PDF-Malware Detection: A Survey and Taxonomy of Current Techniques

Portable Document Format, more commonly known as PDF, has become, in the last 20 years, a standard for document exchange and dissemination due its portable nature and widespread adoption. The flexibility and power of this format are not only leveraged by benign users, but from hackers as well who have been working to exploit various types of vulnerabilities, overcome security restrictions, and then transform the PDF format in one among the leading malicious code spread vectors. Analyzing the content of malicious PDF files to extract the main features that characterize the malware identity and behavior, is a fundamental task for modern threat intelligence platforms that need to learn how to automatically identify new attacks. This paper surveys existing state of the art about systems for the detection of malicious PDF files and organizes them in a taxonomy that separately considers the used approaches and the data analyzed to detect the presence of malicious code. © Springer International Publishing AG, part of Springer Nature 2018

Security and Privacy for Green IoT-based Agriculture: Review, Blockchain solutions, and Challenges

open access articleThis paper presents research challenges on security and privacy issues in the field of green IoT-based agriculture. We start by describing a four-tier green IoT-based agriculture architecture and summarizing the existing surveys that deal with smart agriculture. Then, we provide a classification of threat models against green IoT-based agriculture into five categories, including, attacks against privacy, authentication, confidentiality, availability, and integrity properties. Moreover, we provide a taxonomy and a side-by-side comparison of the state-of-the-art methods toward secure and privacy-preserving technologies for IoT applications and how they will be adapted for green IoT-based agriculture. In addition, we analyze the privacy-oriented blockchain-based solutions as well as consensus algorithms for IoT applications and how they will be adapted for green IoT-based agriculture. Based on the current survey, we highlight open research challenges and discuss possible future research directions in the security and privacy of green IoT-based agriculture

Initiatives for rural development through collective action: the case of household participation in group activities in the highlands of Central Kenya

"Dimensions of the nature, scope, and complexity of collective action in Kenya have evolved over many years. In studying collective action, the aim is to understand why and how people participate in networks of trust. The purpose of this study was to investigate the different objectives that farmers pursue through collective action with the aim of understanding the patterns of people's participation in collective action, identify factors that influence people to join groups, and identify the costs and benefits of participating in activities of groups. The study was carried out in four sites spread across the highlands of central Kenya. Data was collected from a total of 442 households, focusing on whether members of those households belonged to groups and if so, what type of groups these were and their activities. In addition we looked at how these groups functioned and identified some of the contributions members make to these groups and the benefits from the same. The analysis shows that collective action is used to accomplish a range of activities for different socioeconomic categories and that the majority of households in central Kenya engage in some form of group activity.... The study suggests that where institutions and policies that promote individual or private sector growth are weak, collective action can help to overcome these weaknesses and connect individuals in these institutions and policies." from Author's AbstractCollective action, Trust, Community participation, cost benefit analysis, Household surveys, Gender,

Security and trust in cloud computing and IoT through applying obfuscation, diversification, and trusted computing technologies

Cloud computing and Internet of Things (IoT) are very widely spread and commonly used technologies nowadays. The advanced services offered by cloud computing have made it a highly demanded technology. Enterprises and businesses are more and more relying on the cloud to deliver services to their customers. The prevalent use of cloud means that more data is stored outside the organization’s premises, which raises concerns about the security and privacy of the stored and processed data. This highlights the significance of effective security practices to secure the cloud infrastructure. The number of IoT devices is growing rapidly and the technology is being employed in a wide range of sectors including smart healthcare, industry automation, and smart environments. These devices collect and exchange a great deal of information, some of which may contain critical and personal data of the users of the device. Hence, it is highly significant to protect the collected and shared data over the network; notwithstanding, the studies signify that attacks on these devices are increasing, while a high percentage of IoT devices lack proper security measures to protect the devices, the data, and the privacy of the users. In this dissertation, we study the security of cloud computing and IoT and propose software-based security approaches supported by the hardware-based technologies to provide robust measures for enhancing the security of these environments. To achieve this goal, we use obfuscation and diversification as the potential software security techniques. Code obfuscation protects the software from malicious reverse engineering and diversification mitigates the risk of large-scale exploits. We study trusted computing and Trusted Execution Environments (TEE) as the hardware-based security solutions. Trusted Platform Module (TPM) provides security and trust through a hardware root of trust, and assures the integrity of a platform. We also study Intel SGX which is a TEE solution that guarantees the integrity and confidentiality of the code and data loaded onto its protected container, enclave. More precisely, through obfuscation and diversification of the operating systems and APIs of the IoT devices, we secure them at the application level, and by obfuscation and diversification of the communication protocols, we protect the communication of data between them at the network level. For securing the cloud computing, we employ obfuscation and diversification techniques for securing the cloud computing software at the client-side. For an enhanced level of security, we employ hardware-based security solutions, TPM and SGX. These solutions, in addition to security, ensure layered trust in various layers from hardware to the application. As the result of this PhD research, this dissertation addresses a number of security risks targeting IoT and cloud computing through the delivered publications and presents a brief outlook on the future research directions.Pilvilaskenta ja esineiden internet ovat nykyään hyvin tavallisia ja laajasti sovellettuja tekniikkoja. Pilvilaskennan pitkälle kehittyneet palvelut ovat tehneet siitä hyvin kysytyn teknologian. Yritykset enenevässä määrin nojaavat pilviteknologiaan toteuttaessaan palveluita asiakkailleen. Vallitsevassa pilviteknologian soveltamistilanteessa yritykset ulkoistavat tietojensa käsittelyä yrityksen ulkopuolelle, minkä voidaan nähdä nostavan esiin huolia taltioitavan ja käsiteltävän tiedon turvallisuudesta ja yksityisyydestä. Tämä korostaa tehokkaiden turvallisuusratkaisujen merkitystä osana pilvi-infrastruktuurin turvaamista. Esineiden internet -laitteiden lukumäärä on nopeasti kasvanut. Teknologiana sitä sovelletaan laajasti monilla sektoreilla, kuten älykkäässä terveydenhuollossa, teollisuusautomaatiossa ja älytiloissa. Sellaiset laitteet keräävät ja välittävät suuria määriä informaatiota, joka voi sisältää laitteiden käyttäjien kannalta kriittistä ja yksityistä tietoa. Tästä syystä johtuen on erittäin merkityksellistä suojata verkon yli kerättävää ja jaettavaa tietoa. Monet tutkimukset osoittavat esineiden internet -laitteisiin kohdistuvien tietoturvahyökkäysten määrän olevan nousussa, ja samaan aikaan suuri osuus näistä laitteista ei omaa kunnollisia teknisiä ominaisuuksia itse laitteiden tai niiden käyttäjien yksityisen tiedon suojaamiseksi. Tässä väitöskirjassa tutkitaan pilvilaskennan sekä esineiden internetin tietoturvaa ja esitetään ohjelmistopohjaisia tietoturvalähestymistapoja turvautumalla osittain laitteistopohjaisiin teknologioihin. Esitetyt lähestymistavat tarjoavat vankkoja keinoja tietoturvallisuuden kohentamiseksi näissä konteksteissa. Tämän saavuttamiseksi työssä sovelletaan obfuskaatiota ja diversifiointia potentiaalisiana ohjelmistopohjaisina tietoturvatekniikkoina. Suoritettavan koodin obfuskointi suojaa pahantahtoiselta ohjelmiston takaisinmallinnukselta ja diversifiointi torjuu tietoturva-aukkojen laaja-alaisen hyödyntämisen riskiä. Väitöskirjatyössä tutkitaan luotettua laskentaa ja luotettavan laskennan suoritusalustoja laitteistopohjaisina tietoturvaratkaisuina. TPM (Trusted Platform Module) tarjoaa turvallisuutta ja luottamuksellisuutta rakentuen laitteistopohjaiseen luottamukseen. Pyrkimyksenä on taata suoritusalustan eheys. Työssä tutkitaan myös Intel SGX:ää yhtenä luotettavan suorituksen suoritusalustana, joka takaa suoritettavan koodin ja datan eheyden sekä luottamuksellisuuden pohjautuen suojatun säiliön, saarekkeen, tekniseen toteutukseen. Tarkemmin ilmaistuna työssä turvataan käyttöjärjestelmä- ja sovellusrajapintatasojen obfuskaation ja diversifioinnin kautta esineiden internet -laitteiden ohjelmistokerrosta. Soveltamalla samoja tekniikoita protokollakerrokseen, työssä suojataan laitteiden välistä tiedonvaihtoa verkkotasolla. Pilvilaskennan turvaamiseksi työssä sovelletaan obfuskaatio ja diversifiointitekniikoita asiakaspuolen ohjelmistoratkaisuihin. Vankemman tietoturvallisuuden saavuttamiseksi työssä hyödynnetään laitteistopohjaisia TPM- ja SGX-ratkaisuja. Tietoturvallisuuden lisäksi nämä ratkaisut tarjoavat monikerroksisen luottamuksen rakentuen laitteistotasolta ohjelmistokerrokseen asti. Tämän väitöskirjatutkimustyön tuloksena, osajulkaisuiden kautta, vastataan moniin esineiden internet -laitteisiin ja pilvilaskentaan kohdistuviin tietoturvauhkiin. Työssä esitetään myös näkemyksiä jatkotutkimusaiheista

A Review on Security Issues and Solutions of the Internet of Drones

The Internet of Drones (IoD) has attracted increasing attention in recent years because of its portability and automation, and is being deployed in a wide range of fields (e.g., military, rescue and entertainment). Nevertheless, as a result of the inherently open nature of radio transmission paths in the IoD, data collected, generated or handled by drones is plagued by many security concerns. Since security and privacy are among the foremost challenges for the IoD, in this paper we conduct a comprehensive review on security issues and solutions for IoD security, discussing IoD-related security requirements and identifying the latest advancement in IoD security research. This review analyzes a host of important security technologies with emphases on authentication techniques and blockchain-powered schemes. Based on a detailed analysis, we present the challenges faced by current methodologies and recommend future IoD security research directions. This review shows that appropriate security measures are needed to address IoD security issues, and that newly designed security solutions should particularly consider the balance between the level of security and cost efficiency

A Fog Computing Framework for Intrusion Detection of Energy-Based Attacks on UAV-Assisted Smart Farming

Precision agriculture and smart farming have received significant attention due to the advancements made in remote sensing technology to support agricultural efficiency. In large-scale agriculture, the role of unmanned aerial vehicles (UAVs) has increased in remote monitoring and collecting farm data at regular intervals. However, due to an open environment, UAVs can be hacked to malfunction and report false data. Due to limited battery life and flight times requiring frequent recharging, a compromised UAV wastes precious energy when performing unnecessary functions. Furthermore, it impacts other UAVs competing for charging times at the station, thus disrupting the entire data collection mechanism. In this paper, a fog computing-based smart farming framework is proposed that utilizes UAVs to gather data from IoT sensors deployed in farms and offloads it at fog sites deployed at the network edge. The framework adopts the concept of a charging token, where upon completing a trip, UAVs receive tokens from the fog node. These tokens can later be redeemed to charge the UAVs for their subsequent trips. An intrusion detection system is deployed at the fog nodes that utilize machine learning models to classify UAV behavior as malicious or benign. In the case of malicious classification, the fog node reduces the tokens, resulting in the UAV not being able to charge fully for the duration of the trip. Thus, such UAVs are automatically eliminated from the UAV pool. The results show a 99.7% accuracy in detecting intrusions. Moreover, due to token-based elimination, the system is able to conserve energy. The evaluation of CPU and memory usage benchmarks indicates that the system is capable of efficiently collecting smart-farm data, even in the presence of attacks

Expanding Australia\u27s defence capabilities for technological asymmetric advantage in information, cyber and space in the context of accelerating regional military modernisation: A systemic design approach

Introduction. The aim of the project was to conduct a systemic design study to evaluate Australia\u27sopportunities and barriers for achieving a technological advantage in light of regional military technological advancement. It focussed on the three domains of (1) cybersecurity technology, (2) information technology, and (3) space technology. Research process. Employing a systemic design approach, the study first leveraged scientometric analysis, utilising informetric mapping software (VOSviewer) to evaluate emerging trends and their implications on defence capabilities. This approach facilitated a broader understanding of the interdisciplinary nature of defence technologies, identifying key areas for further exploration. The subsequent survey study, engaging 828 professionals across STEM, space, aerospace, defence/ law enforcement, and ICT, aimed to assess the impact, deployment likelihood, and developmental timelines of the identified technologies. Finally, five experts were interviewed to help elaborate on the findings in the survey and translate them into implications for the ADF. Findings. Key findings revealed significant overlaps in technology clusters, highlighting ten specific technologies or trends as potential force multipliers for the ADF. Among these, cybersecurity of critical infrastructure and optimisation and other algorithmic technologies were recognised for their immediate potential and urgency, suggesting a prioritisation for development investment. The analysis presented a clear imperative for urgent and prioritised technological investments, specifically in cybersecurity and information technologies, followed by space technologies. The research also suggested partnerships that Australia should develop to keep ahead in terms of regional military modernisation. Implications. To maintain a competitive edge, there is an urgent need for investment in the development and application of these technologies, as nearly all disruptive technologies identified for their potential impact, deployment/utilization likelihood, extensive use, and novelty for defence purposes are needed in the near-term (less than 5 years – cybersecurity and information technologies) or medium-term (less than 10 years – space technologies). In line with this, technology investments should be prioritized as follows: Priority 1 includes Cyber Security of critical infrastructure and optimization algorithms; Priority 2 encompasses Unmanned and autonomous systems and weapons, Deep/Machine Learning, and Space-based command and communications systems; and Priority 3 involves Industry 4.0 technologies, Quantum technology, Electromagnetic and navigation warfare systems, Hypersonic weapons, and Directed energy weapons. At the policy level, underfunding, bureaucratic inertia and outdated procurement models needed to be addressed to enhance agility of innovation. More critically, Australia needed to come up with creative ways to recruit, train and retain human capital to develop, manage and use these sophisticated technologies. Finally, in order to maintain a lead over competitors (China, Russia, Iran, North Korea) in the regional military technology competition, the survey and interviews indicate that Australia should continue its military technology alliances with long-standing partners (US, Europe, Israel), broaden its collaborations with more recent partners (Japan, Singapore, South Korea), and establish partnerships with new ones (India, Malaysia, Vietnam, Pacific Island nations). Conclusion. This study sheds light on the future direction for the ADF and Defence in general, underscoring the importance of strategic investments in up-and-coming technologies. By pinpointing strategic voids, potential partnerships, and sovereign technologies with high potential, this report acts as a roadmap for bolstering Australia’s defence capabilities and safeguarding its strategic interests amidst regional technological changes

Hybrid routing in delay tolerant networks

This work addresses the integration of today\\u27s infrastructure-based networks with infrastructure-less networks. The resulting Hybrid Routing System allows for communication over both network types and can help to overcome cost, communication, and overload problems. Mobility aspect resulting from infrastructure-less networks are analyzed and analytical models developed. For development and deployment of the Hybrid Routing System an overlay-based framework is presented