ESASCF: Expertise Extraction, Generalization and Reply Framework for an Optimized Automation of Network Security Compliance

The Cyber threats exposure has created worldwide pressure on organizations to comply with cyber security standards and policies for protecting their digital assets. Vulnerability assessment (VA) and Penetration Testing (PT) are widely adopted Security Compliance (SC) methods to identify security gaps and anticipate security breaches. In the computer networks context and despite the use of autonomous tools and systems, security compliance remains highly repetitive and resources consuming. In this paper, we proposed a novel method to tackle the ever-growing problem of efficiency and effectiveness in network infrastructures security auditing by formally introducing, designing, and developing an Expert-System Automated Security Compliance Framework (ESASCF) that enables industrial and open-source VA and PT tools and systems to extract, process, store and re-use the expertise in a human-expert way to allow direct application in similar scenarios or during the periodic re-testing. The implemented model was then integrated within the ESASCF and tested on different size networks and proved efficient in terms of time-efficiency and testing effectiveness allowing ESASCF to take over autonomously the SC in Re-testing and offloading Expert by automating repeated segments SC and thus enabling Experts to prioritize important tasks in Ad-Hoc compliance tests. The obtained results validate the performance enhancement notably by cutting the time required for an expert to 50% in the context of typical corporate networks first SC and 20% in re-testing, representing a significant cost-cutting. In addition, the framework allows a long-term impact illustrated in the knowledge extraction, generalization, and re-utilization, which enables better SC confidence independent of the human expert skills, coverage, and wrong decisions resulting in impactful false negatives

Towards a systematic security evaluation of the automotive Bluetooth interface

In-cabin connectivity and its enabling technologies have increased dramatically in recent years. Security was not considered an essential property, a mind-set that has shifted significantly due to the appearance of demonstrated vulnerabilities in these connected vehicles. Connectivity allows the possibility that an external attacker may compromise the security - and therefore the safety - of the vehicle. Many exploits have already been demonstrated in literature. One of the most pervasive connective technologies is Bluetooth, a short-range wireless communication technology. Security issues with this technology are well-documented, albeit in other domains. A threat intelligence study was carried out to substantiate this motivation and finds that while the general trend is towards increasing (relative) security in automotive Bluetooth implementations, there is still significant technological lag when compared to more traditional computing systems. The main contribution of this thesis is a framework for the systematic security evaluation of the automotive Bluetooth interface from a black-box perspective (as technical specifications were loose or absent). Tests were performed through both the vehicle’s native connection and through Bluetoothenabled aftermarket devices attached to the vehicle. This framework is supported through the use of attack trees and principles as outlined in the Penetration Testing Execution Standard. Furthermore, a proof-of-concept tool was developed to implement this framework in a semi-automated manner, to carry out testing on real-world vehicles. The tool also allows for severity classification of the results acquired, as outlined in the SAE J3061 Cybersecurity Guidebook for Cyber-Physical Vehicle Systems. Results of the severity classification are validated through domain expert review. Finally, how formal methods could be integrated into the framework and tool to improve confidence and rigour, and to demonstrate how future iterations of design could be improved is also explored. In conclusion, there is a need for systematic security testing, based on the findings of the threat intelligence study. The systematic evaluation and the developed tool successfully found weaknesses in both the automotive Bluetooth interface and in the vehicle itself through Bluetooth-enabled aftermarket devices. Furthermore, the results of applying this framework provide a focus for counter-measure development and could be used as evidence in a security assurance case. The systematic evaluation framework also allows for formal methods to be introduced for added rigour and confidence. Demonstrations of how this might be performed (with case studies) were presented. Future recommendations include using this framework with more test vehicles and expanding on the existing attack trees that form the heart of the evaluation. Further work on the tool chain would also be desirable. This would enable further accuracy of any testing or modelling required, and would also take automation of the entire process further

Applications of ISES for vegetation and land use

Remote sensing relative to applications involving vegetation cover and land use is reviewed to consider the potential benefits to the Earth Observing System (Eos) of a proposed Information Sciences Experiment System (ISES). The ISES concept has been proposed as an onboard experiment and computational resource to support advanced experiments and demonstrations in the information and earth sciences. Embedded in the concept is potential for relieving the data glut problem, enhancing capabilities to meet real-time needs of data users and in-situ researchers, and introducing emerging technology to Eos as the technology matures. These potential benefits are examined in the context of state-of-the-art research activities in image/data processing and management

SciTech News Volume 71, No. 1 (2017)

Columns and Reports From the Editor 3 Division News Science-Technology Division 5 Chemistry Division 8 Engineering Division Aerospace Section of the Engineering Division 9 Architecture, Building Engineering, Construction and Design Section of the Engineering Division 11 Reviews Sci-Tech Book News Reviews 12 Advertisements IEEE

PhagePro: prophage finding tool

Dissertação de mestrado em BioinformáticaBacteriophages are viruses that infect bacteria and use them to reproduce. Their reproductive cycle can be lytic or lysogenic. The lytic cycle leads to the bacteria death, given that the bacteriophage hijacks hosts machinery to produce phage parts necessary to assemble a new complete bacteriophage, until cell wall lyse occurs. On the other hand, the lysogenic reproductive cycle comprises the bacteriophage genetic material in the bacterial genome, becoming a prophage. Sometimes, due to external stimuli, these prophages can be induced to perform a lytic cycle. Moreover, the lysogenic cycle can lead to significant modifications in bacteria, for example, antibiotic resistance. To that end, PhagePro was created. This tool finds and characterises prophages inserted in the bacterial genome. Using 42 features, three datasets were created and five machine learning algorithms were tested. All models were evaluated in two phases, during testing and with real bacterial cases. During testing, all three datasets reached the 98 % F1 score mark in their best result. In the second phase, the results of the models were used to predict real bacterial cases and the results compared to the results of two tools, Prophage Hunter and PHASTER. The best model found 110 zones out of 154 and the model with the best result in dataset 3 had 94 in common. As a final test, Agrobacterium fabrum strC68 was extensively analysed. The results show that PhagePro was capable of detecting more regions with proteins associated with phages than the other two tools. In the ligth of the results obtained, PhagePro has shown great potential in the discovery and characterisation of bacterial alterations caused by prophages.Bacteriófagos são vírus que infetam bactérias usando-as para garantir a manutenção do seu genoma. Este processo pode ser realizado por ciclo lítico ou lipogénico. O ciclo lítico consiste em usar a célula para seu proveito, criar bacteriófagos e lisar a célula. Por outro lado, no ciclo lipogénico o bacteriófago insere o seu código genético no genoma da bactéria, o que pode levar à transferência de genes de interesse, tornando-se importante uma monitorização dos profagos. Assim foi desenvolvido o PhagePro, uma ferramenta capaz de encontrar e caracterizar bacteriófagos em genomas bactérias. Foram criadas features para distinguir profagos de bactérias, criando três datasets e usando algoritmos de aprendizagem de máquina. Os modelos foram avaliados durante duas fases, a fase de teste e a fase de casos reais. Na primeira fase de testes, o melhor modelo do dataset 1 teve 98% de F1 score, dataset 2 teve 98% e do dataset 3 também teve 98%. Todos os modelos, para teste em casos reais, foram comparados com previsões de duas ferramentas Prophage Hunter e PHASTER. O modelo com os melhores resultados obteve 110 de 154 zonas em comum com as duas ferramentas e o modelo do dataset 3 teve 94 zonas. Por fim, foi feita a análise dos resultados da bactéria Agrobacterium fabrum strC68. Os resultados obtidos mostram resultados diferentes, mas válidos, as ferramentas comparadas, visto que o PhagePro consegue detectar zonas com proteínas associadas a fagos que as outras tools não conseguem. Em virtude dos resultados obtidos, PhagePro mostrou que é capaz de encontrar e caracterizar profagos em bactérias.Este estudo contou com o apoio da Fundação para a Ciência e Tecnologia (FCT) portuguesa no âmbito do financiamento estratégico da unidade UIDB/04469/2020. A obra também foi parcialmente financiada pelo Projeto PTDC/SAU-PUB/29182/2017 [POCI-01-0145-FEDER-029182]