Fortifying Vehicular Security through Low Overhead Physically Unclonable Functions

Within vehicles, the Controller Area Network (CAN) allows efficient communication between the electronic control units (ECUs) responsible for controlling the various subsystems. The CAN protocol was not designed to include much support for secure communication. The fact that so many critical systems can be accessed through an insecure communication network presents a major security concern. Adding security features to CAN is difficult due to the limited resources available to the individual ECUs and the costs that would be associated with adding the necessary hardware to support any additional security operations without overly degrading the performance of standard communication. Replacing the protocol is another option, but it is subject to many of the same problems. The lack of security becomes even more concerning as vehicles continue to adopt smart features. Smart vehicles have a multitude of communication interfaces an attacker could exploit to gain access to the networks. In this work, we propose a security framework that is based on physically unclonable functions (PUFs) and lightweight cryptography (LWC). The framework does not require any modification to the standard CAN protocol while also minimizing the amount of additional message overhead required for its operation. The improvements in our proposed framework result in major reduction in the number of CAN frames that must be sent during operation. For a system with 20 ECUs, for example, our proposed framework only requires 6.5% of the number of CAN frames that is required by the existing approach to successfully authenticate every ECU.

XGB-RF: A Hybrid Machine Learning Approach for IoT Intrusion Detection

In the past few years, Internet of Things (IoT) devices have evolved faster and the use of these devices is exceedingly increasing to make our daily activities easier than ever. However, numerous security flaws persist on IoT devices due to the fact that the majority of them lack the memory and computing resources necessary for adequate security operations. As a result, IoT devices are affected by a variety of attacks. A single attack on network systems or devices can lead to significant damages in data security and privacy. However, machine-learning techniques can be applied to detect IoT attacks. In this paper, a hybrid machine learning scheme called XGB-RF is proposed for detecting intrusion attacks. The proposed hybrid method was applied to the N-BaIoT dataset containing hazardous botnet attacks. Random forest (RF) was used for the feature selection and eXtreme Gradient Boosting (XGB) classifier was used to detect different types of attacks on IoT environments. The performance of the proposed XGB-RF scheme is evaluated based on several evaluation metrics and demonstrates that the model successfully detects 99.94% of the attacks. After comparing it with state-of-the-art algorithms, our proposed model has achieved better performance for every metric. As the proposed scheme is capable of detecting botnet attacks effectively, it can significantly contribute to reducing the security concerns associated with IoT systems.

The Missing Piece of the Puzzle: The EMASYA Protocol and Civil-Military Relations in Turkey

The civil-military relations literature on Turkey focuses predominantly on the guardianship role of the Turkish military, its interventions, and the role of the National Security Council as the main institutional mechanism of military tutelage. Yet, the existing studies lack a much-needed focus on the law enforcement or policing missions of the Turkish military. To fill this gap, this study discusses the EMASYA Protocol ( Emniyet Asayiş Yardımlaşma or Security and Public Order Assistance), a secret protocol signed in 1997. Emerging in the context of political instability and military tutelage of the 1990s, the Protocol enabled the military to conduct internal security operations without permission from the civilian authorities. This paper argues that the EMASYA Protocol provided a sphere of “reformulated new professionalism” for the Turkish military, enabled it to specialize in the war against rising internal threats such as reactionary Islam and Kurdish separatism, and created anomalies in civil-military relations in Turkey.

Security Framework for Supply-Chain Management

In recent times, cyber-attacks have been a significant problem in any organization. It can damage the brand name if confidential data is compromised. A robust cybersecurity framework should be an essential aspect of any organization. This chapter talks about the security framework for cyber threats in supply chain management and discusses in detail the implementation of a secure environment through various controls. Today, a systematic method is used for handling sensitive information in an organization. It includes processes, people, and IT systems by implementing a risk management method. Distinct controls dedicated to different levels of domains, namely human resources, access control, asset management, cryptography, physical security, operations security, supplier relations, acquisition, incident management, and security governance are provided. Companies, contractors, and any others who are part of the supply chain organization must follow this security framework to defend from any cyber-attacks.

A Survey on TLS-Encrypted Malware Network Traffic Analysis Applicable to Security Operations Centers

Recently, a majority of security operations centers (SOCs) have been facing a critical issue of increased adoption of transport layer security (TLS) encryption on the Internet, in network traffic analysis (NTA). To this end, in this survey article, we present existing research on NTA and related areas, primarily focusing on TLS-encrypted traffic to detect and classify malicious traffic with deployment scenarios for SOCs. Security experts in SOCs and researchers in academia can obtain useful information from our survey, as the main focus of our survey is NTA methods applicable to malware detection and family classification. Especially, we have discussed pros and cons of three main deployment models for encrypted NTA: TLS interception, inspection using cryptographic functions, and passive inspection without decryption. In addition, we have discussed the state-of-the-art methods in TLS-encrypted NTA for each component of a machine learning pipeline, typically used in the state-of-the-art methods.