Artificial intelligence in the cyber domain: Offense and defense

Artificial intelligence techniques have grown rapidly in recent years, and their applications in practice can be seen in many fields, ranging from facial recognition to image analysis. In the cybersecurity domain, AI-based techniques can provide better cyber defense tools and help adversaries improve methods of attack. However, malicious actors are aware of the new prospects too and will probably attempt to use them for nefarious purposes. This survey paper aims at providing an overview of how artificial intelligence can be used in the context of cybersecurity in both offense and defense.Web of Science123art. no. 41

Attribute Identification and Predictive Customisation Using Fuzzy Clustering and Genetic Search for Industry 4.0 Environments

Today´s factory involves more services and customisation. A paradigm shift is towards “Industry 4.0” (i4) aiming at realising mass customisation at a mass production cost. However, there is a lack of tools for customer informatics. This paper addresses this issue and develops a predictive analytics framework integrating big data analysis and business informatics, using Computational Intelligence (CI). In particular, a fuzzy c-means is used for pattern recognition, as well as managing relevant big data for feeding potential customer needs and wants for improved productivity at the design stage for customised mass production. The selection of patterns from big data is performed using a genetic algorithm with fuzzy c-means, which helps with clustering and selection of optimal attributes. The case study shows that fuzzy c-means are able to assign new clusters with growing knowledge of customer needs and wants. The dataset has three types of entities: specification of various characteristics, assigned insurance risk rating, and normalised losses in use compared with other cars. The fuzzy c-means tool offers a number of features suitable for smart designs for an i4 environment

Federated Embedded Systems – a review of the literature in related fields

This report is concerned with the vision of smart interconnected objects, a vision that has attracted much attention lately. In this paper, embedded, interconnected, open, and heterogeneous control systems are in focus, formally referred to as Federated Embedded Systems. To place FES into a context, a review of some related research directions is presented. This review includes such concepts as systems of systems, cyber-physical systems, ubiquitous computing, internet of things, and multi-agent systems. Interestingly, the reviewed fields seem to overlap with each other in an increasing number of ways

Adaptive Traffic Fingerprinting for Darknet Threat Intelligence

Darknet technology such as Tor has been used by various threat actors for organising illegal activities and data exfiltration. As such, there is a case for organisations to block such traffic, or to try and identify when it is used and for what purposes. However, anonymity in cyberspace has always been a domain of conflicting interests. While it gives enough power to nefarious actors to masquerade their illegal activities, it is also the cornerstone to facilitate freedom of speech and privacy. We present a proof of concept for a novel algorithm that could form the fundamental pillar of a darknet-capable Cyber Threat Intelligence platform. The solution can reduce anonymity of users of Tor, and considers the existing visibility of network traffic before optionally initiating targeted or widespread BGP interception. In combination with server HTTP response manipulation, the algorithm attempts to reduce the candidate data set to eliminate client-side traffic that is most unlikely to be responsible for server-side connections of interest. Our test results show that MITM manipulated server responses lead to expected changes received by the Tor client. Using simulation data generated by shadow, we show that the detection scheme is effective with false positive rate of 0.001, while sensitivity detecting non-targets was 0.016+-0.127. Our algorithm could assist collaborating organisations willing to share their threat intelligence or cooperate during investigations.Comment: 26 page

The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

A strategic framework for e-government security: the case in Nigeria

A thesis submitted to the University of Bedfordshire in partial fulfilment of the requirements for the degree of Doctor of PhilosophyCountries across the globe are striving towards full-scale implementation of e-government. One of the issues arising with the efforts to this realization is the assurance of secure transactions while upholding high privacy standards. In order to engage citizens in the process, there must be transparency and confidence that the e-government systems they are using are reliable and will deliver the services with integrity, confidentiality and accountability. Different systems require different levels of security according to the services they provide to their users. This research presents an investigation into reasons why e-government security frameworks developed by researchers with the claim that it is one-size-fits-all issue may not hold true, particularly in the case of Nigeria, based on certain identified realities. The claim of a generalized framework appears very challenging because there seem to be much diversity across different governments. Countries differ in one or more of the following characteristics: political systems, legal systems, economic situation, available technological infrastructure, Internet and PC penetration, availability of skills and human resources, literacy levels, computer literacy levels, level of poverty, leadership, and ethnic diversities in terms of norms, languages, and expertise. Security measures implemented in e-government projects in some developed countries, beginning with more established e-government systems around the world, were evaluated and a strategic framework for e-government security proposed which considers both technical and non-technical factors that involve people, processes and technologies. The framework is proposed to advance the rapid adoption of practices that will guarantee e-government security. It seeks to provide a flexible, repeatable and cost-effective approach to implementing e-government security. This research examines the issues of enclosure in the implementation of e-government from the perspective of security and ultimately survivability

Development of National Cyber Security Strategies (NCSSs), and an Application of Perspective to the Colombian Case

Üle maailma seisavad riigid silmitsi sarnaste küberohtudega, millele pööratakse tähelepanu ametlike poliitikadokumentide - küberturvalisuse strateegiate (KTS) - kaudu. KTSid koondavad eri tegevusi, võimekust, kirjeldusi, ideoloogiaid, eesmärke ja/või visioone. Valdavaks on üldistused, mille tulemuseks on üldraamistikud ja populaarsed praktilised suunised, mis on valmis tehtud, et sobida olukordadesse, kus avaldaja neid kasutada saaks. Tihti on antud raamistikud ja suunised pärit enimarenenud riikidest ning tulenevad eeldustest, et need pole kohaldatavad ülejäänud riikidele. Valitsused on hakanud mõistma, et praegu on tegemist pöördepunktiga, kus esikohale tuleb seada siseriiklike vajaduste ja võimaluste loomine ja tõendamine, et seeläbi töötada välja seadused ning poliitikad, mis oleksid võrdluses eelnevatega paremas kooskõlas tegelikkusega ja vastutustundlikumad. Samal ajal tunnistavad sidusrühmad, et küberturvalisuse näol on tegemist riikideülese fenomeniga, mis nõuab ülemailmseid pingutusi. Vaid nutika tasakaaluga erinevatel tasemetel ja sektoriteüleselt on võimalik kasvastada turvalise küberruumi kasutust ja tagada selle potentsiaali täielik rakendamine. Lõputöö üldeesmärgiks on läbi viia kontseptuaalne ja empiiriline uurimus, kus on kasutatud erinevaid metoodikaid. Valdavalt on kasutatud kvalitatiivset lähenemist, kuid lõputöö hõlmab ka lühikest kvantitatiivse uurimise analüüs. Lõputöö valmimisel kasutati järgnevaid meetodeid: võrdlev analüüs viie KTSi osas, dokumentide analüüs, veebiküsitlus ja juhtumikirjeldus. Nende meetodite kasutamise tulemusena formuleerusid töö kaks teoreetilist panust: küberturvalisuse termin ja tööriistakasti sisu. Tööriistakast koosneb suunistest, mis on kohandatavad ja ülekantavad. See loob aluse kaalutlusteks, mis on nõutavad KTSi arendamiseks. Suunised hõlmavad soovitusi peamiste tulemusindikaatorite enesehindamise loeteluks, mis kinnitaks, et mõõdetavatest parameetritest tekib kasu. Samuti on loetletud kohustuslikud osad, mida KTS peaks endas sisaldama. Järgneb Kolumbia poliitikakujunduse juhtumikirjeldus, mis illustreerib erapooletute suuniste kohaldatavust. Antud suunised saaksid olla aluseks protsesside ja standardite ümberkujundamiseks. Selle tulemusena saaks luua mõjusamaid avalikke poliitikaid ja strateegiaid.States around the world face similar cyber-threats that have been addressed in official statements of policy such as National Cyber Security Strategies (NCSS), towards diverse ends, depending on their capacities, characteristics, ideologies, purposes and/or vision. Generalisations have prevailed resulting in general frameworks and popular practical guidelines that were made to fit the situation of the issuers, commonly from the most developed countries, and departing from assumptions that are not applicable to all of the rest of states in the world. Governments began to realise the times marked a turning point for beginning to think about, and assert, the needs and possibilities of their own countries first, and for issuing more responsive and responsible laws and policies than they have ever had. At the same time, stakeholders recognise that cyber security is a transnational phenomenon that demands global efforts. A smart balance should be reached across levels and sectors to help increase the safe use of cyberspace and unfold its full potential. The general purpose of this work is to conduct conceptual and empirical research with a mixed methodology where the qualitative approach prevails, but also includes a short quantitative exploratory analysis. A comparative analysis of 5 NCSSs, document analysis, a questionnaire administered online and a case study were the methods that resulted in two theoretical contributions: A definition of cyber security, and the formulation of a set of working tools consisting of: the Adaptable and Transferable Guidelines. Both in order to establish the considerations required to complete a process of NCSS development; the suggestions on the Key Performance Indicators self-assessment list that affirms the benefits of measuring parameters; and, the format for essential components to be included in NCSSs. A case study on the Colombian policy formulation follows, and illustrates the applicability of these unbiased guidelines that could help the institutionalization of procedures and standards for more influential public policies and strategies