44 research outputs found
SecureCyber: An SDN-Enabled SIEM for Enhanced Cybersecurity in the Industrial Internet of Things
The proliferation of smart technologies has undeniably brought forth numerous advantages. However, it has also introduced critical security issues and vulnerabilities that need to be addressed. In response, the development of appropriate and continuously adaptable countermeasures is essential to ensure the uninterrupted operation of critical environments. This paper presents an innovative approach through the introduction of an Software-Defined Networking (SDN)-enabled Security Information and Event Management (SIEM) system. The proposed SIEM solution effectively combines the power of Artificial Intelligence (AI) and SDN to protect Industrial Internet of Things (IIoT) applications. Leveraging AI capabilities, the SDN-enabled SIEM is capable of detecting a wide range of cyberattacks and anomalies that pose potential threats to IIoT environments. On the other hand, SDN plays a crucial role in mitigating identified risks and ensuring the security of IIoT applications. In particular, AI-driven insights and analysis guide the SDN-C in selecting appropriate mitigation actions to neutralize detected threats effectively. The experimental results demonstrate the efficiency of the proposed solution
Detection of Physical Adversarial Attacks on Traffic Signs for Autonomous Vehicles
Current vision-based detection models within Autonomous Vehicles, can be susceptible to changes within the physical environment, which cause unexpected issues. Physical attacks on traffic signs could be malicious or naturally occurring, causing incorrect identification of the traffic sign which can drastically alter the behaviour of the autonomous vehicle. We propose two novel deep learning architectures which can be used as detection and mitigation strategy for environmental attacks. The first is an autoencoder which detects anomalies within a given traffic sign, and the second is a reconstruction model which generates a clean traffic sign without any anomalies. As the anomaly detection model has been trained on normal images, any abnormalities will provide a high reconstruction error value, indicating an abnormal traffic sign. The reconstruction model is a Generative Adversarial Network (GAN) and consists of two networks; a generator and a discriminator. These map the input traffic sign image into a meta representation as the output. By using anomaly detection and reconstruction models as mitigation strategies, we show that the performance of the other models in pipelines such as traffic sign recognition models can be significantly improved. In order to evaluate our models, several types of attack circumstances were designed and on average, the anomaly detection model achieved 0.84 accuracy with a 0.82 F1-score in real datasets whereas the reconstruction model improved performance of traffic sign recognition model from average F1-score 0.41 to 0.641
Multimodal Explainable Artificial Intelligence: A Comprehensive Review of Methodological Advances and Future Research Directions
The current study focuses on systematically analyzing the recent advances in
the field of Multimodal eXplainable Artificial Intelligence (MXAI). In
particular, the relevant primary prediction tasks and publicly available
datasets are initially described. Subsequently, a structured presentation of
the MXAI methods of the literature is provided, taking into account the
following criteria: a) The number of the involved modalities, b) The stage at
which explanations are produced, and c) The type of the adopted methodology
(i.e. mathematical formalism). Then, the metrics used for MXAI evaluation are
discussed. Finally, a comprehensive analysis of current challenges and future
research directions is provided.Comment: 26 pages, 11 figure
Data Protection and Cybersecurity Certification Activities and Schemes in the Energy Sector
Cybersecurity concerns have been at the forefront of regulatory reform in the European Union (EU) recently. One of the outcomes of these reforms is the introduction of certification schemes for information and communication technology (ICT) products, services and processes, as well as for data processing operations concerning personal data. These schemes aim to provide an avenue for consumers to assess the compliance posture of organisations concerning the privacy and security of ICT products, services and processes. They also present manufacturers, providers and data controllers with the opportunity to demonstrate compliance with regulatory requirements through a verifiable third-party assessment. As these certification schemes are being developed, various sectors, including the electrical power and energy sector, will need to access the impact on their operations and plan towards successful implementation. Relying on a doctrinal method, this paper identifies relevant EU legal instruments on data protection and cybersecurity certification and their interpretation in order to examine their potential impact when applying certification schemes within the Electrical Power and Energy System (EPES) domain. The result suggests that the EPES domain employs different technologies and services from diverse areas, which can result in the application of several certification schemes within its environment, including horizontal, technological and sector-specific schemes. This has the potential for creating a complex constellation of implementation models and would require careful design to avoid proliferation and disincentivising of stakeholders. © 2022 by the authors. Licensee MDPI, Basel, Switzerland
Explainable AI-based Intrusion Detection in the Internet of Things
The revolution of Artificial Intelligence (AI) has brought about a significant evolution in the landscape of cyberattacks. In particular, with the increasing power and capabilities of AI, cyberattackers can automate tasks, analyze vast amounts of data, and identify vulnerabilities with greater precision. On the other hand, despite the multiple benefits of the Internet of Things (IoT), it raises severe security issues. Therefore, it is evident that the presence of efficient intrusion detection mechanisms is critical. Although Machine Learning (ML) and Deep Learning (DL)-based IDS have already demonstrated their detection efficiency, they still suffer from false alarms and explainability issues that do not allow security administrators to trust them completely compared to conventional signature/specification-based IDS. In light of the aforementioned remarks, in this paper, we introduce an AI-powered IDS with explainability functions for the IoT. The proposed IDS relies on ML and DL methods, while the SHapley Additive exPlanations (SHAP) method is used to explain decision-making. The evaluation results demonstrate the efficiency of the proposed IDS in terms of detection performance and explainable AI (XAI)
Hunting IoT Cyberattacks With AI - Powered Intrusion Detection
The rapid progression of the Internet of Things allows the seamless integration of cyber and physical environments, thus creating an overall hyper-connected ecosystem. It is evident that this new reality provides several capabilities and benefits, such as real-time decision-making and increased efficiency and productivity. However, it also raises crucial cybersecurity issues that can lead to disastrous consequences due to the vulnerable nature of the Internet model and the new cyber risks originating from the multiple and heterogeneous technologies involved in the loT. Therefore, intrusion detection and prevention are valuable and necessary mechanisms in the arsenal of the loT security. In light of the aforementioned remarks, in this paper, we introduce an Artificial Intelligence (AI)-powered Intrusion Detection and Prevention System (IDPS) that can detect and mitigate potential loT cyberattacks. For the detection process, Deep Neural Networks (DNNs) are used, while Software Defined Networking (SDN) and Q-Learning are combined for the mitigation procedure. The evaluation analysis demonstrates the detection efficiency of the proposed IDPS, while Q- Learning converges successfully in terms of selecting the appropriate mitigation action
Evaluating the Energy Efficiency of Few-Shot Learning for Object Detection in Industrial Settings
In the ever-evolving era of Artificial Intelligence (AI), model performance
has constituted a key metric driving innovation, leading to an exponential
growth in model size and complexity. However, sustainability and energy
efficiency have been critical requirements during deployment in contemporary
industrial settings, necessitating the use of data-efficient approaches such as
few-shot learning. In this paper, to alleviate the burden of lengthy model
training and minimize energy consumption, a finetuning approach to adapt
standard object detection models to downstream tasks is examined. Subsequently,
a thorough case study and evaluation of the energy demands of the developed
models, applied in object detection benchmark datasets from volatile industrial
environments is presented. Specifically, different finetuning strategies as
well as utilization of ancillary evaluation data during training are examined,
and the trade-off between performance and efficiency is highlighted in this
low-data regime. Finally, this paper introduces a novel way to quantify this
trade-off through a customized Efficiency Factor metric.Comment: 7 pages, 6 figures, 4 table
Recommended from our members
ARIES: a novel multivariate intrusion detection system for smart grid
The advent of the Smart Grid (SG) raises severe cybersecurity risks that can lead to devastating consequences. In this paper, we present a novel anomaly-based Intrusion Detection System (IDS), called ARIES (smArt gRid Intrusion dEtection System), which is capable of protecting efficiently SG communications. ARIES combines three detection layers that are devoted to recognising possible cyberattacks and anomalies against (a) network flows, (b) Modbus/Transmission Control Protocol (TCP) packets and (c) operational data. Each detection layer relies on a Machine Learning (ML) model trained using data originating from a power plant. In particular, the first layer (network flow-based detection) performs a supervised multiclass classification, recognising Denial of Service (DoS), brute force attacks, port scanning attacks and bots. The second layer (packet-based detection) detects possible anomalies related to the Modbus packets, while the third layer (operational data based detection) monitors and identifies anomalies upon operational data (i.e., time series electricity measurements). By emphasising on the third layer, the ARIES Generative Adversarial Network (ARIES GAN) with novel error minimisation functions was developed, considering mainly the reconstruction difference. Moreover, a novel reformed conditional input was suggested, consisting of random noise and the signal features at any given time instance. Based on the evaluation analysis, the proposed GAN network overcomes the efficacy of conventional ML methods in terms of Accuracy and the F1 score
Process-of-Things: Weaving film industry’s practices into the Internet-of-Things
This paper presents a novel way to address the “silo” obstacle that is making things play a limited role in the Internet-of-Things (IoT) arena since they mainly act as data suppliers. This novel way capitalizes on the concept of storytelling to connect things together, which leads to the formation of Process-of-Things (PoT). In compliance with the movie industry’s practices, a PoT has a script that identifies the necessary characters (actors) along with what they are expected to do, when, and where. Things, specialized into living and non-living, embody the characters during the shooting (filming) of scripts. 5 phases ensure the completion of this embodiment with emphasis on rehearsal and evaluation stages, in this paper, to guarantee character readiness and appropriateness, respectively. A system implementing PoT’s 5 phases is presented in this paper along with a usability study summarizing how end-users, namely farmers, experienced the system