Network Intrusion Detection in Internet of Blended Environment Using Ensemble of Heterogeneous Autoencoders(E-HAE)

Contemporary attackers,mainly motivated by financial gain,consistently devise sophisticated penetration techniques to access important information or data.The growing use of Internet of Things(IoT)technology in the contemporary convergence environment to connect to corporate networks and cloud-based applications only worsens this situation,as it facilitates multiple new attack vectors to emerge effortlessly.As such,existing intrusion detection systems suffer from performance degradation mainly because of insufficient considerations and poorly modeled detection systems.To address this problem,we designed a blended threat detection approach,considering the possible impact and dimensionality of new attack surfaces due to the aforementioned convergence.We collectively refer to the convergence of different technology sectors as the internet of blended environment.The proposed approach encompasses an ensemble of heterogeneous probabilistic autoencoders that leverage the corresponding advantages of a convolutional variational autoencoder and long short-term memory variational autoencoder.An extensive experimental analysis conducted on the TON_IoT dataset demonstrated 96.02%detection accuracy.Furthermore,performance of the proposed approach was compared with various single model(autoencoder)-based network intrusion detection approaches:autoencoder,variational autoencoder,convolutional variational autoencoder,and long short-term memory variational autoencoder.The proposed model outperformed all compared models,demonstrating F1-score improvements of 4.99%,2.25%,1.92%,and 3.69%,respectively.

Secure e-Prescription Management System:Mitigating Blended Threat in IoBE

New information and communication technologies(ICT)are being applied in various industries to upgrade the value of the major service items.Moreover,data collection,storage,processing,and security applications have led to the creation of an interrelated ICT environment in which one industry can directly influence the other.This is called the“internet of blended environ-ments”(IoBE),as it is an interrelated data environment based on internet-of-things collection activities.In this environment,security incidents may increase as size and interconnectivity of attackable operations grow.Consequently,pre-emptive responses to combined security threats are needed to securely utilize IoBE across industries.For example,the medical industry has more stringent information protection measures than other industries.Consequently,it has become a major target of attackers,as more clinician–patient interactions occur over the internet owing to COVID-19.Therefore,this study aims to acquire security for IoBE while focusing on the medical industry.Among the various types of medical ICT services,this study analyzes dataflow and potential security threats from the e-prescription lifecycle perspective,which is highly utilized,strongly data-centric,and has numerous security issues.Based on our analysis,we propose a secure authentication and data-sharing scheme.

Detection Technique of Software-Induced Rowhammer Attacks

Side-channel attacks have recently progressed into software-induced attacks.In particular,a rowhammer attack,which exploits the characteristics of dynamic random access memory(DRAM),can quickly and continuously access the cells as the cell density of DRAM increases,thereby generating a disturbance error affecting the neighboring cells,resulting in bit flips.Although a rowhammer attack is a highly sophisticated attack in which disturbance errors are deliberately generated into data bits,it has been reported that it can be exploited on various platforms such as mobile devices,web browsers,and virtual machines.Furthermore,there have been studies on bypassing the defense measures of DRAM manufacturers and the like to respond to rowhammer attacks.A rowhammer attack can control user access and compromise the integrity of sensitive data with attacks such as a privilege escalation and an alteration of the encryption keys.In an attempt to mitigate a rowhammer attack,various hardware-and software-based mitigation techniques are being studied,but there are limitations in that the research methods do not detect the rowhammer attack in advance,causing overhead or degradation of the system performance.Therefore,in this study,a rowhammer attack detection technique is proposed by extracting common features of rowhammer attack files through a static analysis of rowhammer attack codes.

Machine Learning-Based Advertisement Banner Identification Technique for Effective Piracy Website Detection Process

In the contemporary world, digital content that is subject to copyright is facing significant challenges against the act of copyright infringement.Billions of dollars are lost annually because of this illegal act. The currentmost effective trend to tackle this problem is believed to be blocking thosewebsites, particularly through affiliated government bodies. To do so, aneffective detection mechanism is a necessary first step. Some researchers haveused various approaches to analyze the possible common features of suspectedpiracy websites. For instance, most of these websites serve online advertisement, which is considered as their main source of revenue. In addition, theseadvertisements have some common attributes that make them unique ascompared to advertisements posted on normal or legitimate websites. Theyusually encompass keywords such as click-words (words that redirect to installmalicious software) and frequently used words in illegal gambling, illegal sexual acts, and so on. This makes them ideal to be used as one of the key featuresin the process of successfully detecting websites involved in the act of copyrightinfringement. Research has been conducted to identify advertisements servedon suspected piracy websites. However, these studies use a static approachthat relies mainly on manual scanning for the aforementioned keywords. Thisbrings with it some limitations, particularly in coping with the dynamic andever-changing behavior of advertisements posted on these websites. Therefore,we propose a technique that can continuously fine-tune itself and is intelligentenough to effectively identify advertisement (Ad) banners extracted fromsuspected piracy websites. We have done this by leveraging the power ofmachine learning algorithms, particularly the support vector machine with theword2vec word-embedding model. After applying the proposed technique to1015 Ad banners collected from 98 suspected piracy websites and 90 normal orlegitimate websites, we were able to successfully identify Ad banners extractedfrom suspected piracy websites with an accuracy of 97%. We present thistechnique with the hope that it will be a useful tool for various effective piracywebsite detection approaches. To our knowledge, this is the first approachthat uses machine learning to identify Ad banners served on suspected piracywebsites.

Secure Sharing Scheme of Sensitive Data in the Precision Medicine System

Numerous industries,especially the medical industry,are likely to exhibit significant developments in the future.Ever since the announcement of the precision medicine initiative by the United States in 2015,interest in the field has considerably increased.The techniques of precision medicine are employed to provide optimal treatment and medical services to patients,in addition to the prevention and management of diseases via the collection and analysis of big data related to their individual genetic characteristics,occupation,living environment,and dietary habits.As this involves the accumulation and utilization of sensitive information,such as patient history,DNA,and personal details,its implementation is difficult if the data are inaccurate,exposed,or forged,and there is also a concern for privacy,as massive amount of data are collected;hence,ensuring the security of information is essential.Therefore,it is necessary to develop methods of securely sharing sensitive data for the establishment of a precision medicine system.An authentication and data sharing scheme is presented in this study on the basis of an analysis of sensitive data.The proposed scheme securely shares sensitive data of each entity in the precision medicine system according to its architecture and data flow.

Novel Architecture of Security Orchestration, Automation and Response in Internet of Blended Environment

New technologies that take advantage of the emergence of massive Internet of Things(IoT)and a hyper-connected network environment have rapidly increased in recent years.These technologies are used in diverse environments,such as smart factories,digital healthcare,and smart grids,with increased security concerns.We intend to operate Security Orchestration,Automation and Response(SOAR)in various environments through new concept definitions as the need to detect and respond automatically to rapidly increasing security incidents without the intervention of security personnel has emerged.To facilitate the understanding of the security concern involved in this newly emerging area,we offer the definition of Internet of Blended Environment(IoBE)where various convergence environments are interconnected and the data analyzed in automation.We define Blended Threat(BT)as a security threat that exploits security vulnerabilities through various attack surfaces in the IoBE.We propose a novel SOAR-CUBE architecture to respond to security incidents with minimal human intervention by automating the BT response process.The Security Orchestration,Automation,and Response(SOAR)part of our architecture is used to link heterogeneous security technologies and the threat intelligence function that collects threat data and performs a correlation analysis of the data.SOAR is operated under Collaborative Units of Blended Environment(CUBE)which facilitates dynamic exchanges of data according to the environment applied to the IoBE by distributing and deploying security technologies for each BT type and dynamically combining them according to the cyber kill chain stage to minimize the damage and respond efficiently to BT.