SPGNN-API: A Transferable Graph Neural Network for Attack Paths Identification and Autonomous Mitigation

Attack paths are the potential chain of malicious activities an attacker performs to compromise network assets and acquire privileges through exploiting network vulnerabilities. Attack path analysis helps organizations to identify new/unknown chains of attack vectors that reach critical assets within the network, as opposed to individual attack vectors in signature-based attack analysis. Timely identification of attack paths enables proactive mitigation of threats. Nevertheless, manual analysis of complex network configurations, vulnerabilities, and security events to identify attack paths is rarely feasible. This work proposes a novel transferable graph neural network-based model for shortest path identification. The proposed shortest path detection approach, integrated with a novel holistic and comprehensive model for identifying potential network vulnerabilities interactions, is then utilized to detect network attack paths. Our framework automates the risk assessment of attack paths indicating the propensity of the paths to enable the compromise of highly-critical assets (e.g., databases) given the network configuration, assets' criticality, and the severity of the vulnerabilities in-path to the asset. The proposed framework, named SPGNN-API, incorporates automated threat mitigation through a proactive timely tuning of the network firewall rules and zero-trust policies to break critical attack paths and bolster cyber defenses. Our evaluation process is twofold; evaluating the performance of the shortest path identification and assessing the attack path detection accuracy. Our results show that SPGNN-API largely outperforms the baseline model for shortest path identification with an average accuracy >= 95% and successfully detects 100% of the potentially compromised assets, outperforming the attack graph baseline by 47%.Comment: IEEE Transactions on Information Forensics & Security (TIFS

Apache Spark Based Deep Learning for Social Transaction Analysis

International audienceIn an attempt to cope with the increasing number of trust-related attacks, a system that analyzes the whole social transaction in real-time becomes a necessity. Traditional systems cannot analyze transactions in real-time and most of them use machine learning approaches, which are not suitable for the real-time processing of social transactions in the big data environment. Therefore, in this paper, we propose a novel deep learning detection system based on Apache Spark that is capable of handling huge transactions and streaming batches. Our model is made up of two main phases: the first phase builds a supervised deep learning model to classify transactions (either benign transactions or malicious transactions). The second phase aims to analyze transaction streams using spark streaming, which transforms the model to batches of data in order to make predictions in real-time. To verify the effectiveness of the proposed system, we implement this system and we perform several comparison e xperiments. The obtained results show that our approach has achieved more satisfactory efficiency and accuracy, compared to other works in the literature. Thus, it is very suitable for real-time detection of malicious transactions with large capacity and high speed

A global risk approach to assessing groundwater vulnerability

International audienceThis research provides a new approach to assess groundwater vulnerability to contamination from anthropogenic activities and sea water intrusion. The DRASTIC and GALDIT parametric methods were then linked to a novel land use index to create a more robust “global risk index”, useful for assessing aquifer vulnerability to pollution and seawater intrusion risk. In addition, sensitivity analysis was used to evaluate the effect of each individual parameter on the final models. The vulnerability to pollution and the seawater intrusion contamination maps show three classes of water resources degradation: low, moderate and high, relating to the intrinsic properties. In addition, the global risk map shows three risk classes': low (25%), moderate (64%) and high (11%) depending on the hydrogeological characteristics, land use, distance from the coast and human impacts in most of the study area. The modified models were statistically compared with the nitrate concentration and the water resistivity values for validation. These maps are considered indispensable for sustainable land use planning and groundwater management of the shallow aquifer

Serotype distribution and antibiotic susceptibility of Streptococcus pneumoniae strains in the south of Tunisia: A five-year study (2012â2016) of pediatric and adult populations

Objectives: To analyze the serotype distribution of Streptococcus pneumoniae clinical isolates collected in the south of Tunisia over a 5-year period in different age groups and to assess their antimicrobial susceptibility patterns. Methods: A total of 305 non-duplicate S. pneumoniae isolates were collected between January 2012 and December 2016 at the university hospital in Sfax, Tunisia. All isolates were serotyped by multiplex PCR. The antibiotic susceptibility of all isolates was determined using the disk diffusion test or Etest assay. Results: Among the 305 pneumococcal isolates, 76 (24.9%) were invasive and 229 (75.1%) were non-invasive. The most common serotypes were 19F (20%), 14 (16.7%), 3 (9.2%), 23F (7.5%), 19A (5.9%), and 6B (5.9%). Potential immunization coverage rates for pneumococcal conjugate vaccines PCV7, PCV10, and PCV13 were 58%, 59.3%, and 78.7%, respectively. Three-quarters (75.3%) of pneumococcal isolates were non-susceptible to penicillin. The resistance rate to erythromycin was 71.4%. Only two isolates were resistant to levofloxacin. Conclusions: 19F and 14 were the most prevalent serotypes in the south of Tunisia. The inclusion of a PCV in the immunization program could be useful for reducing the burden of pneumococcal diseases. The high resistance rate to penicillin and macrolides is alarming. Prudent use of antibiotics is crucial to prevent the selection of multidrug-resistant pneumococci. Keywords: Streptococcus pneumoniae, Antibiotic, Serotype, PCV, Tunisi