Security Approach Research Articles

Autonomous intrusion detection for IoT: a decentralized and privacy preserving approach

The Internet of Things (IoT) has been increasingly adopted in domains such as smart infrastructure, healthcare, supply chain, transportation, and many others. However, the constrained computational resources of these devices make conventional security approaches against security threats not applicable. This limitation emphasizes the need to explore new approaches, specifically tailored to these kinds of devices. To increase protection against cyberattacks in IoT devices, Intrusion Detection Systems (IDSs) are considered an effective approach. Machine Learning (ML) techniques can be combined with Federated Learning to enhance the privacy and scalability of these systems. Many IDSs have been introduced, but there is a research gap concerning Host Intrusion Detection System (HIDS), which is the primary focus of our current work. Additionally, existing research predominantly focuses on the application of ML techniques and their evaluation, with limited attention to real-world implementation. We propose a lightweight HIDS that relies on the analysis of system call traces to detect malicious activities. The proposed HIDS achieved an accuracy rate of approximately 98%. Finally, by using eXplainable Artificial Intelligence methods, we sought to provide explanations for these these results.

Health IoT Threats: Survey of Risks and Vulnerabilities

The secure and efficient collection of patients’ vital information is a challenge faced by the healthcare industry. Through the adoption and application of Internet of Things (IoT), the healthcare industry has seen an improvement in the quality of delivered services and patient safety. However, IoT utilization in healthcare is challenging due to the sensitive nature of patients’ clinical information and communicating this across heterogeneous networks and among IoT devices. We conducted a semi-systematic literature review to provide an overview of IoT security and privacy challenges in the healthcare sector over time. We collected 279 studies from 5 scientific databases, of which 69 articles met the requirements for inclusion. We performed thematic and qualitative content analysis to extract trends and information. According to our analysis, the vulnerabilities in IoT in healthcare are classified into three main layers: perception, network, and application. We comprehensively reviewed IoT privacy and security threats on each layer. Different technological advancements were suggested to address the identified vulnerabilities in healthcare. This review has practical implications, emphasizing that healthcare organizations, software developers, and device manufacturers must prioritize healthcare IoT security and privacy. A comprehensive, multilayered security approach, security-by-design principles, and training for staff and end-users must be adopted. Regulators and policy makers must also establish and enforce standards and regulations that promote the security and privacy of healthcare IoT. Overall, this study underscores the importance of ensuring the security and privacy of healthcare IoT, with stakeholders’ coordinated efforts to address the complex and evolving security and privacy threats in this field. This can enhance healthcare IoT trust and reliability, reduce the risks of security and privacy issues and attacks, and ultimately improve healthcare delivery quality and safety.

A new food security approach? Continuity and novelty in the European Union’s turn to preparedness

AbstractPreparedness is an anticipatory approach developed in the military and health sectors in response to unforeseen and unforeseeable crises and emergencies. It has recently entered the debate over the resilience and sustainability of European food systems. The paper seeks to shed light on the implications of the European Union's adoption of preparedness in its food security policy, particularly focusing on the preparatory phase and the early activity the European Food Security Crisis Preparedness and Response Mechanism (EFSCM), a consultative body launched by the European Commission in 2021. Through an analysis of documents and meeting minutes, we illustrate how debates on implementing preparedness are influenced by conflicting sociotechnical imaginaries of sustainable food security. Results show that the EU's shift towards preparedness combines elements of continuity and novelty in its food policy. Continuity concerns the acknowledged need to deal with growing turbulence and unpredictability affecting food systems. Novelty involves attempts at building bridges between diverging imaginaries of sustainable food security to address both short-term and long-term challenges to food security. Also new is the shift to a ‘management,’ as opposed to a ‘problem-solving,’ outlook on crisis and emergency.

New Lightweight Cryptosystem for IoT in Smart City Environments

Internet of Things (IoT) devices, user interfaces (UI), software, as well as communication networks are all deployed within Smart Cities topology. The security approach designed for Internet of Things IoT should be able to prevent and detect both internal and external attacks. The problem in IoT network that not every linked node or device has an adequate amount of processing power. This means that data encryption and other related activities will be impossible and means that the security of any kind must be lightweight. A trustworthy security solution that stops illegal access to private data on the network is necessary for maintaining the privacy of information on the Internet of Things. Cryptographic processes need to be quicker and more compact without sacrificing security. The aim of this study is to reduce the execution time and power consumption of encryption processes without compromise the complexity of the encryption algorithm. This research presents a new lightweight cryptographic technique to protect various multimedia and real-time traffics across IoT network, by using two S-box in SubByte of encryption process, without affecting its performance. In this study, different audio samples will be used to test the new algorithm efficiency. Comparing the suggested method to the most advanced standard algorithm, it can reduce the cryptography process's execution time as well as energy consumption while maintaining the required security level. The outcomes demonstrate good performance in terms of power usage and delay. The new technique consumed a roughly 0.2 µJ for encryption process while the typical AES algorithm consumed 0.29 µJ, this mean the new algorithm achieved (33% power savings), while maintaining a good complexity level (security) within the process of encryption according to the results in tables I, II, and the comparison in table III. The novelty of this work can be showed by using dual XOR S-box technique which increased the complexity of SubByte process making it more secure without overload the processing performance, in addition to the reduction in encryption rounds which contribute to enhance the performance without compromise the security. Making it more suited for the Internet of Things (IoT) used in smart city environments.

Vulnerability and Critical Human Security in the Era of COVID-19 and Beyond in the UK and South Korea

The COVID-19 pandemic destabilised the political, social, and economic life of countries as it spread around the world. It posed multiple threats to individuals, societies, and across different domains of life, highlighting their intersectionality and uneven impacts. The paper focuses on the UK and South Korea, countries which took very different paths in framing and addressing the crisis. It draws on secondary data and an integrated critical human security and state capacity approach to compare how state responses, institutional capacity, and the mobilisation of policy instruments themselves construct constellations of insecurity which intersect with human security and vulnerability. It will demonstrate the structural constraints that have continued to shape vulnerability and the dynamics of human security and insecurity in turbulent times.

AUKUS as ontological security – Australian foreign policy in an age of uncertainty

ABSTRACT On 15 September 2021, Australia signed onto a new security agreement with the US and UK known as AUKUS. Under AUKUS, Australia will acquire nuclear capabilities in the form of nuclear-powered submarines. Despite being the most significant security agreement since ANZUS with an estimated cost of over $368 billion it has been highly controversial. Concerns have been raised around its viability, practicality, the associated risks given the revival of isolationist foreign policy ideas in the US, and the financial costs and fit with existing domestic capabilities. What explains Australia’s decision to join AUKUS given the presence of such substantial risks and unknowns? I work to show that traditional security frameworks struggle to account for the significant risks associated with the decision. Instead, using an ontological security approach, I argue that Australia’s decision to enter AUKUS represents an effort to maintain ‘Self’ identity narratives through the stabilisation of relations with ‘great and powerful friends’ that had come into question under the Trump presidency.

Data Poisoning Attack against Neural Network-Based On-Device Learning Anomaly Detector by Physical Attacks on Sensors.

In this paper, we introduce a security approach for on-device learning Edge AIs designed to detect abnormal conditions in factory machines. Since Edge AIs are easily accessible by an attacker physically, there are security risks due to physical attacks. In particular, there is a concern that the attacker may tamper with the training data of the on-device learning Edge AIs to degrade the task accuracy. Few risk assessments have been reported. It is important to understand these security risks before considering countermeasures. In this paper, we demonstrate a data poisoning attack against an on-device learning Edge AI. Our attack target is an on-device learning anomaly detection system. The system adopts MEMS accelerometers to measure the vibration of factory machines and detect anomalies. The anomaly detector also adopts a concept drift detection algorithm and multiple models to accommodate multiple normal patterns. For the attack, we used a method in which measurements are tampered with by exposing the MEMS accelerometer to acoustic waves of a specific frequency. The acceleration data falsified by this method were trained on an anomaly detector, and the result was that the abnormal state could not be detected.

New perspectives on metagenomic analysis for pathogen monitoring in sustainable freshwater aquaculture production: a systematic review

The freshwater and saltwater aquatic food sector has experienced the most significant growth in recent years and is increasingly recognized as a sustainable alternative for fostering prosperous societies self-sufficiently and ecologically. One primary economic and health risk factor in aquaculture production is health control, with potentially more severe impacts observed in tropical and developing countries. While metagenomics holds great promise for application in agro-industrial fields like aquaculture, its adoption remains limited. Consequently, this study aimed to assess the prospects for developing and applying metagenomics in identifying pathogens in freshwater aquaculture. The WIPO database was used to search for patents developed using metagenomics to monitoring pathogens in freshwater aquaculture. Metagenomics methods have been extensively employed in different fields, such as, medicine, veterinary, biotechnology, agriculture, particularly in studies focusing on microbial communities in different ecosystems. In aquaculture, the utilization of metagenomics has predominantly revolved around investigating antibiotic resistance genes, primarily in saltwater farms. Despite this, freshwater aquaculture, particularly in fish and crustacean farming, aligns closely with sustainable development goals, notably (SDGs) 2, 3, 6, and 13. Countries such as the United States of America, South Korea, and Canada stand at the forefront of utilizing metagenomics for disease monitoring in freshwater aquaculture, evidenced by their active patent developments. The metagenomic analysis, coupled with bioinformatics tools and databases, represents a rapid, secure, and non-invasive approach to environmental monitoring for preventive purposes.Systematic review registrationhttps://osf.io/srpyz/, identifier 10.17605/OSF.IO/SRPYZ.

Security with Wireless Sensor Networks in Smart Grids: A Review

Smart Grids are an area where next-generation technologies, applications, architectures, and approaches are utilized. These grids involve equipping and managing electrical systems with information and communication technologies. Equipping and managing electrical systems with information and communication technologies, developing data-driven solutions, and integrating them with Internet of Things (IoT) applications are among the significant applications of Smart Grids. As dynamic systems, Smart Grids embody symmetrical principles in their utilization of next-generation technologies and approaches. The symmetrical integration of Wireless Sensor Networks (WSNs) and energy harvesting techniques not only enhances the resilience and reliability of Smart Grids but also ensures a balanced and harmonized energy management system. WSNs carry the potential to enhance various aspects of Smart Grids by offering energy efficiency, reliability, and cost-effective solutions. These networks find applications in various domains including power generation, distribution, monitoring, control management, measurement, demand response, pricing, fault detection, and power automation. Smart Grids hold a position among critical infrastructures, and without ensuring their cybersecurity, they can result in national security vulnerabilities, disruption of public order, loss of life, or significant economic damage. Therefore, developing security approaches against cyberattacks in Smart Grids is of paramount importance. This study examines the literature on “Cybersecurity with WSN in Smart Grids,” presenting a systematic review of applications, challenges, and standards. Our goal is to demonstrate how we can enhance cybersecurity in Smart Grids with research collected from various sources. In line with this goal, recommendations for future research in this field are provided, taking into account symmetrical principles.

A context-aware zero trust-based hybrid approach to IoT-based self-driving vehicles security

With the speedy progression and adoption of IoT devices in modern self-driving vehicles (SDVs), autonomous driving industry is gradually reforming its capabilities to provide better transportation services. However, this domain faces enormous security and privacy challenges and thus has become an attractive target for attackers due to its rapid growth and market worth. Furthermore, the rapid transformation in technological tools in transport industry and speedy evolution of cyber-attacks paved the way for designing efficient IDSs. Motivated by these challenges, we put forward a new secure and efficient IDS approach for the security of SDVs. The propose approach utilizes an emerging strategy to mitigate security vulnerabilities and cyber attacks detection using zero trust (ZT) model. Through this work, we put forward a context-aware zero trust security framework for IoT-based SDVs. The proposed framework utilizes a context-aware design to evaluate the trustworthiness of the devices using multi-source trust and reputation model. Then, to make the framework more effective and reliable, we introduce crawler system into the context of the IoT-devices in SDVs to make the system unbiased. Additionally, an observer module is developed that employs state-of-the-art machine learning algorithm to detect malicious actions. Empirical results on two standard benchmark datasets (i.e., Car Hacking and ToN_IoT) validate the practicality and robustness of propose framework in real-world transport systems with enhanced security and trust management against evolving cyber-threats. Detection results demonstrate that the proposed framework secured the best performance by achieving 99.43% and 99.52% accuracy for Car Hacking and ToN_IoT, respectively. The findings of this study will help the security professionals and researchers to comprehend the importance of ZT architecture in developing effective and robust security solutions for modern IoT-based SDVs.

ChronoBak: Automated cost-effective incremental backup software for large-scale data

Background: Data backup is an important component of data protection and management. It is especially imperative to back up large-scale data to guard against losses due to hardware failure, unauthorized access, software/system malfunction, and unintended deletion. However, businesses and organizations suffer from the financial investment required for data backup and recovery systems. Health-care systems suffer from data breaches and hacking incidents, which increase annually. Therefore, a cost-effective and highly secure backup approach is necessary. Methods: Seven different backup scripts were written in bash within Linux, and Crontab was used as the core chronological scheduler to execute the backup scripts on specific dates and times. These bash scripts, together with Crontab as their scheduler, were used to implement automated incremental backups on a Unix/Linux-based system. Results: ChronoBak is a collection of bash scripts that are compiled and executed through Crontab, which is a standard Unix/Linux function used to schedule hourly, daily, weekly, and monthly maintenance routines using Linux scripts. This strategy enabled us to implement cost-effective incremental backups within any time range. Conclusion: We developed ChronoBak software, which executes an automated incremental backup that is scheduled efficiently and systematically using standard and hidden directories, thereby providing an additional layer of security against cyber threats and system malfunctions.

Analysis of Image Encryption using Triple DES

Abstract: Keeping your essential data secure in today’s world is very essential. There are different types of cyber-attacks which attackers can use to exploit your personal or confidential data for their own needs. Cryptography and its algorithms in cybersecurity has been an important part in providing secure methods to hide or encrypt information or sensitive data which only the person who was intended to be send can access it. This paper presents the triple Data Encryption Standard (DES) approach for secure image encryption from malicious users. This paper provides an efficient, easy and secure approach for encryption of images which is essential in today’s scenario.

Machine Learning to Enhance Security Systems

This research explores the integration of machine learning into security systems, addressing the growing challenges posed by cyber threats. It traces the historical context of cybersecurity measures and the development of machine learning in intrusion detection, anomaly detection, and behavioral analysis. By examining traditional security approaches and their limitations, the study highlights the transformative potential of machine learning. Case studies provide concrete examples of successful applications, demonstrating how machine learning reduces cyber threats. Ethical considerations, implementation challenges, biases, and regulatory aspects are discussed, highlighting the complexities of integrating machine learning into security frameworks. Furthermore, the research explores emerging technologies in cybersecurity and offers insights into the future of machine learning in security. In conclusion, the importance of continuous research is emphasized, positioning machine learning as a dynamic force shaping the future of digital defense and overcoming various challenges in the cybersecurity landscape. Index Terms— Machine Learning, Security Systems, Cybersecurity.

The role of the European Union’s securitisation policies in exacerbating the intersectional vulnerability of refugees and asylum seekers

ABSTRACT This article compares the European Union's (EU) reception and resettlement of European and non-European refugees and asylum seekers from an intersectional viewpoint. It does so using data collected during fieldwork in Greece focusing on Sexual and Gender-Based Violence (SGBV). The goal is to examine, through an empirical and theoretical study, the gendered, racialised, national and religious nature of the EU's approach to its external policies, border security approaches and its constitutive nature based on contingent, relational and non-additive vulnerabilities and inequalities that have been inherited from the EU's colonial past. The study asks how the influx of refugees fleeing the Russian invasion of Ukraine exemplifies the gendered, racialised, national and religious dimension of the EU's approach to border security. It examines how the EU's approach showcases the paternalistic approach to refugees' vulnerability through essentialisation, which leads to their vulnerabilisation. It looks at the intersectional impact of the gendered, racialised, national and religious constitutive nature of non-European refugees, as well as the gendered, racialised, national and religious notion of ‘others'. Based on the comparison, the article contends that, theoretically, State or EU security and human security policies should not be mutually exclusive. However, as the empirical data illustrate, there are multiple competing ‘insecurities’ which are prioritised over others.

A cluster-based quantum key distribution with dynamic node selection: an improved approach for scalability and security in quantum communication

A cluster-based quantum key distribution with dynamic node selection: an improved approach for scalability and security in quantum communication

Peace and the digital revolution: Toward “cyberpeace?”

AbstractThis article will explore challenges posed by the digital communications revolution to some long‐standing concepts and assumptions around security, warfare, and peace. It will demonstrate the obsolescence of the traditional state‐focused national security paradigm with regards to matters of cybersecurity, as well as the limitations of conventional collective security approaches. It will also outline the Internet's potential as a peacebuilding medium, and the crossroads we currently face between a new era of cyberwarfare or an Internet for “cyberpeace.”

Rethinking Human Security Through Feminist Lenses

At the beginning of the 2000s, the increased salience of the concept of human security was a welcome development both in academic and policy circles. Problematizing the state's central role as the principal object of security allowed human beings' security needs and concerns to be put in front and center, at least in theory, if not necessarily in practice. The increasing traction the concept got also allowed several non-traditional security threats, such as environment, health and migration, to be approached through security lenses and put on security agendas. Despite the burgeoning literature and the notable frequency at which the concept of human security got incorporated into policy discussions, it has lost, at least partially, its analytical traction and policy saliency. The lack of a clear definition as well as vague and tactical use of the concept by policymakers have raised concerns about the human security concept turning into an empty signifier. While the human security concept was welcome by some feminist approaches, it is also criticized by others. This article aims to discuss the human security concept through different feminist perspectives and understand its adaptability in the field based on a comparative interpretive analysis of feminist foreign policy initiatives by Sweden, Canada, Mexico, France, Germany, Spain, Chile and Luxembourg. To realize this aim, we analyze the conceptualization and implementation of feminist foreign policies and how they put the human security approach into practice. We seek to problematize how feminist foreign policies tackle the ambiguities and limitations within the human security framework, and to what degree these policies confront or maintain current power dynamics and state-centered security models. We argue that feminist foreign policies do highlight the problems related to gender equality and contribute to their solutions, but do not challenge patriarchy and the power relations behind it. As such, while they contribute to better implementation of human security as a guiding principle for foreign policy, conventional foreign policy concerns limit the change they can create on the ground.

Optical phase image encryption using stokes parameters and singular value decomposition

Abstract In this paper, we propose an optical asymmetric phase image encryption method in which the vectorial light field is used to encode the data. In transverse plane, the vectorial light field has spatially varying polarization distributions where we are allowed to have a greater number of degrees of freedom. In this scheme, the input image is first phase encoded and then modulated by a phase encrypting key, synthesized from the speckles obtained by the scattering of Hermite–Gaussian beams. The modulated image is further processed using fractional Fourier transform with a specific order (α). A pixel scrambling operator is utilized to increase the randomness to further enhance the security and singular value decomposition approach is employed to add the nonlinearity in the encryption process. Now, the stokes parameters, i.e. S 1 and S 2 are calculated using the light intensities correspond to different polarizations. S 1 is used as the encrypted image for transmission and S 2 is reserved as one of the private decryption keys. The robustness of the proposed technique is tested against various existing attacks, such as known plaintext attack, chosen plaintext attack, and contamination attacks. Numerically simulated results validate the effectiveness and efficiency of the proposed method.

Architecture for Enhancing Communication Security with RBAC IoT Protocol-Based Microgrids.

In traditional power grids, the unidirectional flow of energy and information has led to a decrease in efficiency. To address this issue, the concept of microgrids with bidirectional flow and independent power sources has been introduced. The components of a microgrid utilize various IoT protocols such as OPC-UA, MQTT, and DDS to implement bidirectional communication, enabling seamless network communication among different elements within the microgrid. Technological innovation, however, has simultaneously given rise to security issues in the communication system of microgrids. The use of IoT protocols creates vulnerabilities that malicious hackers may exploit to eavesdrop on data or attempt unauthorized control of microgrid devices. Therefore, monitoring and controlling security vulnerabilities is essential to prevent intrusion threats and enhance cyber resilience in the stable and efficient operation of microgrid systems. In this study, we propose an RBAC-based security approach on top of DDS protocols in microgrid systems. The proposed approach allocates roles to users or devices and grants various permissions for access control. DDS subscribers request access to topics and publishers request access to evaluations from the role repository using XACML. The overall implementation model is designed for the publisher to receive XACML transmitted from the repository and perform policy decision making and enforcement. By applying these methods, security vulnerabilities in communication between IoT devices can be reduced, and cyber resilience can be enhanced.

Magnetic recyclable chitosan-graphene immobilized microcystinase A: Removal of microcystins from harmful microcystis blooms

Harmful Microcystis blooms and microcystins have become a major hidden threat to the safety of the water environment. The application of enzymatic degradation of microcystins has been severely limited by the complex environment. In this study, chitosan-graphene (CG), prepared from green biomass, was employed as matrix material, loaded with 100–200 nm Fe3O4 nanoparticles (MCG) and immobilized microcystinase A (MlrA@MCG). The preparation of MlrA@MCG was characterized by scanning electron microscopy, Fourier-transform infrared spectroscopy, X-ray diffraction, vibrating sample magnetometer and fluorescence labelling. The results of the activity analysis demonstrated that MlrA@MCG exhibited superior degradation activity for MCs, as well as enhanced heat and alkaline resistance in comparison to free MlrA. Furthermore, MlrA@MCG can be recovered simply by means of a magnetic field, and its activity remains at 48.6 % after 10 repeated uses. More importantly, MlrA@MCG and the degradation products of MC-LR were not found to be cytotoxic to human cells. It is interesting that the immobilization of MlrA resulted in a reduction in the cytotoxicity of MCG. 0.2 U of MlrA@MCG can still degrade MC-LR from 232.64 μg L−1 to 94.39 μg L−1 in water from simulated severe Microcystis blooms within 24 h, showing excellent catalytic activity and stability. The study proposed a secure and efficacious approach for the elimination of microcystins from harmful Microcystis blooms, offering a promising avenue for the improvement of environmental safety.