The aviation industry needs led to an increase in the number of aircraft in the sky. When the number of flights within an airspace increases, the chance of a mid-air collision increases. Systems such as the Traffic Alert and Collision Avoidance System (TCAS) and Airborne Collision Avoidance System (ACAS) are currently used to alert pilots for potential mid-air collisions. The TCAS and the ACAS use algorithms to perform Aircraft Trajectory Predictions (ATPs) to detect potential conflicts between aircrafts. In this paper, three different aircraft trajectory prediction algorithms named Deep Neural Network (DNN), Random Forest (RF) and Extreme Gradient Boosting were implemented and evaluated in terms of their accuracy and robustness to predict the future aircraft heading. These algorithms were as well evaluated in the case of adversarial samples. Adversarial training is applied as defense method in order to increase the robustness of ATPs algorithms against the adversarial samples. Results showed that, comparing the three algorithm’s performance, the extreme gradient boosting algorithm was the most robust against adversarial samples and adversarial training may benefit the robustness of the algorithms against lower intense adversarial samples. The contributions of this paper concern the evaluation of different aircraft trajectory prediction algorithms, the exploration of the effects of adversarial attacks, and the effect of the defense against adversarial samples with low perturbation compared to no defense mechanism.
DOCUMENT
Adversarial thinking is essential when dealing with cyber incidents and for finding security vulnerabilities. Capture the Flag (CTF) competitions are used all around the world to stimulate adversarial thinking. Jeopardy-style CTFs, given their challenge-and-answer based nature, are used more and more in cybersecurity education as a fun and engaging way to inspire students. Just like traditional written exams, Jeopardy-style CTFs can be used as summative assessment. Did a student provide the correct answer, yes or no. Did the participant in the CTF competition solve the challenge, yes or no. This research project provides a framework for measuring the learning outcomes of a Jeopardy-style CTF and applies this framework to two CTF events as case studies. During these case studies, participants were tested on their knowledge and skills in the field of cybersecurity and queried on their attitude towards CTF education. Results show that the main difference between traditional written exam and a Jeopardy-style CTF is the way in which questions a re formulated. CTF education is stated to be challenging and fun because questions are formulated as puzzles that need to be solved in a gamified and competitive environment. Just like traditional written exams, no additional insight into why the participant thinks the correct answer is the correct answer has been observed or if the participant really did learn anything new by participating. Given that the main difference between a traditional written exam and a Jeopardy-style CTF is the way in which questions are formulated, learning outcomes can be measured in the same way. We can ask ourselves how many participants solved which challenge and to which measurable statements about “knowledge, skill and attitude” in the field of cybersecurity each challenge is related. However, when mapping the descriptions of the quiz-questions and challenges from the two CTF events as case studies to the NICE framework on Knowledge, Skills and Abilities in cybersecurity, the NICE framework did not provide us with detailed measurable statements that could be used in education. Where the descriptions of the quiz-questions and challenges were specific, the learning outcomes of the NICE framework are only formulated in a quite general matter. Finally, some evidence for Csíkszentmihályi’s theory of Flow has been observed. Following the theory of Flow, a person can become fully immersed in performing a task, also known as “being in the zone” if the “challenge level” of the task is in line with the person’s “skill level”. The persons mental state towards a task will be different depending on the challenge level of the task and required skill level for completing it. Results show that participants state that some challenges were difficult and fun, where other challenges were easy and boring. As a result of this9 project, a guide / checklist is provided for those intending to use CTF in education.
DOCUMENT
In the modern day and age, cybersecurity facesnumerous challenges. Computer systems and networks become more and more sophisticated and interconnected, and the attack surface constantly increases. In addition, cyber-attacks keep growing in complexity and scale. In order to address these challenges, security professionals started to employ generative AI (GenAI) to quickly respond to attacks. However, this introduces challenges in terms of how GenAI can be adapted to the security environment and where the legal and ethical responsibilities lie. The Universities of Twente and Groningen and the Hanze University of Applied Sciences have initiated an interdisciplinary research project to investigate the legal and technical aspects of these LLMs in the cybersecurity domain and develop an advanced AI-powered tool.
DOCUMENT
