Paper Presentations at IEEE CSR 2021

On Monday, 26 July, SPHINX partners, Konnektable Technologies Ltd. (KT) and PDMFC, took part in the virtual conference IEEE Cyber Security and Resilience (IEEE CSR) 2021. The IEEE CSR is an annual event sponsored by the IEEE Systems, Man, and Cybernetics (SMC) Society focusing on theoretical and practical aspects of security, privacy, and resilience of networks, systems, and services as well as novel ways for dealing with their vulnerabilities and mitigating sophisticated cyber-attacks.

KT contributed to the event by presenting a paper on the proactive detection of cyber threats titled ‘Act proactively: An intrusion prediction approach for cyber security’.  The presentation was delivered online within the 1st Technical session CSR1 of the Conference, by KT’s Data Scientist,  Panagiotis Panagiotidis.  The paper’s abstract is the following:

Despite the multitude of approaches proposed for intrusion detection, cyberattacks are still a timeless issue for the research community and industry as they cause various devastating effects to companies and organisations. There are limited intrusion prediction approaches in the literature, as the main bulk of methods focuses on cyberattack detection rather than prediction, which would allow the defenders (attack’s targets) to restrain/stop the attack. This work aims to identify known DoS and Probe attack patterns at their very beginning. Specifically, we use machine learning algorithms to predict the malicious packets of DoS and Probe attacks, raising the defender’s awareness to act proactively and stop the attack. To the best of our knowledge, this is the first time that time series analysis and machine learning techniques are used to model the intrusion prediction problem effectively. An extensive experimental study confirms the efficacy of the proposed approach according to multiple evaluation measures. 

The presentation lasted for 20 minutes, while the audience comprised mainly of fellow researchers as well as Industry stakeholder representatives.

PDMFC presented the paper ‘Automated and On-Demand Cybersecurity Certification’ describing an approach to provide auditing information and insights from the systems-on-the-test, to certify newly entering components that could increase the security risk. The paper’s abstract is the following:

The digital world nowadays consists of a very high number of devices and software services that are being used and constantly exposed to the Internet. Furthermore, with the evolution of the Internet of Things (IoT), the cybersecurity threat landscape has overall increased. Consequently, various certification frameworks have been developed for maintaining the overall security posture and supporting the required security tests. This paper describes an approach for conducting automated and on-demand cybersecurity certification on systems and software components. Taking the existing cybersecurity frameworks and guidelines into consideration, the developed software/service component aims to provide auditing information and insights from the systems-on-the-test, to certify newly entering components that could increase the security risk. The recommended approach can be used for collecting, extracting, and generating reports regarding the security aspects of the submitted digital assets by deploying automated security tests and auditing processes that will contribute to the certification process.