Information Security Commons^™

A Review Of Hybrid Cyber Threats Modelling And Detection Using Artificial Intelligence In Iiot, Yifan Liu, Shancang Li, Xinheng Wang, Li Xu

Information Technology & Decision Sciences Faculty Publications

The Industrial Internet of Things (IIoT) has brought numerous benefits, such as improved efficiency, smart analytics, and increased automation. However, it also exposes connected devices, users, applications, and data generated to cyber security threats that need to be addressed. This work investigates hybrid cyber threats (HCTs), which are now working on an entirely new level with the increasingly adopted IIoT. This work focuses on emerging methods to model, detect, and defend against hybrid cyber attacks using machine learning (ML) techniques. Specifically, a novel ML-based HCT modelling and analysis framework was proposed, in which regularisation and Random Forest …

Cyber-Aidd: A Novel Approach To Implementing Improved Cyber Security Resilience For Large Australian Healthcare Providers Using A Unified Modelling Language Ontology, Martin Dart, Mohiuddin Ahmed

Research outputs 2022 to 2026

Purpose: This paper proposes a novel cyber security risk governance framework and ontology for large Australian healthcare providers, using the structure and simplicity of the Unified Modelling Language (UML). This framework is intended to mitigate impacts from the risk areas of: (1) cyber-attacks, (2) incidents, (3) data breaches, and (4) data disclosures. Methods Using a mixed-methods approach comprised of empirical evidence discovery and phenomenological review, existing literature is sourced to confirm baseline ontological definitions. These are supplemented with Australian government reports, professional standards publications and legislation covering cyber security, data breach reporting and healthcare governance. Historical examples of healthcare cyber …

Evaluating Staff Attitudes, Intentions, And Behaviors Related To Cyber Security In Large Australian Health Care Environments: Mixed Methods Study, Martin Dart, Mohiuddin Ahmed

Research outputs 2022 to 2026

Background: Previous studies have identified that the effective management of cyber security in large health care environments is likely to be significantly impacted by human and social factors, as well as by technical controls. However, there have been limited attempts to confirm this by using measured and integrated studies to identify specific user motivations and behaviors that can be managed to achieve improved outcomes.

Objective: This study aims to document and analyze survey and interview data from a diverse range of health care staff members, to determine the primary motivations and behaviors that influence their acceptance and application of cyber …

Going Beyond: Cyber Security Curriculum In Western Australian Primary And Secondary Schools. Final Report, Nicola F. Johnson, Ahmed Ibrahim, Leslie Sikos, Marnie Mckee

Research outputs 2022 to 2026

There is no doubt cyber security is of national interest given the rife nature of cyber crime and the alarming increase of victims who have endured identify theft, fraud and scams. Curriculum within K-12 schools tends to be fixed and any modifications are subject to extensive consultation within a prolonged review cycle. Therefore, this report has gone beyond curriculum to explore the potential of national awareness campaigns and dynamic digital cyber security licences as alternative possibilities for instigation. The role of leaders in various school sectors and systems is critical for a successful roll out. This final report culminates from …

The Wacdt, A Modern Vigilance Task For Network Defense, Oliver A. Guidetti, Craig Speelman, Peter Bouhlas

Research outputs 2022 to 2026

Vigilance decrement refers to a psychophysiological decline in the capacity to sustain attention to monotonous tasks after prolonged periods. A plethora of experimental tasks exist for researchers to study vigilance decrement in classic domains such as driving and air traffic control and baggage security; however, the only cyber vigilance tasks reported in the research literature exist in the possession of the United States Air Force (USAF). Moreover, existent cyber vigilance tasks have not kept up with advances in real-world cyber security and consequently no longer accurately reflect the cognitive load associated with modern network defense. The Western Australian Cyber Defense …

Differentiate Metasploit Framework Attacks From Others, Gina Liu Ajero

Electronic Theses and Dissertations

Metasploit Framework is a very popular collection of penetration testing tools. From auxiliaries such as network scanners and mappers to exploits and payloads, Metasploit Framework offers a plethera of apparatuses to implement all the stages of a penetration test. There are two versions: both a free open-source community version and a commercial professional version called Metasploit Pro. The free version, Metasploit Framework, is heavily used by cyber crimininals to carry out illegal activities to gain unauthorized access to targets.

In this paper, I conduct experiments in a virtual environment to discover whether attacks originated from Metasploit Framework are marked with …

Effective Knowledge Graph Aggregation For Malware-Related Cybersecurity Text, Phillip Ryan Boudreau

Graduate Theses and Dissertations

With the rate at which malware spreads in the modern age, it is extremely important that cyber security analysts are able to extract relevant information pertaining to new and active threats in a timely and effective manner. Having to manually read through articles and blog posts on the internet is time consuming and usually involves sifting through much repeated information. Knowledge graphs, a structured representation of relationship information, are an effective way to visually condense information presented in large amounts of unstructured text for human readers. Thusly, they are useful for sifting through the abundance of cyber security information that …

Data Vu: Why Breaches Involve The Same Stories Again And Again, Woodrow Hartzog, Daniel Solove

Shorter Faculty Works

In the classic comedy Groundhog Day, protagonist Phil, played by Bill Murray, asks “What would you do if you were stuck in one place and every day was exactly the same, and nothing that you did mattered?” In this movie, Phil is stuck reliving the same day over and over, where the events repeat in a continual loop, and nothing he does can stop them. Phil’s predicament sounds a lot like our cruel cycle with data breaches.

Every year, organizations suffer more data spills and attacks, with personal information being exposed and abused at alarming rates. While Phil …

Healthcare 5.0 Security Framework: Applications, Issues And Future Research Directions, Mohammad Wazid, Ashok Kumar Das, Noor Mohd, Youngho Park

VMASC Publications

Healthcare 5.0 is a system that can be deployed to provide various healthcare services. It does these services by utilising a new generation of information technologies, such as Internet of Things (IoT), Artificial Intelligence (AI), Big data analytics, blockchain and cloud computing. Due to the introduction of healthcare 5.0, the paradigm has been now changed. It is disease-centered to patient-centered care where it provides healthcare services and supports to the people. However, there are several security issues and challenges in healthcare 5.0 which may cause the leakage or alteration of sensitive healthcare data. This demands that we need a robust …

Cyber Security Curriculum In Western Australian Primary And Secondary Schools: Interim Report: Curriculum Mapping, Nicola Johnson, Ahmed Ibrahim, Leslie Sikos, Cheryl Glowrey

Research outputs 2022 to 2026

Cyber-crime poses a significant threat to Australians—think of, for example, how scams take advantage of vulnerable people and systems. There is a need to educate people from an early age to protect them from cyberthreats.

Consistent with the increasing prevalence of cyberthreats to individuals and organisations in Australia, the national Australian curriculum has been updated (version 9.0) to include specific content for cyber security for primary and secondary students up to Year 10. Endorsed by Education Ministers in April 2022, the Western Australian School Curriculum and Standards Authority (SCSA) completed a detailed audit of the endorsed Australian Curriculum version 9.0 …

Don't Bite The Bait: Phishing Attack For Internet Banking (E-Banking), Ilker Kara

Journal of Digital Forensics, Security and Law

Phishing attacks are based on obtaining desired information from users quickly and easily with the help of misdirecting, panicking, curiosity, or excitement. Most of the phishing web sites are designed on internet banking(e-banking) and the attackers can acquire financial information of misled users with the tactics and discourses they develop. Despite the increase of prevention techniques against phishing attacks day by day, an effective solution could not be found for this issue due to the human factor. Because of this reason, real phishing attack studies are essential to study and analyze the attackers’ attack techniques and strategies. This study focused …

Digital Forensic Readiness Framework Based On Honeypot And Honeynet For Byod, Audrey Asante, Vincent Amankona

Journal of Digital Forensics, Security and Law

The utilization of the internet within organizations has surged over the past decade. Though, it has numerous benefits, the internet also comes with its own challenges such as intrusions and threats. Bring Your Own Device (BYOD) as a growing trend among organizations allow employees to connect their portable devices such as smart phones, tablets, laptops, to the organization’s network to perform organizational duties. It has gained popularity over the years because of its flexibility and cost effectiveness. This adoption of BYOD has exposed organizations to security risks and demands proactive measures to mitigate such incidents. In this study, we propose …

Real-Time Monitoring As A Supplementary Security Component Of Vigilantism In Modern Network Environments, Victor R. Kebande, Nickson M. Karie, Richard A. Ikuesan

Research outputs 2014 to 2021

© 2020, The Author(s). The phenomenon of network vigilantism is autonomously attributed to how anomalies and obscure activities from adversaries can be tracked in real-time. Needless to say, in today’s dynamic, virtualized, and complex network environments, it has become undeniably necessary for network administrators, analysts as well as engineers to practice network vigilantism, on traffic as well as other network events in real-time. The reason is to understand the exact security posture of an organization’s network environment at any given time. This is driven by the fact that modern network environments do, not only present new opportunities to organizations but …

Federated Deep Learning For Cyber Security In The Internet Of Things: Concepts, Applications, And Experimental Analysis, Mohamed Amine Ferrag, Othmane Friha, Leandros Maglaras, Helge Janicke, Lei Shu

Research outputs 2014 to 2021

In this article, we present a comprehensive study with an experimental analysis of federated deep learning approaches for cyber security in the Internet of Things (IoT) applications. Specifically, we first provide a review of the federated learning-based security and privacy systems for several types of IoT applications, including, Industrial IoT, Edge Computing, Internet of Drones, Internet of Healthcare Things, Internet of Vehicles, etc. Second, the use of federated learning with blockchain and malware/intrusion detection systems for IoT applications is discussed. Then, we review the vulnerabilities in federated learning-based security and privacy systems. Finally, we provide an experimental analysis of federated …

Cyber Security’S Influence On Modern Society, Nicholas Vallarelli

Honors College Theses

The world of cyber security is evolving every day, and cyber-criminals are trying to take advantage of it to gain as much money and power as possible. As the Internet continues to grow, more people around the world join the Internet. The purpose of this is to see how much of an importance cyber security has and how cyber-criminals are able to utilize the cyberworld for their own personal gain. Research has been done on how the cyberworld got where it is today. Additionally, individual research has been done in an effort to learn how to hack. A hack lab …

Honeyhive - A Network Intrusion Detection System Framework Utilizing Distributed Internet Of Things Honeypot Sensors, Zachary D. Madison

Theses and Dissertations

Exploding over the past decade, the number of Internet of Things (IoT) devices connected to the Internet jumped from 3.8 billion in 2015 to 17.8 billion in 2018. Because so many IoT devices remain upatched, unmonitored, and left on, they have become a tantalizing target for attackers to gain network access or add another device to their botnet. HoneyHive is a framework that uses distributed IoT honeypots as Network Intrusion Detection Systems (NIDS) sensors that beacon back to a centralized Command and Control (C2) server. The tests in this experiment involve four types of scans and four levels of active …

A Virtual Machine Introspection Based Multi-Service, Multi-Architecture, High-Interaction Honeypot For Iot Devices, Cory A. Nance

Masters Theses & Doctoral Dissertations

Internet of Things (IoT) devices are quickly growing in adoption. The use case for IoT devices runs the gamut from household applications (such as toasters, lighting, and thermostats) to medical, battlefield, or Industrial Control System (ICS) applications used in life or death situations. A disturbing trend is that for IoT devices is that they are not developed with security in mind. This lack of security has led to the creation of massive botnets that conduct nefarious acts. A clear understanding of the threat landscape IoT devices face is needed to address these security issues. One technique used to understand threats …

Network Traffic Analysis Framework For Cyber Threat Detection, Meshesha K. Cherie

Masters Theses & Doctoral Dissertations

The growing sophistication of attacks and newly emerging cyber threats requires advanced cyber threat detection systems. Although there are several cyber threat detection tools in use, cyber threats and data breaches continue to rise. This research is intended to improve the cyber threat detection approach by developing a cyber threat detection framework using two complementary technologies, search engine and machine learning, combining artificial intelligence and classical technologies.

In this design science research, several artifacts such as a custom search engine library, a machine learning-based engine and different algorithms have been developed to build a new cyber threat detection framework based …

A Novel Intrusion Detection System Against Spoofing Attacks In Connected Electric Vehicles, Dimitrios Kosmanos, Apostolos Pappas, Leandros Maglaras, Sotiris Moschoyinnais, Francisco J. Aparicio-Navarro, Antonios Argyriou, Helge Janicke

Research outputs 2014 to 2021

The Electric Vehicles (EVs) market has seen rapid growth recently despite the anxiety about driving range. Recent proposals have explored charging EVs on the move, using dynamic wireless charging that enables power exchange between the vehicle and the grid while the vehicle is moving. Specifically, part of the literature focuses on the intelligent routing of EVs in need of charging. Inter-Vehicle communications (IVC) play an integral role in intelligent routing of EVs around a static charging station or dynamic charging on the road network. However, IVC is vulnerable to a variety of cyber attacks such as spoofing. In this paper, …

A Holistic Review Of Cybersecurity And Reliability Perspectives In Smart Airports, Nickolaos Koroniotis, Nour Moustafa, Francesco Schiliro, Praveen Gauravaram, Helge Janicke

Research outputs 2014 to 2021

Advances in the Internet of Things (IoT) and aviation sector have resulted in the emergence of smart airports. Services and systems powered by the IoT enable smart airports to have enhanced robustness, efficiency and control, governed by real-time monitoring and analytics. Smart sensors control the environmental conditions inside the airport, automate passenger-related actions and support airport security. However, these augmentations and automation introduce security threats to network systems of smart airports. Cyber-attackers demonstrated the susceptibility of IoT systems and networks to Advanced Persistent Threats (APT), due to hardware constraints, software flaws or IoT misconfigurations. With the increasing complexity of attacks, …

How Location-Aware Access Control Affects User Privacy And Security In Cloud Computing Systems, Wen Zeng, Reem Bashir, Trevor Wood, Francois Siewe, Helge Janicke, Isabel Wagner

Research outputs 2014 to 2021

The use of cloud computing (CC) is rapidly increasing due to the demand for internet services and communications. The large number of services and data stored in the cloud creates security risks due to the dynamic movement of data, connected devices and users between various cloud environments. In this study, we will develop an innovative prototype for location-aware access control and data privacy for CC systems. We will apply location-aware access control policies to role-based access control of Cloud Foundry, and then analyze the impact on user privacy after implementing these policies. This innovation can be used to address the …

Iot-Mqtt Based Denial Of Service Attack Modelling And Detection, Naeem Firdous Syed

Theses: Doctorates and Masters

Internet of Things (IoT) is poised to transform the quality of life and provide new business opportunities with its wide range of applications. However, the bene_ts of this emerging paradigm are coupled with serious cyber security issues. The lack of strong cyber security measures in protecting IoT systems can result in cyber attacks targeting all the layers of IoT architecture which includes the IoT devices, the IoT communication protocols and the services accessing the IoT data. Various IoT malware such as Mirai, BASHLITE and BrickBot show an already rising IoT device based attacks as well as the usage of infected …

Formally Designing And Implementing Cyber Security Mechanisms In Industrial Control Networks., Mehdi Sabraoui

Electronic Theses and Dissertations

This dissertation describes progress in the state-of-the-art for developing and deploying formally verified cyber security devices in industrial control networks. It begins by detailing the unique struggles that are faced in industrial control networks and why concepts and technologies developed for securing traditional networks might not be appropriate. It uses these unique struggles and examples of contemporary cyber-attacks targeting control systems to argue that progress in securing control systems is best met with formal verification of systems, their specifications, and their security properties. This dissertation then presents a development process and identifies two technologies, TLA+ and seL4, that can be …

Cyber Security Awareness Among College Students, Abbas Moallem

Faculty Publications

This study reports the early results of a study aimed to investigate student awareness and attitudes toward cyber security and the resulting risks in the most advanced technology environment: the Silicon Valley in California, USA. The composition of students in Silicon Valley is very ethnically diverse. The objective was to see how much the students in such a tech-savvy environment are aware of cyber-attacks and how they protect themselves against them. The early statistical analysis suggested that college students, despite their belief that they are observed when using the Internet and that their data is not secure even on university …

Comparative Study Of Deep Learning Models For Network Intrusion Detection, Brian Lee, Sandhya Amaresh, Clifford Green, Daniel Engels

SMU Data Science Review

In this paper, we present a comparative evaluation of deep learning approaches to network intrusion detection. A Network Intrusion Detection System (NIDS) is a critical component of every Internet connected system due to likely attacks from both external and internal sources. A NIDS is used to detect network born attacks such as Denial of Service (DoS) attacks, malware replication, and intruders that are operating within the system. Multiple deep learning approaches have been proposed for intrusion detection systems. We evaluate three models, a vanilla deep neural net (DNN), self-taught learning (STL) approach, and Recurrent Neural Network (RNN) based Long Short …

A Security Review Of Local Government Using Nist Csf: A Case Study, Ahmed Ibrahim, Craig Valli, Ian Mcateer, Junaid Chaudhry

Research outputs 2014 to 2021

Evaluating cyber security risk is a challenging task regardless of an organisation’s nature of business or size, however, an essential activity. This paper uses the National Institute of Standards and Technology (NIST) cyber security framework (CSF) to assess the cyber security posture of a local government organisation in Western Australia. Our approach enabled the quantification of risks for specific NIST CSF core functions and respective categories and allowed making recommendations to address the gaps discovered to attain the desired level of compliance. This has led the organisation to strategically target areas related to their people, processes, and technologies, thus mitigating …

Cyber Security And Criminal Justice Programs In The United States: Exploring The Intersections, Brian K. Payne, Lora Hadzhidimova

Sociology & Criminal Justice Faculty Publications

The study of cyber security is an interdisciplinary pursuit that includes STEM disciplines as well as the social sciences. While research on cyber security appears to be central in STEM disciplines, it is not yet clear how central cyber security and cyber crime is to criminal justice scholarship. In order to examine the connections between cyber security and criminal justice, in this study attention is given to the way that criminal justice scholars have embraced cyber crime research and coursework. Results show that while there are a number of cyber crime courses included in criminal justice majors there are not …

Public Security & Digital Forensics In The United States: The Continued Need For Expanded Digital Systems For Security, Deborah G. Keeling, Michael Losavio

Journal of Digital Forensics, Security and Law

Digital Forensics is one of the latest challenges for the use of forensics in the investigative process in the United States. Some of the challenges are created by conditions and circumstances present for law enforcement around the world. However, many are unique to the United States and created by the standards of evidence within our courts, nature of our law enforcement organizations, and structure of our judicial and prosecutorial systems. It is essential for the preservation of public security and individual safety that competent systems of digital forensics are developed for law enforcement at all levels. The failure to do …

A Power Grid Incident Identification Based On Physically Derived Cyber-Event Detection, Travis Atkison, Nathan Wallace

Journal of Digital Forensics, Security and Law

This article proposes a cyber-event detection framework to aid in incident Identification and digital forensics cases aimed at investigating cyber crime committed against the critical infrastructure power grid. However, unlike other similar investigative techniques, the proposed approach examines only the physical information to derive a cyber conclusion. The developed framework extracts information from the physical parameters stored in historical databases of SCADA systems. The framework uses a pseudo-trusted model derived from randomly selected power system observations found in the historical databases. Afterwards, a technique known as Bayesian Model Averaging is used to average the models and create a more trusted …

Cyber Security For Everyone: An Introductory Course For Non-Technical Majors, Marc J. Dupuis

Journal of Cybersecurity Education, Research and Practice

In this paper, we describe the need for and development of an introductory cyber security course. The course was designed for non-technical majors with the goal of increasing cyber security hygiene for an important segment of the population—college undergraduates. While the need for degree programs that focus on educating and training individuals for occupations in the ever-growing cyber security field is critically important, the need for improved cyber security hygiene from the average everyday person is of equal importance. This paper discusses the approach used, curriculum developed, results from two runs of the course, and frames the overall structure of …