Basel Halak

Haoyu Wang, Basel Halak, Jianjie Ren et al.

This study introduces a refined Flooding Injection Rate-adjustable Denial-of-Service (DoS) model for Network-on-Chips (NoCs) and more importantly presents DL2Fence, a novel framework utilizing Deep Learning (DL) and Frame Fusion (2F) for DoS detection and localization. Two Convolutional Neural Networks models for classification and segmentation were developed to detect and localize DoS respectively. It achieves detection and localization accuracies of 95.8% and 91.7%, and precision rates of 98.5% and 99.3% in a 16x16 mesh NoC. The framework's hardware overhead notably decreases by 76.3% when scaling from 8x8 to 16x16 NoCs, and it requires 42.4% less hardware compared to state-of-the-arts. This advancement demonstrates DL2Fence's effectiveness in balancing outstanding detection performance in large-scale NoCs with extremely low hardware overhead.

Cato Pauling, Michael Gimson, Muhammed Qaid et al.

Machine learning algorithms are used to construct a mathematical model for a system based on training data. Such a model is capable of making highly accurate predictions without being explicitly programmed to do so. These techniques have a great many applications in all areas of the modern digital economy and artificial intelligence. More importantly, these methods are essential for a rapidly increasing number of safety-critical applications such as autonomous vehicles and intelligent defense systems. However, emerging adversarial learning attacks pose a serious security threat that greatly undermines further such systems. The latter are classified into four types, evasion (manipulating data to avoid detection), poisoning (injection malicious training samples to disrupt retraining), model stealing (extraction), and inference (leveraging over-generalization on training data). Understanding this type of attacks is a crucial first step for the development of effective countermeasures. The paper provides a detailed tutorial on the principles of adversarial machining learning, explains the different attack scenarios, and gives an in-depth insight into the state-of-art defense mechanisms against this rising threat .

Stephen Hart, Basel Halak, Vladimiro Sassone

In the last few years, serious games have become popular, with a consensus of the benefits for teaching cyber security awareness and education. However, there is still a lack of pedagogical driven methodologies and tools to support serious games design to ensure they achieve the learning objectives. This paper proposes MOTENS, a pedagogical model, to design serious cyber games based on the gaps we identified in the current games design models and the lessons learnt from creating a serious tabletop game called Riskio, designed to teach cyber security awareness and education. The MOTENS model has six high-level components. Five components are linked to the games/design mechanics, and one component, `Theory', that supports the design's cognitive principles, including players' motivation. The model is used to design serious cyber games and goes through five stages, from identifying and segmenting target players, steps to creating game mechanics linked to pedagogy instruction and then to testing to create a serious game that is designed to achieve the games learning objectives.

Robert Cockell, Basel Halak

This paper proposes a portable hardware token for user authentication, it is based on the use of keystroke dynamics to verify users in a bio-metric manner. The proposed approach allows for a multifactor authentication scheme in which users are not allowed access unless they provide the correct password and their unique bio-metric signature. The proposed system is implemented in hardware and its security is evaluated.

Leonardo Aniello, Basel Halak, Peter Chai et al.

The complexity of today's supply chain, organised in several tiers and including many companies located in different countries, makes it challenging to assess the history and integrity of procured physical parts, and to make organisations really accountable for their conduct. This enables malicious practices like counterfeiting and insertion of back doors, which are extremely dangerous, especially in supply chains of physical parts for industrial control systems used in critical infrastructures, where a country and human lives can be put at risk. This paper aims at mitigating these issues by proposing an approach where procured parts are uniquely identified and tracked along the chain, across multiple sites, to detect tampering. Our solution is based on consortium blockchain and smart contract technologies, hence it is decentralised, highly available and provides strong guarantees on the integrity of stored data and executed business logic. The unique identification of parts along the chain is implemented by using physically unclonable functions (PUFs) as tamper-resistant IDs. We first define the threat model of an adversary interested in tampering with physical products along the supply chain, then provide the design of the tracking system that implements the proposed anti-counterfeiting approach. We present a security analysis of the tracking system against the designated threat model and a prototype evaluation to show its technical feasibility and assess its effectiveness in counterfeit mitigation. Finally, we discuss several key practical aspects concerning our solution ad its integration with real supply chains.