Cyber Supply Chain Threat Analysis and Prediction Using Machine Learning and Ontology

Yeboah-Ofori, Abel; Mouratidis, Haralambos; Ismai, Umar; Islam, Shareeful

doi:10.1007/978-3-030-79150-6_41

Cited by 10 publications

(8 citation statements)

References 8 publications

(18 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Common risks are data breaches and corporate fraud originating from ransomware attacks and malware infections [8]. A solution to these issues is the use of tools that promptly identify and provide alerts about malicious activity in a supply chain infrastructure and, subsequently, limit the impact of the attack [9]. Such type of tools are the intrusion detection systems (IDSs) [10][11][12] and the intrusion prevention systems (IPSs) [13,14].…”

Section: Supply Chain and Cybersecuritymentioning

confidence: 99%

The Diversification and Enhancement of an IDS Scheme for the Cybersecurity Needs of Modern Supply Chains

Deyannis

Papadogiannaki

Chrysos³

et al. 2022

Electronics

View full text Add to dashboard Cite

Despite the tremendous socioeconomic importance of supply chains (SCs), security officers and operators are faced with no easy and integrated way for protecting their critical, and interconnected, infrastructures from cyber-attacks. As a result, solutions and methodologies that support the detection of malicious activity on SCs are constantly researched into and proposed. Hence, this work presents the implementation of a low-cost reconfigurable intrusion detection system (IDS), on the edge, that can be easily integrated into SC networks, thereby elevating the featured levels of security. Specifically, the proposed system offers real-time cybersecurity intrusion detection over high-speed networks and services by offloading elements of the security check workloads on dedicated reconfigurable hardware. Our solution uses a novel framework that implements the Aho–Corasick algorithm on the reconfigurable fabric of a multi-processor system-on-chip (MPSoC), which supports parallel matching for multiple network packet patterns. The initial performance evaluation of this proof-of-concept shows that it holds the potential to outperform existing software-based solutions while unburdening SC nodes from demanding cybersecurity check workloads. The proposed system performance and its efficiency were evaluated using a real-life environment in the context of European Union’s Horizon 2020 research and innovation program, i.e., CYRENE.

show abstract

Section: Supply Chain and Cybersecuritymentioning

confidence: 99%

The Diversification and Enhancement of an IDS Scheme for the Cybersecurity Needs of Modern Supply Chains

Deyannis

Papadogiannaki

Chrysos³

et al. 2022

Electronics

View full text Add to dashboard Cite

show abstract

“…Biggio et al 2011 explore adversarial data manipulations using SVM classification algorithm under adversarial label noise by subverting the SVM learning process [20]. Chen et al 2017 designed a randomizing SVM model by using robust SVMs Gaussian distribution against method for adversarial attacks [26]. Munoz-Gonzalez et al 2017 proposed a novel poisoning algorithm based on a back-gradient optimization and used neural networks algorithms and deep learning architectures techniques to learn the dataset.…”

Section: Bmentioning

confidence: 99%

“…The overall features were 64. We extracted 38 features in the primary data relevant to the attack profile [26] [27].…”

Section: Adversarial ML Attack Modellingmentioning

confidence: 99%

Cyber Threat Ontology and Adversarial Machine Learning Attacks: Analysis and Prediction Perturbance

Yeboah-Ofori

Ismail

Swidurski

et al. 2021

2021 International Conference on Computing, Computational Modelling and Applications (ICCMA)

Self Cite

View full text Add to dashboard Cite

Machine learning has been used in the cybersecurity domain to predict cyberattack trends. However, adversaries can inject malicious data into the dataset during training and testing to cause perturbance and predict false narratives. It has become challenging to analyse and predicate cyberattack correlations due to their fuzzy nature and lack of understanding of the threat landscape. Thus, it is imperative to use cyber threat ontology (CTO) concepts to extract relevant attack instances in CSC security for knowledge representation. This paper explores the challenges of CTO and adversarial machine learning (AML) attacks for threat prediction to improve cybersecurity. The novelty contributions are threefold. First, CTO concepts are considered for semantic mapping and definition of relationships for explicit knowledge of threat indicators. Secondly, AML techniques are deployed maliciously to manipulate algorithms during training and testing to predict false classifications models. Finally, we discuss the performance analysis of the classification models and how CTO provides automated means. The result shows that analysis of AML attacks and CTO concepts could be used for validating a mediated schema for specific vulnerabilities.

show abstract

“…Cyberattack ontology from the CSC perspective describes organizational security concepts, properties relationships and their interdependencies in a formal and structured approach for analysis and intelligence gatherings. [7] [15]. The goal of the cyberattack ontology is to extract relevant attack instances and information from data to ensure consistency and accuracy in the CSC system security concepts and for knowledge reuse in the threat intelligence domain.…”

Section: Related Workmentioning

confidence: 99%

“…Additionally, due to the varying organizational goals and dynamic requirements, various integrations, varying business processes, and delivery mechanisms, predicting cyberattacks in CSC from an organizational perspective has been challenging. To address these challenges, we consider the CSC cyberattack modelling approach using ontology concepts for knowledge representation and reuse within the CSC domain [15] [16] as shown in Figure 1.…”

Section: A the Rationale For Implementing Cyberattackmentioning

confidence: 99%

Cyberattack Ontology: A Knowledge Representation for Cyber Supply Chain Security

Yeboah-Ofori

Ismail

Swidurski

et al. 2021

2021 International Conference on Computing, Computational Modelling and Applications (ICCMA)

Self Cite

View full text Add to dashboard Cite

Cyberattacks on cyber supply chain (CSC) systems and the cascading impacts have brought many challenges and different threat levels with unpredictable consequences. The embedded networks nodes have various loopholes that could be exploited by the threat actors leading to various attacks, risks, and the threat of cascading attacks on the various systems. Key factors such as lack of common ontology vocabulary and semantic interoperability of cyberattack information, inadequate conceptualized ontology learning and hierarchical approach to representing the relationships in the CSC security domain has led to explicit knowledge representation. This paper explores cyberattack ontology learning to describe security concepts, properties and the relationships required to model security goal. Cyberattack ontology provides a semantic mapping between different organizational and vendor security goals has been inherently challenging. The contributions of this paper are threefold. First, we consider CSC security modelling such as goal, actor, attack, TTP, and requirements using semantic rules for logical representation. Secondly, we model a cyberattack ontology for semantic mapping and knowledge representation. Finally, we discuss concepts for threat intelligence and knowledge reuse. The results show that the cyberattack ontology concepts could be used to improve CSC security.

show abstract

Cyber Supply Chain Threat Analysis and Prediction Using Machine Learning and Ontology

Cited by 10 publications

References 8 publications

The Diversification and Enhancement of an IDS Scheme for the Cybersecurity Needs of Modern Supply Chains

The Diversification and Enhancement of an IDS Scheme for the Cybersecurity Needs of Modern Supply Chains

Cyber Threat Ontology and Adversarial Machine Learning Attacks: Analysis and Prediction Perturbance

Cyberattack Ontology: A Knowledge Representation for Cyber Supply Chain Security

Contact Info

Product

Resources

About