Zubair, tell us a bit about yourself. What do you do, and what does a typical day in your life look like?
I am a senior lecturer of cyber security at Edith Cowan University in Perth, Australia.
I would start out a typical day in my life with a quick skim through my mailbox and prioritizing my responses based on several factors. I would then head out to my work place. If there’s a teaching commitment for the day, I would prepare for my lectures and labs and update the online course material and/or announcements for students.
I set aside around an hour to keep myself at pace with the latest research trends in my discipline. I conduct research training for graduate students and help them prepare their findings for publication. I also actively involve myself in leadership activities including coordination of courses and desigining of new course material.You've recently published a paper that deals with digital forensics challenges for smart cities. What prompted you to conduct this research?
Smart cities of the future will replace traditional cities pretty soon. Like any other technological advancements placing cyber-security at the bottom of the list is the norm, and I’d envisioned the same happening with these cities of the future.
My proposal, that was backed by our team of researchers, was to identify these cyber security challenges for smart cities and to enumerate the gaps in knowledge around forensic procedures if they were to be adopted for running investigations on cyber crime in smart cities.
Could you give us an overview of the aims and conclusions of your research?
The aims of this research were to identify the cyber security threat landscape for four components of the smart city namely, smart grids, building automation systems, unmanned aerial vehicles and smart vehicles. In addition, we also highlighted the challenges associated with securely transferring and storing smart city data in the cloud.
The second contribution of this paper was to identify the challenges associated with conducting a forensic investigation on cyber crime carried out against these smart city components.
We noted that a lot of gaps in knowledge had to be filled before the smart city is made secure for its citizens. Moreover, there has to be a mechanism within the planning and development of a smart city to ascertain that all the data that a smart city would generate is securely communicated and stored.
What are some of the potential criminal misuses of smart cities, and how might digital forensic practitioners deal with these?
Smart city traffic can be disrupted by a cyber criminal who installs a piece of malware into the smart city IoT sensors or even the cloud, causing widespread chaos.
Building airconditioning systems can be compromised and may cause temperature control problems for critical infrastructure including hospitals and schools.
A drone can be used for spying into restricted territory and get away with it.
Digital forensic practitioners can deal with these issues by having a proper procedure in place to identify the key data elements obtained from these heterogeneous and disparate data sources, and rapidly performing a forensic analysis on it.
The paper talks about the importance of learning lessons from prior incidents in order to ensure forensic readiness. In your opinion, is this being done with enough regularity at the moment, and if not how can it be improved?
Definitely not! Primarily because the cyber crimes that can be committed against a smart city have not been fully comprehended.
It is only after the intensity and volume of such crimes goes up, is an effort put in by all stakeholders including the law enforcement, government, enterprises and insurance firms, to draft laws, policies and procedures for containing the threat.
It is therefore advisable to have a working committee formed by the government, to tackle the issue of cyber crime and security of citizens in a smart city.
What are some of the main challenges concerning the forensic analysis of data from smart cities?
The key challenges concerning forensic analysis of smart city data are:
1. Heterogeneity in data structures as obtained from variable log types from disparate smart city components
2. Not all IoT devices of the smart city would have the same network architecture and would be operating through varying protocols/standards, encumbering the data massaging process
3. Information laws would have to be separately applied to each of these data categories based on the data source, device type and protocols/standards that were used
4. Methods for data extraction, preservation and analysis may be limited, as the devices of a smart city may be leading out the traditional technology landscape
5. Ad-hoc networks of smart city devices would also make it harder to obtain concrete data from various sources, to help carry out the forensic procedure.
Considering how much data each individual produces, triage is surely a huge concern in smart city data analysis. In your opinion, how might this be addressed?
Only through application of data filtering and feature ranking techniques can the smart city be triaged with a high degree of success.
Importantly, the data obtained from disparate and heterogeneous smart city components must be properly labelled and categorized based on predefined criteria in order to make the triage process efficient.
Are you planning or working on any new research projects at the moment?
Yes, plenty! Our research group is working on securing the Internet of Things (IoT). We are investigating protocol-level security for IoT devices and identifying drone vulnerabilities that a cyber criminal can exploit.
Secondly, we are working on ransomware trait analysis. Thirdly, we are working on intelligent analysis of network security data logs.
Finally, when you're not researching, what do you enjoy doing in your spare time?
I like counselling others and helping out my family and friends with issues that they may be facing. I also play a variety of sports with my wife and kids.
Zubair Baig (CISSP, MIEEE, MACS, B.S. (KFUPM), M.S. (Maryland), Ph.D. (Monash)) is a Senior Lecturer of Cyber Security in the School of Science, Edith Cowan University, Perth, W.A., Australia. He is also affiliated to the Security Research Institute at Edith Cowan University. He has authored over 50 journal and conference articles and book chapters. His research interests are in the areas of cyber-security, artificial intelligence and optimization algorithms. He is serving as the editor of the IET Wireless Sensor Systems Journal and the PSU – A Review Journal, Emerald Publishing House. He has served on numerous technical program committees of international conferences and has delivered three keynote talks on computer security.
