Autonomous Vehicles:The Cybersecurity Vulnerabilities and Countermeasures for Big Data Communication

The possible applications of communication based on big data have steadily increased in several industries, such as the autonomous vehicle industry, with a corresponding increase in security challenges, including cybersecurity vulnerabilities (CVs). The cybersecurity-related symmetry of big data communication systems used in autonomous vehicles may raise more vulnerabilities in the data communication process between these vehicles and IoT devices. The data involved in the CVs may be encrypted using an asymmetric and symmetric algorithm. Autonomous vehicles with proactive cybersecurity solutions, power-based cyberattacks, and dynamic countermeasures are the modern issues/developments with emerging technology and evolving attacks. Research on big data has been primarily focused on mitigating CVs and minimizing big data breaches using appropriate countermeasures known as security solutions. In the future, CVs in data communication between autonomous vehicles (DCAV), the weaknesses of autonomous vehicular networks (AVN), and cyber threats to network functions form the primary security issues in big data communication, AVN, and DCAV. Therefore, efficient countermeasure models and security algorithms are required to minimize CVs and data breaches. As a technique, policies and rules of CVs with proxy and demilitarized zone (DMZ) servers were combined to enhance the efficiency of the countermeasure. In this study, we propose an information security approach that depends on the increasing energy levels of attacks and CVs by identifying the energy levels of each attack. To show the results of the performance of our proposed countermeasure, CV and energy consumption are compared with different attacks. Thus, the countermeasures can secure big data communication and DCAV using security algorithms related to cybersecurity and effectively prevent CVs and big data breaches during data communication

Developing a usable security approach for user awareness against ransomware

This thesis was submitted for the award of Doctor of Philosophy and was awarded by Brunel University LondonThe main purpose of the research presented in this thesis is to design and develop a game prototype for improving user awareness against ransomware, which has been reported as the most significant cyber security threat to the United Kingdom by the National Cyber Security Centre. Digital transformation is helping individuals, organisations, governments and Industrial control systems to modernise and improve their effectiveness. At the same time, cyber crimes are evolving and targeting essential services. A successful cyber attack can compromise users’ privacy, bring bad publicity and financial damage to organisations and target national security. A literature review was conducted to understand threats to the cyber social system. Literature in this thesis reports attackers exploit humans as the weakest link to execute successful security breaches. Therefore to address this challenge, a significant gap has been identified as an opportunity to contribute to user awareness of the ransomware cyber security threat. The current thesis proposes RansomAware a novel game prototype to improve user awareness. The game is based on Technology Threat Avoidance Theory (TTAT) model. In this thesis two studies are carried out, study 1 empirically validates the elements of TTAT to be embedded in the RansomAware prototype and reports a significant change in users’ motivation to avoid ransomware cyber security threat 55% and avoidance behaviour 29%, whereas study 2 evaluates game usability and report significant results of SUS average score of 87.58 and statistical results of p < 0.01 indicate user’s satisfaction of the RansomAware. Finally, the research provides guidelines on how the proposed RansomAware game can be adopted by practitioners and individuals to improve their awareness against the ransomware cyber security threat

The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

Digital Twins: Potentials, Ethical Issues, and Limitations

After Big Data and Artificial Intelligence (AI), the subject of Digital Twins has emerged as another promising technology, advocated, built, and sold by various IT companies. The approach aims to produce highly realistic models of real systems. In the case of dynamically changing systems, such digital twins would have a life, i.e. they would change their behaviour over time and, in perspective, take decisions like their real counterparts \textemdash so the vision. In contrast to animated avatars, however, which only imitate the behaviour of real systems, like deep fakes, digital twins aim to be accurate "digital copies", i.e. "duplicates" of reality, which may interact with reality and with their physical counterparts. This chapter explores, what are possible applications and implications, limitations, and threats.Comment: 22 pages, in Andrej Zwitter and Oskar Gstrein, Handbook on the Politics and Governance of Big Data and Artificial Intelligence, Edward Elgar [forthcoming] (Handbooks in Political Science series

MalBoT-DRL: Malware botnet detection using deep reinforcement learning in IoT networks

In the dynamic landscape of cyber threats, multi-stage malware botnets have surfaced as significant threats of concern. These sophisticated threats can exploit Internet of Things (IoT) devices to undertake an array of cyberattacks, ranging from basic infections to complex operations such as phishing, cryptojacking, and distributed denial of service (DDoS) attacks. Existing machine learning solutions are often constrained by their limited generalizability across various datasets and their inability to adapt to the mutable patterns of malware attacks in real world environments, a challenge known as model drift. This limitation highlights the pressing need for adaptive Intrusion Detection Systems (IDS), capable of adjusting to evolving threat patterns and new or unseen attacks. This paper introduces MalBoT-DRL, a robust malware botnet detector using deep reinforcement learning. Designed to detect botnets throughout their entire lifecycle, MalBoT-DRL has better generalizability and offers a resilient solution to model drift. This model integrates damped incremental statistics with an attention rewards mechanism, a combination that has not been extensively explored in literature. This integration enables MalBoT-DRL to dynamically adapt to the ever-changing malware patterns within IoT environments. The performance of MalBoT-DRL has been validated via trace-driven experiments using two representative datasets, MedBIoT and N-BaIoT, resulting in exceptional average detection rates of 99.80% and 99.40% in the early and late detection phases, respectively. To the best of our knowledge, this work introduces one of the first studies to investigate the efficacy of reinforcement learning in enhancing the generalizability of IDS

IoT Applications Computing

The evolution of emerging and innovative technologies based on Industry 4.0 concepts are transforming society and industry into a fully digitized and networked globe. Sensing, communications, and computing embedded with ambient intelligence are at the heart of the Internet of Things (IoT), the Industrial Internet of Things (IIoT), and Industry 4.0 technologies with expanding applications in manufacturing, transportation, health, building automation, agriculture, and the environment. It is expected that the emerging technology clusters of ambient intelligence computing will not only transform modern industry but also advance societal health and wellness, as well as and make the environment more sustainable. This book uses an interdisciplinary approach to explain the complex issue of scientific and technological innovations largely based on intelligent computing

EVALUATING THE CYBER SECURITY IN THE INTERNET OF THINGS: SMART HOME VULNERABILITIES

The need for advanced cyber security measures and strategies is attributed to modern sophistication of cyber-attacks and intense media attention when attacks and breaches occur. In May 2014, a congressional report suggested that Americans used approximately 500 million Internet-capable devices at home, including, but not limited to Smartphones, tablets, and other Internet-connected devices, which run various unimpeded applications. Owing to this high level of connectivity, our home environment is not immune to the cyber-attack paradigm; rather, the home has evolved to become one of the most influenced markets where the Internet of Things has had extensive surfaces, vectors for attacks, and unanswered security concerns. Thus, the aim of the present research was to investigate behavioral heuristics of the Internet of Things by adopting an exploratory multiple case study approach. A controlled Internet of Things ecosystem was constructed consisting of real-life data observed during a typical life cycle of initial configuration and average use. The information obtained during the course of this study involved the systematic acquisition and analysis of Smart Home ecosystem link-layer protocol data units (PDUs). The methodology employed during this study involved a recursive multiple case study evaluation of the Smart Home ecosystem data-link layer PDUs and aligned the case studies to the existing Intrusion Kill Chain design model. The proposed solution emerging from the case studies builds the appropriate data collection template while concurrently developing a Security as a Service (SECaaS) capability to evaluate collected results

CPS Attacks Mitigation Approaches on Power Electronic Systems with Security Challenges for Smart Grid Applications: A Review

This paper presents an inclusive review of the cyber-physical (CP) attacks, vulnerabilities, mitigation approaches on the power electronics and the security challenges for the smart grid applications. With the rapid evolution of the physical systems in the power electronics applications for interfacing renewable energy sources that incorporate with cyber frameworks, the cyber threats have a critical impact on the smart grid performance. Due to the existence of electronic devices in the smart grid applications, which are interconnected through communication networks, these networks may be subjected to severe cyber-attacks by hackers. If this occurs, the digital controllers can be physically isolated from the control loop. Therefore, the cyber-physical systems (CPSs) in the power electronic systems employed in the smart grid need special treatment and security. In this paper, an overview of the power electronics systems security on the networked smart grid from the CP perception, as well as then emphases on prominent CP attack patterns with substantial influence on the power electronics components operation along with analogous defense solutions. Furthermore, appraisal of the CPS threats attacks mitigation approaches, and encounters along the smart grid applications are discussed. Finally, the paper concludes with upcoming trends and challenges in CP security in the smart grid applications