Application of Risk Metrics for Role Mining

Incorporating risk consideration in access control systems has recently become a popular research topic. Related to this is risk awareness which is needed to enable access control in an agile and dynamic way. While risk awareness is probably known for an established access control system, being aware of risk even before the access control system is defined can mean identification of users and permissions that are most likely to lead to dangerous or error-prone situations from an administration point of view. Having this information available during the role engineering phase allows data analysts and role engineers to highlight potentially risky users and permissions likely to be misused. While there has been much recent work on role mining, there has been little consideration of risk during the process. In this thesis, we propose to add risk awareness to role mining. We aggregate the various possible risk factors and categorize them into four general types, which we refer to as risk metrics, in the context of role mining. Next, we propose a framework that incorporates some specific examples of each of these risk metrics before and after role mining. We have implemented a proof-of-concept prototype, a Risk Awareness system for Role Mining (aRARM) based on this framework and applied it to two case studies: a small organizational project and a university database setting. The aRARM prototype is automatically able to detect different types of risk factors when we add different types of noise to this data. The results from the two case studies draw some correlation between the behavior of the different risk factors due to different types and amounts of noise. We also discuss the effect of the different types and amounts of noise on the different role mining algorithms implemented for this study. While the detection rating value for calculating the risk priority number has previously been calculated after role mining, we attempt to find an initial estimate of the detection rating before role mining

Analýza a klasifikace nabíjecích dat pro mikro sítě

This thesis aims to develop a classification model for electric vehicles (EVs) based on data from EV charging stations.The study utilizes a dataset of 6 charging sessions from EV charging station and implements two deep learning algorithm including LSTM and Auto-Encoders to classify EVs. The performance of the classification model is evaluated based on accuracy rates & precision.The study also identifies key charging characteristics that are most significant in distinguishing between different types of EVs, including charging time, energy consumption, and charging patterns.The findings of this research have significant implications for the development of EV charging infras- tructure and services. The classification model developed in this thesis can be used to optimize charging station operations, improve charging services, and develop EV adoption strategies. The study also highlights the importance of utilizing data from EV charging stations in understanding the EV market and improving the efficiency of charging infrastructure.Tato práce si klade za cíl vyvinout model klasifikace elektrických vozidel (EV) založený na datech z nabíjecích stanic pro elektromobily. Studie využívá datovou sadu 6 nabíjecích relací z nabíjecí stanice pro elektromobily a implementuje dva algoritmy hlubokého učení, včetně LSTM a Auto- Encoders pro klasifikaci EV. . Výkon klasifikačního modelu je hodnocen na základě míry přesnosti a preciznosti. Studie také identifikuje klíčové charakteristiky nabíjení, které jsou nejvýznamnější při rozlišování mezi různými typy elektromobilů, včetně doby nabíjení, spotřeby energie a vzorců nabí- jení. Zjištění tohoto výzkumu mají významné důsledky pro rozvoj infrastruktury a služeb nabíjení elektromobilů. Klasifikační model vyvinutý v této práci lze použít k optimalizaci provozu nabíjecích stanic, zlepšení nabíjecích služeb a rozvoji strategií přijetí elektromobilů. Studie také zdůrazňuje důležitost využití dat z nabíjecích stanic pro elektromobily pro pochopení trhu s elektromobily a zlepšení efektivity nabíjecí infrastruktury450 - Katedra kybernetiky a biomedicínského inženýrstvívýborn

Blockchain-based Digital Twins:Research Trends, Issues, and Future Challenges

Industrial processes rely on sensory data for decision-making processes, risk assessment, and performance evaluation. Extracting actionable insights from the collected data calls for an infrastructure that can ensure the dissemination of trustworthy data. For the physical data to be trustworthy, it needs to be cross validated through multiple sensor sources with overlapping fields of view. Cross-validated data can then be stored on the blockchain, to maintain its integrity and trustworthiness. Once trustworthy data is recorded on the blockchain, product lifecycle events can be fed into data-driven systems for process monitoring, diagnostics, and optimized control. In this regard, digital twins (DTs) can be leveraged to draw intelligent conclusions from data by identifying the faults and recommending precautionary measures ahead of critical events. Empowering DTs with blockchain in industrial use cases targets key challenges of disparate data repositories, untrustworthy data dissemination, and the need for predictive maintenance. In this survey, while highlighting the key benefits of using blockchain-based DTs, we present a comprehensive review of the state-of-the-art research results for blockchain-based DTs. Based on the current research trends, we discuss a trustworthy blockchain-based DTs framework. We also highlight the role of artificial intelligence in blockchain-based DTs. Furthermore, we discuss the current and future research and deployment challenges of blockchain-supported DTs that require further investigation.</p

Machine Learning in IoT Security:Current Solutions and Future Challenges

The future Internet of Things (IoT) will have a deep economical, commercial and social impact on our lives. The participating nodes in IoT networks are usually resource-constrained, which makes them luring targets for cyber attacks. In this regard, extensive efforts have been made to address the security and privacy issues in IoT networks primarily through traditional cryptographic approaches. However, the unique characteristics of IoT nodes render the existing solutions insufficient to encompass the entire security spectrum of the IoT networks. This is, at least in part, because of the resource constraints, heterogeneity, massive real-time data generated by the IoT devices, and the extensively dynamic behavior of the networks. Therefore, Machine Learning (ML) and Deep Learning (DL) techniques, which are able to provide embedded intelligence in the IoT devices and networks, are leveraged to cope with different security problems. In this paper, we systematically review the security requirements, attack vectors, and the current security solutions for the IoT networks. We then shed light on the gaps in these security solutions that call for ML and DL approaches. We also discuss in detail the existing ML and DL solutions for addressing different security problems in IoT networks. At last, based on the detailed investigation of the existing solutions in the literature, we discuss the future research directions for ML- and DL-based IoT security

Broadening the Scope of Security Usability from the Individual to the Organizational : Participation and Interaction for Effective, Efficient, and Agile Authorization

Restrictions and permissions in information systems -- Authorization -- can cause problems for those interacting with the systems. Often, the problems materialize as an interference with the primary tasks, for example, when restrictions prevent the efficient completing of work and cause frustration. Conversely, the effectiveness can also be impacted when staff is forced to circumvent the measure to complete work -- typically sharing passwords among each other. This is the perspective of functional staff and the organization. There are further perspectives involved in the administration and development of the authorization measure. For instance, functional staff need to interact with policy makers who decide on the granting of additional permissions, and policy makers, in turn, interact with policy authors who actually implement changes. This thesis analyzes the diverse contexts in which authorization occurs, and systematically examines the problems that surround the different perspectives on authorization in organizational settings. Based on prior research and original research in secure agile development, eight principles to address the authorization problems are identified and explored through practical artifacts

Cyber Security and Critical Infrastructures

This book contains the manuscripts that were accepted for publication in the MDPI Special Topic "Cyber Security and Critical Infrastructure" after a rigorous peer-review process. Authors from academia, government and industry contributed their innovative solutions, consistent with the interdisciplinary nature of cybersecurity. The book contains 16 articles: an editorial explaining current challenges, innovative solutions, real-world experiences including critical infrastructure, 15 original papers that present state-of-the-art innovative solutions to attacks on critical systems, and a review of cloud, edge computing, and fog's security and privacy issues

A two-fold Perspective on Enterprise Security in the Digital Twin Context

Digital twins represent and can manage an enterprise asset virtually along its lifecycle. The vital technologies the twin relies upon (e.g., Internet of Things) have only recently matured. Since then, literature has taken up on digital twins. The digital twin therefore constitutes a very young concept, where security is currently neglected. This dissertation aims at closing this research gap, and further contributes to the body of knowledge concerning digital twin security. To study digital twin security, a two-fold approach is necessary. On the one hand, digital twins are at risk for being attacked (security for digital twins). However, on the other hand, they can also be leveraged to gain novel security opportunities (digital twins for security). This dissertation lays the general foundations of the digital twin concept in enterprises and studies these two security perspectives hereinafter. It shows that the digital twin’s security can be fostered utilizing the blockchain technology. Furthermore, it proposes digital twins to be of use in corporate security: It is shown that digital twins can collaborate with traditional security tools like Security Information and Event Management (SIEM) systems and organizational structures like the Security Operations Center (SOC). In this regard, the use of digital twins is further proven to be beneficial for digital forensics as well as Cyber Threat Intelligence (CTI)

Security Monitoring of Distribution Automation Systems

Distribution automation systems represent the new generation of power distribution systems in response to the growing interest in smart grids along with the integration of information and communication technologies (ICT). Distribution automation systems leverage advanced ICTs to automate system operation for delivering electrical energy to consumers. With the use of ICT comes the need to protect distribution automation systems from cyberattacks that could impact the operation of such systems, mainly power availability. In this thesis, the main objective is to assess the security aspect of distribution automation systems. As such, we design and implement a security monitoring platform that allows assessing the dynamics of these systems. In this regard, a digital twin testbed is designed and implemented to simulate smart power distribution systems in near real-time. Moreover, a proposed security monitoring platform is designed and implemented on top of the previously mentioned digital twin testbed. The platform can help monitor the impacts of different occurring incidents and allows executing implemented cyberattacks against the modeled power systems. In addition, it employs AI techniques to detect these attacks. The specific contributions of this thesis are: (i) the design and implementation of a cosimulation testbed for distribution automation systems using open source software packages; (ii) the design and implementation of an AI-based security analytics framework for distribution automation systems; and (iii) the implementation of cyberattacks targeting distribution automation applications. Various machine and deep learning models are implemented to detect the attacks and different performance evaluation metrics are used to compare different models. The obtained results are competitive and they validate the usefulness of the models in detecting attacks. The co-simulation platform is able to simulate power distribution systems in near real-time, along with an emulation of the IEC 60870-5-104 communication protocol. Also, the platform is capable of simulating big distribution test cases, e.g., the IEEE 123-bus and the IEEE 8500-nodes systems. The proposed platform allows power utilities to assess the security of their power distribution systems without affecting power availability and quality