No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Mitigating Zero-Day Attacks in IoT Using a Strategic Framework
... With their high success rate, zero-day attacks typically target high-value targets such as critical infrastructure and financial and medical institutions [9]. Therefore, attackers keep newly discovered vulnerabilities confidential for as long as possible, maximizing the possibility of an attack succeeding [10]. Hence, reliably defending against such attacks requires exploring alternative solutions due to their nature, which has not been seen before [11]. ...
Advanced metering infrastructures (AMIs) aim to enhance the efficiency, reliability, and stability of electrical systems while offering advanced functionality. However, an AMI collects copious volumes of data and information, making the entire system sensitive and vulnerable to malicious attacks that may cause substantial damage, such as a deficit in national security, a disturbance of public order, or significant economic harm. As a result, it is critical to guarantee a steady and dependable supply of information and electricity. Furthermore, storing massive quantities of data in one central entity leads to compromised data privacy. As such, it is imperative to engineer decentralized, federated learning (FL) solutions. In this context, the performance of participating clients has a significant impact on global performance. Moreover, FL models have the potential for a Single Point of Failure (SPoF). These limitations contribute to system failure and performance degradation. This work aims to develop a performance-based hierarchical federated learning (HFL) anomaly detection system for an AMI through (1) developing a deep learning model that detects attacks against this critical infrastructure; (2) developing a novel aggregation strategy, FedAvg-P, to enhance global performance; and (3) proposing a peer-to-peer architecture guarding against a SPoF. The proposed system was employed in experiments on the CIC-IDS2017 dataset. The experimental results demonstrate that the proposed system can be used to develop a reliable anomaly detection system for AMI networks.
... The intrusion prevention component of the name is confusing because an IDS somehow doesn't detect malicious activities [6][7][8][9][10][11]. It works by detecting traffic activity that could or could not be an invasion. ...
With the rapid advancement of computer technology during the last couple of decades. Computer systems are commonly used in manufacturing, corporate, as well as other aspects of human living. As a result, constructing dependable infrastructures is a major challenge for IT managers. On the contrary side, this same rapid advancement of technology has created numerous difficulties in building reliable networks which are challenging tasks. There seem to be numerous varieties of attacks that affect the accessibility, authenticity, as well as secrecy of communications systems. In this paper, an in-depth and all-inclusive description of artificial intelligence methods used for the detection of network intrusions is discussed in detail.
... Once the attackers have physical access to the devices, interception and eavesdropping can also take place. 12) Zero-Day attacks [46]: A zero-day attack is not a specific type of an attack; rather, it embodies an attack that happens when the malicious attackers detect an exploit in a certain device before the manufacturers or the developers become aware about it. It is therefore not possible to stop zero-day attacks nor to patch the exploit until the attack has already taken place. ...
In the past several years, the world has witnessed an acute surge in the production and usage of smart devices which are referred to as the Internet of Things (IoT). These devices interact with each other as well as with their surrounding environments to sense, gather and process data of various kinds. Such devices are now part of our everyday’s life and are being actively used in several verticals such as transportation, healthcare, and smart homes. IoT devices, which usually are resource-constrained, often need to communicate with other devices such as fog nodes and/or cloud computing servers to accomplish certain tasks that demand large resource requirements. These communications entail unprecedented security vulnerabilities, where malicious parties find in this heterogeneous and multi-party architecture a compelling platform to launch their attacks. In this work, we conduct an in-depth survey on the existing intrusion detection solutions proposed for the IoT ecosystem which includes the IoT devices as well as the communications between the IoT, fog computing and cloud computing layers. Although some survey articles already exist, the originality of this work stems from the three following points: (1) discuss the security issues of the IoT ecosystem not only from the perspective of IoT devices but also taking into account the communications between the IoT, fog and cloud computing layers; (2) propose a novel two-level classification scheme that first categorizes the literature based on the approach used to detect attacks and then classify each approach into a set of sub-techniques; and (3) propose a comprehensive cybersecurity framework that combines the concepts of Explainable Artificial Intelligence (XAI), federated learning, game theory and social psychology to offer future IoT systems a strong protection against cyberattacks.
... Number of Zero-day Vulnerabilities per Day (ZDV) measures the density of Zero-day Vulnerabilities [72] that were detected per day of system operation: ...
Software code is present on multiple levels within the current Internet of Things (IoT)
systems. The quality of this code impacts system reliability, safety, maintainability, and other quality aspects. In this paper, we provide a comprehensive overview of code quality-related metrics, specifically revised for the context of IoT systems. These metrics are divided into main code quality categories: Size, redundancy, complexity, coupling, unit test coverage and effectiveness, cohesion, code readability, security, and code heterogeneity. The metrics are then linked to selected general quality characteristics from the ISO/IEC 25010:2011 standard by their possible impact on the quality and reliability of an IoT system, the principal
layer of the system, the code levels, and the main phases of the project to which they are relevant. This analysis is followed by a discussion of code smells and their relation to the presented metrics. The overview presented in the paper is the result of a thorough analysis and discussion of the author’s team with the involvement of external subject-matter experts in which a defined decision algorithm was followed. The primary result of the paper is an overview of the metrics accompanied by applicability notes related to the quality characteristics, the system layer, the level of the code, and the phase of the IoT project.
... Various attacks can affect IoT devices causing privacy and security issues. Some attacks that infect IoT devices are botnets, Mirai, and Prowli malware [21]. A botnet is a robot network controlled by a hacker who uses malware to hijack its devices [22]. ...
Malware detection in Internet of Things (IoT) devices is a great challenge, as these devices lack certain characteristics such as homogeneity and security. Malware is malicious software that affects a system as it can steal sensitive information, slow its speed, cause frequent hangs, and disrupt operations. The most common malware types are adware, computer viruses, spyware, trojans, worms, rootkits, key loggers, botnets, and ransomware. Malware detection is critical for a system's security. Many security researchers have studied the IoT malware detection domain. Many studies proposed the static or dynamic analysis on IoT malware detection. This paper presents a survey of IoT malware evasion techniques, reviewing and discussing various researches. Malware uses a few common evasion techniques such as user interaction, environmental awareness, stegosploit, domain and IP identification, code obfuscation, code encryption, timing, and code compression. A comparative analysis was conducted pointing various advantages and disadvantages. This study provides guidelines on IoT malware evasion techniques.
... If it is found to be malicious and known pattern, then protection [48] module is called. If the threat pattern is unknown by the threat defender, for example, a zero-day attack [50], then, after extraction of hash, it is sent to threat cloud for verdict and score of the threat and retrospective event is triggered [51]. Finally, logs are preserved for further investigation. ...
Intel’s “Bring Your Own Device” (BYOD) adoption quickly became popular as an alternative workplace solution strategy. It enables employees to use their personally owned devices to perform business activities, leading to increased productivity and employee satisfaction. However, BYOD also brought associated risks because of exponential growth in the number of cybersecurity incidents due to which business ecosystem gets disrupted and fragmented. Although several methods and mechanisms have been developed and adopted to mitigate the risk associated with BYOD, they still represent a challenge as corporate network gets exposed to inherent threats caused by the BYOD threat landscape. This work demonstrates especially two key aspects: The first focuses on how to detect and protect BYOD environment from an advanced level attack which cannot be detected by traditional tools and techniques even though available tools are quite effective. Before the attack and damage to the critical infrastructure due to BYOD threat, a strategy was indeed the key requirement for detecting attacks and protecting the environment. The second part of the research focuses on conducting forensic investigation model and developing a new approach by providing a reliable forensic investigation infrastructure to find digital evidence and detect the source of attack. This research work concluded with two different novel strategic ideas. The first part contributes to a new method of detecting and protecting against malicious activities which cannot be otherwise detected and protected by traditional security technology like IPS, IDS, AntiBot, or AntiVirus. The proposed technique compared to the existing methods led to a significant contribution to the identification of threats before an attack takes place. The second part of the research contributes to the defining of a new approach of the next-generation digital forensic readiness (NG-DFR) model in order to build a cyber forensic ecosystem so that cyber secured BYOD environment can be enabled safely.
1. Introduction
Bring Your Own Device (BYOD) is basically the consumerization of information technology (IT) where employees use their personal devices in the corporate networks. It helps the organization to save the cost and increases employee productivity and engagement. Adopting BYOD technology in enterprise leads to an increase in business productivity and enhances collaboration and business agility.
Bring Your Own Device (BYOD) becomes a rule rather than an exception. Technology transformation is the key role of every CIO and IT leader of any organization. As per the study of Gartner, BYOD users will get increased by 75% by 2022 [1] from 35% in 2018. By 2021 [2], maximum organizations are expected to use IoT; approximately 94% of the organizations will adopt IoT as per Microsoft report. During the COVID-19 global pandemic situation, demand for BYOD has even increased exponentially.
The BYOD infrastructure provides Internet access to the employees, while employees being trusted users access the enterprise infrastructure, which is intended to be secured. Guest user access is also one of the features of BYOD to provide access to the visited partner/guest using the self-registration portal or sponsored portal. During the initial stage of the BYOD solution adoption, most of the organizations did not give access through corporate network due to involved security risks. However, in the later stage, organizations started moving towards a positive direction realizing that personal mobile devices are an integral part of employees’ daily life. As BYOD connects untrusted external devices in the corporate wireless network infrastructure, increase in cybersecurity risks and data leakage incidents are observed. Malicious activities can be performed using BYOD. Unmanaged devices might not be following the standard security practice and may not follow the line of defense against malicious content [3]. A study concluded that 62% of digital incidents are triggered by inside users either intentionally or unknowingly [4]. Using BYOD services, users can try to get access to internal network and cloud network, and perform malicious activities, and damage the potential data which can cause the reputation loss of the organization. Data theft, shadow IT, and cybersecurity constitute a major concern in BYOD. Installing malware in BYOD and connecting to the Internet can also lead to serious damage and are a major security risk. While implementing the BYOD legal approach of the mitigation cannot be overlooked [5], every stage of the BYOD security policy should be always in line with protecting the internal network, data, and application. BYOD system has become a huge security risk [6]. Accessing corporate infrastructure using BYOD devices which may be owned by employees, suppliers, or partners makes corporate data protection a major concern for the organization; at the same time, isolating personal data is a need for employee privacy. In a study, the BYOD security impact assessment conducted for the airport smart system stated that compromised BYOD devices can have an impact on airport system integrity and availability [7]. Security breaches are more in terms of the network infrastructure where BYOD service is offered to employees, partners, and staff.
Cyberattack and security risk in airport security is a major risk of the country [8] due to BYOD. BYOD might become “bring your own danger” [9] if proper security control is not implemented and if the solutions do not include forensic investigation after crime.
Due to vulnerability, cyber-attacks have grown periodically. According to CVE [10], Figure 1 represents the growth of vulnerabilities in years. Increase in vulnerability has also increased the attacks.
... However, over time, the presence of various security systems from different vendors became operationally inefficient, and protection levels fell behind new attacks. In 2010, there was a rapid development of attacks that targeted particular businesses, commonly referred to as 'zero-day threats' (Lamba, Singh, & Balvinder, 2016). These were evasive, unknown, multifaceted, and financially devastating to businesses. ...
The convergence of Information Technology (IT) and Operational Technology (OT) is leading to the birth of the Internet of Things (IoT). This evolution is characterized by the fusion of digital and physical domains in the real world. The interconnection of virtual and physical worlds, infused with artificial intelligence (AI) is the foundation of the fourth industrial revolution (Industry 4.0). Industry 4.0 combines IoT with various digital and physical technologies such as additive manufacturing, analytics, robotics, artificial intelligence, performance computing, augmented reality (AR), digital twin, and cognitive technologies, to digitize business operations and processes. Although the digitization of factories, supply chains, and operations has the potential to create unprecedented value in business, it also creates a conducive connected environment for "Next-Gen" cyber-attacks. "Next-Gen" cyber-attacks are large-scale multi-vector attacks that can affect components, networks, virtual machines, endpoint services, and disrupt cloud platforms that underlie Industry 4.0. This paper uses the secondary data analysis method to explore several cybersecurity challenges that will arise in the Industry 4.0 era as well as possible solutions. The paper also proposes mitigations against "Next-Gen" cyber-attacks such as Hardware Protection, Cyber Insurance, and the use of distinct security
This study explores the level of awareness regarding cyber security and cyber threat among the generation-z in Bangladesh. Cyber awareness plays a vital role in preventing cybercrimes which are extremely prevalent these days. This study investigates the threat awareness practices and current knowledge levels among Bangladesh's Generation Z. To achieve goals and make it sustainable, it is crucial to know the gap between the number of students who have access to technology and who have cybersecurity awareness. This paper will eventually assist in formulating a strong cyber security framework for Bangladesh. A mixed-method approach has been adopted for this case study research to understand the cyber security awareness among business graduates of generation-Z in Bangladesh. A thorough literature review helped determine the components of cybersecurity awareness, and a quantitative survey method was used to determine how familiar the graduates were with different cybersecurity practices. Findings indicate that the majority of people are well aware of the cyber threats yet, most of them are not putting enough effort for avoiding it. In order to manage cybercrime, the study indicates that a model for educating generation Z regarding cyber security is urgently needed. Furthermore, the study portrays an in-depth picture of what the generation-z of Bangladesh knows about cybercrime and security measures practices to avoid cyber threat. With the findings of the study, generation-z can get ideas of where they should concentrate more to be more cyber vigilant. As this generation-z is soon to be an integral part of the industry, the policy maker can also come up with frameworks based on the study findings, to educate their employees regarding cyber issues.
This research will help outline the gap that needs to be addressed by generation-z and also by others.
A zero-day attack refers to a type of cyber-attack that takes advantage of a software vulnerability that is previously unknown to the software vendor or developer. In other words, the attackers exploit a security flaw in a software application before the vendor has had a chance to release a fix (a patch) for it. This term "zero-day" originates from the fact that the developers have had "zero days" to address the vulnerability. In the face of increasingly sophisticated zero-day attacks, the role of future cybersecurity techniques is paramount. Future cybersecurity techniques will emphasize proactive defense measures that go beyond conventional signature-based approaches. These techniques will include advanced anomaly detection, behavior analysis, and predictive modeling to identify zero-day attacks before any damages are caused. The future of cybersecurity techniques will emphasize collaboration across various stakeholders. The significance of a zero-day attack lies in its potential to cause widespread damage and disruption. Zero-day vulnerabilities are unknown to the software vendor and the public, making them an attractive option for cybercriminals and hackers. Because there's no available fix, attackers can exploit these vulnerabilities without fear of immediate detection or prevention. Since the affected software or hardware isn't patched, attackers can infiltrate systems and carry out their malicious activities with little resistance. This can result in data breaches, unauthorized access, theft of sensitive information, and more, depending on the attacker's goals. The proposed study presents a comprehensive view of the threats, detection and the mitigation strategies for the zero-day attacks
Sustainability principles need to be applied at all the stages of the decision-making process concerning the building of urban housing to realize maximum benefits without compromising the project’s function. This paper aims to investigate the applicability of radio frequency identification (RFID) and identify the barriers that impede its successful adoption in building projects to achieve sustainability in building. The literature was reviewed, and data were derived by complementing the quantitative technique. A questionnaire was employed to gather data from 107 stakeholders in the building industry in Nigeria. The data were scrutinized using the exploratory factor analysis (EFA) technique. The partial least square structural equation modeling (PLS-SEM) was also applied to create a model for embracing RFID tools for sustainable building. The results of EFA revealed that the RFID barriers could be classified into significant constructs: infrastructure, immaturity, privacy, and security. The PLS-SEM model revealed that infrastructure was the most significant barrier to RFID implementation in the building industry. Thus, this study’s findings could aid decision makers in facilitating sustainability approaches in buildings projects through RFID implementation. These results would further lay the basis for objectively measuring and valuing the diverse barriers impacting RFID implementation.
Abstract:
National Bank for Agriculture and Rural Development (NABARD) primary function is to touch
all aspects of rural economy. Apart from providing financial support to the underserved
population of the country, the institution also monitors the functioning and regulation of banks.
NABARD have been a boon to millions of rural families across the country.This Paper aims to
understand the financial initiatives taken by the NABARD in the rural area.
ResearchGate has not been able to resolve any references for this publication.