5 research outputs found
Hazard analysis for the requirements specification of safety-critical systems using the combination of FHA and FTA techniques
Hazard Analysis (HA) is a crucial process for identifying and mitigating risks associated with systems development. However, current HA techniques suffer from several limitations, including a lack of preliminary hazard identification and inadequate hazard documentation, which can lead to system breakdowns. Therefore, this research aims to enhance HA techniques by addressing these limitations by conducting HA in requirement specification and producing a more comprehensive hazard log. To achieve this aim, a research methodology consisting of three phases was designed. Phase 1 involved analyzing existing HA techniques and identifying gaps in hazard analysis. Phase 2 involved developing a combined hazard analysis technique that addresses these key limitations by integrating functional hazard analysis (FHA) and fault tree analysis (FTA) techniques. The proposed technique is intended for use during the requirement specification of system development to produce a comprehensive hazard log. In Phase 3, the proposed technique was evaluated through a case study of a generic patient-controlled analgesia pump model. The performance of the proposed technique was evaluated using the F1-score measure, precision, and accuracy. Four evaluation methods were used to compare the results of single FHA, single FTA, using both FHA and FTA, and combining FHA and FTA techniques. The results showed that the combined FHA and FTA technique achieved the highest performance value of 0.96 for accuracy and 0.98 for precision, recall, and F1-score measure. This concludes that though individually FHA produces a large output data while FTA is not a preliminary technique yet both of them complements each other to achieve the aim of conducting HA in requirement specification and produce a minimalized and comprehensive hazard log. Based on these findings, the combined FHA and FTA technique is recommended for implementation during the requirement specification of systems development to identify hazards and produce a comprehensive hazard log. Future directions for research could include automating the technique to identify hazards by analyzing system functions using the causal factors in terms of variables
Unsupervised Anomaly Detectors to Detect Intrusions in the Current Threat Landscape
Anomaly detection aims at identifying unexpected fluctuations in the expected
behavior of a given system. It is acknowledged as a reliable answer to the
identification of zero-day attacks to such extent, several ML algorithms that
suit for binary classification have been proposed throughout years. However,
the experimental comparison of a wide pool of unsupervised algorithms for
anomaly-based intrusion detection against a comprehensive set of attacks
datasets was not investigated yet. To fill such gap, we exercise seventeen
unsupervised anomaly detection algorithms on eleven attack datasets. Results
allow elaborating on a wide range of arguments, from the behavior of the
individual algorithm to the suitability of the datasets to anomaly detection.
We conclude that algorithms as Isolation Forests, One-Class Support Vector
Machines and Self-Organizing Maps are more effective than their counterparts
for intrusion detection, while clustering algorithms represent a good
alternative due to their low computational complexity. Further, we detail how
attacks with unstable, distributed or non-repeatable behavior as Fuzzing, Worms
and Botnets are more difficult to detect. Ultimately, we digress on
capabilities of algorithms in detecting anomalies generated by a wide pool of
unknown attacks, showing that achieved metric scores do not vary with respect
to identifying single attacks.Comment: Will be published on ACM Transactions Data Scienc
An explainable artificial intelligence (xAI) framework for improving trust in automated ATM tools
With the increased use of intelligent Decision Support Tools in Air Traffic Management (ATM) and inclusion of non-traditional entities, regulators and end users need assurance that new technologies such as Artificial Intelligence (AI) and Machine Learning (ML) are trustworthy and safe. Although there is a wide amount of research on the technologies themselves, there seem to be a gap between research projects and practical implementation due to different regulatory and practical challenges including the need for transparency and explainability of solutions. In order to help address these challenges, a novel framework to enable trust on AI-based automated solutions is presented based on current guidelines and end user feedback. Finally, recommendations are provided to bridge the gap between research and implementation of AI and ML-based solutions using our framework as a mechanism to aid advances of AI technology within ATM
Detección de phishing por envenenamiento del servidor de nombre de dominio para evitar el robo de información en aplicaciones web de microempresas peruanas utilizando aprendizaje de máquina
A través de los últimos años los atacantes cibernéticos han venido mejorando la manera de
ejecutar ataques, es asÃ, que existen ya muchas técnicas hoy en dÃa para el robo de
información confidencial, tal es el caso de las técnicas de ingenierÃa social, es la táctica más
utilizada por los ciberdelincuentes para manipular a las personas y asà mismo divulgar
información confidencial, existen ciertos tipos de ataques Phishing, como es el caso de los
ataques de tienen como nombre Envenenamiento DNS, que es un tipo de ataque Phishing.
El Envenenamiento DNS es un tipo de ataque especial donde el atacante no apunta a un solo
usuario si no que envenena o ataca al servidor del Sistema de Nombres de Dominio (DNS),
es asÃ, que todos los usuarios que utilizan el servicio DNS serán vÃctimas de un ataque
Phishing de este Tipo. Es por ello que numerosos trabajos de investigación se han venido
desarrollando para la identificación de tipos de ataques de phishing por envenenamiento de
DNS, Sin embargo, cada año los ciber delincuentes siguen cambiando sus estrategias de
distintas nuevas formas, además de que son difÃciles de detectar, es asà que suelen aparecer
también nuevos métodos para detectar ataques de tipo Phishing. Por esta Razón en este
trabajo de investigación se realizó un estudio para detectar ataques de phishing por
envenenamiento del servidor DNS en aplicaciones web, para esto se utilizaron algoritmos de
Machine Learning en base a la mejor precisión que tuvieron en sus respectivos estudios. Los
resultados obtenidos demuestran que de entre los algoritmos de detección como Naive
Bayes, XGBoost, Random Forest, Perceptrón Multicapa, el que mejor resultados obtuvo fue
Naive Bayes ya que este arrojó un 99.04% de precisión para la detección de ataques de
envenenamiento a servidores DNS, seguido de Perceptrón Multicapa con un 80%, dejando
atrás a los algoritmos de XGBoost y Random Forest con un 63% y 75% respectivamente.
Entonces queda evidenciado que el algoritmo Naive Bayes puede detectar ataques de
Phishing de una manera eficaz.TesisInfraestructura, TecnologÃa y Medio Ambient