Both knowledge based and behaviour based methods (as well as their combinations) for detecting conventional network security threats have matured considerably over the past two decades in academia and industry. However, today's cyber threats exhibit an unprecedented variety in terms of both attack vectors utilised and impact inflicted. Attacks that employ user deception instead of exploiting technical flaws tend to leave almost no traces on a computer system or network. On the other hand, attacks on Internet of Things and cyber-physical systems are noticeable not only on the network, but also in physical space. We argue that the challenge now is less in designing a method for detection and more in identifying what one needs to monitor. In this talk, we use three case studies from our current research projects, each utilising very different detection techniques and even more different sources of data. The first is on applying a variety of standard classifiers and deep learning techniques for intrusion detection on robotic vehicles, running onboard or offloaded to a remote cloud. Here, the data sources are both cyber (related to communication and computation) and physical (related to sensor readings), as most meaningful attacks against vehicles have some form of physical manifestation. The second is on the Human-as-a-Security-Sensor (HaaSS) paradigm where users are encouraged to actively detect and report cyber threats against them, especially semantic social engineering attacks, such as spear-phishing, obfuscated URLs, drive-by downloads, spoofed websites, scareware, QRishing etc. Here, the detection data sources are the users themselves, but predicting the accuracy of their HaaSS reports requires additionally the collection of data regarding each user's reliability as human sensor in a manner that is ethical and practical. The third is on cyber threats to smart homes. Here, data useful to detecting attacks can come from a uniquely wide range of sources, from the usually multiple networks involved (e.g., a Zigbee network and the home WiFi), the behaviour of each device, sensor data and metadata, sound, the behaviour of home automation and workflow rules (like IFTTT and Stringify), as well as the occupants themselves.
Dr. George Loukas is a senior lecturer and head of cyber security research at the University of Greenwich. His current EU and nationally-funded research projects deal with the security of autonomous robotic vehicles, securing collaboration of communities and law enforcement agencies, and bridging emotion psychology research with cyber security in the context of smart homes. His "Cyber-physical attacks: A growing invisible threat" book was included in ACM's top ten in the computing milieux category of 2015. He is on the editorial board of the BCS Computer Journal and Elsevier's Simulation Modelling Practice and Theory. Dr. Loukas has a PhD in Network Security from Imperial College London.
Cornwallis South West,
University of Kent,
DetailsOpen to everyone, especially those interested in security research,
Contact: Budi Arief