No Arabic abstract
nformation security is an issue of global concern. As the Internet is delivering great convenience and benefits to the modern society, the rapidly increasing connectivity and accessibility to the Internet is also posing a serious threat to security and privacy, to individuals, organizations, and nations alike. Finding effective ways to detect, prevent, and respond to intrusions and hacker attacks of networked computers and information systems. This paper presents a knowledge discovery frame work to detect DoS attacks at the boundary controllers (routers). The idea is to use machine learning approach to discover network features that can depict the state of the network connection. Using important network data (DoS relevant features), we have developed kernel machine based and soft computing detection mechanisms that achieve high detection accuracies. We also present our work of identifying DoS pertinent features and evaluating the applicability of these features in detecting novel DoS attacks. Architecture for detecting DoS attacks at the router is presented. We demonstrate that highly efficient and accurate signature based classifiers can be constructed by using important network features and machine learning techniques to detect DoS attacks at the boundary controllers.
Security and privacy of the users have become significant concerns due to the involvement of the Internet of things (IoT) devices in numerous applications. Cyber threats are growing at an explosive pace making the existing security and privacy measures inadequate. Hence, everyone on the Internet is a product for hackers. Consequently, Machine Learning (ML) algorithms are used to produce accurate outputs from large complex databases, where the generated outputs can be used to predict and detect vulnerabilities in IoT-based systems. Furthermore, Blockchain (BC) techniques are becoming popular in modern IoT applications to solve security and privacy issues. Several studies have been conducted on either ML algorithms or BC techniques. However, these studies target either security or privacy issues using ML algorithms or BC techniques, thus posing a need for a combined survey on efforts made in recent years addressing both security and privacy issues using ML algorithms and BC techniques. In this paper, we provide a summary of research efforts made in the past few years, starting from 2008 to 2019, addressing security and privacy issues using ML algorithms and BCtechniques in the IoT domain. First, we discuss and categorize various security and privacy threats reported in the past twelve years in the IoT domain. Then, we classify the literature on security and privacy efforts based on ML algorithms and BC techniques in the IoT domain. Finally, we identify and illuminate several challenges and future research directions in using ML algorithms and BC techniques to address security and privacy issues in the IoT domain.
Log-based cyber threat hunting has emerged as an important solution to counter sophisticated cyber attacks. However, existing approaches require non-trivial efforts of manual query construction and have overlooked the rich external knowledge about threat behaviors provided by open-source Cyber Threat Intelligence (OSCTI). To bridge the gap, we build ThreatRaptor, a system that facilitates cyber threat hunting in computer systems using OSCTI. Built upon mature system auditing frameworks, ThreatRaptor provides (1) an unsupervised, light-weight, and accurate NLP pipeline that extracts structured threat behaviors from unstructured OSCTI text, (2) a concise and expressive domain-specific query language, TBQL, to hunt for malicious system activities, (3) a query synthesis mechanism that automatically synthesizes a TBQL query from the extracted threat behaviors, and (4) an efficient query execution engine to search the big system audit logging data.
Artificial Intelligence has made a significant contribution to autonomous vehicles, from object detection to path planning. However, AI models require a large amount of sensitive training data and are usually computationally intensive to build. The commercial value of such models motivates attackers to mount various attacks. Adversaries can launch model extraction attacks for monetization purposes or step-ping-stone towards other attacks like model evasion. In specific cases, it even results in destroying brand reputation, differentiation, and value proposition. In addition, IP laws and AI-related legalities are still evolving and are not uniform across countries. We discuss model extraction attacks in detail with two use-cases and a generic kill-chain that can compromise autonomous cars. It is essential to investigate strategies to manage and mitigate the risk of model theft.
The Internet of Things has received a lot of research attention. It is considered part of the Internet of the future and is made up of billions of intelligent communication. The future of the Internet will consist of heterogeneously connected devices that expand the world boundaries with physical entities and virtual components. It provides new functionality for related things. This study systematically examines the definition, architecture, essential technologies, and applications of the Internet of Things. We will introduce various definitions of the Internet of Things. Then, it will be discussed new techniques for implementing the Internet of Things and several open issues related to the Internet of Things applications will be investigated. Finally, the key challenges that need to be addressed by the research community and possible solutions to address them are investigated.
One-sided network communication technologies such as RDMA and NVMe-over-Fabrics are quickly gaining adoption in production software and in datacenters. Although appealing for their low CPU utilization and good performance, they raise new security concerns that could seriously undermine datacenter software systems building on top of them. At the same time, they offer unique opportunities to help enhance security. Indeed, one-sided network communication is a double-edged sword in security. This paper presents our insights into security implications and opportunities of one-sided communication.