1,627 research outputs found
A Survey on Forensics and Compliance Auditing for Critical Infrastructure Protection
The broadening dependency and reliance that modern societies have on essential services
provided by Critical Infrastructures is increasing the relevance of their trustworthiness. However, Critical
Infrastructures are attractive targets for cyberattacks, due to the potential for considerable impact, not just
at the economic level but also in terms of physical damage and even loss of human life. Complementing
traditional security mechanisms, forensics and compliance audit processes play an important role in ensuring
Critical Infrastructure trustworthiness. Compliance auditing contributes to checking if security measures are
in place and compliant with standards and internal policies. Forensics assist the investigation of past security
incidents. Since these two areas significantly overlap, in terms of data sources, tools and techniques, they can
be merged into unified Forensics and Compliance Auditing (FCA) frameworks. In this paper, we survey the
latest developments, methodologies, challenges, and solutions addressing forensics and compliance auditing
in the scope of Critical Infrastructure Protection. This survey focuses on relevant contributions, capable of
tackling the requirements imposed by massively distributed and complex Industrial Automation and Control
Systems, in terms of handling large volumes of heterogeneous data (that can be noisy, ambiguous, and
redundant) for analytic purposes, with adequate performance and reliability. The achieved results produced
a taxonomy in the field of FCA whose key categories denote the relevant topics in the literature. Also, the
collected knowledge resulted in the establishment of a reference FCA architecture, proposed as a generic
template for a converged platform. These results are intended to guide future research on forensics and
compliance auditing for Critical Infrastructure Protection.info:eu-repo/semantics/publishedVersio
Fake News: Finding Truth in Strategic Communication
Fake news is an old phenomenon that has become a new obsession and a menace to society due to technological advancement and the proliferation of social media, which has changed traditional journalism norms. As the spread of false information has increased these past few years, it has become increasingly difficult for information consumers to distinguish between facts and fakes. A comprehensive systematic literature review to extract themes revealed the major factors responsible for spreading fake news. This qualitative interpretative meta-synthesis (QIMS) aims to better understand and offer solutions to combat fake news. This Ph.D. dissertation will serve as a guide for ethical communication practice and a reference for future research studies
Evaluating the effect of curing conditions on the glass transition of the structural adhesive using conditional tabular generative adversarial networks
Owing to its structural advantages, adhesively bonding fibre-reinforced polymers have been a promising solution for strengthening constructions. However, the effectiveness of this technique is significantly influenced by the material properties of the adhesive layer, which are largely determined by its curing condition. A comprehensive analysis of the effect of curing conditions on structural adhesives is hampered by the lack of sufficient experimental data. To mitigate such a limitation, this present study utilises a deep machine learning (ML) tool, the conditional tabular generative adversarial networks (CTGAN), to generate plausible synthetic dataset for developing a robust data-driven model. An artificial neural network (ANN) was trained on synthetic data and tested on real data, following the "Train on Synthetic â Test on Real" philosophy. The ultimately developed CTGAN-ANN model was validated by newly conducted experiments and several published studies (R2 â„ 0.95), which demonstrated the ability to provide accurate estimates of the glass transition temperature values of the polymer adhesive. A comprehensive evaluation of the effect of each curing condition variable on the adhesive was performed, which revealed the underlying relationships, indicating that curing temperature and curing time have a positive effect, but that curing humidity has a negative effect. The ML model developed could inform the practical use of the structural adhesive in civil engineering
Security at the Edge for Resource-Limited IoT Devices
The Internet of Things (IoT) is rapidly growing, with an estimated 14.4 billion active endpoints in 2022 and a forecast of approximately 30 billion connected devices by 2027. This proliferation of IoT devices has come with significant security challenges, including intrinsic security vulnerabilities, limited computing power, and the absence of timely security updates. Attacks leveraging such shortcomings could lead to severe consequences, including data breaches and potential disruptions to critical infrastructures.
In response to these challenges, this research paper presents the IoT Proxy, a modular component designed to create a more resilient and secure IoT environment, especially in resource-limited scenarios.
The core idea behind the IoT Proxy is to externalize security-related aspects of IoT devices by channeling their traffic through a secure network gateway equipped with different Virtual Network Security Functions (VNSFs). Our solution includes a Virtual Private Network (VPN) terminator and an Intrusion Prevention System (IPS) that uses a machine learning-based technique called oblivious authentication to identify connected devices. The IoT Proxyâs modular, scalable, and externalized security approach creates a more resilient and secure IoT environment, especially for resource-limited IoT devices. The promising experimental results from laboratory testing demonstrate the suitability of IoT Proxy to secure real-world IoT ecosystems
Multidisciplinary perspectives on Artificial Intelligence and the law
This open access book presents an interdisciplinary, multi-authored, edited collection of chapters on Artificial Intelligence (âAIâ) and the Law. AI technology has come to play a central role in the modern data economy. Through a combination of increased computing power, the growing availability of data and the advancement of algorithms, AI has now become an umbrella term for some of the most transformational technological breakthroughs of this age. The importance of AI stems from both the opportunities that it offers and the challenges that it entails. While AI applications hold the promise of economic growth and efficiency gains, they also create significant risks and uncertainty. The potential and perils of AI have thus come to dominate modern discussions of technology and ethics â and although AI was initially allowed to largely develop without guidelines or rules, few would deny that the law is set to play a fundamental role in shaping the future of AI. As the debate over AI is far from over, the need for rigorous analysis has never been greater. This book thus brings together contributors from different fields and backgrounds to explore how the law might provide answers to some of the most pressing questions raised by AI. An outcome of the CatĂłlica Research Centre for the Future of Law and its interdisciplinary working group on Law and Artificial Intelligence, it includes contributions by leading scholars in the fields of technology, ethics and the law.info:eu-repo/semantics/publishedVersio
Risk and threat mitigation techniques in internet of things (IoT) environments: a survey
Security in the Internet of Things (IoT) remains a predominant area of concern. Although several other surveys have been published on this topic in recent years, the broad spectrum that this area aims to cover, the rapid developments and the variety of concerns make it impossible to cover the topic adequately. This survey updates the state of the art covered in previous surveys and focuses on defences and mitigations against threats rather than on the threats alone, an area that is less extensively covered by other surveys. This survey has collated current research considering the dynamicity of the IoT environment, a topic missed in other surveys and warrants particular attention. To consider the IoT mobility, a life-cycle approach is adopted to the study of dynamic and mobile IoT environments and means of deploying defences against malicious actors aiming to compromise an IoT network and to evolve their attack laterally within it and from it. This survey takes a more comprehensive and detailed step by analysing a broad variety of methods for accomplishing each of the mitigation steps, presenting these uniquely by introducing a âdefence-in-depthâ approach that could significantly slow down the progress of an attack in the dynamic IoT environment. This survey sheds a light on leveraging redundancy as an inherent nature of multi-sensor IoT applications, to improve integrity and recovery. This study highlights the challenges of each mitigation step, emphasises novel perspectives, and reconnects the discussed mitigation steps to the ground principles they seek to implement
ARGUS: Context-Based Detection of Stealthy IoT Infiltration Attacks
IoT application domains, device diversity and connectivity are rapidly
growing. IoT devices control various functions in smart homes and buildings,
smart cities, and smart factories, making these devices an attractive target
for attackers. On the other hand, the large variability of different
application scenarios and inherent heterogeneity of devices make it very
challenging to reliably detect abnormal IoT device behaviors and distinguish
these from benign behaviors. Existing approaches for detecting attacks are
mostly limited to attacks directly compromising individual IoT devices, or,
require predefined detection policies. They cannot detect attacks that utilize
the control plane of the IoT system to trigger actions in an
unintended/malicious context, e.g., opening a smart lock while the smart home
residents are absent.
In this paper, we tackle this problem and propose ARGUS, the first
self-learning intrusion detection system for detecting contextual attacks on
IoT environments, in which the attacker maliciously invokes IoT device actions
to reach its goals. ARGUS monitors the contextual setting based on the state
and actions of IoT devices in the environment. An unsupervised Deep Neural
Network (DNN) is used for modeling the typical contextual device behavior and
detecting actions taking place in abnormal contextual settings. This
unsupervised approach ensures that ARGUS is not restricted to detecting
previously known attacks but is also able to detect new attacks. We evaluated
ARGUS on heterogeneous real-world smart-home settings and achieve at least an
F1-Score of 99.64% for each setup, with a false positive rate (FPR) of at most
0.03%.Comment: To appear in the 32nd USENIX Security Symposium, August 2022, Anaheim
CA, US
La traduzione specializzata allâopera per una piccola impresa in espansione: la mia esperienza di internazionalizzazione in cinese di Bioretics© S.r.l.
Global markets are currently immersed in two all-encompassing and unstoppable processes: internationalization and globalization. While the former pushes companies to look beyond the borders of their country of origin to forge relationships with foreign trading partners, the latter fosters the standardization in all countries, by reducing spatiotemporal distances and breaking down geographical, political, economic and socio-cultural barriers. In recent decades, another domain has appeared to propel these unifying drives: Artificial Intelligence, together with its high technologies aiming to implement human cognitive abilities in machinery. The âLanguage Toolkit â Le lingue straniere al servizio dellâinternazionalizzazione dellâimpresaâ project, promoted by the Department of Interpreting and Translation (ForlĂŹ Campus) in collaboration with the Romagna Chamber of Commerce (ForlĂŹ-Cesena and Rimini), seeks to help Italian SMEs make their way into the global market. It is precisely within this project that this dissertation has been conceived. Indeed, its purpose is to present the translation and localization project from English into Chinese of a series of texts produced by Bioretics© S.r.l.: an investor deck, the company website and part of the installation and use manual of the Aliquis© framework software, its flagship product. This dissertation is structured as follows: Chapter 1 presents the project and the company in detail; Chapter 2 outlines the internationalization and globalization processes and the Artificial Intelligence market both in Italy and in China; Chapter 3 provides the theoretical foundations for every aspect related to Specialized Translation, including website localization; Chapter 4 describes the resources and tools used to perform the translations; Chapter 5 proposes an analysis of the source texts; Chapter 6 is a commentary on translation strategies and choices
- âŠ