1
|
Illiashenko O, Kharchenko V, Babeshko I, Fesenko H, Di Giandomenico F. Security-Informed Safety Analysis of Autonomous Transport Systems Considering AI-Powered Cyberattacks and Protection. ENTROPY (BASEL, SWITZERLAND) 2023; 25:1123. [PMID: 37628153 PMCID: PMC10453859 DOI: 10.3390/e25081123] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [Grants] [Track Full Text] [Subscribe] [Scholar Register] [Received: 06/04/2023] [Revised: 07/24/2023] [Accepted: 07/25/2023] [Indexed: 08/27/2023]
Abstract
The entropy-oriented approach called security- or cybersecurity-informed safety (SIS or CSIS, respectively) is discussed and developed in order to analyse and evaluate the safety and dependability of autonomous transport systems (ATSs) such as unmanned aerial vehicles (UAVs), unmanned maritime vehicles (UMVs), and satellites. This approach allows for extending and integrating the known techniques FMECA (Failure Modes, Effects, and Criticality Analysis) and IMECA (Intrusion MECA), as well as developing the new SISMECA (SIS-based Intrusion Modes, Effects, and Criticality Analysis) technique. The ontology model and templates for SISMECA implementation are suggested. The methodology of safety assessment is based on (i) the application and enhancement of SISMECA considering the particularities of various ATSs and roles of actors (regulators, developers, operators, customers); (ii) the development of a set of scenarios describing the operation of ATS in conditions of cyberattacks and physical influences; (iii) AI contribution to system protection for the analysed domains; (iv) scenario-based development and analysis of user stories related to different cyber-attacks, as well as ways to protect ATSs from them via AI means/platforms; (v) profiling of AI platform requirements by use of characteristics based on AI quality model, risk-based assessment of cyberattack criticality, and efficiency of countermeasures which actors can implement. Examples of the application of SISMECA assessment are presented and discussed.
Collapse
Affiliation(s)
- Oleg Illiashenko
- Department of Computer Systems, Networks and Cybersecurity, National Aerospace University “KhAI”, 17, Chkalov Str., 61070 Kharkiv, Ukraine (V.K.); (H.F.)
- Software Engineering & Dependable Computing Lab, Istituto di Scienza e Tecnologie dell’Informazione “Alessandro Faedo”, Area della Ricerca CNR di Pisa, Via G. Moruzzi 1, 56124 Pisa, Italy;
| | - Vyacheslav Kharchenko
- Department of Computer Systems, Networks and Cybersecurity, National Aerospace University “KhAI”, 17, Chkalov Str., 61070 Kharkiv, Ukraine (V.K.); (H.F.)
| | - Ievgen Babeshko
- Department of Computer Systems, Networks and Cybersecurity, National Aerospace University “KhAI”, 17, Chkalov Str., 61070 Kharkiv, Ukraine (V.K.); (H.F.)
- Software Engineering & Dependable Computing Lab, Istituto di Scienza e Tecnologie dell’Informazione “Alessandro Faedo”, Area della Ricerca CNR di Pisa, Via G. Moruzzi 1, 56124 Pisa, Italy;
| | - Herman Fesenko
- Department of Computer Systems, Networks and Cybersecurity, National Aerospace University “KhAI”, 17, Chkalov Str., 61070 Kharkiv, Ukraine (V.K.); (H.F.)
| | - Felicita Di Giandomenico
- Software Engineering & Dependable Computing Lab, Istituto di Scienza e Tecnologie dell’Informazione “Alessandro Faedo”, Area della Ricerca CNR di Pisa, Via G. Moruzzi 1, 56124 Pisa, Italy;
| |
Collapse
|
2
|
Spyware Identification for Android Systems Using Fine Trees. INFORMATION 2023. [DOI: 10.3390/info14020102] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 02/10/2023] Open
Abstract
Android operating system (OS) has been recently featured as the most commonly used and ingratiated OS for smartphone ecosystems. This is due to its high interoperability as an open-source platform and its compatibility with all the major browsers within the mobile ecosystem. However, android is susceptible to a wide range of Spyware traffic that can endanger a mobile user in many ways, like password stealing and recording patterns of a user. This paper presents a spyware identification schemes for android systems making use of three different machine learning schemes, including fine decision trees (FDT), support vector machines (SVM), and the naïve Bayes classifier (NBC). The constructed models have been evaluated on a novel dataset (Spyware-Android 2022) using several performance measurement units such as accuracy, precision, and sensitivity. Our experimental simulation tests revealed the notability of the model-based FDT, making the peak accuracy 98.2%. The comparison with the state-of-art spyware identification models for android systems showed that our proposed model had improved the model’s accuracy by more than 18%.
Collapse
|
3
|
da Silva LM, Menezes HBDB, Luccas MDS, Mailer C, Pinto ASR, Boava A, Rodrigues M, Ferrão IG, Estrella JC, Branco KRLJC. Development of an Efficiency Platform Based on MQTT for UAV Controlling and DoS Attack Detection. SENSORS (BASEL, SWITZERLAND) 2022; 22:6567. [PMID: 36081023 PMCID: PMC9460209 DOI: 10.3390/s22176567] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [MESH Headings] [Track Full Text] [Figures] [Subscribe] [Scholar Register] [Received: 07/30/2022] [Revised: 08/16/2022] [Accepted: 08/25/2022] [Indexed: 06/15/2023]
Abstract
Several market sectors are attracted by the potential of unmanned aerial vehicles (UAVs), such as delivery, agriculture, and cinema, among others. UAVs are becoming part of Internet of Things (IoT) networks in the development of autonomous and scalable solutions. However, these vehicles are gradually becoming attractive targets for cyberattacks. This study proposes the development of an efficient platform based on the Message Queuing Telemetry Transport (MQTT) protocol for UAV control and Denial-of-Service (DoS) detection embedded in the UAV system. For the efficiency test, latency, network and memory consumption on the platform were measured, in addition to the correlation between payload and delay time. The results of efficiency tests were collected for the three levels of quality of service (QoS). A strong correlation greater than 90% was found between delay and data size for all QoS levels, showing almost a linear proportion. In DoS detection, the best results were a true positive rate (TPR) of 0.97 with 16 features from the AWID2 dataset using LightGBM with Bayesian optimization and data balancing. Unlike other studies, the built platform shows efficiency for UAV control and guarantees security in the communication with the broker and in the Wi-Fi UAV network.
Collapse
Affiliation(s)
- Leandro Marcos da Silva
- Institute of Mathematics and Computer Sciences, University of São Paulo, Ave. Trabalhador São-Carlense, 400, São Carlos 13564-002, São Paulo, Brazil
| | - Henrique Bonini de Britto Menezes
- Institute of Mathematics and Computer Sciences, University of São Paulo, Ave. Trabalhador São-Carlense, 400, São Carlos 13564-002, São Paulo, Brazil
| | - Matheus dos Santos Luccas
- Institute of Mathematics and Computer Sciences, University of São Paulo, Ave. Trabalhador São-Carlense, 400, São Carlos 13564-002, São Paulo, Brazil
| | - Christian Mailer
- Department of Informatics and Statistics, Federal University of Santa Catarina, St. Roberto Sampaio Gonzaga, Florianópolis 88040-900, Santa Catarina, Brazil
| | - Alex Sandro Roschildt Pinto
- Department of Informatics and Statistics, Federal University of Santa Catarina, St. Roberto Sampaio Gonzaga, Florianópolis 88040-900, Santa Catarina, Brazil
| | - Adão Boava
- Department of Informatics and Statistics, Federal University of Santa Catarina, St. Roberto Sampaio Gonzaga, Florianópolis 88040-900, Santa Catarina, Brazil
| | - Mariana Rodrigues
- Institute of Mathematics and Computer Sciences, University of São Paulo, Ave. Trabalhador São-Carlense, 400, São Carlos 13564-002, São Paulo, Brazil
| | - Isadora Garcia Ferrão
- Institute of Mathematics and Computer Sciences, University of São Paulo, Ave. Trabalhador São-Carlense, 400, São Carlos 13564-002, São Paulo, Brazil
| | - Júlio Cézar Estrella
- Institute of Mathematics and Computer Sciences, University of São Paulo, Ave. Trabalhador São-Carlense, 400, São Carlos 13564-002, São Paulo, Brazil
| | | |
Collapse
|