236 research outputs found
Interleaved Honeypot-Framing Model with Secure MAC Policies for Wireless Sensor Networks
The Wireless Medium Access Control (WMAC) protocol functions by handling various data frames in order to forward them to neighbor sensor nodes. Under this circumstance, WMAC policies need secure data communication rules and intrusion detection procedures to safeguard the data from attackers. The existing secure Medium Access Control (MAC) policies provide expected and predictable practices against channel attackers. These security policies can be easily breached by any intelligent attacks or malicious actions. The proposed Wireless Interleaved Honeypot-Framing Model (WIHFM) newly implements distributed honeypot-based security mechanisms in each sensor node to act reactively against various attackers. The proposed WIHFM creates an optimal Wireless Sensor Network (WSN) channel model, Wireless Interleaved Honeypot Frames (WIHFs), secure hash-based random frame-interleaving principles, node-centric honeypot engines, and channel-covering techniques. Compared to various existing MAC security policies, the proposed model transforms unpredictable IHFs into legitimate frame sequences against channel attackers. Additionally, introducing WIHFs is a new-fangled approach for distributed WSNs. The successful development of the proposed WIHFM ensures resilient security standards and neighbor-based intrusion alert procedures for protecting MAC frames. Particularly, the proposed wireless honeypot methodology creates a novel idea of using honeypot frame traps against open wireless channel attacks. The development of a novel wireless honeypot traps deals with various challenges such as distributed honeypot management principles (node-centric honeypot, secretly interleaved-framing principles, and interleaving/de-interleaving procedures), dynamic network backbone management principles (On Demand Acyclic Connectivity model), and distributed attack isolation policies. This effort provides an effective wireless attack-trapping solution in dynamic WSNs. The simulation results show the advantage of the proposed WIHFM over the existing techniques such as Secure Zebra MAC (SZ-MAC), Blockchain-Assisted Secure-Routing Mechanism (BASR), and the Trust-Based Node Evaluation (TBNE) procedure. The experimental section confirms the proposed model attains a 10% to 14% superior performance compared to the existing techniques
ELECTRON: An Architectural Framework for Securing the Smart Electrical Grid with Federated Detection, Dynamic Risk Assessment and Self-Healing
The electrical grid has significantly evolved over the years, thus creating a smart paradigm, which is well known as the smart electrical grid. However, this evolution creates critical cybersecurity risks due to the vulnerable nature of the industrial systems and the involvement of new technologies. Therefore, in this paper, the ELECTRON architecture is presented as an integrated platform to detect, mitigate and prevent potential cyberthreats timely. ELECTRON combines both cybersecurity and energy defence mechanisms in a collaborative way. The key aspects of ELECTRON are (a) dynamic risk assessment, (b) asset certification, (c) federated intrusion detection and correlation, (d) Software Defined Networking (SDN) mitigation, (e) proactive islanding and (f) cybersecurity training and certification
AI-powered Fraud Detection in Decentralized Finance: A Project Life Cycle Perspective
In recent years, blockchain technology has introduced decentralized finance
(DeFi) as an alternative to traditional financial systems. DeFi aims to create
a transparent and efficient financial ecosystem using smart contracts and
emerging decentralized applications. However, the growing popularity of DeFi
has made it a target for fraudulent activities, resulting in losses of billions
of dollars due to various types of frauds. To address these issues, researchers
have explored the potential of artificial intelligence (AI) approaches to
detect such fraudulent activities. Yet, there is a lack of a systematic survey
to organize and summarize those existing works and to identify the future
research opportunities. In this survey, we provide a systematic taxonomy of
various frauds in the DeFi ecosystem, categorized by the different stages of a
DeFi project's life cycle: project development, introduction, growth, maturity,
and decline. This taxonomy is based on our finding: many frauds have strong
correlations in the stage of the DeFi project. According to the taxonomy, we
review existing AI-powered detection methods, including statistical modeling,
natural language processing and other machine learning techniques, etc. We find
that fraud detection in different stages employs distinct types of methods and
observe the commendable performance of tree-based and graph-related models in
tackling fraud detection tasks. By analyzing the challenges and trends, we
present the findings to provide proactive suggestion and guide future research
in DeFi fraud detection. We believe that this survey is able to support
researchers, practitioners, and regulators in establishing a secure and
trustworthy DeFi ecosystem.Comment: 38 pages, update reference
Security Technologies and Methods for Advanced Cyber Threat Intelligence, Detection and Mitigation
The rapid growth of the Internet interconnectivity and complexity of communication systems has led us to a significant growth of cyberattacks globally often with severe and disastrous consequences. The swift development of more innovative and effective (cyber)security solutions and approaches are vital which can detect, mitigate and prevent from these serious consequences. Cybersecurity is gaining momentum and is scaling up in very many areas. This book builds on the experience of the Cyber-Trust EU project’s methods, use cases, technology development, testing and validation and extends into a broader science, lead IT industry market and applied research with practical cases. It offers new perspectives on advanced (cyber) security innovation (eco) systems covering key different perspectives. The book provides insights on new security technologies and methods for advanced cyber threat intelligence, detection and mitigation. We cover topics such as cyber-security and AI, cyber-threat intelligence, digital forensics, moving target defense, intrusion detection systems, post-quantum security, privacy and data protection, security visualization, smart contracts security, software security, blockchain, security architectures, system and data integrity, trust management systems, distributed systems security, dynamic risk management, privacy and ethics
Security Technologies and Methods for Advanced Cyber Threat Intelligence, Detection and Mitigation
The rapid growth of the Internet interconnectivity and complexity of communication systems has led us to a significant growth of cyberattacks globally often with severe and disastrous consequences. The swift development of more innovative and effective (cyber)security solutions and approaches are vital which can detect, mitigate and prevent from these serious consequences. Cybersecurity is gaining momentum and is scaling up in very many areas. This book builds on the experience of the Cyber-Trust EU project’s methods, use cases, technology development, testing and validation and extends into a broader science, lead IT industry market and applied research with practical cases. It offers new perspectives on advanced (cyber) security innovation (eco) systems covering key different perspectives. The book provides insights on new security technologies and methods for advanced cyber threat intelligence, detection and mitigation. We cover topics such as cyber-security and AI, cyber-threat intelligence, digital forensics, moving target defense, intrusion detection systems, post-quantum security, privacy and data protection, security visualization, smart contracts security, software security, blockchain, security architectures, system and data integrity, trust management systems, distributed systems security, dynamic risk management, privacy and ethics
Collaborative Honeypot Defense in UAV Networks: A Learning-Based Game Approach
The proliferation of unmanned aerial vehicles (UAVs) opens up new
opportunities for on-demand service provisioning anywhere and anytime, but also
exposes UAVs to a variety of cyber threats. Low/medium interaction honeypots
offer a promising lightweight defense for actively protecting mobile Internet
of things, particularly UAV networks. While previous research has primarily
focused on honeypot system design and attack pattern recognition, the incentive
issue for motivating UAV's participation (e.g., sharing trapped attack data in
honeypots) to collaboratively resist distributed and sophisticated attacks
remains unexplored. This paper proposes a novel game-theoretical collaborative
defense approach to address optimal, fair, and feasible incentive design, in
the presence of network dynamics and UAVs' multi-dimensional private
information (e.g., valid defense data (VDD) volume, communication delay, and
UAV cost). Specifically, we first develop a honeypot game between UAVs and the
network operator under both partial and complete information asymmetry
scenarios. The optimal VDD-reward contract design problem with partial
information asymmetry is then solved using a contract-theoretic approach that
ensures budget feasibility, truthfulness, fairness, and computational
efficiency. In addition, under complete information asymmetry, we devise a
distributed reinforcement learning algorithm to dynamically design optimal
contracts for distinct types of UAVs in the time-varying UAV network. Extensive
simulations demonstrate that the proposed scheme can motivate UAV's cooperation
in VDD sharing and improve defensive effectiveness, compared with conventional
schemes.Comment: Accepted Aug. 28, 2023 by IEEE Transactions on Information Forensics
& Security. arXiv admin note: text overlap with arXiv:2209.1381
On the Convergence of Artificial Intelligence and Distributed Ledger Technology: A Scoping Review and Future Research Agenda
Developments in Artificial Intelligence (AI) and Distributed Ledger
Technology (DLT) currently lead to lively debates in academia and practice. AI
processes data to perform tasks that were previously thought possible only for
humans. DLT has the potential to create consensus over data among a group of
participants in uncertain environments. In recent research, both technologies
are used in similar and even the same systems. Examples include the design of
secure distributed ledgers or the creation of allied learning systems
distributed across multiple nodes. This can lead to technological convergence,
which in the past, has paved the way for major innovations in information
technology. Previous work highlights several potential benefits of the
convergence of AI and DLT but only provides a limited theoretical framework to
describe upcoming real-world integration cases of both technologies. We aim to
contribute by conducting a systematic literature review on previous work and
providing rigorously derived future research opportunities. This work helps
researchers active in AI or DLT to overcome current limitations in their field,
and practitioners to develop systems along with the convergence of both
technologies
EF/CF: High Performance Smart Contract Fuzzing for Exploit Generation
Smart contracts are increasingly being used to manage large numbers of
high-value cryptocurrency accounts. There is a strong demand for automated,
efficient, and comprehensive methods to detect security vulnerabilities in a
given contract. While the literature features a plethora of analysis methods
for smart contracts, the existing proposals do not address the increasing
complexity of contracts. Existing analysis tools suffer from false alarms and
missed bugs in today's smart contracts that are increasingly defined by
complexity and interdependencies. To scale accurate analysis to modern smart
contracts, we introduce EF/CF, a high-performance fuzzer for Ethereum smart
contracts. In contrast to previous work, EF/CF efficiently and accurately
models complex smart contract interactions, such as reentrancy and
cross-contract interactions, at a very high fuzzing throughput rate. To achieve
this, EF/CF transpiles smart contract bytecode into native C++ code, thereby
enabling the reuse of existing, optimized fuzzing toolchains. Furthermore,
EF/CF increases fuzzing efficiency by employing a structure-aware mutation
engine for smart contract transaction sequences and using a contract's ABI to
generate valid transaction inputs. In a comprehensive evaluation, we show that
EF/CF scales better -- without compromising accuracy -- to complex contracts
compared to state-of-the-art approaches, including other fuzzers,
symbolic/concolic execution, and hybrid approaches. Moreover, we show that
EF/CF can automatically generate transaction sequences that exploit reentrancy
bugs to steal Ether.Comment: To be published at Euro S&P 202
- …