RESUMO
Insider threats are malicious acts that can be carried out by an authorized employee within an organization. Insider threats represent a major cybersecurity challenge for private and public organizations, as an insider attack can cause extensive damage to organization assets much more than external attacks. Most existing approaches in the field of insider threat focused on detecting general insider attack scenarios. However, insider attacks can be carried out in different ways, and the most dangerous one is a data leakage attack that can be executed by a malicious insider before his/her leaving an organization. This paper proposes a machine learning-based model for detecting such serious insider threat incidents. The proposed model addresses the possible bias of detection results that can occur due to an inappropriate encoding process by employing the feature scaling and one-hot encoding techniques. Furthermore, the imbalance issue of the utilized dataset is also addressed utilizing the synthetic minority oversampling technique (SMOTE). Well known machine learning algorithms are employed to detect the most accurate classifier that can detect data leakage events executed by malicious insiders during the sensitive period before they leave an organization. We provide a proof of concept for our model by applying it on CMU-CERT Insider Threat Dataset and comparing its performance with the ground truth. The experimental results show that our model detects insider data leakage events with an AUC-ROC value of 0.99, outperforming the existing approaches that are validated on the same dataset. The proposed model provides effective methods to address possible bias and class imbalance issues for the aim of devising an effective insider data leakage detection system.
RESUMO
The rise of Electric Vehicles (EVs) has introduced significant advancement and evolution in the electricity market. In smart transportation, the EVs have earned more popularity because of its numerous benefits including lower carbon footprints, higher performance, and sophisticated energy trading mechanisms. These potential benefits have resulted in widespread EV adoption across the world. Despite its benefits, energy management remains the biggest challenge in EVs and it is mainly because of the lack of Charging Stations (CSs) near EVs. This creates a demand for an effective, secure and reliable energy management framework for EVs. This study presents a secure data and energy trade paradigm based on Blockchain (BC) in the Internet of EVs (IoEV). BC technology prepares for the high volume of EV integration that serves as the foundation for the next generation, and to assist in developing unique privacy-protected BC-based D-Trading and storage Models. Entities evaluated for the proposed model include Trusted Authority (TA), Vehicles, Smart Meters, Roadside Units (RSU), BC, and Inter-Planetary File System (IPFS). In addition, E-trading involves several phases, including the acquiring E-trading demand requests, E-trading response requests, request matching and token assignment. Moreover, account mapping is performed using a Mayfly Pelican Optimization Algorithm (MPOA), which is created by merging the Mayfly Algorithm (MA) and Pelican Optimization Algorithm (POA). Various security features are used to protect data and energy trade in IoEV, including encryption, hashing, polynomials, and others. The testing results revealed that the MPOA outperformed the state-of-the-art results regarding memory consumption, trading rate, transaction cost, and trading energy volume with values of 4.605 MB, 91%, 0.654, and 90 kW, respectively.
RESUMO
The security of the Internet of Things (IoT) is crucial in various application platforms, such as the smart city monitoring system, which encompasses comprehensive monitoring of various conditions. Therefore, this study conducts an analysis on the utilization of blockchain technology for the purpose of monitoring Internet of Things (IoT) systems. The analysis is carried out by employing parametric objective functions. In the context of the Internet of Things (IoT), it is imperative to establish well-defined intervals for job execution, ensuring that the completion status of each action is promptly monitored and assessed. The major significance of proposed method is to integrate a blockchain technique with neuro-fuzzy algorithm thereby improving the security of data processing units in all smart city applications. As the entire process is carried out with IoT the security of data in both processing and storage units are not secured therefore confidence level of monitoring units are maximized at each state. Due to the integration process the proposed system model is implemented with minimum energy conservation where 93% of tasks are completed with improved security for about 90%.
RESUMO
With the wide use of technologies nowadays, various security issues have emerged. Public and private sectors are both spending a large portion of their budget to protect the confidentiality, integrity, and availability of their data from possible attacks. Among these attacks are insider attacks which are more serious than external attacks, as insiders are authorized users who have legitimate access to sensitive assets of an organization. As a result, several studies exist in the literature aimed to develop techniques and tools to detect and prevent various types of insider threats. This article reviews different techniques and countermeasures that are proposed to prevent insider attacks. A unified classification model is proposed to classify the insider threat prevention approaches into two categories (biometric-based and asset-based metric). The biometric-based category is also classified into (physiological, behavioral and physical), while the asset metric-based category is also classified into (host, network and combined). This classification systematizes the reviewed approaches that are validated with empirical results utilizing the grounded theory method for rigorous literature review. Additionally, the article compares and discusses significant theoretical and empirical factors that play a key role in the effectiveness of insider threat prevention approaches (e.g., datasets, feature domains, classification algorithms, evaluation metrics, real-world simulation, stability and scalability, etc.). Major challenges are also highlighted which need to be considered when deploying real-world insider threat prevention systems. Some research gaps and recommendations are also presented for future research directions.