Visible to the public Biblio

Found 107 results

Filters: Keyword is cybersecurity  [Clear All Filters]
McMahon, E., Patton, M., Samtani, S., Chen, H..  2018.  Benchmarking Vulnerability Assessment Tools for Enhanced Cyber-Physical System (CPS) Resiliency. 2018 IEEE International Conference on Intelligence and Security Informatics (ISI). :100–105.
Cyber-Physical Systems (CPSs) are engineered systems seamlessly integrating computational algorithms and physical components. CPS advances offer numerous benefits to domains such as health, transportation, smart homes and manufacturing. Despite these advances, the overall cybersecurity posture of CPS devices remains unclear. In this paper, we provide knowledge on how to improve CPS resiliency by evaluating and comparing the accuracy, and scalability of two popular vulnerability assessment tools, Nessus and OpenVAS. Accuracy and suitability are evaluated with a diverse sample of pre-defined vulnerabilities in Industrial Control Systems (ICS), smart cars, smart home devices, and a smart water system. Scalability is evaluated using a large-scale vulnerability assessment of 1,000 Internet accessible CPS devices found on Shodan, the search engine for the Internet of Things (IoT). Assessment results indicate several CPS devices from major vendors suffer from critical vulnerabilities such as unsupported operating systems, OpenSSH vulnerabilities allowing unauthorized information disclosure, and PHP vulnerabilities susceptible to denial of service attacks.
Belozubova, A., Epishkina, A., Kogos, K..  2018.  Dummy Traffic Generation to Limit Timing Covert Channels. 2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). :1472-1476.
Covert channels are used to hidden transmit information and violate the security policy. What is more it is possible to construct covert channel in such manner that protection system is not able to detect it. IP timing covert channels are objects for research in the article. The focus of the paper is the research of how one can counteract an information leakage by dummy traffic generation. The covert channel capacity formula has been obtained in case of counteraction. In conclusion, the examples of counteraction tool parameter calculation are given.
Markakis, E., Nikoloudakis, Y., Pallis, E., Manso, M..  2019.  Security Assessment as a Service Cross-Layered System for the Adoption of Digital, Personalised and Trusted Healthcare. 2019 IEEE 5th World Forum on Internet of Things (WF-IoT). :91-94.

The healthcare sector is exploring the incorporation of digital solutions in order to improve access, reduce costs, increase quality and enhance their capacity in reaching a higher number of citizens. However, this opens healthcare organisations' systems to external elements used within or beyond their premises, new risks and vulnerabilities in what regards cyber threats and incidents. We propose the creation of a Security Assessment as a Service (SAaaS) crosslayered system that is able to identify vulnerabilities and proactively assess and mitigate threats in an IT healthcare ecosystem exposed to external devices and interfaces, considering that most users are not experts (even technologically illiterate") in cyber security and, thus, unaware of security tactics or policies whatsoever. The SAaaS can be integrated in an IT healthcare environment allowing the monitoring of existing and new devices, the limitation of connectivity and privileges to new devices, assess a device's cybersecurity risk and - based on the device's behaviour - the assignment and revoking of privileges. The SAaaS brings a controlled cyber aware environment that assures security, confidentiality and trust, even in the presence of non-trusted devices and environments.

Mtsweni, Jabu, Gcaza, Noluxolo, Thaba, Mphahlele.  2018.  A Unified Cybersecurity Framework for Complex Environments. Proceedings of the Annual Conference of the South African Institute of Computer Scientists and Information Technologists. :1–9.
Information and Communication Technologies (ICTs) present a number of vulnerabilities, threats and risks that could lead to devastating cyber-attacks resulting into huge financial losses, legal implications, and reputational damage for large and small organizations. As such, in this digital transformation and 4th industrial revolution era, nations and organizations have accepted that cybersecurity must be part of their strategic objectives and priorities. However, cybersecurity in itself is a multifaceted problem to address and the voluntary "one-size-fits-all" cybersecurity approaches have proven not effective in dealing with cyber incidents, especially in complex operational environments (e.g. large technology-centric organizations) that are multi-disciplinary, multi-departmental, multi-role, multinational, and operating across different locations. Addressing modern cybersecurity challenges requires more than a technical solution. A contextual and systematic approach that considers the complexities of these large digital environments in order to achieve resilient, sustainable, cost-effective and proactive cybersecurity is desirable. This paper aims to highlight through a single case study approach the multifaceted nature and complexity of the cybersecurity environment, pertinently in multi-disciplinary organizations. Essentially, this paper contributes a unified cybersecurity framework underpinned by an integrated capability management (ICM) approach that addresses the multifaceted nature of cybersecurity as well as the challenges and requirements eminent in complex environments, such as national government, municipalities or large corporations. The unified framework incorporates realistic and practical guidelines to bridge the gap between cybersecurity capability requirements, governance instruments and cybersecurity capability specification, implementation, employment and sustainment drawing from well-tested military capability development approaches.
Zabetian-Hosseini, A., Mehrizi-Sani, A., Liu, C..  2018.  Cyberattack to Cyber-Physical Model of Wind Farm SCADA. IECON 2018 - 44th Annual Conference of the IEEE Industrial Electronics Society. :4929–4934.

In recent years, there has been a significant increase in wind power penetration into the power system. As a result, the behavior of the power system has become more dependent on wind power behavior. Supervisory control and data acquisition (SCADA) systems responsible for monitoring and controlling wind farms often have vulnerabilities that make them susceptible to cyberattacks. These vulnerabilities allow attackers to exploit and intrude in the wind farm SCADA system. In this paper, a cyber-physical system (CPS) model for the information and communication technology (ICT) model of the wind farm SCADA system integrated with SCADA of the power system is proposed. Cybersecurity of this wind farm SCADA system is discussed. Proposed cyberattack scenarios on the system are modeled and the impact of these cyberattacks on the behavior of the power systems on the IEEE 9-bus modified system is investigated. Finally, an anomaly attack detection algorithm is proposed to stop the attack of tripping of all wind farms. Case studies validate the performance of the proposed CPS model of the test system and the attack detection algorithm.

Prokofiev, A. O., Smirnova, Y. S., Surov, V. A..  2018.  A method to detect Internet of Things botnets. 2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). :105–108.

The main security problems, typical for the Internet of Things (IoT), as well as the purpose of gaining unauthorized access to the IoT, are considered in this paper. Common characteristics of the most widespread botnets are provided. A method to detect compromised IoT devices included into a botnet is proposed. The method is based on a model of logistic regression. The article describes a developed model of logistic regression which allows to estimate the probability that a device initiating a connection is running a bot. A list of network protocols, used to gain unauthorized access to a device and to receive instructions from common and control (C&C) server, is provided too.

Barrere, M., Hankin, C., Barboni, A., Zizzo, G., Boem, F., Maffeis, S., Parisini, T..  2018.  CPS-MT: A Real-Time Cyber-Physical System Monitoring Tool for Security Research. 2018 IEEE 24th International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA). :240–241.

Monitoring systems are essential to understand and control the behaviour of systems and networks. Cyber-physical systems (CPS) are particularly delicate under that perspective since they involve real-time constraints and physical phenomena that are not usually considered in common IT solutions. Therefore, there is a need for publicly available monitoring tools able to contemplate these aspects. In this poster/demo, we present our initiative, called CPS-MT, towards a versatile, real-time CPS monitoring tool, with a particular focus on security research. We first present its architecture and main components, followed by a MiniCPS-based case study. We also describe a performance analysis and preliminary results. During the demo, we will discuss CPS-MT's capabilities and limitations for security applications.

Ardi, Calvin, Heidemann, John.  2018.  Leveraging Controlled Information Sharing for Botnet Activity Detection. Proceedings of the 2018 Workshop on Traffic Measurements for Cybersecurity. :14-20.
Today's malware often relies on DNS to enable communication with command-and-control (C&C). As defenses that block C&C traffic improve, malware use sophisticated techniques to hide this traffic, including "fast flux" names and Domain-Generation Algorithms (DGAs). Detecting this kind of activity requires analysis of DNS queries in network traffic, yet these signals are sparse. As bot countermeasures grow in sophistication, detecting these signals increasingly requires the synthesis of information from multiple sites. Yet sharing security information across organizational boundaries to date has been infrequent and ad hoc because of unknown risks and uncertain benefits. In this paper, we take steps towards formalizing cross-site information sharing and quantifying the benefits of data sharing. We use a case study on DGA-based botnet detection to evaluate how sharing cybersecurity data can improve detection sensitivity and allow the discovery of malicious activity with greater precision.
Subasi, A., Al-Marwani, K., Alghamdi, R., Kwairanga, A., Qaisar, S. M., Al-Nory, M., Rambo, K. A..  2018.  Intrusion Detection in Smart Grid Using Data Mining Techniques. 2018 21st Saudi Computer Society National Computer Conference (NCC). :1-6.

The rapid growth of population and industrialization has given rise to the way for the use of technologies like the Internet of Things (IoT). Innovations in Information and Communication Technologies (ICT) carries with it many challenges to our privacy's expectations and security. In Smart environments there are uses of security devices and smart appliances, sensors and energy meters. New requirements in security and privacy are driven by the massive growth of devices numbers that are connected to IoT which increases concerns in security and privacy. The most ubiquitous threats to the security of the smart grids (SG) ascended from infrastructural physical damages, destroying data, malwares, DoS, and intrusions. Intrusion detection comprehends illegitimate access to information and attacks which creates physical disruption in the availability of servers. This work proposes an intrusion detection system using data mining techniques for intrusion detection in smart grid environment. The results showed that the proposed random forest method with a total classification accuracy of 98.94 %, F-measure of 0.989, area under the ROC curve (AUC) of 0.999, and kappa value of 0.9865 outperforms over other classification methods. In addition, the feasibility of our method has been successfully demonstrated by comparing other classification techniques such as ANN, k-NN, SVM and Rotation Forest.

Husari, G., Niu, X., Chu, B., Al-Shaer, E..  2018.  Using Entropy and Mutual Information to Extract Threat Actions from Cyber Threat Intelligence. 2018 IEEE International Conference on Intelligence and Security Informatics (ISI). :1–6.
With the rapid growth of the cyber attacks, cyber threat intelligence (CTI) sharing becomes essential for providing advance threat notice and enabling timely response to cyber attacks. Our goal in this paper is to develop an approach to extract low-level cyber threat actions from publicly available CTI sources in an automated manner to enable timely defense decision making. Specifically, we innovatively and successfully used the metrics of entropy and mutual information from Information Theory to analyze the text in the cybersecurity domain. Combined with some basic NLP techniques, our framework, called ActionMiner has achieved higher precision and recall than the state-of-the-art Stanford typed dependency parser, which usually works well in general English but not cybersecurity texts.
Cayetano, Trisha Anne, Dogao, Averyl, Guipoc, Cristopher, Palaoag, Thelma.  2018.  Cyber-Physical IT Assessment Tool and Vulnerability Assessment for Semiconductor Companies. Proceedings of the 2Nd International Conference on Cryptography, Security and Privacy. :67–71.
Information and systems are the most valuable asset of almost all global organizations. Thus, sufficient security is key to protect these assets. The reliability and security of a manufacturing company's supply chain are key concerns as it manages assurance & quality of supply. Traditional concerns such as physical security, disasters, political issues & counterfeiting remain, but cyber security is an area of growing interest. Statistics show that cyber-attacks still continue with no signs of slowing down. Technical controls, no matter how good, will only take the company thus far since no usable system is 100 percent secure or impenetrable. Evaluating the security vulnerabilities of one organization and taking the action to mitigate the risks will strengthen the layer of protection in the manufacturing company's supply chain. In this paper, the researchers created an IT Security Assessment Tool to facilitate the evaluation of the sufficiency of policy, procedures, and controls implemented by semiconductor companies. The proposed IT Security Assessment Tool was developed considering the factors that are critical in protecting the information and systems of various semiconductor companies. Subsequently, the created IT Security Assessment Tool was used to evaluate existing semiconductor companies to identify their areas of security vulnerabilities. The result shows that all suppliers visited do not have cyber security programs and most dwell on physical and network security controls. Best practices were shared and action items were suggested to improve the security controls and minimize risk of service disruption for customers, theft of sensitive data and reputation damage.
Ojagbule, O., Wimmer, H., Haddad, R. J..  2018.  Vulnerability Analysis of Content Management Systems to SQL Injection Using SQLMAP. SoutheastCon 2018. :1–7.

There are over 1 billion websites today, and most of them are designed using content management systems. Cybersecurity is one of the most discussed topics when it comes to a web application and protecting the confidentiality, integrity of data has become paramount. SQLi is one of the most commonly used techniques that hackers use to exploit a security vulnerability in a web application. In this paper, we compared SQLi vulnerabilities found on the three most commonly used content management systems using a vulnerability scanner called Nikto, then SQLMAP for penetration testing. This was carried on default WordPress, Drupal and Joomla website pages installed on a LAMP server (Iocalhost). Results showed that each of the content management systems was not susceptible to SQLi attacks but gave warnings about other vulnerabilities that could be exploited. Also, we suggested practices that could be implemented to prevent SQL injections.

Nichols, W., Hawrylak, P. J., Hale, J., Papa, M..  2018.  Methodology to Estimate Attack Graph System State from a Simulation of a Nuclear Research Reactor. 2018 Resilience Week (RWS). :84-87.
Hybrid attack graphs are a powerful tool when analyzing the cybersecurity of a cyber-physical system. However, it is important to ensure that this tool correctly models reality, particularly when modelling safety-critical applications, such as a nuclear reactor. By automatically verifying that a simulation reaches the state predicted by an attack graph by analyzing the final state of the simulation, this verification procedure can be accomplished. As such, a mechanism to estimate if a simulation reaches the expected state in a hybrid attack graph is proposed here for the nuclear reactor domain.
Clark, G., Doran, M., Glisson, W..  2018.  A Malicious Attack on the Machine Learning Policy of a Robotic System. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :516-521.

The field of robotics has matured using artificial intelligence and machine learning such that intelligent robots are being developed in the form of autonomous vehicles. The anticipated widespread use of intelligent robots and their potential to do harm has raised interest in their security. This research evaluates a cyberattack on the machine learning policy of an autonomous vehicle by designing and attacking a robotic vehicle operating in a dynamic environment. The primary contribution of this research is an initial assessment of effective manipulation through an indirect attack on a robotic vehicle using the Q learning algorithm for real-time routing control. Secondly, the research highlights the effectiveness of this attack along with relevant artifact issues.

Zheng, Erkang, Gates-Idem, Phil, Lavin, Matt.  2018.  Building a Virtually Air-Gapped Secure Environment in AWS: With Principles of Devops Security Program and Secure Software Delivery. Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security. :11:1–11:8.

This paper presents the development and configuration of a virtually air-gapped cloud environment in AWS, to secure the production software workloads and patient data (ePHI) and to achieve HIPAA compliance.

Menet, Fran\c cois, Berthier, Paul, Gagnon, Michel, Fernandez, José M..  2018.  Spartan Networks: Self-Feature-Squeezing Networks for Increased Robustness in Adversarial Settings. Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. :2246–2248.

Deep Learning Models are vulnerable to adversarial inputs, samples modified in order to maximize error of the system. We hereby introduce Spartan Networks, Deep Learning models that are inherently more resistant to adverarial examples, without doing any input preprocessing out of the network or adversarial training. These networks have an adversarial layer within the network designed to starve the network of information, using a new activation function to discard data. This layer trains the neural network to filter-out usually-irrelevant parts of its input. These models thus have a slightly lower precision, but report a higher robustness under attack than unprotected models.

Khosravi-Farmad, M., Ramaki, A. A., Bafghi, A. G..  2018.  Moving Target Defense Against Advanced Persistent Threats for Cybersecurity Enhancement. 2018 8th International Conference on Computer and Knowledge Engineering (ICCKE). :280–285.
One of the main security concerns of enterprise-level organizations which provide network-based services is combating with complex cybersecurity attacks like advanced persistent threats (APTs). The main features of these attacks are being multilevel, multi-step, long-term and persistent. Also they use an intrusion kill chain (IKC) model to proceed the attack steps and reach their goals on targets. Traditional security solutions like firewalls and intrusion detection and prevention systems (IDPSs) are not able to prevent APT attack strategies and block them. Recently, deception techniques are proposed to defend network assets against malicious activities during IKC progression. One of the most promising approaches against APT attacks is Moving Target Defense (MTD). MTD techniques can be applied to attack steps of any abstraction levels in a networked infrastructure (application, host, and network) dynamically for disruption of successful execution of any on the fly IKCs. In this paper, after presentation and discussion on common introduced IKCs, one of them is selected and is used for further analysis. Also, after proposing a new and comprehensive taxonomy of MTD techniques in different levels, a mapping analysis is conducted between IKC models and existing MTD techniques. Finally, the effect of MTD is evaluated during a case study (specifically IP Randomization). The experimental results show that the MTD techniques provide better means to defend against IKC-based intrusion activities.
Upadhyay, H., Gohel, H. A., Pons, A., Lagos, L..  2018.  Windows Virtualization Architecture For Cyber Threats Detection. 2018 1st International Conference on Data Intelligence and Security (ICDIS). :119–122.

This is very true for the Windows operating system (OS) used by government and private organizations. With Windows, the closed source nature of the operating system has unfortunately meant that hidden security issues are discovered very late and the fixes are not found in real time. There needs to be a reexamination of current static methods of malware detection. This paper presents an integrated system for automated and real-time monitoring and prediction of rootkit and malware threats for the Windows OS. We propose to host the target Windows machines on the widely used Xen hypervisor, and collect process behavior using virtual memory introspection (VMI). The collected data will be analyzed using state of the art machine learning techniques to quickly isolate malicious process behavior and alert system administrators about potential cyber breaches. This research has two focus areas: identifying memory data structures and developing prediction tools to detect malware. The first part of research focuses on identifying memory data structures affected by malware. This includes extracting the kernel data structures with VMI that are frequently targeted by rootkits/malware. The second part of the research will involve development of a prediction tool using machine learning techniques.

Ndichu, S., Ozawa, S., Misu, T., Okada, K..  2018.  A Machine Learning Approach to Malicious JavaScript Detection using Fixed Length Vector Representation. 2018 International Joint Conference on Neural Networks (IJCNN). :1–8.

To add more functionality and enhance usability of web applications, JavaScript (JS) is frequently used. Even with many advantages and usefulness of JS, an annoying fact is that many recent cyberattacks such as drive-by-download attacks exploit vulnerability of JS codes. In general, malicious JS codes are not easy to detect, because they sneakily exploit vulnerabilities of browsers and plugin software, and attack visitors of a web site unknowingly. To protect users from such threads, the development of an accurate detection system for malicious JS is soliciting. Conventional approaches often employ signature and heuristic-based methods, which are prone to suffer from zero-day attacks, i.e., causing many false negatives and/or false positives. For this problem, this paper adopts a machine-learning approach to feature learning called Doc2Vec, which is a neural network model that can learn context information of texts. The extracted features are given to a classifier model (e.g., SVM and neural networks) and it judges the maliciousness of a JS code. In the performance evaluation, we use the D3M Dataset (Drive-by-Download Data by Marionette) for malicious JS codes and JSUPACK for benign ones for both training and test purposes. We then compare the performance to other feature learning methods. Our experimental results show that the proposed Doc2Vec features provide better accuracy and fast classification in malicious JS code detection compared to conventional approaches.

Dhunna, G. S., Al-Anbagi, I..  2017.  A Low Power Cybersecurity Mechanism for WSNs in a Smart Grid Environment. 2017 IEEE Electrical Power and Energy Conference (EPEC). :1–6.
Smart Grid cybersecurity is one of the key ingredients for successful and wide scale adaptation of the Smart Grid by utilities and governments around the world. The implementation of the Smart Grid relies mainly on the highly distributed sensing and communication functionalities of its components such as Wireless Sensor Networks (WSNs), Phasor Measurement Units (PMUs) and other protection devices. This distributed nature and the high number of connected devices are the main challenges for implementing cybersecurity in the smart grid. As an example, the North American Electric Reliability Corporation (NERC) issued the Critical Infrastructure Protection (CIP) standards (CIP-002 through CIP-009) to define cybersecurity requirements for critical power grid infrastructure. However, NERC CIP standards do not specify cybersecurity for different communication technologies such as WSNs, fiber networks and other network types. Implementing security mechanisms in WSNs is a challenging task due to the limited resources of the sensor devices. WSN security mechanisms should not only focus on reducing the power consumption of the sensor devices, but they should also maintain high reliability and throughput needed by Smart Grid applications. In this paper, we present a WSN cybersecurity mechanism suitable for smart grid monitoring application. Our mechanism can detect and isolate various attacks in a smart grid environment, such as denial of sleep, forge and replay attacks in an energy efficient way. Simulation results show that our mechanism can outperform existing techniques while meeting the NERC CIP requirements.
Garcia, Dennis, Lugo, Anthony Erb, Hemberg, Erik, O'Reilly, Una-May.  2017.  Investigating Coevolutionary Archive Based Genetic Algorithms on Cyber Defense Networks. Proceedings of the Genetic and Evolutionary Computation Conference Companion. :1455–1462.
We introduce a new cybersecurity project named RIVALS. RIVALS will assist in developing network defense strategies through modeling adversarial network attack and defense dynamics. RIVALS will focus on peer-to-peer networks and use coevolutionary algorithms. In this contribution, we describe RIVALS' current suite of coevolutionary algorithms that use archiving to maintain progressive exploration and that support different solution concepts as fitness metrics. We compare and contrast their effectiveness by executing a standard coevolutionary benchmark (Compare-on-one) and RIVALS simulations on 3 different network topologies. Currently, we model denial of service (DOS) attack strategies by the attacker selecting one or more network servers to disable for some duration. Defenders can choose one of three different network routing protocols: shortest path, flooding and a peer-to-peer ring overlay to try to maintain their performance. Attack completion and resource cost minimization serve as attacker objectives. Mission completion and resource cost minimization are the reciprocal defender objectives. Our experiments show that existing algorithms either sacrifice execution speed or forgo the assurance of consistent results. rIPCA, our adaptation of a known coevolutionary algorithm named IPC A, is able to more consistently produce high quality results, albeit without IPCA's guarantees for results with monotonically increasing performance, without sacrificing speed.
Pal, Partha, Soule, Nathaniel, Lageman, Nate, Clark, Shane S., Carvalho, Marco, Granados, Adrian, Alves, Anthony.  2017.  Adaptive Resource Management Enabling Deception (ARMED). Proceedings of the 12th International Conference on Availability, Reliability and Security. :52:1–52:8.
Distributed Denial of Service (DDoS) attacks routinely disrupt access to critical services. Mitigation of these attacks often relies on planned over-provisioning or elastic provisioning of resources, and third-party monitoring, analysis, and scrubbing of network traffic. While volumetric attacks which saturate a victim's network are most common, non-volumetric, low and slow, DDoS attacks can achieve their goals without requiring high traffic volume by targeting vulnerable network protocols or protocol implementations. Non-volumetric attacks, unlike their noisy counterparts, require more sophisticated detection mechanisms, and typically have only post-facto and targeted protocol/application mitigations. In this paper, we introduce our work under the Adaptive Resource Management Enabling Deception (ARMED) effort, which is developing a network-level approach to automatically mitigate sophisticated DDoS attacks through deception-focused adaptive maneuvering. We describe the concept, implementation, and initial evaluation of the ARMED Network Actors (ANAs) that facilitate transparent interception, sensing, analysis, and mounting of adaptive responses that can disrupt the adversary's decision process.
Mattina, Brendan, Yeung, Franki, Hsu, Alex, Savoy, Dale, Tront, Joseph, Raymond, David.  2017.  MARCS: Mobile Augmented Reality for Cybersecurity. Proceedings of the 12th Annual Conference on Cyber and Information Security Research. :10:1–10:4.

Network analysts have long used two-dimensional security visualizations to make sense of overwhelming amounts of network data. As networks grow larger and more complex, two-dimensional displays can become convoluted, compromising user cyber-threat perspective. Using augmented reality to display data with cyber-physical context creates a naturally intuitive interface that helps restore perspective and comprehension sacrificed by complicated two-dimensional visualizations. We introduce Mobile Augmented Reality for Cybersecurity, or MARCS, as a platform to visualize a diverse array of data in real time and space to improve user perspective and threat response. Early work centers around CovARVT and ConnectAR, two proof of concept, prototype applications designed to visualize intrusion detection and wireless association data, respectively.

Toliupa, S., Babenko, T., Trush, A..  2017.  The building of a security strategy based on the model of game management. 2017 4th International Scientific-Practical Conference Problems of Infocommunications. Science and Technology (PIC S T). :57–60.

Cyber security management of systems in the cyberspace has been a challenging problem for both practitioners and the research community. Their proprietary nature along with the complexity renders traditional approaches rather insufficient and creating the need for the adoption of a holistic point of view. This paper draws upon the principles theory game in order to present a novel systemic approach towards cyber security management, taking into account the complex inter-dependencies and providing cost-efficient defense solutions.

Han, Meng, Li, Lei, Peng, Xiaoqing, Hong, Zhen, Li, Mohan.  2017.  Information Privacy of Cyber Transportation System: Opportunities and Challenges. Proceedings of the 6th Annual Conference on Research in Information Technology. :23–28.
The Cyber Transport Systems (CTSs) have made significant advancement along with the development of the information technology and transportation industries worldwide. The rapid proliferation of cyber transportation technology provides rich information and infinite possibilities for our society to understand and use the complex inherent mechanism, which governs the novel intelligence world. In addition, applying information technology to cyber transportation applications open a range of new application scenarios, such as vehicular safety, energy efficiency, reduced pollution, and intelligent maintenance services. However, while enjoying the services and convenience provided by CTS, users, vehicles, even the systems might lose privacy during information transmitting and processing. This paper summarizes the state-of-art research findings on information privacy issues in a broad range. We firstly introduce the typical types of information and the basic mechanisms of information communication in CTS. Secondly, considering the information privacy issues of CTS, we present the literature on information privacy issues and privacy protection approaches in CTS. Thirdly, we discuss the emerging challenges and the opportunities for the information technology community in CTS.