Dr Emmanouil (Manos) Panaousis
Lecturer in Secure Systems
BSc, MSc, PhD, PGCert
Academic and research departments
Surrey Centre for Cyber Security, Department of Computer Science, Secure Systems Research Group.Biography
I am a Lecturer (i.e. Assistant Professor) at the University of Surrey, UK and member of the Surrey Centre for Cyber Security (SCCS), a GCHQ--‐recognised UK Academic Centre of Excellence in Cyber Security Research.
Research interests
I am studying cyber security and privacy engineering and decision-making approaches from both a theoretical and practical perspective. I have expertise in developing new models within the above fields and proposing algorithms or methodologies to tackle emerging challenges. I enjoy assessing my theoretical propositions by either simulations (mainly by using Python tools or network event-based simulators) or real-world testbeds.
Research positions and PhD supervision
I am actively pursuing research in cyber security and privacy. I am currently co-supervising three PhD students (as third supervisor) who are with the University of Brighton. I am seeking talented post-doctoral researchers and doctoral (PhD) students to join our group at SCCS. Interested candidates, please email me with a copy of their CV and a cover letter.
Grants
Through successful research and development bids I have secured approximately £1M fund and contributed to another £1M, as detailed here.
Previous studies and experience
I have received the BSc degree in Informatics and Telecommunications from University of Athens, Greece, in 2006 and the MSc degree in Computer Science from Athens University of Economics and Business, Greece in 2008, and PhD degree in Mobile Communications Security from Kingston University London, UK in 2012. Prior to the University of Surrey, I was a Senior Lecturer of Cybersecurity and Privacy at the University of Brighton; invited researcher at Imperial College; postdoctoral researcher at Queen Mary University of London; and a Research and development consultant at Ubitech Technologies Ltd in the Surrey Research Park.
Teaching and project supervision
I teach Web and Database Systems in year 1 of our BSc courses and Information Security for Business and Government in our MSc Information Security. I have also several years of teaching experience, as detailed here.
Activities
After I successfully organised the 6th Conference on Decision and Game Theory for Security (GameSec 2015) in London, I served as the Technical Program Committee Chair (jointly with Tansu Alpcan, University of Melbourne) of GameSec 2016 (7th Conference on Decision and Game Theory for Security). Gamesec is a small but high quality peer-reviewed annual conference. It attracts original submissions in the area of analytical security and privacy with an emphasis on game and decision theory. I am also a reviewer for leading journals by the ACM, IEEE, Elsevier, registered expert with the European Commission and EPSRC reviewer. In addition, I have several years of expertise in preparing EU bids and have secured funds through successful FP7 and H2020 proposals.
I am Guest editor of a special issue "Game Theory for Security" of the Games Open Access MDPI journal.
I am also reviewer in the following high impact factor journals:
- IEEE Access
- Communications of the ACM
- IEEE Transactions on Information Forensics and Security
- IEEE Transactions on Mobile Computing
- IEEE Internet of Things Journal
- European Journal of Operational Research
- ACM Transactions on Internet Technology
- (Elsevier) Ad Hoc Networks
- (Elsevier) Computers and Security
- ACM Computing Surveys
- (Elsevier) Journal of Information Security and Applications
Areas of specialism
IoT security;
Security Economics;
Game Theory;
Decision Support for Cyber Security
University roles and responsibilities
- Computer Science Website Coordinator
- Year 1 (undergraduate) Coordinator and Personal Tutor
Research
Research interests
I am studying cyber security and privacy engineering and decision-making approaches from both a theoretical and practical perspective. I have expertise in developing new models within the above fields and proposing algorithms or methodologies to tackle emerging challenges. For more information about my research, please see my publications and research grants.
Research projects
CUREX: seCUre and pRivate hEalth data eXchange
The Health sector’s increasing dependence on digital information and communication infrastructures renders it vulnerable to threats to privacy and cybersecurity, especially as the theft of health data has become particularly lucrative for cyber criminals. At the same time, a breach of integrity of health data can have dramatic consequences for the patients affected. CUREX addresses comprehensively the protection of the confidentiality and integrity of health data by producing a novel, flexible and scalable situational awareness-oriented platform. It allows a healthcare provider to assess the realistic cybersecurity and privacy risks they are exposed to and suggest mathematically optimal strategies for addressing these risks with safeguards tailored specifically for each business case and application. CUREX is fully GDPR compliant by design. At its core, a decentralised architecture enhanced with a private blockchain infrastructure ensures the integrity of the risk assessment process and of all data transactions that occur between the diverse range of stakeholders involved. Crucially, CUREX expands beyond technical measures and places emphasis also on improving cyber hygiene through training and raising awareness activities for a healthcare institution’s personnel. Its validation focuses on the highly challenging condition of (cross-border) health data exchange, spanning patient cross-border mobility, remote healthcare, and data exchange for research. CUREX consortium will also utilise the outcomes of the well-known MyHealthMyData project in a dedicated demonstration that will use their blockchain-enabled platform which will control the actual data exchange. We envisage that CUREX will impact the European market developing one of the first blockchain platform for risk assessment management under the GDPR. Funder: H2020 European Commission, Period: 11.2018 – 11.2021, Project value: 4,987,825 EUR, Surrey share: 355,575 EUR.
SECONDO: a Security ECONomics service platform for smart security investments and cyber insurance pricing in the beyonD 2020 netwOrking era
SECONDO addresses the question “How can decisions about cyber security investments and cyber insurance pricing be optimised?” SECONDO will support professionals who seek cyber security investments, developed to support human decision making, and a complete well-founded security strategy. This is a timely research problem, as the rapid growth of cyber-attacks is expected to continue its upwards trajectory. Such growth presents a prominent threat to normal business operations and the EU society itself. On the other hand, an interesting, well-known, finding is that an organisation's computer systems may be less secure than a competitor's, despite having spent more money in securing them. Budget setting, cyber security investment choices and cyber insurance, in the face of uncertainties, are highly challenging tasks with massive business implications. SECONDO aims to make impact on the operation of EU businesses who often: (i) have a limited cyber security budget; and (ii) ignore the importance of cyber insurance. Cyber insurance can play a critical role to the mitigation of cyber risk. This can be done by imposing a cost on firms' cyber risk through a premium that they have to pay and the potential for paying a smaller premium should they reduce their current cyber security risk. SECONDO has a cross- disciplinary nature, combining mathematical and engineering insights to empower innovative software. Apart from the novel research results, the project will offer a software platform to narrow the gap between theoretical understanding and practice. To achieve this, the four industrial project partners will i) lead the part of the project where industrial needs will be entered as input to the requirements collection phase, and, ii) provide their innovative software for risk assessment. The three academic partners will work together to i) design and thoroughly describe the proposed methodologies, but also ii) contribute to their software development. Funder: H2020 European Commission, Period: 01.2019 – 01.2023, Project value: 1,600,800 EUR, Surrey share: 276,000 EUR.
SPEAR: Secure and PrivatE smArt gRid
Over the last decade, cyber-attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted which may leverage zero-day exploits and highly creative interdisciplinary attack methods. As our society is becoming increasingly dependent on Critical INfrastructures (CIN), new technologies are needed to increase our detection and response capabilities. Detecting and responding to such attacks by a highly motivated, skilled and well-funded attacker has however been proven highly challenging. One of the most vulnerable and high-impact CIN is the Smart Grid. Smart Grid is considered as the next-generation power system, which promises self-healing, resilience, sustainability and efficiency to the energy Critical Infrastructures (CIN). However, securing smart grids against cyber-attacks is of vital importance for National Security and Public Safety, since the collapse of an energy production utility may cause human lives, millions of euros, denial of a very important and common good such as energy and days or even months of recovering. To this end, the SPEAR proposal aims at a) detecting and responding to cyber-attacks using new technologies and capabilities, b) detecting threat and anomalies timely, c) developing all-in-one security detection solutions, d) leveraging advanced forensics subject to privacy-preserving, e) confronting Advanced Persistent Threat (APT) and targeted attacks in smart grids, f) increasing the resilience of the smart grid innovation, g) alleviating the lack of trust in smart grid operators and h) empowering EU-wide consensus. Within SPEAR, four proof-of-concept Use Cases are planned in order to validate and assess the implemented security and privacy tools. Funder: H2020 European Commission, Period: 05.2018 – 05.2021, Project value: 2,965,597 EUR, Surrey share: 283,760 EUR.
My teaching
I am currently leading the MSc module "Information Security for Business and Government" (COMM050) and the undergraduate module "Web and Database Systems" (COM1025). I also supervise undergraduate and MSc projects as well as placement students.
My publications
Publications
Panaousis E, Karapistoli E, Elsemary H, Alpcan T, Khuzani M, Economides A (2016) Game Theoretic Path Selection to Support Security in Device-to-Device Communications, Ad Hoc Networks 56 pp. 28-42 Elsevier
1 Device-to-Device (D2D) communication is expected to be a key feature supported
by 5G networks, especially due to the proliferation of Mobile Edge
Computing (MEC), which has a prominent role in reducing network stress
by shifting computational tasks from the Internet to the mobile edge. Apart
from being part of MEC, D2D can extend cellular coverage allowing users to
communicate directly when telecommunication infrastructure is highly congested
or absent. This significant departure from the typical cellular paradigm
imposes the need for decentralised network routing protocols. Moreover, enhanced
capabilities of mobile devices and D2D networking will likely result in
proliferation of new malware types and epidemics. Although the literature is
rich in terms of D2D routing protocols that enhance quality-of-service and energy
consumption, they provide only basic security support, e.g., in the form of encryption. Routing decisions can, however, contribute to collaborative detection
of mobile malware by leveraging different kinds of anti-malware software
installed on mobile devices. Benefiting from the cooperative nature of
D2D communications, devices can rely on each other's contributions to detect
malware. The impact of our work is geared towards having more malware-free
D2D networks. To achieve this, we designed and implemented a novel
routing protocol for D2D communications that optimises routing decisions
for explicitly improving malware detection. The protocol identifies optimal
network paths, in terms of malware mitigation and energy spent for malware
detection, based on a game theoretic model. Diverse capabilities of network
devices running different types of anti-malware software and their potential
for inspecting messages relayed towards an intended destination device are
leveraged using game theoretic tools. An optimality analysis of both Nash
and Stackelberg security games is undertaken, including both zero and nonzero
sum variants, and the Defender's equilibrium strategies. By undertaking
network simulations, theoretical results obtained are illustrated through randomly
generated network scenarios showing how our protocol outperforms
conventional routing protocols, in terms of expected payoff, which consists
of: security damage inflicted by malware and malware detection cost.
by 5G networks, especially due to the proliferation of Mobile Edge
Computing (MEC), which has a prominent role in reducing network stress
by shifting computational tasks from the Internet to the mobile edge. Apart
from being part of MEC, D2D can extend cellular coverage allowing users to
communicate directly when telecommunication infrastructure is highly congested
or absent. This significant departure from the typical cellular paradigm
imposes the need for decentralised network routing protocols. Moreover, enhanced
capabilities of mobile devices and D2D networking will likely result in
proliferation of new malware types and epidemics. Although the literature is
rich in terms of D2D routing protocols that enhance quality-of-service and energy
consumption, they provide only basic security support, e.g., in the form of encryption. Routing decisions can, however, contribute to collaborative detection
of mobile malware by leveraging different kinds of anti-malware software
installed on mobile devices. Benefiting from the cooperative nature of
D2D communications, devices can rely on each other's contributions to detect
malware. The impact of our work is geared towards having more malware-free
D2D networks. To achieve this, we designed and implemented a novel
routing protocol for D2D communications that optimises routing decisions
for explicitly improving malware detection. The protocol identifies optimal
network paths, in terms of malware mitigation and energy spent for malware
detection, based on a game theoretic model. Diverse capabilities of network
devices running different types of anti-malware software and their potential
for inspecting messages relayed towards an intended destination device are
leveraged using game theoretic tools. An optimality analysis of both Nash
and Stackelberg security games is undertaken, including both zero and nonzero
sum variants, and the Defender's equilibrium strategies. By undertaking
network simulations, theoretical results obtained are illustrated through randomly
generated network scenarios showing how our protocol outperforms
conventional routing protocols, in terms of expected payoff, which consists
of: security damage inflicted by malware and malware detection cost.
Fielder A, Panaousis E, Malacaria P, Hankin C, Smeraldi F (2016) Decision support approaches for cyber security investment, Decision Support Systems 86 pp. 13-23 Elsevier Science
When investing in cyber security resources, information security managers have to follow effective decisionmaking
strategies. We refer to this as the cyber security investment challenge.In this paper, we consider
three possible decision support methodologies for security managers to tackle this challenge. We consider
methods based on game theory, combinatorial optimisation, and a hybrid of the two. Our modelling starts
by building a framework where we can investigate the effectiveness of a cyber security control regarding
the protection of different assets seen as targets in presence of commodity threats. As game theory captures
the interaction between the endogenous organisation?s and attackers? decisions, we consider a 2-person
control game between the security manager who has to choose among different implementation levels of a
cyber security control, and a commodity attacker who chooses among different targets to attack. The pure
game theoretical methodology consists of a large game including all controls and all threats. In the hybrid
methodology the game solutions of individual control-games along with their direct costs (e.g. financial) are
combined with a Knapsack algorithm to derive an optimal investment strategy. The combinatorial optimisation
technique consists of a multi-objective multiple choice Knapsack based strategy. To compare these
approaches we built a decision support tool and a case study regarding current government guidelines. The
endeavour of this work is to highlight the weaknesses and strengths of different investment methodologies
for cyber security, the benefit of their interaction, and the impact that indirect costs have on cyber security
investment. Going a step further in validating our work, we have shown that our decision support tool provides
the same advice with the one advocated by the UK government with regard to the requirements for
basic technical protection from cyber attacks in SMEs.
strategies. We refer to this as the cyber security investment challenge.In this paper, we consider
three possible decision support methodologies for security managers to tackle this challenge. We consider
methods based on game theory, combinatorial optimisation, and a hybrid of the two. Our modelling starts
by building a framework where we can investigate the effectiveness of a cyber security control regarding
the protection of different assets seen as targets in presence of commodity threats. As game theory captures
the interaction between the endogenous organisation?s and attackers? decisions, we consider a 2-person
control game between the security manager who has to choose among different implementation levels of a
cyber security control, and a commodity attacker who chooses among different targets to attack. The pure
game theoretical methodology consists of a large game including all controls and all threats. In the hybrid
methodology the game solutions of individual control-games along with their direct costs (e.g. financial) are
combined with a Knapsack algorithm to derive an optimal investment strategy. The combinatorial optimisation
technique consists of a multi-objective multiple choice Knapsack based strategy. To compare these
approaches we built a decision support tool and a case study regarding current government guidelines. The
endeavour of this work is to highlight the weaknesses and strengths of different investment methodologies
for cyber security, the benefit of their interaction, and the impact that indirect costs have on cyber security
investment. Going a step further in validating our work, we have shown that our decision support tool provides
the same advice with the one advocated by the UK government with regard to the requirements for
basic technical protection from cyber attacks in SMEs.
Kandris D, Tselikis G, Anastasiadis E, Panaousis E, Dagiuklas T (2017) COALA: A Protocol for the Avoidance and Alleviation of Congestion in Wireless Sensor Networks, Sensors 17 (11) MDPI
The occurrence of congestion has an extremely deleterious impact on the performance of Wireless Sensor Networks (WSNs). This article presents a novel protocol, named COALA (COngestion ALleviation and Avoidance), which aims to act both proactively, in order to avoid the creation of congestion in WSNs, and reactively, so as to mitigate the diffusion of upcoming congestion through alternative path routing. Its operation is based on the utilization of an accumulative cost function, which considers both static and dynamic metrics in order to send data through the paths that are less probable to be congested. COALA is validated through simulation tests, which exhibit its ability to achieve remarkable reduction of loss ratios, transmission delays and energy dissipation. Moreover, the appropriate adjustment of the weighting of the accumulative cost function enables the algorithm to adapt to the performance criteria of individual case scenarios.
Chronopoulos M, Panaousis E, Grossklags J (2017) An Options Approach to Cybersecurity Investment, IEEE Access 6 pp. 12175-12186 Institute of Electrical and Electronics Engineers
Cybersecurity has become a key factor that determines
the success or failure of companies that rely on information
systems. Therefore, investment in cybersecurity is an important
financial and operational decision. Typical information technology
investments aim to create value, whereas cybersecurity investments
aim to minimize loss incurred by cyber attacks. Admittedly,
cybersecurity investment has become an increasingly complex
one since information systems are typically subject to frequent
attacks, whose arrival and impact fluctuate stochastically. Further,
cybersecurity measures and improvements, such as patches,
become available at random points in time making investment
decisions even more challenging.
We propose and develop an analytical real options framework
that incorporates major components relevant to cybersecurity
practice, and analyze how optimal cybersecurity investment decisions
perform for a private firm. The novelty of this paper is that
it provides analytical solutions that lend themselves to intuitive
interpretations regarding the effect of timing and cybersecurity
risk on investment behavior using real options theory. Such
aspects are frequently not implemented within economic models
that support policy initiatives. However, if these are not properly
understood, security controls will not be properly set resulting
in a dynamic inefficiency reflected in cycles of over or under
investment, and, in turn, increased cybersecurity risk following
corrective policy actions.
Results indicate that greater uncertainty over the cost of
cybersecurity attacks raises the value of an embedded option
to invest in cybersecurity. This increases the incentive to suspend
operations temporarily in order to install a cybersecurity patch
that will make the firm more resilient to cybersecurity breaches.
Similarly, greater likelihood associated with the availability of a
cybersecurity patch increases the value of the option to invest in
cybersecurity. However, absence of an embedded investment option
increases the incentive to delay the permanent abandonment
of the company?s operation due to the irreversible nature of the
decision.
the success or failure of companies that rely on information
systems. Therefore, investment in cybersecurity is an important
financial and operational decision. Typical information technology
investments aim to create value, whereas cybersecurity investments
aim to minimize loss incurred by cyber attacks. Admittedly,
cybersecurity investment has become an increasingly complex
one since information systems are typically subject to frequent
attacks, whose arrival and impact fluctuate stochastically. Further,
cybersecurity measures and improvements, such as patches,
become available at random points in time making investment
decisions even more challenging.
We propose and develop an analytical real options framework
that incorporates major components relevant to cybersecurity
practice, and analyze how optimal cybersecurity investment decisions
perform for a private firm. The novelty of this paper is that
it provides analytical solutions that lend themselves to intuitive
interpretations regarding the effect of timing and cybersecurity
risk on investment behavior using real options theory. Such
aspects are frequently not implemented within economic models
that support policy initiatives. However, if these are not properly
understood, security controls will not be properly set resulting
in a dynamic inefficiency reflected in cycles of over or under
investment, and, in turn, increased cybersecurity risk following
corrective policy actions.
Results indicate that greater uncertainty over the cost of
cybersecurity attacks raises the value of an embedded option
to invest in cybersecurity. This increases the incentive to suspend
operations temporarily in order to install a cybersecurity patch
that will make the firm more resilient to cybersecurity breaches.
Similarly, greater likelihood associated with the availability of a
cybersecurity patch increases the value of the option to invest in
cybersecurity. However, absence of an embedded investment option
increases the incentive to delay the permanent abandonment
of the company?s operation due to the irreversible nature of the
decision.
Banerjee Nikhil, Giannetsos Thanassis, Panaousis Emmanouil, Cheong Took Clive (2018) Unsupervised Learning for Trustworthy IoT, Proceedings of the 2018 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE 2018) Institute of Electrical and Electronics Engineers (IEEE)
The advancement of Internet-of-Things (IoT) edge
devices with various types of sensors enables us to harness
diverse information with Mobile Crowd-Sensing applications
(MCS). This highly dynamic setting entails the collection of
ubiquitous data traces, originating from sensors carried by
people, introducing new information security challenges; one of
them being the preservation of data trustworthiness. What is
needed in these settings is the timely analysis of these large
datasets to produce accurate insights on the correctness of user
reports. Existing data mining and other artificial intelligence
methods are the most popular to gain hidden insights from
IoT data, albeit with many challenges. In this paper, we first
model the cyber trustworthiness of MCS reports in the presence
of intelligent and colluding adversaries. We then rigorously
assess, using real IoT datasets, the effectiveness and accuracy
of well-known data mining algorithms when employed towards
IoT security and privacy. By taking into account the spatiotemporal
changes of the underlying phenomena, we demonstrate
how concept drifts can masquerade the existence of attackers
and their impact on the accuracy of both the clustering and
classification processes. Our initial set of results clearly show that
these unsupervised learning algorithms are prone to adversarial
infection, thus, magnifying the need for further research in the
field by leveraging a mix of advanced machine learning models
and mathematical optimization techniques.
devices with various types of sensors enables us to harness
diverse information with Mobile Crowd-Sensing applications
(MCS). This highly dynamic setting entails the collection of
ubiquitous data traces, originating from sensors carried by
people, introducing new information security challenges; one of
them being the preservation of data trustworthiness. What is
needed in these settings is the timely analysis of these large
datasets to produce accurate insights on the correctness of user
reports. Existing data mining and other artificial intelligence
methods are the most popular to gain hidden insights from
IoT data, albeit with many challenges. In this paper, we first
model the cyber trustworthiness of MCS reports in the presence
of intelligent and colluding adversaries. We then rigorously
assess, using real IoT datasets, the effectiveness and accuracy
of well-known data mining algorithms when employed towards
IoT security and privacy. By taking into account the spatiotemporal
changes of the underlying phenomena, we demonstrate
how concept drifts can masquerade the existence of attackers
and their impact on the accuracy of both the clustering and
classification processes. Our initial set of results clearly show that
these unsupervised learning algorithms are prone to adversarial
infection, thus, magnifying the need for further research in the
field by leveraging a mix of advanced machine learning models
and mathematical optimization techniques.
Fielder A, König S, Panaousis E, Schauer S, Rass S (2018) Risk Assessment Uncertainties in Cybersecurity Investments, Games 9 (2) MDPI
When undertaking cybersecurity risk assessments, it is important to be able to assign numeric values to metrics to compute the final expected loss that represents the risk that an organization is exposed to due to cyber threats. Even if risk assessment is motivated by real-world observations and data, there is always a high chance of assigning inaccurate values due to different uncertainties involved (e.g., evolving threat landscape, human errors) and the natural difficulty of quantifying risk. Existing models empower organizations to compute optimal cybersecurity strategies given their financial constraints, i.e., available cybersecurity budget. Further, a general game-theoretic model with uncertain payoffs (probability-distribution-valued payoffs) shows that such uncertainty can be incorporated in the game-theoretic model by allowing payoffs to be random. This paper extends previous work in the field to tackle uncertainties in risk assessment that affect cybersecurity investments. The findings from simulated examples indicate that although uncertainties in cybersecurity risk assessment lead, on average, to different cybersecurity strategies, they do not play a significant role in the final expected loss of the organization when utilising a game-theoretic model and methodology to derive these strategies. The model determines robust defending strategies even when knowledge regarding risk assessment values is not accurate. As a result, it is possible to show that the cybersecurity investments? tool is capable of providing effective decision support.
Laszka Aron, Panaousis Emmanouil, Grossklags Jens (2018) Cyber-Insurance as a Signaling Game: Self-Reporting and External Security Audits, Proceedings of the 9th Conference on Decision and Game Theory for Security (GameSec 2018) Springer
An insurer has to know the risks faced by a potential client
to accurately determine an insurance premium offer. However, while the potential client might have a good understanding of its own security
practices, it may also have an incentive not to disclose them honestly
since the resulting information asymmetry could work in its favor. This
information asymmetry engenders adverse selection, which can result in
unfair premiums and reduced adoption of cyber-insurance. To overcome
information asymmetry, insurers often require potential clients to selfreport
their risks. Still, clients do not have any incentive to perform
thorough self-audits or to provide comprehensive reports. As a result,
insurers have to complement self-reporting with external security audits
to verify the clients' reports. Since these audits can be very expensive, a
key problem faced by insurers is to devise an auditing strategy that deters
clients from dishonest reporting using a minimal number of audits. To
solve this problem, we model the interactions between a potential client
and an insurer as a two-player signaling game. One player represents the
client, who knows its actual security-investment level, but may report any
level to the insurer. The other player represents the insurer, who knows
only the random distribution from which the security level was drawn,
but may discover the actual level using an expensive audit. We study the
players' equilibrium strategies and provide numerical illustrations.
to accurately determine an insurance premium offer. However, while the potential client might have a good understanding of its own security
practices, it may also have an incentive not to disclose them honestly
since the resulting information asymmetry could work in its favor. This
information asymmetry engenders adverse selection, which can result in
unfair premiums and reduced adoption of cyber-insurance. To overcome
information asymmetry, insurers often require potential clients to selfreport
their risks. Still, clients do not have any incentive to perform
thorough self-audits or to provide comprehensive reports. As a result,
insurers have to complement self-reporting with external security audits
to verify the clients' reports. Since these audits can be very expensive, a
key problem faced by insurers is to devise an auditing strategy that deters
clients from dishonest reporting using a minimal number of audits. To
solve this problem, we model the interactions between a potential client
and an insurer as a two-player signaling game. One player represents the
client, who knows its actual security-investment level, but may report any
level to the insurer. The other player represents the insurer, who knows
only the random distribution from which the security level was drawn,
but may discover the actual level using an expensive audit. We study the
players' equilibrium strategies and provide numerical illustrations.
Mavropoulos Orestis, Mouratidis Haralambos, Fish Andrew, Panaousis Emmanouil (2018) Apparatus: A Framework for Security Analysis in Internet of Things Systems, Ad Hoc Networks Elsevier
Internet of Things (IoT) systems are ubiquitous, highly complex and dynamic event-based systems. These characteristics make their security analysis challenging. Security in IoT requires domain-specific methodologies and tools. The proposed methodologies need to be able to capture information from software and hardware constructs to security and social constructs. In this paper, in addition to refining the modeling language of the Apparatus Framework, we propose a class-based notation of the modeling language and a structured approach to transition between different models. Apparatus is a security framework developed to facilitate security analysis in IoT systems. We demonstrate the application of the framework by analyzing the security of smart public transport system. The security analysis and visualization of the system are facilitated by a software application that is developed as part of the Apparatus Framework.
Loukas George, Karapistoli Eirini, Panaousis Emmanouil, Sarigiannidis Panagiotis, Bezemskij Anatolij, Vuong Tuan (2018) A taxonomy and survey of cyber-physical intrusion detection approaches for vehicles, Ad Hoc Networks 84 pp. 124-147 Elsevier
With the growing threat of cyber and cyber-physical attacks against automobiles, drones, ships, driverless pods and other vehicles, there is also a growing need for intrusion detection approaches that can facilitate defence against such threats. Vehicles tend to have limited processing resources and are energy-constrained. So, any security provision needs to abide by these limitations. At the same time, attacks against vehicles are very rare, often making knowledge-based intrusion detection systems less practical than behaviour-based ones, which is the reverse of what is seen in conventional computing systems. Furthermore, vehicle design and implementation can differ wildly between different types or different manufacturers, which can lead to intrusion detection designs that are vehicle-specific. Equally importantly, vehicles are practically defined by their ability to move, autonomously or not. Movement, as well as other physical manifestations of their operation may allow cyber security breaches to lead to physical damage, but can also be an opportunity for detection. For example, physical sensing can contribute to more accurate or more rapid intrusion detection through observation and analysis of physical manifestations of a security breach. This paper presents a classification and survey of intrusion detection systems designed and evaluated specifically on vehicles and networks of vehicles. Its aim is to help identify existing techniques that can be adopted in the industry, along with their advantages and disadvantages, as well as to identify gaps in the literature, which are attractive and highly meaningful areas of future research.