Search Results (24)

Photovoltaics with energy storage are the current trend in solar energy. Hybrid inverters are the backbone of low-power installations of this type. If a single installation is compromised, there are no significant security concerns. However, multiple devices can be targeted simultaneously. Taking into account their increasing share in the energy mix, distributed cyber-attacks against these devices can threaten grid stability. The Bulgarian electric power system has been analyzed in order to determine its development which is in line with EU-wide trends. It can be concluded that hybrid inverters are expected to grow rapidly in number and in installed power. The vulnerability of hybrid inverters to cyber-attacks has been analyzed, and the possible consequences for the energy system have been identified. The technology allows it to be used as a hybrid means of influence, and this aspect is poorly addressed in existing cybersecurity regulations. A risk assessment has been made, based on which measures to improve security have been proposed. Full article

This paper explores the current state of energy decentralization in Oman, emphasizing its importance for the country’s energy sector. The primary focus is on the electricity market, examining how decentralization is evolving within this context. The analysis evaluates Oman’s regulatory framework to determine its suitability for fostering decentralization and highlights the role of emerging tools and technologies in this transition. This paper reviews the progress made in deploying these innovations, identifies specific regulatory challenges, and provides recommendations to create a more supportive regulatory environment. Additionally, it delves into data protection concerns arising from technologies like smart grids, which collect personal information. By assessing existing data protection regulations, this study identifies gaps and suggests improvements. The methodology involves a textual analysis of the academic literature, offering a comprehensive understanding of the regulatory and technological landscape shaping energy decentralization in Oman. Full article

The Advanced Message Queuing Protocol (AMQP) is a widely used communication standard in IoT systems due to its robust and reliable message delivery capabilities. However, its increasing adoption has made it a target for various cyber threats, including Distributed Denial of Service (DDoS), Man-in-the-Middle (MitM), and brute force attacks. This study presents a comprehensive analysis of AMQP-specific vulnerabilities and introduces a statistical model for the detection and classification of malicious activities in IoT networks. Leveraging a custom-designed IoT testbed, realistic attack scenarios were simulated, and a dataset encompassing normal, malicious, and mixed traffic was generated. Unique attack signatures were identified and validated through repeated experiments, forming the foundation of a signature-based detection mechanism tailored for AMQP networks. The proposed model demonstrated high accuracy in detecting and classifying attack-specific traffic while maintaining a low false positive rate for benign traffic. Notable results include effective detection of RST packets in DDoS scenarios, precise classification of MitM attack patterns, and identification of brute force attempts on AMQP systems. This research highlights the efficacy of signature-based approaches in enhancing IoT security and offers a benchmark for future machine learning-driven detection systems. By addressing AMQP-specific challenges, the study contributes to the development of resilient and secure IoT ecosystems. Full article

AI-enabled cybersecurity systems are becoming common, but their effectiveness is reported to be mixed at best due to some barriers. The primary objective of this systematic literature review is to find barriers associated with the use of AI-enabled cybersecurity systems. A comprehensive systematic literature review approach was implemented in this study. Literature sampled from different databases (Scopus and WOS) was synthesised to synthesise barriers associated with using an AI-enabled cybersecurity system, and a total of 41 papers were selected using systematic inclusion criteria. The study identified several barriers, such as the complexity of systems, lack of top management support, lack of AI-proficient employees, and lack of regulatory support for AI. These barriers are classified into technological, organisational, and environmental. This paper is unique as it focuses on the barriers associated with using advanced technologies such as AI-enabled expert systems for cybersecurity. Thus, the current research makes a novel contribution, arguing that attention is required toward organisational-level issues to protect the system from cyberattacks. This will establish the way for researchers to evaluate these barriers, opening new avenues for empirical research and for practitioners to utilise these systems more effectively. Full article

This paper investigates the motion state estimation problem of the unmanned surface vehicle (USV) steering system in wireless sensor networks based on the binary coding scheme (BCS). In response to the presence of bandwidth constraints and mixed cyber-attacks in USV communication networks, this paper proposes an improved set-membership state estimation algorithm based on BCS. This algorithm partially addresses the problem of degraded performance in USV steering motion state estimation caused by mixed cyber-attacks and bandwidth constraints. Furthermore, this paper proposes a robust resilient filtering framework considering the possible occurrence of unknown but bounded (UBB) noises, model parameter uncertainties, and estimator gain perturbations in practical scenarios. The proposed framework can accurately estimate the sway velocity, yaw velocity, and roll velocity of the USV under the concurrent presence situation of mixed cyber-attacks, communication capacity constraints, UBB noises, model parameter uncertainties, and estimator gain perturbations. This paper first utilizes mathematical induction to provide the sufficient conditions for the existence of the desired estimator, and obtains the estimator gain by solving a set of linear matrix inequalities. Then, a recursive optimization algorithm is utilized to achieve optimal estimation performance. Finally, the effectiveness of the proposed estimation algorithm is verified through a simulation experiment. Full article

In order to analyze the choice of the optimal strategy of cyber security attack and defense in the unmanned aerial vehicles’ (UAVs) cyber range, a game model-based UAV cyber range risk assessment method is constructed. Through the attack and defense tree model, the risk assessment method is calculated. The model of attack and defense game with incomplete information is established and the Bayesian–Nash equilibrium of mixed strategy is calculated. The model and method focus on the mutual influence of the actions of both sides and the dynamic change in the confrontation process. According to the calculation methods of different benefits of different strategies selected in the offensive and defensive game, the risk assessment and calculation of the UAV cyber range are carried out based on the probability distribution of the defender’s benefits and the attacker’s optimal strategy selection. An example is given to prove the feasibility and effectiveness of this method. Full article

This paper is concerned with the state estimation problem based on non-fragile set-membership filtering for a class of measurement-saturated memristive neural networks (MNNs) with unknown but bounded (UBB) noises, mixed time delays and missing measurements (MMs), subject to cyber-attacks under the framework of weighted try-once-discard protocol (WTOD protocol). Considering bandwidth-limited open networks, this paper proposes an improved set-membership filtering based on WTOD protocol to partially solve the problem that multiple sensor-related problems and multiple network-induced phenomena influence the state estimation performance of MNNs. Moreover, this paper also discusses the gain perturbations of the estimator and proposes an improved non-fragile estimation framework based on set-membership filtering, which enhances the robustness of the estimation approach. The proposed estimation framework can effectively estimate the state of MNNs with UBB noises, estimator gain perturbations, mixed time-delays, cyber-attacks, measurement saturations and MMs. This paper first utilizes mathematical induction to provide the sufficient conditions for the existence of the desired estimator, and obtains the estimator gain by solving a set of linear matrix inequalities. Then, a recursive optimization algorithm is utilized to achieve optimal estimation performance. The effectiveness of the theoretical results is verified by comparative numerical simulation examples. Full article

As network technology evolves, cyberattacks are not only increasing in frequency but also becoming more sophisticated. To proactively detect and prevent these cyberattacks, researchers are developing intrusion detection systems (IDSs) leveraging machine learning and deep learning techniques. However, a significant challenge with these advanced models is the increased training time as model complexity grows, and the symmetry between performance and training time must be taken into account. To address this issue, this study proposes a fast-persistent-contrastive-divergence-based deep belief network (FPCD-DBN) that offers both high accuracy and rapid training times. This model combines the efficiency of contrastive divergence with the powerful feature extraction capabilities of deep belief networks. While traditional deep belief networks use a contrastive divergence (CD) algorithm, the FPCD algorithm improves the performance of the model by passing the results of each detection layer to the next layer. In addition, the mix of parameter updates using fast weights and continuous chains makes the model fast and accurate. The performance of the proposed FPCD-DBN model was evaluated on several benchmark datasets, including NSL-KDD, UNSW-NB15, and CIC-IDS-2017. As a result, the proposed method proved to be a viable solution as the model performed well with an accuracy of 89.4% and an F1 score of 89.7%. By achieving superior performance across multiple datasets, the approach shows great potential for enhancing network security and providing a robust defense against evolving cyber threats. Full article

Recently, advancements in digital twin and extended reality (XR) technologies, along with industrial control systems (ICSs), have driven the transition to Industry 5.0. Digital twins mimic and simulate real-world systems and play a crucial role in various industries. XR provides innovative user experiences through virtual reality (VR), augmented reality (AR), and mixed reality (MR). By integrating digital twin simulations into XR devices, these technologies are utilized in various industrial fields. However, the prevalence of XR devices has increased the exposure to cybersecurity threats in ICS and digital twin environments. Because XR devices are connected to networks, the control and production data they process are at risk of being exposed to cyberattackers. Attackers can infiltrate XR devices through malicious code or hacking attacks to take control of the ICS or digital twin or paralyze the system. Therefore, this study emphasizes the cybersecurity threats in the ecosystem of XR devices used in ICSs and conducts research based on digital forensics. It identifies potentially sensitive data and artifacts in XR devices and proposes secure and reliable security response measures in the Industry 5.0 environment. Full article

As the Internet of Things (IoT) becomes more integral across diverse sectors, including healthcare, energy provision and industrial automation, the exposure to cyber vulnerabilities and potential attacks increases accordingly. Facing these challenges, the essential function of an Information Security Management System (ISMS) in safeguarding vital information assets comes to the fore. Within this framework, risk management is key, tasked with the responsibility of adequately restoring the system in the event of a cybersecurity incident and evaluating potential response options. To achieve this, the ISMS must evaluate what is the best response. The time to implement a course of action must be considered, as the period required to restore the ISMS is a crucial factor. However, in an environmentally conscious world, the sustainability dimension should also be considered to choose more sustainable responses. This paper marks a notable advancement in the fields of risk management and incident response, integrating security measures with the wider goals of sustainability and corporate responsibility. It introduces a strategy for handling cybersecurity incidents that considers both the response time and sustainability. This approach provides the flexibility to prioritize either the response time, sustainability or a balanced mix of both, according to specific preferences, and subsequently identifies the most suitable actions to re-secure the system. Employing a quantum methodology, it guarantees reliable and consistent response times, independent of the incident volume. The practical application of this novel method through our framework, MARISMA, is demonstrated in real-world scenarios, underscoring its efficacy and significance in the contemporary landscape of risk management. Full article

Public sector organizations are facing an escalating challenge with the increasing volume and complexity of cyberattacks, which disrupt essential public services and jeopardize citizen data and privacy. Effective cybersecurity management has become an urgent necessity. To combat these threats comprehensively, the active involvement of all functional areas is crucial, necessitating a heightened holistic cybersecurity awareness among tactical and operational teams responsible for implementing security measures. Public entities face various challenges in maintaining this awareness, including difficulties in building a skilled cybersecurity workforce, coordinating mixed internal and external teams, and adapting to the outsourcing trend, which includes cybersecurity operations centers (CyberSOCs). Our research began with an extensive literature analysis to expand our insights derived from previous works, followed by a Spanish case study in collaboration with a digitization-focused public organization. The study revealed common features shared by public organizations globally. Collaborating with this public entity, we developed strategies tailored to its characteristics and transferrable to other public organizations. As a result, we propose the “Wide-Scope CyberSOC” as an innovative outsourced solution to enhance holistic awareness among the cross-functional cybersecurity team and facilitate comprehensive cybersecurity adoption within public organizations. We have also documented essential requirements for public entities when contracting Wide-Scope CyberSOC services to ensure alignment with their specific needs, accompanied by a management framework for seamless operation. Full article

Recent advances in the Internet and digital technology have brought a wide variety of activities into cyberspace, but they have also brought a surge in cyberattacks, making it more important than ever to detect and prevent cyberattacks. In this study, a method is proposed to detect anomalies in cyberspace by consolidating BGP (Border Gateway Protocol) data into numerical data that can be trained by machine learning (ML) through a tokenizer. BGP data comprise a mix of numeric and textual data, making it challenging for ML models to learn. To convert the data into a numerical format, a tokenizer, a preprocessing technique from Natural Language Processing (NLP), was employed. This process goes beyond merely replacing letters with numbers; its objective is to preserve the patterns and characteristics of the data. The Synthetic Minority Over-sampling Technique (SMOTE) was subsequently applied to address the issue of imbalanced data. Anomaly detection experiments were conducted on the model using various ML algorithms such as One-Class Support Vector Machine (One-SVM), Convolutional Neural Network–Long Short-Term Memory (CNN–LSTM), Random Forest (RF), and Autoencoder (AE), and excellent performance in detection was demonstrated. In experiments, it performed best with the AE model, with an F1-Score of 0.99. In terms of the Area Under the Receiver Operating Characteristic (AUROC) curve, good performance was achieved by all ML models, with an average of over 90%. Improved cybersecurity is expected to be contributed by this research, as it enables the detection and monitoring of cyber anomalies from malicious users through BGP data. Full article

Connected and automated vehicles (CAVs) present significant potential for improving road safety and mitigating traffic congestion for the future mobility system. However, cooperative driving vehicles are more vulnerable to cyberattacks when communicating with each other, which will introduce a new threat to the transportation system. In order to guarantee safety aspects, it is also necessary to ensure a high level of information quality for CAV. To the best of our knowledge, this is the first investigation on the impacts of cyberattacks on CAV in mixed traffic (large vehicles, medium vehicles, and small vehicles) from the perspective of vehicle dynamics. The paper aims to explore the influence of cyberattacks on the evolution of CAV mixed traffic flow and propose a resilient and robust control strategy (RRCS) to alleviate the threat of cyberattacks. First, we propose a CAV mixed traffic car-following model considering cyberattacks based on the Intelligent Driver Model (IDM). Furthermore, a RRCS for cyberattacks is developed by setting the acceleration control switch and its impacts on the mixed traffic flow are explored in different cyberattack types. Finally, sensitivity analyses are conducted in different platoon compositions, vehicle distributions, and cyberattack intensities. The results show that the proposed RRCS of cyberattacks is robust and can resist the negative threats of cyberattacks on the CAV platoon, thereby providing a theoretical basis for restoring the stability and improving the safety of the CAV. Full article

Ultrasound systems have been widely used for consultation; however, they are susceptible to cyberattacks. Such ultrasound systems use random bits to protect patient information, which is vital to the stability of information-protecting systems used in ultrasound machines. The stability of the random bit must satisfy its unpredictability. To create a random bit, noise generated in hardware is typically used; however, extracting sufficient noise from systems is challenging when resources are limited. There are various methods for generating noises but most of these studies are based on hardware. Compared with hardware-based methods, software-based methods can be easily accessed by the software developer; therefore, we applied a mathematically generated noise function to generate random bits for ultrasound systems. Herein, we compared the performance of random bits using a newly proposed mathematical function and using the frequency of the central processing unit of the hardware. Random bits are generated using a raw bitmap image measuring 1000 × 663 bytes. The generated random bit analyzes the sampling data in generation time units as time-series data and then verifies the mean, median, and mode. To further apply the random bit in an ultrasound system, the image is randomized by applying exclusive mixing to a 1000 × 663 ultrasound phantom image; subsequently, the comparison and analysis of statistical data processing using hardware noise and the proposed algorithm were provided. The peak signal-to-noise ratio and mean square error of the images are compared to evaluate their quality. As a result of the test, the min entropy estimate (estimated value) was 7.156616/8 bit in the proposed study, which indicated a performance superior to that of GetSystemTime. These results show that the proposed algorithm outperforms the conventional method used in ultrasound systems. Full article

Data breach incidents result in severe financial loss and reputational damage, which raises the importance of using insurance to manage and mitigate cyber related risks. We analyze data breach chronology collected by Privacy Rights Clearinghouse (PRC) since 2001 and propose a Bayesian generalized linear mixed model for data breach incidents. Our model captures the dependency between frequency and severity of cyber losses and the behavior of cyber attacks on entities across time. Risk characteristics such as types of breach, types of organization, entity locations in chronology, as well as time trend effects are taken into consideration when investigating breach frequencies. Estimations of model parameters are presented under Bayesian framework using a combination of Gibbs sampler and Metropolis–Hastings algorithm. Predictions and implications of the proposed model in enterprise risk management and cyber insurance rate filing are discussed and illustrated. We find that it is feasible and effective to use our proposed NB-GLMM for analyzing the number of data breach incidents with uniquely identified risk factors. Our results show that both geological location and business type play significant roles in measuring cyber risks. The outcomes of our predictive analytics can be utilized by insurers to price their cyber insurance products, and by corporate information technology (IT) and data security officers to develop risk mitigation strategies according to company’s characteristics. Full article