S.H. van Engelenburg
Please Note
18 records found
1
The internet-of-Vehicle (IoV) can facilitate seamless connectivity between connected vehicles (CV), autonomous vehicles (AV), and other IoV entities. Intrusion Detection Systems (IDSs) for IoV networks can rely on machine learning (ML) to protect the in-vehicle network from cyber-attacks. Blockchain-based Federated Forests (BFFs) could be used to train ML models based on data from IoV entities while protecting the confidentiality of the data and reducing the risks of tampering with the data. However, ML models are still vulnerable to evasion, poisoning and exploratory attacks by adversarial examples. The BFF-IDS offers partial defence against poisoning but has no measure for evasion attacks, the most common attack/threat faced by ML models. Besides, the impact of adversarial examples transferability in CAN IDS has largely remained untested. This paper investigates the impact of various possible adversarial examples on the BFF-IDS. We also investigated the statistical adversarial detector's effectiveness and resilience in detecting the attacks and subsequent countermeasures by augmenting the model with detected samples. Our investigation results established that BFF-IDS is very vulnerable to adversarial examples attacks. The statistical adversarial detector and the subsequent BFF-IDS augmentation (BFF-IDS(AUG)) provide an effective mechanism against the adversarial examples. Consequently, integrating the statistical adversarial detector and the subsequent BFF-IDS augmentation with the detected adversarial samples provides a sustainable security framework against adversarial examples and other unknown attacks.
Realizing value from voluntary business-government information sharing through blockchain-enabled infrastructures
The case of importing tires to the Netherlands using TradeLens
In-vehicle communication systems are usually managed by controller area networks (CAN). By broadcasting packets to their bus, the CAN facilitates the interaction between Electronic Control Units (ECU) that coordinate, monitor and control internal vehicle components. With no authentication mechanism for identifying the legitimacy and source of packets, CAN are vulnerable to cyber-attacks. An Intrusion Detection System (IDS) can detect attacks on CAN and machine learning can be used to create the models for the IDSs to detect non-linear attack patterns. However, car manufacturers and owners might want to keep the sensitive information required for training the models confidential. Therefore, we proposed a Blockchain-based Federated Forest Software-Defined Networking (SDN)-enabled IDS (BFF-IDS) to address the problem of data sharing the sensitive CAN data. To ensure scalability, we used InterPlanetary File System (IPFS) to host the models, and the blockchain is designed to store only a hash of the model and a pointer to its location. The SDN provides the dynamic routing of packets and model exchanges. We used Federated Learning (FL) to create a random forest model. Individuals provide partially trained models, allowing them to keep the underlying data confidential. Using Fourier transform, we decomposed the CAN IDs cycle from CAN bus traffic in the frequency domain for better generalization in multiclass detection of attacks. Multiple statistical and entropy features were extracted to handle the high complexity and non-linearity in CAN bus traffic. The proposed system allows manufacturers and car owners to contribute to the training of the models, as their sensitive data is protected. By storing hashes of the models on a blockchain, the risk of adversaries poisoning the models is reduced and a single point of failure is avoided. We evaluated the proposed system by conducting experiments on a testbed. We found that the proposed system has efficient use of memory and CPU resources and that the detection rate of closely related attacks was high. We recorded the highest model attack detection rate of about 0.981.
Developing Large Scale B2B Blockchain Architectures for Global Trade Lane
Are the design principles derived based on the upscaling of the Internet applicable for upscaling global blockchain-enabled infrastructures?
Business-to-government information exchange has over the past decades greatly benefited from data exchange standards and inter-organisational systems. The data era enables a new shift in the type of information sharing; from formal reporting to opening up full (and big) data sets. This enables new analytics and insights by government, more effective and efficient compliance assessment, and other uses. The emphasis here shifts from establishing formats to deciding what information can be shared, under what conditions, and how to create added value. There are numerous initiatives that explore how to put data to better use for businesses, for government and for their interactions. However, there is limited attention to exactly how these new forms of extensive data sharing affects the supervision relationships. In this paper, we exploratively look across three research projects to identify the implications of information sharing beyond the regulatory requirements (‘over-compliant’). We find that the lack of attention to those implications lead to solutions that are hard to scale up and present unexpected consequences down the line, which may negatively impact the future willingness to explore new potential added value of data sharing.
Supply chain management is hampered by a lack of information sharing among partners. Information is not shared as organizations in the supply chain do not have direct contact and/or do not want to share competitive and privacy sensitive information. In addition, companies are often part of multiple supply chains and trading partners vary over time. Blockchains are distributed ledgers in which all parties in a network can have access to data under certain conditions. Private blockchains can be used to support parties in making their demand data directly available to all other parties in their supply chain. These parties can use this data to improve their planning and reduce the bullwhip effect. However, the transparency that blockchain technology offers makes it more difficult to protect sensitive data. The dynamics between these properties are not well understood. In this paper, we design and evaluate a blockchain architecture to explore its feasibility for reducing information asymmetry, while at the same time protecting sensitive data. We found that blockchain technology can allow parties to balance their need for inventory management with their need for flexibility for changing partners. However, measures to protect sensitive data lead either to reduced information, or to reduced speed by which the information can be accessed.
What Belongs to Context?
A Definition, a Criterion and a Method for Deciding on What Context-Aware Systems Should Sense and Adapt to
Design of a software architecture supporting business-to-government information sharing to improve public safety and security
Combining business rules, Events and blockchain technology