Electronic Government (e-Government) systems constantly provide greater services to people, businesses, organisations, and societies by offering more information, opportunities, and platforms with the support of advances in information and communications technologies. This usually results in increased system complexity and sensitivity, necessitating stricter security and privacy-protection measures. The majority of the existing e-Government systems are centralised, making them vulnerable to privacy and security threats, in addition to suffering from a single point of failure. This study proposes a decentralised e-Government framework with integrated threat detection features to address the aforementioned challenges. In particular, the privacy and security of the proposed e-Government system are realised by the encryption, validation, and immutable mechanisms provided by Blockchain. The insider and external threats associated with blockchain transactions are minimised by the employment of an artificial immune system, which effectively protects the integrity of the Blockchain. The proposed e-Government system was validated and evaluated by using the framework of Ethereum Visualisations of Interactive, Blockchain, Extended Simulations (i.e. eVIBES simulator) with two publicly available datasets. The experimental results show the efficacy of the proposed framework in that it can mitigate insider and external threats in e-Government systems whilst simultaneously preserving the privacy of information.
Abstract The YARA rules technique is used in cybersecurity to scan for malware, often in its default form, where rules are created either manually or automatically. Creating YARA rules that enable analysts to label files as suspected malware is a highly technical skill, requiring expertise in cybersecurity. Therefore, in cases where rules are either created manually or automatically, it is desirable to improve both the performance and detection outcomes of the process. In this paper, two methods are proposed utilising the techniques of fuzzy hashing and fuzzy rules, to increase the effectiveness of YARA rules without escalating the complexity and overheads associated with YARA rules. The first proposed method utilises fuzzy hashing referred to as enhanced YARA rules in this paper, where if existing YARA rules fails to detect the inspected file as malware, then it is subjected to fuzzy hashing to assess whether this technique would identify it as malware. The second proposed technique called embedded YARA rules utilises fuzzy hashing and fuzzy rules to improve the outcomes further. Fuzzy rules countenance circumstances where data are imprecise or uncertain, generating a probabilistic outcome indicating the likelihood of whether a file is malware or not. The paper discusses the success of the proposed enhanced YARA rules and embedded YARA rules through several experiments on the collected malware and goodware corpus and their comparative evaluation against YARA rules.
Designers of effective and efficient fuzzy systems have long recognised the value of inferential hybridity in the implementation of sparse fuzzy rule based systems. Which is to say: such systems should have recourse to fuzzy rule interpolation (FRI) only when no rule matches a given observation; otherwise, when an observation partially or exactly matches at least one of the rules of the sparse rule base, a compositional rule of inference (CRI) should be used in order to avoid the computational overheads of interpolation. Sparse fuzzy rule bases are constructed by experts or derived from data and may support FRI reasoning in long run. However, two potential problems arise: (1) a system’s requirements may change over time leading to rule redundancy; and (2) the system may cease in the long run to provide precise and pertinent results. The need to maintain the concurrency and accuracy of a sparse fuzzy rule base, in order that it generates the most precise and relevant results possible, motivates consideration of a dynamic (real-time) fuzzy rule base. This thesis therefore presents a framework of dynamic fuzzy rule interpolation (D-FRI), integrated with general fuzzy inference (CRI), which uses the FRI result set itself for the selection, combination and promotion of informative, frequentlyused intermediate rules into the existing rule base. Here two versions of the D-FRI approach are presented:k-means-based and GA-aided. Integration uses the concept of α-cut overlapping between fuzzy sets to decide an exact or partial matching between rules and observation so that CRI can be utilised for reasoning. Otherwise, the best closest rules are selected for FRI by exploiting the centre of gravity (COG), Hausdorff distance (HD) and earth mover’s distance (EMD) metrics. Testing seeks to show that dynamically-promoted rules generate results of greater accuracy and robustness than would be achievable through conventional FRI tout court, and to support the claim that the D-FRI approach results in a more effective interpolative reasoning system. To this end, an implementation of D-FRI is applied to the problem domain of intrusion detection systems (IDS), by integrating it with Snort in order to improve port-scanning detection and increase the level of accuracy of alert predictions.
Since its inception as a solution for secure cryptocurrencies sharing in 2008, the blockchain technology has now become one of the core technologies for secure data sharing and storage over trustless and decentralised peer-to-peer systems. E-government is amongst the systems that stores sensitive information about citizens, businesses and other affiliates, and therefore becomes the target of cyber attackers. The existing e-government systems are centralised and thus subject to single point of failure. This paper proposes a secure and decentralised e-government system based on the consortium blockchain technology, which is a semi-public and decentralised blockchain system consisting of a group of pre-selected entities or organisations in charge of consensus and decisions making for the benefit of the whole network of peers. In addition, a number of e-government nodes are pre-selected to perform the tasks of user and transaction validation before being added to the blockchain network. Accordingly, e-government users of the consortium blockchain network are given the rights to create, submit, access, and review transactions. Performance evaluation on single transaction time and transactions processed per second demonstrate the practicability of the proposed consortium blockchain-based e-government system for secure information sharing amongst all stakeholders.
Multi-cloud systems have been gaining popularity due to the several benefits of the multi-cloud infrastructure such as lower level of vendor lock-in and minimize the risk of widespread data loss or downtime. Thus, the multi-cloud infrastructure enhances the dependability of the cloud-based system. However, it also poses many challenges such as nonstandard and inherent complexity due to different technologies, interfaces, and services. Consequently, it is a challenging task to design multi-cloud dependable systems. Virtualization is the key technology employed in the development of cloud-based systems. Docker has recently introduced its container-based virtualization technology for the development of software systems. It has newly launched a distributed system development tool called Swarm, which allows the development of a cluster of multiple Swarm nodes on multiple clouds. Docker Swarm has also incorporated several dependability attributes to support the development of a multi-cloud dependable system. However, making Swarm cluster always available requires minimum three active manager nodes which can safeguard one failure. This essential condition for the dependability is one of the main limitations because if two manager nodes fail suddenly due to the failure of their hosts, then Swarm cluster cannot be made available for routine operations. Therefore, this paper proposes an intuitive approach based on Computational Intelligence (CI) for enhancing its dependability. The proposed CI-based approach predicts the possible failure of the host of a manager node by observing its abnormal behaviour. Thus, this indication can automatically trigger the process of creating a new manager node or promoting an existing node as a manager for enhancing the dependability of Docker Swarm.
Fuzzy rule interpolation (FRI) offers an effective approach for making inference possible in sparse rule-based systems (and also for reducing the complexity of fuzzy models). However, requirements of fuzzy systems may change over time and hence, the use of a static rule base may affect the accuracy of FRI applications. Fortunately, an FRI system in action will produce interpolated rules in abundance during the interpolative reasoning process. While such interpolated results are discarded in existing FRI systems, they can be utilized to facilitate the development of a dynamic rule base in supporting subsequent inference. This is because the otherwise relinquished interpolated rules may contain possibly valuable information, covering regions that were uncovered by the original sparse rule base. This paper presents a dynamic fuzzy rule interpolation (D-FRI) approach by exploiting such interpolated rules in order to improve the overall system's coverage and efficacy. The resulting D-FRI system is able to select, combine, and generalize informative, frequently used interpolated rules for merging with the existing rule base while performing interpolative reasoning. Systematic experimental investigations demonstrate that D-FRI outperforms conventional FRI techniques, with increased accuracy and robustness. Furthermore, D-FRI is herein applied for network security analysis, in devising a dynamic intrusion detection system (IDS) through integration with the Snort software, one of the most popular open source IDSs. This integration, denoted as D-FRI-Snort hereafter, delivers an extra amount of intelligence to predict the level of potential threats. Experimental results show that with the inclusion of a dynamic rule base, by generalising newly interpolated rules based on the current network traffic conditions, D-FRI-Snort helps reduce both false positives and false negatives in intrusion detection.
'%3e%3cpath fill='%23012169' d='M0 0v30h60V0z'/%3e%3cpath stroke='%23fff' stroke-width='6' d='m0 0 60 30m0-30L0 30'/%3e%3cpath stroke='%23C8102E' stroke-width='4' d='m0 0 60 30m0-30L0 30' clip-path='url(%23b)'/%3e%3cpath stroke='%23fff' stroke-width='10' d='M30 0v30M0 15h60'/%3e%3cpath stroke='%23C8102E' stroke-width='6' d='M30 0v30M0 15h60'/%3e%3c/g%3e%3c/svg%3e)
'/%3e%3cuse xlink:href='%23a' transform='rotate(23.036 .093 25.536)'/%3e%3cuse xlink:href='%23a' transform='rotate(45.87 1.273 16.18)'/%3e%3cuse xlink:href='%23a' transform='rotate(69.945 .996 12.078)'/%3e%3cuse xlink:href='%23a' transform='rotate(20.66 -19.689 31.932)'/%3e%3c/svg%3e)
'/%3e%3c/defs%3e%3cpath fill='%23012169' d='M0 0h10080v5040H0z'/%3e%3cpath stroke='%23fff' stroke-width='.6' d='m0 0 6 3m0-3L0 3' clip-path='url(%23b)' transform='scale(840)'/%3e%3cpath stroke='%23e4002b' stroke-width='.4' d='m0 0 6 3m0-3L0 3' clip-path='url(%23c)' transform='scale(840)'/%3e%3cpath stroke='%23fff' stroke-width='840' d='M2520 0v2520M0 1260h5040'/%3e%3cpath stroke='%23e4002b' stroke-width='504' d='M2520 0v2520M0 1260h5040'/%3e%3cg fill='%23fff'%3e%3cuse xlink:href='%23d' x='2520' y='3780'/%3e%3cuse xlink:href='%23a' x='7560' y='4200'/%3e%3cuse xlink:href='%23a' x='6300' y='2205'/%3e%3cuse xlink:href='%23a' x='7560' y='840'/%3e%3cuse xlink:href='%23a' x='8680' y='1869'/%3e%3cuse xlink:href='%23e' x='8064' y='2730'/%3e%3c/g%3e%3c/svg%3e)
