17 research outputs found
ESASCF: Expertise Extraction, Generalization and Reply Framework for an Optimized Automation of Network Security Compliance
The Cyber threats exposure has created worldwide pressure on organizations to
comply with cyber security standards and policies for protecting their digital
assets. Vulnerability assessment (VA) and Penetration Testing (PT) are widely
adopted Security Compliance (SC) methods to identify security gaps and
anticipate security breaches. In the computer networks context and despite the
use of autonomous tools and systems, security compliance remains highly
repetitive and resources consuming. In this paper, we proposed a novel method
to tackle the ever-growing problem of efficiency and effectiveness in network
infrastructures security auditing by formally introducing, designing, and
developing an Expert-System Automated Security Compliance Framework (ESASCF)
that enables industrial and open-source VA and PT tools and systems to extract,
process, store and re-use the expertise in a human-expert way to allow direct
application in similar scenarios or during the periodic re-testing. The
implemented model was then integrated within the ESASCF and tested on different
size networks and proved efficient in terms of time-efficiency and testing
effectiveness allowing ESASCF to take over autonomously the SC in Re-testing
and offloading Expert by automating repeated segments SC and thus enabling
Experts to prioritize important tasks in Ad-Hoc compliance tests. The obtained
results validate the performance enhancement notably by cutting the time
required for an expert to 50% in the context of typical corporate networks
first SC and 20% in re-testing, representing a significant cost-cutting. In
addition, the framework allows a long-term impact illustrated in the knowledge
extraction, generalization, and re-utilization, which enables better SC
confidence independent of the human expert skills, coverage, and wrong
decisions resulting in impactful false negatives
Authentication Protocols for Internet of Things: A Comprehensive Survey
In this paper, a comprehensive survey of authentication protocols for Internet of Things (IoT) is presented. Specifically more than forty authentication protocols developed for or applied in the context of the IoT are selected and examined in detail. These protocols are categorized based on the target environment: (1) Machine to Machine Communications (M2M), (2) Internet of Vehicles (IoV), (3) Internet of Energy (IoE), and (4) Internet of Sensors (IoS). Threat models, countermeasures, and formal security verification techniques used in authentication protocols for the IoT are presented. In addition a taxonomy and comparison of authentication protocols that are developed for the IoT in terms of network model, specific security goals, main processes, computation complexity, and communication overhead are provided. Based on the current survey, open issues are identified and future research directions are proposed
Edge-IIoTset: A new comprehensive realistic cyber security dataset of IoT and IIoT applications for centralized and federated learning
In this paper, we propose a new comprehensive realistic cyber security dataset of IoT and IIoT applications, called Edge-IIoTset, which can be used by machine learning-based intrusion detection systems in two different modes, namely, centralized and federated learning. Specifically, the dataset has been generated using a purpose-built IoT/IIoT testbed with a large representative set of devices, sensors, protocols and cloud/edge configurations. The IoT data are generated from various IoT devices (more than 10 types) such as Low-cost digital sensors for sensing temperature and humidity, Ultrasonic sensor, Water level detection sensor, pH Sensor Meter, Soil Moisture sensor, Heart Rate Sensor, Flame Sensor, etc.). Furthermore, we identify and analyze fourteen attacks related to IoT and IIoT connectivity protocols, which are categorized into five threats, including, DoS/DDoS attacks, Information gathering, Man in the middle attacks, Injection attacks, and Malware attacks. In addition, we extract features obtained from different sources, including alerts, system resources, logs, network traffic, and propose new 61 features with high correlations from 1176 found features. After processing and analyzing the proposed realistic cyber security dataset, we provide a primary exploratory data analysis and evaluate the performance of machine learning approaches (i.e., traditional machine learning as well as deep learning) in both centralized and federated learning modes. The Edge-IIoTset dataset can be publicly accessed from [1]
A novel two-factor honeytoken authentication mechanism
The majority of systems rely on user authentication on passwords, but passwords have so many weaknesses and widespread use that easily raise significant security concerns, regardless of their encrypted form. Users hold the same password for different accounts, administrators never check password files for flaws that might lead to a successful cracking, and the lack of a tight security policy regarding regular password replacement are a few problems that need to be addressed. The proposed research work aims at enhancing this security mechanism, prevent penetrations, password theft, and attempted break-ins towards securing computing systems. The selected solution approach is two-folded; it implements a two-factor authentication scheme to prevent unauthorized access, accompanied by Honeyword principles to detect corrupted or stolen tokens. Both can be integrated into any platform or web application with the use of QR codes and a mobile phone
Cyber security of critical infrastructures
open access articleModern Supervisory Control and Data Acquisition (SCADA) systems are essential for monitoring and managing electric power generation, transmission and distribution. In the age of the Internet of Things, SCADA has evolved into big, complex and distributed systems that are prone to be conventional in addition to new threats. Many security methods can be applied to such systems, having in mind that both high efficiency, real time intrusion identification and low overhead are required
Measurements of the Total and Differential Higgs Boson Production Cross Sections Combining the H??????? and H???ZZ*???4??? Decay Channels at =8??????TeV with the ATLAS Detector
Measurements of the total and differential cross sections of Higgs boson production are performed using 20.3~fb of collisions produced by the Large Hadron Collider at a center-of-mass energy of TeV and recorded by the ATLAS detector. Cross sections are obtained from measured and event yields, which are combined accounting for detector efficiencies, fiducial acceptances and branching fractions. Differential cross sections are reported as a function of Higgs boson transverse momentum, Higgs boson rapidity, number of jets in the event, and transverse momentum of the leading jet. The total production cross section is determined to be . The measurements are compared to state-of-the-art predictions.Measurements of the total and differential cross sections of Higgs boson production are performed using 20.3 fb-1 of pp collisions produced by the Large Hadron Collider at a center-of-mass energy of s=8 TeV and recorded by the ATLAS detector. Cross sections are obtained from measured H→γγ and H→ZZ*→4ℓ event yields, which are combined accounting for detector efficiencies, fiducial acceptances, and branching fractions. Differential cross sections are reported as a function of Higgs boson transverse momentum, Higgs boson rapidity, number of jets in the event, and transverse momentum of the leading jet. The total production cross section is determined to be σpp→H=33.0±5.3 (stat)±1.6 (syst) pb. The measurements are compared to state-of-the-art predictions.Measurements of the total and differential cross sections of Higgs boson production are performed using 20.3 fb of collisions produced by the Large Hadron Collider at a center-of-mass energy of TeV and recorded by the ATLAS detector. Cross sections are obtained from measured and event yields, which are combined accounting for detector efficiencies, fiducial acceptances and branching fractions. Differential cross sections are reported as a function of Higgs boson transverse momentum, Higgs boson rapidity, number of jets in the event, and transverse momentum of the leading jet. The total production cross section is determined to be . The measurements are compared to state-of-the-art predictions