Abstract
In 2017, a Price Waterhouse report on intelligent cities advised that technology would be a key enabler for efficient management of resources for overpopulated cities. The increased reliance on technology to drive daily lives of people is the main reason why many believe that smart technology is a major part of intelligent cities. By design, intelligent cities are heavily reliant on connected devices. Consequently, reliance on technology poses the risk that any disruption of technology-based services may put human lives in danger. In this context, attacks on technological frameworks can mean attacks on the entire city. Unfortunately, there is no existing technology that is able to successfully defend against such cyberattacks. In this research, the authors review the concepts, principles, and technologies, and propose an approach for a cyber defence system, based on artificial intelligence and machine learning, to detect and prevent an integrated cyberattack.
TopIntroduction
With the world population rapidly growing and the majority residing in urban areas, an increasing demand is being placed on the infrastructure, systems and technologies of cities in order to best serve their people. As an indicator of our increasing reliance on technology, statistics show that the number of smartphone users in the world is expected to pass the five billion mark by the end of 2019 (PWC, 2018). This population growth coupled with modern technological advancements has coincided with the emergence of something known as a smart city. The objective of an intelligent city, also known as smart city or digital city, is to best address the complex needs of modern business organisations, government departments, technological infrastructures, security and privacy of citizens, and of course the citizens themselves (Khatoun & Zeadally, 2016). It has been widely reported that the intelligent city market is expected to exceed $2.5 trillion by 2025 (PWC, 2018).
An intelligent city, also known as smart city, can be defined as “an environment of diverse and interconnected components constantly exchanging data through the use of intelligent technologies and platforms including the Internet of Things (IoT) and the Cloud based technologies (Zubair A. Baig, 2017). Similarly, the work of Ivezic (2016) defines an intelligent city as “an urbanized area where multiple sectors cooperate to achieve sustainable outcomes through the analysis of contextual real-time information shared among sector-specific information and operational technology systems”. Within the available literature, it is evident that for a city to be considered intelligent or smart, it is critical for the information processing and data exchange to be constantly occurring in real-time for quick decision making. Many aspects of modern life such as healthcare, commerce, manufacturing, education, provision of utilities, and transportation are now incorporating smart technologies. Even within homes, smart technology is increasingly present in everyday devices such as televisions, refrigerators, security cameras and thermostats (Elmaghraby & Losavio, 2014).
When we consider the vast amount of data produced and stored by intelligent city technologies, one of the key aspects to address within intelligent city development and management is the necessity to appropriately manage cyber-security and mitigate cyber-crimes. Cyber-attacks are becoming increasingly prevalent as technology manifests itself as indispensable in a modern society. According to Dilek et al. (2015), cyber-crime can be defined as “any crime that is facilitated or committed using a computer, network, or hardware device” and can consist of offenses such as computer intrusions, misuse of intellectual property rights, theft of data, denial of an electronic service, economic espionage, online extortion, international money laundering, non-delivery of goods or services, as well as many other related threats and offenses.
With the number of cyber-attacks and cyber-criminals increasing exponentially, it is becoming more and more difficult to safeguard personal, business related, and even government departmental technologies and the subsequent data contained in technological smart devices. It can be argued that most cybercrimes simply represent the migration of real-world crimes to cyberspace, providing criminals with new ways to commit old crimes (Brenner, 2010). Additionally, it is even more apparent that unlike traditional crime, human intervention is inadequate to address these cyber-criminal activities and to avoid the damage associated with such offences.
Furthermore, as new forms of cyber-crime develop, almost daily, the legislation associated with the crimes fail to keep up, making it even more difficult to develop appropriate jurisdiction and hold criminals accountable (Clough, 2015). Additionally, such advanced information technology has facilitated the globalization of cyber-crimes by eliminating country borders and making it much harder to monitor, detect, prevent or capture cyber criminals (Dilek et al., 2015).
Key Terms in this Chapter
Vulnerability: A vulnerability is a weakness or flaw that exists in a system due to design, operation procedures or implementation fault. A vulnerability may result in cyber-attack to compromise a system. Result may be data theft, denial of service, or an attempt to access and modify files.
Cyber Defence Framework: A set of cybersecurity mechanisms that aim at detecting cyber threats and resolution of such threats. Frameworks also provide detailed guidance to an organisation to align its cybersecurity activities with its business requirements, risk tolerances, and resources.
Cyber Threat: A cyber threat refers to the possibility of a cyber attack on IT related systems and devices. Threat may result in a malicious attempt, or develop into a security attack, through cyberspace with the purpose to cause damage or disrupt a computer network or system, Examples are data theft, denial of service, attempt to access files or steal confidential data.
Artificial Intelligence Cyber Defence System: AI systems being applied to detect vulnerabilities and execute response actions toward cyberattacks. Features may include self-healing, cyber defence, decision-support, risk management, pattern detection, cyber situation consciousness, projection, malware recognition, and data correlation. The goal is to strengthen the communication and information systems security by providing AI-based network resilience, prevention, and protection against cyber threats.
Cyber Attack: A cyberattack is a malicious action taken deliberately to exploit a computer system, networks and technology-dependent enterprises to cause damage or disrupt a computer network or system which may involve the attempt to access files and infiltrate, steal confidential data or compromise an IT related system. Result may be data theft, denial of service, attempt to access files and compromise security.
Internet of Things (IoT): This refers to a network of connected devices for generation, storage and transmission of data. Devices may be computing equipment, sensor-based objects, smart devices, mobile phones, etc. This is the latest networking paradigm: applications include smart cities, internet of vehicles, industrial internet of things, etc.
Smart City: A smart or intelligent city refer to new breed of technology -cities. Its elements include smart homes, smart manufacturing, intelligent transportation, etc. Development and management of such cities is technology based. The goal is to enable people living more comfortably in smart homes and work in more desirable environments.