Triage of IoT Attacks Through Process Mining

The impressive growth of the IoT we witnessed in the recent years came together with a surge in cyber attacks that target it. Factories adhering to digital transformation programs are quickly adopting the IoT paradigm and are thus increasingly exposed to a large number of cyber threats that need to be detected, analyzed and appropriately mitigated. In this scenario, a common approach that is used in large organizations is to setup an attack triage system. In this setting, security operators can cherry-pick new attack patterns requiring further in-depth investigation from a mass of known attacks that can be managed automatically. In this paper, we propose an attack triage system that helps operators to quickly identify attacks with unknown behaviors, and later analyze them in detail. The novelty introduced by our solution is in the usage of process mining techniques to model known attacks and identify new variants. We demonstrate the feasibility of our approach through an evaluation based on three well-known IoT botnets, BASHLITE, LIGHTAIDRA and MIRAI, and on real current attack patterns collected through an IoT honeypot

A game-based learning experience for improving cybersecurity awareness

The use of videogames is an established tool to train a systematic way of thinking that allows users to learn by gaming. In this paper, to address the increasing need of awareness in cybersecurity related issues, we present the realization of a Virtual Reality (VR) videogame targeted towards educating users in the context of cybersecurity

IoT Botnet Detection Using an Economic Deep Learning Model

The rapid progress in technology innovation usage and distribution has increased in the last decade. The rapid growth of the Internet of Things (IoT) systems worldwide has increased network security challenges created by malicious third parties. Thus, reliable intrusion detection and network forensics systems that consider security concerns and IoT systems limitations are essential to protect such systems. IoT botnet attacks are one of the significant threats to enterprises and individuals. Thus, this paper proposed an economic deep learning-based model for detecting IoT botnet attacks along with different types of attacks. The proposed model achieved higher accuracy than the state-of-the-art detection models using a smaller implementation budget and accelerating the training and detecting processes.Comment: The paper under reviewing proces

Process mining and digital transformation of organizations: A literature review

It is unquestionable that digital transformation impacts directly on organizations and the way they do business. With the emergence of Business Intelligence techniques, such as Process Mining, it was generated an expectation that the use of these techniques could allow organizations to obtain competitive advantages and optimize their results. The soaring availability and volume of event logs volume suggests that Process Mining will increasingly assume an important part in the organizations developments. The purpose of this article is to identify and analyze, through a literature review, the role of Process Mining on the digital transformation process of organizations