Mohammad Hammoudeh scite author profile

The proliferation of inter-connected devices in critical industries, such as healthcare and power grid, is changing the perception of what constitutes critical infrastructure. The rising interconnectedness of new critical industries is driven by the growing demand for seamless access to information as the world becomes more mobile and connected and as the Internet of Things (IoT) grows. Critical industries are essential to the foundation of today’s society, and interruption of service in any of these sectors can reverberate through other sectors and even around the globe. In today’s hyper-connected world, the critical infrastructure is more vulnerable than ever to cyber threats, whether state sponsored, criminal groups or individuals. As the number of interconnected devices increases, the number of potential access points for hackers to disrupt critical infrastructure grows. This new attack surface emerges from fundamental changes in the critical infrastructure of organizations technology systems. This paper aims to improve understanding the challenges to secure future digital infrastructure while it is still evolving. After introducing the infrastructure generating big data, the functionality-based fog architecture is defined. In addition, a comprehensive review of security requirements in fog-enabled IoT systems is presented. Then, an in-depth analysis of the fog computing security challenges and big data privacy and trust concerns in relation to fog-enabled IoT are given. We also discuss blockchain as a key enabler to address many security related issues in IoT and consider closely the complementary interrelationships between blockchain and fog computing. In this context, this work formalizes the task of securing big data and its scope, provides a taxonomy to categories threats to fog-based IoT systems, presents a comprehensive comparison of state-of-the-art contributions in the field according to their security service and recommends promising research directions for future investigations.

show abstract

Low-Power Wide Area Network Technologies for Internet-of-Things: A Comparative Review

Ikpehai

Adebisi

Rabie

et al. 2019

IEEE Internet Things J.

231

134

View full text Add to dashboard Cite

The rapid growth of Internet-of-Things (IoT) in the current decade has led to the development of a multitude of new access technologies targeted at low-power, wide area networks (LP-WANs). However, this has also created another challenge pertaining to technology selection. This paper reviews the performance of LP-WAN technologies for IoT, including design choices and their implications. We consider Sigfox, LoRaWAN, WavIoT, random phase multiple access (RPMA), narrow band IoT (NB-IoT) as well as LTE-M and assess their performance in terms of signal propagation, coverage and energy conservation. The comparative analyses presented in this paper are based on available data sheets and simulation results. A sensitivity analysis is also conducted to evaluate network performance in response to variations in system design parameters. Results show that each of RPMA, NB-IoT and LTE-M incurs at least 9 dB additional path loss relative to Sigfox and LoRaWAN. This study further reveals that with a 10% improvement in receiver sensitivity, NB-IoT 882 MHz and LoRaWAN can increase coverage by up to 398% and 142% respectively, without adverse effects on the energy requirements. Finally, extreme weather conditions can significantly reduce the active network life of LP-WANs. In particular, the results indicate that operating an IoT device in a temperature of-20 • C can shorten its life by about half; 53% (WavIoT, LoRaWAN, Sigfox, NB-IoT, RPMA) and 48% in LTE-M compared with environmental temperature of 40 • C.

show abstract

Detection of advanced persistent threat using machine-learning correlation analysis

Ghafir

Hammoudeh

Přenosil

et al. 2018

Future Generation Computer Systems

206

107

View full text Add to dashboard Cite

Item Type Article Authors Ghafir, Ibrahim; Hammoudeh, M.; Prenosil, V.; Han, L.; Hegarty, R.; Rabie, K.; Aparicio-Navarro, F.J. Citation Ghafir I, Hammoudeh M, Prenosil V (et al) Detection of advanced persistent threat using machine-learning correlation analysis. Future Generation Computer Systems. 89: 349-359. Rights Citation: Ghafir I, Hammoudeh M, Prenosil V (et al) Detection of advanced persistent threat using machine-learning correlation analysis. Future Generation Computer Systems. 89: 349-359. AbstractAs one of the most serious types of cyber attack, Advanced Persistent Threats (APT) have caused major concerns on a global scale. APT refers to a persistent, multi-stage attack with the intention to compromise the system and gain information from the targeted system, which has the potential to cause significant damage and substantial financial loss. The accurate detection and prediction of APT is an ongoing challenge. This work proposes a novel machine learning-based system entitled MLAPT, which can accurately and rapidly detect and predict APT attacks in a systematic way. The MLAPT runs through three main phases: (1) Threat detection, in which eight methods have been developed to detect different techniques used during the various APT steps. The implementation and validation of these methods with real traffic is a significant contribution to the current body of research; (2) Alert correlation, in which a correlation framework is designed to link the outputs of the detection methods, aims to identify alerts that could be related and belong to a single APT scenario; and (3) Attack prediction, in which a machine learning-based prediction module is proposed based on the correlation framework output, to be used by the network security team to determine the probability of the early alerts to develop a complete APT attack. MLAPT is experimentally evaluated and the presented system is able to predict APT in its early steps with a prediction accuracy of 84.8%.to a technical report by Trend Micro [11], this assumption is no longer valid with the rise of targeted attacks, Advanced Persistent Threats (APTs), in which both cyber-criminals and hackers are targeting selected organizations and persisting until they achieve their goals.The APT attack is a persistent, targeted attack on a specific organisation 20 and is performed through several steps [12]. The main aim of APT is espionage and then data exfiltration. Therefore, APT is considered as a new and more complex version of multi-step attack. These APTs present a challenge for current detection methods as they use advanced techniques and make use of unknown vulnerabilities. Moreover, the economic damage due to a successful 25 APT attack significant. The potential cost of attacks is the major motivation for the investments in intrusion detection and prevention systems [13]. APTs are currently one of the most serious threats to companies and governments [14].Most of the research in the area of APT detection, has focused on analysing already identified APTs [15][16][17][...

show abstract

Security threats to critical infrastructure: the human factor

et al. 2018

View full text Add to dashboard Cite

In the twenty-first century, globalisation made corporate boundaries invisible and difficult to manage. This new macroeconomic transformation caused by globalisation introduced new challenges for critical infrastructure management. By Security threats to critical infrastructure: the human… 4987 replacing manual tasks with automated decision making and sophisticated technology, no doubt we feel much more secure than half a century ago. As the technological advancement takes root, so does the maturity of security threats. It is common that today's critical infrastructures are operated by non-computer experts, e.g. nurses in health care, soldiers in military or firefighters in emergency services. In such challenging applications, protecting against insider attacks is often neither feasible nor economically possible, but these threats can be managed using suitable risk management strategies. Security technologies, e.g. firewalls, help protect data assets and computer systems against unauthorised entry. However, one area which is often largely ignored is the human factor of system security. Through social engineering techniques, malicious attackers are able to breach organisational security via people interactions. This paper presents a security awareness training framework, which can be used to train operators of critical infrastructure, on various social engineering security threats such as spear phishing, baiting, pretexting, among others.Keywords Critical infrastructure security · Security awareness · Cyber security training · Work-based security training · Security threats against critical infrastructure

show abstract

Adaptive routing in wireless sensor networks: QoS optimisation for enhanced application performance

2015

View full text Add to dashboard Cite

State-Of-The-Art and Prospects for Peer-To-Peer Transaction-Based Energy System

et al. 2017

View full text Add to dashboard Cite

Abstract:Transaction-based energy (TE) management and control has become an increasingly relevant topic, attracting considerable attention from industry and the research community alike. As a result, new techniques are emerging for its development and actualization. This paper presents a comprehensive review of TE involving peer-to-peer (P2P) energy trading and also covering the concept, enabling technologies, frameworks, active research efforts and the prospects of TE. The formulation of a common approach for TE management modelling is challenging given the diversity of circumstances of prosumers in terms of capacity, profiles and objectives. This has resulted in divergent opinions in the literature. The idea of this paper is therefore to explore these viewpoints and provide some perspectives on this burgeoning topic on P2P TE systems. This study identified that most of the techniques in the literature exclusively formulate energy trade problems as a game, an optimization problem or a variational inequality problem. It was also observed that none of the existing works has considered a unified messaging framework. This is a potential area for further investigation.

show abstract

Time-series forecasting of Bitcoin prices using high-dimensional features: a machine learning approach

Mudassir

Bennbaia

Ünal

et al. 2020

Neural Comput & Applic

View full text Add to dashboard Cite

Bitcoin is a decentralized cryptocurrency, which is a type of digital asset that provides the basis for peer-to-peer financial transactions based on blockchain technology. One of the main problems with decentralized cryptocurrencies is price volatility, which indicates the need for studying the underlying price model. Moreover, Bitcoin prices exhibit nonstationary behavior, where the statistical distribution of data changes over time. This paper demonstrates high-performance machine learning-based classification and regression models for predicting Bitcoin price movements and prices in short and medium terms. In previous works, machine learning-based classification has been studied for an only one-day time frame, while this work goes beyond that by using machine learning-based models for one, seven, thirty and ninety days. The developed models are feasible and have high performance, with the classification models scoring up to 65% accuracy for next-day forecast and scoring from 62 to 64% accuracy for seventh-ninetieth-day forecast. For daily price forecast, the error percentage is as low as 1.44%, while it varies from 2.88 to 4.10% for horizons of seven to ninety days. These results indicate that the presented models outperform the existing models in the literature.

show abstract

Towards green computing for Internet of things: Energy oriented path and message scheduling approach

Farhan

Kharel

Kaiwartya

et al. 2018

Sustainable Cities and Society

View full text Add to dashboard Cite

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.