Flagship
EDGE-IIOTSET: A NEW COMPREHENSIVE REALISTIC CYBER SECURITY DATASET OF IOT AND IIOT APPLICATIONS: CENTRALIZED AND FEDERATED LEARNING
Mohamed Amine Ferrag, Othmane Friha, Djallel Hamouda, Leandros Maglaras, Helge Janicke, January 17, 2022, "Edge-IIoTset: A New Comprehensive Realistic Cyber Security Dataset of IoT and IIoT Applications: Centralized and Federated Learning", IEEE Dataport, doi: https://dx.doi.org/10.21227/mbc1-1h68.
Ferrag, Mohamed Amine; Friha, Othmane; Hamouda, Djallel; Maglaras, Leandros; Janicke, Helge (2022): Edge-IIoTset: A New Comprehensive Realistic Cyber Security Dataset of IoT and IIoT Applications for Centralized and Federated Learning. TechRxiv. Preprint. https://doi.org/10.36227/techrxiv.18857336.v1
Novel 2 Factor HoneyToken Authentication Mechanism
The proposed system entitled "Two-Factor HoneyToken Authentication (2FHA)", combines the strengths of two-factor authentication and Honeyword technologies. In the developed prototype an SMS with 3 OTP passwords that correspond to 3 QR codes is sent to the user. Only one of these three elements is the correct token that can be used in order to continue. This induces an extra layer of security adding more safety to the system. The proposed system offers enhanced security to the user while at the same time is simple and doesn't impose additional overhead during login.
This work has received funding from the European Union’s Horizon 2020 research and innovation programme: projects CyberSec4Europe (Grant Agreement no. 830929), and LOCARD (Grant Agreement no. 832735)
Publications - Media
Vasilis Papaspirou, Maria Papathanasaki, Leandros Maglaras, Ioanna Kantzavelou, Christos Douligeris, Mohamed Amine Ferrag, Helge Janicke, "Cybersecurity Revisited: Honeytokens meet Google Authenticator", December 2021
Vassilis Papaspirou, Leandros Maglaras, Mohamed Amine Ferrag, Ioanna Kantzavelou, Helge Janicke, Christos Douligeris, "A novel Two-Factor HoneyToken Authentication Mechanism", 30th IEEE International Conference on Computer Communications and Networks (ICCCN 2021), July 19-22 2021, DOI:10.1109/ICCCN52240.2021.9522319
Tutorial, "Novel Two Factor Authentication Mechanisms", WiCON, 10 August 2021
Distinguished Speaker, "Novel Two Factor Authentication Mechanisms", IEEE Information Theory Society, Bangalore Chapter, 8 March 2021
How To Charge Your Electric Car ‘On The Fly’
Our proposed method uses inter-vehicle communications (IVCs) to eco-route electric vehicles to take advantage of the closest MEDs. Combining modern communications between vehicles and state of the art technologies on energy transfer, vehicles can extend their travel time without the need for large batteries or extremely costly infrastructure.
This research has been partly funded by the UK National Cyber Security Centre (NCSC) via a research exchange programme on VANS: Vehicular Ad-hoc Networks Security, the EIT Digital via the Real Time Flow project (GA no. 18387-SGA2018), the Innovate UK via the FLOURISH project (GA no. 102582).and the H2020 via the CONCORDIA project (GA no. 830927).
Energy exchange between vehicles can be facilitated by a process called “inductive power transfer” (IPT). IPT allows for an efficient and real-time energy exchange where vehicles can play an active role in the energy exchange process.
The buses that take the role of MEDs are ordinary city buses that follow their prede ned routes at the roads of the city.
Making use of inductive charging MEDs that act as mobile charging stations can improve the overall travel time of a fleet of vehicles compared to using only static charging stations
Publications
Dimitrios Kosmanos, Apostolos Pappas, Leandros Maglaras, Sotiris Moschoyiannis, Francisco J. Navarro, Antonios Argyriou and Helge Janicke, "A Novel Intrusion Detection System Against Spoofing Attacks in Connected Electric Vehicles", Elsevier Array, Vol. 5, March 2020, DOI: 10.1016/j.array.2019.100013
Dimitrios Kosmanos, Leandros Maglaras, Michalis Mavrovouniotis, Sotiris Moschoyiannis, Antonios Argyriou, Athanasios Maglaras, Helge Janicke,“Route Optimization of Electric Vehicles based on Dynamic Wireless Charging”, IEEE Access, July 2018, DOI: 10.1109/ACCESS.2018.2847765
Leandros A. Maglaras, Jianmin Jiang, Athanasios Maglaras, Frangiskos Topalis, Sotiris Moschoyiannis, "Dynamic wireless charging of electric vehicles on the move with Mobile Energy Disseminators", International Journal of Advanced Computer Science and Applications (IJACSA), Volume 6, Issue 6, June 2015, DOI: 10.14569/IJACSA.2015.060634
Leandros A. Maglaras, Jianmin Jiang, Athanasios Maglaras, Frangiskos Topalis, "Mobile Energy Disseminators increase electrical vehicles range in a smart city", Proceedings of the 5th IET Hybrid and Electric Vehicle Conference (HEVC 2014), London, 5-6 November 2014, DOI:10.1049/cp.2014.0947
Leandros A. Maglaras, Frangiskos Topalis and Athanasios Maglaras, "Cooperative approaches for dymanic wireless charging of Electric Vehicles in a smart city", Proceedings of the IEEE International Energy Conference (EnergyCon 2014), 1365-1369, doi:10.1109/ENERGYCON.2014.6850600
Media
Interview (Elsevier), Securing a dynamic wireless charging system for electric vehicles , June 2020
"Dynamic Wireless Charging of Vehicles En Route", IEEE Transportation Electrification Community March 2016 eNewsletter
”How To Charge Your Electric Car ‘On The Fly", Brinknews, 07 April, 2017
Surrey News: https://www.surrey.ac.uk/news/novel-device-protects-electric-vehicles-cyberattacks
Cybersecurity Maturity Assessment Frameworks
HCYMAF is a light, web-based model that can be used as a cybersecurity assessment tool for Higher Education Institutes (HEIs) of the UK that incorporates all security and privacy regulations and best practices that HEIs must be compliant with.
Supported by the NCSC, UK funded project (RFA: 20058) and PSU SA
Holistic Cybersecurity Maturity Assessment Framework (HCYMAF) requirements are divided into three groups
HCYMAF supports the assessment of the maturity of each of the 15 specified domains to identify weak and strong practices and can be easily extensible in order to incorporate other domains, e.g., IoT, blockchain, etc.
The HCYMAF incorporates the regulation requirements of GDPR, PCI DSS, and DSPT into our General Security Requirements
Publications
Iman Almomani, Mohanned Ahmed, Leandros Maglaras, "Cybersecurity maturity assessment framework for higher education institutions in Saudi Arabia", PeerJ Computer Science, September 2021 , DOI: 10.7717/peerj-cs.703
Aliyu Aliyu, Leandros Maglaras, Ying He, Iryna Yevseyeva, Eerke Boiten. Allan Cook and Helge Janicke, "A Holistic Cybersecurity Maturity Assessment Framework for Higher Education Institutions in the United Kingdom", MDPI Applied Sciences, May 2020, DOI: 10.3390/app10103660
George Drivas, Argyro Chatzopoulou, Leandros Maglaras, Costas Lambrinoudakis, Allan Cook and Helge Janicke, "A NIS Directive compliant Cybersecurity Maturity Model", IEEE Computer Society Signature Conference on Computers, Software and Applications (COMPSAC 2020), 13-17 July 2020
IT-OCSVM
IT-OCSVM, is a distributed intrusion detection system (DIDS) for SCADA networks
The combination of social network analysis metrics with machine learning classification techniques enhances the performance of the detection mechanism and improves accuracy for all the simulation scenarios investigated
The research was supported by FP7 via the CockpitCI project.
Decomposition of the traffic dataset to disjoint subsets. Apart from the central OCSVM, which is trained on the entire dataset, a cluster of split OCSVMs is automatically created through the decomposition of the traffic dataset into disjoint subsets
Diversity is an essential feature of an ensemble mechanism in order to achieve high accuracy
Architecture of the proposed IT-OCSVM detection mechanism
Publications
Dimitrios Kosmanos, Savvas Chatzisavvas, Antonios Argyriou, Leandros Maglaras, "Cooperative Speed Estimation of an RF Jammer in Wireless Vehicular Networks", 3rd International Workshop on Attacks and Defenses for Internet-of-Things (ADIoT 2020), in Conjunction with ESORICS 2020, Surrey, UK, 14-18 September 2020
Leandros Maglaras, Tiago Cruz, Mohamed Amine Ferrag, Helge Janicke, "Teaching the process of building an Intrusion Detection System using data from a small-scale SCADA testbed", WILEY Internet Technology Letters, January/February 2020, Vol. 3, Issue 1, DOI:10.1002/itl2.132
Tiago Cruz, Luis Rosa, Jorge Proenca, Leandros Maglaras, Matthieu Aubigny, Leonid Lev, Jianmin Jiang, Paulo Simoes, "A cyber Security Detection Framework for Supervisory Control and Data Acquisition Systems", IEEE Transactions on Industrial Informatics, Volume 12, Issue 6, December 2016, Pages 2236-2246, DOI: 10.1109/TII.2016.2599841
Barnaby Stewart, Luis Rosa, Leandros Maglaras, Tiago Cruz, Mohamed Amine Ferrag, Paulo Simoes, Helge Janicke, ”A Novel Intrusion Detection Mechanism for SCADA systems which Automatically Adapts to Network Topology Changes”, EAI Transactions on Industrial Networks and Intelligent Systems, February 2017, DOI: 10.4108/eai.1-2-2017.152155
Barnaby Stewart, Luis Rosa, Leandros Maglaras, Tiago Cruz, Paulo Simoes, Helge Janicke, ”Effect of Network Architecture Changes on OCSVM based Intrusion Detection System”, Proceedings of the 2nd International Conference on Industrial Networks and Intelligent Systems (INISCOM 2016), Leicester, United Kingdom, 31/10-01/11 2016, Springer International Publishing, DOI: 10.1007/978-3-319-52569-3_8
Leandros A. Maglaras, Jianmin Jiang, Tiago J. Cruz, "Combining ensemble methods and social network metrics for improving accuracy of OCSVM on intrusion detection in SCADA systems", Journal of Information Security and Applications (Elsevier), May 2016, DOI: 10.1016/j.jisa.2016.04.002
Tiago Cruz, Jorge Proença, Paulo Simões, Matthieu Aubigny, Moussa Ouedraogo, Antonio Graziano, Leandros Maglaras, "A Distributed IDS for Industrial Control Systems", International Journal of Cyber Secutiry and Terorism (IGI-Global), vol. 4, No 2, April 2014, pp 1-22, DOI: 10.4018/ijcwt.2014040101
Media
"Intrusion Detection in Industrial Control Systems", conference in Cybersecurity in Industry, Research Institute in Trustworthy Inter-connected Cyber-physical Systems (RITICS), 28 February 2018, Leicester, UK
"Integrated detection mechanism", Electronics Letters, 2014, 50, (25), p 1890-1890, DOI: 10.149/el.2014.4062
Cyberterorrism, Cyberwarfare & Cyberpeacekeeping
Cyberspace has a dark side, including terrorism, bullying, and other types of violence. It is essential to note that Cyberwarfare is still a kind of virtual war that causes the same destruction to a state that a physical war would also do. In this article, we discuss about cyber Warfare and Cyber Terrorism. This work outlines the different types of cyber warfare and cyber terrorism, motivation and countermeasures.
This research was partially funded by Airbus Group Innovations
Virtual collaborative environments are digital spaces where remotely located people can come together and interact with each other and with virtual objects
Only cyberterrorism fulfils all four attributes of the cyber phenomena as a standard cyberattack only relates to the first attribute, hacktivism relates to the first two attributes and cyberwarfare, although matching the first three attributes, does not have the goal of causing widespread fear or intimidation beyond the immediate victims or target of attack
An attack can be routed through multiple countries and organisations, each with varying levels of cooperation and political relations. This intentionally makes tracing the attack to its real source difficult
Publications
Michael Robinson, Kevin Jones, Helge Janicke, Leandros Maglaras, "Developing Cyber Buffer Zones", Chapter in Encyclopedia of Criminal Activities and the Deep Web, IGI Global, February 2020, DOI: 10.4018/978-1-5225-9715-5.ch019
Michael Robinson, Leandros Maglaras, Kevin Jones, Helge Janicke, "Protecting Civilians from Cyber Warfare with Cyber Buffer Zones", International Journal of Smart Security Technologies (IGI-Global), Vol. 6, Issue 1, 2019, DOI: 10.4018/IJSST.2019010103
Michael Robinson, Kevin Jones, Helge Janicke, Leandros Maglaras, “Developing Cyber Peacekeeping: Observation, Monitoring and Reporting”, Elsevier Journal of Government Information Quarterly, Volume 36, Issue 2, April 2019, Pages 276-293, DOI: 10.1016/j.giq.2018.12.001
Leandros Maglaras, Mohamed Amine Ferrag, Abdelouahid Derhab, Mithun Mukherjee, Helge Janicke, Stylianos Rallis, “Threats, Protection and Attribution of Cyber Attacks on National Critical Infrastructures”, EAI Transactions on Security and Safety, Issue 16, Vol. 5, December 2018, DOI: 10.4108/eai.15-10-2018.155856
Allan Cook, Andrew Nicholson, Helge Janicke, Leandros A. Maglaras, Richard Smith, "Attribution of Cyber Attacks on Industrial Control Systems", EAI Transactions on Industrial Networks and Intelligent Systems, vol. 3, issue 7, e3, pp. 1-15, April 2016, DOI: 10.4108/eai.21-4-2016.151158
Michael Robinson, Kevin Jones, Helge Janicke, Leandros Maglaras “An Introduction to Cyber Peacekeeping”, Elsevier Journal of Network and Computer Applications, Vol. 114, July 2018, pp. 70-87, DOI: 10.1016/j.jnca.2018.04.010
Nicholas Ayres, Leandros Maglaras, Helge Janicke, "OSNs as cyberterrorist weapons against the general public", Chapter in National Security: Breakthroughs in Research and Practice, IGI Global, February 2019, DOI: 10.4018/978-1-5225-7912-0.ch013
Nicholas Ayres, Leandros A. Maglaras, Helge Janicke, Richard Smith, Ying He, "The mimetic virus: A vector for cyber security", International Journal of Business Continuity and Risk Management (Inderscience), Vol. 6, No. 4, pp: 259-271, December 2016, DOI: 10.1504/IJBCRM.2016.10002276
Nicholas Ayres, Leandros A. Maglaras, "Cyberterrorism targeting general public through social media", Security and Communication Networks (WILEY), Volume 9, Issue 15, October 2016, pp: 2864-2875, DOI: 10.1002/sec.1568
Media
Policy Paper, M. Papathanasaki, L. Maglaras, “The current posture of Cyber Warfare and Cyber Terrorism”, Global Foundation for Cyber Studies and Research, June 2020.
Policy Paper, "Cyber Peacekeeping from Concept To Implementation", M Robinson, K Jones, H Janicke, L Maglaras, Global Foundation for Cyber Studies and Research, September 2019
"Risks, threats and challenges of Cyberspace", 7th Exposec-Defenseworld Conference, 7 May 2019, Hellenic Armed Forces Officers' Club (LAED), Athens
NIS Directive
The NISD on security of network and information systems (NIS directive) is one of the latest steps that the EU has taken in order to strengthen security of its systems. The directive describes specific steps that each member state should follow. Member States are moving towards the implementation of the NIS directive. The road ahead is long and a cooperation in both technical and strategic level is needed.
The research is supported by the H2020 funded project CONCORDIA (GA no. 830927)
A NIS Directive compliant Cybersecurity Maturity Model
CMAF can be used either as a self-assessment tool from Operators of Essential Services and Digital Service Providers or as an audit tool from the National Competent Authorities for cybersecurity
Mapping of the Security Requirements of GDPR and NIS
Assessing Cyber Security Threats and Risks in the Public Sector of Greece
Publications
Leandros Maglaras, George Drivas, Nestoras Chouliaras, Eerke Boiten, Costas Lambrinoudakis, Sotiris Ioannidis, "Cybersecurity in the Era of Digital Transformation: The case of Greece", IEEE international Conference on Internet of Things and Intelligent Applications (ITIA2020) , 27-29 November, 2020, Zhenjiang, China
Najmudin Saqib, Vasileios Germanos, Wen Zeng, Leandros Maglaras, "Mapping of the Security Requirements of GDPR and NISD", EAI Transactions on Security and Safety, Accepted, September 2020, DOI: 0.4108/eai.30-6-2020.166283
George Drivas, Leandros Maglaras, Helge Janicke, Sotiris Ioannidis, "Assessing Cyber Security Threats and Risks in the Public Sector of Greece", Journal of Information Warfare, Vol. 19, Issue 1, 2020
Leandros A. Maglaras, George Drivas, Kleanthis Noou, Stylianos Rallis, "NIS directive: The case of Greece", EAI Transactions on Security and Safety, May 2018, DOI: 10.4108/eai.15-5-2018.154769
George Drivas, Argyro Chatzopoulou, Leandros Maglaras, Costas Lambrinoudakis, Allan Cook and Helge Janicke, "A NIS Directive compliant Cybersecurity Maturity Model", IEEE Computer Society Signature Conference on Computers, Software and Applications (COMPSAC 2020), 13-17 July 2020
George Drivas, Leandros Maglaras, Helge Janicke, Sotiris Ioannidis, "Cyber Security Assessment of the Public Sector in Greece", 18th European Conference on Cyber Warfare and Security (ECCWS 2019), 4-5 July 2019, Coimbra, Portugal, ISBN: 978-1-912764-29-7
Media
"The Greek NIS Law: Implementation steps and the way ahead", OWASP workshop, Athens, 10 June 2019
"National Cyber Security Strategy", 5th Risk and Business Continuity Forum, RESILIENCE DAYS, Athens, 29 May, 2019
"Cybersecurity posture of Greece and the NIS directive", Secure Digital Government, 19 April 2019, Innovation and Best Practices Unit
"Critical Infrastructure Protection and the NIS Directive", 6th High-level Greek Conference on Modern Technologies and New Forms of War, 27 March 2019, Institute of International Relations (IDIS), Panteion University, Athens
"Protection of Critical Infrastructures - NIS directive", Cyber security workshop, 20 March 2019, EKDAA
Keynote Speaker, "Cyber security: From regulations\policies to practice", ENISA NIS Summer School, Heraklion, 24/9/2018
3739B-19-1.pdfN.4577_2018.pdfNCSSGR.pdf
Blockchain Security & Privacy Issues
The threat models that are considered by the blockchain protocols in IoT networks, into five main categories, namely identity-based attacks, manipulationbased attacks, cryptanalytic attacks, reputation-based attacks, and service-based attacks.
The proposed DeliveryCoin framework combines hash functions and short signatures without random oracles and the Strong Diffie–Hellman (SDH) assumption in bilinear groups to achieve privacy-preservation.
The proposed security architecture is composed of an intrusion detection system, namely RSL-KNN to defend against the forged commands, which target the industrial control process, and a Blockchain-based Integrity Checking System (BICS).
We we propose a novel deep learning and blockchain-based energy framework for Smart Grids, entitled DeepCoin The DeepCoin framework uses two schemes, a blockchain-based scheme and a deep learning-based scheme.
Publications
Nathan Clark, Leandros Maglaras, Ioanna Kantzavelou, Nestoras Chouliaras, Mohamed Amine Ferrag, "Blockchain Technology: Security and Privacy Issues", Chapter in Blockchain Technology and Innovation in Business Process, Springer, 2021
Mohamed Amine Ferrag, Lei Shu, Xing Yang, Abdelouahid Derhab, Leandros Maglaras, "Security and Privacy for Green IoT-based Agriculture: Review, Blockchain solutions, and Challenges", IEEE Access, February 2020, DOI: 10.1109/ACCESS.2020.2973178
Mohamed Amine Ferrag, Leandros Maglaras, "DeliveryCoin: An IDS and Blockchain-based Delivery Framework for Drone-Delivered Services", MDPI, Computers 2019, 8(3), 58
Abdelouahid Derhab, Mohamed Guerroumi, Abdu Gumaei, Leandros Maglaras, Mohamed Amine Ferrag, Mithun Mukherjee, Farrukh Aslam Khan "Blockchain and Random Subspace Learning-based IDS for SDN-enabled Industrial IoT Security", MDPI, Sensors 2019, 19(14)
Mohamed Amine Ferrag, Leandros Maglaras, "DeepCoin: A Novel Deep learning and Blockchain-based Energy Exchange Framework for Smart Grids", July 2019, IEEE Transactions on Engineering Management
Yash Soni, Leandros Maglaras, Mohamed Amine Ferrag, "Blockchain Based Voting Systems", 19th European Conference on Cyber Warfare and Security (ECCWS 2020), 25-26 June 2020, Chester, UK, DOI: 10.34190/EWS.20.122
Mohamed Amine Ferrag, Makhlouf Derdour, Mithun Mukherjee, Abdelouahid Derhab, Leandros Maglaras, Helge Janicke, “Blockchain Technologies for the Internet of Things: Research Issues and Challenges”, IEEE Internet of Things Journal, Volume: 6, Issue: 2, April 2019, pp: 2188 - 2204
Abdelouahid Derhab, Mohamed Guerroumi, Leandros Maglaras, Mohamed Amine Ferrag, Mithun Mukherjee and Farrukh Aslam Khan, "BLOSTER: Blockchain-based System for Detection of Fraudulent Rules in Software-Defined Networks", Proceedings of the 6th International Symposium for ICS & SCADA Cyber Security Research (ICS-CSR 2019), Athens, 10-12 September 2019, DOI: 10.14236/ewic/icscsr19.5
Mohamed Amine Ferrag, Leandros Maglaras, Helge Janicke, ”Blockchain and Its Role in the Internet of Things”, International Conference on Strategic Innovative Marketing and Tourism (ICSIMAT 2018), 17-20 October 2018, Athens, Springer Proceedings in Business and Economics, DOI: 10.1007/978-3-030-12453-3_119