To ensure public safety and security, it is vitally important for governments to collect information from businesses and analyse it. Such information can be used to determine whether transported goods might be suspicious and therefore require physical inspection. Although businesses are obliged to report some information, they are reluctant to share additional information for fear of sharing competitively sensitive information, becoming liable and not being compliant with the law. These reasons are often overlooked in the design of software architectures for information sharing. In the present research, we followed a design science approach to develop a software architecture for business-to-government information sharing. Based on literature and a case study, we elicited the requirements an architecture that provides for the sharing of information should meet to make it acceptable to businesses. We then developed the architecture and evaluated it against the requirements. The architecture consists of a blockchain that stores events and rules for information sharing that are controlled by businesses. For each event, two parties use their private keys to encrypt its Merkle root to confirm that they know the data are correct. This makes it easy to check whether information is reliable and whether an event should be accepted. Access control, metadata and context information enable the context-based sharing of information. This is combined with the encryption and decryption of data to provide access to certain data within an organisation.
Sélinde van Engelenburg
In the modern transportation system, In-vehicle communication systems are managed by controllers know as controller area networks (CAN). The CAN facilitates the interaction of 20 to 100 Electronic Control Units (ECU) which coordinate, monitor and control loads of internal vehicle components such as engine system, brake system and telematics system through the exchange of information among them. CAN operates by broadcasting packets to its bus. This means that all nodes and ECUs attached to the bus can receive the packets, without an authentication mechanism for identifying the legitimacy/source of packets. This makes it vulnerable to attacks. An Intrusion Detection System (IDS) can be used to detect attacks on CAN. Machine learning for the IDS, in particular, would be useful for creating models to detect non-linear attack patterns. However, car manufacturers and owners are might not be willing to just share the sensitive information required for training the models. In this paper, we propose a Blockchain-based Federated Forest Software-Defined Networking (SDN)-enabled Intrusion detection system (BFF-IDS) for an In-vehicle network to address the problem of sharing the sensitive CAN data. Due to the limited scalability of blockchain, InterPlanetary File System (IPFS) was used to host the models, while a hash of the model and a pointer to its location was stored and shared via the blockchain. The SDN provides the dynamic routing of packets and model exchanges from IPFS through the blockchain. In the detection model system, a Federated Learning (FL) method creates a radom forest model in a distributed manner by aggregating partially trained models that were trained by individuals with their data kept confidential during the process. Using Fourier transform, we decomposed the CAN IDs cycle from CAN bus traffic in the frequency domain for better generalization in multiclass detection of attacks. Multiple statistical and entropy features were extracted to handle the high complexity and non-linearity in CAN bus traffic. With this proposed system, manufacturers and car owners may be willing to contribute to the training of the models, as their sensitive data is protected due to the use of FL. By storing hashes of the models on a blockchain, the risk of adversaries poisoning the models is reduced and a single point of failure is avoided. The evaluation was conducted by performing experiments in a testbed. We found that the proposed system has efficient use of memory and CPU resources, and that the detection rate of closely related attacks was high.
Companies increasingly tender knowledge-intensive tasks using crowdsourcing platforms to gain access to scarce knowledge and skills otherwise out of reach, and in this way, gaining competitive advantage. Despite its potential, existing crowdsourcing platforms encounter several challenges, including (1) fragmentation of expertise, as there are many platforms, (2) distrust between task providers and crowdsourcing participants, as identity and past performance are often not known, and (3) inability to learn from experience due to a lack of openness. A reference architecture for blockchain-based knowledge-intensive crowdsourcing platforms to mediate transactions between demand and supply of knowledge is designed in this paper to overcome these challenges. A design science research method is followed to develop the architecture. The reference architecture shows how blockchain and smart contract components can be integrated to support and coordinate knowledge-intensive crowdsourcing activities. By removing traditional e-commerce intermediaries, blockchain reduces search friction, knowledge transfer costs, and cheating by task providers or crowdsourcing participants.
The internet-of-Vehicle (IoV) can facilitate seamless connectivity between connected vehicles (CV), autonomous vehicles (AV), and other IoV entities. Intrusion Detection Systems (IDSs) for IoV networks can rely on machine learning (ML) to protect the in-vehicle network from cyber-attacks. Blockchainbased Federated Forests (BFFs) could be used to train ML models based on data from IoV entities while protecting the confidentiality of the data and reducing the risks of tampering with the data. However, ML models are still vulnerable to evasion, poisoning and exploratory attacks by adversarial examples. The BFF-IDS offers partial defence against poisoning but has no measure for evasion attacks, the most common attack/threat faced by ML models. Besides, the impact of adversarial examples transferability in CAN IDS has largely remained untested. This paper investigates the impact of various possible adversarial examples on the BFF-IDS. We also investigated the statistical adversarial detector's effectiveness and resilience in detecting the attacks and subsequent countermeasures by augmenting the model with detected samples. Our investigation results established that BFF-IDS is very vulnerable to adversarial examples attacks. The statistical adversarial detector and the subsequent BFF-IDS augmentation (BFF-IDS(AUG)) provide an effective mechanism against the adversarial examples. Consequently, integrating the statistical adversarial detector and the subsequent BFF-IDS augmentation with the detected adversarial samples provides a sustainable security framework against adversarial examples and other unknown attacks.
INDEX TERMSAdversarial examples, artificial intelligent (AI), blockchain, controller area network (CAN), federated learning, intrusion detection system (IDS).
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.