Building an Emulation Environment for Cyber Security Analyses of Complex Networked Systems

Computer networks are undergoing a phenomenal growth, driven by the rapidly increasing number of nodes constituting the networks. At the same time, the number of security threats on Internet and intranet networks is constantly growing, and the testing and experimentation of cyber defense solutions requires the availability of separate, test environments that best emulate the complexity of a real system. Such environments support the deployment and monitoring of complex mission-driven network scenarios, thus enabling the study of cyber defense strategies under real and controllable traffic and attack scenarios. In this paper, we propose a methodology that makes use of a combination of techniques of network and security assessment, and the use of cloud technologies to build an emulation environment with adjustable degree of affinity with respect to actual reference networks or planned systems. As a byproduct, starting from a specific study case, we collected a dataset consisting of complete network traces comprising benign and malicious traffic, which is feature-rich and publicly available

Introspection on the Research Avenues of Robotic Process Automation as a Service (RPAaaS)

One of the newest business and technology developments is cloud computing, where several users approach the Cloud to complete various tasks. Cloud RPA is a technology that uses robotic process automation on Cloud-native using artificial intelligence. RPA-as-a-service: an automation software or bot that any user with an internet connection can use in the Cloud. It is an automaton self-service in cloud drag-and- drop actions and different GUI as a user-friendly software service. Cloud RPA ensures users automate any process via the Internet on the Cloud and can access it in their browser. RPA enables an intelligent agent to replicate typical manual decisions, such as rule based, well-structured ones involving vast amounts of data in a digital system, and eliminate operational errors.&nbsp

Integration of MLOps with IoT edge

Abstract. Edge Computing and Machine Learning have become increasingly vital in today’s digital landscape. Edge computing brings computational power closer to the data source enabling reduced latency and bandwith, increased privacy, and real-time decision-making. Running Machine Learning models on edge devices further enhances these advantages by reducing the reliance on cloud. This empowers industries such as transport, healthcare, manufacturing, to harness the full potential of Machine Learning. MLOps, or Machine Learning Operations play a major role streamlining the deployment, monitoring, and management of Machine Learning models in production. With MLOps, organisations can achieve faster model iteration, reduced deployment time, improved collaboration with developers, optimised performance, and ultimately meaningful business outcomes. Integrating MLOps with edge devices poses unique challenges. Overcoming these challenges requires careful planning, customised deployment strategies, and efficient model optimization techniques. This thesis project introduces a set of tools that enable the integration of MLOps practices with edge devices. The solution consists of two sets of tools: one for setting up infrastructure within edge devices to be able to receive, monitor, and run inference on Machine Learning models, and another for MLOps pipelines to package models to be compatible with the inference and monitoring components of the respective edge devices. This platform was evaluated by obtaining a public dataset used for predicting the breakdown of Air Pressure Systems in trucks, which is an ideal use-case for running ML inference on the edge, and connecting MLOps pipelines with edge devices.. A simulation was created using the data in order to control the volume of data flow into edge devices. Thereafter, the performance of the platform was tested against the scenario created by the simulation script. Response time and CPU usage in different components were the metrics that were tested. Additionally, the platform was evaluated against a set of commercial and open source tools and services that serve similar purposes. The overall performance of this solution matches that of already existing tools and services, while allowing end users setting up Edge-MLOps infrastructure the complete freedom to set up their system without completely relying on third party licensed software.MLOps-integraatio reunalaskennan tarpeisiin. Tiivistelmä. Reunalaskennasta (Edge Computing) ja koneoppimisesta on tullut yhä tärkeämpiä nykypäivän digitaalisessa ympäristössä. Reunalaskenta tuo laskentatehon lähemmäs datalähdettä, mikä mahdollistaa reaaliaikaisen päätöksenteon ja pienemmän viiveen. Koneoppimismallien suorittaminen reunalaitteissa parantaa näitä etuja entisestään vähentämällä riippuvuutta pilvipalveluista. Näin esimerkiksi liikenne-, terveydenhuolto- ja valmistusteollisuus voivat hyödyntää koneoppimisen koko potentiaalin. MLOps eli Machine Learning Operations on merkittävässä asemassa tehostettaessa ML -mallien käyttöönottoa, seurantaa ja hallintaa tuotannossa. MLOpsin avulla organisaatiot voivat nopeuttaa mallien iterointia, lyhentää käyttöönottoaikaa, parantaa yhteistyötä kehittäjien kesken, optimoida laskennan suorituskykyä ja lopulta saavuttaa merkityksellisiä liiketoimintatuloksia. MLOpsin integroiminen reunalaitteisiin asettaa ainutlaatuisia haasteita. Näiden haasteiden voittaminen edellyttää huolellista suunnittelua, räätälöityjä käyttöönottostrategioita ja tehokkaita mallien optimointitekniikoita. Tässä opinnäytetyöhankkeessa esitellään joukko työkaluja, jotka mahdollistavat MLOps-käytäntöjen integroinnin reunalaitteisiin. Ratkaisu koostuu kahdesta työkalukokonaisuudesta: toinen infrastruktuurin perustamisesta reunalaitteisiin, jotta ne voivat vastaanottaa, valvoa ja suorittaa päätelmiä koneoppimismalleista, ja toinen MLOps “prosesseista”, joilla mallit paketoidaan yhteensopiviksi vastaavien reunalaitteiden komponenttien kanssa. Ratkaisun toimivuutta arvioitiin avoimeen dataan perustuvalla käyttötapauksella. Datan avulla luotiin simulaatio, jonka tarkoituksena oli mahdollistaa reunalaitteisiin suuntautuvan datatovirran kontrollonti. Tämän jälkeen suorituskykyä testattiin simuloinnin luoman skenaarion avulla. Testattaviin mittareihin kuuluivat muun muassa suorittimen käyttö. Lisäksi ratkaisua arvioitiin vertaamalla sitä olemassa oleviin kaupallisiin ja avoimen lähdekoodin alustoihin. Tämän ratkaisun kokonaissuorituskyky vastaa jo markkinoilla olevien työkalujen ja palvelujen suorituskykyä. Ratkaisu antaa samalla loppukäyttäjille mahdollisuuden perustaa Edge-MLOps-infrastruktuuri ilman riippuvuutta kolmannen osapuolen lisensoiduista ohjelmistoista

Decision-focussed resource modelling for design decision support

Resource management including resource allocation, levelling, configuration and monitoring has been recognised as critical to design decision making. It has received increasing research interests in recent years. Different definitions, models and systems have been developed and published in literature. One common issue with existing research is that the resource modelling has focussed on the information view of resources. A few acknowledged the importance of resource capability to design management, but none has addressed the evaluation analysis of resource fitness to effectively support design decisions. This paper proposes a decision-focused resource model framework that addresses the combination of resource evaluation with resource information from multiple perspectives. A resource management system constructed on the resource model framework can provide functions for design engineers to efficiently search and retrieve the best fit resources (based on the evaluation results) to meet decision requirements. Thus, the system has the potential to provide improved decision making performance compared with existing resource management systems

Securing critical utility systems & network infrastructures

Tese de mestrado, Segurança Informática, Universidade de Lisboa, Faculdade de Ciências, 2009As infra-estruturas críticas de TI para serviços públicos são apoiadas por inúmeros sistemas complexos. Estes sistemas permitem a gestão e recolha de informação em tempo-real, constituindo a base para a gestão eficiente das operações. A utilização, cada vez mais frequente, de software e hardware (Commercial Off-The-Shelf, COTS) em sistemas SCADA permitiu grandes beneficios financeiros na aquisição e desenvolvimento de soluções técnicas que suportam os serviços públicos. O uso de hardware e software COTS em sistemas SCADA transferiu para as infra-estruturas críticas os problemas de segurança de uma infraestrutura de TI empresarial. Neste contexto, um desafio para as equipas de gestão operacional dos sistemas de TI é a gestão eficaz dos sistemas e redes que compõem as infra-estruturas críticas dos serviços públicos. Apesar de estas organizações adoptarem, cada vez mais, normas e melhores práticas que visam melhorar a gestão, operações e processos de configuração. Este projecto de investigação propõe-se a desenvolver um estudo comparativo de plataformas de gestão integrada no contexto dos sistemas SCADA que suportam serviços públicos. Adicionalmente, este projecto de investigação irá desenvolver estudos acerca de perfis operacionais dos Sistemas Operativos que suportam a infra-estrutura IT dos serviços públicos críticos. Este projecto de investigação irá descrever como as decisões estratégicas de gestão têm impacto nas operações de gestão de uma infra-estrutura TI.Modern critical utility IT infrastructures are supported by numerous complex systems. These systems allow real-time management and information collection, which is the basis of efficient service management operations. The usage of commercial off-the-shelf (COTS) hardware and software in SCADA systems allowed for major financial advantages in purchasing and developing technical solutions. On the other hand, this COTS hardware and software generalized usage in SCADA systems, exposed critical infrastructures to the security problems of a corporate IT infrastructure. A significant challenge for IT teams is managing critical utility IT infrastructures even upon adopting security best practices that help management, operations and configuration of the systems and network components that comprise those infrastructures. This research project proposes to survey integrated management software that can address the specific security constraints of a SCADA infrastructure supported by COTS software. Additionally, this research project proposes to investigate techniques that will allow the creation of operational profiles of Operating Systems supporting critical utility IT infrastructures. This research project will describe how the strategic management decisions impact tactical operations management of an IT environment. We will investigate desirable technical management elements in support of the operational management

The Design and Implementation of an Automated Security Compliance Toolkit: A Pedagogical Exercise

The demand, through government regulations, for the preservation of the security, integrity, and privacy of corporate and customer information is increasing at an unprecedented pace. Government and private entities struggle to comply with these regulations through various means—both automated and manual controls. This paper presents an automated security compliance toolkit that is designed and developed using mostly open source tools to demonstrate that 1) meeting regulatory compliance does not need to be a very expensive proposition and 2) an undertaking of this magnitude could be served as a pedagogical exercise for students in the areas of collaboration, project management, software engineering, information assurance, and regulatory compliance

Service Now: CMDB Research

The MAPFRE Capstone team has been tasked with reviewing and recommending roadmap on the existing CMDB configuration. Paper discusses the team’s overall research on ServiceNow CMDB, Client’s deliverables and introduction to the latest technological innovations. Based on given objectives and team’s analysis we have recommended key solutions for the client to better understand the IT environment areas of business service impact, asset management, compliance, and configuration management. In addition, our research has covered all the majority of the technical and functional areas to provide greater visibility and insight into existing CMDB and IT environment

The enterprise blockchain design framework and its application to an e-Procurement ecosystem

The research work of this paper has been partially funded by the project VORTAL INTER DATA (n° 038361), co-financed by Vortal and COMPETE Program P2020. We would also like to thank UNIDEMI, DEMI, and LASI for providing us with the research infrastucture and resources to conduct this research. Publisher Copyright: © 2022 Elsevier LtdBlockchain technologies have seen a steady growth in interest from industries as the technology is gaining maturity. It is offering a novel way to establish trust amongst multiple stakeholders without relying or trusting centralised authorities. While its use as a decentralised store of value has been validated through the emergence of cryptocurrencies, its use case in industrial applications with multiple stakeholder ecosystems such as industrial supply chain management, is still at an early stage of design and experimentation where private blockchains are used as opposed to public blockchains. Many enterprise blockchain projects failed to gain traction after initial launches, due to inefficient design, lack of incentives to all stakeholders or simply because the use of blockchain was not really necessary in the first place. There has been a need for a framework that allows blockchain designers and researchers to evaluate scenarios when a blockchain solution is useful and design the key configurations for an enterprise blockchain solution. Literature on blockchain architectures are sparse and only applicable to specific use cases or functionalities. This paper proposes a comprehensive Enterprise Blockchain Design Framework (EBDF), that not only identifies the relevant use cases when a blockchain must be utilised, but also details all the characteristics and configurations for designing an enterprise blockchain ecosystem, applicable to multiple industries. To validate the EBDF, we apply the same to the Vortal e-Procurement ecosystem allowing for multiple platforms to interoperate with greater transparency and accountability over the proposed blockchain framework. In this use case, many vendors bid for procurement procedures, often for publicly managed funds where it is extremely vital that full transparency and accountability is ensured in the entire process. Ensuring that certain digital certification functions, such as timestamps are independent from e-Procurement platform owners has been a challenge. Blockchain technology has emerged as a promising solution for not only ensuring transparency and immutability of records, but also providing for interoperability across different platforms by acting as a trusted third-party. The applied framework is used to design a Hyperledger based blockchain solution with some of the key architectural elements that could fulfil these needs while presenting the advantages of such a solution.publishersversionpublishe