Gowri Ramachandran

Sk Tanzir Mehedi, Raja Jurdak, Chadni Islam et al.

The security of open-source software repositories is increasingly threatened by next-gen software supply chain attacks. These attacks include multiphase malware execution, remote access activation, and dynamic payload generation. Traditional Machine Learning (ML) detectors struggle to detect these attacks due to the high-dimensional and sparse nature of dynamic behavioral data, including system calls, network traffic, directory access patterns, and dependency logs. As a result, these data characteristics degrade the performance, stability, and explainability of ML models. These challenges have made Deep Learning (DL) a promising alternative, given its success across various domains and its potential for modeling complex patterns. This paper presents eDySec, a DL-based efficient, stable, and explainable framework for dynamic behavioral analysis to detect malicious packages. Using the QUT-DV25 dataset, which captures both install-time and post-installation behaviors of packages, we evaluate DL models and investigate feature sets to identify the most discriminative attributes for enabling efficient malicious package detection. Additionally, model stability analysis and explainable AI techniques are incorporated into the detection pipeline to enable stable, and transparent interpretations of model decisions. Experimental results demonstrate that eDySec significantly outperforms the state-of-the-art frameworks. Specifically, it halves feature dimensionality while lowering false positives by 82% and false negatives by 79%. It also improves accuracy by 3%, achieves near-perfect stability, and maintains an inference latency of 170ms per package. Further analysis reveals that feature and model selection play a critical role, as certain combinations degrade performance. Ultimately, this study advances the understanding of the strengths and limitations of dynamic analysis against next-gen attacks.

Khondokar Fida Hasan, Anthony Overall, Keyvan Ansari et al.

The recent advancement of cloud technology offers unparallel strength to support intelligent computations and advanced services to assist with automated decisions to improve road transportation safety and comfort. Besides, the rise of machine intelligence propels the technological evolution of transportation systems one step further and leads to a new framework known as Cognitive Internet of Vehicles (C-IoV). The redefined cognitive technology in this framework promises significant enhancements and optimized network capacities compared with its predecessor framework, the Internet of Vehicles (IoV). CIoV offers additional security measures and introduces security and privacy concerns, such as evasion attacks, additional threats of data poisoning, and learning errors, which may likely lead to system failure and road user fatalities. Similar to many other public enterprise systems, transportation has a significant impact on the population. Therefore, it is crucial to understand the evolution and equally essential to identify potential security vulnerabilities and issues to offer mitigation towards success. This chapter offers discussions framing answers to the following two questions, 1) how and in what ways the penetration of the latest technologies are reshaping the transportation system? 2) whether the evolved system is capable of addressing the concerns of cybersecurity? This chapter, therefore, starts presenting the evolution of the transportation system followed by a quick overview of the evolved CIoV, highlighting the evolved cognitive design. Later it presents how a cognitive engine can overcome legacy security concerns and also be subjected to further potential security, privacy, and trust issues that this cloud-based evolved transportation system may encounter.

Arvin Hekmati, Gowri Ramachandran, Bhaskar Krishnamachari

Pandemic and epidemic diseases such as CoVID-19, SARS-CoV2, and Ebola have spread to multiple countries and infected thousands of people. Such diseases spread mainly through person-to-person contacts. Health care authorities recommend contact tracing procedures to prevent the spread to a vast population. Although several mobile applications have been developed to trace contacts, they typically require collection of privacy-intrusive information such as GPS locations, and the logging of privacy-sensitive data on a third party server, or require additional infrastructure such as WiFi APs with known locations. In this paper, we introduce CONTAIN, a privacy-oriented mobile contact tracing application that does not rely on GPS or any other form of infrastructure-based location sensing, nor the continuous logging of any other personally identifiable information on a server. The goal of CONTAIN is to allow users to determine with complete privacy if they have been within a short distance, specifically, Bluetooth wireless range, of someone that is infected, and potentially also when. We identify and prove the privacy guarantees provided by our approach. Our simulation study utilizing an empirical trace dataset (Asturies) involving 100 mobile devices and around 60000 records shows that users can maximize their possibility of identifying if they were near an infected user by turning on the app during active times.