Digital Commons Network^™

Matrix Profile Data Mining For Bgp Anomaly Detection, Ben A. Scott, Michael N. Johnstone, Patryk Szewczyk, Steven Richardson

Research outputs 2022 to 2026

The Border Gateway Protocol (BGP), acting as the communication protocol that binds the Internet, remains vulnerable despite Internet security advancements. This is not surprising, as the Internet was not designed to be resilient to cyber-attacks, therefore the detection of anomalous activity was not of prime importance to the Internet creators. Detection of BGP anomalies can potentially provide network operators with an early warning system to focus on protecting networks, systems, and infrastructure from significant impact, improve security posture and resilience, while ultimately contributing to a secure global Internet environment. In this paper, we present a novel technique for the detection …

A Review Of Hybrid Cyber Threats Modelling And Detection Using Artificial Intelligence In Iiot, Yifan Liu, Shancang Li, Xinheng Wang, Li Xu

Information Technology & Decision Sciences Faculty Publications

The Industrial Internet of Things (IIoT) has brought numerous benefits, such as improved efficiency, smart analytics, and increased automation. However, it also exposes connected devices, users, applications, and data generated to cyber security threats that need to be addressed. This work investigates hybrid cyber threats (HCTs), which are now working on an entirely new level with the increasingly adopted IIoT. This work focuses on emerging methods to model, detect, and defend against hybrid cyber attacks using machine learning (ML) techniques. Specifically, a novel ML-based HCT modelling and analysis framework was proposed, in which regularisation and Random Forest …

Survey: An Overview Of Lightweight Rfid Authentication Protocols Suitable For The Maritime Internet Of Things, Glen Mudra, Hui Cui, Michael N. Johnstone

Research outputs 2022 to 2026

The maritime sector employs the Internet of Things (IoT) to exploit many of its benefits to maintain a competitive advantage and keep up with the growing demands of the global economy. The maritime IoT (MIoT) not only inherits similar security threats as the general IoT, it also faces cyber threats that do not exist in the traditional IoT due to factors such as the support for long-distance communication and low-bandwidth connectivity. Therefore, the MIoT presents a significant concern for the sustainability and security of the maritime industry, as a successful cyber attack can be detrimental to national security and have …

Distributed Reconnaissance Deception Using Software-Defined Networking In A Dynamic Network Environment, Richard Hunter Feustel

Theses and Dissertations

This research outlines the design and implementation of a DRDS, which is a RDS distributed across multiple controllers that is capable of deploying reconnaissance deception across multiple switches to mitigate network enumeration by a compromised host. This research outlines the design and development of the DRDS as well as tests its functional abilities and routing performance when compared to a two other network routing solutions: a legacy network solution and centralized ONOS controller scheme deploying layer 2 forwarding. The functional tests proved the system can properly route traffic across 100% of the tested scenarios carrying traffic that includes IP, ARP, …

Application Of Big Data Technology, Text Classification, And Azure Machine Learning For Financial Risk Management Using Data Science Methodology, Oluwaseyi A. Ijogun

Electronic Theses and Dissertations

Data science plays a crucial role in enabling organizations to optimize data-driven opportunities within financial risk management. It involves identifying, assessing, and mitigating risks, ultimately safeguarding investments, reducing uncertainty, ensuring regulatory compliance, enhancing decision-making, and fostering long-term sustainability. This thesis explores three facets of Data Science projects: enhancing customer understanding, fraud prevention, and predictive analysis, with the goal of improving existing tools and enabling more informed decision-making. The first project examined leveraged big data technologies, such as Hadoop and Spark, to enhance financial risk management by accurately predicting loan defaulters and their repayment likelihood. In the second project, we investigated …

Cyber-Aidd: A Novel Approach To Implementing Improved Cyber Security Resilience For Large Australian Healthcare Providers Using A Unified Modelling Language Ontology, Martin Dart, Mohiuddin Ahmed

Research outputs 2022 to 2026

Purpose: This paper proposes a novel cyber security risk governance framework and ontology for large Australian healthcare providers, using the structure and simplicity of the Unified Modelling Language (UML). This framework is intended to mitigate impacts from the risk areas of: (1) cyber-attacks, (2) incidents, (3) data breaches, and (4) data disclosures. Methods Using a mixed-methods approach comprised of empirical evidence discovery and phenomenological review, existing literature is sourced to confirm baseline ontological definitions. These are supplemented with Australian government reports, professional standards publications and legislation covering cyber security, data breach reporting and healthcare governance. Historical examples of healthcare cyber …

Evaluating Staff Attitudes, Intentions, And Behaviors Related To Cyber Security In Large Australian Health Care Environments: Mixed Methods Study, Martin Dart, Mohiuddin Ahmed

Research outputs 2022 to 2026

Background: Previous studies have identified that the effective management of cyber security in large health care environments is likely to be significantly impacted by human and social factors, as well as by technical controls. However, there have been limited attempts to confirm this by using measured and integrated studies to identify specific user motivations and behaviors that can be managed to achieve improved outcomes.

Objective: This study aims to document and analyze survey and interview data from a diverse range of health care staff members, to determine the primary motivations and behaviors that influence their acceptance and application of cyber …

Going Beyond: Cyber Security Curriculum In Western Australian Primary And Secondary Schools. Final Report, Nicola F. Johnson, Ahmed Ibrahim, Leslie Sikos, Marnie Mckee

Research outputs 2022 to 2026

There is no doubt cyber security is of national interest given the rife nature of cyber crime and the alarming increase of victims who have endured identify theft, fraud and scams. Curriculum within K-12 schools tends to be fixed and any modifications are subject to extensive consultation within a prolonged review cycle. Therefore, this report has gone beyond curriculum to explore the potential of national awareness campaigns and dynamic digital cyber security licences as alternative possibilities for instigation. The role of leaders in various school sectors and systems is critical for a successful roll out. This final report culminates from …

The Wacdt, A Modern Vigilance Task For Network Defense, Oliver A. Guidetti, Craig Speelman, Peter Bouhlas

Research outputs 2022 to 2026

Vigilance decrement refers to a psychophysiological decline in the capacity to sustain attention to monotonous tasks after prolonged periods. A plethora of experimental tasks exist for researchers to study vigilance decrement in classic domains such as driving and air traffic control and baggage security; however, the only cyber vigilance tasks reported in the research literature exist in the possession of the United States Air Force (USAF). Moreover, existent cyber vigilance tasks have not kept up with advances in real-world cyber security and consequently no longer accurately reflect the cognitive load associated with modern network defense. The Western Australian Cyber Defense …

Applications Of Transfer Learning From Malicious To Vulnerable Binaries, Sean Patrick Mcnulty

Graduate Student Theses, Dissertations, & Professional Papers

Malware detection and vulnerability detection are important cybersecurity tasks. Previous research has successfully applied a variety of machine learning methods to both. However, despite their potential synergies, previous research has yet to unite these two tasks. Given the recent success of transfer learning in many domains, such as language modeling and image recognition, this thesis investigated the use of transfer learning to improve vulnerability detection. Specifically, we pre-trained a series of models to detect malicious binaries and used the weights from those models to kickstart the detection of vulnerable binaries. In our study, we also investigated five different data representations …

Differentiate Metasploit Framework Attacks From Others, Gina Liu Ajero

Electronic Theses and Dissertations

Metasploit Framework is a very popular collection of penetration testing tools. From auxiliaries such as network scanners and mappers to exploits and payloads, Metasploit Framework offers a plethera of apparatuses to implement all the stages of a penetration test. There are two versions: both a free open-source community version and a commercial professional version called Metasploit Pro. The free version, Metasploit Framework, is heavily used by cyber crimininals to carry out illegal activities to gain unauthorized access to targets.

In this paper, I conduct experiments in a virtual environment to discover whether attacks originated from Metasploit Framework are marked with …

Application Of Machine Learning And Cyber Security In Smart Grid, Soham Dutta Dr.

Technical Collection

Unplanned islanding of microgrids is a major hindrance in providing continuous power supply to the critical loads. The detection of these islanding instants needs to be very fast so that the distributed generators (DG) are able to take control actions in minimum time. Due to high quality data at a rapid rate, micro phasor measurement unit (μ-PMU) are becoming widely popular in distribution system and micro grids. These μ-PMUs can be leveraged for island detection. However, the working of μ-PMU is hugely dependent on communication network for data transmission which is prone to cyber-attacks. In view of the above facts, …

Effective Knowledge Graph Aggregation For Malware-Related Cybersecurity Text, Phillip Ryan Boudreau

Graduate Theses and Dissertations

With the rate at which malware spreads in the modern age, it is extremely important that cyber security analysts are able to extract relevant information pertaining to new and active threats in a timely and effective manner. Having to manually read through articles and blog posts on the internet is time consuming and usually involves sifting through much repeated information. Knowledge graphs, a structured representation of relationship information, are an effective way to visually condense information presented in large amounts of unstructured text for human readers. Thusly, they are useful for sifting through the abundance of cyber security information that …

Code Cyber: A Curated Collection Of Cybersecurity Career Learning And Preparation Resources, Kazi Tasin, Ethan Pruzhansky, Jason Lin, Tanvir Rahman, Patrick J. Slattery

Publications and Research

Since we are living in a digital age, the need to protect ourselves and those who are vulnerable to cyber-attacks is paramount to prevent cyber attacks that steal information such as banking accounts and important sensitive information.

Our research team extensively investigated the five aspects of cybersecurity such as identity, protection, detection, and response. By conducting various interviews with cybersecurity professionals, we gathered information about these five aspects for example security intelligence or security operations and response, (thread hunting, response orchestration) identity access management, (identity management, and data protection), and risks (risk perspective). Our main goal is to look into …

Data Vu: Why Breaches Involve The Same Stories Again And Again, Woodrow Hartzog, Daniel Solove

Shorter Faculty Works

In the classic comedy Groundhog Day, protagonist Phil, played by Bill Murray, asks “What would you do if you were stuck in one place and every day was exactly the same, and nothing that you did mattered?” In this movie, Phil is stuck reliving the same day over and over, where the events repeat in a continual loop, and nothing he does can stop them. Phil’s predicament sounds a lot like our cruel cycle with data breaches.

Every year, organizations suffer more data spills and attacks, with personal information being exposed and abused at alarming rates. While Phil …

Healthcare 5.0 Security Framework: Applications, Issues And Future Research Directions, Mohammad Wazid, Ashok Kumar Das, Noor Mohd, Youngho Park

VMASC Publications

Healthcare 5.0 is a system that can be deployed to provide various healthcare services. It does these services by utilising a new generation of information technologies, such as Internet of Things (IoT), Artificial Intelligence (AI), Big data analytics, blockchain and cloud computing. Due to the introduction of healthcare 5.0, the paradigm has been now changed. It is disease-centered to patient-centered care where it provides healthcare services and supports to the people. However, there are several security issues and challenges in healthcare 5.0 which may cause the leakage or alteration of sensitive healthcare data. This demands that we need a robust …

Cyber Security Curriculum In Western Australian Primary And Secondary Schools: Interim Report: Curriculum Mapping, Nicola Johnson, Ahmed Ibrahim, Leslie Sikos, Cheryl Glowrey

Research outputs 2022 to 2026

Cyber-crime poses a significant threat to Australians—think of, for example, how scams take advantage of vulnerable people and systems. There is a need to educate people from an early age to protect them from cyberthreats.

Consistent with the increasing prevalence of cyberthreats to individuals and organisations in Australia, the national Australian curriculum has been updated (version 9.0) to include specific content for cyber security for primary and secondary students up to Year 10. Endorsed by Education Ministers in April 2022, the Western Australian School Curriculum and Standards Authority (SCSA) completed a detailed audit of the endorsed Australian Curriculum version 9.0 …

Don't Bite The Bait: Phishing Attack For Internet Banking (E-Banking), Ilker Kara

Journal of Digital Forensics, Security and Law

Phishing attacks are based on obtaining desired information from users quickly and easily with the help of misdirecting, panicking, curiosity, or excitement. Most of the phishing web sites are designed on internet banking(e-banking) and the attackers can acquire financial information of misled users with the tactics and discourses they develop. Despite the increase of prevention techniques against phishing attacks day by day, an effective solution could not be found for this issue due to the human factor. Because of this reason, real phishing attack studies are essential to study and analyze the attackers’ attack techniques and strategies. This study focused …

Transferability Of Intrusion Detection Systems Using Machine Learning Between Networks, William Peter Mati

Electronic Theses and Dissertations

Intrusion detection systems (IDS) using machine learning is a next generation tool to strengthen the cyber security of networks. Such systems possess the potential to detect zero-day attacks, attacks that are unknown to researchers and are occurring for the first time in history. This thesis tackles novel ideas in this research domain and solves foreseeable issues of a practical deployment of such tool.

The main issue addressed in this thesis are situations where an entity intends to implement an IDS using machine learning onto their network, but do not have attack data available from their own network to train the …

Digital Forensic Readiness Framework Based On Honeypot And Honeynet For Byod, Audrey Asante, Vincent Amankona

Journal of Digital Forensics, Security and Law

The utilization of the internet within organizations has surged over the past decade. Though, it has numerous benefits, the internet also comes with its own challenges such as intrusions and threats. Bring Your Own Device (BYOD) as a growing trend among organizations allow employees to connect their portable devices such as smart phones, tablets, laptops, to the organization’s network to perform organizational duties. It has gained popularity over the years because of its flexibility and cost effectiveness. This adoption of BYOD has exposed organizations to security risks and demands proactive measures to mitigate such incidents. In this study, we propose …

Real-Time Monitoring As A Supplementary Security Component Of Vigilantism In Modern Network Environments, Victor R. Kebande, Nickson M. Karie, Richard A. Ikuesan

Research outputs 2014 to 2021

© 2020, The Author(s). The phenomenon of network vigilantism is autonomously attributed to how anomalies and obscure activities from adversaries can be tracked in real-time. Needless to say, in today’s dynamic, virtualized, and complex network environments, it has become undeniably necessary for network administrators, analysts as well as engineers to practice network vigilantism, on traffic as well as other network events in real-time. The reason is to understand the exact security posture of an organization’s network environment at any given time. This is driven by the fact that modern network environments do, not only present new opportunities to organizations but …

A New Classification Method For Encrypted Internet Traffic Using Machine Learning, Mesut Uğurlu, İbrahi̇m Alper Doğru, Recep Si̇nan Arslan

Turkish Journal of Electrical Engineering and Computer Sciences

The rate of internet usage in the world is over 62% and this rate is increasing day by day. With this increase, it becomes important to ensure the confidentiality of the information in the traffic flowing over the internet. Encryption algorithms and protocols are used for this purpose. This situation, which is beneficial for normal users, is also used by attackers to hide. Cyber attackers or hackers gain the ability to bypass security precautions such as IDS/IPS and antivirus systems with using encrypted traffic. Since payload analysis cannot be performed without deciphering the encrypted traffic, existing commercial security solutions fall …

Federated Deep Learning For Cyber Security In The Internet Of Things: Concepts, Applications, And Experimental Analysis, Mohamed Amine Ferrag, Othmane Friha, Leandros Maglaras, Helge Janicke, Lei Shu

Research outputs 2014 to 2021

In this article, we present a comprehensive study with an experimental analysis of federated deep learning approaches for cyber security in the Internet of Things (IoT) applications. Specifically, we first provide a review of the federated learning-based security and privacy systems for several types of IoT applications, including, Industrial IoT, Edge Computing, Internet of Drones, Internet of Healthcare Things, Internet of Vehicles, etc. Second, the use of federated learning with blockchain and malware/intrusion detection systems for IoT applications is discussed. Then, we review the vulnerabilities in federated learning-based security and privacy systems. Finally, we provide an experimental analysis of federated …

Evaluating The Impact Of Sandbox Applications On Live Digital Forensics Investigation, Reem Bashir, Helge Janicke, Wen Zeng

Research outputs 2014 to 2021

Sandbox applications can be used as anti-forensics techniques to hide important evidence in the digital forensics investigation. There is limited research on sandboxing technologies, and the existing researches on sandboxing are focusing on the technology itself. The impact of sandbox applications on live digital forensics investigation has not been systematically analysed and documented. In this study, we proposed a methodology to analyse sandbox applications on Windows systems. The impact of having standalone sandbox applications on Windows operating systems image was evaluated. Experiments were conducted to examine the artefacts of three sandbox applications: Sandboxie, BufferZone and ToolWiz Time Freeze on Windows …

Detecting Hacker Threats: Performance Of Word And Sentence Embedding Models In Identifying Hacker Communications, Susan Mckeever, Brian Keegan, Andrei Quieroz

Conference papers

Abstract—Cyber security is striving to find new forms of protection against hacker attacks. An emerging approach nowadays is the investigation of security-related messages exchanged on deep/dark web and even surface web channels. This approach can be supported by the use of supervised machine learning models and text mining techniques. In our work, we compare a variety of machine learning algorithms, text representations and dimension reduction approaches for the detection accuracies of software-vulnerability-related communications. Given the imbalanced nature of the three public datasets used, we investigate appropriate sampling approaches to boost detection accuracies of our models. In addition, we examine how …

The K-Means Algorithm: A Comprehensive Survey And Performance Evaluation, Mohiuddin Ahmed, Raihan Seraj, Syed Mohammed Shamsul Islam

Research outputs 2014 to 2021

© 2020 by the authors. Licensee MDPI, Basel, Switzerland. The k-means clustering algorithm is considered one of the most powerful and popular data mining algorithms in the research community. However, despite its popularity, the algorithm has certain limitations, including problems associated with random initialization of the centroids which leads to unexpected convergence. Additionally, such a clustering algorithm requires the number of clusters to be defined beforehand, which is responsible for different cluster shapes and outlier effects. A fundamental problem of the k-means algorithm is its inability to handle various data types. This paper provides a structured and synoptic overview of …

Cyber Security’S Influence On Modern Society, Nicholas Vallarelli

Honors College Theses

The world of cyber security is evolving every day, and cyber-criminals are trying to take advantage of it to gain as much money and power as possible. As the Internet continues to grow, more people around the world join the Internet. The purpose of this is to see how much of an importance cyber security has and how cyber-criminals are able to utilize the cyberworld for their own personal gain. Research has been done on how the cyberworld got where it is today. Additionally, individual research has been done in an effort to learn how to hack. A hack lab …

Dependable And Scalable Public Ledger For Policy Compliance, A Blockchain Based Approach, Zhou Wu

Dissertations (1934 -)

Policies and regulations, such as the European Union General Data Protection Regulation (EU GDPR), have been enforced to protect personal data from abuse during storage and processing. We design and implement a prototype scheme that could 1) provide a public ledger of policy compliance to help the public make informative decisions when choosing data services; 2) provide support to the organizations for identifying violations and improve their ability of compliance. Honest organizations could then benefit from their positive records on the public ledger. To address the scalability problem inherent in the Blockchain-based systems, we develop algorithms and leverage state channels …

Honeyhive - A Network Intrusion Detection System Framework Utilizing Distributed Internet Of Things Honeypot Sensors, Zachary D. Madison

Theses and Dissertations

Exploding over the past decade, the number of Internet of Things (IoT) devices connected to the Internet jumped from 3.8 billion in 2015 to 17.8 billion in 2018. Because so many IoT devices remain upatched, unmonitored, and left on, they have become a tantalizing target for attackers to gain network access or add another device to their botnet. HoneyHive is a framework that uses distributed IoT honeypots as Network Intrusion Detection Systems (NIDS) sensors that beacon back to a centralized Command and Control (C2) server. The tests in this experiment involve four types of scans and four levels of active …

A Virtual Machine Introspection Based Multi-Service, Multi-Architecture, High-Interaction Honeypot For Iot Devices, Cory A. Nance

Masters Theses & Doctoral Dissertations

Internet of Things (IoT) devices are quickly growing in adoption. The use case for IoT devices runs the gamut from household applications (such as toasters, lighting, and thermostats) to medical, battlefield, or Industrial Control System (ICS) applications used in life or death situations. A disturbing trend is that for IoT devices is that they are not developed with security in mind. This lack of security has led to the creation of massive botnets that conduct nefarious acts. A clear understanding of the threat landscape IoT devices face is needed to address these security issues. One technique used to understand threats …