An Event Based Digital Forensic Scheme for Vehicular Networks

The software in today's cars has become increasingly important in recent years. The development of high-tech driver assistance devices has helped fuel this movement. This tendency is anticipated to accelerate with the advent of completely autonomous vehicles. As more modern vehicles incorporate software and security-based solutions, "Event-Based digital forensics," the analysis of digital evidence of accidents and warranty claims, has become increasingly significant. The objective of this study is to ascertain, in a realistic setting, whether or not digital forensics can be successfully applied to a state-of-the-art automobile. We did this by dissecting the procedure of automotive forensics, which is used on in-car systems to track the mysterious activity by means of digital evidence. We did this by applying established methods of digital forensics to a state-of-the-art car.Our research employs specialized cameras installed in the study areas and a log of system activity that may be utilized as future digital proof to examine the effectiveness of security checkpoints and other similar technologies. The goal is to keep an eye on the vehicles entering the checkpoint, look into them if there is any reason to suspect anything, and then take the appropriate measures. The problem with analyzing this data is that it is becoming increasingly complex and time-consuming as the amount of data that has been collected keeps growing. In this paper, we outline a high-level methodology for automotive forensics to fill in the blanks, and we put it through its paces on a network simulator in a state-of-the-art vehicle to simulate a scenario in which devices are tampered with while the car is in motion. Here, we test how well the strategy functions. Diagnostics over IP (Diagnostics over IP), on-board diagnostics interface, and unified diagnostic services are all used during implementation. To work, our solution requires vehicles to be able to exchange diagnostic information wirelessly.These results show that it is possible to undertake automotive forensic analysis on state-of-the-art vehicles without using intrusion detection systems or event data recorders, and they lead the way towards a more fruitful future for automotive forensics. The results also show that modern autos are amenable to forensic automotive analysis

Intelligent zero-day intrusion detection framework for internet of things

Zero-day intrusion detection system faces serious challenges as hundreds of thousands of new instances of malware are being created every day to cause harm or damage to the computer system. Cyber-attacks are becoming more sophisticated, leading to challenges in intrusion detection. There are many Intrusion Detection Systems (IDSs), which are proposed to identify abnormal activities, but most of these IDSs produce a large number of false positives and low detection accuracy. Hence, a significant quantity of false positives could generate a high-level of alerts in a short period of time as the normal activities are classified as intrusion activities. This thesis proposes a novel framework of hybrid intrusion detection system that integrates the Signature Intrusion Detection System (SIDS) with the Anomaly Intrusion Detection System (AIDS) to detect zero-day attacks with high accuracy. SIDS has been used to identify previously known intrusions, and AIDS has been applied to detect unknown zero-day intrusions. The goal of this research is to combine the strengths of each technique toward the development of a hybrid framework for the efficient intrusion detection system. A number of performance measures including accuracy, F-measure and area under ROC curve have been used to evaluate the efficacy of our proposed models and to compare and contrast with existing approaches. Extensive simulation results conducted in this thesis show that the proposed framework is capable of yielding excellent detection performance when tested with a number of widely used benchmark datasets in the intrusion detection system domain. Experiments show that the proposed hybrid IDS provides higher detection rate and lower false-positive rate in detecting intrusions as compared to the SIDS and AIDS techniques individually.Doctor of Philosoph

Smart Animal Repelling Device: Utilizing IoT and AI for Effective Anti-Adaptive Harmful Animal Deterrence

The coexistence of human populations with wildlife often leads to conflicts in which harmful animals cause damage to crops and property and threaten human welfare. Certain limitations influence the effectiveness and environmental impacts of traditional methods used to repel animals. The present research outlines a growth of solutions that utilize the Internet of Things and machine learning techniques to address this issue. This study centers on a Smart Animal Repelling Device (SARD) that seeks to safeguard crops from ungulate assaults, substantially reducing production expenditures. This is achieved by developing virtual fences that use Artificial Intelligence (AI) and ultrasonic emission. This study introduces a comprehensive distributed system for resource management in Edge or Fog settings. The SARD framework leverages the principle of containerization and utilizes Docker containers to execute Internet of Things (IoT) applications in microservices. The software system inside the suggested structure can include various IoT applications and resources and power management strategies for Edge and fog computing systems. The experimental findings demonstrate that the intelligent animal-repellent system effectively uses animal detection on power-efficient computational methods. This implementation ensures the system maintains high mean average accuracy (93.25%) while simultaneously meeting real-time demands for anti-adaptive harmful animal deterrence

SUTMS - Unified Threat Management Framework for Home Networks

Home networks were initially designed for web browsing and non-business critical applications. As infrastructure improved, internet broadband costs decreased, and home internet usage transferred to e-commerce and business-critical applications. Today’s home computers host personnel identifiable information and financial data and act as a bridge to corporate networks via remote access technologies like VPN. The expansion of remote work and the transition to cloud computing have broadened the attack surface for potential threats. Home networks have become the extension of critical networks and services, hackers can get access to corporate data by compromising devices attacked to broad- band routers. All these challenges depict the importance of home-based Unified Threat Management (UTM) systems. There is a need of unified threat management framework that is developed specifically for home and small networks to address emerging security challenges. In this research, the proposed Smart Unified Threat Management (SUTMS) framework serves as a comprehensive solution for implementing home network security, incorporating firewall, anti-bot, intrusion detection, and anomaly detection engines into a unified system. SUTMS is able to provide 99.99% accuracy with 56.83% memory improvements. IPS stands out as the most resource-intensive UTM service, SUTMS successfully reduces the performance overhead of IDS by integrating it with the flow detection mod- ule. The artifact employs flow analysis to identify network anomalies and categorizes encrypted traffic according to its abnormalities. SUTMS can be scaled by introducing optional functions, i.e., routing and smart logging (utilizing Apriori algorithms). The research also tackles one of the limitations identified by SUTMS through the introduction of a second artifact called Secure Centralized Management System (SCMS). SCMS is a lightweight asset management platform with built-in security intelligence that can seamlessly integrate with a cloud for real-time updates

Conversational Code Analysis: The Future of Secure Coding

The area of software development and secure coding can benefit significantly from advancements in virtual assistants. Research has shown that many coders neglect security in favor of meeting deadlines. This shortcoming leaves systems vulnerable to attackers. While a plethora of tools are available for programmers to scan their code for vulnerabilities, finding the right tool can be challenging. It is therefore imperative to adopt measures to get programmers to utilize code analysis tools that will help them produce more secure code. This chapter looks at the limitations of existing approaches to secure coding and proposes a methodology that allows programmers to scan and fix vulnerabilities in program code by communicating with virtual assistants on their smart devices. With the ubiquitous move towards virtual assistants, it is important to design systems that are more reliant on voice than on standard point-and-click and keyboard-driven approaches. Consequently, we propose MyCodeAnalyzer, a Google Assistant app and code analysis framework, which was designed to interactively scan program code for vulnerabilities and flaws using voice commands during development. We describe the proposed methodology, implement a prototype, test it on a vulnerable project and present our results

Design and analysis of information fusion, dynamic sensor management rules for cyber security systems using simulation

Computer networks are vulnerable to attacks from outside threats. Intrusion detection systems are used to monitor computer networks for attacker activity. Intrusion detection systems consist of a set of sensors placed strategically throughout a computer network. The large amounts of data produced by intrusion detection system sensors may be sent to and processed by information fusion engines. Information fusion engines correlate alerts and identify attack paths of attackers. Sensor management strategies are developed to minimize the time taken to process attack data, minimize the bandwidth used by the security system of a network, and maximize the number of attacks successfully tracked. An experimental performance evaluation is conducted on sensor management strategies utilizing a variety of representative network topologies, network sizes, alert rates and attack scenarios so that a robust sensor management strategy can be identified. Performance measures of interest include the average time taken to process a real alert at the fusion engine, the percentage of real alerts processed, the percentage of noise alerts processed, the average bandwidth used to transfer alerts, and ability of a sensor management rule to successfully track multiple attacks consistently. Results indicate rules that attempt to meet but not exceed network constraints outperform rules that disregard network constraints. Additionally, rules that take into consideration the progress of current attacks also show some benefits

A Study of Technology Innovations and Applications in Transforming Safety and Security in Healthcare Facility Management

The increasing complexity of construction projects has transformed the Architecture, Engineering, and Construction (AEC) industry through technology adoption over the last decade. But, Facility Management (FM) as an industry has been slow in technology adoption. Growing market competition, corporate demands and new ways of attracting clients for owners are compelling FM professionals to be more efficient. This requirement is driving technology adoption by FM professionals. This study identifies technologies adopted by Healthcare Facility Management (HFM) professionals for improving safety and security of users that have capabilities and conceived and/or developed applications that can or in some cases are at present used in HFM. Simultaneously, it also looks into potentials and capabilities of a handful of other technologies in further improving safety and security. Using Literature-Based Discovery (LBD), the technology applications and innovations aimed towards safety and security are discovered from the literature that falls within the purview of HFM to form a picture of how these technologies enhance the practice of FM. The study aims at detecting how technologies have contributed towards transforming user experience. Also, this study identifies existing technologies and innovation demands (knowledge and gaps in knowledge), a general understanding of technology, its use and capabilities, and its recognition by users and industry professionals (adoption/rejection). They serve to illustrate how and to what degree the technologies will come to be used in facility management. Technologies, as they mature, will come to be used by facility managers in similar functions and hypothetically, entirely new ones. One should create a better user experience tailored to the functionality demanded. It is important for facility managers to partner with technology companies presenting innovative solutions to create a platform that is tailored to user-specific needs. Acceptance of a unified process, together with input from users, facility managers, and an assessment of current technologies and new advances in practice are productive ways to develop technologies that drive user satisfaction. This paper works to illustrate a future vision of HFM based on these technologies. Healthcare facility managers will have a reference that assembles multiple technological proficiencies that can function in their practice going forward