In a computing context, cybersecurity is undergoing massive shifts in technology and its operations in recent days, and data science is driving the change. Extracting
security incident patterns
or ...insights from cybersecurity data and building corresponding
data-driven model
, is the key to make a security system automated and intelligent. To understand and analyze the actual phenomena with data, various scientific methods, machine learning techniques, processes, and systems are used, which is commonly known as data science. In this paper, we focus and briefly discuss on
cybersecurity data science
, where the data is being gathered from relevant cybersecurity sources, and the analytics complement the
latest data-driven patterns
for providing more effective security solutions. The concept of cybersecurity data science allows making the computing process more actionable and intelligent as compared to traditional ones in the domain of cybersecurity. We then discuss and summarize a number of associated
research issues and future directions
. Furthermore, we provide a
machine learning
based
multi-layered framework
for the purpose of cybersecurity modeling. Overall, our goal is not only to discuss cybersecurity data science and relevant methods but also to focus the applicability towards data-driven intelligent decision making for protecting the systems from cyber-attacks.
The main goal of a personalized recommender system is to provide useful recommendations on various items to the users. In order to generate recommendations, the service needs to access various types ...of user data such as previous product purchasing history, demographic and biographical information. However, users are sensitive to disclosure of personal information as it can be easily misused by malicious third parties. Consequently, there are unavoidable security concerns which will become known through attempted unauthorized access while providing the recommendation services. In order to protect against breaches of personal information, it is necessary to obfuscate the user information by means of an efficient encryption technique while simultaneously generating the recommendation by making true information inaccessible to the system. To address these challenges, we propose a privacy-preserving recommender system using homomorphic encryption, by which the system can provide recommendations without knowing the actual ratings. Our approach is based on the ElGamal cryptosystem by which both addition and multiplication of plaintexts can be performed. The performance of the proposed scheme shows significantly high accuracy in-terms of computation and communication costs as well as outperforming other existing solutions.
Over the last few decades, the proliferation of the Internet of Things (IoT) has produced an overwhelming flow of data and services, which has shifted the access control paradigm from a fixed desktop ...environment to dynamic cloud environments. Fog computing is associated with a new access control paradigm to reduce the overhead costs by moving the execution of application logic from the centre of the cloud data sources to the periphery of the IoT-oriented sensor networks. Indeed, accessing information and data resources from a variety of IoT sources has been plagued with inherent problems such as data heterogeneity, privacy, security and computational overheads. This paper presents an extensive survey of security, privacy and access control research, while highlighting several specific concerns in a wide range of contextual conditions (e.g., spatial, temporal and environmental contexts) which are gaining a lot of momentum in the area of industrial sensor and cloud networks. We present different taxonomies, such as contextual conditions and authorization models, based on the key issues in this area and discuss the existing context-sensitive access control approaches to tackle the aforementioned issues. With the aim of reducing administrative and computational overheads in the IoT sensor networks, we propose a new generation of Fog-Based Context-Aware Access Control (FB-CAAC) framework, combining the benefits of the cloud, IoT and context-aware computing; and ensuring proper access control and security at the edge of the end-devices. Our goal is not only to control context-sensitive access to data resources in the cloud, but also to move the execution of an application logic from the cloud-level to an intermediary-level where necessary, through adding computational nodes at the edge of the IoT sensor network. A discussion of some open research issues pertaining to context-sensitive access control to data resources is provided, including several real-world case studies. We conclude the paper with an in-depth analysis of the research challenges that have not been adequately addressed in the literature and highlight directions for future work that has not been well aligned with currently available research.
Power grids all over the world are transitioning towards a decentralized structure. Under such a transition, blockchain technology is emerging as a potential solution for technical, deployment and ...decentralization issues, given its security, integrity, decentralized nature and required infrastructure. Moreover, blockchain technology offers excellent features like non-repudiation and immutability which makes it a promising application for DER integration and management on reliability factors. In this paper, a comprehensive review of blockchain applications for DER management and integration is presented. First, a blockchain-based literature review of research activities in the DER integration area and related tasks including entrepreneurial efforts is carried out. Next, the different opportunities and challenges of DER integration and management in power grids, i.e., centralization, regulatory support, development costs are discussed. Finally, some key research challenges and opportunities of including blockchain technology to DER integration and management issues are presented.
In the content-centric networking (CCN), the content transmitted between data owners, consumers, and the servers is confidential to its publishers. Therefore, the content's publishers are sensitive ...to publication of their content to unauthorized consumers and third party service providers. Access control-based mechanisms have been efficient solutions to address this challenge where the content can be accessed by legitimate consumers only. However, the main limitation with an access control-based solution is that the content itself and the user interests are made public to certain parties in the system. Moreover, the solutions based on access control mechanism are limited within only sharing the content among various publishers and consumers where on the contrary, the secure aggregation of content in CCN is yet to be explored. To address these issues, we describe possible cryptographic solutions for content privacy in CCN, which can share and aggregate the content securely. More specifically, we propose two cryptographic protocols for content sharing and aggregation: 1) cryptographic protocol to exchange the encrypted content (CPE2C) and 2) privacy-preserving aggregation over distributed content (PDAC). The CPE2C protocol is simple yet highly secure against intruders or collusion attacks. This protocol is useful in terms of exchanging sensitive content between a publisher and a consumer. The PDAC is effective for distributed, secure, and energy-efficient content aggregation in smart IoT systems leveraging the CCN architecture and cloud services. The privacy analysis and performance results show that the proposed cryptographic protocols perform efficiently without disclosing any private information.
The Quality of Service (QoS)-based personalized web service recommendations have been gaining increasing popularity due to its ability to assist users in finding high quality web services. For this ...purpose, Collaborative Filtering (CF)-based technique has been a useful approach in that it is able to predict with high accuracy the QoS values of web services which are not invoked by the users. The basic idea behind CF-based techniques is that they identify users with similar QoS experiences and predict their QoS requirements on web services accordingly. However, as the calculation of QoS values and user similarity require parameters which may contain privacy sensitive information, users may not trust the server that provides such third-party recommendations. In general, users are usually not willing to disclose such information to a third-party as it contains their tastes and preferences as well as experiences. Therefore the main challenge is to address the need for providing accurate web service recommendations to users while preserving their privacy from any third party server, as well as to protect the privacy of individual users from one another. To tackle this challenge, we propose a new protocol for privacy preserving web service recommendation where an untrusted recommendation server is able to provide the recommendation without disclosing any private information of individual users, and with negligible loss of accuracy of QoS values. We present both privacy and experimental analysis to verify that our proposed method is secure and efficient in terms of performance.
•Vehicular mobility aware efficient proof of work for blockchain based VANET.•Fair and random selection of mining nodes in a public network.•Filtering vehicular miner nodes through new service score ...based filtering technique.•Scalable, efficient and easily adaptable blockchain based VANET consensus.
The massive adoption of the blockchain-based distributed framework has made it possible to store and transmit Vehicular Ad Hoc Network (VANET) application data transparently, securely, and without a central control point of trust. Introducing an efficient and scalable consensus mechanism, which is one of the most crucial components in the blockchain-based VANET application, is still an open research challenge, given the features related to high mobility vehicular network and resource constraint devices in vehicles. Considering the efficiency, fairness and scalability issues of state-of-the-art consensus protocols like Proof of Work (PoW), Proof of Stake (PoS) and Practical Byzantine Fault Tolerant (PBFT), in this paper we propose a new technique called Proof of Driving (PoD), to randomize the selection of honest miners for generating the blocks efficiently for blockchain-based VANET applications. Additionally, we introduce a filtering technique based on Service Standard Score (Sc) of the vehicular miner nodes to detect and eliminate the malicious nodes. Our proposed technique achieves an efficient and fair selection of miners in a blockchain-based VANET application (for example, ride-sharing) and it makes PBFT consensus adaptable in a vast public vehicular network. The proposed method also addresses the efficiency and fairness issues caused by PoW and PoS, respectively. Our extensive experimental results reflect that the proposed method is efficient as well as scalable and, more importantly, achieves smaller consensus sets with higher quality to eliminate the malicious vehicle nodes from participating in consensus. Finally, the security analysis shows that the proposed method is secure and fault-tolerant against various attacks.
In a connected vehicle application, the driver heavily depends on the messages, such as accident notification, collision warning, brake warning, etc., generated by the vehicle. These messages, which ...are generated by On-Board Units (OBU) can be used by an attacker to distract the driver or change the driving behavior to fulfill the attacker’s intentions. These generations of false messages are termed under illusion attacks. These types of attacks can be deterred by using blockchain-based architecture, which requires consensus to validate the generated messages. While the implementation of blockchain technology in connected vehicles is increasing, it is facing several vulnerabilities and threats from malicious nodes, anomalous data, and imperfect consensus mechanisms. These vulnerabilities in the system are majorly caused by malicious nodes. The generated false data can be injected at any section of the network, and not only by connected vehicles but also by endorsing Road Side Units (RSUs). These vulnerabilities can be checked to a great extent through the Miner Node Selection (MNS) process in blockchain-based systems. The MNS process selects a specific set of RSUs from all RSUs in a vehicular network (VANET) to run the consensus process. To overcome that goal, we propose ALICIA (AppLied Intelligence in bloCkchaIn vAnet) where we have used the Artificial Neural Network (ANN) to select when and which node to exclude during the consensus process. Similarly, we have also proposed our Accident detection and validation system where we detect and validate an accident, and send the data to ALICIA to perform MNS. We have used Hyperledger Fabric (HF), a blockchain platform developed as a part of the Hyperledger Project, to implement our architecture, which uses the Practical Byzantine Fault Tolerance (PBFT) method to reach consensus for it does not require high computation power to add transactions to the blockchain.
•An integrated blockchain-based system on the novel validation technique.•A node table that records the performance of nodes and uses the node table to train the Reputation model.•An AI-based reputation model to detect and classify anomalous transactional data from non-anomalous transactional data.•A real-time Miner node selection based on the reputation model in Hyperledger Fabric.
The electric vehicle (EV) charging ecosystem, being a distinguishable paradigm of IIoT infrastructure, consists of distributed and complex hybrid systems that demand adaptive data-driven ...cyber-defense mechanisms to tackle the ever-growing attack vectors of cyber-physical systems. We propose an adaptive differential privacy-based federated learning framework for building a collaborative network intrusion detection system model for EV charging stations (EVCS). We use utility optimized local differential privacy to provide data privacy to the local network traffic data of each EVCS. Moreover, we propose a reinforcement learning-based intelligent privacy allocation mechanism at the EVCS level. The main significance of the proposed mechanism is that it can make privacy provisioning adaptive to the extent of privacy breaching rate, and dynamically optimize the privacy budget and the utility to avoid human intervention such as domain knowledge experts. The experimental results confirm the efficacy of our proposed mechanism and achieves appropriate privacy provisioning accuracy to approximately 95%.
In recent years, multiunmanned aerial vehicular systems (MUAVs) have become prevalent in divergent applications: agriculture, spectrum utilization, transportation, forest fire monitoring, and among ...others, due to their flexible, robust, and autonomous operational maneuver. Battery-powered multiunmanned aerial vehicles (MUAVs) systems possess limited computation and communication resources, significantly reducing their functional dimension by limiting mission time and range. To address this issue, we propose a federated deep reinforcement learning (FDRL)-based intelligent and decentralized task offloading scheme for resource-constrained UAVs that can enhance the operational capability of the MUAV systems. Moreover, the proposed FDRL scheme can improve offloading policy quality while preserving data privacy in MUAV. However, such intelligent systems may fall prey to backdoor attacks that can intervene in the system's regular operation causing rapid degradation of its performance. We introduce a novel triggerless backdoor attack scheme on intelligent task offloading UAVs and analyze its impact to gauge the resiliency of the offloading policy in the presence of an adversary. Then, we propose lightweight agnostic defense mechanisms to combat such backdoors in multi-UAV settings. The extensive simulation results show that the proposed attack and defense strategies are practical and efficient.