Project description:Advances in biological sciences have outpaced regulatory and legal frameworks for biosecurity. Simultaneously, there has been a convergence of scientific disciplines such as synthetic biology, data science, advanced computing and many other technologies, which all have applications in health. For example, advances in cybercrime methods have created ransomware attacks on hospitals, which can cripple health systems and threaten human life. New kinds of biological weapons which fall outside of traditional Cold War era thinking can be created synthetically using genetic code. These convergent trajectories are dramatically expanding the repertoire of methods which can be used for benefit or harm. We describe a new risk landscape for which there are few precedents, and where regulation and mitigation are a challenge. Rapidly evolving patterns of technology convergence and proliferation of dual-use risks expose inadequate societal preparedness. We outline examples in the areas of biological weapons, antimicrobial resistance, laboratory security and cybersecurity in health care. New challenges in health security such as precision harm in medicine can no longer be addressed within the isolated vertical silo of health, but require cross-disciplinary solutions from other fields. Nor can they cannot be managed effectively by individual countries. We outline the case for new cross-disciplinary approaches in risk analysis to an altered risk landscape.

Project description:BACKGROUND:Pandemics pose significant security/stability risks to nations with fragile infrastructures. We evaluated characteristics of the 2014 West African Ebola outbreak to elucidate lessons learned for managing transnational public health security threats. METHODS:We used publically available data to compare demographic and outbreak-specific data for Guinea, Sierra Leone, and Liberia, including key indicator data by the World Health Organization. Pearson correlation statistics were calculated to compare country-level infrastructure characteristics with outbreak size and duration. RESULTS:Hospital bed density was inversely correlated with longer EVD outbreak duration (r?=?-?0.99). Country-specific funding amount allocations were more likely associated with number of incident cases than the population at-risk or infrastructure needs. Key indicators demonstrating challenges for Guinea included: number of unsafe burials, percent of EVD-positive samples, and days between symptom onset and case hospitalization. Sierra Leone's primary key indicator was the number of districts with ?1 security incident. Liberia controlled their outbreak before much of the key-indicator data were collected. CONCLUSION:Many of the country-level factors, particularly the WHO key indicators were associated with controlling the epidemic. The infrastructure of countries affected by communicable diseases should be assessed by international political and public health leaders.

Project description: Not available

Project description:Filoviruses are negative-sense single-stranded RNA viruses often associated with severe and highly lethal hemorrhagic fever in humans and nonhuman primates, with case fatality rates as high as 90%. Of the known filoviruses, Ebola virus (EBOV), the prototype of the genus Orthoebolavirus, has been a major public health concern as it frequently causes outbreaks and was associated with an unprecedented outbreak in several Western African countries in 2013-2016, affecting 28,610 people, 11,308 of whom died. Thereafter, filovirus research mostly focused on EBOV, paying less attention to other equally deadly orthoebolaviruses (Sudan, Bundibugyo, and Taï Forest viruses) and orthomarburgviruses (Marburg and Ravn viruses). Some of these filoviruses have emerged in nonendemic areas, as exemplified by four Marburg disease outbreaks recorded in Guinea, Ghana, Tanzania, and Equatorial Guinea between 2021 and 2023. Similarly, the Sudan virus has reemerged in Uganda 10 years after the last recorded outbreak. Moreover, several novel bat-derived filoviruses have been discovered in the last 15 years (Lloviu virus, Bombali virus, Měnglà virus, and Dehong virus), most of which are poorly characterized but may display a wide host range. These novel viruses have the potential to cause outbreaks in humans. Several gaps are yet to be addressed regarding known and emerging filoviruses. These gaps include the virus ecology and pathogenicity, mechanisms of zoonotic transmission, host range and susceptibility, and the development of specific medical countermeasures. In this review, we summarize the current knowledge on non-Ebola filoviruses (Bombali virus, Bundibugyo virus, Reston virus, Sudan virus, Tai Forest virus, Marburg virus, Ravn virus, Lloviu virus, Měnglà virus, and Dehong virus) and suggest some strategies to accelerate specific countermeasure development.

Project description:A critical requirement for developing a cyber capable workforce is to understand how to challenge, assess, and rapidly develop human cyber skill-sets in realistic cyber operational environments. Fortunately, cyber team competitions make use of simulated operational environments with scoring criteria of task performance that objectively define overall team effectiveness, thus providing the means and context for observation and analysis of cyber teaming. Such competitions allow researchers to address the key determinants that make a cyber defense team more or less effective in responding to and mitigating cyber attacks. For this purpose, we analyzed data collected at the 12th annual Mid-Atlantic Collegiate Cyber Defense Competition (MACCDC, http://www.maccdc.org), where eight teams were evaluated along four independent scoring dimensions: maintaining services, incident response, scenario injects, and thwarting adversarial activities. Data collected from the 13-point OAT (Observational Assessment of Teamwork) instrument by embedded observers and a cyber teamwork survey completed by all participants were used to assess teamwork and leadership behaviors and team composition and work processes, respectively. The scores from the competition were used as an outcome measure in our analysis to extract key features of team process, structure, leadership, and skill-sets in relation to effective cyber defense. We used Bayesian regression to relate scored performance during the competition to team skill composition, team experience level, and an observational construct of team collaboration. Our results indicate that effective collaboration, experience, and functional role-specialization within the teams are important factors that determine the success of these teams in the competition and are important observational predictors of the timely detection and effective mitigation of ongoing cyber attacks. These results support theories of team maturation and the development of functional team cognition applied to mastering cybersecurity.

Project description:Traditionally, cyber-attack detection relies on reactive, assistive techniques, where pattern-matching algorithms help human experts to scan system logs and network traffic for known virus or malware signatures. Recent research has introduced effective Machine Learning (ML) models for cyber-attack detection, promising to automate the task of detecting, tracking and blocking malware and intruders. Much less effort has been devoted to cyber-attack prediction, especially beyond the short-term time scale of hours and days. Approaches that can forecast attacks likely to happen in the longer term are desirable, as this gives defenders more time to develop and share defensive actions and tools. Today, long-term predictions of attack waves are mostly based on the subjective perceptiveness of experienced human experts, which can be impaired by the scarcity of cyber-security expertise. This paper introduces a novel ML-based approach that leverages unstructured big data and logs to forecast the trend of cyber-attacks at a large scale, years in advance. To this end, we put forward a framework that utilises a monthly dataset of major cyber incidents in 36 countries over the past 11 years, with new features extracted from three major categories of big data sources, namely the scientific research literature, news, blogs, and tweets. Our framework not only identifies future attack trends in an automated fashion, but also generates a threat cycle that drills down into five key phases that constitute the life cycle of all 42 known cyber threats.

Project description:While much attention has been paid to the vulnerability of computer networks to node and link failure, there is limited systematic understanding of the factors that determine the likelihood that a node (computer) is compromised. We therefore collect threat log data in a university network to study the patterns of threat activity for individual hosts. We relate this information to the properties of each host as observed through network-wide scans, establishing associations between the network services a host is running and the kinds of threats to which it is susceptible. We propose a methodology to associate services to threats inspired by the tools used in genetics to identify statistical associations between mutations and diseases. The proposed approach allows us to determine probabilities of infection directly from observation, offering an automated high-throughput strategy to develop comprehensive metrics for cyber-security.

Project description:Since the completion of the Human Genome Project in 2003, genomic sequencing has become a prominent tool used by diverse disciplines in modern science. In the past 20 years, the cost of genomic sequencing has decreased exponentially, making it affordable and accessible. Bioinformatic and biological studies have produced significant scientific breakthroughs using the wealth of genomic information now available. Alongside the scientific benefit of genomics, companies offer direct-to-consumer genetic testing which provide health, trait, and ancestry information to the public. A key area that must be addressed is education about what conclusions can be made from this genomic information and integrating genomic education with foundational genetic principles already taught in academic settings. The promise of personal genomics providing disease treatment is exciting, but many challenges remain to validate genomic predictions and diagnostic correlations. Ethical and societal concerns must also be addressed regarding how personal genomic information is used. This genomics revolution provides a powerful opportunity to educate students, clinicians, and the public on scientific and ethical issues in a personal way to increase learning. In this review, we discuss the influence of personal genomics in society and focus on the importance and benefits of genomics education in the classroom, clinics, and the public and explore the potential consequences of personal genomic education.

Project description:Industrial IoT (IIoT) is a novel concept of a fully connected, transparent, automated, and intelligent factory setup improving manufacturing processes and efficiency. To achieve this, existing hierarchical models must transition to a fully connected vertical model. Since IIoT is a novel approach, the environment is susceptible to cyber threat vectors, standardization, and interoperability issues, bridging the gaps at the IT/OT ICS (industrial control systems) level. IIoT M2M communication relies on new communication models (5G, TSN ethernet, self-driving networks, etc.) and technologies which require challenging approaches to achieve the desired levels of data security. Currently there are no methods to assess the vulnerabilities/risk impact which may be exploited by malicious actors through system gaps left due to improper implementation of security standards. The authors are currently working on an Industry 4.0 cybersecurity project and the insights provided in this paper are derived from the project. This research enables an understanding of converged/hybrid cybersecurity standards, reviews the best practices, and provides a roadmap for identifying, aligning, mapping, converging, and implementing the right cybersecurity standards and strategies for securing M2M communications in the IIoT.

Project description:Typically, Cyber-Physical Systems (CPS) involve various interconnected systems, which can monitor and manipulate real objects and processes. They are closely related to Internet of Things (IoT) systems, except that CPS focuses on the interaction between physical, networking and computation processes. Their integration with IoT led to a new CPS aspect, the Internet of Cyber-Physical Things (IoCPT). The fast and significant evolution of CPS affects various aspects in people's way of life and enables a wider range of services and applications including e-Health, smart homes, e-Commerce, etc. However, interconnecting the cyber and physical worlds gives rise to new dangerous security challenges. Consequently, CPS security has attracted the attention of both researchers and industries. This paper surveys the main aspects of CPS and the corresponding applications, technologies, and standards. Moreover, CPS security vulnerabilities, threats and attacks are reviewed, while the key issues and challenges are identified. Additionally, the existing security measures are presented and analyzed while identifying their main limitations. Finally, several suggestions and recommendations are proposed benefiting from the lessons learned throughout this comprehensive review.