Abstract
Gathering and utilizing stored data is gaining popularity and has become a crucial component of smart building infrastructure. The data collected can be stored, for example, into private, public, or hybrid cloud service infrastructure or distributed service by utilizing data platforms. The stored data can be used when implementing services, such as building automation (BAS). Cloud services, IoT sensors, and data platforms can face several kinds of cybersecurity attack vectors such as adversarial, AI-based, DoS/DDoS, insider attacks. If a perpetrator can penetrate the defenses of a data platform, she can cause significant harm to the system. For example, the perpetrator can disrupt a building’s automatic heating system or break the heating equipment by using a suitable attack vector for a data platform. This chapter focuses on examining possibilities to protect cloud storage or data platforms from incoming cyberattacks by using, for instance, artificial-intelligence-based tools or trained neural networks that can detect and prevent typical attack vectors.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abate A, Budde CE, Cauchi N, Hoque KA, Stoelinga M (2018) Assessment of maintenance policies for smart buildings: application of formal methods to fault maintenance trees. In: European conference of the prognostics and health management society, vol 2018
Abomhara M, Køien GM (2014) Security and privacy in the Internet of Things: current status and open issues. In: Privacy and security in mobile systems (PRISMS), 2014 international conference on. IEEE, pp 1–8
Alam MR, Reaz MBI, Ali MAM (2012) A review of smart homes—past present and future", IEEE Trans Syst Man Cybern C Appl Rev.), vol. 42, no. 6, pp. 1190–1203
appliedAI. https://appliedai.com/use-cases/1. Accessed 5 Aug 2019
Ballal S, Prasad LS, Rajappa M, Khader A (2018) Bumper to bumper: detecting and mitigating DoS and DDoS attacks on the cloud. SecurityIntelligence. https://securityintelligence.com/bumper-to-bumper-detecting-and-mitigating-dos-and-ddos-attacks-on-the-cloud-part-1. Accessed 16 Aug 2019
Baracaldo N, Chen B, Ludwig H, Safavi A (2018) Detecting poisoning attacks on machine learning in IoT environments. IEEE international congress on internet of things (ICIOT), San Francisco, CA, USA
Bayuk JL, Healey J, Rohmeyer P, Sachs MH, Schmidt J, Weiss J (2012) Cyber security policy guidebook, 1st edn. Wiley, USA
Bonderud D (2018) Breaking bad behavior: can AI combat insider threats? Security Intelligence. https://securityintelligence.com/breaking-bad-behavior-can-ai-combat-insider-threats. Accessed 9 Aug 2019
BS ISO/IEC 27002 (2013) Information technology – security techniques – code of practice for information security management. The British Standards Institution. BSI Standards Limited, Switzerland
Buchanan WJ, Li S, Asif R (2018) Lightweight cryptography methods. J Cyber Secur Technol 1(3–4):187–201
Burnap P, Williams ML (2015) Cyber hate speech on twitter: an application of machine classification and statistical modeling for policy and decision making. https://doi.org/10.1002/poi3.85 . Accessed 20 Aug 2019
Business.com (2018) Cloud encryption: using data encryption in the cloud. https://www.business.com/articles/cloud-data-encryption. Accessed 4 Aug 2019
Busztein E (2018) Attacks against machine learning – an overview. https://elie.net/blog/ai/attacks-against-machine-learning-an-overview. Accessed 3 Aug 2019
Byun J, Park S (2011) Development of a self-adapting intelligent system for building energy saving and context-aware smart services. IEEE Trans Consum Electron 57(1):90–98
Ca technologies (2018) Insider threat report. Cybersecurity insiders. https://www.ca.com/content/dam/ca/us/files/ebook/insider-threat-report.pdf. Accessed 12 Aug 2019
Castro-Leon E, Harmon R (2016) Cloud as a service: understanding the service innovation ecosystem. Apress, Berkeley
Carlini N, Wagner D (2016) Defensive Distillation is Not Robust to Adversarial Examples. ArXiv: 1607.04311v1 [cs.CR] 14 Jul 2016
Chang Z. Wireless and internet of things (IoT) security. Department of Mathematical Information Technology. University of Jyväskylä, Finland. users.jyu.fi/~timoh/TIES327/Wireless.pdf. Accessed 9 Aug 2019
Conner-Simons (2016) System predicts 85 percent of cyber-attacks using input from human experts. http://news.mit.edu/2016/ai-system-predicts-85-percent-cyber-attacks-using-input-human-experts-0418. Accessed 3 Aug 2019
Costa D (2017) CERT definition of ‘insider threat’. Software engineering institute, Cargenie Mellon, University. https://insights.sei.cmu.edu/insider-threat/2017/03/cert-definition-of-insider-threat%2D%2D-updated.html. Accessed 9 Aug 2019
Craigen D, Diakun-Thibault N, Purse R (2014) Security in cyberspace. Targeting nations, infrastructures, individuals. Bloomsbury publishing, New York
Cyberspace policy review. Assuring a trusted and resilient information and communications Infrastructure. https://www.energy.gov/sites/prod/files/cioprod/documents/ Cyberspace_Policy_Review_final.pdf
Dao M-S, Pongpaichet S, Jalali L, Kim K, Jain R, Zettsu K (2014) A real-time complex event discovery platform for cyper-physical-social systems. ICMR 2014, April 1–4, Glasgow, UK
Deshpande N (2009) Artificial intelligence. Technical Publications. University of Pune, India
Diro AA, Chilamkurti N (2018) Distributed attack detection scheme using deep learning approach for Internet of Things. Future Gener Comput Syst 82:761–768
Darktrace (2018) Darktrace enterprise – detects and classifies cyber-threats across your entire enterprise. Darktrace. https://www.darktrace.com/en/products. Accessed 12 Aug 2019
Dremio (2019) Enabling Data-as-a-Service for AWS and R
Elleithy K, Blagovic D, Cheng W, Sideleau P (2006) Denial of service attack techniques: analysis, implementation and comparison. J Syst Cybern Inform 3:66–71
ENISA (2018) ENISA threat landscape report 2018 – 15 top cyberthreats and trends. European Union agency for network and information security
EUR-Lex (2013) Access to European Union law. Joint communication of the European parliament, the council, the European economic and social committee and the committee of the regions. Cyber Security strategy of the European Union: an open, safe and secure cyberspace. Document number 52013JC0001
Ganin Y, Ustinova E, Ajakan H, Germain P, Larochelle H, Laviolette F, Marchand M, Lempitsky V (2016) Domain-adversarial training of neural networks. J Mach Learn Res 17(2016):1–35
Gavai G, Sricharan K, Gunning D, Hanley J, Singhal M, Rolleston R (2015) Supervised and unsupervised methods to detect insider threat from enterprise social and online activity data. JoWUA 6(4). https://doi.org/10.22667/JOWUA.2015.12.31.047
Ghahramani Z (2015) Probabilistic machine learning and artificial intelligence. Nature 521:452–459
Gillespie A (2016) Cybercrime – Key issues and debates. Routledge, New York
Goel N, Sharma T (2014) Cloud computing – SPI framework, deployment models, challenges. International journal of emerging technology and advanced engineering. International conference on advanced deployments in engineering and technology, India
Goldblum M, Fowl L, Feizi S, Goldstein T (2019) Adversarially robust distillation. ArXiv:1905.09747v1 [cs.LG] 23 May 2019
Goodfellow I, Papernot N, Huang S, Duan R, Abbeel P, Clark J (2017) Attacking machine learning with adversarial examples. OpenAI. https://openai.com/blog/adversarial-example-research. Accessed 3 Aug 2019
Gu S, Rigazio L (2015) Towards Deep Neural Network Architectures Robust to Adversarial Examples. ArXiv:1412.5068v4 [cs.LG] 9 Apr 2015
Guo C, Rana M, Cissé M, van der Maaten L (2018) Countering adversarial images using input transformations. ArXiv:1711.00117v3 [cs.CV] 25 Jan 2018
Gupta D, Ghakraborty PS, Rajput P (2015) Cloud security using encryption techniques. International journal of advances research in computer science and software engineering, 5(2), SRM University, India
Han B, Yang X, Sun Z, Huang J, Su J (2018) OverWatch: a cross-plane DDOS attack defense framework with collaborative intelligence in SDN. Hindawi Secur Commun Netw 2018. https://doi.org/10.1155/2018/9649643
HP security research (2014) Internet of things research study. http://d-russia.ru/wp-content/uploads/2015/10/4AA5-4759ENW.pdf. Accessed 7 Aug 2019
Iyer G, Agrawal P (2010) Smart power grids. In: 42nd Southeastern Symposium on System Theory (SSST), IEEE (2010), pp 152–155
Jia B, Huang X, Liu R, Ma Y (2017) A DDOS attack detection method Based on hybrid heterogenous multiclassifier ensemble learning. Hindawi J Electr Comput Eng 2017. https://doi.org/10.1155/2017/4975343
Jiang J-R (2018) An improved cyber-physical systems architecture for Industry 4.0 smart factories. Adv Mech Eng 10(6):1–15
Karthikeyan P, Thangavel M (2018) Applications of security, mobile, analytic and cloud (SMAC) technologies for effective information processing and management, A volume in the advances in computer and electrical engineering (ACEE) book series. IGI Global, Hershey
Kubovič O, Košinár P, Jánošík J (2018) Can artificial intelligence power future malware? ESET white paper
Le DC, Khanchi S, Zincir-Heywood AN, Heywood MI (2018) Benchmarking evolutionary computation approaches to insider threat detection. Association for Computing Machinery. https://doi.org/10.1145/3205455.3205612
Legatiuk D, Smarsly K (2018) An abstract approach towards modeling intelligent structural system. 9th EWSHM, UK. CC-BY-NC license 4.0
Lehto M (2015) Phenomena in the cyber world. Cyber security: analytics, technology and automation. Springer, Berlin
Liang B, Li H, Su M, Li X, Shi W, Wang X (2019) Detecting adversarial image examples in deep neural networks with adaptive noise reduction. ArXiv:1705.08378v5 [cs.CR] 9 Jan 2019
Libicki MC (2007) Conquest in cyberspace – national security and information warfare. Cambridge University press, New York
Lim C, Kim K-H, Kim M-J, Heo J-Y, Kim K-J, Maglio PP (2018) From data to value: A nine-factor framework for data -based value creation in information-intensive services. Int J Inf Manag 39(2018):121–135
Machmeier C, Kunzke F (2019) How safeguarding sensitive data could lead to smarter AI. Sap News Center. https://news.sap.com/2019/01/homomorphic-encryption-safeguarding-sensitive-data-smarter-ai. Accessed 4 Aug 2019
Mather T, Kamaraswamy S, Latif S (2009) Cloud security and privacy – an enterprise perspective on risks and compliances. O’Reilly Media Inc., USA
Nagpal H, Basu B, Staino A (2018) Economic model predictive control of building energy systems in cooperative optimization framework. ICC, January 4–6, 2018, IIT Kanpur, India
Nicholson C. Skymind. https://skymind.ai/wiki/ai-vs-machine-learning-vs-deep-learning. Accessed 5 Aug 2019
Qi Q, Tao F, Zuo Y, Zhao D (2018) Digital twin service towards smart manufacturing. Procedia CIRP 72(2018):237–242
Padmavathi & Shanmugapriya et al (2009) A survey of attacks, security mechanisms and challenges in wireless sensor networks, arXiv preprint arXiv:0909.0576
Papernot N, McDaniel P (2016) On the effectiveness of defensive distillation. ArXiv:1607.05113v1 [cs.CR] 18 Jul 2016
Papernot N, McDaniel P, Goodfellow I, Jha S, Celic Z B, Swami A (2017) Practical black-box attacks against machine learning. In: Proceedings of the 2017 ACM Asia conference on computer and communications security, Abu Dhabi, UAE
Potluri S, Diedrich C (2016) Accelerated deep neural networks for enhanced intrusion detection system. 2016 IEEE 21st ETFA. https://doi.org/10.1109/ETFA.2016.7733515
Radware (2018) Machine-learning automation to ensure zero time to mitigation. https://www.radware.com/pleaseregister.aspx?returnurl=732862c3-5149-4806-b060-ba20d2bca6eb. Accessed 16 Aug 2019
Radware (2019) https://www.radware.com/products/defensepro/. Accessed 4 Aug 2019
Randal L (2016) What is data as a service? The 3 key dimensions. BDQ big data quarterly. http://www.dbta.com/BigDataQuarterly/Articles/What-is-Data-as-a-Service-The-3-Key-Dimensions-114568.aspx
Rangaraju NK, Sriramoju SB, Sarma S (2018) A study on machine learning techniques towards the detection of distributed denial of service attacks. Int J Pure Appl Math 120(6):7407–7423
Rathore S, Park JH (2018) Semi-supervised learning based distributed attack detection framework for IoT. Appl Soft Comput 72:79–89
Reblaze (2019) Comprehensive DDoS protection DoS/DDoS datasheet – web application & API security. https://www.reblaze.com/wp-content/uploads/2019/05 /Reblaze-DDoS-Datasheet.pdf. Accessed 22 Aug 2019
Samangouei P, Kabkab M, Chellappa R (2018). Defense-gan: Protecting classifiers against adversarial attacks using generative models. ArXiv:1805.06605
Schmidt M, Åhlund C (2018) Smart buildings as Cyber-Physical Systems: data-driven predictive control strategies for energy efficiency. Renew Sust Energ Rev 90:742–756. https://doi.org/10.1016/j.rser.2018.04.013
Sengupta S (2017) Moving target defense: a symbiotic framework for AI & security. In: Proceedings of the 16th international conference on autonomous agents and multiagent systems
Shahapure NH, Jayarekha P (2015) Replication: a technique for scalability in cloud computing. Int J Compute Appl (0975–8887) 122(5):13–18
Sta HB (2017) Quality and the efficiency of data in “Smart-Cities”. Futur Gener Comput Syst 0167-739X 74(2017):409–416
Shaw E, Ruby K, Post J (1998) The insider threat to information systems. Secur Aware Bull 2(98):1–10
Threat Analysis Group (Tag) (2010) Threat, vulnerability, risk – commonly mixed up terms. https://www.threatanalysis.com/2010/05/03/threat-vulnerability-risk-commonly-mixed-up-terms. Accessed 31 Aug 2019
Tramèr F, Kurakin A, Papernot N, Goodfellow I, Boneh D, McDaniel P (2018) Ensemble adversarial training: attacks and defenses. ICLR 2018
Usman SH, Bawazir MA, Kabir AM (2014) Cloud computing: a strategy to improve the economy of Islamic societies. Int J Comput Trends Technol (IJCTT) 9(7):387–392
Vectra cognito (2019) Vectra security that thinks. Artificial intelligence powered automated threat hunting and network self-defense. https://www.beotech.rs/wp-content/uploads/2019/02/Vectra-Cognito-DataSheet.pdf. Accessed 12 Aug 2019
Wang Z, Srinivasan RS (2017) A review of artificial intelligence based building energy use prediction: contrasting the capabilities of single and ensemble prediction models. Renew Sust Energ Rev 75(3027):796–808
Wang L, Lee EW, Yuen RK (2018) Novel dynamic forecasting model for building cooling loads combining an artificial neural network and an ensemble approach. Appl Energy 228:1740–1753
Wani SY (2018) Internet of things (IoT) security and vulnerability. Research proposal. https://doi.org/10.13140/RG.2.2.29633.40801
Zhang D, Zheng Y, Wen Y, Xu Y, Wang J, Yu Y, Meng D. (2018). Role-based log analysis applying deep learning for insider threat detection. Assoc Comput Mach SecArch’18. https://doi.org/10.1145/3267494.3267495
Zhao D, Zhong M, Zhang X, Su X (2016) Energy consumption predicting model of VRV (Variable refrigerant volume) system in office buildings based on data mining. Energy 2016(102):287–297
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Vähäkainu, P., Lehto, M., Kariluoto, A., Ojalainen, A. (2020). Artificial Intelligence in Protecting Smart Building’s Cloud Service Infrastructure from Cyberattacks. In: Jahankhani, H., Kendzierskyj, S., Chelvachandran, N., Ibarra, J. (eds) Cyber Defence in the Age of AI, Smart Societies and Augmented Humanity. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-030-35746-7_14
Download citation
DOI: https://doi.org/10.1007/978-3-030-35746-7_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-35745-0
Online ISBN: 978-3-030-35746-7
eBook Packages: Computer ScienceComputer Science (R0)