporting
Authors:
Michael Robinson,
Kevin Jones,
Helge Janicke,
Leandros Maglaras
Abstract:
Cyber peacekee** is an emerging and multi-disciplinary field of research, touching upon technical, political and societal domains of thought. In this article we build upon previous works by develo** the cyber peacekee** activity of observation, monitoring and reporting. We take a practical approach: describing a scenario in which two countries request UN support in drawing up and overseeing…
▽ More
Cyber peacekee** is an emerging and multi-disciplinary field of research, touching upon technical, political and societal domains of thought. In this article we build upon previous works by develo** the cyber peacekee** activity of observation, monitoring and reporting. We take a practical approach: describing a scenario in which two countries request UN support in drawing up and overseeing a ceasefire which includes cyber terms. We explore how a cyber peacekee** operation could start up and discuss the challenges it will face. The article makes a number of proposals, including the use of a virtual collaborative environment to bring multiple benefits. We conclude by summarising our findings, and describing where further work lies.
△ Less
Submitted 7 June, 2018;
originally announced June 2018.
-
Authentication schemes for Smart Mobile Devices: Threat Models, Countermeasures, and Open Research Issues
Authors:
Mohamed Amine Ferrag,
Leandros Maglaras,
Abdelouahid Derhab,
Helge Janicke
Abstract:
This paper presents a comprehensive investigation of authentication schemes for smart mobile devices. We start by providing an overview of existing survey articles published in the recent years that deal with security for mobile devices. Then, we describe and give a classification of threat models in smart mobile devices in five categories, including, identity-based attacks, eavesdrop**-based at…
▽ More
This paper presents a comprehensive investigation of authentication schemes for smart mobile devices. We start by providing an overview of existing survey articles published in the recent years that deal with security for mobile devices. Then, we describe and give a classification of threat models in smart mobile devices in five categories, including, identity-based attacks, eavesdrop**-based attacks, combined eavesdrop** and identity-based attacks, manipulation-based attacks, and service-based attacks. We also provide a classification of countermeasures into four types of categories, including, cryptographic functions, personal identification, classification algorithms, and channel characteristics. According to these, we categorize authentication schemes for smart mobile devices in four categories, namely, 1) biometric-based authentication schemes, 2) channel-based authentication schemes, 3) factor-based authentication schemes, and 4) ID-based authentication schemes. In addition, we provide a taxonomy and comparison of authentication schemes for smart mobile devices in the form of tables. Finally, we identify open challenges and future research directions.
△ Less
Submitted 8 March, 2019; v1 submitted 27 March, 2018;
originally announced March 2018.
-
Internet of Cloud: Security and Privacy issues
Authors:
Allan Cook,
Michael Robinson,
Mohamed Amine Ferrag,
Leandros A. Maglaras,
Ying He,
Kevin Jones,
Helge Janicke
Abstract:
The synergy between the cloud and the IoT has emerged largely due to the cloud having attributes which directly benefit the IoT and enable its continued growth. IoT adopting Cloud services has brought new security challenges. In this book chapter, we pursue two main goals: 1) to analyse the different components of Cloud computing and the IoT and 2) to present security and privacy problems that the…
▽ More
The synergy between the cloud and the IoT has emerged largely due to the cloud having attributes which directly benefit the IoT and enable its continued growth. IoT adopting Cloud services has brought new security challenges. In this book chapter, we pursue two main goals: 1) to analyse the different components of Cloud computing and the IoT and 2) to present security and privacy problems that these systems face. We thoroughly investigate current security and privacy preservation solutions that exist in this area, with an eye on the Industrial Internet of Things, discuss open issues and propose future directions
△ Less
Submitted 1 November, 2017;
originally announced November 2017.
-
An Introduction to Cyber Peacekee**
Authors:
Michael Robinson,
Kevin Jones,
Helge Janicke,
Leandros Maglaras
Abstract:
Peacekee** is a noble and essential activity, hel** to bring peace to conflict torn areas and providing security to millions of people around the world. Peacekeepers operate in all domains of war: buffer zones on land, no fly zones in the air and ensuring free passage at sea. With the emergence of cyberspace as a domain of war, questions on the role of peacekee** in this domain naturally ari…
▽ More
Peacekee** is a noble and essential activity, hel** to bring peace to conflict torn areas and providing security to millions of people around the world. Peacekeepers operate in all domains of war: buffer zones on land, no fly zones in the air and ensuring free passage at sea. With the emergence of cyberspace as a domain of war, questions on the role of peacekee** in this domain naturally arise. There is extensive research around the topic of cyber warfare, but surprisingly little on how to restore and maintain peace in its aftermath. This is a significant gap which needs addressing. We begin by providing an overview of peacekee**, describing its overarching goals and principles, using the United Nations model as a reference. We then review existing literature on cyber peacekee**. The paper progresses to discuss the question of whether cyber peacekee** is needed, and if so, if it is a plausible concept. We explore some ideas on how cyber peacekee** could be performed and the challenges cyber peacekeepers will face, before making suggestions on where future work should be focused.
△ Less
Submitted 24 April, 2018; v1 submitted 26 October, 2017;
originally announced October 2017.
-
Security for 4G and 5G Cellular Networks: A Survey of Existing Authentication and Privacy-preserving Schemes
Authors:
Mohamed Amine Ferrag,
Leandros Maglaras,
Antonios Argyriou,
Dimitrios Kosmanos,
Helge Janicke
Abstract:
This paper presents a comprehensive survey of existing authentication and privacy-preserving schemes for 4G and 5G cellular networks. We start by providing an overview of existing surveys that deal with 4G and 5G communications, applications, standardization, and security. Then, we give a classification of threat models in 4G and 5G cellular networks in four categories, including, attacks against…
▽ More
This paper presents a comprehensive survey of existing authentication and privacy-preserving schemes for 4G and 5G cellular networks. We start by providing an overview of existing surveys that deal with 4G and 5G communications, applications, standardization, and security. Then, we give a classification of threat models in 4G and 5G cellular networks in four categories, including, attacks against privacy, attacks against integrity, attacks against availability, and attacks against authentication. We also provide a classification of countermeasures into three types of categories, including, cryptography methods, humans factors, and intrusion detection methods. The countermeasures and informal and formal security analysis techniques used by the authentication and privacy preserving schemes are summarized in form of tables. Based on the categorization of the authentication and privacy models, we classify these schemes in seven types, including, handover authentication with privacy, mutual authentication with privacy, RFID authentication with privacy, deniable authentication with privacy, authentication with mutual anonymity, authentication and key agreement with privacy, and three-factor authentication with privacy. In addition, we provide a taxonomy and comparison of authentication and privacy-preserving schemes for 4G and 5G cellular networks in form of tables. Based on the current survey, several recommendations for further research are discussed at the end of this paper.
△ Less
Submitted 14 August, 2017;
originally announced August 2017.
-
Authentication Protocols for Internet of Things: A Comprehensive Survey
Authors:
Mohamed Amine Ferrag,
Leandros A. Maglaras,
Helge Janicke,
Jianmin Jiang
Abstract:
In this paper, we present a comprehensive survey of authentication protocols for Internet of Things (IoT). Specifically, we select and in-detail examine more than forty authentication protocols developed for or applied in the context of the IoT under four environments, including: (1) Machine to machine communications (M2M), (2) Internet of Vehicles (IoV), (3) Internet of Energy (IoE), and (4) Inte…
▽ More
In this paper, we present a comprehensive survey of authentication protocols for Internet of Things (IoT). Specifically, we select and in-detail examine more than forty authentication protocols developed for or applied in the context of the IoT under four environments, including: (1) Machine to machine communications (M2M), (2) Internet of Vehicles (IoV), (3) Internet of Energy (IoE), and (4) Internet of Sensors (IoS). We start by reviewing all survey articles published in the recent years that focusing on different aspects of the IoT idea. Then, we review threat models, countermeasures, and formal security verification techniques used in authentication protocols for the IoT. In addition, we provide a taxonomy and comparison of authentication protocols for the IoT in form of tables in five terms, namely, network model, goals, main processes, computation complexity, and communication overhead. Based on the current survey, we identify open issues and suggest hints for future research.
△ Less
Submitted 21 December, 2016;
originally announced December 2016.
-
A Survey on Privacy-preserving Schemes for Smart Grid Communications
Authors:
Mohamed Amine Ferrag,
Leandros A. Maglaras,
Helge Janicke,
Jianmin Jiang
Abstract:
In this paper, we present a comprehensive survey of privacy-preserving schemes for Smart Grid communications. Specifically, we select and in-detail examine thirty privacy preserving schemes developed for or applied in the context of Smart Grids. Based on the communication and system models, we classify these schemes that are published between 2013 and 2016, in five categories, including, 1) Smart…
▽ More
In this paper, we present a comprehensive survey of privacy-preserving schemes for Smart Grid communications. Specifically, we select and in-detail examine thirty privacy preserving schemes developed for or applied in the context of Smart Grids. Based on the communication and system models, we classify these schemes that are published between 2013 and 2016, in five categories, including, 1) Smart grid with the advanced metering infrastructure, 2) Data aggregation communications, 3) Smart grid marketing architecture, 4) Smart community of home gateways, and 5) Vehicle-to grid architecture. For each scheme, we survey the attacks of leaking privacy, countermeasures, and game theoretic approaches. In addition, we review the survey articles published in the recent years that deal with Smart Grids communications, applications, standardization, and security. Based on the current survey, several recommendations for further research are discussed at the end of this paper.
△ Less
Submitted 23 November, 2016;
originally announced November 2016.
-
Privacy-preserving schemes for Ad Hoc Social Networks: A survey
Authors:
Mohamed Amine Ferrag,
Leandros Maglaras,
Ahmed Ahmim
Abstract:
In this paper, we review the state of the art of privacy-preserving schemes for ad hoc social networks, including, mobile social networks (MSNs) and vehicular social networks (VSNs). Specifically, we select and in-detail examine thirty-three privacy preserving schemes developed for or applied in the context of ad hoc social networks. These schemes are published between 2008 and 2016. Based on this…
▽ More
In this paper, we review the state of the art of privacy-preserving schemes for ad hoc social networks, including, mobile social networks (MSNs) and vehicular social networks (VSNs). Specifically, we select and in-detail examine thirty-three privacy preserving schemes developed for or applied in the context of ad hoc social networks. These schemes are published between 2008 and 2016. Based on this existing privacy preservation schemes, we survey privacy preservation models, including location privacy, identity privacy, anonymity, traceability, interest privacy, backward privacy, and content oriented privacy. The recent important attacks of leaking privacy, countermeasures, and game theoretic approaches in VSNs and MSNs are summarized in form of tables. In addition, an overview of recommendations for further research is also provided. With this survey, readers can have a more thorough understanding of research trends in privacy-preserving schemes for ad hoc social networks
△ Less
Submitted 19 October, 2016;
originally announced October 2016.
-
A Security Evaluation Framework for U.K. E-Goverment Services Agile Software Development
Authors:
Steve Harrison,
Antonis Tzounis,
Leandros A. Maglaras,
Francois Siewe,
Richard Smith,
Helge Janicke
Abstract:
This study examines the traditional approach to software development within the United Kingdom Government and the accreditation process. Initially we look at the Waterfall methodology that has been used for several years. We discuss the pros and cons of Waterfall before moving onto the Agile Scrum methodology. Agile has been adopted by the majority of Government digital departments including the G…
▽ More
This study examines the traditional approach to software development within the United Kingdom Government and the accreditation process. Initially we look at the Waterfall methodology that has been used for several years. We discuss the pros and cons of Waterfall before moving onto the Agile Scrum methodology. Agile has been adopted by the majority of Government digital departments including the Government Digital Services. Agile, despite its ability to achieve high rates of productivity organized in short, flexible, iterations, has faced security professionals disbelief when working within the U.K. Government. One of the major issues is that we develop in Agile but the accreditation process is conducted using Waterfall resulting in delays to go live dates. Taking a brief look into the accreditation process that is used within Government for I.T. systems and applications, we focus on giving the accreditor the assurance they need when develo** new applications and systems. A framework has been produced by utilizing the Open Web Application Security Project (OWASP) Application Security Verification Standard (ASVS). This framework will allow security and Agile to work side by side and produce secure code.
△ Less
Submitted 8 April, 2016;
originally announced April 2016.
-
Human Behaviour as an aspect of Cyber Security Assurance
Authors:
Mark Evans,
Leandros A. Maglaras,
Ying He,
Helge Janicke
Abstract:
There continue to be numerous breaches publicised pertaining to cyber security despite security practices being applied within industry for many years. This article is intended to be the first in a number of articles as research into cyber security assurance processes. This article is compiled based on current research related to cyber security assurance and the impact of the human element on it.…
▽ More
There continue to be numerous breaches publicised pertaining to cyber security despite security practices being applied within industry for many years. This article is intended to be the first in a number of articles as research into cyber security assurance processes. This article is compiled based on current research related to cyber security assurance and the impact of the human element on it. The objective of this work is to identify elements of cyber security that would benefit from further research and development based on the literature review findings. The results outlined in this article present a need for the cyber security field to look in to established industry areas to benefit from effective practices such as human reliability assessment, along with improved methods of validation such as statistical quality control in order to obtain true assurance. The article proposes the development of a framework that will be based upon defined and repeatable quantification, specifically relating to the range of human aspect tasks that provide, or are intended not to negatively affect cyber security posture.
△ Less
Submitted 15 January, 2016;
originally announced January 2016.
-
Combining ensemble methods and social network metrics for improving accuracy of OCSVM on intrusion detection in SCADA systems
Authors:
Leandros A. Maglaras,
Jianmin Jiang,
Tiago J. Cruz
Abstract:
Modern Supervisory Control and Data Acquisition SCADA systems used by the electric utility industry to monitor and control electric power generation, transmission and distribution are recognized today as critical components of the electric power delivery infrastructure. SCADA systems are large, complex and incorporate increasing numbers of widely distributed components. The presence of a real time…
▽ More
Modern Supervisory Control and Data Acquisition SCADA systems used by the electric utility industry to monitor and control electric power generation, transmission and distribution are recognized today as critical components of the electric power delivery infrastructure. SCADA systems are large, complex and incorporate increasing numbers of widely distributed components. The presence of a real time intrusion detection mechanism, which can cope with different types of attacks, is of great importance, in order to defend a system against cyber attacks This defense mechanism must be distributed, cheap and above all accurate, since false positive alarms, or mistakes regarding the origin of the intrusion mean severe costs for the system. Recently an integrated detection mechanism, namely IT-OCSVM was proposed, which is distributed in a SCADA network as a part of a distributed intrusion detection system (IDS), providing accurate data about the origin and the time of an intrusion. In this paper we also analyze the architecture of the integrated detection mechanism and we perform extensive simulations based on real cyber attacks in a small SCADA testbed in order to evaluate the performance of the proposed mechanism.
△ Less
Submitted 16 July, 2015; v1 submitted 10 July, 2015;
originally announced July 2015.
-
A Robust Eco-Routing Protocol Against Malicious Data in Vehicular Networks
Authors:
Pavlos Basaras,
Leandros Maglaras,
Dimitrios Katsaros,
Helge Janicke
Abstract:
Vehicular networks have a diverse range of applications that vary from safety, to traffic management and comfort. Vehicular communications (VC) can assist in the ecorouting of vehicles in order to reduce the overall mileage and CO2 emissions by the exchange of data among vehicle-entities. However, the trustworthiness of these data is crucial as false information can heavily affect the performance…
▽ More
Vehicular networks have a diverse range of applications that vary from safety, to traffic management and comfort. Vehicular communications (VC) can assist in the ecorouting of vehicles in order to reduce the overall mileage and CO2 emissions by the exchange of data among vehicle-entities. However, the trustworthiness of these data is crucial as false information can heavily affect the performance of applications. Hence, the devising of mechanisms that reassure the integrity of the exchanged data is of utmost importance. In this article we investigate how tweaked information originating from malicious nodes can affect the performance of a real time eco routing mechanism that uses DSRC communications, namely ErouVe. We also develop and evaluate defense mechanisms that exploit vehicular communications in order to filter out tweaked data. We prove that our proposed mechanisms can restore the performance of the ErouVe to near its optimal operation and can be used as a basis for protecting other similar traffic management systems.
△ Less
Submitted 25 June, 2015; v1 submitted 16 June, 2015;
originally announced June 2015.
