A novel autonomous container-based platform for cybersecurity training and research.

Cyberattacks, particularly those targeting systems that store or handle sensitive data, have become more sophisticated in recent years. To face increasing threats, continuous capacity building and digital skill competence are needed. Cybersecurity hands-on training is essential to upskill cybersecurity professionals. However, the cost of developing and maintaining a cyber range platform is high. Setting up an ideal digital environment for cybersecurity exercises can be challenging and often need to invest a lot of time and system resources in this process. In this article, we present a lightweight cyber range platform that was developed under the open-source cloud platform OpenStack, based on Docker technology using IaC methodology. Combining the advantages of Docker technology, DevOps automation capabilities, and the cloud platform, the proposed cyber range platform achieves the maximization of performance and scalability while reducing costs and resources.

A Safety-Aware Location Privacy-Preserving IoV Scheme with Road Congestion-Estimation in Mobile Edge Computing.

By leveraging the conventional Vehicular Ad-hoc Networks (VANETs), the Internet of Vehicles (IoV) paradigm has attracted the attention of different research and development bodies. However, IoV deployment is still at stake as many security and privacy issues are looming; location tracking using overheard safety messages is a good example of such issues. In the context of location privacy, many schemes have been deployed to mitigate the adversary's exploiting abilities. The most appealing schemes are those using the silent period feature, since they provide an acceptable level of privacy. Unfortunately, the cost of silent periods in most schemes is the trade-off between privacy and safety, as these schemes do not consider the timing of silent periods from the perspective of safety. In this paper, and by exploiting the nature of public transport and role vehicles (overseers), we propose a novel location privacy scheme, called OVR, that uses the silent period feature by letting the overseers ensure safety and allowing other vehicles to enter into silence mode, thus enhancing their location privacy. This scheme is inspired by the well-known war strategy "Give up a Pawn to Save a Chariot". Additionally, the scheme does support road congestion estimation in real time by enabling the estimation locally on their On-Board Units that act as mobile edge servers and deliver these data to a static edge server that is implemented at the cell tower or road-side unit level, which boosts the connectivity and reduces network latencies. When OVR is compared with other schemes in urban and highway models, the overall results show its beneficial use.

Cybersecurity of Critical Infrastructures: Challenges and Solutions.

People's lives are becoming more and more dependent on information and computer technology [...].

A multiplayer game model to detect insiders in wireless sensor networks.

Insiders might have incentives and objectives opposed to those of the belonging organization. It is hard to detect them because of their privileges that partially protect them. In Wireless Sensor Networks (WSNs), significant security issues arise, including compromised nodes by insiders that disrupt the normal network operation. Immediate defensive actions to isolate malicious nodes would mitigate any related impacts. A multiplayer game model is proposed as a solution to the problem of insider attacks in WSNs, the Game of Wireless Sensor Networks (GoWiSeN). It is an imperfect information game, formulated with the use of non-cooperative game theory, holding the assumption that all players are rational. The model consists of several Local Intrusion Detection Systems (LIDSs), which are located to different nodes and communicate with a Global Intrusion Detection System (GIDS). Each LIDS gives suggestions whether the monitoring node is trusted or not. The game is being played between a potential attacker, the nodes and the GIDS. The GIDS is responsible for making a final decision and for isolating a compromised node in case of an internal attack. The theoretical model represents these interactions in an extensive form game. The formal elements of the game are specified, the outcomes of the game are quantified by first specifying players' preferences, and then, by using the von Neumann-Morgenstern utility function, and payoffs are obtained. The game is constructed and solved, by locating NE in pure and mixed strategies. Experimental evaluations conducted on real network datasets, using IDSs of different capabilities, simulate special cases and compromised nodes in a WSN, verify the model efficiency, and show how the game should be played.

Cybersecurity maturity assessment framework for higher education institutions in Saudi Arabia.

The Saudi Arabia government has proposed different frameworks such as the CITC's Cybersecurity Regulatory Framework (CRF) and the NCA's Essential Cybersecurity Controls (ECC) to ensure data and infrastructure security in all IT-based systems. However, these frameworks lack a practical, published mechanism that continuously assesses the organizations' security level, especially in HEI (Higher Education Institutions) systems. This paper proposes a Cybersecurity Maturity Assessment Framework (SCMAF) for HEIs in Saudi Arabia. SCMAF is a comprehensive, customized security maturity assessment framework for Saudi organizations aligned with local and international security standards. The framework can be used as a self-assessment method to establish the security level and highlight the weaknesses and mitigation plans that need to be implemented. SCMAF is a mapping and codification model for all regulations that the Saudi organizations must comply with. The framework uses different levels of maturity against which the security performance of each organization can be measured. SCMAF is implemented as a lightweight assessment tool that could be provided online through a web-based service or offline by downloading the tool to ensure the organizations' data privacy. Organizations that apply this framework can assess the security level of their systems, conduct a gap analysis and create a mitigation plan. The assessment results are communicated to the organization using visual score charts per security requirement per level attached with an evaluation report.

WHISPER: A Location Privacy-Preserving Scheme Using Transmission Range Changing for Internet of Vehicles.

Internet of Vehicles (IoV) has the potential to enhance road-safety with environment sensing features provided by embedded devices and sensors. This benignant feature also raises privacy issues as vehicles announce their fine-grained whereabouts mainly for safety requirements, adversaries can leverage this to track and identify users. Various privacy-preserving schemes have been designed and evaluated, for example, mix-zone, encryption, group forming, and silent-period-based techniques. However, they all suffer inherent limitations. In this paper, we review these limitations and propose WHISPER, a safety-aware location privacy-preserving scheme that adjusts the transmission range of vehicles in order to prevent continuous location monitoring. We detail the set of protocols used by WHISPER, then we compare it against other privacy-preserving schemes. The results show that WHISPER outperformed the other schemes by providing better location privacy levels while still fulfilling road-safety requirements.

Two-Hop Monitoring Mechanism Based on Relaxed Flow Conservation Constraints against Selective Routing Attacks in Wireless Sensor Networks.

In this paper, we investigate the problem of selective routing attack in wireless sensor networks by considering a novel threat, named the upstream-node effect, which limits the accuracy of the monitoring functions in deciding whether a monitored node is legitimate or malicious. To address this limitation, we propose a one-dimensional one-class classifier, named relaxed flow conservation constraint, as an intrusion detection scheme to counter the upstream node attack. Each node uses four types of relaxed flow conservation constraints to monitor all of its neighbors. Three constraints are applied by using one-hop knowledge, and the fourth one is calculated by monitoring two-hop information. The latter is obtained by proposing two-hop energy-efficient and secure reporting scheme. We theoretically analyze the security and performance of the proposed intrusion detection method. We also show the superiority of relaxed flow conservation constraint in defending against upstream node attack compared to other schemes. The simulation results show that the proposed intrusion detection system achieves good results in terms of detection effectiveness.

Use Of Smartphones for Ensuring Vulnerable Road User Safety through Path Prediction and Early Warning: An In-Depth Review of Capabilities, Limitations and Their Applications in Cooperative Intelligent Transport Systems.

The field of cooperative intelligent transport systems and more specifically pedestrians to vehicles could be characterized as quite challenging, since there is a broad research area to be studied, with direct positive results to society. Pedestrians to vehicles is a type of cooperative intelligent transport system, within the group of early warning collision/safety system. In this article, we examine the research and applications carried out so far within the field of pedestrians to vehicles cooperative transport systems by leveraging the information coming from vulnerable road users' smartphones. Moreover, an extensive literature review has been carried out in the fields of vulnerable road users outdoor localisation via smartphones and vulnerable road users next step/movement prediction, which are closely related to pedestrian to vehicle applications and research. We identify gaps that exist in these fields that could be improved/extended/enhanced or newly developed, while we address future research objectives and methodologies that could support the improvement/development of those identified gaps.

Blockchain and Random Subspace Learning-Based IDS for SDN-Enabled Industrial IoT Security.

The industrial control systems are facing an increasing number of sophisticated cyber attacks that can have very dangerous consequences on humans and their environments. In order to deal with these issues, novel technologies and approaches should be adopted. In this paper, we focus on the security of commands in industrial IoT against forged commands and misrouting of commands. To this end, we propose a security architecture that integrates the Blockchain and the Software-defined network (SDN) technologies. The proposed security architecture is composed of: (a) an intrusion detection system, namely RSL-KNN, which combines the Random Subspace Learning (RSL) and K-Nearest Neighbor (KNN) to defend against the forged commands, which target the industrial control process, and (b) a Blockchain-based Integrity Checking System (BICS), which can prevent the misrouting attack, which tampers with the OpenFlow rules of the SDN-enabled industrial IoT systems. We test the proposed security solution on an Industrial Control System Cyber attack Dataset and on an experimental platform combining software-defined networking and blockchain technologies. The evaluation results demonstrate the effectiveness and efficiency of the proposed security solution.

Evaluating information security core human error causes (IS-CHEC) technique in public sector and comparison with the private sector.

BACKGROUND: The number of reported public sector information security incidents has significantly increased recently including 22% related to the UK health sector. Over two thirds of these incidents pertain to human error, but despite this, there are limited published related works researching human error as it affects information security. METHOD: This research conducts an empirical case study into the feasibility and implementation of the Information Security Core Human Error Causes (IS-CHEC) technique which is an information security adaptation of Human Error Assessment and Reduction Technique (HEART). We analysed 12 months of reported information security incidents for a participating public sector organisation providing healthcare services and mapped them to the IS-CHEC technique. RESULTS: The results show that the IS-CHEC technique is applicable to the field of information security but identified that the underpinning HEART human error probability calculations did not align to the recorded incidents. The paper then proposes adaptation of the IS-CHEC technique based on the feedback from users during the implementation. We then compared the results against those of a private sector organisation established using the same approach. CONCLUSIONS: The research concluded that the proportion of human error is far higher than reported in current literature. The most common causes of human error within the participating public sector organisation were lack of time for error detection and correction, no obvious means of reversing an unintended action and people performing repetitious tasks.

Electronic medical records and risk management in hospitals of Saudi Arabia.

OBJECTIVE: Electronic medical records systems and the associated risks have been well studied in developed countries; the same cannot be said for systems in developing countries. Previous research in Saudi Arabian health-care organizations has shown a low level of quality in hospital services due to ineffective risk management. The objective of this research is to apply the Systems Theoretic Accident Modelling and Processes (STAMP) risk management technique in Saudi Arabia and evaluate its implementation. PARTICIPANTS: The participating organization is a health-care organization in Saudi Arabia Methods: A two-phase case study was conducted. The first phase implemented the STAMP technique to identify and manage risks to the system. For the second phase, the STAMP technique was extended to include a checklist, to increase STAMP's capability to mitigate risks, and the process reapplied. RESULTS AND CONCLUSION: The results demonstrated that the inclusion of the STAMP Checklist reduced errors and prevented system failures compared to regular STAMP.