Vehicular ad-hoc networks (VANETs) are a promising communication scenario. Several new applications are envisioned, which will improve traffic management and safety. Nevertheless, those applications have stringent security requirements, as they affect road traffic safety. Moreover, VANETs face several security threats. As VANETs present some unique features (e.g. high mobility of nodes, geographic extension, etc.) traditional security mechanisms are not always suitable. Because of that, a plethora of research contributions have been presented so far. This chapter aims to describe and analyze the most representative VANET security developments.
Cooperative cyberdefense has been recognized as an essential strategy to fight against cyberattacks. Cybersecurity Information Sharing (CIS), especially about threats and incidents, is a key aspect in this regard. CIS provides members with an improved situational awareness to prepare for and respond to future cyberthreats. Privacy preservation is critical in this context, since organizations can be reluctant to share information otherwise. This is particularly critical when CIS is facilitated through an untrusted infrastructure provided by a third party (e.g., the cloud). Despite this, current data formats and protocols for CIS do not guarantee any form of privacy preservation to participants. In this paper we introduce PRACIS, a scheme for CIS networks that guarantees private data forwarding and aggregation. PRACIS leverages the well-known Structured Threat Information Expression (STIX) standard data format. Remarkably, PRACIS can be seamlessly integrated with existing STIX-based message brokering middleware such as publish-subscribe architectures. PRACIS achieves these goals by combining standard format-preserving and homomorphic encryption primitives. We discuss experimental results obtained with a prototype implementation developed for a subset of STIX. Results show that entities may create up to 689 incidents per minute, far beyond the estimated average of 81. Moreover, aggregation of 10 4 incidents can be carried out in just 2.1 seconds, and the transmission overhead is just 13.5 kbps. Overall, these results suggest that the costs incurred by PRACIS are easily affordable in real-world scenarios.
HIGHLIGHTS• Security and privacy issues must be addressed in the Internet ofThings (loT).• We have focused on the use of ElectroCardioGram (ECG) signals for Continuous Authentication (CA).• We have explored different ECG-based CA techniques for th ree attacker settings.• Our results exhibit promising accu racy figures, which support the use of ECG as identifier in the loT.
Nowadays, a signiFicant amount of free online cybersecurity training courses are offered. When preparing further courses, the designer has to decide what to teach and how to do it. In this paper, we provide with a set of recommendations for both issues. Concerning topic selection, 35 free online courses are analysed using NIST's NICE reference framework. Thus, several training gaps are discovered. Concerning the way of preparing the course (or reFming it after the First edition), a set of good practices is proposed based on students' performance and commitment in a cybersecurity MOOC with +2,000 initially active students. To foster further research in this area, an open-source framework is released to enable the analysis of students' performance in EdX MOOCs.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.