Threats on the horizon: Understanding security threats in the era of cyber-physical systems

Disruptive innovations of the last few decades, such as smart cities and Industry 4.0, were made possible by higher integration of physical and digital elements. In today's pervasive cyber-physical systems, connecting more devices introduces new vulnerabilities and security threats. With increasing cybersecurity incidents, cybersecurity professionals are becoming incapable of addressing what has become the greatest threat climate than ever before. This research investigates the spectrum of risk of a cybersecurity incident taking place in the cyber-physical-enabled world using the VERIS Community Database. The findings were that the majority of known actors were from the US and Russia, most victims were from western states and geographic origin tended to reflect global affairs. The most commonly targeted asset was information, with the majority of attack modes relying on privilege abuse. The key feature observed was extensive internal security breaches, most often a result of human error. This tends to show that access in any form appears to be the source of vulnerability rather than incident specifics due to a fundamental trade-off between usability and security in the design of computer systems. This provides fundamental evidence of the need for a major reevaluation of the founding principles in cybersecurity

Critical analysis of Big Data Challenges and analytical methods

Big Data (BD), with their potential to ascertain valued insights for enhanced decision-making process, have recently attracted substantial interest from both academics and practitioners. Big Data Analytics (BDA) is increasingly becoming a trending practice that many organizations are adopting with the purpose of constructing valuable information from BD. The analytics process, including the deployment and use of BDA tools, is seen by organizations as a tool to improve operational efficiency though it has strategic potential, drive new revenue streams and gain competitive advantages over business rivals. However, there are different types of analytic applications to consider. Therefore, prior to hasty use and buying costly BD tools, there is a need for organizations to first understand the BDA landscape. Given the significant nature of the BD and BDA, this paper presents a state-of-the-art review that presents a holistic view of the BD challenges and BDA methods theorized/proposed/employed by organizations to help others understand this landscape with the objective of making robust investment decisions. In doing so, systematically analysing and synthesizing the extant research published on BD and BDA area. More specifically, the authors seek to answer the following two principal questions: Q1 – What are the different types of BD challenges theorized/proposed/confronted by organizations? and Q2 – What are the different types of BDA methods theorized/proposed/employed to overcome BD challenges?. This systematic literature review (SLR) is carried out through observing and understanding the past trends and extant patterns/themes in the BDA research area, evaluating contributions, summarizing knowledge, thereby identifying limitations, implications and potential further research avenues to support the academic community in exploring research themes/patterns. Thus, to trace the implementation of BD strategies, a profiling method is employed to analyze articles (published in English-speaking peer-reviewed journals between 1996 and 2015) extracted from the Scopus database. The analysis presented in this paper has identified relevant BD research studies that have contributed both conceptually and empirically to the expansion and accrual of intellectual wealth to the BDA in technology and organizational resource management discipline

A theoretical exploration of data management and integration in organisation sectors

Big data development is a disturbing issue that will affect enterprise across various sectors. The increase of data volume, high speed of data generation and increasing rate of different data from heterogeneous sources have led to difficulties in data management. This paper first reviews different aspects of big data management, including data integration and traditional data warehouse, and their associated challenges. The problems include increase of redundant data, data accessibility, time consumption in data modelling and data movement from heterogeneous sources into a central database, especially in the big data environment. We then propose a logical data management approach using RESTview technology to integrate and analyse data, without fully adopting traditional ETL processes. Data that for governance, corporate, security or other restriction reasons cannot be copied or moved, can easily be accessed, integrated and analysed, without creating a central repository. Data can be kept in its original form and location, eliminating the movement of data, significantly speeding up the process and allowing for live data interrogation. It may not be the practical solution for every situation but, it is a feasible solution that is comparably cost effectiv

Strategies Used by Cloud Security Managers to Implement Secure Access Methods

Cloud computing can be used as a way to access services and resources for many organizations; however, hackers have created security concerns for users that incorporate cloud computing in their everyday functions. The purpose of this qualitative multiple case study was to explore strategies used by cloud security managers to implement secure access methods to protect data on the cloud infrastructure. The population for this study was cloud security managers employed by 2 medium size businesses in the Atlanta, Georgia metropolitan area and that have strategies to implement secure access methods to protect data on the cloud infrastructure. The technology acceptance model was used as the conceptual framework for the study. Data were collected from semi-structured interviews of 7 security managers and review of 21 archived documents that reflected security strategies from past security issues that occurred. Data analysis was performed using methodological triangulation and resulted in the identification of three major themes: implementing security policies, implementing strong authentication methods, and implementing strong access control methods. The findings from this research may contribute to positive social by decreasing customers\u27 concerns regarding personal information that is stored on the cloud being compromised

Computational Methods for Medical and Cyber Security

Over the past decade, computational methods, including machine learning (ML) and deep learning (DL), have been exponentially growing in their development of solutions in various domains, especially medicine, cybersecurity, finance, and education. While these applications of machine learning algorithms have been proven beneficial in various fields, many shortcomings have also been highlighted, such as the lack of benchmark datasets, the inability to learn from small datasets, the cost of architecture, adversarial attacks, and imbalanced datasets. On the other hand, new and emerging algorithms, such as deep learning, one-shot learning, continuous learning, and generative adversarial networks, have successfully solved various tasks in these fields. Therefore, applying these new methods to life-critical missions is crucial, as is measuring these less-traditional algorithms' success when used in these fields

Information privacy for linked data

Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2013.This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.Cataloged from student-submitted PDF version of thesis.Includes bibliographical references (pages 77-79).As data mining over massive amounts of linked data becomes more and more prevalent in research applications, information privacy becomes a more important issue. This is especially true in the biological and medical fields, where information sensitivity is high. Previous experience has shown that simple anonymization techniques, such as removing an individual's name from a data set, are inadequate to fully protect the data's participants. While strong privacy guarantees have been studied for relational databases, these are virtually non-existent for graph-structured linked data. This line of research is important, however, since the aggregation of data across different web sources may lead to privacy leaks. The ontological structure of linked data especially aids these attacks on privacy. The purpose of this thesis is two-fold. The first is to investigate differential privacy, a strong privacy guarantee, and how to construct differentially-private mechanisms for linked data. The second involves the design and implementation of the SPARQL Privacy Insurance Module (SPIM). Using a combination of well-studied techniques, such as authentication and access control, and the mechanisms developed to maintain differential privacy over linked data, it attempts to limit privacy hazards for SPARQL queries. By using these privacy-preservation techniques, data owners may be more willing to share their data sets with other researchers without the fear that it will be misused. Consequently, we can expect greater sharing of information, which will foster collaboration and improve the types of data that researchers can have access to.by Yotam Aron.M. Eng

Design Principles for A Big Data Platform: a Value Conscious Exploration

Problem space covering the design of Big Data is vast and multi-faceted. First and foremost, it relates to the disturbance caused by the Big Data phenomenon, affecting both the people and the processes of organizations. These disturbances are a result of design choices made, both relating to technology and to the approaches used in the exploitation of opportunities offered by Big Data. These design choices are, in the end, based on the values of the designers and processed either consciously or unconsciously. This problem space was explored with the methods of Design Science. The objective was to develop a continuously evolving and growing Big Data platform. To ensure the platform would be maintainable and developable during the whole life cycle, including situations that are impossible to foretell, it was hypothesized that by examining the purpose of the platform and by identifying consciously the values related to the platform, Big Data technologies, and to the actual usage in the envisioned environment, design principles could be created with integrating the identified values. These design princi-ples would guide the development of the platform in the unpredictable situations of the future. To discover the goals, benefits and the harms for the stakeholders created by the devel-opment and the usage of such a platform, methods of Value Sensitive Design were incorporated within the Design Science approach. These included empirical, conceptual, and technological investigations. During the technological investigations, two prototypes were built, the last of which will continue existence as the base of future development, and a cloud-based solution was briefly probed. Empirical investigations included project review of existing project documentation, organization of a workshop, employment of an empirical method to identify stakeholders, and the themed interviews of 16 stakeholders. Conceptual investigations were used in the identification of values. Based on these investigations and literature seven general design principles of Big Data platforms were identified and their instantiations in the case project were described. Application of these principles in the project was also documented.fi=Opinnäytetyö kokotekstinä PDF-muodossa.|en=Thesis fulltext in PDF format.|sv=Lärdomsprov tillgängligt som fulltext i PDF-format

e-Skills: The International dimension and the Impact of Globalisation - Final Report 2014

In today’s increasingly knowledge-based economies, new information and communication technologies are a key engine for growth fuelled by the innovative ideas of highly - skilled workers. However, obtaining adequate quantities of employees with the necessary e-skills is a challenge. This is a growing international problem with many countries having an insufficient numbers of workers with the right e-Skills. For example: Australia: “Even though there’s 10,000 jobs a year created in IT, there are only 4500 students studying IT at university, and not all of them graduate” (Talevski and Osman, 2013). Brazil: “Brazil’s ICT sector requires about 78,000 [new] people by 2014. But, according to Brasscom, there are only 33,000 youths studying ICT related courses in the country” (Ammachchi, 2012). Canada: “It is widely acknowledged that it is becoming inc reasingly difficult to recruit for a variety of critical ICT occupations –from entry level to seasoned” (Ticoll and Nordicity, 2012). Europe: It is estimated that there will be an e-skills gap within Europe of up to 900,000 (main forecast scenario) ICT pr actitioners by 2020” (Empirica, 2014). Japan: It is reported that 80% of IT and user companies report an e-skills shortage (IPA, IT HR White Paper, 2013) United States: “Unlike the fiscal cliff where we are still peering over the edge, we careened over the “IT Skills Cliff” some years ago as our economy digitalized, mobilized and further “technologized”, and our IT skilled labour supply failed to keep up” (Miano, 2013)

Data Mining

Data mining is a branch of computer science that is used to automatically extract meaningful, useful knowledge and previously unknown, hidden, interesting patterns from a large amount of data to support the decision-making process. This book presents recent theoretical and practical advances in the field of data mining. It discusses a number of data mining methods, including classification, clustering, and association rule mining. This book brings together many different successful data mining studies in various areas such as health, banking, education, software engineering, animal science, and the environment