1,627 research outputs found

    A Survey on Forensics and Compliance Auditing for Critical Infrastructure Protection

    Get PDF
    The broadening dependency and reliance that modern societies have on essential services provided by Critical Infrastructures is increasing the relevance of their trustworthiness. However, Critical Infrastructures are attractive targets for cyberattacks, due to the potential for considerable impact, not just at the economic level but also in terms of physical damage and even loss of human life. Complementing traditional security mechanisms, forensics and compliance audit processes play an important role in ensuring Critical Infrastructure trustworthiness. Compliance auditing contributes to checking if security measures are in place and compliant with standards and internal policies. Forensics assist the investigation of past security incidents. Since these two areas significantly overlap, in terms of data sources, tools and techniques, they can be merged into unified Forensics and Compliance Auditing (FCA) frameworks. In this paper, we survey the latest developments, methodologies, challenges, and solutions addressing forensics and compliance auditing in the scope of Critical Infrastructure Protection. This survey focuses on relevant contributions, capable of tackling the requirements imposed by massively distributed and complex Industrial Automation and Control Systems, in terms of handling large volumes of heterogeneous data (that can be noisy, ambiguous, and redundant) for analytic purposes, with adequate performance and reliability. The achieved results produced a taxonomy in the field of FCA whose key categories denote the relevant topics in the literature. Also, the collected knowledge resulted in the establishment of a reference FCA architecture, proposed as a generic template for a converged platform. These results are intended to guide future research on forensics and compliance auditing for Critical Infrastructure Protection.info:eu-repo/semantics/publishedVersio

    Fake News: Finding Truth in Strategic Communication

    Get PDF
    Fake news is an old phenomenon that has become a new obsession and a menace to society due to technological advancement and the proliferation of social media, which has changed traditional journalism norms. As the spread of false information has increased these past few years, it has become increasingly difficult for information consumers to distinguish between facts and fakes. A comprehensive systematic literature review to extract themes revealed the major factors responsible for spreading fake news. This qualitative interpretative meta-synthesis (QIMS) aims to better understand and offer solutions to combat fake news. This Ph.D. dissertation will serve as a guide for ethical communication practice and a reference for future research studies

    Evaluating the effect of curing conditions on the glass transition of the structural adhesive using conditional tabular generative adversarial networks

    Get PDF
    Owing to its structural advantages, adhesively bonding fibre-reinforced polymers have been a promising solution for strengthening constructions. However, the effectiveness of this technique is significantly influenced by the material properties of the adhesive layer, which are largely determined by its curing condition. A comprehensive analysis of the effect of curing conditions on structural adhesives is hampered by the lack of sufficient experimental data. To mitigate such a limitation, this present study utilises a deep machine learning (ML) tool, the conditional tabular generative adversarial networks (CTGAN), to generate plausible synthetic dataset for developing a robust data-driven model. An artificial neural network (ANN) was trained on synthetic data and tested on real data, following the "Train on Synthetic – Test on Real" philosophy. The ultimately developed CTGAN-ANN model was validated by newly conducted experiments and several published studies (R2 ≄ 0.95), which demonstrated the ability to provide accurate estimates of the glass transition temperature values of the polymer adhesive. A comprehensive evaluation of the effect of each curing condition variable on the adhesive was performed, which revealed the underlying relationships, indicating that curing temperature and curing time have a positive effect, but that curing humidity has a negative effect. The ML model developed could inform the practical use of the structural adhesive in civil engineering

    Security at the Edge for Resource-Limited IoT Devices

    Get PDF
    The Internet of Things (IoT) is rapidly growing, with an estimated 14.4 billion active endpoints in 2022 and a forecast of approximately 30 billion connected devices by 2027. This proliferation of IoT devices has come with significant security challenges, including intrinsic security vulnerabilities, limited computing power, and the absence of timely security updates. Attacks leveraging such shortcomings could lead to severe consequences, including data breaches and potential disruptions to critical infrastructures. In response to these challenges, this research paper presents the IoT Proxy, a modular component designed to create a more resilient and secure IoT environment, especially in resource-limited scenarios. The core idea behind the IoT Proxy is to externalize security-related aspects of IoT devices by channeling their traffic through a secure network gateway equipped with different Virtual Network Security Functions (VNSFs). Our solution includes a Virtual Private Network (VPN) terminator and an Intrusion Prevention System (IPS) that uses a machine learning-based technique called oblivious authentication to identify connected devices. The IoT Proxy’s modular, scalable, and externalized security approach creates a more resilient and secure IoT environment, especially for resource-limited IoT devices. The promising experimental results from laboratory testing demonstrate the suitability of IoT Proxy to secure real-world IoT ecosystems

    Multidisciplinary perspectives on Artificial Intelligence and the law

    Get PDF
    This open access book presents an interdisciplinary, multi-authored, edited collection of chapters on Artificial Intelligence (‘AI’) and the Law. AI technology has come to play a central role in the modern data economy. Through a combination of increased computing power, the growing availability of data and the advancement of algorithms, AI has now become an umbrella term for some of the most transformational technological breakthroughs of this age. The importance of AI stems from both the opportunities that it offers and the challenges that it entails. While AI applications hold the promise of economic growth and efficiency gains, they also create significant risks and uncertainty. The potential and perils of AI have thus come to dominate modern discussions of technology and ethics – and although AI was initially allowed to largely develop without guidelines or rules, few would deny that the law is set to play a fundamental role in shaping the future of AI. As the debate over AI is far from over, the need for rigorous analysis has never been greater. This book thus brings together contributors from different fields and backgrounds to explore how the law might provide answers to some of the most pressing questions raised by AI. An outcome of the Católica Research Centre for the Future of Law and its interdisciplinary working group on Law and Artificial Intelligence, it includes contributions by leading scholars in the fields of technology, ethics and the law.info:eu-repo/semantics/publishedVersio

    Risk and threat mitigation techniques in internet of things (IoT) environments: a survey

    Get PDF
    Security in the Internet of Things (IoT) remains a predominant area of concern. Although several other surveys have been published on this topic in recent years, the broad spectrum that this area aims to cover, the rapid developments and the variety of concerns make it impossible to cover the topic adequately. This survey updates the state of the art covered in previous surveys and focuses on defences and mitigations against threats rather than on the threats alone, an area that is less extensively covered by other surveys. This survey has collated current research considering the dynamicity of the IoT environment, a topic missed in other surveys and warrants particular attention. To consider the IoT mobility, a life-cycle approach is adopted to the study of dynamic and mobile IoT environments and means of deploying defences against malicious actors aiming to compromise an IoT network and to evolve their attack laterally within it and from it. This survey takes a more comprehensive and detailed step by analysing a broad variety of methods for accomplishing each of the mitigation steps, presenting these uniquely by introducing a “defence-in-depth” approach that could significantly slow down the progress of an attack in the dynamic IoT environment. This survey sheds a light on leveraging redundancy as an inherent nature of multi-sensor IoT applications, to improve integrity and recovery. This study highlights the challenges of each mitigation step, emphasises novel perspectives, and reconnects the discussed mitigation steps to the ground principles they seek to implement

    ARGUS: Context-Based Detection of Stealthy IoT Infiltration Attacks

    Full text link
    IoT application domains, device diversity and connectivity are rapidly growing. IoT devices control various functions in smart homes and buildings, smart cities, and smart factories, making these devices an attractive target for attackers. On the other hand, the large variability of different application scenarios and inherent heterogeneity of devices make it very challenging to reliably detect abnormal IoT device behaviors and distinguish these from benign behaviors. Existing approaches for detecting attacks are mostly limited to attacks directly compromising individual IoT devices, or, require predefined detection policies. They cannot detect attacks that utilize the control plane of the IoT system to trigger actions in an unintended/malicious context, e.g., opening a smart lock while the smart home residents are absent. In this paper, we tackle this problem and propose ARGUS, the first self-learning intrusion detection system for detecting contextual attacks on IoT environments, in which the attacker maliciously invokes IoT device actions to reach its goals. ARGUS monitors the contextual setting based on the state and actions of IoT devices in the environment. An unsupervised Deep Neural Network (DNN) is used for modeling the typical contextual device behavior and detecting actions taking place in abnormal contextual settings. This unsupervised approach ensures that ARGUS is not restricted to detecting previously known attacks but is also able to detect new attacks. We evaluated ARGUS on heterogeneous real-world smart-home settings and achieve at least an F1-Score of 99.64% for each setup, with a false positive rate (FPR) of at most 0.03%.Comment: To appear in the 32nd USENIX Security Symposium, August 2022, Anaheim CA, US

    La traduzione specializzata all’opera per una piccola impresa in espansione: la mia esperienza di internazionalizzazione in cinese di Bioretics© S.r.l.

    Get PDF
    Global markets are currently immersed in two all-encompassing and unstoppable processes: internationalization and globalization. While the former pushes companies to look beyond the borders of their country of origin to forge relationships with foreign trading partners, the latter fosters the standardization in all countries, by reducing spatiotemporal distances and breaking down geographical, political, economic and socio-cultural barriers. In recent decades, another domain has appeared to propel these unifying drives: Artificial Intelligence, together with its high technologies aiming to implement human cognitive abilities in machinery. The “Language Toolkit – Le lingue straniere al servizio dell’internazionalizzazione dell’impresa” project, promoted by the Department of Interpreting and Translation (ForlĂŹ Campus) in collaboration with the Romagna Chamber of Commerce (ForlĂŹ-Cesena and Rimini), seeks to help Italian SMEs make their way into the global market. It is precisely within this project that this dissertation has been conceived. Indeed, its purpose is to present the translation and localization project from English into Chinese of a series of texts produced by Bioretics© S.r.l.: an investor deck, the company website and part of the installation and use manual of the Aliquis© framework software, its flagship product. This dissertation is structured as follows: Chapter 1 presents the project and the company in detail; Chapter 2 outlines the internationalization and globalization processes and the Artificial Intelligence market both in Italy and in China; Chapter 3 provides the theoretical foundations for every aspect related to Specialized Translation, including website localization; Chapter 4 describes the resources and tools used to perform the translations; Chapter 5 proposes an analysis of the source texts; Chapter 6 is a commentary on translation strategies and choices
    • 

    corecore