Biblio

Found 142 results

Filters: Keyword is cybersecurity  [Clear All Filters]
2020-04-06
Erfani, Shervin, Ahmadi, Majid.  2019.  Bitcoin Security Reference Model: An Implementation Platform. 2019 International Symposium on Signals, Circuits and Systems (ISSCS). :1–5.
Bitcoin is a cryptocurrency which acts as an application protocol that works on top of the IP protocol. This paper focuses on distinct Bitcoin security features, including security services, mechanisms, and algorithms. Further, we propose a well-defined security functional architecture to minimize security risks. The security features and requirements of Bitcoin have been structured in layers.
2020-05-22
Sneps-Sneppe, Manfred, Namiot, Dmitry.  2019.  The curse of software: Pentagon telecommunications case. 2019 International Symposium on Systems Engineering (ISSE). :1—8.
A main goal of the paper is to discuss the world telecommunications strategy in transition to the IP world. The paper discuss the shifting from circuit switching to packet switching in telecommunications and show the main obstacle is excessive software. As a case, we are passing through the three generations of American military communications: (1) implementation of signaling protocol SS7 and Advanced Intelligent Network, (2) transformation from SS7 to IP protocol and, finally, (3) the extremely ambitious cybersecurity issues. We use the newer unclassified open Defense Information Systems Agency documents, particularly: Department of Defense Information Enterprise Architecture; Unified Capabilities the Army. We discuss the newer US Government Accountability Office (2018) report on military equipment cyber vulnerabilities.
2020-04-17
Almousa, May, Anwar, Mohd.  2019.  Detecting Exploit Websites Using Browser-based Predictive Analytics. 2019 17th International Conference on Privacy, Security and Trust (PST). :1—3.
The popularity of Web-based computing has given increase to browser-based cyberattacks. These cyberattacks use websites that exploit various web browser vulnerabilities. To help regular users avoid exploit websites and engage in safe online activities, we propose a methodology of building a machine learning-powered predictive analytical model that will measure the risk of attacks and privacy breaches associated with visiting different websites and performing online activities using web browsers. The model will learn risk levels from historical data and metadata scraped from web browsers.
2020-02-17
Moquin, S. J., Kim, SangYun, Blair, Nicholas, Farnell, Chris, Di, Jia, Mantooth, H. Alan.  2019.  Enhanced Uptime and Firmware Cybersecurity for Grid-Connected Power Electronics. 2019 IEEE CyberPELS (CyberPELS). :1–6.
A distributed energy resource prototype is used to show cybersecurity best practices. These best practices include straightforward security techniques, such as encrypted serial communication. The best practices include more sophisticated security techniques, such as a method to evaluate and respond to firmware integrity at run-time. The prototype uses embedded Linux, a hardware-assisted monitor, one or more digital signal processors, and grid-connected power electronics. Security features to protect communication, firmware, power flow, and hardware are developed. The firmware run-time integrity security is presently evaluated, and shown to maintain power electronics uptime during firmware updating. The firmware run-time security feature can be extended to allow software rejuvenation, multi-mission controls, and greater flexibility and security in controls.
Rodriguez, Ariel, Okamura, Koji.  2019.  Generating Real Time Cyber Situational Awareness Information Through Social Media Data Mining. 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC). 2:502–507.
With the rise of the internet many new data sources have emerged that can be used to help us gain insights into the cyber threat landscape and can allow us to better prepare for cyber attacks before they happen. With this in mind, we present an end to end real time cyber situational awareness system which aims to efficiently retrieve security relevant information from the social networking site Twitter.com. This system classifies and aggregates the data retrieved and provides real time cyber situational awareness information based on sentiment analysis and data analytics techniques. This research will assist security analysts to evaluate the level of cyber risk in their organization and proactively take actions to plan and prepare for potential attacks before they happen as well as contribute to the field through a cybersecurity tweet dataset.
Asadi, Nima, Rege, Aunshul, Obradovic, Zoran.  2019.  Pattern Discovery in Intrusion Chains and Adversarial Movement. 2019 International Conference on Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA). :1–4.
Capturing the patterns in adversarial movement can present crucial insight into team dynamics and organization of cybercrimes. This information can be used for additional assessment and comparison of decision making approaches during cyberattacks. In this study, we propose a data-driven analysis based on time series analysis and social networks to identify patterns and alterations in time allocated to intrusion stages and adversarial movements. The results of this analysis on two case studies of collegiate cybersecurity exercises is provided as well as an analytical comparison of their behavioral trends and characteristics. This paper presents preliminary insight into complexities of individual and group level adversarial movement and decision-making as cyberattacks unfold.
2020-03-18
Promyslov, Vitaly, Jharko, Elena, Semenkov, Kirill.  2019.  Principles of Physical and Information Model Integration for Cybersecurity Provision to a Nuclear Power Plant. 2019 Twelfth International Conference "Management of large-scale system development" (MLSD). :1–3.
For complex technical objects the research of cybersecurity problems should take into account both physical and information properties of the object. The paper considers a hybrid model that unifies information and physical models and may be used as a tool for countering cyber threats and for cybersecurity risk assessment at the design and operational stage of an object's lifecycle.
2019-12-02
Ibarra, Jaime, Javed Butt, Usman, Do, Anh, Jahankhani, Hamid, Jamal, Arshad.  2019.  Ransomware Impact to SCADA Systems and its Scope to Critical Infrastructure. 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3). :1–12.
SCADA systems are being constantly migrated to modern information and communication technologies (ICT) -based systems named cyber-physical systems. Unfortunately, this allows attackers to execute exploitation techniques into these architectures. In addition, ransomware insertion is nowadays the most popular attacking vector because it denies the availability of critical files and systems until attackers receive the demanded ransom. In this paper, it is analysed the risk impact of ransomware insertion into SCADA systems and it is suggested countermeasures addressed to the protection of SCADA systems and its components to reduce the impact of ransomware insertion.
2020-01-13
Shen, Yitong, Wang, Lingfeng, Lau, Jim Pikkin, Liu, Zhaoxi.  2019.  A Robust Control Architecture for Mitigating Sensor and Actuator Attacks on PV Converter. 2019 IEEE PES GTD Grand International Conference and Exposition Asia (GTD Asia). :970–975.
The cybersecurity of the modern control system is becoming a critical issue to the cyber-physical systems (CPS). Mitigating potential cyberattacks in the control system is an important concern in the controller design to enhance the resilience of the overall system. This paper presents a novel robust control architecture for the PV converter system to mitigate the sensor and actuator attack and reduce the influence of the system uncertainty. The sensor and actuator attack is a vicious attack scenario when the attack signals are injected into the sensor and actuator in a CPS simultaneously. A p-synthesis robust control architecture is proposed to mitigate the sensor and actuator attack and limit the system uncertainty perturbations in a DC-DC photovoltaic (PV) converter. A new system state matrix and control architecture is presented by integrating the original system state, injected attack signals and system uncertainty perturbations. In the case study, the proposed μ-synthesis robust controller exhibits a robust performance in the face of the sensor and actuator attack.
2020-06-01
Wang, He, Wu, Bin.  2019.  SDN-based hybrid honeypot for attack capture. 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). :1602–1606.
Honeypots have become an important tool for capturing attacks. Hybrid honeypots, including the front end and the back end, are widely used in research because of the scalability of the front end and the high interactivity of the back end. However, traditional hybrid honeypots have some problems that the flow control is difficult and topology simulation is not realistic. This paper proposes a new architecture based on SDN applied to the hybrid honeypot system for network topology simulation and attack traffic migration. Our system uses the good expansibility and controllability of the SDN controller to simulate a large and realistic network to attract attackers and redirect high-level attacks to a high-interaction honeypot for attack capture and further analysis. It improves the deficiencies in the network spoofing technology and flow control technology in the traditional honeynet. Finally, we set up the experimental environment on the mininet and verified the mechanism. The test results show that the system is more intelligent and the traffic migration is more stealthy.
2020-04-13
Lange, Thomas, Kettani, Houssain.  2019.  On Security Threats of Botnets to Cyber Systems. 2019 6th International Conference on Signal Processing and Integrated Networks (SPIN). :176–183.
As the dynamics of cyber warfare continue to change, it is very important to be aware of the issues currently confronting cyberspace. One threat which continues to grow in the danger it poses to cyber security are botnets. Botnets can launch massive Distributed Denial of Service (DDoS) attacks against internet connected hosts anonymously, undertake intricate spam campaigns, launch mass financial fraud campaigns, and even manipulate public opinion via social media bots. The network topology and technology undergirding each botnet varies greatly, as do the motivations commonly behind such networks. Furthermore, as botnets have continued to evolve, many newer ones demonstrate increased levels of anonymity and sophistication, making it more difficult to effectively counter them. Increases in the production of vulnerable Internet of Things (IoT) devices has made it easier for malicious actors to quickly assemble sizable botnets. Because of this, the steps necessary to stop botnets also vary, and in some cases, it may be extremely difficult to effectively defeat a fully functional and sophisticated botnet. While in some cases, the infrastructure supporting the botnet can be targeted and remotely disabled, other cases require the physical assistance of law enforcement to shut down the botnet. In the latter case, it is often a significant challenge to cheaply end a botnet. On the other hand, there are many steps and mitigations that can be taken by end-users to prevent their own devices from becoming part of a botnet. Many of these solutions involve implementing basic cybersecurity practices like installing firewalls and changing default passwords. More sophisticated botnets may require similarly sophisticated intrusion detection systems, to detect and remove malicious infections. Much research has gone into such systems and in recent years many researchers have begun to implement machine learning techniques to defeat botnets. This paper is intended present a review on botnet evolution, trends and mitigations, and offer related examples and research to provide the reader with quick access to a broad understanding of the issues at hand.
2020-03-18
Li, Tao, Guo, Yuanbo, Ju, Ankang.  2019.  A Self-Attention-Based Approach for Named Entity Recognition in Cybersecurity. 2019 15th International Conference on Computational Intelligence and Security (CIS). :147–150.
With cybersecurity situation more and more complex, data-driven security has become indispensable. Numerous cybersecurity data exists in textual sources and data analysis is difficult for both security analyst and the machine. To convert the textual information into structured data for further automatic analysis, we extract cybersecurity-related entities and propose a self-attention-based neural network model for the named entity recognition in cybersecurity. Considering the single word feature not enough for identifying the entity, we introduce CNN to extract character feature which is then concatenated into the word feature. Then we add the self-attention mechanism based on the existing BiLSTM-CRF model. Finally, we evaluate the proposed model on the labelled dataset and obtain a better performance than the previous entity extraction model.
Wang, Johnson J. H..  2019.  Solving Cybersecurity Problem by Symmetric Dual-Space Formulation—Physical and Cybernetic. 2019 IEEE International Symposium on Antennas and Propagation and USNC-URSI Radio Science Meeting. :601–602.
To address cybersecurity, this author proposed recently the approach of formulating it in symmetric dual-space and dual-system. This paper further explains this concept, beginning with symmetric Maxwell Equation (ME) and Fourier Transform (FT). The approach appears to be a powerful solution, with wide applications ranging from Electronic Warfare (EW) to 5G Mobile, etc.
2020-04-03
Sadique, Farhan, Bakhshaliyev, Khalid, Springer, Jeff, Sengupta, Shamik.  2019.  A System Architecture of Cybersecurity Information Exchange with Privacy (CYBEX-P). 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC). :0493—0498.
Rapid evolution of cyber threats and recent trends in the increasing number of cyber-attacks call for adopting robust and agile cybersecurity techniques. Cybersecurity information sharing is expected to play an effective role in detecting and defending against new attacks. However, reservations and or-ganizational policies centering the privacy of shared data have become major setbacks in large-scale collaboration in cyber defense. The situation is worsened by the fact that the benefits of cyber-information exchange are not realized unless many actors participate. In this paper, we argue that privacy preservation of shared threat data will motivate entities to share threat data. Accordingly, we propose a framework called CYBersecurity information EXchange with Privacy (CYBEX-P) to achieve this. CYBEX-P is a structured information sharing platform with integrating privacy-preserving mechanisms. We propose a complete system architecture for CYBEX-P that guarantees maximum security and privacy of data. CYBEX-P outlines the details of a cybersecurity information sharing platform. The adoption of blind processing, privacy preservation, and trusted computing paradigms make CYBEX-P a versatile and secure information exchange platform.
2020-02-17
Letychevskyi, Oleksandr.  2019.  Two-Level Algebraic Method for Detection of Vulnerabilities in Binary Code. 2019 10th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS). 2:1074–1077.
This study introduces formal methods for detection of vulnerabilities in binary code. It considers the transformation of binary code into behavior algebra expressions and formalization of vulnerabilities. The detection method has two levels: behavior matching and symbolic execution with vulnerability pattern matching. This enables more efficient performance.
Ullah, Imtiaz, Mahmoud, Qusay H..  2019.  A Two-Level Hybrid Model for Anomalous Activity Detection in IoT Networks. 2019 16th IEEE Annual Consumer Communications Networking Conference (CCNC). :1–6.
In this paper we propose a two-level hybrid anomalous activity detection model for intrusion detection in IoT networks. The level-1 model uses flow-based anomaly detection, which is capable of classifying the network traffic as normal or anomalous. The flow-based features are extracted from the CICIDS2017 and UNSW-15 datasets. If an anomaly activity is detected then the flow is forwarded to the level-2 model to find the category of the anomaly by deeply examining the contents of the packet. The level-2 model uses Recursive Feature Elimination (RFE) to select significant features and Synthetic Minority Over-Sampling Technique (SMOTE) for oversampling and Edited Nearest Neighbors (ENN) for cleaning the CICIDS2017 and UNSW-15 datasets. Our proposed model precision, recall and F score for level-1 were measured 100% for the CICIDS2017 dataset and 99% for the UNSW-15 dataset, while the level-2 model precision, recall, and F score were measured at 100 % for the CICIDS2017 dataset and 97 % for the UNSW-15 dataset. The predictor we introduce in this paper provides a solid framework for the development of malicious activity detection in IoT networks.
2020-02-26
Sokolov, S. A., Iliev, T. B., Stoyanov, I. S..  2019.  Analysis of Cybersecurity Threats in Cloud Applications Using Deep Learning Techniques. 2019 42nd International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO). :441–446.

In this paper we present techniques based on machine learning techniques on monitoring data for analysis of cybersecurity threats in cloud environments that incorporate enterprise applications from the fields of telecommunications and IoT. Cybersecurity is a term describing techniques for protecting computers, telecommunications equipment, applications, environments and data. In modern networks enormous volume of generated traffic can be observed. We propose several techniques such as Support Vector Machines, Neural networks and Deep Neural Networks in combination for analysis of monitoring data. An approach for combining classifier results based on performance weights is proposed. The proposed approach delivers promising results comparable to existing algorithms and is suitable for enterprise grade security applications.

2020-01-21
Abdelghani, TSCHROUB.  2019.  Industrial Control Systems (Ics) Security in Power Transmission Network. 2019 Algerian Large Electrical Network Conference (CAGRE). :1–4.

The goal of this document is to provide knowledge of Security for Industrial Control Systems (ICS,) such as supervisory control and data acquisition (SCADA) which is implemented in power transmission network, power stations, power distribution grids and other big infrastructures that affect large number of persons and security of nations. A distinction between IT and ICS security is given to make a difference between the two disciplines. In order to avoid intrusion and destruction of industrials plants, some recommendations are given to preserve their security.

2019-08-26
Markakis, E., Nikoloudakis, Y., Pallis, E., Manso, M..  2019.  Security Assessment as a Service Cross-Layered System for the Adoption of Digital, Personalised and Trusted Healthcare. 2019 IEEE 5th World Forum on Internet of Things (WF-IoT). :91-94.

The healthcare sector is exploring the incorporation of digital solutions in order to improve access, reduce costs, increase quality and enhance their capacity in reaching a higher number of citizens. However, this opens healthcare organisations' systems to external elements used within or beyond their premises, new risks and vulnerabilities in what regards cyber threats and incidents. We propose the creation of a Security Assessment as a Service (SAaaS) crosslayered system that is able to identify vulnerabilities and proactively assess and mitigate threats in an IT healthcare ecosystem exposed to external devices and interfaces, considering that most users are not experts (even technologically illiterate") in cyber security and, thus, unaware of security tactics or policies whatsoever. The SAaaS can be integrated in an IT healthcare environment allowing the monitoring of existing and new devices, the limitation of connectivity and privileges to new devices, assess a device's cybersecurity risk and - based on the device's behaviour - the assignment and revoking of privileges. The SAaaS brings a controlled cyber aware environment that assures security, confidentiality and trust, even in the presence of non-trusted devices and environments.

2020-04-10
Kikuchi, Masato, Okubo, Takao.  2019.  Power of Communication Behind Extreme Cybersecurity Incidents. 2019 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). :315—319.
There are increasing threats for cyberspace. This paper tries to identify how extreme cybersecurity incidents occur based on the scenario of a targeted attack through emails. Knowledge on how extreme cybersecurity incidents occur helps in identifying the key points on how they can be prevented from occurring. The model based on system thinking approach to the understanding how communication influences entities and how tiny initiating events scale up into extreme events provides a condensed figure of the cyberspace and surrounding threats. By taking cyberspace layers and characteristics of cyberspace identified by this model into consideration, it predicts most suitable risk mitigations.
2019-09-24
Herbert Lin, Jaclynn Kerr.  2019.  On Cyber-Enabled Information Warfare and Information Operations. forthcoming, Oxford Handbook of Cybersecurity. :29pages.

The United States has no peer competitors in conventional military power. But its adversaries are increasingly turning to asymmetric methods for engaging in conflict. Much has been written about cyber warfare as a domain that offers many adversaries ways to counter the U.S. conventional military advantages, but for the most part, U.S. capabilities for prosecuting cyber warfare are as potent as those of any other nation. This paper advances the idea of cyber-enabled information warfare and influence operations (IWIO) as a form of conflict or confrontation to which the United States (and liberal democracies more generally) are particularly vulnerable and are not particularly potent compared to the adversaries who specialize in this form of conflict. IWIO is the deliberate use of information against an adversary to confuse, mislead, and perhaps to influence the choices and decisions that the adversary makes. IWIO is a hostile activity, or at least an activity that is conducted between two parties whose interests are not well-aligned, but it does not constitute warfare in the sense that international law or domestic institutions construe it. Cyber-enabled IWIO exploits modern communications technologies to obtain benefits afforded by high connectivity, low latency, high degrees of anonymity, insensitivity to distance and national borders, democratized access to publishing capabilities, and inexpensive production and consumption of information content. Some approaches to counter IWIO show some promise of having some modest but valuable defensive effect. But on the whole, there are no good solutions for large-scale countering of IWIO in free and democratic societies. Development of new tactics and responses is therefore needed.

2020-03-18
Van, Hao, Nguyen, Huyen N., Hewett, Rattikorn, Dang, Tommy.  2019.  HackerNets: Visualizing Media Conversations on Internet of Things, Big Data, and Cybersecurity. 2019 IEEE International Conference on Big Data (Big Data). :3293–3302.
The giant network of Internet of Things establishes connections between smart devices and people, with protocols to collect and share data. While the data is expanding at a fast pace in this era of Big Data, there are growing concerns about security and privacy policies. In the current Internet of Things ecosystems, at the intersection of the Internet of Things, Big Data, and Cybersecurity lies the subject that attracts the most attention. In aiding users in getting an adequate understanding, this paper introduces HackerNets, an interactive visualization for emerging topics in the crossing of IoT, Big Data, and Cybersecurity over time. To demonstrate the effectiveness and usefulness of HackerNets, we apply and evaluate the technique on the dataset from the social media platform.
2019-12-02
Kelly, Daniel M., Wellons, Christopher C., Coffman, Joel, Gearhart, Andrew S..  2019.  Automatically Validating the Effectiveness of Software Diversity Schemes. 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks – Supplemental Volume (DSN-S). :1–2.
Software diversity promises to invert the current balance of power in cybersecurity by preventing exploit reuse. Nevertheless, the comparative evaluation of diversity techniques has received scant attention. In ongoing work, we use the DARPA Cyber Grand Challenge (CGC) environment to assess the effectiveness of diversifying compilers in mitigating exploits. Our approach provides a quantitative comparison of diversity strategies and demonstrates wide variation in their effectiveness.
2019-09-10
Zeljka Zorz.  2019.  How human bias impacts cybersecurity decision making. Help Net Security.

Psychologist and Principal Research Scientist at Forecepoint, Dr. Margaret Cunningham, conducted a study in which she examined the impacts of six different unconscious human biases on decision-making in cybersecurity. Awareness and understanding surrounding cognitive biases in the realm of cybersecurity should be increased in order to reduce biased decision-making in the performance of activities such as threat analysis and prevent the design of systems that perpetuate biases.

2019-09-24
Gomez, Steven R., Mancuso, Vincent, Staheli, Diane.  2019.  Considerations for Human-Machine Teaming in Cybersecurity. Augmented Cognition. :153–168.

Understanding cybersecurity in an environment is uniquely challenging due to highly dynamic and potentially-adversarial activity. At the same time, the stakes are high for performance during these tasks: failures to reason about the environment and make decisions can let attacks go unnoticed or worsen the effects of attacks. Opportunities exist to address these challenges by more tightly integrating computer agents with human operators. In this paper, we consider implications for this integration during three stages that contribute to cyber analysts developing insights and conclusions about their environment: data organization and interaction, toolsmithing and analytic interaction, and human-centered assessment that leads to insights and conclusions. In each area, we discuss current challenges and opportunities for improved human-machine teaming. Finally, we present a roadmap of research goals for advanced human-machine teaming in cybersecurity operations.