The aim of this paper was to enhance the process of diagnosing and detecting possible vulnerabilities within an Internet of Things (IoT) system by using a named entity recognition (NER)-based solution. In both research and practice, security system management experts rely on a large variety of heterogeneous security data sources, which are usually available in the form of natural language. This is challenging as the process is very time consuming and it is difficult to stay up to date with the constant findings in the areas of security threats, vulnerabilities, attacks, countermeasures, and risks. The proposed system is conceived as a semantic indexing solution of existing vulnerabilities and serves as an information tool for security management experts. By integrating the proposed system, the users can easily discover the potential vulnerabilities of their IoT devices. The proposed solution integrates ontologies and NER techniques in order to obtain a high rate of automation with the scope of reaching a self-maintained and up-to-date system in terms of vulnerabilities and common exposures knowledge. To achieve this, a total of 312 CVEs (common vulnerabilities and exposures) specific to the IoT field were identified. CVEs are arguably one of the most important cybersecurity resources nowadays, containing information about the latest discovered vulnerabilities. This set is further used as data corpus for an NER model designed to identify the main entities and relations that are relevant to IoT security. The goal is to automatically monitor cybersecurity information relevant to IoT, and filter and present it in an organized and structured framework based on users’ needs. The taxonomies specific to IoT security are implemented via a domain ontology, which is later used to process natural language. Relevant tokens are marked as entities and the relations between them identified. The text analysis solution is connected to a gateway which scans the environment and identifies the main IoT devices and communication technologies. The strength of the approach proposed within this research is that the designed semantic gateway is using context-aware searches in the modeled IoT security database and can identify possible vulnerabilities before they can be exploited.
This paper describes the development and implementation of a natural language processing model based on machine learning which performs cognitive analysis for cybersecurity-related documents. A domain ontology was developed using a two-step approach: (1) the symmetry stage and (2) the machine adjustment. The first stage is based on the symmetry between the way humans represent a domain and the way machine learning solutions do. Therefore, the cybersecurity field was initially modeled based on the expertise of cybersecurity professionals. A dictionary of relevant entities was created; the entities were classified into 29 categories and later implemented as classes in a natural language processing model based on machine learning. After running successive performance tests, the ontology was remodeled from 29 to 18 classes. Using the ontology, a natural language processing model based on a supervised learning model was defined. We trained the model using sets of approximately 300,000 words. Remarkably, our model obtained an F1 score of 0.81 for named entity recognition and 0.58 for relation extraction, showing superior results compared to other similar models identified in the literature. Furthermore, in order to be easily used and tested, a web application that integrates our model as the core component was developed.
This article analyzes and highlights the security perspective of Internet of Things (IoT) connected devices and their communication challenges, as IoT is considered one of the key emerging fields in Industry 4.0. The IoT architectures can consist of physical systems, virtual ones or even hybrids, combining a collection of different physically active things, sensors, cloud services, specific IoT protocols, communication layers, users and developers. On top of all, it is the business layer, because the scope of the entire IoT environment is to deliver data, to monitor and to facilitate the management of complex processes. In order to facilitate the data exchange between the IoT layers, there have been developed a series of protocols particular to the IoT domain. As in many IT related fields, the solutions are not perfect from the data security and privacy perspectives, many challenges being still open research issues. As the two concepts of IoT and Cloud of Things are connected, bringing real world data into the Cloud to process it, raises Cloud Computing security concerns regarding the privacy and security of data. Although in recent years, many efforts have been made to improve Cloud Computing security, there are risks that need to be taken into consideration. From the Web of Data’s point of view, things are even more prone to security risks. Because privacy is one of the fundamental right of digital users, it is extremely important for new technologies to comply with privacy regulations and policies, such as the new European data protection and privacy frameworks. In this context, companies must take into account standards, challenges and new trends in IoT. In the absence of specific measures, raw or processed data can be easily stolen from the Web of Data. In this paper we analyze and present the main protocols of communication in the IoT field from a data security perspective. Also, we do a review of the main architectures that can improve the security of the communication between IoT devices and the Cloud data storage.
The COVID-19 pandemic has caused several disruptions in almost all day-to-day matters around the world. To keep things under control, ever since the beginning worldwide authorities-imposed restrictions in relation to physical activities and therefore, organizations were forced to rethink the way they carry out professional activities. Thus, most areas that were based on the physical interaction between people were severely impacted by these sets of measures. Unfortunately, a negative impact that the pandemic state has had over the fields that were based on physical work is that economic pressure has forced some of the entities to completely suspend their activity, leading to high rates of unemployment around the world, which also led to consistent financial efforts sustained by the government. To gain relevant conclusions, we analyzed several datasets that offer insights over all aspects of the labor market around the world mainly before and during the pandemic period. We also computed a correlation matrix based on economic sectors to compare the effects in the labor market for various industries. We analyzed the evolution of unemployment rate from Romania, commented on the breakdown of job loss by activity, interpreted the evolution of mobility based on Google data, explained the correlation between unemployment rate and the application of restrictive measures.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.