Abstract

Abstract
ABSTRACTBackgroundIntrusion Tolerant Systems (ITS) aim to maintain system security despite adversarial presence by limiting the impact of successful attacks. Current ITS risk managers rely heavily on public databases like NVD and Exploit DB, which suffer from long delays in vulnerability evaluation, reducing system responsiveness.ObjectiveThis work extends the HAL 9000 Risk Manager to integrate additional real-time threat intelligence sources and employ machine learning techniques to automatically predict and reassess vulnerability risk scores, addressing limitations of existing solutions.MethodsA custom-built scraper collects diverse cybersecurity data from multiple Open Source Intelligence (OSINT) platforms, such as NVD, CVE, AlienVault OTX, and OSV. HAL 9000 uses machine learning models for CVE score prediction, vulnerability clustering through scalable algorithms, and reassessment incorporating exploit likelihood and patch availability to dynamically evaluate system configurations.ResultsIntegration of newly scraped data significantly enhances the risk management capabilities, enabling faster detection and mitigation of emerging vulnerabilities with improved resilience and security. Experiments show HAL 9000 provides lower risk and more resilient configurations compared to prior methods while maintaining scalability and automation.ConclusionsThe proposed enhancements position HAL 9000 as a next-generation autonomous Risk Manager capable of effectively incorporating diverse intelligence sources and machine learning to improve ITS security posture in dynamic threat environments. Future work includes expanding data sources, addressing misinformation risks, and real-world deployments.

Abstract
HAL 9000 is an Intrusion Tolerant Systems (ITSs) Risk Manager, which assesses configuration risks against potential intrusions. It utilizes gathered threat knowledge and remains operational, even in the absence of updated information. Based on its advice, the ITSs can dynamically and proactively adapt to recent threats to minimize and mitigate future intrusions from malicious adversaries. Our goal is to reduce the risk linked to the exploitation of recently uncovered vulnerabilities that have not been classified and/or do not have a script to reproduce the exploit, considering the potential that they may have already been exploited as zero-day exploits. Our experiments demonstrate that the proposed solution can effectively learn and replicate National Vulnerability Database's evaluation process with 99% accuracy.

Abstract
Byzantine Fault tolerant (BFT) protocols are implemented to guarantee the correct system/application behavior even in the presence of arbitrary faults (i.e., Byzantine faults). Byzantine Fault tolerant State Machine Replication (BFT-SMR) is a known software solution for masking arbitrary faults and malicious attacks (Liu et al., 2020). In this survey, we present and discuss relevant BFT-SMR protocols, focusing on deterministic and probabilistic approaches. The main purpose of this paper is to discuss the characteristics of proposed works for each approach, as well as identify the trade-offs for each different approach.& COPY; 2023 The Author(s). Published by Elsevier Ltd. This is an open access article under the CC BY license ( http://creativecommons.org/licenses/by/4.0/ )

Abstract
Traditional identity management (IdM) systems rely on third-party identity providers (IdPs) and are centralised, which can make them vulnerable to data breaches and other security risks. Self-sovereign identity (SSI) is a newer IdM model that allows users to control their own identities by using decentralised technologies like blockchain to store and verify them. However, SSI systems have their own security concerns, such as digital wallet vulnerabilities, blockchain threats and conflicts with general data protection regulation (GDPR). Additionally, the lack of incentives for issuers, verifiers and data owners could limit its acceptance. This paper proposes SPIDVerify, which is a decentralised identity verification framework that utilises an SSI-based architecture to address these issues. The framework uses a mixed method for acquiring a W3C standard verified credentials and to ensure that only a thoroughly verified entity acquires verified credential, and employs secure key cryptographic protocols; Diffie-Hellman (DH) and Extended Triple Diffie-Hellman (X3DH) for forward secrecy secure communication, single-use challenge-response for authentication, and Swarm network for decentralised storage of data. These methods enhance the security of the proposed framework with better resilience against impersonation and credential stealing. To evaluate the proposal, we have outlined the limitations in related works and demonstrated two scenarios to showcase the strength and effectiveness of SPIDVerify in dealing with the threats identified. We have also tested the methods used in SPIDVerify by measuring the time taken to execute certain processes. © 2023 IEEE.