Navigating the IoT landscape: Unraveling forensics, security issues, applications, research challenges, and future

Given the exponential expansion of the internet, the possibilities of security attacks and cybercrimes have increased accordingly. However, poorly implemented security mechanisms in the Internet of Things (IoT) devices make them susceptible to cyberattacks, which can directly affect users. IoT forensics is thus needed for investigating and mitigating such attacks. While many works have examined IoT applications and challenges, only a few have focused on both the forensic and security issues in IoT. Therefore, this paper reviews forensic and security issues associated with IoT in different fields. Future prospects and challenges in IoT research and development are also highlighted. As demonstrated in the literature, most IoT devices are vulnerable to attacks due to a lack of standardized security measures. Unauthorized users could get access, compromise data, and even benefit from control of critical infrastructure. To fulfil the security-conscious needs of consumers, IoT can be used to develop a smart home system by designing a FLIP-based system that is highly scalable and adaptable. Utilizing a blockchain-based authentication mechanism with a multi-chain structure can provide additional security protection between different trust domains. Deep learning can be utilized to develop a network forensics framework with a high-performing system for detecting and tracking cyberattack incidents. Moreover, researchers should consider limiting the amount of data created and delivered when using big data to develop IoT-based smart systems. The findings of this review will stimulate academics to seek potential solutions for the identified issues, thereby advancing the IoT field.Comment: 77 pages, 5 figures, 5 table

The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

Cyber-security training: A comparative analysis of cyber-ranges and emerging trends

Οι επιθέσεις στον κυβερνοχώρο γίνονται όλο και πιο προηγμένες και δύσκολα ανιχνεύσιμες, προέρχονται από ποικίλες πήγες και πραγματοποιούνται λαμβάνοντας πολλαπλές διαστάσεις και παίρνοντας διάφορες μορφές. Η ανάγκη οικοδόμησης και πειραματισμού σε προηγμένους μηχανισμούς ασφάλειας στον κυβερνοχώρο, καθώς και η συνεχής κατάρτιση με τη χρήση σύγχρονων μεθοδολογιών, τεχνικών και ενημερωμένων ρεαλιστικών σεναρίων είναι ζωτικής σημασίας. Τα Cyber Ranges μπορούν να προσφέρουν το περιβάλλον μέσα στο οποίο οι ιδικοί και επαγγελματίες στον τομέα της ασφάλειας στον κυβερνοχώρο μπορούν να εφαρμόσουν τεχνικές και δεξιότητες και να εκπαιδεύονται σε προσομοιώσεις σύνθετων δικτύων μεγάλης κλίμακας, προκειμένου να ανταποκριθούν σε πραγματικά σενάρια επίθεσης στον κυβερνοχώρο. Επιπλέον, μπορούν να προσομοιώσουν ένα περιβάλλον για τους επαγγελματίες της ασφάλειας πληροφοριών, να αξιολογήσουν τις διαδικασίες χειρισμού και αντιμετώπισης περιστατικών και να δοκιμάσουν νέες τεχνολογίες, προκειμένου να βοηθήσουν στην πρόληψη επιθέσεων στον κυβερνοχώρο. Κύριος σκοπός της παρούσας εργασίας είναι να περιγράψει τις λειτουργίες διαφόρων Cyber Ranges και να τονίσει τα κύρια δομικά στοιχεία και γνωρίσματα τους, να παρουσιάσει την υψηλού επιπέδου αρχιτεκτονική ενός υπερσύγχρονου Cyber Range και ταυτόχρονα να ταξινομήσει τα χαρακτηριστικά των υπό ανάλυση Cyber Ranges σύμφωνα με τα χαρακτηριστικά του προτεινόμενου.Cyber-attacks are becoming stealthier and more sophisticated can stem from various sources, using multiple vectors and taking different forms. The need for building and experimenting on advanced cyber-security mechanisms, as well as continuous training using state-of-the-art methodologies, techniques and up-to-date realistic scenarios is vital. Cyber Ranges can provide the environment where cyber-security experts and professionals can practice technical and soft skills and be trained on emulated large-scale complex networks in the way to respond to real-world cyber-attack scenarios. Furthermore, they can simulate an environment for information security professionals, to evaluate incident handling and response procedures and to test new technologies, in order to help prevent cyber-attacks. The main objective of this paper is to describe the functionalities of various Cyber Ranges and to highlight their key components and characteristics, to demonstrate a high-level architecture of a state-of-the-art Cyber Range while classifying the features of the reviewed Cyber Ranges according to the attributes of the proposed one

Generation of a dataset for network intrusion detection in a real 5G environment

Abstract. As 5G technology is widely implemented on a global scale, both the complexity of networks and the amount of data created have exploded. Future mobile networks will incorporate artificial intelligence as a crucial enabler for intelligent wireless communications, closed-loop network optimization, and big data analytics. In these future mobile networks, network security would be of the utmost importance, as many applications expect a higher level of network security from the networking infrastructure. Therefore, conventional procedures in which action is taken following the detection of an attack would be insufficient, and self-adaptive intelligent security systems would be required. This paves the door for AI-based network security strategies in the future. In AI-based security research, the lack of comprehensive, valid datasets is a persistent issue. Publicly accessible data sets are either obsolete or insufficient for 5G security research. In addition, mobile network providers are hesitant to share actual network datasets due to privacy issues. Hence, a genuine data set from a real network is extremely beneficial to AI-based network security research. This study will describe the creation of a genuine dataset containing several attack scenarios implemented on a real 5G network with real mobile users. Since a fully operational 5G network is utilized to generate the data, this dataset is characterized by its close resemblance to real-world situations. In addition, data is collected from multiple base stations and made available as independent datasets for federated learning-based research to build a global model of intelligence for the entire network. The obtained data will be processed to identify the optimal features, and the accuracy of intrusion detection will be validated using several common machine learning and neural network models such as Decision Tree, Random Forest, K-Nearest Neighbor, Support Vector Machines and Multi Layer Perceptron. A detailed analysis of a binary classification to detect malicious and non-malicious flows as well as a multi class classification to detect different attack types is presented

Architecture for Cognitive Networking within NASAs Future Space Communications Infrastructure

Future space mission concepts and designs pose many networking challenges for command, telemetry, and science data applications with diverse end-to-end data delivery needs. For future end-to-end architecture designs, a key challenge is meeting expected application quality of service requirements for multiple simultaneous mission data flows with options to use diverse onboard local data buses, commercial ground networks, and multiple satellite relay constellations in LEO, MEO, GEO, or even deep space relay links. Effectively utilizing a complex network topology requires orchestration and direction that spans the many discrete, individually addressable computer systems, which cause them to act in concert to achieve the overall network goals. The system must be intelligent enough to not only function under nominal conditions, but also adapt to unexpected situations, and reorganize or adapt to perform roles not originally intended for the system or explicitly programmed. This paper describes architecture features of cognitive networking within the future NASA space communications infrastructure, and interacting with the legacy systems and infrastructure in the meantime. The paper begins by discussing the need for increased automation, including inter-system collaboration. This discussion motivates the features of an architecture including cognitive networking for future missions and relays, interoperating with both existing endpoint-based networking models and emerging information-centric models. From this basis, we discuss progress on a proof-of-concept implementation of this architecture as a cognitive networking on-orbit application on the SCaN Testbed attached to the International Space Station

Managing Distributed Cloud Applications and Infrastructure

The emergence of the Internet of Things (IoT), combined with greater heterogeneity not only online in cloud computing architectures but across the cloud-to-edge continuum, is introducing new challenges for managing applications and infrastructure across this continuum. The scale and complexity is simply so complex that it is no longer realistic for IT teams to manually foresee the potential issues and manage the dynamism and dependencies across an increasing inter-dependent chain of service provision. This Open Access Pivot explores these challenges and offers a solution for the intelligent and reliable management of physical infrastructure and the optimal placement of applications for the provision of services on distributed clouds. This book provides a conceptual reference model for reliable capacity provisioning for distributed clouds and discusses how data analytics and machine learning, application and infrastructure optimization, and simulation can deliver quality of service requirements cost-efficiently in this complex feature space. These are illustrated through a series of case studies in cloud computing, telecommunications, big data analytics, and smart cities

Managing Distributed Cloud Applications and Infrastructure

The emergence of the Internet of Things (IoT), combined with greater heterogeneity not only online in cloud computing architectures but across the cloud-to-edge continuum, is introducing new challenges for managing applications and infrastructure across this continuum. The scale and complexity is simply so complex that it is no longer realistic for IT teams to manually foresee the potential issues and manage the dynamism and dependencies across an increasing inter-dependent chain of service provision. This Open Access Pivot explores these challenges and offers a solution for the intelligent and reliable management of physical infrastructure and the optimal placement of applications for the provision of services on distributed clouds. This book provides a conceptual reference model for reliable capacity provisioning for distributed clouds and discusses how data analytics and machine learning, application and infrastructure optimization, and simulation can deliver quality of service requirements cost-efficiently in this complex feature space. These are illustrated through a series of case studies in cloud computing, telecommunications, big data analytics, and smart cities