| 1. |
- Jiang, Xiangyi, et al.
(författare)
-
Molecular design opportunities presented by solvent-exposed regions of target proteins
- 2019
-
Ingår i: Medicinal research reviews (Print). - : John Wiley & Sons. - 0198-6325 .- 1098-1128. ; 39:6, s. 2194-2238
-
Forskningsöversikt (refereegranskat)abstract
- Solvent-exposed regions, or solvent-filled pockets, within or adjacent to the ligand-binding sites of drug-target proteins provide opportunities for substantial modifications of existing small-molecular drug molecules without serious loss of activity. In this review, we present recent selected examples of exploitation of solvent-exposed regions of proteins in drug design and development from the recent medicinal-chemistry literature.
|
|
| 2. |
- Jiang, Yuning, 1993-, et al.
(författare)
-
Cyber-Physical Systems Security Based on A Cross-Linked and Correlated Vulnerability Database
- 2019
-
Ingår i: Critical Information Infrastructures Security. - Cham : Springer. - 9783030376697 - 9783030376703 ; , s. 71-82
-
Bokkapitel (refereegranskat)abstract
- Recent advances in data analytics prompt dynamic datadriven vulnerability assessments whereby data contained from vulnerabilityalert repositories as well as from Cyber-physical System (CPS) layer networks and standardised enumerations. Yet, current vulnerability assessment processes are mostly conducted manually. However, the huge volume of scanned data requires substantial information processing and analytical reasoning, which could not be satisfied considering the imprecision of manual vulnerability analysis. In this paper, we propose to employ a cross-linked and correlated database to collect, extract, filter and visualise vulnerability data across multiple existing repositories, whereby CPS vulnerability information is inferred. Based on our locally-updated database, we provide an in-depth case study on gathered CPS vulnerability data, to explore the trends of CPS vulnerability. In doing so, we aim to support a higher level of automation in vulnerability awareness and back risk-analysis exercises in critical infrastructures (CIs) protection.
|
|
| 3. |
- Jiang, Yuning, 1993-
(författare)
-
Dynamic and Automatic Vulnerability Assessment for Cyber-Physical System
- 2019
-
Konferensbidrag (övrigt vetenskapligt/konstnärligt)abstract
- Assessing vulnerabilities supports analytics-based decision-making processes to protect Critical Infrastructures (CIs), in order to focus on specific risks rising from threat-exploitability with varying degrees of impact-severity. The notion of risk remains elusive, as evidenced by the increasing investigations on CIs security operations centres (SOCs) where analysts employ various detection, assessment, and defence mechanisms to monitor security events. Normally, SOCs involve advances of multiple automated security tools such as network vulnerability scanners and Common Vulnerability Scoring System (CVSS), combined with analysis of data contained and produced by cyber-physical system (CPS) as well as alarms retrieved from vulnerability repositories such as Common Vulnerability Exposure (CVE). The security operators need further to forecast the match between these vulnerabilities and the state of intricate CIs layer networks, while prioritising patching investments using vulnerability-scoring mechanisms. This process shows the central role of security operators in SOCs and their need for support to keep pace with dynamically evolving vulnerability-alert repositories. Recent advances in data analytics also prompt dynamic data-driven vulnerability assessments whereby data contained and produced by CPS include hidden traces of vulnerability fingerprints. However, the huge volume of scanned data requires high capability of information processing and analytical reasoning, which could not be satisfied considering the imprecise nature of manual vulnerability assessment.A knowledge-base system that consolidates both sides into empirical rules appears to be missing, yet it promises to offer a suitable level of decision-support. In our research, we propose a dynamic and automated vulnerability-assessment approach. The proposed streamlined approach employs computational intelligence techniques to analyse data retrieved from vulnerability-alert repositories and CPS layer networks within an innovative accurate and automatic scoring system, away from traditional manual and highly subjective mechanisms. Our approach suggests to substitute offline, costly, error-prone and pure subjective vulnerability assessment processes with an automatic, accurate and data-evidenced approach, to improve situation awareness and to support security decision making. In doing so, we investigate judicious computational-intelligence techniques such as fuzzy-logic, machine learning and data mining, applied to vulnerability assessment problems.
|
|
| 4. |
- Jiang, Yuning, 1993-
(författare)
-
Dynamic Vulnerability Analysis in Cyberphysical Systems
- 2019
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- The growth and the complexity scale of Cyber-Physical Systems (CPSs) are ever-evolving due to the fast expansion of networked applications in smart-x systems, which are overseeing critical infrastructures such as the smart-grid. These smart networked systems use a network of embedded sensors, platforms and actuators to perceive and affect a physical process that typically requires guaranteed quality-of-service performances provided by safety-critical applications. The confluence of sensors, platforms and networks is also nourishing the expansion of the emerging Internet of Things (IoT) area. However, these developments lead to increased surfaces that are vulnerable to cyberattacks.Since the capability of attackers and the trust in networked-components are subject to substantial variability, a dynamic-vulnerability assessment is advocated in this study, in contrast to traditional static-approaches. Recent advances in data analytics prompt dynamic data-driven vulnerability assessments, whereby data contained and produced by CPS cyber-components include hidden traces of vulnerability fingerprints. However, the imprecise nature of vulnerability assessment and the huge volume of scanned data call for computational intelligence techniques to analyse such data. We first investigate computational models to capture semantic properties related to vulnerability concepts revolving around CPS components. This study reveals salient metrics and related measurements used to quantify CPS component vulnerabilities. We show the potential of applying fuzzy-logic techniques to diagnose vulnerability, and infer objective vulnerability scores. Then, we examine computational methods to extract meaning from text by mining online public-repositories of published vulnerabilities and discovering potential vulnerability-matches in a given CPS infrastructure. Graph-mining techniques are also explored to identify critical-assets of CPS infrastructure to weigh vulnerabilities, considering topological structures and functional features. In this proposal, we explore the state of the art and highlight the drawbacks of current research approaches in CPS vulnerability assessment area, based on which, we build our research questions with the purpose to piece together solution elements for the stated problem. In doing so, computational intelligence techniques such as fuzzy-logic and machine-learning, are investigated in order (a) to reduce existing security management gaps induced by ad-hoc and subjective vulnerability auditing processes, (b) to narrow further the risk window induced by discoverable vulnerabilities, and (c) to increase the level of automation in vulnerability analysis, at various levels of the CPS architecture.
|
|
