Browsing by Author "Aloseel, Abdulmohsan"

Now showing 1 - 6 of 6
  • Thumbnail Image
    ItemOpen Access
    Analytical review of cybersecurity for embedded systems
    (IEEE, 2020-12-21) Aloseel, Abdulmohsan; He, Hongmei; Shaw, Carl; Khan, Muhammad Ali
    To identify the key factors and create the landscape of cybersecurity for embedded systems (CSES), an analytical review of the existing research on CSES has been conducted. The common properties of embedded systems, such as mobility, small size, low cost, independence, and limited power consumption when compared to traditional computer systems, have caused many challenges in CSES. The conflict between cybersecurity requirements and the computing capabilities of embedded systems makes it critical to implement sophisticated security countermeasures against cyber-attacks in an embedded system with limited resources, without draining those resources. In this study, twelve factors influencing CSES have been identified: (1) the components; (2) the characteristics; (3) the implementation; (4) the technical domain; (5) the security requirements; (6) the security problems; (7) the connectivity protocols; (8) the attack surfaces; (9) the impact of the cyber-attacks; (10) the security challenges of the ESs; (11) the security solutions; and (12) the players (manufacturers, legislators, operators, and users). A Multiple Layers Feedback Framework of Embedded System Cybersecurity (MuLFESC) with nine layers of protection is proposed, with new metrics of risk assessment. This will enable cybersecurity practitioners to conduct an assessment of their systems with regard to twelve identified cybersecurity aspects. In MuLFESC, the feedback from the system-components layer to the system-operations layer could help implement ‘‘Security by Design’’ in the design stage at the bottom layer. The study provides a clear landscape of CSES and, therefore, could help to find better comprehensive solutions for CSES.
  • Thumbnail Image
    ItemOpen Access
    Attack-detection architectural framework based on anomalous patterns of system performance and resource utilization - Part II
    (IEEE, 2021-06-11) Aloseel, Abdulmohsan; Al-Rubaye, Saba; Zolotas, Argyrios; Shaw, Carl
    This paper presents a unique security approach for detecting cyber-attacks against embedded systems (ESs). The proposed approach has been shaped within an architectural framework called anomalous resource consumption detection (ARCD). The approach’s detection mechanism detects cyber-attacks by distinguishing anomalous performance and resource consumption patterns from a pre-determinable reference model. The defense mechanism of this approach acts as an additional layer of protection for ESs. This technique’s effectiveness was previously evaluated statistically, and in this paper, we tested this approach’s efficiency computationally by using the support-vector machine algorithm. The datasets were generated and collected based on a testbed model, where it was run repeatedly under different operation conditions (normal cases (Rs) versus attacked cases). The executed attack scenarios are 1) denial-of-service (DoS); 2) brute force (BF); and 3) remote code execution (RCE), and man-in-the-middle (MITM). A septenary tuple model, which consists of seven determinants that are analyzed based on seven statistical criteria, is the core of the detection mechanism. The prediction accuracy in terms of classifying anomalous patterns compared to normal patterns based on the confusion matrix revealed promising results, proving this approach’s effectiveness, where the final results confirmed very high prediction accuracies in terms of distinguishing anomalous patterns from the typical patterns. Integrating the ARCD concept into an operating system’s functionality could help software developers augment the existing security countermeasures of ESs. Adopting the ARCD approach will pave the way for software engineers to build more secure operating systems in line with the embedded system’s capabilities, without depleting its resources.
  • Thumbnail Image
    ItemOpen Access
    Cybersecurity of embedded systems a novel approach for detecting cyberattacks based on anomalous patterns of resource utilisation
    (Cranfield University, 2022-01) Aloseel, Abdulmohsan; Al-Rubaye, Saba; Zolotas, Argyrios
    An embedded system (ES) is a processing unit that has been embedded into a larger cyber-physical system (CPS) to steer its functions. The ES has played an essential role in modern life, where it has been used widely in sensing, controlling and computing for countless applications in different domains, such as the internet of things (IoT), smart cities, healthcare, transportation, communication, military, transportation, gas distribution, avionics and national infrastructures. Due to its widespread application in different domains and its evolution in conjunction with many key technologies, it is crucial that these systems are secured against cyberattacks as the ES has the same generic security goals – confidentiality, integrity and availability – as conventional computer systems. Although the ES is exposed to the numerous and unpredicted security threats that are experienced by conventional computer systems, it is significantly limited in its ability to manage the advanced security solutions that are implemented on conventional computer systems. The limitations in resources of the ES, due to its identity or characteristics, impose tight constraints on both its communication and computing capacity, thereby hindering the implementation of advanced security solutions. Thus, the cybersecurity of an ES is limited by constraints on its resources rather than by the absence of advanced security solutions. There is an urgent need, therefore, to develop security solutions that are compatible with the capabilities of the ES. This study tried to bridge the gap by addressing both theoretical and empirical aspects of ES cybersecurity. The study can be divided into three main blocks. The first block identifies the key factors, involved parties or entities, and creates the cybersecurity landscape for embedded systems (CSES), while considering the conflict between the requirements for cybersecurity and the computing capabilities of an ESs. Additionally, twelve factors influencing CSES have been extracted and identified based on the direction of the research. These factors have been used to shape a multiple layers feedback framework of embedded system cybersecurity (MuLFESC), with nine layers of protection. It has been developed in line with an expanded model of risk assessment metrics, which will enable cybersecurity practitioners to evaluate the security countermeasures of their systems and assist in the development of more comprehensive solutions for CSES. A novel security approach, called anomalous resource consumption detection (ARCD), was developed in the second block of this study. This involved the design of a testbed to provide a realistic hardware-software environment to analyse an example application of an ES. A Smart PiCar was run repeatedly under different operational conditions – typical conditions and under attack. The data of seven designated parameters based on seven statistical criteria was analysed to measure the range, pattern of performance and resource utilisation. The results from this statistical analysis demonstrated the potential for defining a standard pattern for the resource utilisation and performance of the embedded system due to a significant similarity with the values of the parameters at normal states. In contrast, the results from the attacked cases showed a definite and detectable impact on the consumption and performance of the resources of the ES, which presented anomalous patterns. The ARCD method can be implemented as an additional layer of protection to detect cyber-attacks in an ES, where a septenary tuple model, consisting of seven parameters, is the core of the detection mechanism. In the final block, the ARCD approach has been placed within an architectural framework, which may pave the way for software engineers to build secure operating systems in line with the capabilities of the ES. The architectural framework was developed after the efficiency of the approach was computationally validated by machine learning. This involved the design of a classifier and predictor model to find the predictive accuracy percentage in terms of separating patterns of anomalous performance and resource utilisation from the typical pattern. Based on the confusion matrix, the prediction accuracy for classifying anomalous patterns compared with default patterns revealed promising results, thus proving the effectiveness of the ARCD approach. The results confirmed very high prediction accuracies as regards distinguishing anomalous patterns from the typical patterns.
  • Thumbnail Image
    ItemOpen Access
    Identifying and predicting cybersecurity threats in industry 4.0 based on the motivations towards a critical infrastructure
    (IOS Press, 2022-09-08) Alqudhaibi, Adel; Aloseel, Abdulmohsan; Jagtap, Sandeep; Salonitis, Konstantinos
    Industry 4.0 (I4.0) is an emerging concept describing the business setting application of a broad set of digitalisation technologies, connectivity, and automation. The most common critical infrastructure (CI) uses Industrial Control Systems (ICS) for operation and supervisory control. However, the Supervisory Control and Data Acquisition (SCADA) and Internet of things (IoT) systems are examples of ICSs applications. These systems, like any other systems exposed to many security risks and are vulnerable to many threats. This is mainly due to the lack of objective standards and proactive security countermeasures that companies unintentionally neglected in the early stages of designing these systems. It is also due to the absence of managerial and technical skills necessary to implement them. Therefore, identifying and preventing potential security threats against CIs is the focus of this paper. A novel security approach concept that can predict cybersecurity threats based on the CI nature and take into consideration the attack motivations accordingly has been delivered in this paper. The proposed concept of this approach will also facilitate the detection of potential attack types and the required countermeasures in particular infrastructures.
  • Thumbnail Image
    ItemOpen Access
    A novel approach for detecting cyberattacks in embedded systems based on anomalous patterns of resource utilization - Part I
    (IEEE, 2021-06-11) Aloseel, Abdulmohsan; Al-Rubaye, Saba; Zolotas, Argyrios; He, Hongmei; Shaw, Carl
    This paper presents a novel security approach called Anomalous Resource Consumption Detection (ARCD), which acts as an additional layer of protection to detect cyberattacks in embedded systems (ESs). The ARCD approach is based on the differentiation between the predefined standard resource consumption pattern and the anomalous consumption pattern of system resource utilization. The effectiveness of the proposed approach is tested in a rigorous manner by simulating four types of cyberattacks: a denial-of-service attack, a brute-force attack, a remote code execution attack, and a man-in-the-middle attack, which are executed on a Smart PiCar (used as the testbed). A septenary tuple model consisting of seven parameters, representing the embedded system’s architecture, has been created as the core of the detection mechanism. The approach’s efficiency and effectiveness has been validated in terms of range and pattern by analyzing the collected data statistically in terms of mean, median, mode, standard deviation, range, minimum, and maximum values. The results demonstrated the potential for defining a standard pattern of resource utilization and performance of the embedded system due to a significant similarity of the parameters’ values at normal states. In contrast, the attacked cases showed a definite, observable, and detectable impact on resource consumption and performance of the embedded system, causing an anomalous pattern. Thus, by merging these two findings, the ARCD approach has been developed. ARCD facilitates building secure operating systems in line with the ES’s capabilities. Furthermore, the ARCD approach can work along with existing countermeasures to augment the security of the operating system layer.
  • Thumbnail Image
    ItemOpen Access
    Predicting cybersecurity threats in critical infrastructure for Industry 4.0: a proactive approach based on attacker motivations
    (MDPI, 2023-05-06) Alqudhaibi, Adel; Albarrak, Majed; Aloseel, Abdulmohsan; Jagtap, Sandeep; Salonitis, Konstantinos
    n Industry 4.0, manufacturing and critical systems require high levels of flexibility and resilience for dynamic outcomes. Industrial Control Systems (ICS), specifically Supervisory Control and Data Acquisition (SCADA) systems, are commonly used for operation and control of Critical Infrastructure (CI). However, due to the lack of security controls, standards, and proactive security measures in the design of these systems, they have security risks and vulnerabilities. Therefore, efficient and effective security solutions are needed to secure the conjunction between CI and I4.0 applications. This paper predicts potential cyberattacks and threats against CI systems by considering attacker motivations and using machine learning models. The approach presents a novel cybersecurity prediction technique that forecasts potential attack methods, depending on specific CI and attacker motivations. The proposed model’s accuracy in terms of False Positive Rate (FPR) reached 66% with the trained and test datasets. This proactive approach predicts potential attack methods based on specific CI and attacker motivations, and doubling the trained data sets will improve the accuracy of the proposed model in the future.