Researchers introduce TII-SSRC-23, a new network intrusion detection dataset designed to improve the diversity and representation of modern network traffic for machine learning models. The dataset includes a range of traffic types and subtypes to address the limitations of existing datasets. Feature importance analysis and baseline experiments for supervised and unsupervised intrusion detection are also provided.
This paper introduces a framework that combines machine learning for multi-class attack detection in IoT/IIoT networks with large language models (LLMs) for attack behavior analysis and mitigation suggestion. The framework uses role-play prompt engineering with RAG to guide LLMs like ChatGPT-o3 and DeepSeek-R1, and introduces new evaluation metrics for quantitative assessment. Experiments using Edge-IIoTset and CICIoT2023 datasets showed Random Forest as the best detection model and ChatGPT-o3 outperforming DeepSeek-R1 in attack analysis and mitigation.
Researchers at TII, in cooperation with University Paderborn and Ruhr University Bochum, have discovered a vulnerability called the Opossum Attack in Transport Layer Security (TLS) impacting protocols like HTTP(S), FTP(S), POP3(S), and SMTP(S). The vulnerability exposes a risk of desynchronization between client and server communications, potentially leading to exploits like session fixation and content confusion. Scans revealed over 2.9 million potentially affected servers, including over 1.4 million IMAP servers and 1.1 million POP3 servers. Why it matters: This discovery highlights the importance of ongoing cybersecurity research in the UAE and internationally to identify and address vulnerabilities in fundamental internet protocols, especially as it led to immediate action by Apache and Cyrus IMAPd.
The Secure Systems Research Center (SSRC) has partnered with the University of New South Wales (UNSW Sydney) to research enhancements and scaling of the seL4 microkernel on edge devices. The collaboration aims to extend the seL4 microkernel to support dynamic virtualization, combining minimal trusted computing base with strong isolation. This will address challenges related to heterogeneous hardware, software, and environmental factors in edge computing. Why it matters: This partnership aims to improve the security of edge devices in critical sectors, addressing vulnerabilities in cyber-physical and autonomous systems.
KAUST professors Roberto Di Pietro and Marc Dacier co-authored a paper on cybersecurity strategies for Saudi Arabia and the Arab world, published in Communications of the ACM. The paper outlines a multidisciplinary framework for digitization aligned with Saudi Vision 2030, emphasizing global best practices, cultural adaptation, and capacity building. KAUST is positioned to advise on national cybersecurity policy in cooperation with the Saudi National Cybersecurity Authority. Why it matters: The framework addresses the critical need for advanced cybersecurity to support Saudi Arabia's rapidly growing digital economy and infrastructure.
This paper introduces Provable Unrestricted Adversarial Training (PUAT), a novel adversarial training approach. PUAT enhances robustness against both unrestricted and restricted adversarial examples while improving standard generalizability by aligning the distributions of adversarial examples, natural data, and the classifier's learned distribution. The approach uses partially labeled data and an augmented triple-GAN to generate effective unrestricted adversarial examples, demonstrating superior performance on benchmarks.
KAUST is addressing the cybersecurity skills gap in Saudi Arabia through programs like the Cybersecurity Specialization program in partnership with the National Cybersecurity Authority. KAUST alumnus Jameel Showail emphasizes the growing need for qualified Saudi cybersecurity professionals due to national security concerns and increasing digitization. He highlights that cybersecurity is crucial for protecting against AI-related threats and ensuring data integrity. Why it matters: As Saudi Arabia rapidly digitizes and integrates AI, KAUST's role in developing local cybersecurity talent becomes increasingly vital for safeguarding critical systems and data.