security

Exploring the Interdependencies between AI and Cybersecurity

/ bugejajoseph / Leave a comment
Photo by Pixabay on Pexels.com

With the increasing prevalence of AI technology in our lives, it is important to understand the relationship between AI and cybersecurity. This relationship is complex, with a range of interdependencies between AI and cybersecurity. From the cybersecurity of AI systems to the use of AI in bolstering cyber defenses, and even the malicious use of AI, there are a number of different dimensions to explore.

  • Protecting AI Systems from Cyber Threats: As AI is increasingly used in a variety of applications, the security of the AI technology and its systems is paramount. This includes the implementation of measures such as data encryption, authentication protocols, and access control to ensure the safety and integrity of AI systems.
  • Using AI to Support Cybersecurity: AI-based technologies are being used to detect cyber threats and anomalies that may not be detected by traditional security tools. AI-powered security tools are being developed to analyze data and detect malicious activities, such as malware and phishing attacks.
  • AI-Facilitated Cybercrime: AI-powered tools can be used in malicious ways, from deepfakes used to spread misinformation to botnets used to launch DDoS attacks. The potential for malicious use of AI is a major concern for cybersecurity professionals.

In conclusion, AI and cybersecurity have a multi-dimensional relationship with a number of interdependencies. AI is being used to bolster cybersecurity, while at the same time it is being used for malicious activities. Cybersecurity professionals must be aware of the potential for malicious use of AI and ensure that the security of AI systems is maintained.

Explore the Future of Smart Home Technology with Amazon’s Dream Home

/ bugejajoseph / Leave a comment
Photo by Jessica Lewis Creative on Pexels.com

From Amazon’s Echo to its Ring doorbell, the tech giant has made its way into many of our homes. But do you know what Amazon is learning about you and your family? From its smart gadgets, services, and data collection, Amazon has the potential to build a detailed profile of its users.

The data collected by Amazon can help power an “ambient intelligence” to make our home smarter, but it can also be a surveillance nightmare. Amazon may not “sell” our data to third parties, but it can use it to gain insights into our buying habits and more.

We must all decide how much of our lives we’re comfortable with Big Tech tracking us. Read the story authored by Geoffrey A. Fowler here to explore ways in which Amazon and potentially other Big Tech companies are watching us.

If you want to learn more about cyber security and smart homes, don’t hesitate to get in touch with me! I’m always happy to answer any questions and always look for collaboration opportunities.

The Matter Smart Home Standard

/ bugejajoseph / Leave a comment
Photo by John Tekeridis on Pexels.com

Matter is a royalty-free smart home standard that promotes platform and device interoperability. Built on the Internet Protocol, Matter enables communication across smart home devices and ecosystems over a variety of IP-based networking technologies, such as Thread, Wi-Fi, and Ethernet.

The persistent need for an Internet connection experienced by modern IoT devices is likewise addressed by the Matter smart home standard. Indeed, Matter products run locally and do not rely on an Internet connection, although the standard is designed to readily communicate with the cloud.

Security is a fundamental premise of Matter. Matter functional security includes the following five characteristics:

  • Comprehensive – Matter is an open-source framework designed to provide comprehensive security with a layered approach that includes authentication, attestation, message protection and firmware updates, relying solely on its own security features and not on external communication protocols.
  • Strong – Matter implements a variety of security techniques, including a cryptosuite based on AES, SHA-256, and ECC, as well as passcode-based session and certificate-based establishment protocols. It also adopts device attestation and the CSA Distributed Compliance Ledger to guarantee a compliant and interoperable ecosystem.
  • Easy to use – Matter security is a smart device platform designed to make the implementation and use of smart devices much easier for device makers and consumers alike. It comes with open source reference implementations and well-defined security assets, making it a secure and simple solution for customers.
  • Resilient – Matter security is designed to protect, detect, and recover data, utilizing multiple protocols and measures to prevent denial of service attacks and provide resilience even when sleeping devices are involved.
  • Agile – Matter is a crypto-flexible protocol that abstracts cryptographic primitives, enabling the specification to be quickly changed or upgraded in response to new security threats. The modular design also allows for individual protocols to be replaced without completely overhauling the whole system.

Matter is paving the way for a secure and reliable connected home of the future. With its comprehensive security and ability to operate without an Internet connection, Matter is the ideal choice for modern IoT devices. It is revolutionizing the way home devices communicate, providing a safe and secure environment for the connected home of the future.

Read more here: https://csa-iot.org/wp-content/uploads/2022/03/Matter_Security_and_Privacy_WP_March-2022.pdf and https://csa-iot.org/all-solutions/matter/

IoT Security: A Guest Lecture at Malmö University

/ bugejajoseph / Leave a comment

Today, I delivered a guest lecture in a Master’s course at Malmö University. The lecture that I gave was on the topic of IoT Security. In my lecture, I talked about the IoT, the importance of IoT security, and the different ways that IoT devices can be attacked and secured. I also discussed the challenges that the IoT poses to security and how we can address them.

After the lecture, I had an interesting discussion with some of the students about the topic of IoT security in which we especially talked about the importance of keeping our devices updated.

Overall, it was a good experience, and I am glad that I was able to share my knowledge with the students. I am always happy to help out and answer any questions that the students may have.

The Importance of Trustworthiness in the Age of the IoT: My First Article on Medium

/ bugejajoseph / Leave a comment

There are many definitions of trustworthiness, but in general it can be described as the ability of a system to meet its objectives while adhering to a set of principles or guidelines. In the context of the IoT, the term “trustworthiness” is often used to refer to the ability of IoT devices and systems to accurately and reliably collect and communicate data.

If you would like to learn more about trustworthiness in the IoT, I suggest reading my latest article on Medium. In the article, I discuss the importance of trustworthiness in the age of the IoT. I also describe trustworthiness and explain why it is important for devices in the IoT. Moreover, I discuss some of the factors that contribute to trustworthiness in the IoT, including reliability, security, and transparency. Finally, I offer some tips on how individuals can ensure that their IoT devices and data are trustworthy.

Popular smart home brands may be allowing the police to conduct warrantless home surveillance

/ bugejajoseph / Leave a comment

The security cameras in our smart homes from well-known smart home brands like Amazon and Google might not just be watching over our pets. According to an article in The Verge, they can also aid law enforcement in their investigations of crimes, but only if we do not mind the police viewing our footage without a warrant.

That implies that the police can access our private information without first presenting proof that an emergency situation exists. Police will probably only make use of this access for lawful objectives, such as preventing crime or attempting to locate a missing person in need of assistance. However, it does raise some issues regarding what may transpire when this technology becomes even more widely used and available.

What if, for instance, this access is utilized to locate and detain activists or protestors who have not breached any laws? Citizens may only exercise caution when shopping, be aware that their smart device may record personal information, and, if possible, enable end-to-end encryption.

If you have any questions about how to secure your smart home, do not hesitate to contact me.

Is Your Home Giving Away Your Secrets?

/ bugejajoseph / Leave a comment

With an increasing number of companies providing consumers with their smart home products and related services, smart homes are quickly becoming the norm. This trend is likely to continue in the future, as more people are realizing the benefits of having a smart home.

Source: UR.se

Making a home smarter with sensing technologies can seem like a good idea, but it also gives attackers an opportunity to break into your devices and steal your personal data. This could be a problem for you and your family if you have smart devices in your home without having configured them properly or regularly updated them.

In a televised public lecture, I discuss the smart home, its privacy risks, and what can be done to secure the contemporary home. Here is the link to the full lecture: https://urplay.se/program/228807-ur-samtiden-malmoforskare-forelaser-avslojar-ditt-hem-dina-hemligheter

IoT Cybersecurity: Two New Documents Published by NIST

/ bugejajoseph / Leave a comment

As an IoT practitioner or device manufacturer, it is important to keep up with the latest developments in IoT cybersecurity. The National Institute of Standards and Technology (NIST) has recently released two draft documents for public comment that are relevant to the IoT.

The first is a discussion essay titled “Ideas for the Future of IoT Cybersecurity at NIST: IoT Risk Identification Complexity“. This discussion paper lays the groundwork for forward-looking talks on detecting and addressing risks for IoT devices by drawing on NIST’s earlier work in cybersecurity for the IoT (for example, NISTIR 8259).

The second is a draft NIST Internal Report (‘NISTIR’) 8425 titled “Profile of the IoT Core Baseline for Consumer IoT Products“. NISTIR 8425 recalls the consumer IoT cybersecurity criteria from NIST’s white paper on “Recommended Criteria for Cybersecurity Labeling for Consumer Internet of Things (IoT) Products,” and incorporates them into the family of NIST’s IoT cybersecurity recommendations. 

I recommend you keep tabs on these documents, particularly NISTIR 8425. 

The CNIL’s Privacy Research Day

/ bugejajoseph / Leave a comment

The first CNIL’s International Conference on Research in Privacy took place in Paris yesterday, June 28, and was broadcast online for free. In addition to providing a great opportunity to consider the influence of research on regulation and vice versa, this conference facilitated the building of bridges between regulators and researchers.

During the day, experts from different fields presented their work and discussed its impact on regulation and vice-versa. I attended it online — there were many interesting topics covered by the different panelists. The topics ranged from the economics of privacy, smartphones and apps, AI and explanation, and more. Surely, one of the panels that I liked was that on AI and explanation. 

Machine learning algorithms are becoming more prevalent, so it is important to examine other factors in addition to optimal performance when evaluating them. Among these factors, privacy, ethics, and explainability should be given more attention. Many of the interesting pieces I see here are related to what I and my colleagues are working on right now and what I have planned for my upcoming projects.

You are welcome to contact me if you are curious about what I am working on and would want to collaborate.

Panel Discussion on the topic of Designing IoT Systems

/ bugejajoseph / Leave a comment

I was invited to participate in a panel discussion at Malmö University on Friday, April 8th. The topic of “Designing IoT Systems” was the one I was asked to speak about. There were representatives from Sony and Sigma Connectivity in the panel with me. Concerns about trustworthiness were a major topic of discussion during the session. 

Safety, security, privacy, reliability, and resilience tend to be identified by several researchers as the main trustworthiness concerns in the IoT domain. These concerns are there to ensure that systems function as intended in a variety of situations.

According to several academics, the most challenging aspects of designing trustworthy IoT systems are achieving privacy and security. From applications to devices, each layer of the Internet of Things has its own set of security risks and potential attacks. From a research perspective, a hot topic is that of building energy-efficient security, along with scalable and dynamic security architectures. Preserving data privacy in the IoT, on the other hand, is also particularly challenging. Existing IoT privacy mechanisms are often built for single services, and not necessarily for interdependent, dynamic, and heterogeneous services. Building new privacy preservation techniques for interdependent services is a hot topic, as is federated learning when it comes to data privacy.

Panel discussion on the topic of “Designing IoT Systems”

Finally, there are a number of standards that pertain to trustworthiness. ISO/IEC 30147 “Integration of trustworthiness in IoT lifecycle processes” and ISO/IEC 30149 “IoT trustworthiness principles” are two ISO/IEC standards.

If you want to collaborate with me or learn more about a specific topic that is related to my research topics, please send me an email.