An SLR on Edge Computing Security and possible threat protection

Mobile and Internet of Things devices are generating enormous amounts of multi-modal data due to their exponential growth and accessibility. As a result, these data sources must be directly analyzed in real time at the network edge rather than relying on the cloud. Significant processing power at the network's edge has made it possible to gather data and make decisions prior to data being sent to the cloud. Moreover, security problems have significantly towered as a result of the rapid expansion of mobile devices, Internet of Things (IoT) devices, and various network points. It's much harder than ever to guarantee the privacy of sensitive data, including customer information. This systematic literature review depicts the fact that new technologies are a great weapon to fight with the attack and threats to the edge computing security

Using machine learning algorithm for detection of cyber-attacks in cyber physical systems

Network integration is common in cyber-physical systems (CPS) to allow for remote access, surveillance, and analysis. They have been exposed to cyberattacks because of their integration with an insecure network. In the event of a violation in internet security, an attacker was able to interfere with the system's functions, which might result in catastrophic consequences. As a result, detecting breaches into mission-critical CPS is a top priority. Detecting assaults on CPSs, which are increasingly being targeted by cyber criminals and cyber threats, is becoming increasingly difficult. Machine Learning (ML) and Artificial Intelligence (AI) have the potential to make these the worst of moments, but it may also be the finest of times. There are a variety of ways in which AI technology can aid in the growth and profitability of a variety of industries. Such data can be parsed using ML and AI approaches in designed to check attacks on CPSs. Hence, in this paper, we propose a novel cyberattack detection framework by integrating AI and ML (ML) methods. Here, initially we collect the dataset from the CPS database and preprocess the data using normalization for removal of errors and redundant data. The features are extracted using Linear Discriminant Analysis (LDA). We have proposed Self-tuned Fuzzy Logic-based Hidden Markov Model (SFL-HMM) with Heuristic Multi-Swarm Optimization (HMS-ACO) algorithm for detection of the cyberattacks. The proposed method is evaluated using the MATLAB simulation tool and the metrics are compared with existing approaches. The results of the experiments reveal that the framework is more successful than traditional strategies in achieving high degrees of privacy. Furthermore, in terms of detection rate, false positive rate, and computing time, the framework beats traditional detection algorithms

PhyNetLab: An IoT-Based Warehouse Testbed

Future warehouses will be made of modular embedded entities with communication ability and energy aware operation attached to the traditional materials handling and warehousing objects. This advancement is mainly to fulfill the flexibility and scalability needs of the emerging warehouses. However, it leads to a new layer of complexity during development and evaluation of such systems due to the multidisciplinarity in logistics, embedded systems, and wireless communications. Although each discipline provides theoretical approaches and simulations for these tasks, many issues are often discovered in a real deployment of the full system. In this paper we introduce PhyNetLab as a real scale warehouse testbed made of cyber physical objects (PhyNodes) developed for this type of application. The presented platform provides a possibility to check the industrial requirement of an IoT-based warehouse in addition to the typical wireless sensor networks tests. We describe the hardware and software components of the nodes in addition to the overall structure of the testbed. Finally, we will demonstrate the advantages of the testbed by evaluating the performance of the ETSI compliant radio channel access procedure for an IoT warehouse

A Review of Digital Twins and their Application in Cybersecurity based on Artificial Intelligence

The potential of digital twin technology is yet to be fully realized due to its diversity and untapped potential. Digital twins enable systems' analysis, design, optimization, and evolution to be performed digitally or in conjunction with a cyber-physical approach to improve speed, accuracy, and efficiency over traditional engineering methods. Industry 4.0, factories of the future, and digital twins continue to benefit from the technology and provide enhanced efficiency within existing systems. Due to the lack of information and security standards associated with the transition to cyber digitization, cybercriminals have been able to take advantage of the situation. Access to a digital twin of a product or service is equivalent to threatening the entire collection. There is a robust interaction between digital twins and artificial intelligence tools, which leads to strong interaction between these technologies, so it can be used to improve the cybersecurity of these digital platforms based on their integration with these technologies. This study aims to investigate the role of artificial intelligence in providing cybersecurity for digital twin versions of various industries, as well as the risks associated with these versions. In addition, this research serves as a road map for researchers and others interested in cybersecurity and digital security.Comment: 60 pages, 8 Figures, 15 Table

Implementation of a Hierarchical, Embedded, Cyber Attack Detection System for SPI Devices on Unmanned Aerial Systems

Unmanned Aerial Systems (UAS) create security concerns as their roles expand in commercial, military, and consumer spaces. The need to secure these systems is recognized in the architecture for a Hierarchical, Embedded, Cyber Attack Detection (HECAD) system. HECAD passively monitors the communication between a flight controller and all its peripherals like sensors and actuators. It ensures the functionality of a UAS is within the set of defined behavior and reports all potential problems, whether the errors were caused by cyber attacks or other physical faults. A portion of the design for Serial Peripheral Interface (SPI) devices on board a flight control system is developed on an FPGA device. A wide range of cyber attacks and other faults are checked in SPI HECAD, implemented with VHDL and verified through use of the Integrated Logic Analyzer tool

DETECTION AND IDENTIFICATION OF CYBERATTACKS IN CPS BY ‎APPLYING MACHINE LEARNING ALGORITHMS

بشكل عام ، تتكون الأنظمة السيبرانية الفيزيائية (المعروفة أيضًا باسم CPS) من مكونات متصلة بالشبكة تتيح الوصول عن بُعد والمراقبة والفحص. ونظرًا لأنه تم دمج هذه الانظمة في شبكة غير آمنة، قد تتعرض لهجمات إلكترونية متعددة. وفي حالة حدوث خرق لأمن الإنترنت، سيتمكن المخترق من إتلاف النظام ، مما قد يكون له آثار مدمرة. وبالتالي، من المهم للغاية الحفاظ على مصداقية الأنظمة السيبرانية الفيزيائية CPS. لقد أصبح من الصعب بشكل متزايد تحديد الاعتداءات على أنظمة (CPSs) حيث أصبحت هذه الأنظمة أكثر هدفًا للمتسللين والتهديدات الإلكترونية. من الممكن أن يجعل التعلم الآلي (ML) والذكاء الاصطناعي (AI) أيضًا الوضع أكثر أماناً,ويمكن أن تلعب التكنولوجيا القائمة على الذكاء الاصطناعي (AI) دورًا في نمو ونجاح مجموعة واسعة من أنواع المؤسسات المختلفة وبعدة طرق مختلفة. الهدف من هذا البحث وهذا النوع من تحليل البيانات هو تجنب اعتداءات CPS باستخدام تقنيات التعلم الآلي والذكاء الاصطناعي. تم تقديم إطارًا جديدًا لاكتشاف الهجمات الإلكترونية، والذي يستفيد من التعلم الآلي والذكاء الاصطناعي (ML). تبدأعملية تنظيف البيانات في قاعدة بيانات CPS بإجراء التطبيع للتخلص من الأخطاء والتكرارات ويتم ذلك بحيث تكون البيانات متسقة طوال الوقت. التحليل التمييزي الخطي هو الطريقة المستخدمة للحصول على الميزات ، وتعرف باسم (LDA). كآلية لتحديد الهجمات الإلكترونية، كانت العملية المستخدمة المقترحة هي عملية SFL-HMM بالتزامن مع إجراء HMS-ACO. تم تقييم الإستراتيجية الجديدة باستخدام محاكاة MATLAB، ومقارنة المقاييس التي تم الحصول عليها من تلك المحاكاة بالمقاييس الواردة من الطرق السابقة. لقد ثبت أن إطار عمل البحث أكثر فعالية بشكل كبير من التقنيات التقليدية في الحفاظ على درجات عالية من الخصوصية، كما قد اتضح من نتائج عدد من التحقيقات المنفصلة. بالإضافة إلى ذلك، من حيث معدل الاكتشاف، والمعدل الإيجابي الخاطئ، ووقت الحساب، على التوالي ، تتفوق الطريقة المقترحة في البحث على طرق الكشف التقليدية.In general, cyber-physical systems (also known as CPS) consist of networked components that allow for remote access, monitoring, and examination. Because they were integrated into an unsecured network, they have been the target of multiple cyberattacks. In the event that there was a breach in internet security, an adversary would be able to damage the system, which may have devastating effects. Thus, it is extremely important to maintain the credibility of the CPS. It is becoming increasingly difficult to identify assaults on computerised policing systems (CPSs) as these systems become more of a target for hackers and cyberthreats. It is feasible that Machine Learning (ML) as well as Artificial Intelligence (AI), may also make it the finest of times. Both of these outcomes are plausible. Technology based on artificial intelligence (AI) can play a role in the growth and success of a wide range of different types of enterprises in a variety of different ways. The goal of this type of data analysis is to avoid CPS assaults using machine learning and artificial intelligence techniques.   A new framework was offered for the detection of cyberattacks, which makes use of machine learning and artificial intelligence (ML). the process of cleaning up the data in the CPS database is starting by performing normalisation in order to get rid of errors and duplicates. This is done so that the data is consistent throughout. Linear Discriminant Analysis is the method that is used to get the features, and it is known as that (LDA). As a mechanism for the identification of cyberattacks, The suggested used process was the SFL-HMM process in conjunction with the HMS-ACO procedure. The new strategy is evaluated using a MATLAB simulation, and the metrics obtained from that simulation are compared to the metrics received from the earlier methods. The framework is shown to be substantially more effective than traditional techniques in the upkeep of high degrees of privacy, as demonstrated by the outcomes of a number of separate investigations. In addition, in terms of detection rate, false positive rate, and computation time, respectively, the framework beats traditional detection methods

Decision Support Elements and Enabling Techniques to Achieve a Cyber Defence Situational Awareness Capability

[ES] La presente tesis doctoral realiza un análisis en detalle de los elementos de decisión necesarios para mejorar la comprensión de la situación en ciberdefensa con especial énfasis en la percepción y comprensión del analista de un centro de operaciones de ciberseguridad (SOC). Se proponen dos arquitecturas diferentes basadas en el análisis forense de flujos de datos (NF3). La primera arquitectura emplea técnicas de Ensemble Machine Learning mientras que la segunda es una variante de Machine Learning de mayor complejidad algorítmica (lambda-NF3) que ofrece un marco de defensa de mayor robustez frente a ataques adversarios. Ambas propuestas buscan automatizar de forma efectiva la detección de malware y su posterior gestión de incidentes mostrando unos resultados satisfactorios en aproximar lo que se ha denominado un SOC de próxima generación y de computación cognitiva (NGC2SOC). La supervisión y monitorización de eventos para la protección de las redes informáticas de una organización debe ir acompañada de técnicas de visualización. En este caso, la tesis aborda la generación de representaciones tridimensionales basadas en métricas orientadas a la misión y procedimientos que usan un sistema experto basado en lógica difusa. Precisamente, el estado del arte muestra serias deficiencias a la hora de implementar soluciones de ciberdefensa que reflejen la relevancia de la misión, los recursos y cometidos de una organización para una decisión mejor informada. El trabajo de investigación proporciona finalmente dos áreas claves para mejorar la toma de decisiones en ciberdefensa: un marco sólido y completo de verificación y validación para evaluar parámetros de soluciones y la elaboración de un conjunto de datos sintéticos que referencian unívocamente las fases de un ciberataque con los estándares Cyber Kill Chain y MITRE ATT & CK.[CA] La present tesi doctoral realitza una anàlisi detalladament dels elements de decisió necessaris per a millorar la comprensió de la situació en ciberdefensa amb especial èmfasi en la percepció i comprensió de l'analista d'un centre d'operacions de ciberseguretat (SOC). Es proposen dues arquitectures diferents basades en l'anàlisi forense de fluxos de dades (NF3). La primera arquitectura empra tècniques de Ensemble Machine Learning mentre que la segona és una variant de Machine Learning de major complexitat algorítmica (lambda-NF3) que ofereix un marc de defensa de major robustesa enfront d'atacs adversaris. Totes dues propostes busquen automatitzar de manera efectiva la detecció de malware i la seua posterior gestió d'incidents mostrant uns resultats satisfactoris a aproximar el que s'ha denominat un SOC de pròxima generació i de computació cognitiva (NGC2SOC). La supervisió i monitoratge d'esdeveniments per a la protecció de les xarxes informàtiques d'una organització ha d'anar acompanyada de tècniques de visualització. En aquest cas, la tesi aborda la generació de representacions tridimensionals basades en mètriques orientades a la missió i procediments que usen un sistema expert basat en lògica difusa. Precisament, l'estat de l'art mostra serioses deficiències a l'hora d'implementar solucions de ciberdefensa que reflectisquen la rellevància de la missió, els recursos i comeses d'una organització per a una decisió més ben informada. El treball de recerca proporciona finalment dues àrees claus per a millorar la presa de decisions en ciberdefensa: un marc sòlid i complet de verificació i validació per a avaluar paràmetres de solucions i l'elaboració d'un conjunt de dades sintètiques que referencien unívocament les fases d'un ciberatac amb els estàndards Cyber Kill Chain i MITRE ATT & CK.[EN] This doctoral thesis performs a detailed analysis of the decision elements necessary to improve the cyber defence situation awareness with a special emphasis on the perception and understanding of the analyst of a cybersecurity operations center (SOC). Two different architectures based on the network flow forensics of data streams (NF3) are proposed. The first architecture uses Ensemble Machine Learning techniques while the second is a variant of Machine Learning with greater algorithmic complexity (lambda-NF3) that offers a more robust defense framework against adversarial attacks. Both proposals seek to effectively automate the detection of malware and its subsequent incident management, showing satisfactory results in approximating what has been called a next generation cognitive computing SOC (NGC2SOC). The supervision and monitoring of events for the protection of an organisation's computer networks must be accompanied by visualisation techniques. In this case, the thesis addresses the representation of three-dimensional pictures based on mission oriented metrics and procedures that use an expert system based on fuzzy logic. Precisely, the state-of-the-art evidences serious deficiencies when it comes to implementing cyber defence solutions that consider the relevance of the mission, resources and tasks of an organisation for a better-informed decision. The research work finally provides two key areas to improve decision-making in cyber defence: a solid and complete verification and validation framework to evaluate solution parameters and the development of a synthetic dataset that univocally references the phases of a cyber-attack with the Cyber Kill Chain and MITRE ATT & CK standards.Llopis Sánchez, S. (2023). Decision Support Elements and Enabling Techniques to Achieve a Cyber Defence Situational Awareness Capability [Tesis doctoral]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/19424