Adaptive Safety and Cyber Security for Connected and Automated Vehicle System

Hanlin Chen (11173323)

23 July 2021

<div> <div> <p>This dissertation discussed the potential benefits that CAV systems can bring to the general well-being, and how the threat lies within the CAV system can affect its performance and functionality.<br></p> <p>Particularly, this dissertation discovered how CAV technology can benefit homeland security and crime investigations involving child abduction crimes. By proposing the initial design network, this dissertation proposed a solution that enhances the current AMBER Alert system using CAV technology. This dissertation also discussed how CAV technology can help perception in corner-case driving scenarios and reduce the risk of traffic accidents, by proposing a dataset that covers various corner cases including different weather and lighting conditions targeting the work zone. Evaluation is made on the collected data and several impact factors have been figured out. </p> <p>This dissertation also discussed an attack scenario that a ROS-based CAV platform was attacked by DoS attacks. We analized the system response after we attacked the system. Discussion and analysis was made on the functionality and stability of the system. </p> <p>Overall, we determined that CAV technology can greatly benefit in general well-being, and threats within the CAV system can cast potential negative benefits once the CAV system is being attacked. </p> </div> </div>

Connected and Automated Vehicles

Adaptive Safety

Cybersecurity

A Machine Learning Approach for Reconnaissance Detection to Enhance Network Security

Bakaletz, Rachel

01 May 2022

Before cyber-crime can happen, attackers must research the targeted organization to collect vital information about the target and pave the way for the subsequent attack phases. This cyber-attack phase is called reconnaissance or enumeration. This malicious phase allows attackers to discover information about a target to be leveraged and used in an exploit. Information such as the version of the operating system and installed applications, open ports can be detected using various tools during the reconnaissance phase. By knowing such information cyber attackers can exploit vulnerabilities that are often unique to a specific version. In this work, we develop an end-to-end system that uses machine learning techniques to detect reconnaissance attacks on cyber networks. Successful detection of such attacks provides the target the time to devise plans on how to evade or mitigate the cyber-attack phases that supervene the reconnaissance phase.

Machine Learning

Reconnaissance

Intrusion Detection

Cybersecurity Analytics

Classification.

Artificial Intelligence and Robotics

Information Security

OS and Networks

Security related self-protected networks: Autonomous threat detection and response (ATDR)

Havenga, Wessel Johannes Jacobus

January 2021

>Magister Scientiae - MSc / Cybersecurity defense tools, techniques and methodologies are constantly faced with increasing challenges including the evolution of highly intelligent and powerful new-generation threats. The main challenges posed by these modern digital multi-vector attacks is their ability to adapt with machine learning. Research shows that many existing defense systems fail to provide adequate protection against these latest threats. Hence, there is an ever-growing need for self-learning technologies that can autonomously adjust according to the behaviour and patterns of the offensive actors and systems. The accuracy and effectiveness of existing methods are dependent on decision making and manual input by human experts. This dependence causes 1) administration overhead, 2) variable and potentially limited accuracy and 3) delayed response time.

Denial of service attacks

Machine learning

Neural networking

Self-protected networks

Anomaly detection

Cybersecurity

Identifying Challenges in Cybersecurity Data Visualization Dashboards

Shirazi, Patrick

January 2020

Nowadays, a massive amount of cybersecurity data-objects, such as security events, logs,messages, are flowing through different cybersecurity systems. With the enormous fastdevelopment of different cloud environments, big data, IoT, and so on, these amounts of data areincreasingly revolutionary. One of the challenges for different security actors, such as securityadmins, cybersecurity analysis, and network technicians, is how to utilize this amount of data inorder to reach meaningful insights, so they can be used further in diagnosis, validation, forensicand decision-making purposes. In order to make useful and get meaningful insights from this data, we need to have efficientdashboards that simplify the data and provide a human-understandable presentation of data. Currently, there are plenty of SIEM and visualization dashboard tools that are using a variety ofreport generator engines to generate charts and diagrams. Although there have been manyadvances in recent years due to utilizing AI and big data, security professionals are still facingsome challenges in using the visualization dashboards. During recent years, many research studies have been performed to discover and address thesetypes of challenges. However, due to the rapid change in the way of working in many companies(e.g. digital transformation, agile way of working, etc.) and besides utilizing cloud environments,that are providing almost everything as a service, it is needed to discover what challenges are stillthere and whether they are still experiencing the same challenges or new ones have emerged. Following a qualitative method and utilizing the Delphi technique with two rounds of interviews,the results show that although the technical and tool-specific concerns really matter, the mostsignificant challenges are due to the business architecture and the way of working.

Cybersecurity visualization

Security visualization

security dashboards

Delphi technique

Computer Systems

Datorsystem

Countering Expansion and Organization of Terrorism in Cyberspace

Ogunlana, Sunday Oludare

01 January 2018

Terrorists use cyberspace and social media technology to create fear and spread violent ideologies, which pose a significant threat to public security. Researchers have documented the importance of the application of law and regulation in dealing with the criminal activities perpetrated through the aid of computers in cyberspace. Using routine activity theory, this study assessed the effectiveness of technological approaches to mitigating the expansion and organization of terrorism in cyberspace. The study aligned with the purpose area analysis objective of classifying and assessing potential terrorist threats to preempt and mitigate the attacks. Data collection included document content analysis of the open-source documents, government threat assessments, legislation, policy papers, and peer-reviewed academic literature and semistructured interviews with fifteen security experts in Nigeria. Yin's recommended analysis process of iterative and repetitive review of materials was applied to the documents analysis, including interviews of key public and private sector individuals to identify key themes on Nigeria's current effort to secure the nation's cyberspace. The key findings were that the new generation of terrorists who are more technological savvy are growing, cybersecurity technologies are effective and quicker tools, and bilateral/multilateral cooperation is essential to combat the expansion of terrorism in cyberspace. The implementation of recommendations from this study will improve the security in cyberspace, thereby contributing to positive social change. The data provided may be useful to stakeholders responsible for national security, counterterrorism, law enforcement on the choice of cybersecurity technologies to confront terrorist expansion, and organization in cyberspace.

counterterrorism

cybersecurity

cyberspace

cyberterrorism

jihadist

Propaganda

Computer Sciences

Public Policy

Social and Behavioral Sciences

Conservation of Limited Resources: Design Principles for Security and Usability on Mobile Devices

Horcher, Ann-Marie

01 January 2018

Mobile devices have evolved from an accessory to the primary computing device for an increasing portion of the general population. Not only is mobile the primary device, consumers on average have multiple Internet-connected devices. The trend towards mobile has resulted in a shift to “mobile-first” strategies for delivering information and services in business organizations, universities, and government agencies. Though principles for good security design exist, those principles were formulated based upon the traditional workstation configuration instead of the mobile platform. Security design needs to follow the shift to a “mobile-first” emphasis to ensure the usability of the security interface. The mobile platform has constraints on resources that can adversely impact the usability of security. This research sought to identify design principles for usable security for mobile devices that address the constraints of the mobile platform. Security and usability have been seen as mutually exclusive. To accurately identify design principles, the relationship between principles for good security design and usability design must be understood. The constraints for the mobile environment must also be identified, and then evaluated for their impact on the interaction of a consumer with a security interface. To understand how the application of the proposed mobile security design principles is perceived by users, an artifact was built to instantiate the principles. Through a series of guided interactions, the importance of proposed design principles was measured in a simulation, in human-computer interaction, and in user perception. The measures showed a resounding difference between the usability of the same security design delivered on mobile vs. workstation platform. It also reveals that acknowledging the constraints of an environment and compensating for the constraints yields mobile security that is both usable and secure. Finally, the hidden cost of security design choices that distract the user from the surrounding environment were examined from both the security perspective and public safety perspective.

cybersecurity

design principles

location-based security

mobile devices

progressive security

usable security

Computer Sciences

Novel Alert Visualization: The Development of a Visual Analytics Prototype for Mitigation of Malicious Insider Cyber Threats

Clarke, Karla A.

01 January 2018

Cyber insider threat is one of the most difficult risks to mitigate in organizations. However, innovative validated visualizations for cyber analysts to better decipher and react to detected anomalies has not been reported in literature or in industry. Attacks caused by malicious insiders can cause millions of dollars in losses to an organization. Though there have been advances in Intrusion Detection Systems (IDSs) over the last three decades, traditional IDSs do not specialize in anomaly identification caused by insiders. There is also a profuse amount of data being presented to cyber analysts when deciphering big data and reacting to data breach incidents using complex information systems. Information visualization is pertinent to the identification and mitigation of malicious cyber insider threats. The main goal of this study was to develop and validate, using Subject Matter Experts (SME), an executive insider threat dashboard visualization prototype. Using the developed prototype, an experimental study was conducted, which aimed to assess the perceived effectiveness in enhancing the analysts’ interface when complex data correlations are presented to mitigate malicious insiders cyber threats. Dashboard-based visualization techniques could be used to give full visibility of network progress and problems in real-time, especially within complex and stressful environments. For instance, in an Emergency Room (ER), there are four main vital signs used for urgent patient triage. Cybersecurity vital signs can give cyber analysts clear focal points during high severity issues. Pilots must expeditiously reference the Heads Up Display (HUD), which presents only key indicators to make critical decisions during unwarranted deviations or an immediate threat. Current dashboard-based visualization techniques have yet to be fully validated within the field of cybersecurity. This study developed a visualization prototype based on SME input utilizing the Delphi method. SMEs validated the perceived effectiveness of several different types of the developed visualization dashboard. Quantitative analysis of SME’s perceived effectiveness via self-reported value and satisfaction data as well as qualitative analysis of feedback provided during the experiments using the prototype developed were performed. This study identified critical cyber visualization variables and identified visualization techniques. The identifications were then used to develop QUICK.v™ a prototype to be used when mitigating potentially malicious cyber insider threats. The perceived effectiveness of QUICK.v™ was then validated. Insights from this study can aid organizations in enhancing cybersecurity dashboard visualizations by depicting only critical cybersecurity vital signs.

Information technology cybersecurity

insider threat

Intrusion Detection

malicious insider

visualization

vital signs

Computer Sciences

Perceptions of Female Cybersecurity Professionals Toward Factors that Encourage Females to the Cybersecurity Field

Lingelbach, Kembley Kay

01 January 2018

Despite multiple national, educational, and industry initiatives, women continue to be underrepresented in the cybersecurity field. Only 11% of cybersecurity professionals, globally, are female. This contributes to the growing overall shortage of workers in the field. This research addressed the significant underrepresentation of females in the cybersecurity workforce. There are many practitioner and industry studies that suggest self-efficacy, discrimination and organizational culture play important roles in the low rate of women in the cybersecurity field. A limited number of scholarly studies identify causal factors; however, there is not a general consensus or framework to explain the problem thoroughly. Moreover, there exists a significant gap in theoretical framework utilizing qualitative methods to demystify the complex factors of engaging females to pursue the cybersecurity field. This study utilized a grounded theory approach to interview twelve female cybersecurity professionals to discover their perceptions of the cybersecurity field. The participants revealed strategies that could encourage females to pursue the cybersecurity field. Data analysis included a data coding process and a constant comparative method of interview transcripts. This study identified four factors of engagement and one unexpected co-factor that are perceived to have an impact on decisions to pursue the cybersecurity field. The four factors identified were awareness, support, intrinsic and extrinsic values. The interesting find of the cybersecurity mindset profile factor that is perceived to enhance the success of career trajectory warrants additional research to discover the impacts on decision to pursue the cybersecurity field. This findings of this research gives women a voice in recommending strategies to encourage other females to pursue the cybersecurity field. The findings also aid in demystifying the complexity of the factors by organizing and categorizing them in a logical sense in order to present a theoretical model to encourage females into the field of cybersecurity. Moreover, this study provides holistic insight to academicians and practitioners in developing future cybersecurity professionals. Additionally, it adds to the body of knowledge by answering the call for that additional qualitative approaches in methodology by bringing data richness and to generate new theoretical frameworks in cybersecurity research.

cybersecurity

engagement factors

gender

grounded theory

mindset factors

profile

Computer Engineering

Computer Sciences

Databases and Information Systems

Překonání patové situace: Vyhlídky na spolupráci mezi Ruskem a USA v oblasti kybrnetické bezpečnosti / Beyond the Impasse: Prospects for Joint Cooperation between Russia and the US in Cybersecurity

Myftari, Kledian

January 2021

Russia and the US have both articulated their willingness to develop a regime for counter cyberterrorism. Yet, to date, they have been unsuccessful in following through with this goal. Their failure to form such a regime can best be explained through the lens of social constructivism, and most specifically, through the concept of strategic culture, given that such an approach allows for the examination of ideological, historical, and cultural issues that have shaped the strategy choices of both countries. Russia and the US have successfully formed regimes with other countries in which issues of counter cyberterrorism come to play. Russia has entered into agreements with BRICS and with the Shanghai Cooperation Organization. The US has involved itself in cybersecurity regimes both with its NATO allies and with its Latin American and Caribbean allies. Russia and the US have furthermore entered into a number of agreements with each other, including the Anti-Ballistic Missile Treaty, the Intermediate- Range Nuclear Forces Treaty, and New-START. A strategic culture perspective, which focuses primarily on historical factors, such as a history of invasion or lack thereof, and the relations of both countries with their respective neighbors, reveals how the discourse of human rights and the freedoms of...

Unsupervised Interpretable Feature Extraction for Binary Executables using LIBCAISE

Greer, Jeremiah

21 October 2019

No description available.

Computer Science

Natural Language Processing

Cybersecurity

Program Analysis

Software

Assembly

Unsupervised