-
Critical Infrastructure Protection: Generative AI, Challenges, and Opportunities
Authors:
Yagmur Yigit,
Mohamed Amine Ferrag,
Iqbal H. Sarker,
Leandros A. Maglaras,
Christos Chrysoulas,
Naghmeh Moradpoor,
Helge Janicke
Abstract:
Critical National Infrastructure (CNI) encompasses a nation's essential assets that are fundamental to the operation of society and the economy, ensuring the provision of vital utilities such as energy, water, transportation, and communication. Nevertheless, growing cybersecurity threats targeting these infrastructures can potentially interfere with operations and seriously risk national security…
▽ More
Critical National Infrastructure (CNI) encompasses a nation's essential assets that are fundamental to the operation of society and the economy, ensuring the provision of vital utilities such as energy, water, transportation, and communication. Nevertheless, growing cybersecurity threats targeting these infrastructures can potentially interfere with operations and seriously risk national security and public safety. In this paper, we examine the intricate issues raised by cybersecurity risks to vital infrastructure, highlighting these systems' vulnerability to different types of cyberattacks. We analyse the significance of trust, privacy, and resilience for Critical Infrastructure Protection (CIP), examining the diverse standards and regulations to manage these domains. We also scrutinise the co-analysis of safety and security, offering innovative approaches for their integration and emphasising the interdependence between these fields. Furthermore, we introduce a comprehensive method for CIP leveraging Generative AI and Large Language Models (LLMs), giving a tailored lifecycle and discussing specific applications across different critical infrastructure sectors. Lastly, we discuss potential future directions that promise to enhance the security and resilience of critical infrastructures. This paper proposes innovative strategies for CIP from evolving attacks and enhances comprehension of cybersecurity concerns related to critical infrastructure.
△ Less
Submitted 8 May, 2024;
originally announced May 2024.
-
Review of Generative AI Methods in Cybersecurity
Authors:
Yagmur Yigit,
William J Buchanan,
Madjid G Tehrani,
Leandros Maglaras
Abstract:
Over the last decade, Artificial Intelligence (AI) has become increasingly popular, especially with the use of chatbots such as ChatGPT, Gemini, and DALL-E. With this rise, large language models (LLMs) and Generative AI (GenAI) have also become more prevalent in everyday use. These advancements strengthen cybersecurity's defensive posture and open up new attack avenues for adversaries as well. Thi…
▽ More
Over the last decade, Artificial Intelligence (AI) has become increasingly popular, especially with the use of chatbots such as ChatGPT, Gemini, and DALL-E. With this rise, large language models (LLMs) and Generative AI (GenAI) have also become more prevalent in everyday use. These advancements strengthen cybersecurity's defensive posture and open up new attack avenues for adversaries as well. This paper provides a comprehensive overview of the current state-of-the-art deployments of GenAI, covering assaults, jailbreaking, and applications of prompt injection and reverse psychology. This paper also provides the various applications of GenAI in cybercrimes, such as automated hacking, phishing emails, social engineering, reverse cryptography, creating attack payloads, and creating malware. GenAI can significantly improve the automation of defensive cyber security processes through strategies such as dataset construction, safe code development, threat intelligence, defensive measures, reporting, and cyberattack detection. In this study, we suggest that future research should focus on develo** robust ethical norms and innovative defense mechanisms to address the current issues that GenAI creates and to also further encourage an impartial approach to its future application in cybersecurity. Moreover, we underscore the importance of interdisciplinary approaches further to bridge the gap between scientific developments and ethical considerations.
△ Less
Submitted 19 March, 2024; v1 submitted 13 March, 2024;
originally announced March 2024.
-
Cyber-Twin: Digital Twin-boosted Autonomous Attack Detection for Vehicular Ad-Hoc Networks
Authors:
Yagmur Yigit,
Ioannis Panitsas,
Leandros Maglaras,
Leandros Tassiulas,
Berk Canberk
Abstract:
The rapid evolution of Vehicular Ad-hoc NETworks (VANETs) has ushered in a transformative era for intelligent transportation systems (ITS), significantly enhancing road safety and vehicular communication. However, the intricate and dynamic nature of VANETs presents formidable challenges, particularly in vehicle-to-infrastructure (V2I) communications. Roadside Units (RSUs), integral components of V…
▽ More
The rapid evolution of Vehicular Ad-hoc NETworks (VANETs) has ushered in a transformative era for intelligent transportation systems (ITS), significantly enhancing road safety and vehicular communication. However, the intricate and dynamic nature of VANETs presents formidable challenges, particularly in vehicle-to-infrastructure (V2I) communications. Roadside Units (RSUs), integral components of VANETs, are increasingly susceptible to cyberattacks, such as jamming and distributed denial of service (DDoS) attacks. These vulnerabilities pose grave risks to road safety, potentially leading to traffic congestion and vehicle malfunctions. Existing methods face difficulties in detecting dynamic attacks and integrating digital twin technology and artificial intelligence (AI) models to enhance VANET cybersecurity. Our study proposes a novel framework that combines digital twin technology with AI to enhance the security of RSUs in VANETs and address this gap. This framework enables real-time monitoring and efficient threat detection while also improving computational efficiency and reducing data transmission delay for increased energy efficiency and hardware durability. Our framework outperforms existing solutions in resource management and attack detection. It reduces RSU load and data transmission delay while achieving an optimal balance between resource consumption and high attack detection effectiveness. This highlights our commitment to secure and sustainable vehicular communication systems for smart cities.
△ Less
Submitted 15 March, 2024; v1 submitted 25 January, 2024;
originally announced January 2024.
-
Distance-Only Task Orchestration Algorithm for Energy Efficiency in Satellite-Based Mist Computing
Authors:
Messaoud Babaghayou,
Noureddine Chaib,
Leandros Maglaras,
Yagmur Yigit,
Mohamed Amine Ferrag
Abstract:
This paper addresses the challenge of efficiently offloading heavy computing tasks from ground mobile devices to the satellite-based mist computing environment. With ground-based edge and cloud servers often being inaccessible, the exploitation of satellite mist computing becomes imperative. Existing offloading algorithms have shown limitations in adapting to the unique characteristics of heavy co…
▽ More
This paper addresses the challenge of efficiently offloading heavy computing tasks from ground mobile devices to the satellite-based mist computing environment. With ground-based edge and cloud servers often being inaccessible, the exploitation of satellite mist computing becomes imperative. Existing offloading algorithms have shown limitations in adapting to the unique characteristics of heavy computing tasks. Thus, we propose a heavy computing task offloading algorithm that prioritizes satellite proximity. This approach not only reduces energy consumption during telecommunications but also ensures tasks are executed within the specified timing constraints, which are typically non-time-critical. Our proposed algorithm outperforms other offloading schemes in terms of satellites energy consumption, average end-to-end delay, and tasks success rates. Although it exhibits a higher average VM CPU usage, this increase does not pose critical challenges. This distance-based approach offers a promising solution to enhance energy efficiency in satellite-based mist computing, making it well-suited for heavy computing tasks demands.
△ Less
Submitted 24 November, 2023;
originally announced November 2023.
-
Reliability Analysis of Fault Tolerant Memory Systems
Authors:
Yagmur Yigit,
Leandros Maglaras,
Mohamed Amine Ferrag,
Naghmeh Moradpoor,
Georgios Lambropoulos
Abstract:
This paper delves into a comprehensive analysis of fault-tolerant memory systems, focusing on recovery techniques modeled using Markov chains to address transient errors. The study revolves around the application of scrubbing methods in conjunction with Single Error Correction and Double Error Detection (SEC-DED) codes. It explores three primary models: 1) Exponentially distributed scrubbing, invo…
▽ More
This paper delves into a comprehensive analysis of fault-tolerant memory systems, focusing on recovery techniques modeled using Markov chains to address transient errors. The study revolves around the application of scrubbing methods in conjunction with Single Error Correction and Double Error Detection (SEC-DED) codes. It explores three primary models: 1) Exponentially distributed scrubbing, involving periodic checks of memory words within exponentially distributed time intervals; 2) Deterministic scrubbing, featuring regular, periodic word checks; and 3) Mixed scrubbing, which combines both probabilistic and deterministic scrubbing approaches. The research encompasses the estimation of reliability and Mean Time to Failure (MTTF) values for each model. Notably, the findings highlight the superior performance of mixed scrubbing over simpler scrubbing methods in terms of reliability and MTTF.
△ Less
Submitted 23 November, 2023; v1 submitted 16 October, 2023;
originally announced November 2023.
-
Digital Twin-Enabled Intelligent DDoS Detection Mechanism for Autonomous Core Networks
Authors:
Yagmur Yigit,
Bahadir Bal,
Aytac Karameseoglu,
Trung Q. Duong,
Berk Canberk
Abstract:
Existing distributed denial of service attack (DDoS) solutions cannot handle highly aggregated data rates; thus, they are unsuitable for Internet service provider (ISP) core networks. This article proposes a digital twin-enabled intelligent DDoS detection mechanism using an online learning method for autonomous systems. Our contributions are three-fold: we first design a DDoS detection architectur…
▽ More
Existing distributed denial of service attack (DDoS) solutions cannot handle highly aggregated data rates; thus, they are unsuitable for Internet service provider (ISP) core networks. This article proposes a digital twin-enabled intelligent DDoS detection mechanism using an online learning method for autonomous systems. Our contributions are three-fold: we first design a DDoS detection architecture based on the digital twin for ISP core networks. We implemented a Yet Another Next Generation (YANG) model and an automated feature selection (AutoFS) module to handle core network data. We used an online learning approach to update the model instantly and efficiently, improve the learning model quickly, and ensure accurate predictions. Finally, we reveal that our proposed solution successfully detects DDoS attacks and updates the feature selection method and learning model with a true classification rate of ninety-seven percent. Our proposed solution can estimate the attack within approximately fifteen minutes after the DDoS attack starts.
△ Less
Submitted 25 October, 2023; v1 submitted 19 October, 2023;
originally announced October 2023.
-
Network-Aware AutoML Framework for Software-Defined Sensor Networks
Authors:
Emre Horsanali,
Yagmur Yigit,
Gokhan Secinti,
Aytac Karameseoglu,
Berk Canberk
Abstract:
As the current detection solutions of distributed denial of service attacks (DDoS) need additional infrastructures to handle high aggregate data rates, they are not suitable for sensor networks or the Internet of Things. Besides, the security architecture of software-defined sensor networks needs to pay attention to the vulnerabilities of both software-defined networks and sensor networks. In this…
▽ More
As the current detection solutions of distributed denial of service attacks (DDoS) need additional infrastructures to handle high aggregate data rates, they are not suitable for sensor networks or the Internet of Things. Besides, the security architecture of software-defined sensor networks needs to pay attention to the vulnerabilities of both software-defined networks and sensor networks. In this paper, we propose a network-aware automated machine learning (AutoML) framework which detects DDoS attacks in software-defined sensor networks. Our framework selects an ideal machine learning algorithm to detect DDoS attacks in network-constrained environments, using metrics such as variable traffic load, heterogeneous traffic rate, and detection time while preventing over-fitting. Our contributions are two-fold: (i) we first investigate the trade-off between the efficiency of ML algorithms and network/traffic state in the scope of DDoS detection. (ii) we design and implement a software architecture containing open-source network tools, with the deployment of multiple ML algorithms. Lastly, we show that under the denial of service attacks, our framework ensures the traffic packets are still delivered within the network with additional delays.
△ Less
Submitted 25 October, 2023; v1 submitted 19 October, 2023;
originally announced October 2023.
-
TwinPot: Digital Twin-assisted Honeypot for Cyber-Secure Smart Seaports
Authors:
Yagmur Yigit,
Omer Kemal Kinaci,
Trung Q. Duong,
Berk Canberk
Abstract:
The idea of next-generation ports has become more apparent in the last ten years in response to the challenge posed by the rising demand for efficiency and the ever-increasing volume of goods. In this new era of intelligent infrastructure and facilities, it is evident that cyber-security has recently received the most significant attention from the seaport and maritime authorities, and it is a pri…
▽ More
The idea of next-generation ports has become more apparent in the last ten years in response to the challenge posed by the rising demand for efficiency and the ever-increasing volume of goods. In this new era of intelligent infrastructure and facilities, it is evident that cyber-security has recently received the most significant attention from the seaport and maritime authorities, and it is a primary concern on the agenda of most ports. Traditional security solutions can be applied to safeguard IoT and Cyber-Physical Systems (CPS) from harmful entities. Nevertheless, security researchers can only watch, examine, and learn about the behaviors of attackers if these solutions operate more transparently. Herein, honeypots are potential solutions since they offer valuable information about the attackers. It can be virtual or physical. Virtual honeypots must be more realistic to entice attackers, necessitating better high-fidelity. To this end, Digital Twin (DT) technology can be employed to increase the complexity and simulation fidelity of the honeypots. Seaports can be attacked from both their existing devices and external devices at the same time. Existing mechanisms are insufficient to detect external attacks; therefore, the current systems cannot handle attacks at the desired level. DT and honeypot technologies can be used together to tackle them. Consequently, we suggest a DT-assisted honeypot, called TwinPot, for external attacks in smart seaports. Moreover, we propose an intelligent attack detection mechanism to handle different attack types using DT for internal attacks. Finally, we build an extensive smart seaport dataset for internal and external attacks using the MANSIM tool and two existing datasets to test the performance of our system. We show that under simultaneous internal and external attacks on the system, our solution successfully detects internal and external attacks.
△ Less
Submitted 25 October, 2023; v1 submitted 19 October, 2023;
originally announced October 2023.
-
Digital Twin-Empowered Smart Attack Detection System for 6G Edge of Things Networks
Authors:
Yagmur Yigit,
Christos Chrysoulas,
Gokhan Yurdakul,
Leandros Maglaras,
Berk Canberk
Abstract:
As global Internet of Things (IoT) devices connectivity surges, a significant portion gravitates towards the Edge of Things (EoT) network. This shift prompts businesses to deploy infrastructure closer to end-users, enhancing accessibility. However, the growing EoT network expands the attack surface, necessitating robust and proactive security measures. Traditional solutions fall short against dyna…
▽ More
As global Internet of Things (IoT) devices connectivity surges, a significant portion gravitates towards the Edge of Things (EoT) network. This shift prompts businesses to deploy infrastructure closer to end-users, enhancing accessibility. However, the growing EoT network expands the attack surface, necessitating robust and proactive security measures. Traditional solutions fall short against dynamic EoT threats, highlighting the need for proactive and intelligent systems. We introduce a digital twin-empowered smart attack detection system for 6G EoT networks. Leveraging digital twin and edge computing, it monitors and simulates physical assets in real time, enhancing security. An online learning module in the proposed system optimizes the network performance. Our system excels in proactive threat detection, ensuring 6G EoT network security. The performance evaluations demonstrate its effectiveness, robustness, and adaptability using real datasets.
△ Less
Submitted 5 October, 2023;
originally announced October 2023.
-
YA-DA: YAng-Based DAta Model for Fine-Grained IIoT Air Quality Monitoring
Authors:
Yagmur Yigit,
Khayal Huseynov,
Hamed Ahmadi,
Berk Canberk
Abstract:
With the development of industrialization, air pollution is also steadily on the rise since both industrial and daily activities generate a massive amount of air pollution. Since decreasing air pollution is critical for citizens' health and well-being, air pollution monitoring is becoming an essential topic. Industrial Internet of Things (IIoT) research focuses on this crucial area. Several attemp…
▽ More
With the development of industrialization, air pollution is also steadily on the rise since both industrial and daily activities generate a massive amount of air pollution. Since decreasing air pollution is critical for citizens' health and well-being, air pollution monitoring is becoming an essential topic. Industrial Internet of Things (IIoT) research focuses on this crucial area. Several attempts already exist for air pollution monitoring. However, none of them are improving the performance of IoT data collection at the desired level. Inspired by the genuine Yet Another Next Generation (YANG) data model, we propose a YAng-based DAta model (YA-DA) to improve the performance of IIoT data collection. Moreover, by taking advantage of digital twin (DT) technology, we propose a DT-enabled fine-grained IIoT air quality monitoring system using YA-DA. As a result, DT synchronization becomes fine-grained. In turn, we improve the performance of IIoT data collection resulting in lower round-trip time (RTT), higher DT synchronization, and lower DT latency.
△ Less
Submitted 25 October, 2023; v1 submitted 28 November, 2022;
originally announced November 2022.