DATA & INFRASTRUCTURE SECURITY: THE RISK OF AI ENABLED CYBER ATTACKS AND QUANTUM HACKING

On November 21, 2022, Dr. Ryan Prox, Adjunct Professor in the School of Criminology at Simon Fraser University, presented Data & Infrastructure Security: The Risk of AI Enabled Cyber Attacks and Quantum Hacking.  A question-and-answer period with the audience and CASIS Vancouver executives followed the presentation. The key topics discussed were the evolution of data and infrastructure security, the increasing interconnectedness of critical infrastructure, and the need to increase resilience in the face of revolutionary technological advancements.     Received: 2023-01-23Revised: 2023-01-2

Cyber-Physical Threat Intelligence for Critical Infrastructures Security

Modern critical infrastructures can be considered as large scale Cyber Physical Systems (CPS). Therefore, when designing, implementing, and operating systems for Critical Infrastructure Protection (CIP), the boundaries between physical security and cybersecurity are blurred. Emerging systems for Critical Infrastructures Security and Protection must therefore consider integrated approaches that emphasize the interplay between cybersecurity and physical security techniques. Hence, there is a need for a new type of integrated security intelligence i.e., Cyber-Physical Threat Intelligence (CPTI). This book presents novel solutions for integrated Cyber-Physical Threat Intelligence for infrastructures in various sectors, such as Industrial Sites and Plants, Air Transport, Gas, Healthcare, and Finance. The solutions rely on novel methods and technologies, such as integrated modelling for cyber-physical systems, novel reliance indicators, and data driven approaches including BigData analytics and Artificial Intelligence (AI). Some of the presented approaches are sector agnostic i.e., applicable to different sectors with a fair customization effort. Nevertheless, the book presents also peculiar challenges of specific sectors and how they can be addressed. The presented solutions consider the European policy context for Security, Cyber security, and Critical Infrastructure protection, as laid out by the European Commission (EC) to support its Member States to protect and ensure the resilience of their critical infrastructures. Most of the co-authors and contributors are from European Research and Technology Organizations, as well as from European Critical Infrastructure Operators. Hence, the presented solutions respect the European approach to CIP, as reflected in the pillars of the European policy framework. The latter includes for example the Directive on security of network and information systems (NIS Directive), the Directive on protecting European Critical Infrastructures, the General Data Protection Regulation (GDPR), and the Cybersecurity Act Regulation. The sector specific solutions that are described in the book have been developed and validated in the scope of several European Commission (EC) co-funded projects on Critical Infrastructure Protection (CIP), which focus on the listed sectors. Overall, the book illustrates a rich set of systems, technologies, and applications that critical infrastructure operators could consult to shape their future strategies. It also provides a catalogue of CPTI case studies in different sectors, which could be useful for security consultants and practitioners as well

Cyber-Physical Threat Intelligence for Critical Infrastructures Security

Modern critical infrastructures can be considered as large scale Cyber Physical Systems (CPS). Therefore, when designing, implementing, and operating systems for Critical Infrastructure Protection (CIP), the boundaries between physical security and cybersecurity are blurred. Emerging systems for Critical Infrastructures Security and Protection must therefore consider integrated approaches that emphasize the interplay between cybersecurity and physical security techniques. Hence, there is a need for a new type of integrated security intelligence i.e., Cyber-Physical Threat Intelligence (CPTI). This book presents novel solutions for integrated Cyber-Physical Threat Intelligence for infrastructures in various sectors, such as Industrial Sites and Plants, Air Transport, Gas, Healthcare, and Finance. The solutions rely on novel methods and technologies, such as integrated modelling for cyber-physical systems, novel reliance indicators, and data driven approaches including BigData analytics and Artificial Intelligence (AI). Some of the presented approaches are sector agnostic i.e., applicable to different sectors with a fair customization effort. Nevertheless, the book presents also peculiar challenges of specific sectors and how they can be addressed. The presented solutions consider the European policy context for Security, Cyber security, and Critical Infrastructure protection, as laid out by the European Commission (EC) to support its Member States to protect and ensure the resilience of their critical infrastructures. Most of the co-authors and contributors are from European Research and Technology Organizations, as well as from European Critical Infrastructure Operators. Hence, the presented solutions respect the European approach to CIP, as reflected in the pillars of the European policy framework. The latter includes for example the Directive on security of network and information systems (NIS Directive), the Directive on protecting European Critical Infrastructures, the General Data Protection Regulation (GDPR), and the Cybersecurity Act Regulation. The sector specific solutions that are described in the book have been developed and validated in the scope of several European Commission (EC) co-funded projects on Critical Infrastructure Protection (CIP), which focus on the listed sectors. Overall, the book illustrates a rich set of systems, technologies, and applications that critical infrastructure operators could consult to shape their future strategies. It also provides a catalogue of CPTI case studies in different sectors, which could be useful for security consultants and practitioners as well

Towards a Novel Intrusion Detection Architecture using Artificial Intelligence

Artificial intelligence (AI) is a transformative technology for potential replacement of human tasks and activities within industrial, social, intellectual, and digital applications. Network intrusion detection is crucial to identify cyber-attacks in critical infrastructures where a dynamic collection and analysis of network traffic can be conducted using AI. In this research paper we develop a novel intrusion detection architecture to mitigate malicious traffic passing through cyber infrastructure of an organization. We propose to design scenarios based on AI for intelligent self-protection or alert system that will facilitate countering actual cyber-attacks. The system will utilize machine learning algorithm - Random Forest - to offer more flexibility to discover new attacks and to ensure training the system to predict them in the future. Moreover, we design spam filtering program on python to detect spam emails as per email is one of the main attacking vectors that threatens the security of critical infrastructures

Tuning Hyperparameters for DNA-based Discrimination of Wireless Devices

The Internet of Things (IoT) and Industrial IoT (IIoT) is enabled by Wireless Personal Area Network (WPAN) devices. However, these devices increase vulnerability concerns of the IIoT and resultant Critical Infrastructure (CI) risks. Secure IIoT is enabled by both pre-attack security and post-attack forensic analysis. Radio Frequency (RF) Fingerprinting enables both pre- and post-attack security by providing serial-number level identification of devices through fingerprint characterization of their emissions. For classification and verification, research has shown high performance by employing the neural network-based Generalized Relevance Learning Vector Quantization-Improved (GRLVQI) classifier. However, GRLVQI has numerous hyperparameters and tuning requires AI expertise, thus some researchers have abandoned GRLVQI for notionally simpler, but less accurate, methods. Herein, we develop a fool-proof approach for tuning AI algorithms. For demonstration, Z-Wave, an insecure low-power/cost WPAN technology, and the GRLVQI classifier are considered. Results show significant increases in accuracy (5% for classification, 50% verification) over baseline methods

Enabling Trustworthiness in Sustainable Energy Infrastructure Through Blockchain and AI-Assisted Solutions

Network trustworthiness is a critical component of network security, as it builds on positive inter-actions, guarantees, transparency, and accountability. And with the growth of smart city services and applications, trustworthiness is becoming more important. Most current network trustworthiness solutions are insufficient, particularly for critical infrastructures where end devices are vulnerable and easily hacked. In terms of the energy sector, blockchain technology transforms all currencies into digital modes, thereby allowing one person to manage and exchange energy with others. This has drawn the attention of experts in many fields as a safe, low-cost platform to track billions of transactions in a distributed energy economy. Security and trust issues are still relatively new in the current centralized energy management scheme. With blockchain technology, a decentralized energy infrastructure enables parties to establish micro- grid trading energy transactions and apply artificial intelligence (AI). Using AI in energy systems enables machines to learn various parameters, such as predicted required amounts, excess amounts, and trusted partners. In this article, we envision a cooperative and distributed framework based on cutting-edge computing, communication, and intelligence capabilities such as AI and blockchain in the energy sector to enable secure energy trading, remote monitoring, and trustworthiness. The proposed framework can also enable secure energy trading at the edge devices and among multiple devices. There are also discussions on difficulties, issues, and design principles, as well as spotlights on some of the more popular solutions

Secure Smart Wearable Computing through Artificial Intelligence-Enabled Internet of Things and Cyber-Physical Systems for Health Monitoring

The functionality of the Internet is continually changing from the Internet of Computers (IoC) to the “Internet of Things (IoT)”. Most connected systems, called Cyber-Physical Systems (CPS), are formed from the integration of numerous features such as humans and the physical environment, smart objects, and embedded devices and infrastructure. There are a few critical problems, such as security risks and ethical issues that could affect the IoT and CPS. When every piece of data and device is connected and obtainable on the network, hackers can obtain it and utilise it for different scams. In medical healthcare IoT-CPS, everyday medical and physical data of a patient may be gathered through wearable sensors. This paper proposes an AI-enabled IoT-CPS which doctors can utilise to discover diseases in patients based on AI. AI was created to find a few disorders such as Diabetes, Heart disease and Gait disturbances. Each disease has various symptoms among patients or elderly. Dataset is retrieved from the Kaggle repository to execute AI-enabled IoT-CPS technology. For the classification, AI-enabled IoT-CPS Algorithm is used to discover diseases. The experimental results demonstrate that compared with existing algorithms, the proposed AI-enabled IoT-CPS algorithm detects patient diseases and fall events in elderly more efficiently in terms of Accuracy, Precision, Recall and F-measure