cybersecurity

A Research Proposal about Poisoning Attacks

/ bugejajoseph / Leave a comment

On Tuesday, 29th June, I did my last presentation before taking my Summer vacation. In the presentation, I talked about a potential research proposal concentrated on data poisoning attacks. Specifically, I discussed how this attack class could target an IoT-based system, such as a smart building, resulting in potentially severe consequences to a business. While poisoning attacks have been researched for a bit, they are relatively understudied especially in contexts involving online learning and interactive learning.

Here is a link to a redacted version of my presentation:

Research ProposalDownload

In case you want to know more about cyber security especially its application to the IoT and Machine Learning based systems you are welcome to drop me a message.

Security Engineering and Machine Learning

/ bugejajoseph / Leave a comment

This week I attended the 36th IFIP TC-11 International Information Security and Privacy Conference. The conference was organized by the Department of Informatics at the University of Oslo. During the first day of the conference, there was a keynote on Security Engineering by the celebrated security expert Prof. Dr. Ross Anderson.

He discussed the topic involving the interaction between security engineering and machine learning. He warned us about the things that can go wrong with machine learning systems, including some new attacks and defenses, such as the Taboo Trap, data ordering attacks, sponge attacks, and more.

Outline of Ross Anderson’s keynote (IFIP TC-11).

I especially enjoyed the part of his talk where he mentions the human to machine learning interaction. Coincidentally, this is a topic that I am researching. He discusses cases when robots incorporating machine learning components start mixing with humans, and then some tension and conflict, e.g., robots trying to deceive and bully humans, arises. This is a scenario that we should expect to see more in the future.

I highly recommend you to consider purchasing his brilliant book titled: “Security Engineering: A Guide to Building Dependable Distributed Systems”. This book is filled with actionable advice and latest research on how to design, implement, and test systems to withstand attacks. Certainly, this book has an extremely broad coverage of security in general and absolutely worth the purchase!

Sweden’s cyber range and cyber security

/ bugejajoseph / Leave a comment

On Wednesday, 2nd June, I attended an interesting online program about cybersecurity. This program was organized by the Research Institutes of Sweden (RISE). Its main theme was about the inauguration of RISE’s cyber range and cyber security in Sweden.

A cyber range is a virtual environment that companies can use typically for cyber warfare training. Sweden’s own cyber range was introduced as a multipurpose state-of-the-art cybersecurity research environment, test, and a demo arena. Using RISE’s cyber range it appears that real-world applications, for example, vehicles and automotive systems, could be tested, in a safe environment, against real-world attacks. This is done using a sandboxed virtualised network environment that is managed and operated by professionals.

In addition to cyber range, there were other topics presented from a variety of compelling speakers. Particularly, topics about the Swedish bug bounty, cyber security at the EU level, and cyber security investment opportunities. One delivery (in Swedish) that I think was riveting was an interview with an (unnamed) ethical hacker.

  • Carl Heath (RISE) interview an ethical hacker.

Cyber security is a topic that is becoming increasingly important, especially as more systems are getting interconnected. Unfortunately, there is a shortage of skilled and qualified individuals to fill the increasing demands for cyber security professionals.

From an academic perspective, we have been for years, and especially in recent years, developing and running courses about cybersecurity. However, this year, in Sweden, we are developing something that specifically is meant to help advance cyber security research and competence. More on that in a later post.

Hosting Virtual Classes using Zoom and Discord

/ bugejajoseph / Leave a comment

On Monday, 18 January, I delivered my first lecture for 2021 in my cybersecurity course at Malmö University. This year, is my 5th year running this course, and I have about 120 students registered for the course. This is a good turnout, and I am happy that many students are keen to learn about cybersecurity. Unlike previous years, the full course, including all its deliverables are going to be held online.  So, anyone provided with the link to the lecture and an Internet connection can access the lecture live, potentially from anywhere without the need to commute to university.

When it comes to lectures, I am using Zoom as the main software program to share my slides and interact with students. One of the cool features of Zoom, which is similar to that of a traditional classroom, is its whiteboard. Effectively, Zoom allows the host to share a digital whiteboard that can be used in a similar way to a physical whiteboard but supporting more options. When using Zoom’s whiteboard, I commonly connect my tablet to the meeting and start sketching out using a digital pen. It can be quite challenging to draw a diagram using only a computer mouse. 

Sharing the Whiteboard on Zoom

Sharing the whiteboard on Zoom.

Another nice feature of Zoom, that I started using recently, particularly for managing a workshop, is called “breakout rooms.” This function allows the meeting host to split the participants into smaller groups so that participants can discuss separately in different rooms without disturbing others. I have seen the use of “breakout rooms” in many virtual conferences I have participated in recently. The partitioning into groups can be done automatically or manually, or otherwise, the host can allow participants to select and enter breakout sessions as they please. 

As a complement to “breakout rooms” in Zoom, I am also using Discord for supporting students, especially in their lab practicals. Discord is a VoIP, instant messaging, and digital distribution platform, particularly popular with gamers. In our case, we found Discord to be fast and reliable for handling voice and video simultaneously. Its straightforward participation system also makes it ideal for assisting students in their practicals. 

In case you want to learn more about my experience with digital teaching, please feel free to get in touch or leave a comment below.