Exploring the use of conversational agents to improve cyber situational awareness in the Internet of Things (IoT).

The Internet of Things (IoT) is an emerging paradigm, which aims to extend the power of the Internet beyond computers and smartphones to a vast and growing range of "things" - devices, processes and environments. The result is an interconnected world where humans and devices interact with each other, establishing a smart environment for the continuous exchange of information and services. Billions of everyday devices such as home appliances, surveillance cameras, wearables and doorbells, enriched with computational and networking capabilities, have already been connected to the Internet. However, as the IoT has grown, the demand for low-cost, easy-to-deploy devices has also increased, leading to the production of millions of insecure Internet-connected smart devices. Many of these devices can be easily exploited and leveraged to perform large-scale attacks on the Internet, such as the recently witnessed botnet attacks. Since these attacks often target consumer-level products, which commonly lack a screen or user interface, it can be difficult for users to identify signs of infection and be aware of devices that have been compromised. This thesis presents four studies which collectively explored how user awareness of threats in consumer IoT networks could be improved. Maintaining situational awareness of what is happening within a home network is challenging, not least because malicious activity often occurs in devices which are not easily monitored. This thesis evaluated the effectiveness of conversational agents to improve Cyber Situational Awareness. In doing so, it presented the first study to investigate their ability to help users improve their perception of smart device activity, comprehend this in the context of their home environment, and project this knowledge to determine if a threat had occurred or may occur in the future. The research demonstrated how a BLSTMRNN with word embedding could be used to extract semantic meaning from packets to perform deep packet inspection and detect IoT botnet activity. Specifically, how the models use of contextual information from both the past and future enabled better predictions to be made about the current state (packet) due to the sequential nature of the network traffic. In addition, a cross-sectional study examined users' awareness and perception of threats and found that, although users value security and privacy, they found it difficult to identify threats and infected devices. Finally, novel cross-sectional and longitudinal studies evaluated the use of conversational agents, and demonstrated them to be an effective and efficient method of improving Cyber Situational Awareness. In particular, this was shown to be true when using a multi-modal approach and combining aural, verbal and visual modalities

Dimensions of \u27socio\u27 vulnerabilities of advanced persistent threats

© 2019 University of Split, FESB. Advanced Persistent Threats (APT) are highly targeted and sophisticated multi-stage attacks, utilizing zero day or near zero-day malware. Directed at internetworked computer users in the workplace, their growth and prevalence can be attributed to both socio (human) and technical (system weaknesses and inadequate cyber defenses) vulnerabilities. While many APT attacks incorporate a blend of socio-technical vulnerabilities, academic research and reported incidents largely depict the user as the prominent contributing factor that can weaken the layers of technical security in an organization. In this paper, our objective is to explore multiple dimensions of socio factors (non-technical vulnerabilities) that contribute to the success of APT attacks in organizations. Expert interviews were conducted with senior managers, working in government and private organizations in the United Arab Emirates (UAE) over a period of four years (2014 to 2017). Contrary to common belief that socio factors derive predominately from user behavior, our study revealed two new dimensions of socio vulnerabilities, namely the role of organizational management, and environmental factors which also contribute to the success of APT attacks. We show that the three dimensions postulated in this study can assist Managers and IT personnel in organizations to implement an appropriate mix of socio-technical countermeasures for APT threats

Botnet detection in the Internet of Things using deep learning approaches.

The recent growth of the Internet of Things (IoT) has resulted in a rise in IoT based DDoS attacks. This paper presents a solution to the detection of botnet activity within consumer IoT devices and networks. A novel application of Deep Learning is used to develop a detection model based on a Bidirectional Long Short Term Memory based Recurrent Neural Network (BLSTM-RNN). Word Embedding is used for text recognition and conversion of attack packets into tokenised integer format. The developed BLSTM-RNN detection model is compared to a LSTM-RNN for detecting four attack vectors used by the mirai botnet, and evaluated for accuracy and loss. The paper demonstrates that although the bidirectional approach adds overhead to each epoch and increases processing time, it proves to be a better progressive model over time. A labelled dataset was generated as part of this research, and is available upon request

A system dynamics approach to evaluate advanced persistent threat vectors.

Cyber-attacks targeting high-profile entities are focused, persistent, and employ common vectors with varying levels of sophistication to exploit social-technical vulnerabilities. Advanced persistent threats (APTs) deploy zero-day malware against such targets to gain entry through multiple security layers, exploiting the dynamic interplay of vulnerabilities in the target network. System dynamics (SD) offers an alternative approach to analyze non-linear, complex, and dynamic social-technical systems. This research applied SD to three high-profile APT attacks - Equifax, Carphone, and Zomato - to identify and simulate socio-technical variables leading to breaches. By modeling APTs using SD, managers can evaluate threats, predict attacks, and reduce damage by mitigating specific socio-technical cues. This study provides valuable insights into the dynamics of cyber threats, making it the first to apply SD to APTs

Investigation of computational intelligence techniques for intrusion detection in wireless sensor networks.

Wireless Sensor Networks (WSNs) have become a key technology for the IoT and despite obvious benefits, challenges still exist regarding security. As more devices are connected to the internet, new cyber attacks are emerging which join well-known attacks posing significant threats to the confidentiality, integrity and availability of data in WSNs. In this work, we investigated two computational intelligence techniques for WSN intrusion detection. A back propagation neural network was compared with a support vector machine classifier. Using the NSL-KDD dataset, detection rates achieved by the two techniques for six cyber attacks were recorded. The results showed that both techniques offer a high true positive rate and a low false positive rate, making both of them good options for intrusion detection. In addition, we further show the support vector machine classifiers suitability for anomaly detection, by demonstrating its ability to handle low sample sizes, while maintaining an acceptable FPR rate under the required threshold

Towards a conversational agent for threat detection in the internet of things.

A conversational agent to detect anomalous traffic in consumer IoT networks is presented. The agent accepts two inputs in the form of user speech received by Amazon Alexa enabled devices, and classified IDS logs stored in a DynamoDB Table. Aural analysis is used to query the database of network traffic, and respond accordingly. In doing so, this paper presents a solution to the problem of making consumers situationally aware when their IoT devices are infected, and anomalous traffic has been detected. The proposed conversational agent addresses the issue of how to present network information to non-technical users, for better comprehension, and improves awareness of threats derived from the mirai botnet malware

Towards situational awareness of botnet activity in the Internet of Things

An IoT botnet detection model is designed to detect anomalous attack traffic utilised by the mirai botnet malware. The model uses a novel application of Deep Bidirectional Long Short Term Memory based Recurrent Neural Network (BLSTMRNN), in conjunction with Word Embedding, to convert string data found in captured packets, into a format usable by the BLSTM-RNN. In doing so, this paper presents a solution to the problem of detecting and making consumers situationally aware when their IoT devices are infected, and forms part of a botnet. The proposed model addresses the issue of detection, and returns high accuracy and low loss metrics for four attack vectors used by the mirai botnet malware, with only one attack vector shown to be difficult to detect and predict. A labelled dataset was generated and used for all experiments, to test and validate the accuracy and data loss in the detection model. This dataset is available upon request

Engineered Fibrillar Fibronectin Networks as Three‐Dimensional Tissue Scaffolds

Extracellular matrix (ECM) proteins, and most prominently, fibronectin (Fn), are routinely used in the form of adsorbed pre‐coatings in an attempt to create a cell‐supporting environment in both two‐ and three‐dimensional cell culture systems. However, these protein coatings are typically deposited in a form which is structurally and functionally distinct from the ECM‐constituting fibrillar protein networks naturally deposited by cells. Here, the cell‐free and scalable synthesis of freely suspended and mechanically robust three‐dimensional (3D) networks of fibrillar fibronectin (fFn) supported by tessellated polymer scaffolds is reported. Hydrodynamically induced Fn fibrillogenesis at the three‐phase contact line between air, an Fn solution, and a tessellated scaffold microstructure yields extended protein networks. Importantly, engineered fFn networks promote cell invasion and proliferation, enable in vitro expansion of primary cancer cells, and induce an epithelial‐to‐mesenchymal transition in cancer cells. Engineered fFn networks support the formation of multicellular cancer structures cells from plural effusions of cancer patients. With further work, engineered fFn networks can have a transformative impact on fundamental cell studies, precision medicine, pharmaceutical testing, and pre‐clinical diagnostics.Fibrillar fibronectin (fFn) networks are freely suspended across porous polymer structures without the use of cells. Engineered fFn networks enable in vivo implantation or in vitro expansion of various cell types including patient breast cancer cells that otherwise fail to survive on tissue culture polystyrene.Peer Reviewedhttps://deepblue.lib.umich.edu/bitstream/2027.42/153115/1/adma201904580_am.pdfhttps://deepblue.lib.umich.edu/bitstream/2027.42/153115/2/adma201904580.pdfhttps://deepblue.lib.umich.edu/bitstream/2027.42/153115/3/adma201904580-sup-0001-S1.pd

A comfort assessment of existing cervical orthoses

Purpose: identify location and intensity of discomfort experienced by healthy participants wearing cervical orthoses. Method: convenience sample of 34 healthy participants wore Stro II, Philadelphia, Headmaster, and AspenVista® cervical orthoses for four-hour periods. Participants reported discomfort level (scale 0-6) and location. Results: participants reported mean discomfort for all orthoses over the four-hour test between ‘a little discomfort’ and ‘very uncomfortable’ (mean discomfort score=1.64, SD=1.50). Seven participants prematurely stopped tests due to pain and six reported maximum discomfort scores. Significant linear increase in discomfort with duration of wear was found for all orthoses. Significantly less discomfort was reported with Stro II than Headmaster and Philadelphia. Age correlated with greater perceived discomfort. Orthoses differed in the location discomfort was experienced. Conclusion: existing cervical orthoses cause discomfort influenced by design and duration of wear with orthoses' design the more significant factor. This work informed the design of a new orthosis and future orthoses developments

Concise total syntheses of (–)-jorunnamycin A and (–)-jorumycin enabled by asymmetric catalysis

The bis-tetrahydroisoquinoline (bis-THIQ) natural products have been studied intensively over the past four decades for their exceptionally potent anticancer activity, in addition to strong gram-positive and -negative antibiotic character. Synthetic strategies toward these complex polycyclic compounds have relied heavily on electrophilic aromatic chemistry, such as the Pictet-Spengler reaction, that mimics their biosynthetic pathways. Herein we report an approach to two bis-THIQ natural products, jorunnamycin A and jorumycin, that instead harnesses the power of modern transition-metal catalysis for the three major bond-forming events and proceeds with high efficiency (15 and 16 steps, respectively). By breaking from biomimicry, this strategy allows for the preparation of a more diverse set of non-natural analogs