Hazard analysis for the requirements specification of safety-critical systems using the combination of FHA and FTA techniques

Hazard Analysis (HA) is a crucial process for identifying and mitigating risks associated with systems development. However, current HA techniques suffer from several limitations, including a lack of preliminary hazard identification and inadequate hazard documentation, which can lead to system breakdowns. Therefore, this research aims to enhance HA techniques by addressing these limitations by conducting HA in requirement specification and producing a more comprehensive hazard log. To achieve this aim, a research methodology consisting of three phases was designed. Phase 1 involved analyzing existing HA techniques and identifying gaps in hazard analysis. Phase 2 involved developing a combined hazard analysis technique that addresses these key limitations by integrating functional hazard analysis (FHA) and fault tree analysis (FTA) techniques. The proposed technique is intended for use during the requirement specification of system development to produce a comprehensive hazard log. In Phase 3, the proposed technique was evaluated through a case study of a generic patient-controlled analgesia pump model. The performance of the proposed technique was evaluated using the F1-score measure, precision, and accuracy. Four evaluation methods were used to compare the results of single FHA, single FTA, using both FHA and FTA, and combining FHA and FTA techniques. The results showed that the combined FHA and FTA technique achieved the highest performance value of 0.96 for accuracy and 0.98 for precision, recall, and F1-score measure. This concludes that though individually FHA produces a large output data while FTA is not a preliminary technique yet both of them complements each other to achieve the aim of conducting HA in requirement specification and produce a minimalized and comprehensive hazard log. Based on these findings, the combined FHA and FTA technique is recommended for implementation during the requirement specification of systems development to identify hazards and produce a comprehensive hazard log. Future directions for research could include automating the technique to identify hazards by analyzing system functions using the causal factors in terms of variables

Unsupervised Anomaly Detectors to Detect Intrusions in the Current Threat Landscape

Anomaly detection aims at identifying unexpected fluctuations in the expected behavior of a given system. It is acknowledged as a reliable answer to the identification of zero-day attacks to such extent, several ML algorithms that suit for binary classification have been proposed throughout years. However, the experimental comparison of a wide pool of unsupervised algorithms for anomaly-based intrusion detection against a comprehensive set of attacks datasets was not investigated yet. To fill such gap, we exercise seventeen unsupervised anomaly detection algorithms on eleven attack datasets. Results allow elaborating on a wide range of arguments, from the behavior of the individual algorithm to the suitability of the datasets to anomaly detection. We conclude that algorithms as Isolation Forests, One-Class Support Vector Machines and Self-Organizing Maps are more effective than their counterparts for intrusion detection, while clustering algorithms represent a good alternative due to their low computational complexity. Further, we detail how attacks with unstable, distributed or non-repeatable behavior as Fuzzing, Worms and Botnets are more difficult to detect. Ultimately, we digress on capabilities of algorithms in detecting anomalies generated by a wide pool of unknown attacks, showing that achieved metric scores do not vary with respect to identifying single attacks.Comment: Will be published on ACM Transactions Data Scienc

An explainable artificial intelligence (xAI) framework for improving trust in automated ATM tools

With the increased use of intelligent Decision Support Tools in Air Traffic Management (ATM) and inclusion of non-traditional entities, regulators and end users need assurance that new technologies such as Artificial Intelligence (AI) and Machine Learning (ML) are trustworthy and safe. Although there is a wide amount of research on the technologies themselves, there seem to be a gap between research projects and practical implementation due to different regulatory and practical challenges including the need for transparency and explainability of solutions. In order to help address these challenges, a novel framework to enable trust on AI-based automated solutions is presented based on current guidelines and end user feedback. Finally, recommendations are provided to bridge the gap between research and implementation of AI and ML-based solutions using our framework as a mechanism to aid advances of AI technology within ATM

Detección de phishing por envenenamiento del servidor de nombre de dominio para evitar el robo de información en aplicaciones web de microempresas peruanas utilizando aprendizaje de máquina

A través de los últimos años los atacantes cibernéticos han venido mejorando la manera de ejecutar ataques, es así, que existen ya muchas técnicas hoy en día para el robo de información confidencial, tal es el caso de las técnicas de ingeniería social, es la táctica más utilizada por los ciberdelincuentes para manipular a las personas y así mismo divulgar información confidencial, existen ciertos tipos de ataques Phishing, como es el caso de los ataques de tienen como nombre Envenenamiento DNS, que es un tipo de ataque Phishing. El Envenenamiento DNS es un tipo de ataque especial donde el atacante no apunta a un solo usuario si no que envenena o ataca al servidor del Sistema de Nombres de Dominio (DNS), es así, que todos los usuarios que utilizan el servicio DNS serán víctimas de un ataque Phishing de este Tipo. Es por ello que numerosos trabajos de investigación se han venido desarrollando para la identificación de tipos de ataques de phishing por envenenamiento de DNS, Sin embargo, cada año los ciber delincuentes siguen cambiando sus estrategias de distintas nuevas formas, además de que son difíciles de detectar, es así que suelen aparecer también nuevos métodos para detectar ataques de tipo Phishing. Por esta Razón en este trabajo de investigación se realizó un estudio para detectar ataques de phishing por envenenamiento del servidor DNS en aplicaciones web, para esto se utilizaron algoritmos de Machine Learning en base a la mejor precisión que tuvieron en sus respectivos estudios. Los resultados obtenidos demuestran que de entre los algoritmos de detección como Naive Bayes, XGBoost, Random Forest, Perceptrón Multicapa, el que mejor resultados obtuvo fue Naive Bayes ya que este arrojó un 99.04% de precisión para la detección de ataques de envenenamiento a servidores DNS, seguido de Perceptrón Multicapa con un 80%, dejando atrás a los algoritmos de XGBoost y Random Forest con un 63% y 75% respectivamente. Entonces queda evidenciado que el algoritmo Naive Bayes puede detectar ataques de Phishing de una manera eficaz.TesisInfraestructura, Tecnología y Medio Ambient