A Cloud-based Intrusion Detection and Prevention System for Mobile Voting in South Africa

Publishe ThesisInformation and Communication Technology (ICT) has given rise to new technologies and solutions that were not possible a few years ago. One of these new technologies is electronic voting, also known as e-voting, which is the use of computerised equipment to cast a vote. One of the subsets of e-voting is mobile voting (m-voting). M-voting is the use of mobile phones to cast a vote outside the restricted electoral boundaries. Mobile phones are pervasive; they offer connection anywhere, at any time. However, utilising a fast-growing medium such as the mobile phone to cast a vote, poses various new security threats and challenges. Mobile phones utilise equivalent software design used by personal computers which makes them vulnerable or exposed to parallel security challenges like viruses, Trojans and worms. In the past, security solutions for mobile phones encountered several restrictions in practice. Several methods were used; however, these methods were developed to allow lightweight intrusion detection software to operate directly on the mobile phone. Nevertheless, such security solutions are bound to fail securing a device from intrusions as they are constrained by the restricted memory, storage, computational resources, and battery power of mobile phones. This study compared and evaluated two intrusion detection systems (IDSs), namely Snort and Suricata, in order to propose a cloud-based intrusion detection and prevention system (CIDPS) for m-voting in South Africa. It employed simulation as the primary research strategy to evaluate the IDSs. A quantitative research method was used to collect and analyse data. The researcher established that as much as Snort has been the preferred intrusion detection and prevention system (IDPS) in the past, Suricata presented more effective and accurate results close to what the researcher anticipated. The results also revealed that, though Suricata was proven effective enough to protect m-voting while saving the computational resources of mobile phones, more work needs to be done to alleviate the false-negative alerts caused by the anomaly detection method. This study adopted Suricata as a suitable cloud-based analysis engine to protect a mobile voting application like XaP

Threats and Solutions to Mobile Devices

Mobile devices have now surpassed personal computers (PC) in terms of popularity. Smartphones now come with powerful multi-core processors, loaded with considerable amounts of memory and are capable of carrying out complex operations with relative ease. However, this increase in technology has meant that it has now become susceptible to some of the same problems that P

Threats and Solutions to Mobile Devices

Mobile devices have now surpassed personal computers (PC) in terms of popularity. Smartphones now come with powerful multi-core processors, loaded with considerable amounts of memory and are capable of carrying out complex operations with relative ease. However, this increase in technology has meant that it has now become susceptible to some of the same problems that PC‘s face. In this paper, I will talk about the malware, virus and other security problems facing mobile devices and their possible solutions

Trustworthy Wireless Personal Area Networks

In the Internet of Things (IoT), everyday objects are equipped with the ability to compute and communicate. These smart things have invaded the lives of everyday people, being constantly carried or worn on our bodies, and entering into our homes, our healthcare, and beyond. This has given rise to wireless networks of smart, connected, always-on, personal things that are constantly around us, and have unfettered access to our most personal data as well as all of the other devices that we own and encounter throughout our day. It should, therefore, come as no surprise that our personal devices and data are frequent targets of ever-present threats. Securing these devices and networks, however, is challenging. In this dissertation, we outline three critical problems in the context of Wireless Personal Area Networks (WPANs) and present our solutions to these problems. First, I present our Trusted I/O solution (BASTION-SGX) for protecting sensitive user data transferred between wirelessly connected (Bluetooth) devices. This work shows how in-transit data can be protected from privileged threats, such as a compromised OS, on commodity systems. I present insights into the Bluetooth architecture, Intel’s Software Guard Extensions (SGX), and how a Trusted I/O solution can be engineered on commodity devices equipped with SGX. Second, I present our work on AMULET and how we successfully built a wearable health hub that can run multiple health applications, provide strong security properties, and operate on a single charge for weeks or even months at a time. I present the design and evaluation of our highly efficient event-driven programming model, the design of our low-power operating system, and developer tools for profiling ultra-low-power applications at compile time. Third, I present a new approach (VIA) that helps devices at the center of WPANs (e.g., smartphones) to verify the authenticity of interactions with other devices. This work builds on past work in anomaly detection techniques and shows how these techniques can be applied to Bluetooth network traffic. Specifically, we show how to create normality models based on fine- and course-grained insights from network traffic, which can be used to verify the authenticity of future interactions

A Risk management framework for the BYOD environment

Computer networks in organisations today have different layers of connections, which are either domain connections or external connections. The hybrid network contains the standard domain connections, cloud base connections, “bring your own device” (BYOD) connections, together with the devices and network connections of the Internet of Things (IoT). All these technologies will need to be incorporated in the Oman Vision 2040 strategy, which will involve changing several cities to smart cities. To implement this strategy artificial intelligence, cloud computing, BYOD and IoT will be adopted. This research will focus on the adoption of BYOD in the Oman context. It will have advantages for organisations, such as increasing productivity and reducing costs. However, these benefits come with security risks and privacy concerns, the users being the main contributors of these risks. The aim of this research is to develop a risk management and security framework for the BYOD environment to minimise these risks. The proposed framework is designed to detect and predict the risks by the use of MDM event logs and function logs. The chosen methodology is a combination of both qualitative and quantitative approaches, known as a mixed-methods approach. The approach adopted in this research will identify the latest threats and risks experienced in BYOD environments. This research also investigates the level of user-awareness of BYOD security methods. The proposed framework will enhance the current techniques for risk management by improving risk detection and prediction of threats, as well as, enabling BYOD risk management systems to generate notifications and recommendations of possible preventive/mitigation actions to deal with them

Machine Learning-Enabled IoT Security: Open Issues and Challenges Under Advanced Persistent Threats

Despite its technological benefits, Internet of Things (IoT) has cyber weaknesses due to the vulnerabilities in the wireless medium. Machine learning (ML)-based methods are widely used against cyber threats in IoT networks with promising performance. Advanced persistent threat (APT) is prominent for cybercriminals to compromise networks, and it is crucial to long-term and harmful characteristics. However, it is difficult to apply ML-based approaches to identify APT attacks to obtain a promising detection performance due to an extremely small percentage among normal traffic. There are limited surveys to fully investigate APT attacks in IoT networks due to the lack of public datasets with all types of APT attacks. It is worth to bridge the state-of-the-art in network attack detection with APT attack detection in a comprehensive review article. This survey article reviews the security challenges in IoT networks and presents the well-known attacks, APT attacks, and threat models in IoT systems. Meanwhile, signature-based, anomaly-based, and hybrid intrusion detection systems are summarized for IoT networks. The article highlights statistical insights regarding frequently applied ML-based methods against network intrusion alongside the number of attacks types detected. Finally, open issues and challenges for common network intrusion and APT attacks are presented for future research.Comment: ACM Computing Surveys, 2022, 35 pages, 10 Figures, 8 Table

A systematic review of crime facilitated by the consumer Internet of Things

The nature of crime is changing — estimates suggest that at least half of all crime is now committed online. Once everyday objects (e.g. televisions, baby monitors, door locks) that are now internet connected, collectively referred to as the Internet of Things (IoT), have the potential to transform society, but this increase in connectivity may generate new crime opportunities. Here, we conducted a systematic review to inform understanding of these risks. We identify a number of high-level mechanisms through which offenders may exploit the consumer IoT including profiling, physical access control and the control of device audio/visual outputs. The types of crimes identified that could be facilitated by the IoT were wide ranging and included burglary, stalking, and sex crimes through to state level crimes including political subjugation. Our review suggests that the IoT presents substantial new opportunities for offending and intervention is needed now to prevent an IoT crime harvest

A holistic review of cybersecurity and reliability perspectives in smart airports

Advances in the Internet of Things (IoT) and aviation sector have resulted in the emergence of smart airports. Services and systems powered by the IoT enable smart airports to have enhanced robustness, efficiency and control, governed by real-time monitoring and analytics. Smart sensors control the environmental conditions inside the airport, automate passenger-related actions and support airport security. However, these augmentations and automation introduce security threats to network systems of smart airports. Cyber-attackers demonstrated the susceptibility of IoT systems and networks to Advanced Persistent Threats (APT), due to hardware constraints, software flaws or IoT misconfigurations. With the increasing complexity of attacks, it is imperative to safeguard IoT networks of smart airports and ensure reliability of services, as cyber-attacks can have tremendous consequences such as disrupting networks, cancelling travel, or stealing sensitive information. There is a need to adopt and develop new Artificial Intelligence (AI)-enabled cyber-defence techniques for smart airports, which will address the challenges brought about by the incorporation of IoT systems to the airport business processes, and the constantly evolving nature of contemporary cyber-attacks. In this study, we present a holistic review of existing smart airport applications and services enabled by IoT sensors and systems. Additionally, we investigate several types of cyber defence tools including AI and data mining techniques, and analyse their strengths and weaknesses in the context of smart airports. Furthermore, we provide a classification of smart airport sub-systems based on their purpose and criticality and address cyber threats that can affect the security of smart airport\u27s networks