Data-driven Security Research Articles

Data-Driven Security Consensus Tracking of Multiple High-Speed Trains Under Random Topologies With Data Recovery Mechanism

Data-Driven Security Consensus Tracking of Multiple High-Speed Trains Under Random Topologies With Data Recovery Mechanism

Data-Driven Security Control for Vehicular Platooning Systems With Finite-Time Prescribed Performance

Data-Driven Security Control for Vehicular Platooning Systems With Finite-Time Prescribed Performance

Cybersecurity in Big Data Era: From Securing Big Data to Data-Driven Security

In the age of information, the proverb "knowledge is power" has been shown to be true. admission to, which ultimately leads to knowledge acquisition. The relevance of the ability to glean knowledge from vast amounts of facts has increased. To describe the process of distributing, storing, and gathering enormous amounts of data for future analysis, researchers coined the term "big data analytics" (BDA). Data is generated at an alarming rate. The Internet of Things (IoT), the net's explosive expansion, and other technological advancements are the main forces behind this long-term growth. Since the information generated reflects the environment in which it is formed, the use of information gleaned from systems to understand the inner workings of those systems. The goal of protecting assets has been developed into a crucial component of cybersecurity. Additionally, big data now has the status of a high-value target due to the growing value of data. Current cybersecurity research in relation to big data has been reported here to explore big data security and its potential use as a cybersecurity tool. This gives trends, open research projects, and challenges along with a summary of current studies in the form of tables. In addition to current advancements and unanswered questions in this area of active research, this research work also provides readers a more thorough understanding of safety in the big data era.

Unveiling Rare Patterns: Anomaly Detection in CCTV Footage for Safeguarding Home Premises

Abstract Protecting residential properties through CCTV surveillance has become a crucial aspect of contemporary living. In the age of data-driven security, detecting unusual and infrequent patterns within CCTV footage is of significant importance. Conventional anomaly detection methods often need help to handle the intricacies and distinctiveness of home environments, where family members and potential intruders co-exist. To address these challenges, this research incorporates extensive datasets, various machine-learning techniques, and thorough evaluation measures to pinpoint rare patterns that might signal threats to residential premises. These findings provide valuable insights for homeowners, security professionals, and developers working on surveillance systems.

CSNet 2022 special issue—decentralized and data-driven security in networking

CSNet 2022 special issue—decentralized and data-driven security in networking

Event-Triggered Data-Driven Security Formation Control for Quadrotors Under Denial-of-Service Attacks and Communication Faults.

In this article, the security formation control problem is investigated for underactuated quadrotors involving nonlinear coupled dynamics, subject to denial-of-service (DoS) attacks and uncertain communication faults. A security formation control method is proposed, including a distributed resilient observer and a hierarchical data-driven controller. The observer with an adaptive event-triggered mechanism is developed to restrain the influence of DoS and communication faults on interaction information among quadrotors, and Zeno behavior of all observers can be avoided. The optimal control laws are learned iteratively based on observation data and system data by utilizing reinforcement learning without knowledge of system dynamics. The stability of the constructed closed-loop control system is proven, and sufficient conditions are established for the unreliable network. Simulation results demonstrate the advantages of the proposed security control method.

Data-Driven Security and Stability Rule in High Renewable Penetrated Power System Operation

Power systems around the world are experiencing an energy revolution that substitutes fossil fuels with renewable energy. Such a transition poses two significant challenges: highly variable generators that add short-term and long-term difficulties for supply–demand balance, and a high proportion of convertor-based devices that may jeopardize power system security and stability. At the same time, machine learning techniques provide more opportunities to study the complex power system security and stability problems. This article summarizes the machine learning framework to embed security rules into power system operation optimization under high renewable energy penetration. First, we explore how high penetration renewable energy impacts power system security and stability. Then, we review how the complex security and stability boundary of power systems is modeled using various machine learning techniques. Finally, we show how the machine learning model is transformed into optimization constraints that can be embedded into the power system operation model. The framework is substantiated through case studies of practical power systems.

Data-Driven Security Measurements to Improve Safety in NYC and NJ Mass Transit

Public transit in America in recent years is potentially vulnerable to terrorist or mass casualty attacks. These vulnerabilities are in part due to the lack of strict screening and content policing, unlike security at airports, but also their attractiveness as a potentially high-value target. Although current public transit systems are designed to efficiently allow passengers to quickly travel, screening of individual riders for weapons remains limited due to current technology limitations and high peak throughput requirements. This paper aims to develop an understanding of the current state of security check systems as applicable to high-traffic subway stations. We also worked towards creating a proof-of-concept risk analysis model using crime and other types of publicly available data for the New York City and New Jersey transit regions.

Data-driven power system security assessment using high content database during the COVID-19 pandemic

As the coronavirus disease (COVID-19) broke out in late 2019, the electricity sector was significantly impacted. Hence, the effects of the pandemic and restricting measures in power system operation are investigated during pandemic circumstances. The secure operation of the power system is a fundamental requirement. Appropriate procedures should be taken to mitigate these effects and ensure the power system's security. Accordingly, in this study, the authors determine that the COVID-19 pandemic can change the system's operating conditions in the first stage. Since data-driven security assessment methods require the training database to learn about Security constraints, this paper proposes an efficient database generation strategy respecting the consequences of the COVID-19 outbreak. The proposed strategy provides a training set with high information content compatible with the operating conditions. To this end, the method consists of a characteristics extraction approach and updating scheme. The characteristics should be extracted to represent the operating conditions of the system.Further, the similarity of intervals is compared using characteristics in updating scheme. The copula-based sampling approach is provided to generate the random samples. The proposed strategy generates a database for data-driven methods. Therefore, it can be utilized in various applications of security assessment. Real-world data is mapped to the IEEE 39-bus system to illustrate the framework efficiency. The outcomes indicate that a classification using the proposed strategy outperforms conventional methods in terms of evaluation metrics.© 2017 Elsevier Inc. All rights reserved.

A Review on Data-Driven Security Assessment of Power Systems: Trends and Applications of Artificial Intelligence

A Review on Data-Driven Security Assessment of Power Systems: Trends and Applications of Artificial Intelligence

Data-Driven Security: Improving Autonomous Systems through Data Analytics and Cybersecurity

This study evaluates the performance and response characteristics of multiple machine learning (ML) models across various cybersecurity threat detection tasks and compared the performance metrics-Accuracy, Precision, Recall, Support Vector Machine (SVM), Random Forest, Neural Network, and K-Nearest Neighbors (KNN) models. Random Forest and SVM demonstrated superior performance, with high accuracy, precision, and recall, and low false positive rates, while KNN lagged slightly. Precision-recall and ROC curves were further analyzed, revealing that Random Forest achieved the highest Area Under Curve (AUC), followed closely by SVM, underscoring their robustness in handling complex data patterns. The data-driven framework outperformed the traditional framework in response time, detection rate, and integration, while the traditional framework exhibited higher user satisfaction. And the response times were analyzed for detecting distinct threat types, including Phishing, Denial of Service (DoS), Malware, and Spoofing. Phishing attacks recorded the lowest response times, while Spoofing and Malware presented higher, more variable times, reflecting their complexity. These results highlight the efficiency of machine learning-based approaches, especially ensemble models, in cybersecurity applications, enhancing detection capabilities and reducing false positives. Our findings provide insights into optimizing model selection and framework deployment to bolster cybersecurity defenses.

A Multi-Layer Data-Driven Security Constrained Unit Commitment Approach with Feasibility Compliance

Security constrained unit commitment is an essential part of the day-ahead energy markets. The presence of discrete and continuous variables makes it a complex, mixed-integer, and time-hungry optimization problem. Grid operators solve unit commitment problems multiple times daily with only minor changes in the operating conditions. Solving a large-scale unit commitment problem requires considerable computational effort and a reasonable time. However, the solution time can be improved by exploiting the fact that the operating conditions do not change significantly in the day-ahead market clearing. Therefore, in this paper, a novel multi-layer data-driven approach is proposed, which significantly improves the solution time (90% time-reduction on average for the three studied systems). The proposed approach not only provides a near-optimal solution (<1% optimality gap) but also ensures that it is feasible for the stable operation of the system (0% infeasible predicted solutions). The efficacy of the developed algorithm is demonstrated through numerical simulations on three test systems, namely a 4-bus system and the IEEE 39-bus and 118-bus systems, and promising results are obtained.

A Feature-Based Robust Method for Abnormal Contracts Detection in Ethereum Blockchain

Blockchain technology has allowed many abnormal schemes to hide behind smart contracts. This causes serious financial losses, which adversely affects the blockchain. Machine learning technology has mainly been utilized to enable automatic detection of abnormal contract accounts in recent years. In spite of this, previous machine learning methods have suffered from a number of disadvantages: first, it is extremely difficult to identify features that enable accurate detection of abnormal contracts, and based on these features, statistical analysis is also ineffective. Second, they ignore the imbalances and repeatability of smart contract accounts, which often results in overfitting of the model. In this paper, we propose a data-driven robust method for detecting abnormal contract accounts over the Ethereum Blockchain. This method comprises hybrid features set by integrating opcode n-grams, transaction features, and term frequency-inverse document frequency source code features to train an ensemble classifier. The extra-trees and gradient boosting algorithms based on weighted soft voting are used to create an ensemble classifier that balances the weaknesses of individual classifiers in a given dataset. The abnormal and normal contract data are collected by analyzing the open source etherscan.io, and the problem of the imbalanced dataset is solved by performing the adaptive synthetic sampling. The empirical results demonstrate that the proposed individual feature sets are useful for detecting abnormal contract accounts. Meanwhile, combining all the features enhances the detection of abnormal contracts with significant accuracy. The experimental and comparative results show that the proposed method can distinguish abnormal contract accounts for the data-driven security of blockchain Ethereum with satisfactory performance metrics.

Data-Driven Security and Democratic Intelligence: Key Role of Critical Engagement by Academia

This article raises awareness on the value of epistemic diversity for democratic intelligence governance by highlighting the role of academia. Specifically, it argues that the expertise of critically engaged scholars can play a leading role in challenging the expert discourse of intelligence agencies in the age of Big Data and Artificial Intelligence proliferation. The article examines how the intelligence expert discourse is constructed in the post-Snowden landscape in the United Kingdom by investigating the public communication strategies of Government Communications Headquarters. Driven by a normative rhetoric centered on transparency, the agency’s unprecedented steps toward public engagement are traced through an analysis of key policy documents, official statements, and a museum exhibition. In the ensuing, and novel, context of openness and widespread discursivity around controversial technologies and practices employed by intelligence agencies, critically engaged academia can bring a much-needed diversity of perspective to an increasingly complex and vital policy area in contemporary democratic societies.

Data-Driven Zero Trust Key Algorithm

In today’s information society, network security is a crucial issue. Network security technology is changing as a result of the development of emerging technologies such as big data, cloud computing, and artificial intelligence. Data-driven (DD) security has emerged as a new network security technology development direction. The key technologies for DD network security are discussed in depth in this paper. A data security protection system is designed from the perspective of ZT, based on advanced security concepts and technologies developed by ZT, as well as a foreign data security governance framework. The number of alarms generated per hour is counted, removal rules are defined, and real-time rule matching is performed to eliminate false alarms based on different combinations of attributes. By analyzing the security data generation rules and internal relations, a security aggregation method can reduce redundant data and improve alarm quality.

Cybersecurity in Big Data Era: From Securing Big Data to Data-Driven Security

‘‘Knowledge is power” is an old adage that has been found to be true in today’s information age. Knowledge is derived from having access to information. The ability to gather information from large volumes of data has become an issue of relative importance. Big Data Analytics (BDA) is the term coined by researchers to describe the art of processing, storing and gathering large amounts of data for future examination. Data is being produced at an alarming rate. The rapid growth of the Internet, Internet of Things (IoT) and other technological advances are the main culprits behind this sustained growth. The data generated is a reflection of the environment it is produced out of, thus we can use the data we get out of systems to figure out the inner workings of that system. This has become an important feature in cybersecurity where the goal is to protect assets. Furthermore, the growing value of data has made big data a high value target. In this paper, we explore recent research works in cybersecurity in relation to big data. We highlight how big data is protected and how big data can also be used as a tool for cybersecurity. We summarize recent works in the form of tables and have presented trends, open research challenges and problems. With this paper, readers can have a more thorough understanding of cybersecurity in the big data era, as well as research trends and open challenges in this active research area.

CyberLearning: Effectiveness analysis of machine learning security modeling to detect cyber-anomalies and multi-attacks

Detecting cyber-anomalies and attacks are becoming a rising concern these days in the domain of cybersecurity. The knowledge of artificial intelligence, particularly, the machine learning techniques can be used to tackle these issues. However, the effectiveness of a learning-based security model may vary depending on the security features and the data characteristics. In this paper, we present “CyberLearning”, a machine learning-based cybersecurity modeling with correlated-feature selection, and a comprehensive empirical analysis on the effectiveness of various machine learning based security models. In our CyberLearning modeling, we take into account a binary classification model for detecting anomalies, and multi-class classification model for various types of cyber-attacks. To build the security model, we first employ the popular ten machine learning classification techniques, such as naive Bayes, Logistic regression, Stochastic gradient descent, K-nearest neighbors, Support vector machine, Decision Tree, Random Forest, Adaptive Boosting, eXtreme Gradient Boosting, as well as Linear discriminant analysis. We then present the artificial neural network-based security model considering multiple hidden layers. The effectiveness of these learning-based security models is examined by conducting a range of experiments utilizing the two most popular security datasets, UNSW-NB15 and NSL-KDD. Overall, this paper aims to serve as a reference point for data-driven security modeling through our experimental analysis and findings in the context of cybersecurity.

Improved Mitigation of Cyber Threats in IIoT for Smart Cities: A New-Era Approach and Scheme.

Cybersecurity in Industrial Internet of Things (IIoT) has become critical as smart cities are becoming increasingly linked to industrial control systems (ICSs) used in critical infrastructure. Consequently, data-driven security systems for analyzing massive amounts of data generated by smart cities have become essential. A representative method for analyzing large-scale data is the game bot detection approach used in massively multiplayer online role-playing games. We reviewed the literature on bot detection methods to extend the anomaly detection approaches used in bot detection schemes to IIoT fields. Finally, we proposed a process wherein the data envelopment analysis (DEA) model was applied to identify features for efficiently detecting anomalous behavior in smart cities. Experimental results using random forest show that our extracted features based on a game bot can achieve an average F1-score of 0.99903 using 10-fold validation. We confirmed the applicability of the analyzed game-industry methodology to other fields and trained a random forest on the high-efficiency features identified by applying a DEA, obtaining an F1-score of 0.997 using the validation set approach. In this study, an anomaly detection method for analyzing massive smart city data based on a game industry methodology was presented and applied to the ICS dataset.

Anomalous Event Sequence Detection

Anomaly detection has been widely applied in modern data-driven security applications to detect abnormal events/entities that deviate from the majority. However, less work has been done in terms of detecting suspicious event sequences/paths, which are better discriminators than single events/entities for distinguishing normal and abnormal behaviors in complex systems such as cyber-physical systems. A key and challenging step in this endeavor is how to discover those abnormal event sequences from millions of system event records in an efficient and accurate way. To address this issue, we propose NINA, a network diffusion based algorithm for identifying anomalous event sequences. Experimental results on both static and streaming data show that NINA is efficient (processes about 2 million records per minute) and accurate.

Data-Driven Security for Smart City Systems: Carving a Trail

Smart cities rely heavily on collecting and using data. Smart systems are implemented and deployed to provide intelligent features that help improve efficiency and quality of life. This creates a huge repository of data representing many aspects of smart city operations. Many data-driven applications can take advantage of this data to further improve the “smartness” of a smart city. At the same time, smart city systems, being very large-scale distributed systems and highly integrated with the physical infrastructure and residents of the city, pose immense security challenges as well. So why don't we take advantage of this data to improve security measures? In this paper we propose the use of data-driven security approaches to secure smart city systems. To illustrate the significance of this approach we first identify the different challenges for securing smart city systems given the unique characteristics of these systems. Then we discuss the benefits of using data-driven security. Furthermore, we categorize the different types of security applications (features) needed to help capitalize on the data needs and benefits. We also discuss the how these categories of applications can alleviate some of the challenges. In addition, we highlight possible future research directions to incorporate effective data-driven security in smart city systems.