Manufacturing big data ecosystem: A systematic literature review
ساخت اکوسیستم داده های بزرگ: مروری بر ادبیات سیستماتیک-2020
Advanced manufacturing is one of the core national strategies in the US (AMP), Germany (Industry 4.0) and China (Made-in China 2025). The emergence of the concept of Cyber Physical System (CPS) and big data imperatively enable manufacturing to become smarter and more competitive among nations. Many researchers have proposed new solutions with big data enabling tools for manufacturing applications in three directions: product, production and business. Big data has been a fast-changing research area with many new opportunities for applications in manufacturing. This paper presents a systematic literature review of the state-of-the-art of big data in manufacturing. Six key drivers of big data applications in manufacturing have been identified. The key drivers are system integration, data, prediction, sustainability, resource sharing and hardware. Based on the requirements of manufacturing, nine essential components of big data ecosystem are captured. They are data ingestion, storage, computing, analytics, visualization, management, workflow, infrastructure and security. Several research domains are identified that are driven by available capabilities of big data ecosystem. Five future directions of big data applications in manufacturing are presented from modelling and simulation to realtime big data analytics and cybersecurity.
Keywords: Smart manufacturing | Big data | Cloud computing | Cloud manufacturing | Internet of things | NoSQL
Snatched secrets: Cybercrime and trade secrets modelling a firms decision to report a theft of trade secrets
اسرار ربوده شده: جرایم سایبری و اسرار تجاری مدل سازی تصمیم یک شرکت برای گزارش سرقت اسرار تجاری-2019
Cybercrime and economic espionage are increasing problems for firms. We build on US FBI policy to frame the interaction between a cybercrime victim firm and a government security agency. We bring together several strands in the literature to model the strategies of the firm, which has suffered a cy- ber breach and theft of trade secrets, and the government security agency, which must investigate and prosecute crimes. We investigate the interactions between these two players, in which the firm has pri- vate information about its cybersecurity investment. This investment level is unknown to the security agency, which must nonetheless decide how to prioritize reported crime. We model this asymmetric in- formation problem within a game theoretic signaling framework derived from Becker’s work in crime and punishment. We suggest that such a framework can inform policy to encourage security investments by firms and more efficient resource utilization by security agencies. We particularly focus on an illustrative stylized example to highlight how our modelling approach can be helpful. In this example we compare two worlds; one where all security breaches become public knowledge and another where only reported breaches become public knowledge. We then formulate two potentially testable Hypotheses and several implications of these Hypotheses. Case studies and a policy analysis further highlight how our framework plays out in reality
Keywords: Cyber security | Cybercrime | Trade secrets | Economic espionage | Cyber breaches
Attack and anomaly detection in IoT sensors in IoT sites using machine learning approaches
حمله و تشخیص ناهنجاری در سنسورهای IoT در سایت های IoT با استفاده از روشهای یادگیری ماشین-2019
Attack and anomaly detection in the Internet of Things (IoT) infrastructure is a rising concern in the domain of IoT. With the increased use of IoT infrastructure in every do- main, threats and attacks in these infrastructures are also growing commensurately. De- nial of Service, Data Type Probing, Malicious Control, Malicious Operation, Scan, Spying and Wrong Setup are such attacks and anomalies which can cause an IoT system failure. In this paper, performances of several machine learning models have been compared to predict attacks and anomalies on the IoT systems accurately. The machine learning (ML) algorithms that have been used here are Logistic Regression (LR), Support Vector Machine (SVM), Decision Tree (DT), Random Forest (RF), and Artificial Neural Network (ANN). The evaluation metrics used in the comparison of performance are accuracy, precision, recall, f1 score, and area under the Receiver Operating Characteristic Curve. The system obtained 99.4% test accuracy for Decision Tree, Random Forest, and ANN. Though these techniques have the same accuracy, other metrics prove that Random Forest performs comparatively better.
Keywords: Internet of Things (IoT) | Machine Learning | Cybersecurity | Anomaly detection
A survey on cybersecurity, data privacy, and policy issues in cyber-physical system deployments in smart cities
مروری بر امنیت سایبری ، حریم خصوصی داده ها و مسائل مربوط به سیاست در استقرار سیستم سایبر فیزیکی در شهرهای هوشمند-2019
Deployments of Cyber Physical Systems (CPSs) in smart cities are poised to significantly improve healthcare, transportation services, utilities, safety, and environmental health. However, these efficiencies and service improvements will come at a price: increased vulnerability and risk. Smart city deployments have already begun to proliferate, as have the upsides, efficiencies, and cost-savings they can facilitate. There are, however, proliferating challenges and costs as well. These challenges include important technical questions, but equally important policy and organizational questions. It is important to understand that these policy and technical implementation hurdles are perhaps equally likely to slow or disable smart city implementation efforts. In this paper, a survey of the theoretical and practical challenges and opportunities are enumerated not only in terms of their technical aspects, but also in terms of policy and governance issues of concern..
Keywords: Smart cities | Cyber security | Government policy making | Cryptography | Security and privacy | Authentication
Friction, snake oil, and weird countries: Cybersecurity systems could deepen global inequality through regional blocking
اصطکاک، روغن مار، و کشورهای عجیب و غریب: سیستم های امنیت سایبری می تواند نابرابری جهانی را از طریق مسدود سازی منطقه ای تقویت کند-2019
In this moment of rising nationalism worldwide, governments, civil society groups, transnational companies, and web users all complain of increasing regional fragmentation online. While prior work in this area has primarily focused on issues of government censorship and regulatory compliance, we use an inductive and qualitative approach to examine targeted blocking by corporate entities of entire regions motivated by concerns about fraud, abuse, and theft. Through participant-observation at relevant events and intensive interviews with experts, we document the quest by professionals tasked with preserving online security to use new machine-learning based techniques to develop a ‘‘fairer’’ system to determine patterns of ‘‘good’’ and ‘‘bad’’ usage. However, we argue that without understanding the systematic social and political conditions that produce differential behaviors online, these systems may continue to embed unequal treatments, and troublingly may further disguise such discrimination behind more complex and less transparent automated assessment. In order to support this claim, we analyze how current forms of regional blocking incentivize users in blocked regions to behave in ways that are commonly flagged as problematic by dominant security and identification systems. To realize truly global, non-Eurocentric cybersecurity techniques would mean incorporating the ecosystems of service utilization developed by marginalized users rather than reasserting norms of an imagined (Western) user that casts aberrations as suspect.
Keywords: Regional blocking | machine learning | classification | inequality | discrimination | security
Crime control in the sphere of information technologies in the Republic of Turkey
کنترل جرم در حوزه فناوری های اطلاعات در جمهوری ترکیه-2019
Cybercrime is considered an issue of both local and global concern. Therefore, this study focuses on the local experience in cybercrime control of different countries, including the Republic of Turkey. The article discusses issues in cybersecurity policy and analyzes the legislative framework of the Republic of Turkey on cybercrime issues. The findings underlie the continuing education policy for cybersecurity employees. The study concludes that Turkey handles the current cybercrime situation with efficiency.
Keywords: Cybercrime | Unauthorized access | Criminal law | Ratification | Training of police officers
Deep Learning Clusters in the Cognitive Packet Network
خوشه های یادگیری عمیق در شبکه بسته های شناختی-2019
The Cognitive Packet Network (CPN) bases its routing decisions and flow control on the Random Neural Network (RNN) Reinforcement Learning algorithm; this paper proposes the addition of a Deep Learning (DL) Cluster management structure to the CPN for Quality of Service metrics (Delay Loss and Bandwidth), Cyber Security keys (User, Packet and Node) and Management decisions (QoS, Cyber and CEO). The RNN already models how neurons transmit information using positive and negative impulsive signals whereas the proposed additional Deep Learning structure emulates the way the brain learns and takes decisions; this paper presents a brain model as the combination of both learning algorithms, RNN and DL. The pro- posed model has been simulated under different network sizes and scenarios and it has been validated against the CPN itself without DL clusters. The simulation results are promising; the presented CPN with DL clusters as a mechanism to transmit, learn and make packet routing decisions is a step closer to em- ulate the way the brain transmits information, learns the environment and takes decisions.
Keywords: Random Neural Network | Deep Learning Clusters | Cognitive Packet Network | QoS | Cybersecurity | Routing
Security challenges with network functions virtualization
چالش های امنیتی با توابع شبکه مجازی سازی -2017
The advent of network functions virtualization (NFV) has revolutionized numerous network-based applications due to its several benefits such as flexibility, manageability, scalability, and security. By the software-based virtualization of network functions on a single infrastructure, NFV provides users with a framework that dynamically provisions various network services in a flexible manner. However, NFV faces several security challenges (e.g., multi-tenancy and live migration) which make it vulnerable to some cybersecurity attacks (e.g., side-channel attacks and shared resource misuse attacks). In this paper, we provide an overview of NFV, discuss potentially serious security threats on NFV and introduce effective countermeasures to mitigate those threats. Finally, we suggest some practical solutions to provide a trustworthy platform for NFV.
Keywords: Network functions virtualization | Network security | Virtualized network function | Security threats
رویکرد رمزنگاری هوشمند برای امنیت ذخیره سازی داده های بزرگ توزیع شده در محاسبات ابری
سال انتشار: 2017 - تعداد صفحات فایل pdf انگلیسی: 13 - تعداد صفحات فایل doc فارسی: 28
پیاده سازی محاسبات ابری مسیرهای زیادی را برای خدمات مبتنی بر وب که با درخواستهای گوناگون روبرو هستند، به وجود آورده است.اگرچه امنیت داده و حفظ حریم خصوصی به مباحث مهمی تبدیل شده اند که محدودیتهایی برای برنامه های ابری به وجود آورده اند.یکی از نگرانی های مهم در امنیت و حفظ حریم خصوصی نتیجه این حقیقت است که اپراتورهای ابری می توانند به داده های حساس دسترسی پیدا کنند.این مسئله باعث نگرانی کاربران شده و وفق پذیری محاسبات ابری را در بسیاری از زمینه ها مانند صنعت اقتصادی و آژانس های دولتی کاهش داده است. این مقاله بر روی این موضوع تمرکز می کند و یک روش هوشمند رمزنگاری ارائه داده است که با آن اپراتورهای سرویس ابری نمی توانند مستقیما داده های جزئی را به دست بیاورند.روش ارائه شده فایلها و محل هایی که داده های توزیع شده ابری در آن ذخیره شده اند را به بخش هایی تقسیم میکند.یک راه حل دیگر طراحی شده است تا مشخص کند که بسته های داده به چه صورت نیاز به شکسته شدن دارند تا زمان عملیات را کوتاه کند.روش ارائه شده مدل موثر ذخیره سازی توزیع شده آگاه از امنیت (SA-DES) نامیده می شود که توسط الگوریتم های ما نیز ساپورت می شود،شامل الگوریتم جایگزین توزیع داده(AD2) الگوریتم توزیع موثر داده امن (SED2) و الگوریتم تلفیق داده موثر (EDCON) .ارزیابی نتایج آزمایشگاهی ما کارایی امنیت و موثر بودن را تایید میکند و نشان میدهد که روش ما از تهدیدهای ابری ممانعت میکند و با زمان قابل قبولی برای محاسبات نیاز دارد.
کلمات کلیدی: رمزنگاری هوشمند | امنیت شبکه | ذخیره سازی توزیع شده انبوه | محاسبات ابری | داده های بزرگ
|مقاله ترجمه شده|
STPA-SafeSec: Safety and security analysis for cyber-physical systems
STPA-SafeSec: تجزیه و تحلیل ایمنی و امنیت سیستم های فیزیکی سایبری-2017
Article history:Available online 30 June 2016Keywords:Smart gridSynchronous islanded generation STPACPSSafetyCyber securityCyber-physical systems tightly integrate physical processes and information and communication technolo- gies. As today’s critical infrastructures, e.g., the power grid or water distribution networks, are complex cyber-physical systems, ensuring their safety and security becomes of paramount importance. Traditional safety analysis methods, such as HAZOP, are ill-suited to assess these systems. Furthermore, cybersecu- rity vulnerabilities are often not considered critical, because their effects on the physical processes are not fully understood. In this work, we present STPA-SafeSec, a novel analysis methodology for both safety and security. Its results show the dependencies between cybersecurity vulnerabilities and system safety. Us- ing this information, the most effective mitigation strategies to ensure safety and security of the system can be readily identiﬁed. We apply STPA-SafeSec to a use case in the power grid domain, and highlight its beneﬁts.© 2016 The Authors. Published by Elsevier Ltd. This is an open access article under the CC BY license. (http://creativecommons.org/licenses/by/4.0/)
Keywords: Smart grid | Synchronous islanded generation | STPA | CPS | Safety | Cyber security