Metaverse-IDS: deep learning-based intrusion detection system for Metaverse-IoT networks

Combining the metaverse and the Internet of Things (IoT) will lead to the development of diverse, virtual, and more advanced networks in the future. The integration of IoT networks with the metaverse will enable more meaningful connections between the 'real' and 'virtual' worlds, allowing for real-time data analysis, access, and processing. However, these metaverse-IoT networks will face numerous security and privacy threats. Intrusion Detection Systems (IDS) offer an effective means of early detection for such attacks. Nevertheless, the metaverse generates substantial volumes of data due to its interactive nature and the multitude of user interactions within virtual environments, posing a computational challenge for building an intrusion detection system. To address this challenge, this paper introduces an innovative intrusion detection system model based on deep learning. This model aims to detect most attacks targeting metaverse-IoT communications and combines two techniques: KPCA (Kernel Principal Component Analysis which was used for attack feature extraction and CNN (Convolutional Neural Networks for attack recognition and classification. The efficiency of this proposed IDS model is assessed using two widely recognized benchmark datasets, BoT-IoT and ToN-IoT, which contain various IoT attacks potentially targeting IoT communications. Experimental results confirmed the effectiveness of the proposed IDS model in identifying 12 classes of attacks relevant to metaverse-IoT, achieving a remarkable accuracy of 99.8% and a False Negative Rate FNR less than 0.2. Furthermore, when compared with other models in the literature, our IDS model demonstrates superior performance in attack detection accuracy

Metaverse-IDS: Deep learning-based intrusion detection system for Metaverse-IoT networks

Combining the metaverse and the Internet of Things (IoT) will lead to the development of diverse, virtual, and more advanced networks in the future. The integration of IoT networks with the metaverse will enable more meaningful connections between the 'real' and 'virtual' worlds, allowing for real-time data analysis, access, and processing. However, these metaverse-IoT networks will face numerous security and privacy threats. Intrusion Detection Systems (IDS) offer an effective means of early detection for such attacks. Nevertheless, the metaverse generates substantial volumes of data due to its interactive nature and the multitude of user interactions within virtual environments, posing a computational challenge for building an intrusion detection system. To address this challenge, this paper introduces an innovative intrusion detection system model based on deep learning. This model aims to detect most attacks targeting metaverse-IoT communications and combines two techniques: KPCA (Kernel Principal Component Analysis which was used for attack feature extraction and CNN (Convolutional Neural Networks for attack recognition and classification. The efficiency of this proposed IDS model is assessed using two widely recognized benchmark datasets, BoT-IoT and ToN-IoT, which contain various IoT attacks potentially targeting IoT communications. Experimental results confirmed the effectiveness of the proposed IDS model in identifying 12 classes of attacks relevant to metaverse-IoT, achieving a remarkable accuracy of and a False Negative Rate FNR less than . Furthermore, when compared with other models in the literature, our IDS model demonstrates superior performance in attack detection accuracy

Detection and mitigation strategies for cyber-attacks in offshore oil and gas industrial networks

Industrial Cyber-Physical Systems (ICPS) increasingly rely on insecure protocols, raising security concerns in oil and gas (OG) operations. Replacing these protocols is often too expensive, highlighting the need for efficient cyber-attack detection. This thesis addresses this critical challenge by proposing a novel unsupervised anomaly detection model attack detection in OG environments. Existing Intrusion Detection Systems (IDS) for industrial networks, primarily Machine Learning (ML)-based, often suffer from high false positive rates and limited focus on OG environments. This potentially hinders real-world adoption. To address this gap, we introduce the Sliding Time-window Anomaly Detection (STADe) model – a novel approach that leverages the inherent periodicity of industrial network traffic for anomaly detection. The STADe model segments network packet inter-arrival times into time windows and analyzes periodicity within each window. This approach demonstrably reduces False Discovery Rates (FDR) compared to existing methods. Experiments evaluate existing ML-based IDSs and leverage the findings to develop STADe. A dedicated gas wellhead monitoring testbed was designed to emulate real-world scenarios and facilitate data collection for attack simulations and analysis. Additionally, this research identifies a novel field flooding attack capable of disrupting critical OG processes. This research emphasizes the significance of network traffic periodicity and demonstrates the effectiveness of anomaly detection models that leverage this characteristic

A two-fold Perspective on Enterprise Security in the Digital Twin Context

Digital twins represent and can manage an enterprise asset virtually along its lifecycle. The vital technologies the twin relies upon (e.g., Internet of Things) have only recently matured. Since then, literature has taken up on digital twins. The digital twin therefore constitutes a very young concept, where security is currently neglected. This dissertation aims at closing this research gap, and further contributes to the body of knowledge concerning digital twin security. To study digital twin security, a two-fold approach is necessary. On the one hand, digital twins are at risk for being attacked (security for digital twins). However, on the other hand, they can also be leveraged to gain novel security opportunities (digital twins for security). This dissertation lays the general foundations of the digital twin concept in enterprises and studies these two security perspectives hereinafter. It shows that the digital twin’s security can be fostered utilizing the blockchain technology. Furthermore, it proposes digital twins to be of use in corporate security: It is shown that digital twins can collaborate with traditional security tools like Security Information and Event Management (SIEM) systems and organizational structures like the Security Operations Center (SOC). In this regard, the use of digital twins is further proven to be beneficial for digital forensics as well as Cyber Threat Intelligence (CTI)

Secure Information Sharing with Distributed Ledgers

In 2009, blockchain technology was first introduced as the supporting database technology for digital currencies. Since then, more advanced derivations of the technology have been developed under the broader term Distributed Ledgers, with improved scalability and support for general-purpose application logic. As a distributed database, they are able to support interorganizational information sharing while assuring desirable information security attributes like non-repudiation, auditability and transparency. Based on these characteristics, researchers and practitioners alike have begun to identify a plethora of disruptive use cases for Distributed Ledgers in existing application domains. While these use cases are promising significant efficiency improvements and cost reductions, practical adoption has been slow in the past years. This dissertation focuses on improving three aspects contributing to slow adoption. First, it attempts to identify application areas and substantiated use cases where Distributed Ledgers can considerably advance the security of information sharing. Second, it considers the security aspects of the technology itself, identifying threats to practical applications and detection approaches for these threats. And third, it investigates success factors for successful interorganizational collaborations using Distributed Ledgers