Search for: All records

Vehicular Ad-hoc Networks (VANETs) are a crucial component of Cooperative Intelligent Transportation Systems (C-ITS), enabling vehicles to communicate and share vital information to enhance road safety and efficiency. Basic Safety Messages (BSMs), periodically broadcast by vehicles to provide real-time kinematic data, form the foundation of numerous safety applications within VANETs. Ensuring the security of BSMs is paramount, as malicious entities can exploit vulnerabilities to launch attacks that could have catastrophic consequences. In this study, we provide a comprehensive analysis of BSM attacks and detection mechanisms in VANETs. We begin by outlining the system model, security requirements, and attacker models relevant to BSMs. Then, we categorize and describe a range of attacks, from simple position falsification to more sophisticated and evasive techniques, such as the SixPack attack. We also classify existing attack detection methods into machine learning-based, deep learning-based, plausibility and consistency-based, and software-defined networking (SDN)-based mechanisms, analyzing their effectiveness and limitations. Additionally, we highlight the challenges in securing BSMs, such as the trade-off between model accuracy and real-time performance. Future research directions are also discussed. This survey paper serves as a foundational step towards building safe, secure, and reliable cooperative intelligent transportation systems and their associated applications. 

Internet of Things (IoT) forensics has been a particularly challenging task for forensic practitioners due to the heterogeneity of IoT environments as well as the complexity and volume of IoT data. With the advent of artificial intelligence, question-answering (QA) systems have emerged as a potential solution for users to access sophisticated forensic knowledge and data. In this light, we present a novel IoT forensics framework that employs knowledge graph question answering (KGQA). Our framework enables investigators to access forensic artifacts and cybersecurity knowledge using natural language questions facilitated by a deep-learning-powered KGQA model. The proposed framework demonstrates high efficacy in answering natural language questions over the experimental IoT forensic knowledge graph. 

Since web browsers have become essential to accomplishing everyday tasks, developing secure web applications has become a priority in order to protect user data, corporate databases and critical infrastructure against cyber-crimes . This research presents a game-like (gamification) approach to teach key concepts and skills on how to develop secure web applications. Gamification draws on motivational models, one of psychological theories. Gamification design has great potential over traditional education where we often find students demotivated and lecturers failing to engage them in learning activities. This research created game like learning modules to teach top vulnerabilities and countermeasures for these top vulnerabilities in secure web developments including SQL injection, broken authentication and session management, cross site scripting, insecure direct object references, etc. In this paper, each module is self-contained with a module background, sample module questions, and the expected learning outcomes of each module.