Intervention in National and Private Cyber Space and International Law

OpenAIRE

Wrange, Pål

2013-01-01

In international law discourse on cyber attacks, there has been much focus on the threshold for the use of force. Cyber attacks or intrusions which do not reach the threshold of the use of force have been held to be unproblematic. However, such intrusions -- including many measures amounting to cyber espionage or counter-terrorism -- will often constitute illegal interventions into the sovereignty of another state, or constitute violations of human rights.Unfortunately, states have not been v...

Cyber-Physical Architecture Assisted by Programmable Networking

OpenAIRE

Rubio-Hernan, Jose; Sahay, Rishikesh; De Cicco, Luca; Garcia-Alfaro, Joaquin

2018-01-01

Cyber-physical technologies are prone to attacks, in addition to faults and failures. The issue of protecting cyber-physical systems should be tackled by jointly addressing security at both cyber and physical domains, in order to promptly detect and mitigate cyber-physical threats. Towards this end, this letter proposes a new architecture combining control-theoretic solutions together with programmable networking techniques to jointly handle crucial threats to cyber-physical systems. The arch...

Developing cyber security architecture for military networks using cognitive networking

OpenAIRE

Kärkkäinen, Anssi

2015-01-01

In recent years, the importance of cyber security has increased. Cyber security has not become a critical issue only for governmental or business actors, but also for armed forces that nowadays rely on national or even global networks in their daily activities. The Network Centric Warfare (NCW) paradigm has increased the significance of networking during last decades as it enables information superiority in which military combat power increased by networking the battlefield actors from perspe...

Development of a cyber-threat intelligence-sharing model from big data sources

CSIR Research Space (South Africa)

Mtshweni, Jabu

2016-01-01

Full Text Available that are increasing in severity, complexity, and frequency. In fact, cybercriminals are developing and sharing advanced techniques for their cyber espionage, reconnaissance missions, and ultimately devastating attacks. In order to reduce cybersecurity risks...

Timing of cyber conflict.

Science.gov (United States)

Axelrod, Robert; Iliev, Rumen

2014-01-28

Nations are accumulating cyber resources in the form of stockpiles of zero-day exploits as well as other novel methods of engaging in future cyber conflict against selected targets. This paper analyzes the optimal timing for the use of such cyber resources. A simple mathematical model is offered to clarify how the timing of such a choice can depend on the stakes involved in the present situation, as well as the characteristics of the resource for exploitation. The model deals with the question of when the resource should be used given that its use today may well prevent it from being available for use later. The analysis provides concepts, theory, applications, and distinctions to promote the understanding strategy aspects of cyber conflict. Case studies include the Stuxnet attack on Iran's nuclear program, the Iranian cyber attack on the energy firm Saudi Aramco, the persistent cyber espionage carried out by the Chinese military, and an analogous case of economic coercion by China in a dispute with Japan. The effects of the rapidly expanding market for zero-day exploits are also analyzed. The goal of the paper is to promote the understanding of this domain of cyber conflict to mitigate the harm it can do, and harness the capabilities it can provide.

Human element of corporate espionage risk management : literature review on assessment and control of outsider and insider threats

OpenAIRE

Sandberg, Jarkko

2015-01-01

The primary purpose of this study is to determine how suitable human risk management con- trols are against corporate espionage. Information risks are ascending problem with corpora- tions all over the world. Cyber attacks are commonplace, and the attackers are often trying to compromise valuable data assets. These malicious targeted attacks are bypassing traditional information security controls; therefore, organizations are endangered by these threats. Since the traditional information secu...

Will electrical cyber-physical interdependent networks undergo first-order transition under random attacks?

Science.gov (United States)

Ji, Xingpei; Wang, Bo; Liu, Dichen; Dong, Zhaoyang; Chen, Guo; Zhu, Zhenshan; Zhu, Xuedong; Wang, Xunting

2016-10-01

Whether the realistic electrical cyber-physical interdependent networks will undergo first-order transition under random failures still remains a question. To reflect the reality of Chinese electrical cyber-physical system, the "partial one-to-one correspondence" interdependent networks model is proposed and the connectivity vulnerabilities of three realistic electrical cyber-physical interdependent networks are analyzed. The simulation results show that due to the service demands of power system the topologies of power grid and its cyber network are highly inter-similar which can effectively avoid the first-order transition. By comparing the vulnerability curves between electrical cyber-physical interdependent networks and its single-layer network, we find that complex network theory is still useful in the vulnerability analysis of electrical cyber-physical interdependent networks.

Cyber Network Mission Dependencies

Science.gov (United States)

2015-09-18

leak paths”) and determine if firewalls and router access control lists are violating network policy. Visualization tools are provided to help analysts...with which a supply agent may not be familiar. In this environment, errors in requisition are easy to make, and they are costly : an incomplete cyber...establishing an email network and recommend a firewall and additional laptops. YMAL would also match mission details like the deployment location with

Cyber security in nuclear power plants and its portability to other industrial infrastructures

International Nuclear Information System (INIS)

Champigny, Sebastien; Gupta, Deeksha; Watson, Venesa; Waedt, Karl

2017-01-01

Power generation increasingly relies on decentralised and interconnected computerised systems. Concepts like ''Industrial Internet of Things'' of the Industrial Internet Consortium (IIC), and ''Industry 4.0'' find their way in this strategic industry. Risk of targeted exploits of errors and vulnerabilities increases with complexity, interconnectivity and decentralization. Inherently stringent security requirements and features make nuclear computerised applications and systems a benchmark for industrial counterparts seeking to hedge against those risks. Consequently, this contribution presents usual cyber security regulations and practices for nuclear power plants. It shows how nuclear cyber security can be ported and used in an industrial context to protect critical infrastructures against cyber-attacks and industrial espionage.

Online social networking and the experience of cyber-bullying.

Science.gov (United States)

O'Dea, Bridianne; Campbell, Andrew

2012-01-01

Online social networking sites (SNS) are popular social tools used amongst adolescents and account for much of their daily internet activity. Recently, these sites have presented opportunities for youth to experience cyber-bullying. Often resulting in psychological distress, cyber-bullying is a common experience for many young people. Continual use of SNS signifies the importance of examining its links to cyber-bullying. This study examined the relationship between online social networking and the experience of cyber-bullying. A total of 400 participants (Mage=14.31 years) completed an online survey which examined the perceived definitions and frequency of cyber-bullying. Users of SNS reported significantly higher frequencies of stranger contact compared to non-users. Spearman's rho correlations determined no significant relationship between daily time on SNS and the frequency of stranger contact. This suggests that ownership of a SNS profile may be a stronger predictor of some cyber-bullying experiences compared to time spent on these sites. Findings encourage continued research on the nature of internet activities used by young adolescents and the possible exposure to online victimization.

Development of a cyber security risk model using Bayesian networks

International Nuclear Information System (INIS)

Shin, Jinsoo; Son, Hanseong; Khalil ur, Rahman; Heo, Gyunyoung

2015-01-01

Cyber security is an emerging safety issue in the nuclear industry, especially in the instrumentation and control (I and C) field. To address the cyber security issue systematically, a model that can be used for cyber security evaluation is required. In this work, a cyber security risk model based on a Bayesian network is suggested for evaluating cyber security for nuclear facilities in an integrated manner. The suggested model enables the evaluation of both the procedural and technical aspects of cyber security, which are related to compliance with regulatory guides and system architectures, respectively. The activity-quality analysis model was developed to evaluate how well people and/or organizations comply with the regulatory guidance associated with cyber security. The architecture analysis model was created to evaluate vulnerabilities and mitigation measures with respect to their effect on cyber security. The two models are integrated into a single model, which is called the cyber security risk model, so that cyber security can be evaluated from procedural and technical viewpoints at the same time. The model was applied to evaluate the cyber security risk of the reactor protection system (RPS) of a research reactor and to demonstrate its usefulness and feasibility. - Highlights: • We developed the cyber security risk model can be find the weak point of cyber security integrated two cyber analysis models by using Bayesian Network. • One is the activity-quality model signifies how people and/or organization comply with the cyber security regulatory guide. • Other is the architecture model represents the probability of cyber-attack on RPS architecture. • The cyber security risk model can provide evidence that is able to determine the key element for cyber security for RPS of a research reactor

Illuminating the Dark Side of the Internet with Actor-Network Theory: An Integrative Review of Current Cybercrime Research

Directory of Open Access Journals (Sweden)

Rocci Luppicini

2014-06-01

Full Text Available Cybercrime is a relatively new area of research within criminology and media studies. The purpose of this paper is to pull together current research scholarship at the intersection of Actor-Network Theory (ANT and cybercrime by addressing the following question: How does ANT apply to cybercrime research? A selective integrative review of cybercrime research utilizing ANT was conducted to examine recent developments and identify trends. The review draws on core research papers that span 2002 to 2013. Findings provided a strong indication of ANT’s role in key areas of current cybercrime, namely, cyber bullying, cyber theft, and cyber terrorism and cyber espionage. More specifically, ANT was applied within cyber criminology research to address complex problems involving human-technological interactions, advance alternative models and theoretical perspectives, compare ANT with existing models and theoretical perspectives, and leverage understanding of network influences on actors. Recommendations are provided to help optimize the application of ANT to cybercrime research and practice. This paper helps advance knowledge at the intersection of ANT and the study of cyber criminology.

Evaluation of a Cyber Security System for Hospital Network.

Science.gov (United States)

Faysel, Mohammad A

2015-01-01

Most of the cyber security systems use simulated data in evaluating their detection capabilities. The proposed cyber security system utilizes real hospital network connections. It uses a probabilistic data mining algorithm to detect anomalous events and takes appropriate response in real-time. On an evaluation using real-world hospital network data consisting of incoming network connections collected for a 24-hour period, the proposed system detected 15 unusual connections which were undetected by a commercial intrusion prevention system for the same network connections. Evaluation of the proposed system shows a potential to secure protected patient health information on a hospital network.

Comprehensive Social Media Security Analysis & XKeyscore Espionage Technology

OpenAIRE

Adam Ali.Zare Hudaib

2014-01-01

Social networks can offer many services to the users for sharing activities events and their ideas. Many attacks can happened to the social networking websites due to trust that have been given by the users. Cyber threats are discussed in this paper. We study the types of cyber threats, classify them and give some suggestions to protect social networking websites of variety of attacks. Moreover, we gave some antithreats strategies with future trends.

Cyber threat model for tactical radio networks

Science.gov (United States)

Kurdziel, Michael T.

2014-05-01

The shift to a full information-centric paradigm in the battlefield has allowed ConOps to be developed that are only possible using modern network communications systems. Securing these Tactical Networks without impacting their capabilities has been a challenge. Tactical networks with fixed infrastructure have similar vulnerabilities to their commercial counterparts (although they need to be secure against adversaries with greater capabilities, resources and motivation). However, networks with mobile infrastructure components and Mobile Ad hoc Networks (MANets) have additional unique vulnerabilities that must be considered. It is useful to examine Tactical Network based ConOps and use them to construct a threat model and baseline cyber security requirements for Tactical Networks with fixed infrastructure, mobile infrastructure and/or ad hoc modes of operation. This paper will present an introduction to threat model assessment. A definition and detailed discussion of a Tactical Network threat model is also presented. Finally, the model is used to derive baseline requirements that can be used to design or evaluate a cyber security solution that can be scaled and adapted to the needs of specific deployments.

Cyber security in nuclear power plants and its portability to other industrial infrastructures

Energy Technology Data Exchange (ETDEWEB)

Champigny, Sebastien; Gupta, Deeksha; Watson, Venesa; Waedt, Karl [AREVA GmbH, Erlangen (Germany)

2017-06-15

Power generation increasingly relies on decentralised and interconnected computerised systems. Concepts like ''Industrial Internet of Things'' of the Industrial Internet Consortium (IIC), and ''Industry 4.0'' find their way in this strategic industry. Risk of targeted exploits of errors and vulnerabilities increases with complexity, interconnectivity and decentralization. Inherently stringent security requirements and features make nuclear computerised applications and systems a benchmark for industrial counterparts seeking to hedge against those risks. Consequently, this contribution presents usual cyber security regulations and practices for nuclear power plants. It shows how nuclear cyber security can be ported and used in an industrial context to protect critical infrastructures against cyber-attacks and industrial espionage.

Bayesian Network Models in Cyber Security: A Systematic Review

NARCIS (Netherlands)

Chockalingam, S.; Pieters, W.; Herdeiro Teixeira, A.M.; van Gelder, P.H.A.J.M.; Lipmaa, Helger; Mitrokotsa, Aikaterini; Matulevicius, Raimundas

2017-01-01

Bayesian Networks (BNs) are an increasingly popular modelling technique in cyber security especially due to their capability to overcome data limitations. This is also instantiated by the growth of BN models development in cyber security. However, a comprehensive comparison and analysis of these

Cyber Insurance for Heterogeneous Wireless Networks

OpenAIRE

Lu, Xiao; Niyato, Dusit; Jiang, Hai; Wang, Ping; Poor, H. Vincent

2017-01-01

Heterogeneous wireless networks (HWNs) composed of densely deployed base stations of different types with various radio access technologies have become a prevailing trend to accommodate ever-increasing traffic demand in enormous volume. Nowadays, users rely heavily on HWNs for ubiquitous network access that contains valuable and critical information such as financial transactions, e-health, and public safety. Cyber risks, representing one of the most significant threats to network security an...

Cyber Security Research Frameworks For Coevolutionary Network Defense

Energy Technology Data Exchange (ETDEWEB)

Rush, George D. [Missouri Univ. of Science and Technology, Rolla, MO (United States); Tauritz, Daniel Remy [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

2015-12-03

Several architectures have been created for developing and testing systems used in network security, but most are meant to provide a platform for running cyber security experiments as opposed to automating experiment processes. In the first paper, we propose a framework termed Distributed Cyber Security Automation Framework for Experiments (DCAFE) that enables experiment automation and control in a distributed environment. Predictive analysis of adversaries is another thorny issue in cyber security. Game theory can be used to mathematically analyze adversary models, but its scalability limitations restrict its use. Computational game theory allows us to scale classical game theory to larger, more complex systems. In the second paper, we propose a framework termed Coevolutionary Agent-based Network Defense Lightweight Event System (CANDLES) that can coevolve attacker and defender agent strategies and capabilities and evaluate potential solutions with a custom network defense simulation. The third paper is a continuation of the CANDLES project in which we rewrote key parts of the framework. Attackers and defenders have been redesigned to evolve pure strategy, and a new network security simulation is devised which specifies network architecture and adds a temporal aspect. We also add a hill climber algorithm to evaluate the search space and justify the use of a coevolutionary algorithm.

Bayesian Network Models in Cyber Security: A Systematic Review

OpenAIRE

Chockalingam, S.; Pieters, W.; Herdeiro Teixeira, A.M.; van Gelder, P.H.A.J.M.; Lipmaa, Helger; Mitrokotsa, Aikaterini; Matulevicius, Raimundas

2017-01-01

Bayesian Networks (BNs) are an increasingly popular modelling technique in cyber security especially due to their capability to overcome data limitations. This is also instantiated by the growth of BN models development in cyber security. However, a comprehensive comparison and analysis of these models is missing. In this paper, we conduct a systematic review of the scientific literature and identify 17 standard BN models in cyber security. We analyse these models based on 9 different criteri...

Fuzzy Logic Based Anomaly Detection for Embedded Network Security Cyber Sensor

Energy Technology Data Exchange (ETDEWEB)

Ondrej Linda; Todd Vollmer; Jason Wright; Milos Manic

2011-04-01

Resiliency and security in critical infrastructure control systems in the modern world of cyber terrorism constitute a relevant concern. Developing a network security system specifically tailored to the requirements of such critical assets is of a primary importance. This paper proposes a novel learning algorithm for anomaly based network security cyber sensor together with its hardware implementation. The presented learning algorithm constructs a fuzzy logic rule based model of normal network behavior. Individual fuzzy rules are extracted directly from the stream of incoming packets using an online clustering algorithm. This learning algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental test-bed mimicking the environment of a critical infrastructure control system.

PeerShield: determining control and resilience criticality of collaborative cyber assets in networks

Science.gov (United States)

Cam, Hasan

2012-06-01

As attackers get more coordinated and advanced in cyber attacks, cyber assets are required to have much more resilience, control effectiveness, and collaboration in networks. Such a requirement makes it essential to take a comprehensive and objective approach for measuring the individual and relative performances of cyber security assets in network nodes. To this end, this paper presents four techniques as to how the relative importance of cyber assets can be measured more comprehensively and objectively by considering together the main variables of risk assessment (e.g., threats, vulnerabilities), multiple attributes (e.g., resilience, control, and influence), network connectivity and controllability among collaborative cyber assets in networks. In the first technique, a Bayesian network is used to include the random variables for control, recovery, and resilience attributes of nodes, in addition to the random variables of threats, vulnerabilities, and risk. The second technique shows how graph matching and coloring can be utilized to form collaborative pairs of nodes to shield together against threats and vulnerabilities. The third technique ranks the security assets of nodes by incorporating multiple weights and thresholds of attributes into a decision-making algorithm. In the fourth technique, the hierarchically well-separated tree is enhanced to first identify critical nodes of a network with respect to their attributes and network connectivity, and then selecting some nodes as driver nodes for network controllability.

Security Evaluation of the Cyber Networks under Advanced Persistent Threats

NARCIS (Netherlands)

Yang, L.; Li, Pengdeng; Yang, Xiaofan; Tang, Yuan Yan

2017-01-01

Advanced persistent threats (APTs) pose a grave threat to cyberspace, because they deactivate all the conventional cyber defense mechanisms. This paper addresses the issue of evaluating the security of the cyber networks under APTs. For this purpose, a dynamic model capturing the APT-based

Technophilic hubris and espionage styles during the Cold War.

Science.gov (United States)

Macrakis, Kristie

2010-06-01

During the Cold War the United States developed an espionage style that reflected its love affair with technology (technophilia) whereas the Soviet Union and the East Bloc continued a tradition of using humans to collect intelligence. This essay places the origins and development of these espionage styles during the Cold War in historical and social context, and assesses their strengths and weaknesses by drawing on examples from particular cases. While the United States won the Cold War, the East Bloc won the spy wars because of a more effective espionage style. I conclude with some reflections on the uses of history for future policy, and suggest areas for further study.

Protecting against cyber threats in networked information systems

Science.gov (United States)

Ertoz, Levent; Lazarevic, Aleksandar; Eilertson, Eric; Tan, Pang-Ning; Dokas, Paul; Kumar, Vipin; Srivastava, Jaideep

2003-07-01

This paper provides an overview of our efforts in detecting cyber attacks in networked information systems. Traditional signature based techniques for detecting cyber attacks can only detect previously known intrusions and are useless against novel attacks and emerging threats. Our current research at the University of Minnesota is focused on developing data mining techniques to automatically detect attacks against computer networks and systems. This research is being conducted as a part of MINDS (Minnesota Intrusion Detection System) project at the University of Minnesota. Experimental results on live network traffic at the University of Minnesota show that the new techniques show great promise in detecting novel intrusions. In particular, during the past few months our techniques have been successful in automatically identifying several novel intrusions that could not be detected using state-of-the-art tools such as SNORT.

Industrial espionage and technical surveillance counter measurers

CERN Document Server

Androulidakis, Iosif

2016-01-01

This book examines technical aspects of industrial espionage and its impact in modern companies, organizations, and individuals while emphasizing the importance of intellectual property in the information era. The authors discuss the problem itself and then provide statistics and real world cases. The main contribution provides a detailed discussion of the actual equipment, tools and techniques concerning technical surveillance in the framework of espionage. Moreover, they present the best practices and methods of detection (technical surveillance counter measures) as well as means of intellectual property protection.

Semantical Markov Logic Network for Distributed Reasoning in Cyber-Physical Systems

Directory of Open Access Journals (Sweden)

Abdul-Wahid Mohammed

2017-01-01

Full Text Available The challenges associated with developing accurate models for cyber-physical systems are attributable to the intrinsic concurrent and heterogeneous computations of these systems. Even though reasoning based on interconnected domain specific ontologies shows promise in enhancing modularity and joint functionality modelling, it has become necessary to build interoperable cyber-physical systems due to the growing pervasiveness of these systems. In this paper, we propose a semantically oriented distributed reasoning architecture for cyber-physical systems. This model accomplishes reasoning through a combination of heterogeneous models of computation. Using the flexibility of semantic agents as a formal representation for heterogeneous computational platforms, we define autonomous and intelligent agent-based reasoning procedure for distributed cyber-physical systems. Sensor networks underpin the semantic capabilities of this architecture, and semantic reasoning based on Markov logic networks is adopted to address uncertainty in modelling. To illustrate feasibility of this approach, we present a Markov logic based semantic event model for cyber-physical systems and discuss a case study of event handling and processing in a smart home.

A performance study of unmanned aerial vehicle-based sensor networks under cyber attack

Science.gov (United States)

Puchaty, Ethan M.

In UAV-based sensor networks, an emerging area of interest is the performance of these networks under cyber attack. This study seeks to evaluate the performance trade-offs from a System-of-Systems (SoS) perspective between various UAV communications architecture options in the context two missions: tracking ballistic missiles and tracking insurgents. An agent-based discrete event simulation is used to model a sensor communication network consisting of UAVs, military communications satellites, ground relay stations, and a mission control center. Network susceptibility to cyber attack is modeled with probabilistic failures and induced data variability, with performance metrics focusing on information availability, latency, and trustworthiness. Results demonstrated that using UAVs as routers increased network availability with a minimal latency penalty and communications satellite networks were best for long distance operations. Redundancy in the number of links between communication nodes helped mitigate cyber-caused link failures and add robustness in cases of induced data variability by an adversary. However, when failures were not independent, redundancy and UAV routing were detrimental in some cases to network performance. Sensitivity studies indicated that long cyber-caused downtimes and increasing failure dependencies resulted in build-ups of failures and caused significant degradations in network performance.

Game Theoretic Solutions to Cyber Attack and Network Defense Problems

National Research Council Canada - National Science Library

Shen, Dan; Chen, Genshe; Cruz, Jr., , Jose B; Blasch, Erik; Kruger, Martin

2007-01-01

.... The protection and defense against cyber attacks to computer network is becoming inadequate as the hacker knowledge sophisticates and as the network and each computer system become more complex...

A spy's paradise? German espionage in the Netherlands, 1914-1918

NARCIS (Netherlands)

Klinkert, W.

2013-01-01

During the First World War The Netherlands were extremely important for espionage by the warring states. They used the neutral territory as spring-board for infiltration and propaganda, but they were interested in Holland itself too. This article deals with German espionage related to The

EDUCATIONAL NETWORKING: HUMAN VIEW TO CYBER DEFENSE

Directory of Open Access Journals (Sweden)

Oleksandr Yu. Burov

2016-05-01

Full Text Available Networks play more and more important role for human life and activity, both in critical occupations (aviation, power industry, military missions etc., and in everyday life (home computers, education, leisure. Interaction between human and other elements of human-machine system have changed, because they coincide in the information habitat. Human-system integration has reached new level of defense needs. The paper will introduce features of information society in respect of a human and corresponding changes in HF/E: (1 information becomes a tool, goal, mean and environment of a human activity, (2 it becomes a part of the human nature and this makes him/her unprotected, (3 human psycho-physiological status becomes not only a basis of effective performance, but an object of control and support, and means of a human security and safety should be a part of information habitat, (4 networking environment becomes an independent actor in a human activity. Accompanying cyber-security challenges and tasks are discussed, as well as types of networking threats and Human View regarding the cyber security challenges.

Optimizing targeted vaccination across cyber-physical networks: an empirically based mathematical simulation study.

Science.gov (United States)

Mones, Enys; Stopczynski, Arkadiusz; Pentland, Alex 'Sandy'; Hupert, Nathaniel; Lehmann, Sune

2018-01-01

Targeted vaccination, whether to minimize the forward transmission of infectious diseases or their clinical impact, is one of the 'holy grails' of modern infectious disease outbreak response, yet it is difficult to achieve in practice due to the challenge of identifying optimal targets in real time. If interruption of disease transmission is the goal, targeting requires knowledge of underlying person-to-person contact networks. Digital communication networks may reflect not only virtual but also physical interactions that could result in disease transmission, but the precise overlap between these cyber and physical networks has never been empirically explored in real-life settings. Here, we study the digital communication activity of more than 500 individuals along with their person-to-person contacts at a 5-min temporal resolution. We then simulate different disease transmission scenarios on the person-to-person physical contact network to determine whether cyber communication networks can be harnessed to advance the goal of targeted vaccination for a disease spreading on the network of physical proximity. We show that individuals selected on the basis of their closeness centrality within cyber networks (what we call 'cyber-directed vaccination') can enhance vaccination campaigns against diseases with short-range (but not full-range) modes of transmission. © 2018 The Author(s).

Cyber-physical system design with sensor networking technologies

CERN Document Server

Zeadally, Sherali

2016-01-01

This book describes how wireless sensor networking technologies can help in establishing and maintaining seamless communications between the physical and cyber systems to enable efficient, secure, reliable acquisition, management, and routing of data.

Annual Report to Congress on Foreign Economic Collection and Industrial Espionage: 1996

National Research Council Canada - National Science Library

1996-01-01

.... industry from foreign economic collection and industrial espionage. This document updates the first "Annual Report to Congress on Foreign Economic Collection and Industrial Espionage 1995," which was released in July 1995...

Cyber Security: Assessing Our Vulnerabilities and Developing an Effective Defense

Science.gov (United States)

Spafford, Eugene H.

The number and sophistication of cyberattacks continues to increase, but no national policy is in place to confront them. Critical systems need to be built on secure foundations, rather than the cheapest general-purpose platform. A program that combines education in cyber security, increasing resources for law enforcement, development of reliable systems for critical applications, and expanding research support in multiple areas of security and reliability is essential to combat risks that are far beyond the nuisances of spam email and viruses, and involve widespread espionage, theft, and attacks on essential services.

Novel mechanism of network protection against the new generation of cyber attacks

Science.gov (United States)

Milovanov, Alexander; Bukshpun, Leonid; Pradhan, Ranjit

2012-06-01

A new intelligent mechanism is presented to protect networks against the new generation of cyber attacks. This mechanism integrates TCP/UDP/IP protocol stack protection and attacker/intruder deception to eliminate existing TCP/UDP/IP protocol stack vulnerabilities. It allows to detect currently undetectable, highly distributed, low-frequency attacks such as distributed denial-of-service (DDoS) attacks, coordinated attacks, botnet, and stealth network reconnaissance. The mechanism also allows insulating attacker/intruder from the network and redirecting the attack to a simulated network acting as a decoy. As a result, network security personnel gain sufficient time to defend the network and collect the attack information. The presented approach can be incorporated into wireless or wired networks that require protection against known and the new generation of cyber attacks.

Department of Defense Information Network (DODIN): A Study of Current Cyber Threats and Best Practices for Network Security

Science.gov (United States)

2016-06-10

DODIN) is being threatened by state actors, non-state actors, and continuous hacking and cyber-attacks. These threats against the network come in a...variety of forms; physical attacks from radio jamming, logical cyber threats from hacking , or a combination of both physical and logical attacks. Each...year the number of hacking attacks is increasing. Corporations like Symantec publish annual reports on cyber threats and provide tips for best

An ontological knowledge base for cyber network attack planning

CSIR Research Space (South Africa)

Chan, P

2015-03-01

Full Text Available In modern warfare it is no longer sufficient to only focus on physical attacks and counter-measures; the threat against cyber networks is becoming increasingly significant. Modern military forces have to provide counter measures against...

Cyber-Threat Assessment for the Air Traffic Management System: A Network Controls Approach

Science.gov (United States)

Roy, Sandip; Sridhar, Banavar

2016-01-01

Air transportation networks are being disrupted with increasing frequency by failures in their cyber- (computing, communication, control) systems. Whether these cyber- failures arise due to deliberate attacks or incidental errors, they can have far-reaching impact on the performance of the air traffic control and management systems. For instance, a computer failure in the Washington DC Air Route Traffic Control Center (ZDC) on August 15, 2015, caused nearly complete closure of the Centers airspace for several hours. This closure had a propagative impact across the United States National Airspace System, causing changed congestion patterns and requiring placement of a suite of traffic management initiatives to address the capacity reduction and congestion. A snapshot of traffic on that day clearly shows the closure of the ZDC airspace and the resulting congestion at its boundary, which required augmented traffic management at multiple locations. Cyber- events also have important ramifications for private stakeholders, particularly the airlines. During the last few months, computer-system issues have caused several airlines fleets to be grounded for significant periods of time: these include United Airlines (twice), LOT Polish Airlines, and American Airlines. Delays and regional stoppages due to cyber- events are even more common, and may have myriad causes (e.g., failure of the Department of Homeland Security systems needed for security check of passengers, see [3]). The growing frequency of cyber- disruptions in the air transportation system reflects a much broader trend in the modern society: cyber- failures and threats are becoming increasingly pervasive, varied, and impactful. In consequence, an intense effort is underway to develop secure and resilient cyber- systems that can protect against, detect, and remove threats, see e.g. and its many citations. The outcomes of this wide effort on cyber- security are applicable to the air transportation infrastructure

Analysis of American Prosecution of China Cyber Espionage%美国以网络间谍之名起诉中国军人事件探析

Institute of Scientific and Technical Information of China (English)

旷野; 冯伟

2014-01-01

On 19th May, 2014, American Department of Justice for the first time filed cyber-espionage charges against individuals belonging to a unit of the Chinese military, accusing them of hacking trade secrets since 2006. It is claimed that the hackers hacked Westinghouse, Solarworld, Al egheny technologies and other American companies, in order to help Chinese enterprises, especial y state-owned enterprises to gain competitive advantages."Indictment" lists 5 China soldiers name, nickname, photos and other identity information, described the related information of so-cal ed "at ack" issues, such as the specific time, place, person, and so on. It is necessary to deeply study the hidden proposes of United States. From the point of CCID thinktank, several measures need to be taken to improve the cyber security level, including: to develop independently control able technologies and products in order to accelerate the localization replacement, to define the cyber security review content, to strengthen the IT enterprise supervision, to establish emergency response mechanism of cyber security, to strengthen international cooperation.%2014年5月19日，美国司法部宣布起诉5名中国军人，指控他们在2006-2014年间入侵西屋电气、太阳能世界、美工钢铁、阿勒格尼技术和美国铝业等多家企业的内部网络并窃取机密信息，以帮助中国企业，特别是中国国企获取竞争优势。“起诉书”中列举了5名中国军人的姓名、昵称、照片等身份信息，详尽描述了所谓“网络攻击”的具体时间、地点、人物等事件信息。美国在“棱镜门”、“窃听门”接连发生的背景下，高调起诉中方公务人员，其本后掩藏的目的值得我们深入研究和认真应对。文章认为，为改变中国被动的互联网局面：一是要研发自主可控技术产品，加速国产化替代；二是要明确网络安全审查内容，加强 IT 企业监管；三是要建立网络安全应急机制，强化舆论引导；四是要加强国际合作，提高网络话语权。

Investigating the effectiveness of many-core network processors for high performance cyber protection systems. Part I, FY2011.

Energy Technology Data Exchange (ETDEWEB)

Wheeler, Kyle Bruce; Naegle, John Hunt; Wright, Brian J.; Benner, Robert E., Jr.; Shelburg, Jeffrey Scott; Pearson, David Benjamin; Johnson, Joshua Alan; Onunkwo, Uzoma A.; Zage, David John; Patel, Jay S.

2011-09-01

This report documents our first year efforts to address the use of many-core processors for high performance cyber protection. As the demands grow for higher bandwidth (beyond 1 Gbits/sec) on network connections, the need to provide faster and more efficient solution to cyber security grows. Fortunately, in recent years, the development of many-core network processors have seen increased interest. Prior working experiences with many-core processors have led us to investigate its effectiveness for cyber protection tools, with particular emphasis on high performance firewalls. Although advanced algorithms for smarter cyber protection of high-speed network traffic are being developed, these advanced analysis techniques require significantly more computational capabilities than static techniques. Moreover, many locations where cyber protections are deployed have limited power, space and cooling resources. This makes the use of traditionally large computing systems impractical for the front-end systems that process large network streams; hence, the drive for this study which could potentially yield a highly reconfigurable and rapidly scalable solution.

Flow-Based Detection of DNS Tunnels

NARCIS (Netherlands)

Ellens, W.; Żuraniewski, P.; Sperotto, A.; Schotanus, H.; Mandjes, M.; Meeuwissen, E.

2013-01-01

DNS tunnels allow circumventing access and security policies in firewalled networks. Such a security breach can be misused for activities like free web browsing, but also for command & control traffic or cyber espionage, thus motivating the search for effective automated DNS tunnel detection

Flow-based detection of DNS tunnels

NARCIS (Netherlands)

Ellens, W.; Zuraniewski, P.; Schotanus, H.; Mandjes, M.R.H.; Meeuwissen, E.; Doyen, Guillaume; Waldburger, Martin; Celeda, Pavel; Sperotto, Anna; Stiller, Burkhard

DNS tunnels allow circumventing access and security policies in firewalled networks. Such a security breach can be misused for activities like free web browsing, but also for command & control traffic or cyber espionage, thus motivating the search for effective automated DNS tunnel detection

Flow-based detection of DNS tunnels

NARCIS (Netherlands)

Ellens, W.; Zuraniewski, P.W.; Sperotto, A.; Schotanus, H.A.; Mandjes, M.; Meeuwissen, H.B.

2013-01-01

DNS tunnels allow circumventing access and security policies in firewalled networks. Such a security breach can be misused for activities like free web browsing, but also for command & control traffic or cyber espionage, thus motivating the search for effective automated DNS tunnel detection

Cyber Friendly Fire

Energy Technology Data Exchange (ETDEWEB)

Greitzer, Frank L.; Carroll, Thomas E.; Roberts, Adam D.

2011-09-01

Cyber friendly fire (FF) is a new concept that has been brought to the attention of Department of Defense (DoD) stakeholders through two workshops that were planned and conducted by the Air Force Research Laboratory (AFRL) and research conducted for AFRL by the Pacific Northwest National Laboratory. With this previous work in mind, we offer a definition of cyber FF as intentional offensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintentionally harms the mission effectiveness of friendly or neutral forces. Just as with combat friendly fire, a fundamental need in avoiding cyber FF is to maintain situation awareness (SA). We suggest that cyber SA concerns knowledge of a system's topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system (and that populate the nodes), the nature of the activities or work performed, and the available defensive (and offensive) countermeasures that may be applied to thwart network attacks. A training implication is to raise awareness and understanding of these critical knowledge units; an approach to decision aids and/or visualizations is to focus on supporting these critical knowledge units. To study cyber FF, we developed an unclassified security test range comprising a combination of virtual and physical devices that present a closed network for testing, simulation, and evaluation. This network offers services found on a production network without the associated costs of a real production network. Containing enough detail to appear realistic, this virtual and physical environment can be customized to represent different configurations. For our purposes, the test range was configured to appear as an Internet-connected Managed Service Provider (MSP) offering specialized web applications to the general public

Wireless Sensor Network Based Smart Grid Communications: Cyber Attacks, Intrusion Detection System and Topology Control

Directory of Open Access Journals (Sweden)

Lipi Chhaya

2017-01-01

Full Text Available The existing power grid is going through a massive transformation. Smart grid technology is a radical approach for improvisation in prevailing power grid. Integration of electrical and communication infrastructure is inevitable for the deployment of Smart grid network. Smart grid technology is characterized by full duplex communication, automatic metering infrastructure, renewable energy integration, distribution automation and complete monitoring and control of entire power grid. Wireless sensor networks (WSNs are small micro electrical mechanical systems that are deployed to collect and communicate the data from surroundings. WSNs can be used for monitoring and control of smart grid assets. Security of wireless sensor based communication network is a major concern for researchers and developers. The limited processing capabilities of wireless sensor networks make them more vulnerable to cyber-attacks. The countermeasures against cyber-attacks must be less complex with an ability to offer confidentiality, data readiness and integrity. The address oriented design and development approach for usual communication network requires a paradigm shift to design data oriented WSN architecture. WSN security is an inevitable part of smart grid cyber security. This paper is expected to serve as a comprehensive assessment and analysis of communication standards, cyber security issues and solutions for WSN based smart grid infrastructure.

Industrial espionage today and information wars of tomorrow

Science.gov (United States)

Joyal, Paul

1996-03-01

In this report we review case histories of industrial espionage publicized in the media and in Congressional hearings. The threat to the United Stages as the world's largest investor in R&D is magnified by the transition from a cold war military confrontation of the super powers to an economic competition in global markets. To sustain their market share, France, Japan and Russia have initiated national programs to acquire U.S. technical know-how. Former intelligence staff now distill fragments of sensitive information into meaningful knowledge to guide industrial and national efforts to ascertain dominance. This threat is amplified by the exponential proliferation of global communication networks, like INTERENET, that reach into corporate America and permit unseen adversaries to probe the vast U.S. data stores for unprotected intelligence. Counter intelligence in industrial espionage by the United Stages on a national level is virtually impossible because of public scrutiny in our open society. On the positive side, the upheaval of a rapid transition from high-tension and high economic stability to low-tension and high economic instability is prompting international collaboration against international terrorism. On the corporate level, strategic alliances with foreign firms are expanding to sustain competitiveness and innovation in areas of specialty. A national security plan to protect the U.S. information resources is needed; and a viable policy to operate our information highways as safe conduits for electronic business. The well being of the global economy, not just that of our nation, is at stake and should not be left to chance and provocation.

Developing Simulated Cyber Attack Scenarios Against Virtualized Adversary Networks

Science.gov (United States)

2017-03-01

enclave, as shown in Figure 11, is a common design for many secure networks. Different variations of a cyber-attack scenario can be rehearsed based...achieved a greater degree of success against multiple variations of an enemy network. E. ATTACK TYPES A primary goal of this thesis is to define and...2013. [33] R. Goldberg , “Architectural principles for virtual computer systems,” Ph.D. dissertation, Dept. of Comp. Sci., Harvard Univ., Cambridge

Modeling and Vulnerability Analysis of Cyber-Physical Power Systems Considering Network Topology and Power Flow Properties

Directory of Open Access Journals (Sweden)

Jia Guo

2017-01-01

Full Text Available Conventional power systems are developing into cyber-physical power systems (CPPS with wide applications of communication, computer and control technologies. However, multiple practical cases show that the failure of cyber layers is a major factor leading to blackouts. Therefore, it is necessary to discuss the cascading failure process considering cyber layer failures and analyze the vulnerability of CPPS. In this paper, a CPPS model, which consists of cyber layer, physical layer and cyber-physical interface, is presented using complex network theory. Considering power flow properties, the impacts of cyber node failures on the cascading failure propagation process are studied. Moreover, two vulnerability indices are established from the perspective of both network structure and power flow properties. A vulnerability analysis method is proposed, and the CPPS performance before and after cascading failures is analyzed by the proposed method to calculate vulnerability indices. In the case study, three typical scenarios are analyzed to illustrate the method, and vulnerabilities under different interface strategies and attack strategies are compared. Two thresholds are proposed to value the CPPS vulnerability roughly. The results show that CPPS is more vulnerable under malicious attacks and cyber nodes with high indices are vulnerable points which should be reinforced.

Computer network security and cyber ethics

CERN Document Server

Kizza, Joseph Migga

2014-01-01

In its 4th edition, this book remains focused on increasing public awareness of the nature and motives of cyber vandalism and cybercriminals, the weaknesses inherent in cyberspace infrastructure, and the means available to protect ourselves and our society. This new edition aims to integrate security education and awareness with discussions of morality and ethics. The reader will gain an understanding of how the security of information in general and of computer networks in particular, on which our national critical infrastructure and, indeed, our lives depend, is based squarely on the individ

Cyber Epidemic Models with Dependences

OpenAIRE

Xu, Maochao; Da, Gaofeng; Xu, Shouhuai

2016-01-01

Studying models of cyber epidemics over arbitrary complex networks can deepen our understanding of cyber security from a whole-system perspective. In this paper, we initiate the investigation of cyber epidemic models that accommodate the {\\em dependences} between the cyber attack events. Due to the notorious difficulty in dealing with such dependences, essentially all existing cyber epidemic models have assumed them away. Specifically, we introduce the idea of Copulas into cyber epidemic mode...

Main control computer security model of closed network systems protection against cyber attacks

Science.gov (United States)

Seymen, Bilal

2014-06-01

The model that brings the data input/output under control in closed network systems, that maintains the system securely, and that controls the flow of information through the Main Control Computer which also brings the network traffic under control against cyber-attacks. The network, which can be controlled single-handedly thanks to the system designed to enable the network users to make data entry into the system or to extract data from the system securely, intends to minimize the security gaps. Moreover, data input/output record can be kept by means of the user account assigned for each user, and it is also possible to carry out retroactive tracking, if requested. Because the measures that need to be taken for each computer on the network regarding cyber security, do require high cost; it has been intended to provide a cost-effective working environment with this model, only if the Main Control Computer has the updated hardware.

A novel proposed network security management approach for cyber attacks

International Nuclear Information System (INIS)

Ahmed, Z.; Nazir, B.; Zafar, M.F.; Anwar, M.M.; Azam, K.; Asar, A.U.

2007-01-01

Network security is a discipline that focuses on securing networks from unauthorized access. Given the Escalating threats of malicious cyber attacks, modern enterprises employ multiple lines of defense. A comprehensive defense strategy against such attacks should include (I) an attack detection component that deter- mines the fact that a program is compromised, (2) an attack identification and prevention component that identifies attack packets so that one can block such packets in the future and prevents the attack from further propagation. Over the last decade, a significant amount of research has been vested in the systems that can detect cyber attacks either statically at compile time or dynamically at run time, However, not much effort is spent on automated attack packet identification or attack prevention. In this paper we present a unified solution to the problems mentioned above. We implemented this solution after the forward engineering of Open Source Security Information Management (OSSIM) system called Preventive Information Security management (PrISM) system that correlates input from different sensors so that the resulting product can automatically detect any cyber attack against it and prevents by identifying the actual attack packet(s). The PrISM was always able to detect the attacks, identify the attack packets and most often prevent by blocking the attacker's IP address to continue normal execution. There is no additional run-time performance overhead for attack prevention. (author)

Canada's cyber steward on digital espionage, democracy and ...

International Development Research Centre (IDRC) Digital Library (Canada)

2016-12-19

Dec 19, 2016 ... The network works to combat digital threats in Africa, Latin America, developing ... education can be as effective as traditional face-to-face education in delivering ... New research shows how social media, crowdsourced data ...

Cyber Threats/Attacks and a Defensive Model to Mitigate Cyber Activities

Directory of Open Access Journals (Sweden)

Jawad Hussain Awan

2018-04-01

Full Text Available Nowadays, every internet user is part of cyber world. In this way, millions of users, knowledge seekers, and service provider organizations are connected to each other, a vast number of common people shifted their everyday activities to cyber world as they can save their time, traffic problem and gets effective and costless services by using various services such as, online banking, social networking sites, government services and cloud services. The use of Cyber services, eBusiness, eCommerce and eGovernance increases the usage of online/cyber services also increased the issue of cyber security. Recently, various cases have been reported in the literature and media about the cyber-attacks and crimes which seriously disrupted governments, businesses and personal lives. From the literature. It is noticed that every cyber user is unaware about privacy and security practices and measures. Therefore, cyber user has provided knowledge and fully aware them from the online services and also about cyber privacy and security. This paper presents a review on the recent cybercrimes, threats and attacks reported in the literature and media. In addition, the impact of these cyber breaches and cyber law to deal with cyber security has been discussed. At last, a defensive model is also proposed to mitigate cyber-criminal activities.

Optimizing Active Cyber Defense

OpenAIRE

Lu, Wenlian; Xu, Shouhuai; Yi, Xinlei

2016-01-01

Active cyber defense is one important defensive method for combating cyber attacks. Unlike traditional defensive methods such as firewall-based filtering and anti-malware tools, active cyber defense is based on spreading "white" or "benign" worms to combat against the attackers' malwares (i.e., malicious worms) that also spread over the network. In this paper, we initiate the study of {\\em optimal} active cyber defense in the setting of strategic attackers and/or strategic defenders. Specific...

Towards a Cyber Defense Framework for SCADA Systems Based on Power Consumption Monitoring

Energy Technology Data Exchange (ETDEWEB)

Hernandez Jimenez, Jarilyn M [ORNL; Chen, Qian [Savannah State University; Nichols, Jeff A. {Cyber Sciences} [ORNL; Calhoun, Chelsea [Savannah State University; Sykes, Summer [Savannah State University

2017-01-01

Supervisory control and data acquisition (SCADA) is an industrial automation system that remotely monitor, and control critical infrastructures. SCADA systems are major targets for espionage and sabotage attackers. According to the 2015 Dell security annual threat report, the number of cyber-attacks against SCADA systems has doubled in the past year. Cyber-attacks (i.e., buffer overflow, rootkits and code injection) could cause serious financial losses and physical infrastructure damages. Moreover, some specific cyber-attacks against SCADA systems could become a threat to human life. Current commercial off-the-shelf security solutions are insufficient in protecting SCADA systems against sophisticated cyber-attacks. In 2014 a report by Mandiant stated that only 69% of organizations learned about their breaches from third entities, meaning that these companies lack of their own detection system. Furthermore, these breaches are not detected in real-time or fast enough to prevent further damages. The average time between compromise and detection (for those intrusions that were detected) was 205 days. To address this challenge, we propose an Intrusion Detection System (IDS) that detects SCADA-specific cyber-attacks by analyzing the power consumption of a SCADA device. Specifically, to validate the proposed approach, we chose to monitor in real-time the power usage of a a Programmable Logic Controller (PLC). To this end, we configured the hardware of the tetsbed by installing the required sensors to monitor and collect its power consumption. After that two SCADA-specific cyber-attacks were simulated and TracerDAQ Pro was used to collect the power consumption of the PLC under normal and anomalous scenarios. Results showed that is possible to distinguish between the regular power usage of the PLC and when the PLC was under specific cyber-attacks.

Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users.

Science.gov (United States)

Veksler, Vladislav D; Buchler, Norbou; Hoffman, Blaine E; Cassenti, Daniel N; Sample, Char; Sugrim, Shridat

2018-01-01

Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision likelihood distributions, (b) human factors of cyber tools to address human system integration challenges, estimation of defender cognitive states, and opportunities for automation, (c) dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene, and (d) training effectiveness research and training scenarios to address human cyber-security performance, maturation of cyber-security skill sets, and effective decision-making. Models may be initially constructed at the group-level based on mean tendencies of each subject's subgroup, based on known statistics such as specific skill proficiencies, demographic characteristics, and cultural factors. For more precise and accurate predictions, cognitive models may be fine-tuned to each individual attacker, defender, or user profile, and updated over time (based on recorded behavior) via techniques such as model tracing and dynamic parameter fitting.

Cyber Crime & Cyber War – "Part of the Game": Cyber Security, Quo Vadis?

Directory of Open Access Journals (Sweden)

Karl H. Stingeder

2015-09-01

äventivmaßnahmen ist weder ausreichend noch nachhaltig. What roles does cyber crime play today? What differentiates cyber crime from cyber war? How must cyber security be organized in order to effectively ensure sustainable protection? Cyber crime activities are frequently characterized by the easy accessibility of fraudulent know-how and technical means. Due to the sluggish and inadequate implementation of coordinated countermeasures, cyber crimes are a low-risk and high-reward scenario for cyber criminals. The more organized and specialized a cyber crime network, the greater the potential for damage. In fact, cyber crime is the umbrella term for fraudulent activities via the World Wide Web. These rely on the model of "traditional" offline criminal behavior patterns, which are easy to access thanks to the technological spectrum of the Internet. Nonetheless, it is the technical execution of the crime that represents a crucial distinguishing characteristic between online and offline fraud. Furthermore, from the point of view of organized crime, governments and terror groups, a lower inhibition threshold for a military exploitation of the Internet is a focal point of cyber security. As soon as cyber crime activity is the means by which to achieve political goals, it is called cyber war. Sustainable measures directed against cyber crime and cyber war take place in a highly dynamic environment. Cyber criminals are usually well-equipped in terms of logistics and financial resources. Many are supported by governments. Cyber criminals have wide-ranging technical expertise, which enables them to develop customized malware to accomplish their goals. At present, many companies and public sector entities do not fully realize how imperative defense systems are. Cyber security focus on purely preventive measures is therefore neither sufficient nor sustainable.

Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users

OpenAIRE

Vladislav D. Veksler; Norbou Buchler; Blaine E. Hoffman; Daniel N. Cassenti; Char Sample; Shridat Sugrim

2018-01-01

Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision li...

Cyber Threats/Attacks and a Defensive Model to Mitigate Cyber Activities

OpenAIRE

Jawad Hussain Awan; Shazad Memon; Sheeraz Memon; Kamran Taj Pathan; Niaz Hussain Arijo

2018-01-01

Nowadays, every internet user is part of cyber world. In this way, millions of users, knowledge seekers, and service provider organizations are connected to each other, a vast number of common people shifted their everyday activities to cyber world as they can save their time, traffic problem and gets effective and costless services by using various services such as, online banking, social networking sites, government services and cloud services. The use of Cyber services, eBusiness, eCommerc...

Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users

Directory of Open Access Journals (Sweden)

Vladislav D. Veksler

2018-05-01

Full Text Available Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision likelihood distributions, (b human factors of cyber tools to address human system integration challenges, estimation of defender cognitive states, and opportunities for automation, (c dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene, and (d training effectiveness research and training scenarios to address human cyber-security performance, maturation of cyber-security skill sets, and effective decision-making. Models may be initially constructed at the group-level based on mean tendencies of each subject's subgroup, based on known statistics such as specific skill proficiencies, demographic characteristics, and cultural factors. For more precise and accurate predictions, cognitive models may be fine-tuned to each individual attacker, defender, or user profile, and updated over time (based on recorded behavior via techniques such as model tracing and dynamic parameter fitting.

Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users

Science.gov (United States)

Veksler, Vladislav D.; Buchler, Norbou; Hoffman, Blaine E.; Cassenti, Daniel N.; Sample, Char; Sugrim, Shridat

2018-01-01

Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision likelihood distributions, (b) human factors of cyber tools to address human system integration challenges, estimation of defender cognitive states, and opportunities for automation, (c) dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene, and (d) training effectiveness research and training scenarios to address human cyber-security performance, maturation of cyber-security skill sets, and effective decision-making. Models may be initially constructed at the group-level based on mean tendencies of each subject's subgroup, based on known statistics such as specific skill proficiencies, demographic characteristics, and cultural factors. For more precise and accurate predictions, cognitive models may be fine-tuned to each individual attacker, defender, or user profile, and updated over time (based on recorded behavior) via techniques such as model tracing and dynamic parameter fitting. PMID:29867661

Investigating the effect of Network Parameters on Coordinated Cyber Attacks against a Simulated Power Plant

OpenAIRE

GENGE BELA; SIATERLIS CHRISTOS

2011-01-01

The fact that modern Networked Industrial Control Systems (NICS) depend on Information and Communication Technologies (ICT), is well known. Although many studies have focused on the security of these systems, today we still lack the proper understanding of the effects that cyber attacks have on NICS. In this paper we use our previously developed framework to study the effects of coordinated cyber attacks against NICS. Coordinated attacks rely on several infected hosts to disrupt the ...

Cyber security in digitalized nuclear power plants

Energy Technology Data Exchange (ETDEWEB)

Sohn, Kwang Young; Yi, Woo June [KoRTS Co., Ltd., Daejeon (Korea, Republic of)

2008-10-15

This paper analyzer the cyber security issues pertaining to networks and general systems, and provides cyber security activity model. For this, the importance of security, and the domestic and international trends of cyber security are surveyed in order to introduce the strategies and countermeasures of cyber security which should be interfaced with Quality Assurance (QA) plan Based on the result of cyber security model introduced in this paper, activities for cyber security, work load, necessary resources and process for activities, and duration could be estimated hopefully.

Cyber security in digitalized nuclear power plants

International Nuclear Information System (INIS)

Sohn, Kwang Young; Yi, Woo June

2008-01-01

This paper analyzer the cyber security issues pertaining to networks and general systems, and provides cyber security activity model. For this, the importance of security, and the domestic and international trends of cyber security are surveyed in order to introduce the strategies and countermeasures of cyber security which should be interfaced with Quality Assurance (QA) plan Based on the result of cyber security model introduced in this paper, activities for cyber security, work load, necessary resources and process for activities, and duration could be estimated hopefully

Competitive Cyber-Insurance and Internet Security

Science.gov (United States)

Shetty, Nikhil; Schwartz, Galina; Felegyhazi, Mark; Walrand, Jean

This paper investigates how competitive cyber-insurers affect network security and welfare of the networked society. In our model, a user's probability to incur damage (from being attacked) depends on both his security and the network security, with the latter taken by individual users as given. First, we consider cyberinsurers who cannot observe (and thus, affect) individual user security. This asymmetric information causes moral hazard. Then, for most parameters, no equilibrium exists: the insurance market is missing. Even if an equilibrium exists, the insurance contract covers only a minor fraction of the damage; network security worsens relative to the no-insurance equilibrium. Second, we consider insurers with perfect information about their users' security. Here, user security is perfectly enforceable (zero cost); each insurance contract stipulates the required user security. The unique equilibrium contract covers the entire user damage. Still, for most parameters, network security worsens relative to the no-insurance equilibrium. Although cyber-insurance improves user welfare, in general, competitive cyber-insurers fail to improve network security.

A Cyber Situational Awareness Model for Network Administrators

Science.gov (United States)

2017-03-01

amount of unnecessary data and focus on the most important information that can help them better guarantee cyber security of their systems. 14. SUBJECT...the most important information that can help them better guarantee cyber security of their systems. vi THIS PAGE INTENTIONALLY LEFT BLANK vii...DISTRIBUTION CODE 13. ABSTRACT (maximum 200 words) Although there are many well-established cyber security tools and techniques available to

Legal Issues in Cyber Targeting

DEFF Research Database (Denmark)

Juhlin, Jonas Alastair

Imagine this scenario: Two states are in armed conflict with each other. In order to gain an advantage, one side launches a cyber-attack against the opponent’s computer network. The malicious malware paralyze the military computer network, as intended, but the malware spreads into the civilian...... system with physical damage to follow. This can happen and the natural question arises: What must be considered lawful targeting according to the international humanitarian law in cyber warfare? What steps must an attacker take to minimize the damage done to unlawful targets when conducting an offensive...... operation? How can the attacker separate military targets from civilian targets in cyber space? This paper addresses these questions and argues that a network (civilian or military) consist of several software components and that it is the individual components that is the target. If the components are used...

Industrial Espionage in Denmark: Collaborative Security in a Corporatist State

DEFF Research Database (Denmark)

Afsah, Ebrahim

the manner Danish state and society deal with regulatory questions, including the penal protection against industrial espionage. Unlike many other nations, Danes view their state as a friend and, consequently, accept and cooperate with a kind of intrusive state action that elsewhere would be viewed...

Microgrid cyber security reference architecture.

Energy Technology Data Exchange (ETDEWEB)

Veitch, Cynthia K.; Henry, Jordan M.; Richardson, Bryan T.; Hart, Derek H.

2013-07-01

This document describes a microgrid cyber security reference architecture. First, we present a high-level concept of operations for a microgrid, including operational modes, necessary power actors, and the communication protocols typically employed. We then describe our motivation for designing a secure microgrid; in particular, we provide general network and industrial control system (ICS)-speci c vulnerabilities, a threat model, information assurance compliance concerns, and design criteria for a microgrid control system network. Our design approach addresses these concerns by segmenting the microgrid control system network into enclaves, grouping enclaves into functional domains, and describing actor communication using data exchange attributes. We describe cyber actors that can help mitigate potential vulnerabilities, in addition to performance bene ts and vulnerability mitigation that may be realized using this reference architecture. To illustrate our design approach, we present a notional a microgrid control system network implementation, including types of communica- tion occurring on that network, example data exchange attributes for actors in the network, an example of how the network can be segmented to create enclaves and functional domains, and how cyber actors can be used to enforce network segmentation and provide the neces- sary level of security. Finally, we describe areas of focus for the further development of the reference architecture.

Cyber Security Policy. A methodology for Determining a National Cyber-Security Alert Level

Directory of Open Access Journals (Sweden)

Dan Constantin TOFAN

2012-01-01

Full Text Available Nowadays, assuring the security of the national cyber-space has become a big issue that can only be tackled through collaborative approaches. Threats cannot be confined to a single computer system just as much as computer systems are rendered useless without being con-nected to a supporting network. The authors of this article propose an innovative architecture of a system designated to help governments collect and analyze data about cyber-security in-cidents, from different organizations, dispersed nationwide, and acting within various economic sectors. The collected data will make us able to determine a national cyber-security alert score that could help policy makers in establishing the best strategies for protecting the national cyber-space.

Detecting Cyber-Attacks on Wireless Mobile Networks Using Multicriterion Fuzzy Classifier with Genetic Attribute Selection

Directory of Open Access Journals (Sweden)

El-Sayed M. El-Alfy

2015-01-01

Full Text Available With the proliferation of wireless and mobile network infrastructures and capabilities, a wide range of exploitable vulnerabilities emerges due to the use of multivendor and multidomain cross-network services for signaling and transport of Internet- and wireless-based data. Consequently, the rates and types of cyber-attacks have grown considerably and current security countermeasures for protecting information and communication may be no longer sufficient. In this paper, we investigate a novel methodology based on multicriterion decision making and fuzzy classification that can provide a viable second-line of defense for mitigating cyber-attacks. The proposed approach has the advantage of dealing with various types and sizes of attributes related to network traffic such as basic packet headers, content, and time. To increase the effectiveness and construct optimal models, we augmented the proposed approach with a genetic attribute selection strategy. This allows efficient and simpler models which can be replicated at various network components to cooperatively detect and report malicious behaviors. Using three datasets covering a variety of network attacks, the performance enhancements due to the proposed approach are manifested in terms of detection errors and model construction times.

Information fusion for cyber-security analytics

CERN Document Server

Karabatis, George; Aleroud, Ahmed

2017-01-01

This book highlights several gaps that have not been addressed in existing cyber security research. It first discusses the recent attack prediction techniques that utilize one or more aspects of information to create attack prediction models. The second part is dedicated to new trends on information fusion and their applicability to cyber security; in particular, graph data analytics for cyber security, unwanted traffic detection and control based on trust management software defined networks, security in wireless sensor networks & their applications, and emerging trends in security system design using the concept of social behavioral biometric. The book guides the design of new commercialized tools that can be introduced to improve the accuracy of existing attack prediction models. Furthermore, the book advances the use of Knowledge-based Intrusion Detection Systems (IDS) to complement existing IDS technologies. It is aimed towards cyber security researchers. .

KYPO Cyber Range: Design and Use Cases

OpenAIRE

Vykopal Jan; Ošlejšek Radek; Čeleda Pavel; Vizváry Martin; Tovarňák Daniel

2017-01-01

The physical and cyber worlds are increasingly intertwined and exposed to cyber attacks. The KYPO cyber range provides complex cyber systems and networks in a virtualized, fully controlled and monitored environment. Time-efficient and cost-effective deployment is feasible using cloud resources instead of a dedicated hardware infrastructure. This paper describes the design decisions made during it’s development. We prepared a set of use cases to evaluate the proposed design decisions and to de...

Cyber security for nuclear power plants

International Nuclear Information System (INIS)

Verma, Ruchi; Razdan, Mayuri; Munshi, Prabhat

2005-01-01

Cyber Security, cyber terrorism and cyber crime are the buzzwords in security related aspects of information technology. These terms are related to computers and networks that are critical for normal functionality and operations of nuclear power plants. At one end, this inter connected era is giving us the ease to perform various critical operation with a click of command, but on the other end it is giving rise to the new world of terrorism. In today's internet connected world, terrorism has left all the boundaries back and taken the new form, term it cyber terrorism or cyber crime. This paper aims to spread the awareness about cyber terrorism and how it can affect the overall security of nuclear power plants and establishments. (author)

Anti-social networking: crowdsourcing and the cyber defence of national critical infrastructures.

Science.gov (United States)

Johnson, Chris W

2014-01-01

We identify four roles that social networking plays in the 'attribution problem', which obscures whether or not cyber-attacks were state-sponsored. First, social networks motivate individuals to participate in Distributed Denial of Service attacks by providing malware and identifying potential targets. Second, attackers use an individual's social network to focus attacks, through spear phishing. Recipients are more likely to open infected attachments when they come from a trusted source. Third, social networking infrastructures create disposable architectures to coordinate attacks through command and control servers. The ubiquitous nature of these architectures makes it difficult to determine who owns and operates the servers. Finally, governments recruit anti-social criminal networks to launch attacks on third-party infrastructures using botnets. The closing sections identify a roadmap to increase resilience against the 'dark side' of social networking.

Nuclear Cyber Security Issues and Policy Recommendations

Energy Technology Data Exchange (ETDEWEB)

Lee, Cheol-Kwon; Lee, Dong-Young [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of); Lee, Na-Young; Hwang, Young-Soo [Korea Institute of Nuclear Nonproliferation and Control, Daejeon (Korea, Republic of)

2015-10-15

The cyber-attack against computer systems causes the loss of function which brings about the big economic loss, and it becomes a national-wide issue. In recent days the cyber threat has occurred in the national critical infrastructure around the world. In the nuclear industry, while discussing responses to various threats against nuclear facilities since 2006, cyber-terrorism was also discussed. But at that time, cyber-attacks against control networks in nuclear facilities were not seriously considered because those networks were isolated from the Internet thoroughly and it was evaluated that cyber penetration would not be possible. However Stuxnet worm virus which attacked Iran's nuclear facilities confirmed that the cyber security problem could occur even in other nuclear facilities. The facilities were isolated from the Internet. After the cyber incident, we began to discuss the topic of NPP cyber security. It is very difficult to predict whether or when or how the cyber-attack will be occurred, which is a characteristic of cyber-attack. They could be always detected only after when an incident had occurred. This paper summarizes the report, 'Nuclear Cyber Security Issues and Policy Recommendations' by issue committee in the Korea Nuclear Society, which reviewed the cyber security framework for nuclear facilities in the Republic of Korea being established to prevent nuclear facilities from cyber-attacks and to respond systematically. As a result this paper proposes several comments to improve the security and furthermore safety of nuclear facilities Digital technology will be used more widely at the national critical infrastructure including nuclear facilities in the future, and moreover wireless technologies and mobile devices will be soon introduced to nuclear industry. It is therefore anticipated that the rapid advance in digital technology will accelerate the opportunity of hacking these facilities.

Nuclear Cyber Security Issues and Policy Recommendations

International Nuclear Information System (INIS)

Lee, Cheol-Kwon; Lee, Dong-Young; Lee, Na-Young; Hwang, Young-Soo

2015-01-01

The cyber-attack against computer systems causes the loss of function which brings about the big economic loss, and it becomes a national-wide issue. In recent days the cyber threat has occurred in the national critical infrastructure around the world. In the nuclear industry, while discussing responses to various threats against nuclear facilities since 2006, cyber-terrorism was also discussed. But at that time, cyber-attacks against control networks in nuclear facilities were not seriously considered because those networks were isolated from the Internet thoroughly and it was evaluated that cyber penetration would not be possible. However Stuxnet worm virus which attacked Iran's nuclear facilities confirmed that the cyber security problem could occur even in other nuclear facilities. The facilities were isolated from the Internet. After the cyber incident, we began to discuss the topic of NPP cyber security. It is very difficult to predict whether or when or how the cyber-attack will be occurred, which is a characteristic of cyber-attack. They could be always detected only after when an incident had occurred. This paper summarizes the report, 'Nuclear Cyber Security Issues and Policy Recommendations' by issue committee in the Korea Nuclear Society, which reviewed the cyber security framework for nuclear facilities in the Republic of Korea being established to prevent nuclear facilities from cyber-attacks and to respond systematically. As a result this paper proposes several comments to improve the security and furthermore safety of nuclear facilities Digital technology will be used more widely at the national critical infrastructure including nuclear facilities in the future, and moreover wireless technologies and mobile devices will be soon introduced to nuclear industry. It is therefore anticipated that the rapid advance in digital technology will accelerate the opportunity of hacking these facilities

Cyber-Spatial Academic Networking for Energy (Oil, Natural Gas, Electricity Development in Nigeria

Directory of Open Access Journals (Sweden)

Richard INGWE

2014-01-01

Full Text Available Philosophers of society/sociology recently espoused the concept of a new society and its new paradigm distinguished from the old that was based on industry and the energy forms that drove them since the industrial revolution. The new society which is driven by information and communications technologies (ICTs has created the network society whereby cyber-spatial (internet-based platforms operate in leveraging previous and conventional interaction among researchers concerned with single subjects and/or multi-disciplinary research projects, exchanges of ideas, opinions, concerns/worries, viewpoints, project management, among other issues in the nexus of developing and applying academic knowledge. While most of those that are popularly used are of the universal (non-specific nationality or global character, fairly country-specific (i.e. restricted membership or nation-focused cyber-spatial platforms present opportunities for enhancing or optimizing the profit of academic interaction and exchanges that concentrate on challenges that are limited to one country but promote greater understanding among those academics involved compared to the rather universal cyber-spatial platforms. Here, we conceive and hypothetically theorize a cyber-spatial platform for enhancing interaction among Nigerian scholars and academics concerned with energy which has been driving industry. Examined in this article are: contexts of scholarship in Nigeria (tertiary educational institutions, research and knowledge needs for sustainable development; the network society as a suitable framework for theoretically framing the cyber-spatial platform; an exemplary multi-disciplinary approach for multi-disciplinary petroleum oil, natural gas and energy concentrating on (or drawing from the social sciences; management of the program; discussion and conclusion. The implications of this article for policy is that while the National Universities’ Commission and the Federal Ministry of

Behavior-based network management: a unique model-based approach to implementing cyber superiority

Science.gov (United States)

Seng, Jocelyn M.

2016-05-01

Behavior-Based Network Management (BBNM) is a technological and strategic approach to mastering the identification and assessment of network behavior, whether human-driven or machine-generated. Recognizing that all five U.S. Air Force (USAF) mission areas rely on the cyber domain to support, enhance and execute their tasks, BBNM is designed to elevate awareness and improve the ability to better understand the degree of reliance placed upon a digital capability and the operational risk.2 Thus, the objective of BBNM is to provide a holistic view of the digital battle space to better assess the effects of security, monitoring, provisioning, utilization management, allocation to support mission sustainment and change control. Leveraging advances in conceptual modeling made possible by a novel advancement in software design and implementation known as Vector Relational Data Modeling (VRDM™), the BBNM approach entails creating a network simulation in which meaning can be inferred and used to manage network behavior according to policy, such as quickly detecting and countering malicious behavior. Initial research configurations have yielded executable BBNM models as combinations of conceptualized behavior within a network management simulation that includes only concepts of threats and definitions of "good" behavior. A proof of concept assessment called "Lab Rat," was designed to demonstrate the simplicity of network modeling and the ability to perform adaptation. The model was tested on real world threat data and demonstrated adaptive and inferential learning behavior. Preliminary results indicate this is a viable approach towards achieving cyber superiority in today's volatile, uncertain, complex and ambiguous (VUCA) environment.

Some of Indonesian Cyber Law Problems

Science.gov (United States)

Machmuddin, D. D.; Pratama, B.

2017-01-01

Cyber regulation is very important to control human interaction within the Internet network in cyber space. On the surface, innovation development in science and technology facilitates human activity. But on the inside, innovation was controlled by new business model. In cyber business activities mingle with individual protection. By this condition, the law should keep the balance of the activities. Cyber law problems, were not particular country concern, but its global concern. This is a good opportunity for developing country to catch up with developed country. Beside this opportunity for talented people in law and technology is become necessity. This paper tries to describe cyber law in Indonesia. As a product of a developing country there are some of weakness that can be explained. Terminology and territory of cyber space is become interesting to discuss, because this two problems can give a broad view on cyber law in Indonesia.

Finding Malicious Cyber Discussions in Social Media

Science.gov (United States)

2016-02-02

reverse engineering, security, malware , blackhat) were labeled as cyber and posts on non- cyber topics (e.g., astronomy, electronics, beer, biology, mu...firewall, hash, infect, inject, install, key, malicious, malware , network, obfuscate, overflow, packet, password, payload, request, risk, scan, script...cyber vulnerabilities (e.g., malware , overflow, attack). The keyword system lacked the keywords used in Heartbleed discussions, and thus suffered from

Handbook on Securing Cyber-Physical Critical Infrastructure

CERN Document Server

Das, Sajal K; Zhang, Nan

2012-01-01

The worldwide reach of the Internet allows malicious cyber criminals to coordinate and launch attacks on both cyber and cyber-physical infrastructure from anywhere in the world. This purpose of this handbook is to introduce the theoretical foundations and practical solution techniques for securing critical cyber and physical infrastructures as well as their underlying computing and communication architectures and systems. Examples of such infrastructures include utility networks (e.g., electrical power grids), ground transportation systems (automotives, roads, bridges and tunnels), airports a

Effectively protecting cyber infrastructure and assessing security needs

Energy Technology Data Exchange (ETDEWEB)

Robbins, J.; Starman, R. [EWA Canada Ltd., Edmonton, AB (Canada)

2002-07-01

This presentation addressed some of the requirements for effectively protecting cyber infrastructure and assessing security needs. The paper discussed the hype regarding cyber attacks, and presented the Canadian reality (as viewed by CanCERT). An assessment of security concerns was also presented. Recent cyber attacks on computer networks have raised fears of unsafe energy networks. Some experts claim the attacks are linked to terrorism, others blame industrial spying and mischief. Others dismiss the notion that somebody could bring down a power grid with a laptop as being far-fetched. It was noted that the cyber security threat is real, and that attacks are becoming more sophisticated as we live in a target rich environment. The issue of assessing vulnerabilities was discussed along with the selection of safeguards such as improving SCADA systems and the latest encryption methods to prevent hackers from bringing down computer networks. 3 tabs., 23 figs.

Automated cyber threat analysis and specified process using vector relational data modeling

OpenAIRE

Kelly, Ryan Forrest

2014-01-01

Approved for public release; distribution is unlimited Computer network defense systems should be sufficiently integrated to pull data from any information source, model an expert cyber analyst’s decision process, continuously adapt to an evolving cyber threat environment, and amalgamate with industry standard network hardware. Unfortunately, cyber defense systems are generally stovepipe solutions that do not natively integrate disparate network systems. Correlation engines are generally l...

Cyber Warfare/Cyber Terrorism

National Research Council Canada - National Science Library

O'Hara, Timothy

2004-01-01

.... Section 1 concludes with a review of offensive and defensive cyber warfare concepts. Section 2 presents a general overview of cyber terrorism, including definitions of cyber terrorism and cyber terrorism support...

Emulation Platform for Cyber Analysis of Wireless Communication Network Protocols

Energy Technology Data Exchange (ETDEWEB)

Van Leeuwen, Brian P. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Eldridge, John M. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2017-11-01

Wireless networking and mobile communications is increasing around the world and in all sectors of our lives. With increasing use, the density and complexity of the systems increase with more base stations and advanced protocols to enable higher data throughputs. The security of data transported over wireless networks must also evolve with the advances in technologies enabling more capable wireless networks. However, means for analysis of the effectiveness of security approaches and implementations used on wireless networks are lacking. More specifically a capability to analyze the lower-layer protocols (i.e., Link and Physical layers) is a major challenge. An analysis approach that incorporates protocol implementations without the need for RF emissions is necessary. In this research paper several emulation tools and custom extensions that enable an analysis platform to perform cyber security analysis of lower layer wireless networks is presented. A use case of a published exploit in the 802.11 (i.e., WiFi) protocol family is provided to demonstrate the effectiveness of the described emulation platform.

Sensor Network Middleware for Cyber-Physical Systems: Opportunities and Challenges

Science.gov (United States)

Singh, G.

2015-12-01

Wireless Sensor Network middleware typically provides abstractions for common tasks such as atomicity, synchronization and communication with the intention of isolating the developers of distributed applications from lower-level details of the underlying platforms. Developing middleware to meet the performance constraints of applications is an important challenge. Although one would like to develop generic middleware services which can be used in a variety of different applications, efficiency considerations often force developers to design middleware and algorithms customized to specific operational contexts. This presentation will discuss techniques to design middleware that is customizable to suit the performance needs of specific applications. We also discuss the challenges poised in designing middleware for pervasive sensor networks and cyber-physical systems with specific focus on environmental monitoring.

KYPO – A Platform for Cyber Defence Exercises

OpenAIRE

Čeleda Pavel; Čegan Jakub; Vykopal Jan; Tovarňák Daniel

2015-01-01

Correct and timely responses to cyber attacks are crucial for the effective implementation of cyber defence strategies and policies. The number of threats and ingenuity of attackers is ever growing, as is the need for more advanced detection tools, techniques and skilled cyber security professionals. KYPO – Cyber Exercise & Research Platform is focused on modelling and simulating complex computer systems and networks in a virtualized and separated environment. The platform enables realist...

CyberWar, CyberTerror, CyberCrime

CERN Document Server

Mehan, Julie E

2008-01-01

CyberWar, CyberTerror, CyberCrime provides a stark and timely analysis of the increasingly hostile online landscape that today’s corporate systems inhabit, and gives a practical introduction to the defensive strategies that can be employed in response.

Cyber terrorism and cyber-crime – threats for cyber security

OpenAIRE

Ackoski, Jugoslav; Dojcinovski, Metodija

2012-01-01

This paper has aim to give contribution in supporting efforts against cyber threats recognized as a cyber terrorism and cyber crime. Also, it has aim to show future challenges related to cyber security and their emerging threats – cyber war, cyber terrorism and cyber crime. Accelerate weapon development called ICT (Information Communication Technology) which is developed every day faster and faster, and development of human conscious on higher level about consequences of ICT enormous pene...

7 Key Challenges for Visualization in Cyber Network Defense

Energy Technology Data Exchange (ETDEWEB)

Best, Daniel M.; Endert, Alexander; Kidwell, Dan

2014-12-02

In this paper we present seven challenges, informed by two user studies, to be considered when developing a visualization for cyber security purposes. Cyber security visualizations must go beyond isolated solutions and “pretty picture” visualizations in order to make impact to users. We provide an example prototype that addresses the challenges with a description of how they are met. Our aim is to assist in increasing utility and adoption rates for visualization capabilities in cyber security.

The Rhetoric of Industrial Espionage: The Case of "Starwood v. Hilton"

Science.gov (United States)

Jameson, Daphne A.

2011-01-01

When Starwood Hotels charged Hilton Hotels with industrial espionage, the case hinged on an employment agreement that two executives had violated. The rhetoric of the employment agreement contrasted greatly with that of the corporation's own code of business conduct. Whereas the private agreement stressed narrow self-interest, the public code…

Policing cyber hate, cyber threat and cyber terrorism

OpenAIRE

Chambers-Jones, C.

2013-01-01

In late August 2012 the Government Forum of Incident Response and Cyber security Teams (GFIRST) gathered in Atlanta to discuss cyber threats and how new realities are emerging and how new forms of regulation are needed. At the same time Policing cyber hate, cyber threat and cyber terrorism was published. This comprehensive book brings together a divergent problem and tackles each with a candid exploration. The book has ten chapters and covers aspects such as extortion via the internet, the ps...

Defense of Cyber Infrastructures Against Cyber-Physical Attacks Using Game-Theoretic Models.

Science.gov (United States)

Rao, Nageswara S V; Poole, Stephen W; Ma, Chris Y T; He, Fei; Zhuang, Jun; Yau, David K Y

2016-04-01

The operation of cyber infrastructures relies on both cyber and physical components, which are subject to incidental and intentional degradations of different kinds. Within the context of network and computing infrastructures, we study the strategic interactions between an attacker and a defender using game-theoretic models that take into account both cyber and physical components. The attacker and defender optimize their individual utilities, expressed as sums of cost and system terms. First, we consider a Boolean attack-defense model, wherein the cyber and physical subinfrastructures may be attacked and reinforced as individual units. Second, we consider a component attack-defense model wherein their components may be attacked and defended, and the infrastructure requires minimum numbers of both to function. We show that the Nash equilibrium under uniform costs in both cases is computable in polynomial time, and it provides high-level deterministic conditions for the infrastructure survival. When probabilities of successful attack and defense, and of incidental failures, are incorporated into the models, the results favor the attacker but otherwise remain qualitatively similar. This approach has been motivated and validated by our experiences with UltraScience Net infrastructure, which was built to support high-performance network experiments. The analytical results, however, are more general, and we apply them to simplified models of cloud and high-performance computing infrastructures. © 2015 Society for Risk Analysis.

Cyber Forensics Ontology for Cyber Criminal Investigation

Science.gov (United States)

Park, Heum; Cho, Sunho; Kwon, Hyuk-Chul

We developed Cyber Forensics Ontology for the criminal investigation in cyber space. Cyber crime is classified into cyber terror and general cyber crime, and those two classes are connected with each other. The investigation of cyber terror requires high technology, system environment and experts, and general cyber crime is connected with general crime by evidence from digital data and cyber space. Accordingly, it is difficult to determine relational crime types and collect evidence. Therefore, we considered the classifications of cyber crime, the collection of evidence in cyber space and the application of laws to cyber crime. In order to efficiently investigate cyber crime, it is necessary to integrate those concepts for each cyber crime-case. Thus, we constructed a cyber forensics domain ontology for criminal investigation in cyber space, according to the categories of cyber crime, laws, evidence and information of criminals. This ontology can be used in the process of investigating of cyber crime-cases, and for data mining of cyber crime; classification, clustering, association and detection of crime types, crime cases, evidences and criminals.

Social Networks and Cyber-bullying among Teenagers

OpenAIRE

RIZZA CAROLINE; MARTINHO GUIMARAES PIRES PEREIRA Angela

2013-01-01

In the digital society, even if ICT offers new opportunities and benefits to teenagers, it also poses significant challenges to them. More and more teenagers are becoming victims of aggression via ICT. In Europe, among the 9-16 year-old participants in the EU Kids Online survey (2011): 33 % were bothered or upset by inappropriate material online, 12 % were bothered or upset meeting online contacts offline, and 80 % were fairly or very upset by cyber-bullying. Cyber-bullying does not respect b...

Cyber-security: industrials must stop denying the risk of cyber-attacks

International Nuclear Information System (INIS)

Hausermann, L.

2015-01-01

The risk of cyber-attacks of industrial sites is real. Recently the Anvers port and the Bakou-Tbilissi-Ceyhan pipeline have been attacked. In both cases hackers succeeded: they were able to track sea containers in which drug was concealed and recover it in the Anvers port and in the case of the pipeline the hackers took control of the control system and were able to trigger a huge explosion by shunning security systems and allowing damaging pressure surges. The massive use of digital systems and of automated systems in various industrial sectors has led to huge network of inter-connected smart devices whose purpose is not to process data but to monitor and control. All these devices and equipment are controlled by software whose weaknesses and fault lines multiply the risk of cyber-attacks even for 'closed' networks. While the total hacking of a nuclear power plant is highly unlikely, real threats exist and must be taken into account. Innovative solutions based on the mapping of the fluxes of the system and combined with an inventory of all its weaknesses may pave the way towards cyber-security. (A.C.)

Developing the Cyber Defenders of Tomorrow with Regional Collegiate Cyber Defense Competitions (CCDC)

Science.gov (United States)

Carlin, Anna; Manson, Daniel P.; Zhu, Jake

2010-01-01

With the projected higher demand for Network Systems Analysts and increasing computer crime, network security specialists are an organization's first line of defense. The principle function of this paper is to provide the evolution of Collegiate Cyber Defense Competitions (CCDC), event planning required, soliciting sponsors, recruiting personnel…

Cyber security issues in online games

Science.gov (United States)

Zhao, Chen

2018-04-01

With the rapid development of the Internet, online gaming has become a way of entertainment for many young people in the modern era. However, in recent years, cyber security issues in online games have emerged in an endless stream, which have also caused great attention of many game operators. Common cyber security problems in the game include information disclosure and cyber-attacks. These problems will directly or indirectly cause economic losses to gamers. Many gaming companies are enhancing the stability and security of their network or gaming systems in order to enhance the gaming user experience. This article has carried out the research of the cyber security issues in online games by introducing the background and some common cyber security threats, and by proposing the latent solution. Finally, it speculates the future research direction of the cyber security issues of online games in the hope of providing feasible solution and useful information for game operators.

Proposed model for a cybersecurity centre of innovation for South Africa

CSIR Research Space (South Africa)

Jansen van Vuuren, J

2014-07-01

Full Text Available vulnerable. Cybercrime, digital espionage and other cyber disturbances dictate the news reports on a daily basis. In general, cyberattacks are no longer confined to small-scale rogue hackers. Cyber-attacks are now a part of organised crime and the underground...

Cyber Security Policy. A methodology for Determining a National Cyber-Security Alert Level

OpenAIRE

Dan Constantin TOFAN; Maria Lavinia ANDREI; Lavinia Mihaela DINCÄ‚

2012-01-01

Nowadays, assuring the security of the national cyber-space has become a big issue that can only be tackled through collaborative approaches. Threats cannot be confined to a single computer system just as much as computer systems are rendered useless without being con-nected to a supporting network. The authors of this article propose an innovative architecture of a system designated to help governments collect and analyze data about cyber-security in-cidents, from different organizations, di...

Cyber security deterrence and it protection for critical infrastructures

CERN Document Server

Martellini, Maurizio

2013-01-01

The experts of the International Working Group-Landau Network Centro Volta (IWG-LNCV) discuss aspects of cyber security and present possible methods of deterrence, defense and resilience against cyber attacks. This SpringerBrief covers state-of-the-art documentation on the deterrence power of cyber attacks and argues that nations are entering a new cyber arms race. The brief also provides a technical analysis of possible cyber attacks towards critical infrastructures in the chemical industry and chemical safety industry. The authors also propose modern analyses and a holistic approach to resil

Behavioural Profiling in Cyber-Social Systems

DEFF Research Database (Denmark)

Perno, Jason; Probst, Christian W.

2017-01-01

Computer systems have evolved from standalone systems, over networked systems, to cyber-physical systems. In all stages, human operators have been essential for the functioning of the system and for understanding system messages. Recent trends make human actors an even more central part of computer...... systems, resulting in what we call "cyber-social systems". In cyber-social systems, human actors and their interaction with a system are essential for the state of the system and its functioning. Both the system's operation and the human's operating it are based on an assumption of each other's behaviour...

Review on Cyber Security Programs for NPP Application

Energy Technology Data Exchange (ETDEWEB)

Oh, Eung Se [KEPRI, Daejeon (Korea, Republic of)

2010-10-15

Increased history records of cyber security (CS) attacks and concerns for computers and networks technical mishaps pull out cyber security to open places. In spite of secrete nature of security, transparent and shared knowledge of many security features are more required at modern plant floors. Korea Institute of Nuclear Safety (KINS), US Government and Nuclear Regulatory Commission (NRC) requested to develop cyber security plans and enforce their implementing to the NPPs. [KINS; CFR; RG 5.71] This paper reviews various cyber security guidelines and suggests an applicable cyber security program development models during the life cycle of NPP's Instrumentation and Control (I and C) systems

Review on Cyber Security Programs for NPP Application

International Nuclear Information System (INIS)

Oh, Eung Se

2010-01-01

Increased history records of cyber security (CS) attacks and concerns for computers and networks technical mishaps pull out cyber security to open places. In spite of secrete nature of security, transparent and shared knowledge of many security features are more required at modern plant floors. Korea Institute of Nuclear Safety (KINS), US Government and Nuclear Regulatory Commission (NRC) requested to develop cyber security plans and enforce their implementing to the NPPs. [KINS] [CFR] [RG 5.71] This paper reviews various cyber security guidelines and suggests an applicable cyber security program development models during the life cycle of NPP's Instrumentation and Control (I and C) systems

Development of Cyber Security Scheme for Nuclear Power Plant

Energy Technology Data Exchange (ETDEWEB)

Hong, S. B.; Choi, Y. S.; Cho, J. W. (and others)

2009-12-15

Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures.

Development of Cyber Security Scheme for Nuclear Power Plant

International Nuclear Information System (INIS)

Hong, S. B.; Choi, Y. S.; Cho, J. W.

2009-12-01

Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures

Integrated situational awareness for cyber attack detection, analysis, and mitigation

Science.gov (United States)

Cheng, Yi; Sagduyu, Yalin; Deng, Julia; Li, Jason; Liu, Peng

2012-06-01

Real-time cyberspace situational awareness is critical for securing and protecting today's enterprise networks from various cyber threats. When a security incident occurs, network administrators and security analysts need to know what exactly has happened in the network, why it happened, and what actions or countermeasures should be taken to quickly mitigate the potential impacts. In this paper, we propose an integrated cyberspace situational awareness system for efficient cyber attack detection, analysis and mitigation in large-scale enterprise networks. Essentially, a cyberspace common operational picture will be developed, which is a multi-layer graphical model and can efficiently capture and represent the statuses, relationships, and interdependencies of various entities and elements within and among different levels of a network. Once shared among authorized users, this cyberspace common operational picture can provide an integrated view of the logical, physical, and cyber domains, and a unique visualization of disparate data sets to support decision makers. In addition, advanced analyses, such as Bayesian Network analysis, will be explored to address the information uncertainty, dynamic and complex cyber attack detection, and optimal impact mitigation issues. All the developed technologies will be further integrated into an automatic software toolkit to achieve near real-time cyberspace situational awareness and impact mitigation in large-scale computer networks.

Secure estimation, control and optimization of uncertain cyber-physical systems with applications to power networks

Science.gov (United States)

Taha, Ahmad Fayez

Transportation networks, wearable devices, energy systems, and the book you are reading now are all ubiquitous cyber-physical systems (CPS). These inherently uncertain systems combine physical phenomena with communication, data processing, control and optimization. Many CPSs are controlled and monitored by real-time control systems that use communication networks to transmit and receive data from systems modeled by physical processes. Existing studies have addressed a breadth of challenges related to the design of CPSs. However, there is a lack of studies on uncertain CPSs subject to dynamic unknown inputs and cyber-attacks---an artifact of the insertion of communication networks and the growing complexity of CPSs. The objective of this dissertation is to create secure, computational foundations for uncertain CPSs by establishing a framework to control, estimate and optimize the operation of these systems. With major emphasis on power networks, the dissertation deals with the design of secure computational methods for uncertain CPSs, focusing on three crucial issues---(1) cyber-security and risk-mitigation, (2) network-induced time-delays and perturbations and (3) the encompassed extreme time-scales. The dissertation consists of four parts. In the first part, we investigate dynamic state estimation (DSE) methods and rigorously examine the strengths and weaknesses of the proposed routines under dynamic attack-vectors and unknown inputs. In the second part, and utilizing high-frequency measurements in smart grids and the developed DSE methods in the first part, we present a risk mitigation strategy that minimizes the encountered threat levels, while ensuring the continual observability of the system through available, safe measurements. The developed methods in the first two parts rely on the assumption that the uncertain CPS is not experiencing time-delays, an assumption that might fail under certain conditions. To overcome this challenge, networked unknown input

How to Achieve Early Botnet Detection at the Provider Level?

NARCIS (Netherlands)

Dietz, Christian; Sperotto, Anna; Dreo, G.; Pras, Aiko

Botnets are an enabler for many cyber-criminal activities and often responsible for DDoS attacks, banking fraud, cyber-espionage and extortion. Botnets are controlled by a botmaster that uses various advanced techniques to create, maintain and hide their complex and distributed C&C infrastructures.

Visiting Power Laws in Cyber-Physical Networking Systems

Directory of Open Access Journals (Sweden)

Ming Li

2012-01-01

Full Text Available Cyber-physical networking systems (CPNSs are made up of various physical systems that are heterogeneous in nature. Therefore, exploring universalities in CPNSs for either data or systems is desired in its fundamental theory. This paper is in the aspect of data, aiming at addressing that power laws may yet be a universality of data in CPNSs. The contributions of this paper are in triple folds. First, we provide a short tutorial about power laws. Then, we address the power laws related to some physical systems. Finally, we discuss that power-law-type data may be governed by stochastically differential equations of fractional order. As a side product, we present the point of view that the upper bound of data flow at large-time scaling and the small one also follows power laws.

Development of IT-based Cyber Security Technology for Nuclear Power Plant

International Nuclear Information System (INIS)

Hong, S. B.; Lee, J. C.; Choi, Y. S.; Choi, Y. R.; Cho, J. W.; Jung, C. E.; Jeong, K. I.; Park, B.; Koo, I. S.

2009-11-01

Development and enlargement of the high speed communication network make it possible the user to access online information easily. It generates changing offline activities to online in the economics, expansion of cultural interchanges and convenient life. But it also causes misuse, wiretapping, forgery and alteration of the information via illegal invasion(virus, hacking), and these are derived from the open network characteristic, weakness of the securities of the TCP/IP protocol and information systems. The security of individual and the national foundation facility(industry and government) can be threatened because of these problems, and theses can be used as a instrument of cyber-war. Many cyber security technologies have been developed to corp with the cyber threat. One of the most important national facility is the nuclear power plant and the necessity of the cyber security for the digital I and C of it have been proposed since middle of the 2000. KINS announced the regulation of the cyber security for the digital I and C of the nuclear power plant in 2007. The main concept of the cyber security for it is similar to the IT field that is treated as a leader of the cyber security. Because of the difference of the characteristics between the IT field and the nuclear industry, applying the cyber security technologies developed and used in the IT field to the nuclear industry has some critical constraints. We will analyze these problems and propose a cyber security method based on cryptograph and authentication for the I and C communication network in this report

Development of IT-based Cyber Security Technology for Nuclear Power Plant

Energy Technology Data Exchange (ETDEWEB)

Hong, S. B.; Lee, J. C.; Choi, Y. S.; Choi, Y. R.; Cho, J. W.; Jung, C. E.; Jeong, K. I.; Park, B.; Koo, I. S

2009-11-15

Development and enlargement of the high speed communication network make it possible the user to access online information easily. It generates changing offline activities to online in the economics, expansion of cultural interchanges and convenient life. But it also causes misuse, wiretapping, forgery and alteration of the information via illegal invasion(virus, hacking), and these are derived from the open network characteristic, weakness of the securities of the TCP/IP protocol and information systems. The security of individual and the national foundation facility(industry and government) can be threatened because of these problems, and theses can be used as a instrument of cyber-war. Many cyber security technologies have been developed to corp with the cyber threat. One of the most important national facility is the nuclear power plant and the necessity of the cyber security for the digital I and C of it have been proposed since middle of the 2000. KINS announced the regulation of the cyber security for the digital I and C of the nuclear power plant in 2007. The main concept of the cyber security for it is similar to the IT field that is treated as a leader of the cyber security. Because of the difference of the characteristics between the IT field and the nuclear industry, applying the cyber security technologies developed and used in the IT field to the nuclear industry has some critical constraints. We will analyze these problems and propose a cyber security method based on cryptograph and authentication for the I and C communication network in this report.

Of Social Engineers & Corporate Espionage Agents

DEFF Research Database (Denmark)

Yeboah-Boateng, Ezer Osei

2013-01-01

enormous and catastrophic cyber-risks to SMEs, in view of their insider-ness, access privileges and knowledge of the systems as well as associated inherent vulnerabilities. Cyber-security functionaries and chief-level officers were surveyed on various metrics of insider attacks and incidents. The findings...... indicate that financial and ICT oriented SMEs are mostly targeted, and the impact range from loss of sensitive data, loss of corporate resources, loss of market share as well as loss of customer and investor confidence. Since most social engineers capitalize on the end-user vulnerabilities and their sense...

Cyber-Physical Systems Security: a Systematic Mapping Study

OpenAIRE

Lun, Yuriy Zacchia; D'Innocenzo, Alessandro; Malavolta, Ivano; Di Benedetto, Maria Domenica

2016-01-01

Cyber-physical systems are integrations of computation, networking, and physical processes. Due to the tight cyber-physical coupling and to the potentially disrupting consequences of failures, security here is one of the primary concerns. Our systematic mapping study sheds some light on how security is actually addressed when dealing with cyber-physical systems. The provided systematic map of 118 selected studies is based on, for instance, application fields, various system components, relate...

A Markov game theoretic data fusion approach for cyber situational awareness

Science.gov (United States)

Shen, Dan; Chen, Genshe; Cruz, Jose B., Jr.; Haynes, Leonard; Kruger, Martin; Blasch, Erik

2007-04-01

This paper proposes an innovative data-fusion/ data-mining game theoretic situation awareness and impact assessment approach for cyber network defense. Alerts generated by Intrusion Detection Sensors (IDSs) or Intrusion Prevention Sensors (IPSs) are fed into the data refinement (Level 0) and object assessment (L1) data fusion components. High-level situation/threat assessment (L2/L3) data fusion based on Markov game model and Hierarchical Entity Aggregation (HEA) are proposed to refine the primitive prediction generated by adaptive feature/pattern recognition and capture new unknown features. A Markov (Stochastic) game method is used to estimate the belief of each possible cyber attack pattern. Game theory captures the nature of cyber conflicts: determination of the attacking-force strategies is tightly coupled to determination of the defense-force strategies and vice versa. Also, Markov game theory deals with uncertainty and incompleteness of available information. A software tool is developed to demonstrate the performance of the high level information fusion for cyber network defense situation and a simulation example shows the enhanced understating of cyber-network defense.

Cyber security analytics, technology and automation

CERN Document Server

Neittaanmäki, Pekka

2015-01-01

Over the last two decades, the Internet and more broadly cyberspace has had a tremendous impact on all parts of society. Governments across the world have started to develop cyber security strategies and to consider cyberspace as an increasingly important international issue. The book, in addition to the cyber threats and technology, processes cyber security from many sides as a social phenomenon and how the implementation of the cyber security strategy is carried out. The book gives a profound idea of the most spoken phenomenon of this time. The book is suitable for a wide-ranging audience from graduate to professionals/practitioners and researchers. Relevant disciplines for the book are  Telecommunications / Network security, Applied mathematics / Data analysis, Mobile systems / Security, Engineering / Security of critical infrastructure and Military science / Security.

Cyber Crime & Cyber War – "Part of the Game": Cyber Security, Quo Vadis?

OpenAIRE

Karl H. Stingeder

2015-01-01

Welche Rolle spielt Cyber Crime gegenwärtig? Was unterscheidet Cyber Crime von Cyber War? Wie muss Cyber Security gestaltet sein, um effektiven Schutz nachhaltig zu gewährleisten? Cyber Crime-Aktivitäten kennzeichnen sich häufig durch eine einfache Zugänglichkeit von betrügerischem Know-How und technischen Hilfsmitteln. Bedingt durch eine schleppende und mangelhafte Umsetzung von koordinierten Gegenmaßnahmen, resultieren Cyber-Delikte in einem Low-Risk und High-Reward Szenario für Cyber-Krimi...

Impact modeling and prediction of attacks on cyber targets

Science.gov (United States)

Khalili, Aram; Michalk, Brian; Alford, Lee; Henney, Chris; Gilbert, Logan

2010-04-01

In most organizations, IT (information technology) infrastructure exists to support the organization's mission. The threat of cyber attacks poses risks to this mission. Current network security research focuses on the threat of cyber attacks to the organization's IT infrastructure; however, the risks to the overall mission are rarely analyzed or formalized. This connection of IT infrastructure to the organization's mission is often neglected or carried out ad-hoc. Our work bridges this gap and introduces analyses and formalisms to help organizations understand the mission risks they face from cyber attacks. Modeling an organization's mission vulnerability to cyber attacks requires a description of the IT infrastructure (network model), the organization mission (business model), and how the mission relies on IT resources (correlation model). With this information, proper analysis can show which cyber resources are of tactical importance in a cyber attack, i.e., controlling them enables a large range of cyber attacks. Such analysis also reveals which IT resources contribute most to the organization's mission, i.e., lack of control over them gravely affects the mission. These results can then be used to formulate IT security strategies and explore their trade-offs, which leads to better incident response. This paper presents our methodology for encoding IT infrastructure, organization mission and correlations, our analysis framework, as well as initial experimental results and conclusions.

Medical cyber-physical systems: A survey.

Science.gov (United States)

Dey, Nilanjan; Ashour, Amira S; Shi, Fuqian; Fong, Simon James; Tavares, João Manuel R S

2018-03-10

Medical cyber-physical systems (MCPS) are healthcare critical integration of a network of medical devices. These systems are progressively used in hospitals to achieve a continuous high-quality healthcare. The MCPS design faces numerous challenges, including inoperability, security/privacy, and high assurance in the system software. In the current work, the infrastructure of the cyber-physical systems (CPS) are reviewed and discussed. This article enriched the researches of the networked Medical Device (MD) systems to increase the efficiency and safety of the healthcare. It also can assist the specialists of medical device to overcome crucial issues related to medical devices, and the challenges facing the design of the medical device's network. The concept of the social networking and its security along with the concept of the wireless sensor networks (WSNs) are addressed. Afterward, the CPS systems and platforms have been established, where more focus was directed toward CPS-based healthcare. The big data framework of CPSs is also included.

Cyber Panel Experimentation Program

National Research Council Canada - National Science Library

Haines, Joshua

2003-01-01

.... A variety of multi-step cyber attacks were perpetrated against the target network each of which typifies a current-day real-world attack. The preliminary results presented here represent those available at conclusion of the experiment process by BBN.

Cyber-security of nuclear facilities: stakes and challenges

International Nuclear Information System (INIS)

Marquez, T.

2016-01-01

Major players in the French nuclear industry have implemented the concept of cyber-resilience that aims at anticipating and identifying real threats and detecting the weaknesses of the critical installations in order to protect them more efficiently. French law imposes for some categories of installations including nuclear power plants the implementation of advanced protection solutions to reach a high standard of cyber security. Sentryo, a start-up has developed a system that allows the detection of intruders in a digital network by analysing the interactions between the nodes of the network. The intruder is detected when the interaction mapping appears to be different from a configuration considered as normal. The feedback experience shows that any function in an enterprise must be made aware of the cyber risk. (A.C.)

On Cyber Risk Management of Blockchain Networks: A Game Theoretic Approach

OpenAIRE

Feng, Shaohan; Wang, Wenbo; Xiong, Zehui; Niyato, Dusit; Wang, Ping; Wang, Shaun Shuxun

2018-01-01

Open-access blockchains based on proof-of-work protocols have gained tremendous popularity for their capabilities of providing decentralized tamper-proof ledgers and platforms for data-driven autonomous organization. Nevertheless, the proof-of-work based consensus protocols are vulnerable to cyber-attacks such as double-spending. In this paper, we propose a novel approach of cyber risk management for blockchain-based service. In particular, we adopt the cyber-insurance as an economic tool for...

Social networking-based simulations for nuclear security: Strategy assessment following nuclear cyber terror on South Korean nuclear power plants (NPPs)

International Nuclear Information System (INIS)

Woo, Tae Ho; Kwak, Sang Man

2015-01-01

Highlights: • The cyber terror modeling is made by the social networking algorithm. • This is applicable by the social networking service (SNS). • Security of nuclear industry could be controlled by the network theory. • Newly developed complex algorithm can be introduced. • Simplified graphics show the operator easily. - Abstract: Nuclear energy has been studied for the secure power productions, which is based on the simulation study following the incident of nuclear cyber terror attack on South Korean nuclear power plants (NPPs). The social networking is used for the terror incident modeling and its prevention strategies. The nuclear industry could be investigated in the aspect of minimizing the dangerous situations caused by possible terror attacks which are considered by the society oriented connectivity among the related people or groups. The social networking circle by system dynamics diagram (SNCSD) is constructed, where the configuration of a model social networking example by system dynamics (SD) is applied. From A to H regions, the values are obtained by the random numbers incorporated with the designed algorithms. The results show the comparative values of terror possibilities which are based on the proposed social networking algorithm. It is possible to prepare for potential terrorism in the nuclear industry

Cyber-Physical System Security With Deceptive Virtual Hosts for Industrial Control Networks

International Nuclear Information System (INIS)

Vollmer, Todd; Manic, Milos

2014-01-01

A challenge facing industrial control network administrators is protecting the typically large number of connected assets for which they are responsible. These cyber devices may be tightly coupled with the physical processes they control and human induced failures risk dire real-world consequences. Dynamic virtual honeypots are effective tools for observing and attracting network intruder activity. This paper presents a design and implementation for self-configuring honeypots that passively examine control system network traffic and actively adapt to the observed environment. In contrast to prior work in the field, six tools were analyzed for suitability of network entity information gathering. Ettercap, an established network security tool not commonly used in this capacity, outperformed the other tools and was chosen for implementation. Utilizing Ettercap XML output, a novel four-step algorithm was developed for autonomous creation and update of a Honeyd configuration. This algorithm was tested on an existing small campus grid and sensor network by execution of a collaborative usage scenario. Automatically created virtual hosts were deployed in concert with an anomaly behavior (AB) system in an attack scenario. Virtual hosts were automatically configured with unique emulated network stack behaviors for 92% of the targeted devices. The AB system alerted on 100% of the monitored emulated devices

Between Hype and Understatement: Reassessing Cyber Risks as a Security Strategy

OpenAIRE

Audrey Guinchard

2011-01-01

Most of the actions that fall under the trilogy of cyber crime, terrorism,and war exploit pre-existing weaknesses in the underlying technology.Because these vulnerabilities that exist in the network are not themselvesillegal, they tend to be overlooked in the debate on cyber security. A UKreport on the cost of cyber crime illustrates this approach. Its authors chose to exclude from their analysis the costs in anticipation of cyber crime, such as insurance costs and the costs of purchasing ant...

Cyber Security Risk Evaluation of a Nuclear I&C Using BN and ET

Directory of Open Access Journals (Sweden)

Jinsoo Shin

2017-04-01

Full Text Available Cyber security is an important issue in the field of nuclear engineering because nuclear facilities use digital equipment and digital systems that can lead to serious hazards in the event of an accident. Regulatory agencies worldwide have announced guidelines for cyber security related to nuclear issues, including U.S. NRC Regulatory Guide 5.71. It is important to evaluate cyber security risk in accordance with these regulatory guides. In this study, we propose a cyber security risk evaluation model for nuclear instrumentation and control systems using a Bayesian network and event trees. As it is difficult to perform penetration tests on the systems, the evaluation model can inform research on cyber threats to cyber security systems for nuclear facilities through the use of prior and posterior information and backpropagation calculations. Furthermore, we suggest a methodology for the application of analytical results from the Bayesian network model to an event tree model, which is a probabilistic safety assessment method. The proposed method will provide insight into safety and cyber security risks.

Automated Big Traffic Analytics for Cyber Security

OpenAIRE

Miao, Yuantian; Ruan, Zichan; Pan, Lei; Wang, Yu; Zhang, Jun; Xiang, Yang

2018-01-01

Network traffic analytics technology is a cornerstone for cyber security systems. We demonstrate its use through three popular and contemporary cyber security applications in intrusion detection, malware analysis and botnet detection. However, automated traffic analytics faces the challenges raised by big traffic data. In terms of big data's three characteristics --- volume, variety and velocity, we review three state of the art techniques to mitigate the key challenges including real-time tr...

Cyber entertainment system using an immersive networked virtual environment

Science.gov (United States)

Ihara, Masayuki; Honda, Shinkuro; Kobayashi, Minoru; Ishibashi, Satoshi

2002-05-01

Authors are examining a cyber entertainment system that applies IPT (Immersive Projection Technology) displays to the entertainment field. This system enables users who are in remote locations to communicate with each other so that they feel as if they are together. Moreover, the system enables those users to experience a high degree of presence, this is due to provision of stereoscopic vision as well as a haptic interface and stereo sound. This paper introduces this system from the viewpoint of space sharing across the network and elucidates its operation using the theme of golf. The system is developed by integrating avatar control, an I/O device, communication links, virtual interaction, mixed reality, and physical simulations. Pairs of these environments are connected across the network. This allows the two players to experience competition. An avatar of each player is displayed by the other player's IPT display in the remote location and is driven by only two magnetic sensors. That is, in the proposed system, users don't need to wear any data suit with a lot of sensors and they are able to play golf without any encumbrance.

Major Cyber threat on Nuclear Facility and Key Entry Points of Malicious Codes

Energy Technology Data Exchange (ETDEWEB)

Shin, Ickhyun; Kwon, Kookheui [Korea Institute of Nuclear Nonproliferation and Control, Daejeon (Korea, Republic of)

2013-05-15

Cyber security incident explicitly shows that the domestic intra net system which is not connected to the Internet can be compromised by the USB based mal ware which was developed by the state-sponsored group. It also tells that the actor for cyber-attack has been changed from script kiddies to state's governments and the target has been changed to nation's main infrastructures such as electricity, transportation and etc. Since the cyber sabotage on nuclear facility has been proven to be possible and can be replicated again with same method, the cyber security on nuclear facility must be strengthened. In this paper, it is explained why the malicious code is the one of the biggest cyber threat in nuclear facility's digital I and C(Instrumentation and Controls) system by analyzing recent cyber attacks and well-known malicious codes. And a feasible cyber attack scenario on nuclear facility's digital I and C system is suggested along with some security measures for prevention of malicious code. As experienced from the cyber sabotage on Iranian nuclear facility in 2010, cyber attack on nuclear facility can be replicated by infecting the computer network with malicious codes. One of the cyber attack scenario on nuclear digital I and C computer network with using malicious code was suggested to help security manager establishing cyber security plan for prevention of malicious code. And some security measures on prevention of malicious code are also provided for reference.

Major Cyber threat on Nuclear Facility and Key Entry Points of Malicious Codes

International Nuclear Information System (INIS)

Shin, Ickhyun; Kwon, Kookheui

2013-01-01

Cyber security incident explicitly shows that the domestic intra net system which is not connected to the Internet can be compromised by the USB based mal ware which was developed by the state-sponsored group. It also tells that the actor for cyber-attack has been changed from script kiddies to state's governments and the target has been changed to nation's main infrastructures such as electricity, transportation and etc. Since the cyber sabotage on nuclear facility has been proven to be possible and can be replicated again with same method, the cyber security on nuclear facility must be strengthened. In this paper, it is explained why the malicious code is the one of the biggest cyber threat in nuclear facility's digital I and C(Instrumentation and Controls) system by analyzing recent cyber attacks and well-known malicious codes. And a feasible cyber attack scenario on nuclear facility's digital I and C system is suggested along with some security measures for prevention of malicious code. As experienced from the cyber sabotage on Iranian nuclear facility in 2010, cyber attack on nuclear facility can be replicated by infecting the computer network with malicious codes. One of the cyber attack scenario on nuclear digital I and C computer network with using malicious code was suggested to help security manager establishing cyber security plan for prevention of malicious code. And some security measures on prevention of malicious code are also provided for reference

Recommendations on Future Operational Environments Command Control and Cyber Security

OpenAIRE

Goztepe, Kerim

2015-01-01

It is a well-known fact that today a nation's telecommunication networks, critical infrastructure, and information systems are vulnerable to growing number of attacks in cyberspace. Cyber space contains very different problems involving various sets of threats, targets and costs. Cyber security is not only problem of banking, communication or transportation. It also threatens core systems of army as command control. Some significant recommendations on command control (C2) and cyber security h...

Proposed Model for a Cybersecurity Centre of Innovation for South Africa

OpenAIRE

Vuuren , Joey ,; Grobler , Marthie; Leenen , Louise; Phahlamohlaka , Jackie

2014-01-01

Part 3: Peace, War, Cyber-Security and ICT; International audience; Most communications in the new era are dependent on Information and Communication Technology (ICT). In addition, infrastructure is becoming increasingly interconnected. This not only makes lives easier, but also leaves technology users more vulnerable. Cybercrime, digital espionage and other cyber disturbances dictate the news reports on a daily basis. In general, cyber-attacks are no longer confined to small-scale rogue hack...

Cyber Incidents Involving Control Systems

Energy Technology Data Exchange (ETDEWEB)

Robert J. Turk

2005-10-01

The Analysis Function of the US-CERT Control Systems Security Center (CSSC) at the Idaho National Laboratory (INL) has prepared this report to document cyber security incidents for use by the CSSC. The description and analysis of incidents reported herein support three CSSC tasks: establishing a business case; increasing security awareness and private and corporate participation related to enhanced cyber security of control systems; and providing informational material to support model development and prioritize activities for CSSC. The stated mission of CSSC is to reduce vulnerability of critical infrastructure to cyber attack on control systems. As stated in the Incident Management Tool Requirements (August 2005) ''Vulnerability reduction is promoted by risk analysis that tracks actual risk, emphasizes high risk, determines risk reduction as a function of countermeasures, tracks increase of risk due to external influence, and measures success of the vulnerability reduction program''. Process control and Supervisory Control and Data Acquisition (SCADA) systems, with their reliance on proprietary networks and hardware, have long been considered immune to the network attacks that have wreaked so much havoc on corporate information systems. New research indicates this confidence is misplaced--the move to open standards such as Ethernet, Transmission Control Protocol/Internet Protocol, and Web technologies is allowing hackers to take advantage of the control industry's unawareness. Much of the available information about cyber incidents represents a characterization as opposed to an analysis of events. The lack of good analyses reflects an overall weakness in reporting requirements as well as the fact that to date there have been very few serious cyber attacks on control systems. Most companies prefer not to share cyber attack incident data because of potential financial repercussions. Uniform reporting requirements will do much to make this

Cyber secure systems approach for NPP digital control systems

Energy Technology Data Exchange (ETDEWEB)

McCreary, T. J.; Hsu, A. [HF Controls Corporation, 16650 Westgrove Drive, Addison, TX 75001 (United States)

2006-07-01

an intruder attempting to disrupt network communications by entering the system from an attached utility network or utilizing a modem connected to a control system PC that is in turn connected to a publicly accessible phone; 2)Threat from a user connecting an unauthorized computer to the control network; 3)Threat from a security attack when an unauthorized user gains access to a PC connected to the plant network;. 4)Threat from internal disruption (by plant staff, whether, malicious or otherwise) by unauthorized usage of files or file handling media that opens the system to security threat (as typified in current situation in most control rooms). The plant I and C system cyber security design and the plant specific procedures should adequately demonstrate protection from the four pertinent classes of cyber security attacks. The combination of these features should demonstrate that the system is not vulnerable to any analyzed cyber security attacks either from internal sources or through network connections. The authors will provide configurations that will demonstrate the Cyber Security Zone. (authors)

Cyber secure systems approach for NPP digital control systems

International Nuclear Information System (INIS)

McCreary, T. J.; Hsu, A.

2006-01-01

disrupt network communications by entering the system from an attached utility network or utilizing a modem connected to a control system PC that is in turn connected to a publicly accessible phone; 2)Threat from a user connecting an unauthorized computer to the control network; 3)Threat from a security attack when an unauthorized user gains access to a PC connected to the plant network;. 4)Threat from internal disruption (by plant staff, whether, malicious or otherwise) by unauthorized usage of files or file handling media that opens the system to security threat (as typified in current situation in most control rooms). The plant I and C system cyber security design and the plant specific procedures should adequately demonstrate protection from the four pertinent classes of cyber security attacks. The combination of these features should demonstrate that the system is not vulnerable to any analyzed cyber security attacks either from internal sources or through network connections. The authors will provide configurations that will demonstrate the Cyber Security Zone. (authors)

Cross-Layer Damage Assessment for Cyber Situational Awareness

Science.gov (United States)

Liu, Peng; Jia, Xiaoqi; Zhang, Shengzhi; Xiong, Xi; Jhi, Yoon-Chan; Bai, Kun; Li, Jason

Damage assessment plays a very important role in securing enterprise networks and systems. Gaining good awareness about the effects and impact of cyber attack actions would enable security officers to make the right cyber defense decisions and take the right cyber defense actions. A good number of damage assessment techniques have been proposed in the literature, but they typically focus on a single abstraction level (of the software system in concern). As a result, existing damage assessment techniques and tools are still very limited in satisfying the needs of comprehensive damage assessment which should not result in any “blind spots”.

EPIC: A Testbed for Scientifically Rigorous Cyber-Physical Security Experimentation

OpenAIRE

SIATERLIS CHRISTOS; GENGE BELA; HOHENADEL MARC

2013-01-01

Recent malware, like Stuxnet and Flame, constitute a major threat to Networked Critical Infrastructures (NCIs), e.g., power plants. They revealed several vulnerabilities in today's NCIs, but most importantly they highlighted the lack of an efficient scientific approach to conduct experiments that measure the impact of cyber threats on both the physical and the cyber parts of NCIs. In this paper we present EPIC, a novel cyber-physical testbed and a modern scientific instrument that can pr...

Cyber security risk evaluation of a nuclear I and C using BN and ET

Energy Technology Data Exchange (ETDEWEB)

Shin, Jin Soo; Heo, Gyun Young [Dept. of Nuclear Engineering, Kyung Hee University, Yongin (Korea, Republic of); Son, Han Seong [Computer and Game Science, Joongbu University, Geumsan (Korea, Republic of)

2017-04-15

Cyber security is an important issue in the field of nuclear engineering because nuclear facilities use digital equipment and digital systems that can lead to serious hazards in the event of an accident. Regulatory agencies worldwide have announced guidelines for cyber security related to nuclear issues, including U.S. NRC Regulatory Guide 5.71. It is important to evaluate cyber security risk in accordance with these regulatory guides. In this study, we propose a cyber security risk evaluation model for nuclear instrumentation and control systems using a Bayesian network and event trees. As it is difficult to perform penetration tests on the systems, the evaluation model can inform research on cyber threats to cyber security systems for nuclear facilities through the use of prior and posterior information and backpropagation calculations. Furthermore, we suggest a methodology for the application of analytical results from the Bayesian network model to an event tree model, which is a probabilistic safety assessment method. The proposed method will provide insight into safety and cyber security risks.

Cyber security risk evaluation of a nuclear I and C using BN and ET

International Nuclear Information System (INIS)

Shin, Jin Soo; Heo, Gyun Young; Son, Han Seong

2017-01-01

Cyber security is an important issue in the field of nuclear engineering because nuclear facilities use digital equipment and digital systems that can lead to serious hazards in the event of an accident. Regulatory agencies worldwide have announced guidelines for cyber security related to nuclear issues, including U.S. NRC Regulatory Guide 5.71. It is important to evaluate cyber security risk in accordance with these regulatory guides. In this study, we propose a cyber security risk evaluation model for nuclear instrumentation and control systems using a Bayesian network and event trees. As it is difficult to perform penetration tests on the systems, the evaluation model can inform research on cyber threats to cyber security systems for nuclear facilities through the use of prior and posterior information and backpropagation calculations. Furthermore, we suggest a methodology for the application of analytical results from the Bayesian network model to an event tree model, which is a probabilistic safety assessment method. The proposed method will provide insight into safety and cyber security risks

VTAC: virtual terrain assisted impact assessment for cyber attacks

Science.gov (United States)

Argauer, Brian J.; Yang, Shanchieh J.

2008-03-01

Overwhelming intrusion alerts have made timely response to network security breaches a difficult task. Correlating alerts to produce a higher level view of intrusion state of a network, thus, becomes an essential element in network defense. This work proposes to analyze correlated or grouped alerts and determine their 'impact' to services and users of the network. A network is modeled as 'virtual terrain' where cyber attacks maneuver. Overlaying correlated attack tracks on virtual terrain exhibits the vulnerabilities exploited by each track and the relationships between them and different network entities. The proposed impact assessment algorithm utilizes the graph-based virtual terrain model and combines assessments of damages caused by the attacks. The combined impact scores allow to identify severely damaged network services and affected users. Several scenarios are examined to demonstrate the uses of the proposed Virtual Terrain Assisted Impact Assessment for Cyber Attacks (VTAC).

Cyber crime and cyber warfare with international cyber collaboration for RSA – preparing communities

CSIR Research Space (South Africa)

Grobler, M

2012-03-01

Full Text Available aspects come into play that may have an influence on the manner in which the military reacts to cyber attacks (Wilson 2007): ? new national security policy issues; ? consideration of psychological operations used to affect friendly nations... relationship between modern cyber space, cyber warfare and traditional legislation. As a starting point, cyber warfare is defined for the purpose of this article as the use of exploits in cyber space as a way to intentionally cause harm to people, assets...

Preventing and Coping Strategies for Cyber Bullying and Cyber Victimization

OpenAIRE

Erdinc Ozturk; Gizem Akcan

2016-01-01

Although there are several advantages of information and communication technologies, they cause some problems like cyber bullying and cyber victimization. Cyber bullying and cyber victimization have lots of negative effects on people. There are lots of different strategies to prevent cyber bullying and victimization. This study was conducted to provide information about the strategies that are used to prevent cyber bullying and cyber victimization. 120 (60 women, 60 men) university students w...

Human organ trafficking in the cyber space

Directory of Open Access Journals (Sweden)

Vuletić Dejan

2009-01-01

Full Text Available The accelerated growth of the information-communication technology use brought about cyber crime as a new form of crime connected with the misuse of computer network. Human trafficking and human organ trafficking are changing in line with the state-of-art technological achievements i.e. becoming more and more characteristic of cyber space. Passing appropriate regulations at both national and international levels presents an important step in solving the problem of human organ trafficking through Internet.

Simulating cyber warfare and cyber defenses: information value considerations

Science.gov (United States)

Stytz, Martin R.; Banks, Sheila B.

2011-06-01

Simulating cyber warfare is critical to the preparation of decision-makers for the challenges posed by cyber attacks. Simulation is the only means we have to prepare decision-makers for the inevitable cyber attacks upon the information they will need for decision-making and to develop cyber warfare strategies and tactics. Currently, there is no theory regarding the strategies that should be used to achieve objectives in offensive or defensive cyber warfare, and cyber warfare occurs too rarely to use real-world experience to develop effective strategies. To simulate cyber warfare by affecting the information used for decision-making, we modify the information content of the rings that are compromised during in a decision-making context. The number of rings affected and value of the information that is altered (i.e., the closeness of the ring to the center) is determined by the expertise of the decision-maker and the learning outcome(s) for the simulation exercise. We determine which information rings are compromised using the probability that the simulated cyber defenses that protect each ring can be compromised. These probabilities are based upon prior cyber attack activity in the simulation exercise as well as similar real-world cyber attacks. To determine which information in a compromised "ring" to alter, the simulation environment maintains a record of the cyber attacks that have succeeded in the simulation environment as well as the decision-making context. These two pieces of information are used to compute an estimate of the likelihood that the cyber attack can alter, destroy, or falsify each piece of information in a compromised ring. The unpredictability of information alteration in our approach adds greater realism to the cyber event. This paper suggests a new technique that can be used for cyber warfare simulation, the ring approach for modeling context-dependent information value, and our means for considering information value when assigning cyber

Measuring the effectiveness of SDN mitigations against cyber attacks

NARCIS (Netherlands)

Koning, R.; de Graaff, B.; Meijer, R.; de Laat, C.; Grosso, P.

2017-01-01

To address increasing problems caused by cyber attacks, we leverage Software Defined networks and Network Function Virtualisation governed by a SARNET-agent to enable autonomous response and attack mitigation. A Secure Autonomous Response Network (SARNET) uses a control loop to constantly assess the

US Cyber Challenge Research

Science.gov (United States)

2012-02-01

Computers (General Term), Information Systems or Information Technology 0 6 5 1 1 13 Criminal Justice 0 0 0 1 0 1 Economics 0 0 1 0 0 1 Electrical...Assurance or Computer Security 8 6 15 10 7 46 Information Technology 4 1 9 1 4 19 Nanotechnology 0 1 0 0 0 1 Networking or Network Security 7 1 2 2 4...FORCE RESEARCH LABORATORY INFORMATION DIRECTORATE US CYBER CHALLENGE RESEARCH CENTER FOR INTERNET SECURITY, INC FEBRUARY

A Reasoning Method of Cyber-Attack Attribution Based on Threat Intelligence

OpenAIRE

Li Qiang; Yang Ze-Ming; Liu Bao-Xu; Jiang Zheng-Wei

2016-01-01

With the increasing complexity of cyberspace security, the cyber-attack attribution has become an important challenge of the security protection systems. The difficult points of cyber-attack attribution were forced on the problems of huge data handling and key data missing. According to this situation, this paper presented a reasoning method of cyber-attack attribution based on threat intelligence. The method utilizes the intrusion kill chain model and Bayesian network to build attack chain a...

Improving Cyber-Security of Power System State Estimators

OpenAIRE

Giannini, Martina

2014-01-01

During the last century, technological advances have deeply renewed many critical infrastructures, such as transportation networks and power systems. In fact, the strong interconnection between physical process, communication channels, and control systems have led to the new concept of cyber-physical systems. Next to countless new advantages, these systems unfortunately have also new weaknesses. An example is cyber-attacks: malicious intrusions into the communication channel turned to manipul...

Cyber-Physical Trade-Offs in Distributed Detection Networks

International Nuclear Information System (INIS)

Rao, Nageswara S.; Yao, David K.Y.; Chin, J.C.; Ma, Chris Y.T.; Madan, Rabinder

2010-01-01

We consider a network of sensors that measure the scalar intensity due to the background or a source combined with background, inside a two-dimensional monitoring area. The sensor measurements may be random due to the underlying nature of the source and background or due to sensor errors or both. The detection problem is to infer the presence of a source of unknown intensity and location based on sensor measurements. In the conventional approach, detection decisions are made at the individual sensors, which are then combined at the fusion center, for example using the majority rule. With increased communication and computation costs, we show that a more complex fusion algorithm based on measurements achieves better detection performance under smooth and non-smooth source intensity functions, Lipschitz conditions on probability ratios and a minimum packing number for the state-space. We show that these conditions for trade-offs between the cyber costs and physical detection performance are applicable for two detection problems: (i) point radiation sources amidst background radiation, and (ii) sources and background with Gaussian distributions.

Cyber-physical architecture assisted by programmable networking

DEFF Research Database (Denmark)

Rubio-Hernan, Jose; Sahay, Rishikesh; De Cicco, Luca

2018-01-01

Cyber‐physical technologies are prone to attacks in addition to faults and failures. The issue of protecting cyber‐physical systems should be tackled by jointly addressing security at both cyber and physical domains in order to promptly detect and mitigate cyber‐physical threats. Toward this end...

Cyber Norms for Civilian Nuclear Power Plants

Energy Technology Data Exchange (ETDEWEB)

Spirito, Christopher

2016-11-01

The international community agrees that the safe operation of civilian nuclear infrastructure is in every population’s best interest. One challenge each government must address is defining and agreeing to a set of acceptable norms of behavior in cyberspace as they relate to these facilities. The introduction of digital systems and networking technologies into these environments has led to the possibility that control and supporting computer systems are now accessible and exploitable, especially where interconnections to global information and communications technology (ICT) networks exist. The need for norms of behavior in cyberspace includes what is expected of system architects and cyber defenders as well as adversaries who should abide by rules of engagement even while conducting acts that violate national and international laws. The goal of this paper is to offer three behavioral cyber norms to improve the overall security of the ICT and Operational Technology (OT) networks and systems that underlie the operations of nuclear facilities. These norms of behavior will be specifically defined with the goals of reducing the threats associated to the theft of nuclear materials, accidental release of radiation and sabotage of nuclear processes. These norms would also include instances where an unwitting attacker or intelligence collection entity inadvertently makes their way into a nuclear facility network or system and can recognize they are in a protected zone and an approach to ensuring that these zones are not exploitable by bad actors to place their sensitive cyber effect delivery systems.

Interdependent Risk and Cyber Security: An Analysis of Security Investment and Cyber Insurance

Science.gov (United States)

Shim, Woohyun

2010-01-01

An increasing number of firms rely on highly interconnected information networks. In such environments, defense against cyber attacks is complicated by residual risks caused by the interdependence of information security decisions of firms. IT security is affected not only by a firm's own management strategies but also by those of others. This…

Is It Time for a US Cyber Force?

Science.gov (United States)

2015-02-17

network of information technology (IT) and resident data, including the Internet , telecommunications networks, computer systems, and embedded processors...and controllers.13 JP 3-12 further goes on to explain cyberspace in terms of three layers: physical network, logical network, and cyber- persona .14...zero day) vulnerabilities against Microsoft operating system code using trusted hardware vendor certificates to cloak their presence. Though not

Virtual Voices with Real-Life Consequences: Teaching Students about Cyber-Vetting

Science.gov (United States)

Hanasono, Lisa Kiyomi

2013-01-01

Despite its pervasiveness, many students do not realize how online communication can impact their careers and relationships. Cyber-vetting occurs when people use online search engines, social networking sites, and other Internet tools to uncover information about others. Because cyber-vetting is a relatively new concept, most communication…

Cyber-assurance for the Internet of Things

CERN Document Server

2017-01-01

This book discusses the cyber-assurance needs of the IoT environment, highlighting key information assurance (IA) IoT issues and identifying the associated security implications. Through contributions from cyber-assurance, IA, information security and IoT industry practitioners and experts, the text covers fundamental and advanced concepts necessary to grasp current IA issues, challenges, and solutions for the IoT. The future trends in IoT infrastructures, architectures and applications are also examined. Other topics discussed include the IA protection of IoT systems and information being stored, processed or transmitted from unauthorized access or modification of machine-2-machine (M2M) devices, radio-frequency identification (RFID) networks, wireless sensor networks, smart grids, and supervisory control and data acquisition (SCADA) systems. The book also discusses IA measures necessary to detect, rotect, and defend IoT information and networks/systems to ensure their availability, integrity, authentication...

Generating realistic environments for cyber operations development, testing, and training

Science.gov (United States)

Berk, Vincent H.; Gregorio-de Souza, Ian; Murphy, John P.

2012-06-01

Training eective cyber operatives requires realistic network environments that incorporate the structural and social complexities representative of the real world. Network trac generators facilitate repeatable experiments for the development, training and testing of cyber operations. However, current network trac generators, ranging from simple load testers to complex frameworks, fail to capture the realism inherent in actual environments. In order to improve the realism of network trac generated by these systems, it is necessary to quantitatively measure the level of realism in generated trac with respect to the environment being mimicked. We categorize realism measures into statistical, content, and behavioral measurements, and propose various metrics that can be applied at each level to indicate how eectively the generated trac mimics the real world.

Between Hype and Understatement: Reassessing Cyber Risks as a Security Strategy

Directory of Open Access Journals (Sweden)

Audrey Guinchard

2011-01-01

Full Text Available Most of the actions that fall under the trilogy of cyber crime, terrorism,and war exploit pre-existing weaknesses in the underlying technology.Because these vulnerabilities that exist in the network are not themselvesillegal, they tend to be overlooked in the debate on cyber security. A UKreport on the cost of cyber crime illustrates this approach. Its authors chose to exclude from their analysis the costs in anticipation of cyber crime, such as insurance costs and the costs of purchasing anti-virus software on the basis that "these are likely to be factored into normal day-to-day expenditures for the Government, businesses, and individuals. This article contends if these costs had been quantified and integrated into the cost of cyber crime, then the analysis would have revealed that what matters is not so much cyber crime, but the fertile terrain of vulnerabilities that unleash a range of possibilities to whomever wishes to exploit them. By downplaying the vulnerabilities, the threats represented by cyber war, cyber terrorism, and cyber crime are conversely inflated. Therefore, reassessing risk as a strategy for security in cyberspace must include acknowledgment of understated vulnerabilities, as well as a better distributed knowledge about the nature and character of the overhyped threats of cyber crime, cyber terrorism, and cyber war.

Cyber Security--Are You Prepared?

Science.gov (United States)

Newman, Scott

2007-01-01

During the summer 2002 term, Oklahoma State University-Okmulgee's Information Technologies Division offered a one credit-hour network security course--which barely had adequate student interest to meet the institution's enrollment requirements. Today, OSU-Okmulgee boasts one of the nation's premier cyber security programs. Many prospective…

Publications | Page 12 | IDRC - International Development Research ...

International Development Research Centre (IDRC) Digital Library (Canada)

Results 111 - 120 of 6341 ... This violence overwhelmingly affects low-income, young black men ... is essential to growth, poverty reduction, and food security. ... Canada's cyber steward on digital espionage, democracy and protecting the Internet.

Protecting water and wastewater infrastructure from cyber attacks

Science.gov (United States)

Panguluri, Srinivas; Phillips, William; Cusimano, John

2011-12-01

Multiple organizations over the years have collected and analyzed data on cyber attacks and they all agree on one conclusion: cyber attacks are real and can cause significant damages. This paper presents some recent statistics on cyber attacks and resulting damages. Water and wastewater utilities must adopt countermeasures to prevent or minimize the damage in case of such attacks. Many unique challenges are faced by the water and wastewater industry while selecting and implementing security countermeasures; the key challenges are: 1) the increasing interconnection of their business and control system networks, 2) large variation of proprietary industrial control equipment utilized, 3) multitude of cross-sector cyber-security standards, and 4) the differences in the equipment vendor's approaches to meet these security standards. The utilities can meet these challenges by voluntarily selecting and adopting security standards, conducting a gap analysis, performing vulnerability/risk analysis, and undertaking countermeasures that best meets their security and organizational requirements. Utilities should optimally utilize their limited resources to prepare and implement necessary programs that are designed to increase cyber-security over the years. Implementing cyber security does not necessarily have to be expensive, substantial improvements can be accomplished through policy, procedure, training and awareness. Utilities can also get creative and allocate more funding through annual budgets and reduce dependence upon capital improvement programs to achieve improvements in cyber-security.

Protecting water and wastewater infrastructure from cyber attacks

Institute of Scientific and Technical Information of China (English)

Srinivas Panguluri; William Phillips; John Cusimano

2011-01-01

Multiple organizations over the years have collected and analyzed data on cyber attacks and they all agree on one conclusion:cyber attacks are real and can cause significant damages.This paper presents some recent statistics on cyber attacks and resulting damages.Water and wastewater utilities must adopt countermeasures to prevent or minimize the damage in case of such attacks.Many unique challenges are faced by the water and wastewater industry while selecting and implementing security countermeasures; the key challenges are:1) the increasing interconnection of their business and control system networks,2) large variation of proprietary industrial control equipment utilized,3) multitude of cross-sector cyber-security standards,and 4) the differences in the equipment vendor's approaches to meet these security standards.The utilities can meet these challenges by voluntarily selecting and adopting security standards,conducting a gap analysis,performing vulnerability/risk analysis,and undertaking countermeasures that best meets their security and organizational requirements.Utilities should optimally utilize their limited resources to prepare and implement necessary programs that are designed to increase cyber-security over the years.Implementing cyber security does not necessarily have to be expensive,substantial improvements can be accomplished through policy,procedure,training and awareness.Utilities can also get creative and allocate more funding through annual budgets and reduce dependence upon capital improvement programs to achieve improvements in cyber-security.

Data Intensive Architecture for Scalable Cyber Analytics

Energy Technology Data Exchange (ETDEWEB)

Olsen, Bryan K.; Johnson, John R.; Critchlow, Terence J.

2011-12-19

Cyber analysts are tasked with the identification and mitigation of network exploits and threats. These compromises are difficult to identify due to the characteristics of cyber communication, the volume of traffic, and the duration of possible attack. In this paper, we describe a prototype implementation designed to provide cyber analysts an environment where they can interactively explore a month’s worth of cyber security data. This prototype utilized On-Line Analytical Processing (OLAP) techniques to present a data cube to the analysts. The cube provides a summary of the data, allowing trends to be easily identified as well as the ability to easily pull up the original records comprising an event of interest. The cube was built using SQL Server Analysis Services (SSAS), with the interface to the cube provided by Tableau. This software infrastructure was supported by a novel hardware architecture comprising a Netezza TwinFin® for the underlying data warehouse and a cube server with a FusionIO drive hosting the data cube. We evaluated this environment on a month’s worth of artificial, but realistic, data using multiple queries provided by our cyber analysts. As our results indicate, OLAP technology has progressed to the point where it is in a unique position to provide novel insights to cyber analysts, as long as it is supported by an appropriate data intensive architecture.

The impact of security and intelligence policy in the era of cyber crimes

Directory of Open Access Journals (Sweden)

MSc. Bahri Gashi

2016-07-01

Full Text Available Creation of National Cyber Defense Strategy, is the only security and the best protection against cyber-crimes. This is the starting point, from where adequate policies and necessary legal measures begin, aiming the creation of a solid ground and responsible users by implementing comprehensive measures and legal restrictions. The methodology used to achieve the recognition of users with applicable legislation and regulations on the use of the Internet, as well as legal obligations; implementation of procedures to use communication systems; signing and approval by users of their responsibilities; knowledge and information on the risks and threats stemming from the use of communication networks; certification of trained and specialized staff; classification and processing of information in a particular system; identifying unauthorized users who use classified information networks in  public systems and private sector; creating barriers in distance entry networks and information systems, etc. Various Security and Intelligence institutions covering and operating in these areas are responsible for the creation and promotion of National Cyber Defense Strategy, analyzing the risk to implement protective measures for preventing attacks on Cybercrime (Cyber Crimes.

A Trusted Autonomic Architecture to Safeguard Cyber-Physical Control Leaf Nodes and Protect Process Integrity

OpenAIRE

Chiluvuri, Nayana Teja

2015-01-01

Cyber-physical systems are networked through IT infrastructure and susceptible to malware. Threats targeting process control are much more safety-critical than traditional computing systems since they jeopardize the integrity of physical infrastructure. Existing defence mechanisms address security at the network nodes but do not protect the physical infrastructure if network integrity is compromised. An interface guardian architecture is implemented on cyber-physical control leaf nodes to mai...

Analysis of the Cyber Crimes' Impacts on Businesses

OpenAIRE

Belgoziyeva, Ulpan

2017-01-01

Global networks enable businesses to operate beyond the geographical boundaries and to make their processes more efficient. However, with digitalization, there also comes threats for businesses and sometimes companies are underestimating the risks associated with cyber-attacks. As the topic is relatively new, there are not many studies that took a deep look at the impact of cyber-attacks on the businesses and analyze those impacts from different angles. The key objective of the thesis was to ...

Norwegian Cyber Defense

Science.gov (United States)

2013-12-01

reliance on proprietary networks and hardware, SCADA systems were considered safe from cyber attacks and were not designed for security. The situation...operational data that could result in public safety concerns.43 In 2013 Norwegian newspaper Dagbladet found over 2,500 SCADA systems in Norway used for ...a. Siberian Pipeline Explosion (1982) In 1982, intruders planted a Trojan horse in the SCADA system that controls the Siberian Pipeline . This is the

Publications | Page 2 | IDRC - International Development Research ...

International Development Research Centre (IDRC) Digital Library (Canada)

Results 11 - 20 of 2146 ... Canada's cyber steward on digital espionage, democracy and protecting the Internet ... on the importance of building cybersecurity in places such as Asia, ... for boosting city profiles and spurring economic development.

Preparing South Africa for cyber crime and cyber defense

CSIR Research Space (South Africa)

Grobler, M

2013-01-01

Full Text Available revolution on cybercrime and cyber defense in a developing country and will evaluate the relevant South African legislation. It will also look at the influence of cyber defense on the international position of the South African Government. South Africa... legislation and a lack of cyber defense mechanisms. As a starting point, cyber warfare for the purpose of this article is defined as the use of exploits in cyber space as a way to intentionally cause harm to people, assets or economies (Owen 2008). It can...

Leadership of Cyber Warriors: Enduring Principles and New Directions

Science.gov (United States)

2011-07-11

technologists across networks (right) [6,7]. 4 smallwarsjournal.com song of conducting unethical or illegal activities, particularly as one‟s skills...analysis course. The best leaders will adapt to the characteristics and needs of their people. The cyber warrior is a different animal than the...Subordinates In this section we present leadership principles tailored to leading the cyber warrior. We‟ve included some of the 11 time- tested leadership

Approaches for scalable modeling and emulation of cyber systems : LDRD final report.

Energy Technology Data Exchange (ETDEWEB)

Mayo, Jackson R.; Minnich, Ronald G.; Armstrong, Robert C.; Rudish, Don W.

2009-09-01

The goal of this research was to combine theoretical and computational approaches to better understand the potential emergent behaviors of large-scale cyber systems, such as networks of {approx} 10{sup 6} computers. The scale and sophistication of modern computer software, hardware, and deployed networked systems have significantly exceeded the computational research community's ability to understand, model, and predict current and future behaviors. This predictive understanding, however, is critical to the development of new approaches for proactively designing new systems or enhancing existing systems with robustness to current and future cyber threats, including distributed malware such as botnets. We have developed preliminary theoretical and modeling capabilities that can ultimately answer questions such as: How would we reboot the Internet if it were taken down? Can we change network protocols to make them more secure without disrupting existing Internet connectivity and traffic flow? We have begun to address these issues by developing new capabilities for understanding and modeling Internet systems at scale. Specifically, we have addressed the need for scalable network simulation by carrying out emulations of a network with {approx} 10{sup 6} virtualized operating system instances on a high-performance computing cluster - a 'virtual Internet'. We have also explored mappings between previously studied emergent behaviors of complex systems and their potential cyber counterparts. Our results provide foundational capabilities for further research toward understanding the effects of complexity in cyber systems, to allow anticipating and thwarting hackers.

Cyber threats within civil aviation

Science.gov (United States)

Heitner, Kerri A.

Existing security policies in civil aviation do not adequately protect against evolving cyber threats. Cybersecurity has been recognized as a top priority among some aviation industry leaders. Heightened concerns regarding cyber threats and vulnerabilities surround components utilized in compliance with the Federal Aviation Administration's (FAA) Next Generation Air Transportation (NextGen) implementation. Automated Dependent Surveillance-B (ADS-B) and Electronic Flight Bags (EFB) have both been exploited through the research of experienced computer security professionals. Civil aviation is essential to international infrastructure and if its critical assets were compromised, it could pose a great risk to public safety and financial infrastructure. The purpose of this research was to raise awareness of aircraft system vulnerabilities in order to provoke change among current national and international cybersecurity policies, procedures and standards. Although the education of cyber threats is increasing in the aviation industry, there is not enough urgency when creating cybersecurity policies. This project intended to answer the following questions: What are the cyber threats to ADS-B of an aircraft in-flight? What are the cyber threats to EFB? What is the aviation industry's response to the issue of cybersecurity and in-flight safety? ADS-B remains unencrypted while the FAA's mandate to implement this system is rapidly approaching. The cyber threat of both portable and non-portable EFB's have received increased publicity, however, airlines are not responding quick enough (if at all) to create policies for the use of these devices. Collectively, the aviation industry is not being proactive enough to protect its aircraft or airport network systems. That is not to say there are not leaders in cybersecurity advancement. These proactive organizations must set the standard for the future to better protect society and it's most reliable form of transportation.

Interval forecasting of cyber-attacks on industrial control systems

Science.gov (United States)

Ivanyo, Y. M.; Krakovsky, Y. M.; Luzgin, A. N.

2018-03-01

At present, cyber-security issues of industrial control systems occupy one of the key niches in a state system of planning and management Functional disruption of these systems via cyber-attacks may lead to emergencies related to loss of life, environmental disasters, major financial and economic damage, or disrupted activities of cities and settlements. There is then an urgent need to develop protection methods against cyber-attacks. This paper studied the results of cyber-attack interval forecasting with a pre-set intensity level of cyber-attacks. Interval forecasting is the forecasting of one interval from two predetermined ones in which a future value of the indicator will be obtained. For this, probability estimates of these events were used. For interval forecasting, a probabilistic neural network with a dynamic updating value of the smoothing parameter was used. A dividing bound of these intervals was determined by a calculation method based on statistical characteristics of the indicator. The number of cyber-attacks per hour that were received through a honeypot from March to September 2013 for the group ‘zeppo-norcal’ was selected as the indicator.

Electronic strategies for information and research: cyberNephrology/cyberMedicine in the emerging world.

Science.gov (United States)

Solez, Kim; Hales, Michele; Katz, Sheila Moriber

2005-09-01

Communication and medicine have evolved together. Internet resources now provide an unprecedented opportunity to provide health assistance to the developing world. The International Society of Nephrology Informatics Commission and National Kidney Foundation cyberNephrology initiative (http://www.cybernephrology.org) have created e-mail discussion groups (e.g., NEPHROL, NEPHKIDS, and so forth) and online texts and web resources (e.g., the Schrier Atlas: http://www.kidneyatlas.org) that are, in many respects, ahead of other areas of medicine. On the other hand, nephrology is quite behind in its embrace of some specific communications initiatives that could benefit emerging nations: the Health InterNetwork Access to Research Initiative program, which provides free full-text access to medical journals and books in poorer countries; the Global Health Network Supercourse, which provides specially designed online lectures for the developing world; and Internet2/Abilene and similar research networks around the world, which provide reliable, guaranteed bandwidth for high-quality Internet videoconferencing as an alternative to face-to-face lectures and meetings. The intent of many educational ventures in nephrology, particularly in the clinical practice guideline realm (National Kidney Foundation Kidney Disease Outcomes Quality Initiative, Kidney Disease Improving Global Outcomes, and so forth), is not just to disseminate information but to change human behavior: physician practice and referral patterns, patient compliance, and so forth. Concepts from the worlds of marketing and entertainment, where the science of changing human behavior is highly evolved, can be used to create high-impact, educational offerings to promote health. They can also be highly beneficial to share Internet educational innovations and future vision across boundaries of medical specialties, which is part of the intent of the cyberMedicine joint venture (http://www.cyber-medicine.org).

Design Optimization of Cyber-Physical Distributed Systems using IEEE Time-sensitive Networks (TSN)

DEFF Research Database (Denmark)

Pop, Paul; Lander Raagaard, Michael; Craciunas, Silviu S.

2016-01-01

to the optimization of distributed cyber-physical systems using real-time Ethernet for communication. Then, we formulate two novel optimization problems related to the scheduling and routing of TT and AVB traffic in TSN. Thus, we consider that we know the topology of the network as well as the set of TT and AVB flows......In this paper we are interested in safety-critical real-time applications implemented on distributed architectures supporting the Time-SensitiveNetworking (TSN) standard. The ongoing standardization of TSN is an IEEE effort to bring deterministic real-time capabilities into the IEEE 802.1 Ethernet...... standard supporting safety-critical systems and guaranteed Quality-of-Service. TSN will support Time-Triggered (TT) communication based on schedule tables, Audio-Video-Bridging (AVB) flows with bounded end-to-end latency as well as Best-Effort messages. We first present a survey of research related...

Cyber security risk assessment for SCADA and DCS networks.

Science.gov (United States)

Ralston, P A S; Graham, J H; Hieb, J L

2007-10-01

The growing dependence of critical infrastructures and industrial automation on interconnected physical and cyber-based control systems has resulted in a growing and previously unforeseen cyber security threat to supervisory control and data acquisition (SCADA) and distributed control systems (DCSs). It is critical that engineers and managers understand these issues and know how to locate the information they need. This paper provides a broad overview of cyber security and risk assessment for SCADA and DCS, introduces the main industry organizations and government groups working in this area, and gives a comprehensive review of the literature to date. Major concepts related to the risk assessment methods are introduced with references cited for more detail. Included are risk assessment methods such as HHM, IIM, and RFRM which have been applied successfully to SCADA systems with many interdependencies and have highlighted the need for quantifiable metrics. Presented in broad terms is probability risk analysis (PRA) which includes methods such as FTA, ETA, and FEMA. The paper concludes with a general discussion of two recent methods (one based on compromise graphs and one on augmented vulnerability trees) that quantitatively determine the probability of an attack, the impact of the attack, and the reduction in risk associated with a particular countermeasure.

Effects of Gain/Loss Framing in Cyber Defense Decision-Making

Energy Technology Data Exchange (ETDEWEB)

Bos, Nathan; Paul, Celeste; Gersh, John; Greenberg, Ariel; Piatko, Christine; Sperling, Scott; Spitaletta, Jason; Arendt, Dustin L.; Burtner, Edwin R.

2016-10-24

Cyber defense requires decision making under uncertainty. Yet this critical area has not been a strong focus of research in judgment and decision-making. Future defense systems, which will rely on software-defined networks and may employ ‘moving target’ defenses, will increasingly automate lower level detection and analysis, but will still require humans in the loop for higher level judgment. We studied the decision making process and outcomes of 17 experienced network defense professionals who worked through a set of realistic network defense scenarios. We manipulated gain versus loss framing in a cyber defense scenario, and found significant effects in one of two focal problems. Defenders that began with a network already in quarantine (gain framing) used a quarantine system more than those that did not (loss framing). We also found some difference in perceived workload and efficacy. Alternate explanations of these findings and implications for network defense are discussed.

The cyber security threat stops in the boardroom.

Science.gov (United States)

Scully, Tim

The attitude that 'it won't happen to me' still prevails in the boardrooms of industry when senior executives consider the threat of targeted cyber intrusions. Not much has changed in the commercial world of cyber security over the past few years; hackers are not being challenged to find new ways to steal companies' intellectual property and confidential information. The consequences of even major security breaches seem not to be felt by the leaders of victim companies. Why is this so? Surely IT security practitioners are seeking new ways to detect and prevent targeted intrusions into companies' networks? Are the consequences of targeted intrusions so insignificant that the captains of industry tolerate them? Or do only others feel the pain of their failure? This paper initially explores the failure of cyber security in industry and contends that, while industry leaders should not be alone in accepting responsibility for this failure, they must take the initiative to make life harder for cyber threat actors. They cannot wait for government leadership on policy, strategy or coordination. The paper then suggests some measures that a CEO can adopt to build a new corporate approach to cyber security.

Towards an integrated defense system for cyber security situation awareness experiment

Science.gov (United States)

Zhang, Hanlin; Wei, Sixiao; Ge, Linqiang; Shen, Dan; Yu, Wei; Blasch, Erik P.; Pham, Khanh D.; Chen, Genshe

2015-05-01

In this paper, an implemented defense system is demonstrated to carry out cyber security situation awareness. The developed system consists of distributed passive and active network sensors designed to effectively capture suspicious information associated with cyber threats, effective detection schemes to accurately distinguish attacks, and network actors to rapidly mitigate attacks. Based on the collected data from network sensors, image-based and signals-based detection schemes are implemented to detect attacks. To further mitigate attacks, deployed dynamic firewalls on hosts dynamically update detection information reported from the detection schemes and block attacks. The experimental results show the effectiveness of the proposed system. A future plan to design an effective defense system is also discussed based on system theory.

Cybersecurity protecting critical infrastructures from cyber attack and cyber warfare

CERN Document Server

Johnson, Thomas A

2015-01-01

The World Economic Forum regards the threat of cyber attack as one of the top five global risks confronting nations of the world today. Cyber attacks are increasingly targeting the core functions of the economies in nations throughout the world. The threat to attack critical infrastructures, disrupt critical services, and induce a wide range of damage is becoming more difficult to defend against. Cybersecurity: Protecting Critical Infrastructures from Cyber Attack and Cyber Warfare examines the current cyber threat landscape and discusses the strategies being used by governments and corporatio

Cyberspace Human Capital: Building a Cadre Today to Win Tomorrows War

Science.gov (United States)

2016-04-28

U.S. homeland and U.S. vital interests from disruptive or destructive cyber [space] attacks of significant consequence. DoD Strategic Goal #4: Build...and maintain viable cyber [space] options and plan to use those options to control conflict escalation and to shape the conflict environment at all...strategies like cyberspace denial operations, espionage activities and anti-access/area-denial (A2/AD) strategies, turning traditional mass and maneuver

Zrození kybernetické bezpečnosti jako národně bezpečnostní agendy

OpenAIRE

Schmidt, Nikola

2016-01-01

The following dissertation studies the question how cyber security has become a national security agenda and discusses implications of the observed processes to current international security status quo. I divided the research into three parts. The first part embodies theoretical and methodological approach. The second part studies three distinct discourses related to cyber security, the techno-geek discourse, the crime-espionage discourse and the nation-defense discourse using the method of ...

A study of cyber security in hospitality industry- threats and countermeasures: case study in Reno, Nevada

OpenAIRE

Shabani, Neda

2017-01-01

The purpose of this study is to analyze cyber security and security practices of electronic information and network system, network threats, and techniques to prevent the cyber attacks in hotels. Helping the information technology directors and chief information officers (CIO) is the aim of this study to advance policy for security of electronic information in hotels and suggesting some techniques and tools to secure the computer networks. This research is completely qualitative while the cas...

A Cyber Security Risk Assessment of Hospital Infrastructure including TLS/SSL and other Threats

OpenAIRE

Millar, Stuart

2016-01-01

Cyber threats traditionally target governments, financial institutions and businesses. However, of growing concern is the threat to healthcare organizations. This study conducts a cyber security risk assessment of a theoretical hospital environment, to include TLS/SSL, which is an encryption protocol for network communications, plus other physical, logical and human threats. Despite significant budgets in the UK for the NHS, the spend on cyber security appears worryingly low and many hospital...

Defense Civil Support: DOD Needs to Identify National Guards Cyber Capabilities and Address Challenges in Its Exercises

Science.gov (United States)

2016-09-01

participated in exercises to support civil authorities in a cyber incident or to test the responses to simulated attacks on cyber infrastructure owned by...authorities or to test the response to simulated attacks on cyber infrastructure owned by civil authorities. Of these 9 exercises, DOD conducted 7...and a response to simulated cyber attacks on electric grid networks. According to a North American Electric Reliability Corporation official, DOD

Cyber Threat and vulnerability Analysis for Digital Assets of NPPs

International Nuclear Information System (INIS)

Oh, Eun Se; Seo, In Yong; Kim, See Hong

2009-01-01

Today's computer and communication technology breakthrough make increase plant floor replacement from analog instrumentation and control systems of nuclear power plants to a full-fledged digital system . The rich functionality and crisp accuracy are one of big advantages of digital technology adaptation, but use of open networks and inherited shared system resources (memory, network, etc.) are well known weak points of digital system. Intended or un-intended cyber attack throughout power plant digital control system's weak point may result to wide area of system failures and that easily defeats system operation and multiple protection safeguards. Well organized cyber security analysis for nuclear plant digital control systems (digital assets) are required

Model Based Cyber Security Analysis for Research Reactor Protection System

Energy Technology Data Exchange (ETDEWEB)

Sho, Jinsoo; Rahman, Khalil Ur; Heo, Gyunyoung [Kyung Hee Univ., Yongin (Korea, Republic of); Son, Hanseong [Joongbu Univ., Geumsan (Korea, Republic of)

2013-07-01

The study on the qualitative risk due to cyber-attacks into research reactors was performed using bayesian Network (BN). This was motivated to solve the issues of cyber security raised due to digitalization of instrumentation and control (I and C) system. As a demonstrative example, we chose the reactor protection system (RPS) of research reactors. Two scenarios of cyber-attacks on RPS were analyzed to develop mitigation measures against vulnerabilities. The one is the 'insertion of reactor trip' and the other is the 'scram halt'. The six mitigation measures are developed for five vulnerability for these scenarios by getting the risk information from BN.

Model Based Cyber Security Analysis for Research Reactor Protection System

International Nuclear Information System (INIS)

Sho, Jinsoo; Rahman, Khalil Ur; Heo, Gyunyoung; Son, Hanseong

2013-01-01

The study on the qualitative risk due to cyber-attacks into research reactors was performed using bayesian Network (BN). This was motivated to solve the issues of cyber security raised due to digitalization of instrumentation and control (I and C) system. As a demonstrative example, we chose the reactor protection system (RPS) of research reactors. Two scenarios of cyber-attacks on RPS were analyzed to develop mitigation measures against vulnerabilities. The one is the 'insertion of reactor trip' and the other is the 'scram halt'. The six mitigation measures are developed for five vulnerability for these scenarios by getting the risk information from BN

A Priority-aware Frequency Domain Polling MAC Protocol for OFDMA-based Networks in Cyber-physical Systems

Institute of Scientific and Technical Information of China (English)

Meng Zheng; Junru Lin; Wei Liang; Haibin Yu

2015-01-01

Wireless networking in cyber-physical systems(CPSs) is characteristically different from traditional wireless systems due to the harsh radio frequency environment and applications that impose high real-time and reliability constraints.One of the fundamental considerations for enabling CPS networks is the medium access control protocol. To this end, this paper proposes a novel priority-aware frequency domain polling medium access control(MAC) protocol, which takes advantage of an orthogonal frequency-division multiple access(OFDMA)physical layer to achieve instantaneous priority-aware polling.Based on the polling result, the proposed work then optimizes the resource allocation of the OFDMA network to further improve the data reliability. Due to the non-polynomial-complete nature of the OFDMA resource allocation, we propose two heuristic rules,based on which an efficient solution algorithm to the OFDMA resource allocation problem is designed. Simulation results show that the reliability performance of CPS networks is significantly improved because of this work.

Cyber Defense Exercises and their Role in Cyber Warfare

OpenAIRE

Bogdan Alexandru Bratosin

2014-01-01

The threat of cyber-attacks is increasing with the access to PC’s and Internet of a larger number of people around the world. Although the Internet provides a large number of advantages, it can also be used as a cyber-weapon in order to serve the interests of counties, political and economic groups or individual. The cyber-attacks of today are capable to disable the manufacturing of nuclear bombs of a country. Thus, there is an increasing demand for IT security specialists. Cyber-defense exer...

Quantifying risk for decentralized offensive cyber operations

OpenAIRE

Klipstein, Michael S.

2017-01-01

Approved for public release; distribution is unlimited Includes supplementary material. Reissued 7 Sep 2017 with corrections to committee titles. Computer networks and the amount of information stored within government computer networks have become ubiquitous. With the possible decentralization of authorities to conduct offensive cyber operations, leaders and their respective staffs of organizations below the national level cannot adequately assess risks and consequences of these ope...

What is the current state of the science of Cyber defense?

Energy Technology Data Exchange (ETDEWEB)

Hurd, Alan J. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

2015-10-09

My overall sense of the cyber defense field is one of an adolescent discipline currently bogged down in a cloud of issues, the most iconic of which is the great diversity of approaches that are being aggregated to form a coherent field. Because my own expertise is complex systems and materials physics research, I have limited direct experience in cyber security sciences except as a user of secure networks and computing resources. However, in producing this report, I have found with certainty that there exists no calculus for cyber risk assessment, mitigation, and response, although some hopeful precepts toward this end are emerging.

Automating cyber offensive operations for cyber challenges

CSIR Research Space (South Africa)

Burke, I

2016-03-01

Full Text Available with regards to attack automation. 2. Background on cyber games CTF exercises are offensive and defensive cyber training exercises whereby teams compete against one another to obtain flags or tokens hidden on various servers. In some cases these flags... are located on an opponent’s servers, which results in teams being required to attack adversary servers while maintaining defences on their own services (The National Cyber League 2013). These challenges are often time based and victors are determined based...

Survey of Cyber Security Methods for the Nuclear Power Plants

Energy Technology Data Exchange (ETDEWEB)

Choi, Yoo Rark; Lee, Jae Cheol; Choi, Young Soo; Hong, Seok Boong [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2009-10-15

Cyber security includes the method of protecting information, computer programs, and other computer system assets. Hardware security, which is the security of computer assets and capital equipment, refers to computer location, access control, fire protection, and storage procedures. Such measures as badges, electronic identification keys, alarm systems, and physical barriers at entries are used for this purpose. Software security entails the protection of software assets such as Application Programs, the Operating System, and the Data Base Management System and stored information. Special user numbers and passwords are typically used to prevent unauthorized access to software and data. In addition to security for hardware and software, good internal control also requires that measures be taken to prevent loss or accidental destruction of data. Cyber attacks create substantial threats to large enterprises, including federal systems and digital I and C of a NPP (Nuclear Power Plant) is one of them. The cyber security policy for the digital I and C network of the NPP has been established for years by KINS, but its scope is very broad and conceptual. We will propose a cyber security method based on cryptography and authentication that is developed for the digital I and C network of the NPP.

Survey of Cyber Security Methods for the Nuclear Power Plants

International Nuclear Information System (INIS)

Choi, Yoo Rark; Lee, Jae Cheol; Choi, Young Soo; Hong, Seok Boong

2009-01-01

Cyber security includes the method of protecting information, computer programs, and other computer system assets. Hardware security, which is the security of computer assets and capital equipment, refers to computer location, access control, fire protection, and storage procedures. Such measures as badges, electronic identification keys, alarm systems, and physical barriers at entries are used for this purpose. Software security entails the protection of software assets such as Application Programs, the Operating System, and the Data Base Management System and stored information. Special user numbers and passwords are typically used to prevent unauthorized access to software and data. In addition to security for hardware and software, good internal control also requires that measures be taken to prevent loss or accidental destruction of data. Cyber attacks create substantial threats to large enterprises, including federal systems and digital I and C of a NPP (Nuclear Power Plant) is one of them. The cyber security policy for the digital I and C network of the NPP has been established for years by KINS, but its scope is very broad and conceptual. We will propose a cyber security method based on cryptography and authentication that is developed for the digital I and C network of the NPP

Introducing cyber.

Science.gov (United States)

Hult, Fredrik; Sivanesan, Giri

In January 2012, the World Economic Forum made cyber attacks its fourth top global risk. In the 2013 risk report, cyber attacks were noted to be an even higher risk in absolute terms. The reliance of critical infrastructure on cyber working has never been higher; the frequency, intensity, impact and sophistication of attacks is growing. This trend looks likely to continue. It can be argued that it is no longer a question whether an organisation will be successfully hacked, but how long it will take to detect. In the ever-changing cyber environment, traditional protection techniques and reliance on preventive controls are not enough. A more agile approach is required to give assurance of a sufficiently secure digital society. Are we faced with a paradigm shift or a storm in a digital teacup? This paper offers an introduction to why cyber is important, a wider taxonomy on the topic and some historical context on how the discipline of cyber security has evolved, and an interpretation on what this means in the new normal of today.

Establishing an Effective Combat Strategy for Prevalent Cyber- Attacks

OpenAIRE

Vivian Ogochukwu Nwaocha; Inyiama H.C.

2011-01-01

As organisations continue to incorporate the Internet as a key component of their operations, the global cyber-threat level is increasing. One of the most common types of cyber-threats is known as the Distributed Denial of Service (DDoS) attack – an attack preventing users from accessing a system for a period of time. Recent DDoS attacks have left large corporate and government networks inaccessible to customers, partners and users for hours or days, resulting in significant financial, reputa...

Resilience of Cyber Systems with Over- and Underregulation.

Science.gov (United States)

Gisladottir, Viktoria; Ganin, Alexander A; Keisler, Jeffrey M; Kepner, Jeremy; Linkov, Igor

2017-09-01

Recent cyber attacks provide evidence of increased threats to our critical systems and infrastructure. A common reaction to a new threat is to harden the system by adding new rules and regulations. As federal and state governments request new procedures to follow, each of their organizations implements their own cyber defense strategies. This unintentionally increases time and effort that employees spend on training and policy implementation and decreases the time and latitude to perform critical job functions, thus raising overall levels of stress. People's performance under stress, coupled with an overabundance of information, results in even more vulnerabilities for adversaries to exploit. In this article, we embed a simple regulatory model that accounts for cybersecurity human factors and an organization's regulatory environment in a model of a corporate cyber network under attack. The resulting model demonstrates the effect of under- and overregulation on an organization's resilience with respect to insider threats. Currently, there is a tendency to use ad-hoc approaches to account for human factors rather than to incorporate them into cyber resilience modeling. It is clear that using a systematic approach utilizing behavioral science, which already exists in cyber resilience assessment, would provide a more holistic view for decisionmakers. © 2016 Society for Risk Analysis.

Preparing South Africa for Cyber Crime and Cyber Defense

Directory of Open Access Journals (Sweden)

Marthie Grobler

2013-10-01

Full Text Available The international scope of the Internet, the fast technological advances, the wide reach of technological usage and the increase in cyber-attacks require the South African administrative and legislative system to both intersect largely with the application and implementation of international legislation, take timeous precautionary measures and stay updated on trends and developments. One of the problems associated with the technological revolution is that the cyberspace is full of complex and dynamic technological innovations that are not well suited to any lagging administrative and legal system. A further complication is the lack of comprehensive and enforceable treaties facilitating international cooperation with regard to cyber defense. The result is that many developing countries in particular, are either not properly aware, not well prepared, or adequately protected by both knowledge and legislation, in the event of a cyber-attack on a national level. Even if these countries realize the threats, the time to react is of such a long nature due to consultation and legislative processes, that the legal systems provide little support to ensure timeous and necessary counter-measures. This article will address this problem by looking at the impact of technological revolution on cybercrime and cyber defense in a developing country and will evaluate the relevant South African legislation. It will also look at the influence of cyber defense on the international position of the South African Government. South Africa at present does not have a coordinated approach in dealing with Cybercrime and does not have a comprehensive Cyber defense strategy in place. The structures that have been established to deal with Cyber security issues are inadequate to holistically deal with these issues. The development of interventions to address cybercrime requires a partnership between business, government and civil society. This article will provide an approach to

Developing the cyber victimisation experiences and cyber bullying behaviours scales

OpenAIRE

Betts, LR; Spenser, KA

2017-01-01

The reported prevalence rates of cyber victimisation experiences and cyber bullying behaviours vary. Part of this variation is likely due to the diverse definitions and operationalisations of the constructs adopted in previous research and the lack of psychometrically robust measures. Through two studies, the current research developed (Study 1) and evaluated (Study 2) the cyber victimisation experiences and cyber bullying behaviours scales. In Study 1 393 (122 male, 171 female), and in Study...

Cyber attack analysis on cyber-physical systems: Detectability, severity, and attenuation strategy

Science.gov (United States)

Kwon, Cheolhyeon

Security of Cyber-Physical Systems (CPS) against malicious cyber attacks is an important yet challenging problem. Since most cyber attacks happen in erratic ways, it is usually intractable to describe and diagnose them systematically. Motivated by such difficulties, this thesis presents a set of theories and algorithms for a cyber-secure architecture of the CPS within the control theoretic perspective. Here, instead of identifying a specific cyber attack model, we are focused on analyzing the system's response during cyber attacks. Firstly, we investigate the detectability of the cyber attacks from the system's behavior under cyber attacks. Specifically, we conduct a study on the vulnerabilities in the CPS's monitoring system against the stealthy cyber attack that is carefully designed to avoid being detected by its detection scheme. After classifying three kinds of cyber attacks according to the attacker's ability to compromise the system, we derive the necessary and sufficient conditions under which such stealthy cyber attacks can be designed to cause the unbounded estimation error while not being detected. Then, the analytical design method of the optimal stealthy cyber attack that maximizes the estimation error is developed. The proposed stealthy cyber attack analysis is demonstrated with illustrative examples on Air Traffic Control (ATC) system and Unmanned Aerial Vehicle (UAV) navigation system applications. Secondly, in an attempt to study the CPSs' vulnerabilities in more detail, we further discuss a methodology to identify potential cyber threats inherent in the given CPSs and quantify the attack severity accordingly. We then develop an analytical algorithm to test the behavior of the CPS under various cyber attack combinations. Compared to a numerical approach, the analytical algorithm enables the prediction of the most effective cyber attack combinations without computing the severity of all possible attack combinations, thereby greatly reducing the

Graph anomalies in cyber communications

Energy Technology Data Exchange (ETDEWEB)

Vander Wiel, Scott A [Los Alamos National Laboratory; Storlie, Curtis B [Los Alamos National Laboratory; Sandine, Gary [Los Alamos National Laboratory; Hagberg, Aric A [Los Alamos National Laboratory; Fisk, Michael [Los Alamos National Laboratory

2011-01-11

Enterprises monitor cyber traffic for viruses, intruders and stolen information. Detection methods look for known signatures of malicious traffic or search for anomalies with respect to a nominal reference model. Traditional anomaly detection focuses on aggregate traffic at central nodes or on user-level monitoring. More recently, however, traffic is being viewed more holistically as a dynamic communication graph. Attention to the graph nature of the traffic has expanded the types of anomalies that are being sought. We give an overview of several cyber data streams collected at Los Alamos National Laboratory and discuss current work in modeling the graph dynamics of traffic over the network. We consider global properties and local properties within the communication graph. A method for monitoring relative entropy on multiple correlated properties is discussed in detail.

Oxford CyberSEM: remote microscopy

International Nuclear Information System (INIS)

Rahman, M; Kirkland, A; Cockayne, D; Meyer, R

2008-01-01

The Internet has enabled researchers to communicate over vast geographical distances, sharing ideas and documents. e-Science, underpinned by Grid and Web Services, has enabled electronic communications to the next level where, in addition to document sharing, researchers can increasingly control high precision scientific instruments over the network. The Oxford CyberSEM project developed a simple Java applet via which samples placed in a JEOL 5510LV Scanning Electron Microscope (SEM) can be manipulated and examined collaboratively over the Internet. Designed with schoolchildren in mind, CyberSEM does not require any additional hardware or software other than a generic Java-enabled web browser. This paper reflects on both the technical and social challenges in designing real-time systems for controlling scientific equipments in collaborative environments. Furthermore, it proposes potential deployment beyond the classroom setting.

Method of optimum channel switching in equipment of infocommunication network in conditions of cyber attacks to their telecommunication infrastructure.

Science.gov (United States)

Kochedykov, S. S.; Noev, A. N.; Dushkin, A. V.; Gubin, I. A.

2018-05-01

On the basis of the mathematical graph theory, the method of optimum switching of infocommunication networks in the conditions of cyber attacks is developed. The idea of representation of a set of possible ways on the graph in the form of the multilevel tree ordered by rules of algebra of a logic theory is the cornerstone of a method. As a criterion of optimization, the maximum of network transmission capacity to which assessment Ford- Falkerson's theorem is applied is used. The method is realized in the form of a numerical algorithm, which can be used not only for design, but also for operational management of infocommunication networks in conditions of violation of the functioning of their switching centers.

Implementation of a RPS Cyber Security Test-bed with Two PLCs

International Nuclear Information System (INIS)

Shin, Jinsoo; Heo, Gyunyoung; Son, Hanseong; An, Yongkyu; Rizwan, Uddin

2015-01-01

Our research team proposed the methodology to evaluate cyber security with Bayesian network (BN) as a cyber security evaluation model and help operator, licensee, licensor or regulator in granting evaluation priorities. The methodology allowed for overall evaluation of cyber security by considering architectural aspect of facility and management aspect of cyber security at the same time. In order to emphasize reality of this model by inserting true data, it is necessary to conduct a penetration test that pretends an actual cyber-attack. Through the collaboration with University of Illinois at Urbana-Champaign, which possesses the Tricon a safety programmable logic controller (PLC) used at nuclear power plants and develops a test-bed for nuclear power plant, a test-bed for reactor protection system (RPS) is being developed with the PLCs. Two PLCs are used to construct a simple test-bed for RPS, bi-stable processor (BP) and coincidence processor (CP). By using two PLCs, it is possible to examine cyber-attack against devices such as PLC, cyber-attack against communication between devices, and the effects of a PLC on the other PLC. Two PLCs were used to construct a test-bed for penetration test in this study. Advantages of using two or more PLCs instead of single PLC are as follows. 1) Results of cyber-attack reflecting characteristics among PLCs can be obtained. 2) Cyber-attack can be attempted using a method of attacking communication between PLCs. True data obtained can be applied to existing cyber security evaluation model to emphasize reality of the model

Implementation of a RPS Cyber Security Test-bed with Two PLCs

Energy Technology Data Exchange (ETDEWEB)

Shin, Jinsoo; Heo, Gyunyoung [Kyung Hee Univ., Yongin (Korea, Republic of); Son, Hanseong [Joongbu Univ., Geumsan (Korea, Republic of); An, Yongkyu; Rizwan, Uddin [University of Illinois at Urbana-Champaign, Urbana (United States)

2015-10-15

Our research team proposed the methodology to evaluate cyber security with Bayesian network (BN) as a cyber security evaluation model and help operator, licensee, licensor or regulator in granting evaluation priorities. The methodology allowed for overall evaluation of cyber security by considering architectural aspect of facility and management aspect of cyber security at the same time. In order to emphasize reality of this model by inserting true data, it is necessary to conduct a penetration test that pretends an actual cyber-attack. Through the collaboration with University of Illinois at Urbana-Champaign, which possesses the Tricon a safety programmable logic controller (PLC) used at nuclear power plants and develops a test-bed for nuclear power plant, a test-bed for reactor protection system (RPS) is being developed with the PLCs. Two PLCs are used to construct a simple test-bed for RPS, bi-stable processor (BP) and coincidence processor (CP). By using two PLCs, it is possible to examine cyber-attack against devices such as PLC, cyber-attack against communication between devices, and the effects of a PLC on the other PLC. Two PLCs were used to construct a test-bed for penetration test in this study. Advantages of using two or more PLCs instead of single PLC are as follows. 1) Results of cyber-attack reflecting characteristics among PLCs can be obtained. 2) Cyber-attack can be attempted using a method of attacking communication between PLCs. True data obtained can be applied to existing cyber security evaluation model to emphasize reality of the model.

Security Pricing as an Enabler of Cyber-Insurance: A First Look at Differentiated Pricing Markets

OpenAIRE

Pal, Ranjan; Golubchik, Leana; Psounis, Konstantinos; Hui, Pan

2016-01-01

Despite the promising potential of network risk management services (e.g., cyber-insurance) to improve information security, their deployment is relatively scarce, primarily due to such service companies being unable to guarantee profitability. As a novel approach to making cyber-insurance services more viable, we explore a symbiotic relationship between security vendors (e.g., Symantec) capable of price differentiating their clients, and cyber-insurance agencies having possession of informat...

Usability Requirements for Complex Cyber-Physical Systems in a Totally Networked World

OpenAIRE

Kölmel , Bernhard; Bulander , Rebecca; Dittmann , Uwe; Schätter , Alfred; Würtz , Günther

2014-01-01

Part 7: Cyber-Physical Systems; International audience; “The Internet has made the world “flat” by transcending space. […] The Internet has transformed how we conduct research, studies, business, services, and entertainment.” [1] Cyber-physical systems (CPS) are engineered systems that are built from, and depend upon, the seamless integration of computational algorithms and physical components. Advances in CPS will enable capability, adaptability, scalability, resiliency, safety, security, an...

Reliability analysis for the smart grid : from cyber control and communication to physical manifestations of failure.

Science.gov (United States)

2010-01-01

The Smart Grid is a cyber-physical system comprised of physical components, such as transmission lines and generators, and a : network of embedded systems deployed for their cyber control. Our objective is to qualitatively and quantitatively analyze ...

Cyber Threat and vulnerability Analysis for Digital Assets of NPPs

Energy Technology Data Exchange (ETDEWEB)

Oh, Eun Se; Seo, In Yong [Korea Electric Power research Institute, Daejeon (Korea, Republic of); Kim, See Hong [Korea Hydro and Nuclear Power Co., Seoul (Korea, Republic of)

2009-10-15

Today's computer and communication technology breakthrough make increase plant floor replacement from analog instrumentation and control systems of nuclear power plants to a full-fledged digital system . The rich functionality and crisp accuracy are one of big advantages of digital technology adaptation, but use of open networks and inherited shared system resources (memory, network, etc.) are well known weak points of digital system. Intended or un-intended cyber attack throughout power plant digital control system's weak point may result to wide area of system failures and that easily defeats system operation and multiple protection safeguards. Well organized cyber security analysis for nuclear plant digital control systems (digital assets) are required.

Assessment And Testing of Industrial Devices Robustness Against Cyber Security Attacks

CERN Document Server

Tilaro, F

2011-01-01

CERN (European Organization for Nuclear Research),like any organization, needs to achieve the conflicting objectives of connecting its operational network to Internet while at the same time keeping its industrial control systems secure from external and internal cyber attacks. With this in mind, the ISA-99[0F1] international cyber security standard has been adopted at CERN as a reference model to define a set of guidelines and security robustness criteria applicable to any network device. Devices robustness represents a key link in the defense-in-depth concept as some attacks will inevitably penetrate security boundaries and thus require further protection measures. When assessing the cyber security robustness of devices we have singled out control system-relevant attack patterns derived from the well-known CAPEC[1F2] classification. Once a vulnerability is identified, it needs to be documented, prioritized and reproduced at will in a dedicated test environment for debugging purposes. CERN - in collaboration ...

Cyber risk in banking

OpenAIRE

Linert, Jan

2015-01-01

The bachelor thesis deals with the cyber risk in banking industry. Its main goal is to stress the imporatance of cyber risk both verbally and numericaly and review the approach of banks to this risk. The first part of this thesis specifies what cyber risk is and how it fits among other operational risks, presents the common cyber-attacks and archetypes of cyber criminals, later it delves into the cyber risk in Czech Republic and at the end of this part it mentions the legislation that covers ...

Application of the JDL data fusion process model for cyber security

Science.gov (United States)

Giacobe, Nicklaus A.

2010-04-01

A number of cyber security technologies have proposed the use of data fusion to enhance the defensive capabilities of the network and aid in the development of situational awareness for the security analyst. While there have been advances in fusion technologies and the application of fusion in intrusion detection systems (IDSs), in particular, additional progress can be made by gaining a better understanding of a variety of data fusion processes and applying them to the cyber security application domain. This research explores the underlying processes identified in the Joint Directors of Laboratories (JDL) data fusion process model and further describes them in a cyber security context.

Adaptive cyber-attack modeling system

Science.gov (United States)

Gonsalves, Paul G.; Dougherty, Edward T.

2006-05-01

The pervasiveness of software and networked information systems is evident across a broad spectrum of business and government sectors. Such reliance provides an ample opportunity not only for the nefarious exploits of lone wolf computer hackers, but for more systematic software attacks from organized entities. Much effort and focus has been placed on preventing and ameliorating network and OS attacks, a concomitant emphasis is required to address protection of mission critical software. Typical software protection technique and methodology evaluation and verification and validation (V&V) involves the use of a team of subject matter experts (SMEs) to mimic potential attackers or hackers. This manpower intensive, time-consuming, and potentially cost-prohibitive approach is not amenable to performing the necessary multiple non-subjective analyses required to support quantifying software protection levels. To facilitate the evaluation and V&V of software protection solutions, we have designed and developed a prototype adaptive cyber attack modeling system. Our approach integrates an off-line mechanism for rapid construction of Bayesian belief network (BN) attack models with an on-line model instantiation, adaptation and knowledge acquisition scheme. Off-line model construction is supported via a knowledge elicitation approach for identifying key domain requirements and a process for translating these requirements into a library of BN-based cyber-attack models. On-line attack modeling and knowledge acquisition is supported via BN evidence propagation and model parameter learning.

Addressing the Cyber-security and Cyber-terrorism Threats [video

OpenAIRE

Robi Sen; Center for Homeland Defense and Security Naval Postgraduate School

2015-01-01

While cyber terrorism is a relatively new threat in the world of national defense, the security issues we face are not necessarily new as a genre. In this segment, Chief Science Officer Robi Sen draws on the changing attitudes towards the cyber world. Topics include cooperation between law enforcement and hackers, the major motivations behind criminal hacking, and the realistic threats of cyber terrorism.

Impact of Cyber Attacks on High Voltage DC Transmission Damping Control

Directory of Open Access Journals (Sweden)

Rui Fan

2018-04-01

Full Text Available Hybrid AC/HVDC (AC-HVDC grids have evolved to become huge cyber-physical systems that are vulnerable to cyber attacks because of the wide attack surface and increasing dependence on intelligent electronic devices, computing resources and communication networks. This paper, for the first time, studies the impact of cyber attacks on HVDC transmission oscillation damping control.Three kinds of cyber attack models are considered: timing attack, replay attack and false data injection attack. Followed by a brief introduction of the HVDC model and conventional oscillation damping control method, the design of three attack models is described in the paper. These attacks are tested on a modified IEEE New England 39-Bus AC-HVDC system. Simulation results have shown that all three kinds of attacks are capable of driving the AC-HVDC system into large oscillations or even unstable conditions.

Defining cyber warfare

Directory of Open Access Journals (Sweden)

Dragan D. Mladenović

2012-04-01

Full Text Available Cyber conflicts represent a new kind of warfare that is technologically developing very rapidly. Such development results in more frequent and more intensive cyber attacks undertaken by states against adversary targets, with a wide range of diverse operations, from information operations to physical destruction of targets. Nevertheless, cyber warfare is waged through the application of the same means, techniques and methods as those used in cyber criminal, terrorism and intelligence activities. Moreover, it has a very specific nature that enables states to covertly initiate attacks against their adversaries. The starting point in defining doctrines, procedures and standards in the area of cyber warfare is determining its true nature. In this paper, a contribution to this effort was made through the analysis of the existing state doctrines and international practice in the area of cyber warfare towards the determination of its nationally acceptable definition.

Cyber space bullying

Directory of Open Access Journals (Sweden)

Popović-Ćitić Branislava

2009-01-01

Full Text Available Cyber space bullying is a relatively new phenomenon that has received increased attention by scientists, researchers and practitioners in recent years. It is usually defined as an intentionally and repeatedly expression of aggression towards other people through information and communication technologies. Cyber space bullying is characterized by all the primary characteristics of traditional bullying and some specifics ones that clearly differ it from other forms of bullying. In addition to the analysis of characteristics and specifics of cyber space bullying, the paper describes the basic forms of cyber space bullying (flaming, harassment, denigration, impersonation, outing, trickery, exclusion, stalking and happy slapping, as well as, the types of cyber space bullies (vengeful angel, power-hungry, revenge of the nerd, mean girls and inadvertent. The main goal of this paper is to provide initial theoretical guidelines for designing future empirical research on the complex phenomenon of cyber space bullying.

The determination of cyber bullying behaviour and exposure of university students

Directory of Open Access Journals (Sweden)

Zehra Özçınar

2012-01-01

Full Text Available This study, the questions, which are used to understand the type and frequency of being exposed to cyber despotism and alsoto understand if they practice the cyber despotism to others, are asked to university students. In this light, “CyberDespotism/Victim Development Scale” is used. According to the results of this scale, exposing to and practicing the cyberdespotism are clarified by the statistical method. The main purpose of the study is to determine the despotism, which is thedimension of violence and also to determine the reasons, frequency, and the way of solutions of the despotism in order topresent the preventive solutions to parents and educators.In this study, the questions, which are used to understand thetype and frequency of being exposed to cyber despotism and also to understand if they practice the cyber despotism toothers, are asked to university students. In this light, “Cyber Despotism/Victim Development Scale” is used.The frequency ofusing information technology among university students is 37.63 and the purpose of using information technology can belisted in order this way: specific packet program research (97.63%, homework (69.13%, and lastly social network(59.00%.The students that are 25 years old and above are both cyber despot and cyber victim contrast to other agegroups.Male students are more in the situation of cyber victim at subscale I and III and more in situation of cyber despot atsubscale I, II, and III than female students.The students, who study at the computer and education technology department,are more in the situation of cyber despot at despot subscale I and II behavior than the other students, who study in otherdepartments. On the other hand, the results show that the students at in the department of preschool teaching are the onesthat are less cyber despot than the other students.The students, whose cumulative GPA are 1.99 and below 1.99, are moreexposed to be cyber despot and cyber victim than the

Cyber Vigilance: The Human Factor

Science.gov (United States)

2016-10-21

2013): 502. 1~ Andy Field. Discovering Statistics Using SPSS (Sage Publications. 2009). l<· Thomas E. Nygren. ··Psychometric Properties of...based solely on computer network analysis." Though the algorithms and analytic techniques used in these systems vary considerably, most intrusion...IDS. cyber-defenders use a variety of tools, including hand-sorting, to discriminate attacks from false positives. T hi s effort involves search

Data-Aware Retrodiction for Asynchronous Harmonic Measurement in a Cyber-Physical Energy System

Science.gov (United States)

Liu, Youda; Wang, Xue; Liu, Yanchi; Cui, Sujin

2016-01-01

Cyber-physical energy systems provide a networked solution for safety, reliability and efficiency problems in smart grids. On the demand side, the secure and trustworthy energy supply requires real-time supervising and online power quality assessing. Harmonics measurement is necessary in power quality evaluation. However, under the large-scale distributed metering architecture, harmonic measurement faces the out-of-sequence measurement (OOSM) problem, which is the result of latencies in sensing or the communication process and brings deviations in data fusion. This paper depicts a distributed measurement network for large-scale asynchronous harmonic analysis and exploits a nonlinear autoregressive model with exogenous inputs (NARX) network to reorder the out-of-sequence measuring data. The NARX network gets the characteristics of the electrical harmonics from practical data rather than the kinematic equations. Thus, the data-aware network approximates the behavior of the practical electrical parameter with real-time data and improves the retrodiction accuracy. Theoretical analysis demonstrates that the data-aware method maintains a reasonable consumption of computing resources. Experiments on a practical testbed of a cyber-physical system are implemented, and harmonic measurement and analysis accuracy are adopted to evaluate the measuring mechanism under a distributed metering network. Results demonstrate an improvement of the harmonics analysis precision and validate the asynchronous measuring method in cyber-physical energy systems. PMID:27548171

Nuclear safety and (cyber)security at the heart of the digital revolution

International Nuclear Information System (INIS)

Kueny, L.; Levesque, J.

2017-01-01

The on-going digital revolution implies the sharing of data beyond the company walls, the development of connected objects and the setting of more and more complex digital networks. All of this increases the risk of being attacked by cyber-criminal and the probability is all the higher because new kinds of cyber-attacks appear every year. Originally nuclear industry has a culture of safety and has implemented numerous mechanisms of physical protection that slow down cyber-attacks. The humane factor is very often an important point for the success of a cyber-attack but the automation of repetitive tasks can reduce this risk. A cyber-attack can stay undetected if regularly overhauls of computer systems are not performed or if they are not adequately monitored. The reliability of digital tools for instance digital archives is a point that hinders the implementation of a total digital certification in the nuclear industry. (A.C.)

Cyber Security on Nuclear Power Plant's Computer Systems

International Nuclear Information System (INIS)

Shin, Ick Hyun

2010-01-01

Computer systems are used in many different fields of industry. Most of us are taking great advantages from the computer systems. Because of the effectiveness and great performance of computer system, we are getting so dependable on the computer. But the more we are dependable on the computer system, the more the risk we will face when the computer system is unavailable or inaccessible or uncontrollable. There are SCADA, Supervisory Control And Data Acquisition, system which are broadly used for critical infrastructure such as transportation, electricity, water management. And if the SCADA system is vulnerable to the cyber attack, it is going to be nation's big disaster. Especially if nuclear power plant's main control systems are attacked by cyber terrorists, the results may be huge. Leaking of radioactive material will be the terrorist's main purpose without using physical forces. In this paper, different types of cyber attacks are described, and a possible structure of NPP's computer network system is presented. And the paper also provides possible ways of destruction of the NPP's computer system along with some suggestions for the protection against cyber attacks

Nuclear Cyber Security Case Study and Analysis

Energy Technology Data Exchange (ETDEWEB)

Park, Sunae [ChungNam National Univ., Daejeon (Korea, Republic of); Kim, Kyung doo [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2016-10-15

about the cyber-attacks targeted APT(Advanced Persistent Threat) risk its own computer network or infrastructure which is heightened among government was pointed out that urgent protective measures laid one after another.

Nuclear Cyber Security Case Study and Analysis

International Nuclear Information System (INIS)

Park, Sunae; Kim, Kyung doo

2016-01-01

the cyber-attacks targeted APT(Advanced Persistent Threat) risk its own computer network or infrastructure which is heightened among government was pointed out that urgent protective measures laid one after another

Cyber-bombing ISIS

DEFF Research Database (Denmark)

Ringsmose, Jens; Teglskov Jacobsen, Jeppe

2017-01-01

It has become a conventional wisdom in strategic studies that the development and use of cyber weapons should be kept secret, as the effectiveness of these tools is dependent on opponents being unaware of a particular cyber weapon’s characteristics. Why, then, has the US military repeatedly publi...... the enemy’s trust in his own IT-infrastructure, and command and control systems, (3) signal “cyber strength” to third parties, and (4) establish norms regarding how to use cyber weapons in accordance with International Humanitarian Law....

Cyber-physical securi

Directory of Open Access Journals (Sweden)

Aditya Ashok

2014-07-01

Full Text Available Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments.

Chinese Cyber Economic Espionage: Motivations And Responses

Science.gov (United States)

2016-05-26

urgency and enabled by a connected world—became state policy. Regardless of moral or ethical judgments (which, from a realist perspective, are largely...economic and national security. While accurate calculations on the cost of stolen intellectual property to US businesses are nearly impossible to...calculations on the cost of stolen intellectual property to US businesses are nearly impossible to determine, some estimates suggest hundreds of

Engaging the Nation’s Critical Infrastructure Sector to Deter Cyber Threats

Science.gov (United States)

2013-03-01

is the component of CyberOps that extends cyber power beyond the defensive boundaries of the GIG to detect, deter, deny, and defeat adversaries... economy .16 DDOS attacks are based on multiple, malware infected personal computers, organized into networks called botnets, and are directed by...not condemn the actions of those involved. Of the two attacks on Estonia and Georgia, it was Estonia that had the greatest damage to its economy

Cyber Security Risk Assessment for the KNICS Safety Systems

International Nuclear Information System (INIS)

Lee, C. K.; Park, G. Y.; Lee, Y. J.; Choi, J. G.; Kim, D. H.; Lee, D. Y.; Kwon, K. C.

2008-01-01

In the Korea Nuclear I and C Systems Development (KNICS) project the platforms for plant protection systems are developed, which function as a reactor shutdown, actuation of engineered safety features and a control of the related equipment. Those are fully digitalized through the use of safety-grade programmable logic controllers (PLCs) and communication networks. In 2006 the Regulatory Guide 1.152 (Rev. 02) was published by the U.S. NRC and it describes the application of a cyber security to the safety systems in the Nuclear Power Plant (NPP). Therefore it is required that the new requirements are incorporated into the developed platforms to apply to NPP, and a cyber security risk assessment is performed. The results of the assessment were input for establishing the cyber security policies and planning the work breakdown to incorporate them

Cyber-Informed Engineering

Energy Technology Data Exchange (ETDEWEB)

Anderson, Robert S. [Idaho National Lab. (INL), Idaho Falls, ID (United States); Benjamin, Jacob [Idaho National Lab. (INL), Idaho Falls, ID (United States); Wright, Virginia L. [Idaho National Lab. (INL), Idaho Falls, ID (United States); Quinones, Luis [Idaho National Lab. (INL), Idaho Falls, ID (United States); Paz, Jonathan [Idaho National Lab. (INL), Idaho Falls, ID (United States)

2017-03-01

A continuing challenge for engineers who utilize digital systems is to understand the impact of cyber-attacks across the entire product and program lifecycle. This is a challenge due to the evolving nature of cyber threats that may impact the design, development, deployment, and operational phases of all systems. Cyber Informed Engineering is the process by which engineers are made aware of both how to use their engineering knowledge to positively impact the cyber security in the processes by which they architect and design components and the services and security of the components themselves.

Cyber-Informed Engineering

International Nuclear Information System (INIS)

Anderson, Robert S.; Benjamin, Jacob; Wright, Virginia L.; Quinones, Luis; Paz, Jonathan

2017-01-01

A continuing challenge for engineers who utilize digital systems is to understand the impact of cyber-attacks across the entire product and program lifecycle. This is a challenge due to the evolving nature of cyber threats that may impact the design, development, deployment, and operational phases of all systems. Cyber Informed Engineering is the process by which engineers are made aware of both how to use their engineering knowledge to positively impact the cyber security in the processes by which they architect and design components and the services and security of the components themselves.

Cyber Security : Home User's Perspective

OpenAIRE

Ikonen, Mikko

2014-01-01

Cyber security is important to understand for home users. New technology allows for new cyber threats to emerge and new solutions must be considered to counter them. Nearly every device is connected to the Internet and this opens new possibilities and threats to cyber security. This Bachelor's thesis explores the different aspects of cyber security and suggests solutions to different cyber security issues found. The different aspects of cyber security under research here include personal ...

Cyber crimes.

Science.gov (United States)

Nuzback, Kara

2014-07-01

Since it began offering cyber liability coverage in December 2011, the Texas Medical Liability Trust has received more than 150 cyber liability claims, most of which involved breaches of electronic protected health information. TMLT's cyber liability insurance will protect practices financially should a breach occur. The insurance covers a breach notification to customers and business partners, expenses for legal counsel, information security and forensic data services, public relations support, call center and website support, credit monitoring, and identity theft restoration services.

Adversarial Reinforcement Learning in a Cyber Security Simulation}

NARCIS (Netherlands)

Elderman, Richard; Pater, Leon; Thie, Albert; Drugan, Madalina; Wiering, Marco

2017-01-01

This paper focuses on cyber-security simulations in networks modeled as a Markov game with incomplete information and stochastic elements. The resulting game is an adversarial sequential decision making problem played with two agents, the attacker and defender. The two agents pit one reinforcement

Building organisational cyber resilience: A strategic knowledge-based view of cyber security management.

Science.gov (United States)

Ferdinand, Jason

The concept of cyber resilience has emerged in recent years in response to the recognition that cyber security is more than just risk management. Cyber resilience is the goal of organisations, institutions and governments across the world and yet the emerging literature is somewhat fragmented due to the lack of a common approach to the subject. This limits the possibility of effective collaboration across public, private and governmental actors in their efforts to build and maintain cyber resilience. In response to this limitation, and to calls for a more strategically focused approach, this paper offers a knowledge-based view of cyber security management that explains how an organisation can build, assess, and maintain cyber resilience.

High Assurance Control of Cyber-Physical Systems with Application to Unmanned Aircraft Systems

Science.gov (United States)

Kwon, Cheolhyeon

With recent progress in the networked embedded control technology, cyber attacks have become one of the major threats to Cyber-Physical Systems (CPSs) due to their close integration of physical processes, computational resources, and communication capabilities. While CPSs have various applications in both military and civilian uses, their on-board automation and communication afford significant advantages over a system without such abilities, but these benefits come at the cost of possible vulnerability to cyber attacks. Traditionally, most cyber security studies in CPSs are mainly based on the computer security perspective, focusing on issues such as the trustworthiness of data flow, without rigorously considering the system's physical processes such as real-time dynamic behaviors. While computer security components are key elements in the hardware/software layer, these methods alone are not sufficient for diagnosing the healthiness of the CPSs' physical behavior. In seeking to address this problem, this research work proposes a control theoretic perspective approach which can accurately represent the interactions between the physical behavior and the logical behavior (computing resources) of the CPS. Then a controls domain aspect is explored extending beyond just the logical process of the CPS to include the underlying physical behavior. This approach will allow the CPS whose physical operations are robust/resilient to the damage caused by cyber attacks, successfully complementing the existing CPS security architecture. It is important to note that traditional fault-tolerant/robust control methods could not be directly applicable to achieve resiliency against malicious cyber attacks which can be designed sophisticatedly to spoof the security/safety monitoring system (note this is different from common faults). Thus, security issues at this layer require different risk management to detect cyber attacks and mitigate their impact within the context of a unified

Evolving the NCSA CyberCollaboratory for Distributed Environmental Observatory Networks

Science.gov (United States)

Myers, J.; Liu, Y.; Minsker, B.; Futrelle, J.; Downey, S.; Kim, I.; Rantanen, E.

2007-12-01

Since 2004, NCSA's Cybercollaboratory, which is built on top of the open source Liferay portal framework, has been evolving as part of NCSA's efforts to build national cyberinfrastructure to support collaborative research in environmental engineering and hydrological sciences and allow users to efficiently share contents (sensors, data, model, documents, etc.) in a context-sensitive way (e.g., providing different tools/data based on group affiliation and geospatial contexts). During this period, we provided the CyberCollaboratory to users in CLEANER (Collaborative Large-scale Engineering Analysis Network for Environmental Research, now WATer and Environmental Research Systems (WATERS) network) Project Office and several CLEANER /WATERS testbed projects. Preliminary statistics shows that one in four users (among over 400 registered users) provided contents with many other reading/accessing those contents (such as messages, documents, wikis). During the course of this use, and in evaluation by others including representatives from the CUAHSI (Consortium of Universities for the Advancement of Hydrologic Science) community, we have received significant feedback on issues of usability and suitability to various communities involved in environmental observatories. Much of this feedback applies to collaborative portals in general and some reflect a comparison of portals with newer Web 2.0 style social -networking sites. For example, users working in multiple groups found it difficult to get an overview of all of their activities and found differences in group layouts to be confusing. Users also found the standard account creation and group management processes cumbersome compared to inviting people to be friends on social sites and wanted a better sense of presence and social networks within the portal. The fragmentation of group documents between local stores, the portal document repository and email, and issues of "lost updates" was another significant concern. This

Security-aware design for cyber-physical systems a platform-based approach

CERN Document Server

Lin, Chung-Wei

2017-01-01

Addressing the rising security issues during the design stages of cyber-physical systems, this book develops a systematic approach to address security at early design stages together with all other design constraints. Cyber-attacks become more threatening as systems are becoming more connected with the surrounding environment, infrastructures, and other systems. Security mechanisms can be designed to protect against attacks and meet security requirements, but there are many challenges of applying security mechanisms to cyber-physical systems including open environments, limited resources, strict timing requirements, and large number of devices. Designed for researchers and professionals, this book is valuable for individuals working in network systems, security mechanisms, and system design. It is also suitable for advanced-level students of computer science. .

Nondeducibility-Based Analysis of Cyber-Physical Systems

Science.gov (United States)

Gamage, Thoshitha; McMillin, Bruce

Controlling information flow in a cyber-physical system (CPS) is challenging because cyber domain decisions and actions manifest themselves as visible changes in the physical domain. This paper presents a nondeducibility-based observability analysis for CPSs. In many CPSs, the capacity of a low-level (LL) observer to deduce high-level (HL) actions ranges from limited to none. However, a collaborative set of observers strategically located in a network may be able to deduce all the HL actions. This paper models a distributed power electronics control device network using a simple DC circuit in order to understand the effect of multiple observers in a CPS. The analysis reveals that the number of observers required to deduce all the HL actions in a system increases linearly with the number of configurable units. A simple definition of nondeducibility based on the uniqueness of low-level projections is also presented. This definition is used to show that a system with two security domain levels could be considered “nondeducibility secure” if no unique LL projections exist.

Adversarial Reinforcement Learning in a Cyber Security Simulation}

OpenAIRE

Elderman, Richard; Pater, Leon; Thie, Albert; Drugan, Madalina; Wiering, Marco

2017-01-01

This paper focuses on cyber-security simulations in networks modeled as a Markov game with incomplete information and stochastic elements. The resulting game is an adversarial sequential decision making problem played with two agents, the attacker and defender. The two agents pit one reinforcement learning technique, like neural networks, Monte Carlo learning and Q-learning, against each other and examine their effectiveness against learning opponents. The results showed that Monte Carlo lear...

Training the Cyber Warrior

OpenAIRE

Fulp, J.D.

2003-01-01

This paper suggests the major educational components of a curriculum that is designed to educate individuals for job assignments as Information Assurance professionals - also known as: cyber warriors. It suggests a minimum common body of knowledge for all cyber warriors along with two major specialization categories: cyber tacticians and cyber strategists. The paper describes the distinction between tactician and strategist and offers a rough outline of the education each should receive.

Modeling and Simulation of Cyber Battlefield

Directory of Open Access Journals (Sweden)

AliJabar Rashidi

2017-12-01

Full Text Available In order to protect cyberspace against cyber-attacks we need cyber situation awareness framework for the implementation of our cyber maneuvers. This article allows execution cyber maneuvers with dynamic cyber battlefield simulator. Cyber battlefield contains essential information for the detection of cyber events, therefore, it can be considered most important and complicated factor in the high-level fusion. Cyber battlefield by gather detail data of cyberspace elements, including knowledge repository of vulnerability, tangible and intangible elements of cyberspace and the relationships between them, can provide and execute cyber maneuvers, penetration testing, cyber-attacks injection, attack tracking, visualization, cyber-attacks impact assessment and risk assessment. The dynamic maker Engine in simulator is designed to update the knowledge base of vulnerabilities, change the topology elements, and change the access list, services, hosts and users. Evaluation of simulator do with qualitative method of research and with create a focus group.

USBcat - Towards an Intrusion Surveillance Toolset

Directory of Open Access Journals (Sweden)

Chris Chapman

2014-10-01

Full Text Available This paper identifies an intrusion surveillance framework which provides an analyst with the ability to investigate and monitor cyber-attacks in a covert manner. Where cyber-attacks are perpetrated for the purposes of espionage the ability to understand an adversary's techniques and objectives are an important element in network and computer security. With the appropriate toolset, security investigators would be permitted to perform both live and stealthy counter-intelligence operations by observing the behaviour and communications of the intruder. Subsequently a more complete picture of the attacker's identity, objectives, capabilities, and infiltration could be formulated than is possible with present technologies. This research focused on developing an extensible framework to permit the covert investigation of malware. Additionally, a Universal Serial Bus (USB Mass Storage Device (MSD based covert channel was designed to enable remote command and control of the framework. The work was validated through the design, implementation and testing of a toolset.

CERN Computing Colloquium | Computer Security in 2016: Where are we and what to expect | 8 February

CERN Multimedia

2016-01-01

Computer Security in 2016: Where are we and what to expect  by Sebastian Lopienski, CERN-IT Monday 8 February from 11 a.m. to 12 p.m http://cseminar.web.cern.ch/cseminar/ at CERN, Council Chamber (503-1-001)  Description: Attacks against computer systems, belonging both to individuals and organisations, are an everyday reality. How many times have we heard about supposedly well protected companies and online services at the mercy of cyber criminals, or governments accusing other nation states of cyber espionage. Only the most serious breaches and biggest data leaks continue to make the headlines. But really, how secure is our data, computers and networks? What is happening behind the scenes? Is it actually possible to avoid the vulnerabilities, or detect the resulting exploits? This talk will address these questions and provide a high-level overview of security trends in the last year or two. It will include information on emerging typ...

Measuring the Effectiveness of Visual Analytics and Data Fusion Techniques on Situation Awareness in Cyber-Security

Science.gov (United States)

Giacobe, Nicklaus A.

2013-01-01

Cyber-security involves the monitoring a complex network of inter-related computers to prevent, identify and remediate from undesired actions. This work is performed in organizations by human analysts. These analysts monitor cyber-security sensors to develop and maintain situation awareness (SA) of both normal and abnormal activities that occur on…

A Boosting Algorithm Based Method to Predict Cyber-Threats Situation of Power Information Network%采用Boosting方法预测电力信息网络的威胁态势

Institute of Scientific and Technical Information of China (English)

徐茹枝; 王婧; 朱少敏; 许瑞辉

2013-01-01

The prediction of cyber-threats situation can effectively reflect the macroscopic security situation of power information network in the future time. To realize the accurate prediction of cyber-threats situation, an AdaBoosting algorithm based cyber-threats situation prediction method for information network is proposed. In the proposed method, the values of cyber-threats situation are used to describe the macroscopic security situation of power information network, and the prediction of macroscopic security situation is abstracted to a regression problem, and then the regression problem is solved by AdaBoosting algorithm. Firstly, using the sliding time window a time series sample set is constructed by cyber-threats situation values;then the sample set is input into AdaBoosting algorithm to be trained to obtain a regression analysis model;finally the prediction of cyber-threats situation is completed by the regression analysis model. Finally, the effectiveness of the proposed method is verified by results of replication experiments based on field data.%威胁态势预测可以有效反映电力信息网络在未来时刻的宏观安全状况。为实现威胁态势的精确预测，提出一种基于AdaBoosting方法的网络威胁态势预测方法。该方法采用威胁态势值描述电力信息网络的宏观安全态势，并将威胁态势值的预测抽象为回归问题，进而利用AdaBoosting方法求解。该方法先利用滑动时间窗口将威胁态势值构造成时间序列样本集，再将样本集输入到AdaBoosting方法中训练，以得到回归分析模型，并利用该模型完成威胁态势预测。最后基于现场数据的验证性实验证明了所提方法的有效性。

Perceptions of Popularity-Related Behaviors in the Cyber Context: Relations to Cyber Social Behaviors

Directory of Open Access Journals (Sweden)

Michelle F. Wright

2015-01-01

Full Text Available Despite acknowledging that adolescents are active users of electronic technology, little is known about their perceptions concerning how such technologies might be used to promote their social standing among their peer group and whether these perceptions relate to their cyber social behaviors (i.e., cyber aggression perpetration, cyber prosocial behavior. To address this gap in the literature, the present study included 857 seventh graders (M age: 12.19; 50.8% female from a large Midwestern city in the United States. They completed questionnaires on face-to-face social behaviors, cyber social behaviors, perceived popularity, social preference, and their perceptions of characteristics and activities related to the cyber context which might be used to promote popularity. Findings revealed four activities and characteristics used to improve adolescents’ social standing in the peer group, including antisocial behaviors, sociability, prosocial behaviors, and technology access. Using antisocial behaviors in the cyber context to promote popularity was related to cyber aggression perpetration, while controlling for gender, social preference, and perceived popularity. On the other hand, sociability and prosocial behaviors in the cyber context used to improve popularity as well as technology access were associated with cyber prosocial behavior. A call for additional research is made.

Ever-present threats from information technology: the Cyber-Paranoia and Fear Scale

Directory of Open Access Journals (Sweden)

Oliver John Mason

2014-11-01

Full Text Available Delusions involving technology, and specifically the internet, are increasingly common, and fear-reality statistics suggest computer-related fears are very widespread. These fears form a continuum from the widely understandable and realistic to the unrealistic, and frankly paranoid. The present study investigated the validity of this construct in a non-clinical population by constructing a novel self-report measure. The new Cyber-Paranoia and Fear Scale aims to measure the perception of information technology-related threats originating from or enabled by computers, smartphones, social networks and digital surveillance. Psychometric properties of the new Cyber-Paranoia and Fear Scale are reported alongside an established measure of suspiciousness and paranoia in 181 participants including a sub-group of fifty information technology professionals. Exploratory factor analysis suggested the presence of two, related, dimensions that we term Cyber-Fear and Cyber-Paranoia. Both sub-scales were internally consistent and produced a normal distribution of scores. The relationships of the sub-scales with age, gender, trait paranoia, digital literacy and digital inclusion are supportive of construct validity. The distinctiveness of ‘cyber-paranoia’ from general trait paranoia appears to mirror the clinical distinctiveness of ‘internet’ and other technology fuelled delusions. Knowledge provision to increase technological proficiency and awareness may bring about a reduction in cyber-paranoia.

Ever-present threats from information technology: the Cyber-Paranoia and Fear Scale.

Science.gov (United States)

Mason, Oliver J; Stevenson, Caroline; Freedman, Fleur

2014-01-01

Delusions involving technology, and specifically the internet, are increasingly common, and fear-reality statistics suggest computer-related fears are very widespread. These fears form a continuum from the widely understandable and realistic to the unrealistic, and frankly paranoid. The present study investigated the validity of this construct in a non-clinical population by constructing a novel self-report measure. The new Cyber-Paranoia and Fear Scale aims to measure the perception of information technology-related threats originating from or enabled by computers, smartphones, social networks, and digital surveillance. Psychometric properties of the new Cyber-Paranoia and Fear Scale are reported alongside an established measure of suspiciousness and paranoia in 181 participants including a sub-group of fifty information technology professionals. Exploratory factor analysis suggested the presence of two, related, dimensions that we term cyber-paranoia and cyber-fear. Both sub-scales were internally consistent and produced a normal distribution of scores. The relationships of the sub-scales with age, gender, trait paranoia, digital literacy, and digital inclusion are supportive of construct validity. The distinctiveness of 'cyber-paranoia' from general trait paranoia appears to mirror the clinical distinctiveness of 'internet' and other technology-fuelled delusions. Knowledge provision to increase technological proficiency and awareness may bring about a reduction in cyber-paranoia.

Plethora of Cyber Forensics

OpenAIRE

N.Sridhar; Dr.D.Lalitha Bhaskari; Dr.P.S.Avadhani

2011-01-01

As threats against digital assets have risen and there is necessitate exposing and eliminating hidden risks and threats. The ability of exposing is called “cyber forensics.” Cyber Penetrators have adopted more sophistical tools and tactics that endanger the operations of the global phenomena. These attackers are also using anti-forensic techniques to hide evidence of a cyber crime. Cyber forensics tools must increase its toughness and counteract these advanced persistent threats. This paper f...

ViNEL: A Virtual Networking Lab for Cyber Defense Education

Science.gov (United States)

Reinicke, Bryan; Baker, Elizabeth; Toothman, Callie

2018-01-01

Professors teaching cyber security classes often face challenges when developing workshops for their students: How does one quickly and efficiently configure and deploy an operating system for a temporary learning/testing environment? Faculty teaching these classes spend countless hours installing, configuring and deploying multiple system…

Development and Validation of the Air Force Cyber Intruder Alert Testbed (CIAT)

Science.gov (United States)

2016-07-27

munication. Unfortunately, these critical functions are routinely threatened by malware and other cyber security threats. Such threats are expected to...such as network packets, firewall logs, network diagrams, IP address ownership information, etc., to determine if sufficient evidence exists to support...circumstances, network analysts would likely need to consult additional sources of evidence not present in the simulation, such as net- work firewall

Fighting cyber crime through cyber forensics first responder training

CSIR Research Space (South Africa)

Venter, JP

2008-11-01

Full Text Available behind traces that are of interest to cyber forensic scientists. Cyber forensics is the science of analysing traces in order to extract evidence for use in court or at formal hearings. This rapid rise in the use of ICT for criminal purposes necessitated...

Human dimensions in cyber operations research and development priorities.

Energy Technology Data Exchange (ETDEWEB)

Forsythe, James Chris; Silva, Austin Ray; Stevens-Adams, Susan Marie; Bradshaw, Jeffrey [Institute for Human and Machine Cognition

2012-11-01

Within cyber security, the human element represents one of the greatest untapped opportunities for increasing the effectiveness of network defenses. However, there has been little research to understand the human dimension in cyber operations. To better understand the needs and priorities for research and development to address these issues, a workshop was conducted August 28-29, 2012 in Washington DC. A synthesis was developed that captured the key issues and associated research questions. Research and development needs were identified that fell into three parallel paths: (1) human factors analysis and scientific studies to establish foundational knowledge concerning factors underlying the performance of cyber defenders; (2) development of models that capture key processes that mediate interactions between defenders, users, adversaries and the public; and (3) development of a multi-purpose test environment for conducting controlled experiments that enables systems and human performance measurement. These research and development investments would transform cyber operations from an art to a science, enabling systems solutions to be engineered to address a range of situations. Organizations would be able to move beyond the current state where key decisions (e.g. personnel assignment) are made on a largely ad hoc basis to a state in which there exist institutionalized processes for assuring the right people are doing the right jobs in the right way. These developments lay the groundwork for emergence of a professional class of cyber defenders with defined roles and career progressions, with higher levels of personnel commitment and retention. Finally, the operational impact would be evident in improved performance, accompanied by a shift to a more proactive response in which defenders have the capacity to exert greater control over the cyber battlespace.

Multi-stage crypto ransomware attacks: A new emerging cyber threat to critical infrastructure and industrial control systems

Directory of Open Access Journals (Sweden)

Aaron Zimba

2018-03-01

Full Text Available The inevitable integration of critical infrastructure to public networks has exposed the underlying industrial control systems to various attack vectors. In this paper, we model multi-stage crypto ransomware attacks, which are today an emerging cyber threat to critical infrastructure. We evaluate our modeling approach using multi-stage attacks by the infamous WannaCry ransomware. The static malware analysis results uncover the techniques employed by the ransomware to discover vulnerable nodes in different SCADA and production subnets, and for the subsequent network propagation. Based on the uncovered artifacts, we recommend a cascaded network segmentation approach, which prioritizes the security of production network devices. Keywords: Critical infrastructure, Cyber-attack, Industrial control system, Crypto ransomware, Vulnerability

Cyber Guerilla

NARCIS (Netherlands)

van Haaster, J.; Gevers, R.; Sprengers, M.

2016-01-01

Much as Che Guevara’s book Guerilla Warfare helped define and delineate a new type of warfare in the wake of the Cuban revolution in 1961, Cyber Guerilla will help define the new types of threats and fighters now appearing in the digital landscape. Cyber Guerilla provides valuable insight for

Comparative Study on Cyber Securities between Power Reactor and Research Reactor with Bayesian Update

International Nuclear Information System (INIS)

Shin, Jinsoo; Heo, Gyunyoung; Son, Han Seong

2016-01-01

The Stuxnet has shown that nuclear facilities are no more safe from cyber-attack. Due to practical experiences and concerns on increasing of digital system application, cyber security has become the important issue in nuclear industry. Korea Institute of Nuclear Nonproliferation and control (KINAC) published a regulatory standard (KINAC/RS-015) to establish cyber security framework for nuclear facilities. However, it is difficult to research about cyber security. It is hard to quantify cyber-attack which has malicious activity which is different from existing design basis accidents (DBAs). We previously proposed a methodology on development of a cyber security risk model with BBN. However, the methodology had a limitation in which the input data as prior information was solely on expert opinions. In this study, we propose a cyber security risk model for instrumentation and control (I and C) system of nuclear facilities with some equation for quantification by using Bayesian Belief Network (BBN) in order to overcome the limitation of previous research. The proposed model has been used for comparative study on cyber securities between large-sized nuclear power plants (NPPs) and small-sized Research Reactors (RR). In this study, we proposed the cyber security risk evaluation model with BBN. It includes I and C architecture, which is a target system of cyber-attack, malicious activity, which causes cyber-attack from attacker, and mitigation measure, which mitigates the cyber-attack risk. Likelihood and consequence as prior information are evaluated by considering characteristics of I and C architecture and malicious activity. The BBN model provides posterior information with Bayesian update by adding any of assumed cyber-attack scenarios as evidence. Cyber security risk for nuclear facilities is analyzed by comparing between prior information and posterior information of each node. In this study, we conducted comparative study on cyber securities between power reactor

Comparative Study on Cyber Securities between Power Reactor and Research Reactor with Bayesian Update

Energy Technology Data Exchange (ETDEWEB)

Shin, Jinsoo; Heo, Gyunyoung [Kyung Hee University, Yongin (Korea, Republic of); Son, Han Seong [Joongbu Univiersity, Geumsan (Korea, Republic of)

2016-10-15

The Stuxnet has shown that nuclear facilities are no more safe from cyber-attack. Due to practical experiences and concerns on increasing of digital system application, cyber security has become the important issue in nuclear industry. Korea Institute of Nuclear Nonproliferation and control (KINAC) published a regulatory standard (KINAC/RS-015) to establish cyber security framework for nuclear facilities. However, it is difficult to research about cyber security. It is hard to quantify cyber-attack which has malicious activity which is different from existing design basis accidents (DBAs). We previously proposed a methodology on development of a cyber security risk model with BBN. However, the methodology had a limitation in which the input data as prior information was solely on expert opinions. In this study, we propose a cyber security risk model for instrumentation and control (I and C) system of nuclear facilities with some equation for quantification by using Bayesian Belief Network (BBN) in order to overcome the limitation of previous research. The proposed model has been used for comparative study on cyber securities between large-sized nuclear power plants (NPPs) and small-sized Research Reactors (RR). In this study, we proposed the cyber security risk evaluation model with BBN. It includes I and C architecture, which is a target system of cyber-attack, malicious activity, which causes cyber-attack from attacker, and mitigation measure, which mitigates the cyber-attack risk. Likelihood and consequence as prior information are evaluated by considering characteristics of I and C architecture and malicious activity. The BBN model provides posterior information with Bayesian update by adding any of assumed cyber-attack scenarios as evidence. Cyber security risk for nuclear facilities is analyzed by comparing between prior information and posterior information of each node. In this study, we conducted comparative study on cyber securities between power reactor

Hacking cyber-risks back in their tracks: to identify the right supply chain controls, look at the system

DEFF Research Database (Denmark)

Sepúlveda, Daniel; Khan, Omera

2015-01-01

A more comprehensive way of looking at cyber-risks in supply chains is required, when considering the increasing complexity of the supply networks and the exposure to unexpected disruptions, caused by cyber-attacks. This article describes some of the reasons why current risk assessment methods ar...

Cyber-Victimized Students

Directory of Open Access Journals (Sweden)

Kaitlyn N. Ryan

2013-12-01

Full Text Available Bullying is a common topic in the media and academic settings. Teachers are regularly expected to provide curriculum and intervene regarding all forms of bullying, including cyber-bullying. Altering the behaviors of those who bully is often the focus of interventions, with less attention being placed on victim impact. The purpose of this article was to provide educators with a review of evidence regarding the occurrence, impact, and interventions for victims of cyber-bullying. Evidence reveals that cyber-bullying can have emotional, social, and academic impacts but that there are very few documented, and even fewer evidence-based, programs for victims of cyber-bullying. We conclude by proposing that school-wide programs and support be developed and provided to victims.

Simulation of cyber attacks with applications in homeland defense training

Science.gov (United States)

Brown, Bill; Cutts, Andrew; McGrath, Dennis; Nicol, David M.; Smith, Timothy P.; Tofel, Brett

2003-09-01

We describe a tool to help exercise and train IT managers who make decisions about IP networks in the midst of cyber calamity. Our tool is interactive, centered around a network simulation. It includes various modes of communications one would use to make informed decisions. Our tool is capable of simulating networks with hundreds of components and dozens of players. Test indicate that it could support an exercise an order of magnitude larger and more complex.

What kind of cyber security? Theorising cyber security and mapping approaches

OpenAIRE

Laura Fichtner

2018-01-01

Building on conceptual work on security and cyber security, the paper explores how different approaches to cyber security are constructed. It outlines structural components and presents four common approaches. Each of them suggests a different role for the actors involved and is motivated and justified by different values such as privacy, economic order and national security. When a cyber security policy or initiative is chosen by policymakers, the analysis of the underlying approach enhances...

CyberCIEGE Scenario Illustrating Integrity Risks to a Military-Like Facility

National Research Council Canada - National Science Library

Fielk, Klaus

2004-01-01

.... This thesis asked if a Scenario Definition File (SDF) for the CyberCIEGE game could be developed to educate and train players in Information Assurance on matters related to information integrity in a networking environment...

CYBER FORENSICS COMPETENCY-BASED FRAMEWORK - AREVIEW

OpenAIRE

Elfadil Sabeil; Azizah Bt Abdul Manaf; Zuraini Ismail; Mohamed Abas

2011-01-01

Lack of Cyber Forensics experts is a huge challenge facing the world today. It comes due to the fancy of Cyber Forensics training or education. The multidisciplinary nature of Cyber Forensics proliferates to diverse training programmes, from a handful day‟s workshop to Postgraduate in Cyber Forensics. Consequently, this paper concentrates on analyzing the Cyber Forensics training programmes in terms of Competency-Based Framework. The study proves that Cyber Forensics training or education h...

Cyber Attacks and Energy Infrastructures: Anticipating Risks

International Nuclear Information System (INIS)

Desarnaud, Gabrielle

2017-01-01

This study analyses the likelihood of cyber-attacks against European energy infrastructures and their potential consequences, particularly on the electricity grid. It also delivers a comparative analysis of measures taken by different European countries to protect their industries and collaborate within the European Union. The energy sector experiences an unprecedented digital transformation upsetting its activities and business models. Our energy infrastructures, sometimes more than a decade old and designed to remain functional for many years to come, now constantly interact with light digital components. The convergence of the global industrial system with the power of advanced computing and analytics reveals untapped opportunities at every step of the energy value chain. However, the introduction of digital elements in old and unprotected industrial equipment also exposes the energy industry to the cyber risk. One of the most compelling example of the type of threat the industry is facing, is the 2015 cyber-attack on the Ukraine power grid, which deprived about 200 000 people of electricity in the middle of the winter. The number and the level of technical expertise of cyber-attacks rose significantly after the discovery of the Stuxnet worm in the network of Natanz uranium enrichment site in 2010. Energy transition policies and the growing integration of renewable sources of energy will intensify this tendency, if cyber security measures are not part of the design of our future energy infrastructures. Regulators try to catch up and adapt, like in France where the authorities collaborate closely with the energy industry to set up a strict and efficient regulatory framework, and protect critical operators. This approach is adopted elsewhere in Europe, but common measures applicable to the whole European Union are essential to protect strongly interconnected energy infrastructures against a multiform threat that defies frontiers

Individual, Family, and Community Predictors of Cyber-aggression among Adolescents

Directory of Open Access Journals (Sweden)

David Álvarez-García

2018-04-01

Full Text Available The objective of this article is to analyze the predictive capacity of some individual, family, and community variables concerning the likelihood that a teenager will engage in aggressive behavior toward others using a mobile phone or the Internet, occasionally or intensely, controlling for the effect of potential confounding variables. To that end, the Cyber-Aggression Questionnaire for Adolescents (CYBA as well as previously validated scales for the evaluation of the potential indicators analyzed were applied to 3,059 adolescents 12 to 18 years of age (M = 14.01, SD = 1.39. The aforementioned scales include sociodemographic variables (age and sex and variables referring to the use of the Internet (social networks, instant messaging programs, and the Internet for non-school tasks, parental control (behavioral control, rules for the use of the Internet, Internet use monitoring, and affection and communication, personality (impulsivity and empathy, antisocial behavior (frequency of aggression toward others at school, antisocial behavior outside the school, and antisocial friendships, and frequency of cyber-victimization. Multivariate regression analyses highlight the predictive capacity of impulsivity, aggression at school, and cyber-victimization as risk factors of cyber-aggression. They also suggest the existence of indirect or even spurious relationships between some of the variables analyzed and cyber-aggression. We discuss the practical implications of these results.

Cyber security

CERN Document Server

Voeller, John G

2014-01-01

Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

Cyber situation awareness: modeling detection of cyber attacks with instance-based learning theory.

Science.gov (United States)

Dutt, Varun; Ahn, Young-Suk; Gonzalez, Cleotilde

2013-06-01

To determine the effects of an adversary's behavior on the defender's accurate and timely detection of network threats. Cyber attacks cause major work disruption. It is important to understand how a defender's behavior (experience and tolerance to threats), as well as adversarial behavior (attack strategy), might impact the detection of threats. In this article, we use cognitive modeling to make predictions regarding these factors. Different model types representing a defender, based on Instance-Based Learning Theory (IBLT), faced different adversarial behaviors. A defender's model was defined by experience of threats: threat-prone (90% threats and 10% nonthreats) and nonthreat-prone (10% threats and 90% nonthreats); and different tolerance levels to threats: risk-averse (model declares a cyber attack after perceiving one threat out of eight total) and risk-seeking (model declares a cyber attack after perceiving seven threats out of eight total). Adversarial behavior is simulated by considering different attack strategies: patient (threats occur late) and impatient (threats occur early). For an impatient strategy, risk-averse models with threat-prone experiences show improved detection compared with risk-seeking models with nonthreat-prone experiences; however, the same is not true for a patient strategy. Based upon model predictions, a defender's prior threat experiences and his or her tolerance to threats are likely to predict detection accuracy; but considering the nature of adversarial behavior is also important. Decision-support tools that consider the role of a defender's experience and tolerance to threats along with the nature of adversarial behavior are likely to improve a defender's overall threat detection.

Hacking cyber-risks back in their tracks: to identify the right supply chain controls, look at the system

OpenAIRE

Sepúlveda, Daniel; Khan, Omera

2015-01-01

A more comprehensive way of looking at cyber-risks in supply chains is required, when considering the increasing complexity of the supply networks and the exposure to unexpected disruptions, caused by cyber-attacks. This article describes some of the reasons why current risk assessment methods are insufficient. The article provides an analogy for understanding the dynamic effects in a company. It describes in general terms what it means to understand cyber-risks from the control perspective, ...

Report of the 2017 IEEE Cyber Science and Technology Congress

Directory of Open Access Journals (Sweden)

Wenbing Zhao

2017-12-01

Full Text Available The modern digitized world has led to the emergence of a new paradigm on global information networks and infrastructures known as Cyberspace and the studies of Cybernetics, which bring seamless integration of physical, social and mental spaces. Cyberspace is becoming an integral part of our daily life from learning and entertainment to business and cultural activities. As expected, this whole concept of Cybernetics brings new challenges that need to be tackled. The 2017 IEEE Cyber Science and Technology Congress (CyberSciTech 2017 provided a forum for researchers to report their research findings and exchange ideas. The congress took place in Orlando, Florida, USA during 6–10 November 2017. Not counting poster papers, the congress accepted over fifty papers that are divided into nine sessions. In this report, we provide an overview of the research contributions of the papers in CyberSciTech 2017.

"Making Kind Cool": Parents' Suggestions for Preventing Cyber Bullying and Fostering Cyber Kindness

Science.gov (United States)

Cassidy, Wanda; Brown, Karen; Jackson, Margaret

2012-01-01

Cyber bullying among youth is rapidly becoming a global phenomenon, as educators, parents and policymakers grapple with trying to curtail this negative and sometimes devastating behavior. Since most cyber bullying emanates from the home computer, parents can play an important role in preventing cyber bullying and in fostering a kinder online…

Cyber Security on Nuclear Power Plant's Computer Systems

Energy Technology Data Exchange (ETDEWEB)

Shin, Ick Hyun [Korea Institute of Nuclear Nonproliferation and Control, Daejeon (Korea, Republic of)

2010-10-15

Computer systems are used in many different fields of industry. Most of us are taking great advantages from the computer systems. Because of the effectiveness and great performance of computer system, we are getting so dependable on the computer. But the more we are dependable on the computer system, the more the risk we will face when the computer system is unavailable or inaccessible or uncontrollable. There are SCADA, Supervisory Control And Data Acquisition, system which are broadly used for critical infrastructure such as transportation, electricity, water management. And if the SCADA system is vulnerable to the cyber attack, it is going to be nation's big disaster. Especially if nuclear power plant's main control systems are attacked by cyber terrorists, the results may be huge. Leaking of radioactive material will be the terrorist's main purpose without using physical forces. In this paper, different types of cyber attacks are described, and a possible structure of NPP's computer network system is presented. And the paper also provides possible ways of destruction of the NPP's computer system along with some suggestions for the protection against cyber attacks

Operational advantages of using Cyber Electronic Warfare (CEW) in the battlefield

Science.gov (United States)

Yasar, Nurgul; Yasar, Fatih M.; Topcu, Yucel

2012-06-01

While cyberspace is emerging as a new battlefield, conventional Electronic Warfare (EW) methods and applications are likely to change. Cyber Electronic Warfare (CEW) concept which merges cyberspace capabilities with traditional EW methods, is a new and enhanced form of the electronic attack. In this study, cyberspace domain of the battlefield is emphazised and the feasibility of integrating Cyber Warfare (CW) concept into EW measures is researched. The SWOT (Strengths, Weaknesses, Opportunities and Threats) analysis method is used to state the operational advantages of using CEW concept in the battlefield. The operational advantages of CEW are assessed by means of its effects on adversary air defense systems, communication networks and information systems. Outstanding technological and operational difficulties are pointed out as well. As a result, a comparison of CEW concept and conventional EW applications is presented. It is concluded that, utilization of CEW concept is feasible at the battlefield and it may yield important operational advantages. Even though the computers of developed military systems are less complex than normal computers, they are not subjected to cyber threats since they are closed systems. This concept intends to show that these closed systems are also open to the cyber threats. As a result of the SWOT analysis, CEW concept provides Air Forces to be used in cyber operations effectively. On the other hand, since its Collateral Damage Criteria (CDC) is low, the usage of cyber electronic attack systems seems to grow up.

Metaphors for cyber security.

Energy Technology Data Exchange (ETDEWEB)

Moore, Judy Hennessey; Parrott, Lori K.; Karas, Thomas H.

2008-08-01

This report is based upon a workshop, called 'CyberFest', held at Sandia National Laboratories on May 27-30, 2008. Participants in the workshop came from organizations both outside and inside Sandia. The premise of the workshop was that thinking about cyber security from a metaphorical perspective could lead to a deeper understanding of current approaches to cyber defense and perhaps to some creative new approaches. A wide range of metaphors was considered, including those relating to: military and other types of conflict, biological, health care, markets, three-dimensional space, and physical asset protection. These in turn led to consideration of a variety of possible approaches for improving cyber security in the future. From the proposed approaches, three were formulated for further discussion. These approaches were labeled 'Heterogeneity' (drawing primarily on the metaphor of biological diversity), 'Motivating Secure Behavior' (taking a market perspective on the adoption of cyber security measures) and 'Cyber Wellness' (exploring analogies with efforts to improve individual and public health).

MPM4CPS: multi-pardigm modelling for cyber-physical systems

NARCIS (Netherlands)

Vangeheluwe, Hans; Ameral, Vasco; Giese, Holger; Broenink, Johannes F.; Schätz, Bernhard; Norta, Alexander; Carreira, Paulo; Lukovic, Ivan; Mayerhofer, Tanja; Wimmer, Manuel; Vellecillo, Antonio

2016-01-01

The last decades have seen the emergence of truly complex, designed systems, known as Cyber-Physical Systems (CPS). Engineering such systems requires integrating physical, software, and network aspects. To date, neither a unifying theory nor systematic design methods, techniques and tools exist to

The Future Cybersecurity Workforce: Going Beyond Technical Skills for Successful Cyber Performance

Directory of Open Access Journals (Sweden)

Jessica Dawson

2018-06-01

Full Text Available One of the challenges in writing an article reviewing the current state of cyber education and workforce development is that there is a paucity of quantitative assessment regarding the cognitive aptitudes, work roles, or team organization required by cybersecurity professionals to be successful. In this review, we argue that the people who operate within the cyber domain need a combination of technical skills, domain specific knowledge, and social intelligence to be successful. They, like the networks they operate, must also be reliable, trustworthy, and resilient. Defining the knowledge, skills, attributes, and other characteristics is not as simple as defining a group of technical skills that people can be trained on; the complexity of the cyber domain makes this a unique challenge. There has been little research devoted to exactly what attributes individuals in the cyber domain need. What research does exist places an emphasis on technical and engineering skills while discounting the important social and organizational influences that dictate success or failure in everyday settings. This paper reviews the literature on cyber expertise and cyber workforce development to identify gaps and then argues for the important contribution of social fit in the highly complex and heterogenous cyber workforce. We then identify six assumptions for the future of cybersecurity workforce development, including the requirement for systemic thinkers, team players, a love for continued learning, strong communication ability, a sense of civic duty, and a blend of technical and social skill. Finally, we make recommendations for social and cognitive metrics which may be indicative of future performance in cyber work roles to provide a roadmap for future scholars.

The Future Cybersecurity Workforce: Going Beyond Technical Skills for Successful Cyber Performance.

Science.gov (United States)

Dawson, Jessica; Thomson, Robert

2018-01-01

One of the challenges in writing an article reviewing the current state of cyber education and workforce development is that there is a paucity of quantitative assessment regarding the cognitive aptitudes, work roles, or team organization required by cybersecurity professionals to be successful. In this review, we argue that the people who operate within the cyber domain need a combination of technical skills, domain specific knowledge, and social intelligence to be successful. They, like the networks they operate, must also be reliable, trustworthy, and resilient. Defining the knowledge, skills, attributes, and other characteristics is not as simple as defining a group of technical skills that people can be trained on; the complexity of the cyber domain makes this a unique challenge. There has been little research devoted to exactly what attributes individuals in the cyber domain need. What research does exist places an emphasis on technical and engineering skills while discounting the important social and organizational influences that dictate success or failure in everyday settings. This paper reviews the literature on cyber expertise and cyber workforce development to identify gaps and then argues for the important contribution of social fit in the highly complex and heterogenous cyber workforce. We then identify six assumptions for the future of cybersecurity workforce development, including the requirement for systemic thinkers, team players, a love for continued learning, strong communication ability, a sense of civic duty, and a blend of technical and social skill. Finally, we make recommendations for social and cognitive metrics which may be indicative of future performance in cyber work roles to provide a roadmap for future scholars.

Cyber Warfare/Cyber Terrorism

National Research Council Canada - National Science Library

O'Hara, Timothy

2004-01-01

Section 1 of this paper provides an overview of cyber warfare as an element of information warfare, starting with the general background of the current strategic environment the United States is operating...

Cyber bullying: Child and youth spirituality

Directory of Open Access Journals (Sweden)

Anastasia Apostolides

2017-10-01

Full Text Available Digital culture is part of children’s and adolescents’ everyday lives. Digital culture has both positive and negative consequences. One such negative consequence is cyber violence that has been termed cyber bullying. Cyber bullying can cause serious emotional, behavioural and academic problems for both the victim and the bully. Although there is ongoing research on the effects of cyber bullying on children and youth in South Africa, no research has been carried out on how children’s and youth’s spirituality may be affected when they are cyber bullied. This article discusses the accumulative results from different South African institutes that have researched the cyber bullying effects on children and adolescents. These results point to the spiritual effects that children and youth may experience as a result of cyber bullying. This article proposes that spirituality may prevent cyber bullying and even help children and youth heal from the trauma caused by cyber bullying. This article contributes in starting a conversation that may result in more specific research being done on how the spiritual lives of children and adolescents may be affected through the trauma caused by cyber bullying.

The Implications of Transnational Cyber Threats in International Humanitarian Law: Analysing the Distinction Between Cybercrime, Cyber Attack, and Cyber Warfare in the 21st Century

Directory of Open Access Journals (Sweden)

Faga Hemen Philip

2017-06-01

Full Text Available This paper is an attempt to draw distinctive lines between the concepts of cybercrime, cyber-attack, and cyber warfare in the current information age, in which it has become difficult to separate the activities of transnational criminals from acts of belligerents using cyberspace. The paper considers the implications of transnational cyber threats in international humanitarian law (IHL with a particular focus on cyber-attacks by non-state actors, the principles of state responsibility, and the implications of targeting non-state perpetrators under IHL. It concludes that current international law constructs are inadequate to address the implications of transnational cyber threats; the author recommends consequential amendments to the laws of war in order to address the challenges posed by transnational cyber threats.

Using cyber vulnerability testing techniques to expose undocumented security vulnerabilities in DCS and SCADA equipment

International Nuclear Information System (INIS)

Pollet, J.

2006-01-01

This session starts by providing an overview of typical DCS (Distributed Control Systems) and SCADA (Supervisory Control and Data Acquisition) architectures, and exposes cyber security vulnerabilities that vendors never admit, but are found through a comprehensive cyber testing process. A complete assessment process involves testing all of the layers and components of a SCADA or DCS environment, from the perimeter firewall all the way down to the end devices controlling the process, including what to look for when conducting a vulnerability assessment of real-time control systems. The following systems are discussed: 1. Perimeter (isolation from corporate IT or other non-critical networks) 2. Remote Access (third Party access into SCADA or DCS networks) 3. Network Architecture (switch, router, firewalls, access controls, network design) 4. Network Traffic Analysis (what is running on the network) 5. Host Operating Systems Hardening 6. Applications (how they communicate with other applications and end devices) 7. End Device Testing (PLCs, RTUs, DCS Controllers, Smart Transmitters) a. System Discovery b. Functional Discovery c. Attack Methodology i. DoS Tests (at what point does the device fail) ii. Malformed Packet Tests (packets that can cause equipment failure) iii. Session Hijacking (do anything that the operator can do) iv. Packet Injection (code and inject your own SCADA commands) v. Protocol Exploitation (Protocol Reverse Engineering / Fuzzing) This paper will provide information compiled from over five years of conducting cyber security testing on control systems hardware, software, and systems. (authors)

Using cyber vulnerability testing techniques to expose undocumented security vulnerabilities in DCS and SCADA equipment

Energy Technology Data Exchange (ETDEWEB)

Pollet, J. [PlantData Technologies, Inc., 1201 Louisiana Street, Houston, TX 77002 (United States)

2006-07-01

This session starts by providing an overview of typical DCS (Distributed Control Systems) and SCADA (Supervisory Control and Data Acquisition) architectures, and exposes cyber security vulnerabilities that vendors never admit, but are found through a comprehensive cyber testing process. A complete assessment process involves testing all of the layers and components of a SCADA or DCS environment, from the perimeter firewall all the way down to the end devices controlling the process, including what to look for when conducting a vulnerability assessment of real-time control systems. The following systems are discussed: 1. Perimeter (isolation from corporate IT or other non-critical networks) 2. Remote Access (third Party access into SCADA or DCS networks) 3. Network Architecture (switch, router, firewalls, access controls, network design) 4. Network Traffic Analysis (what is running on the network) 5. Host Operating Systems Hardening 6. Applications (how they communicate with other applications and end devices) 7. End Device Testing (PLCs, RTUs, DCS Controllers, Smart Transmitters) a. System Discovery b. Functional Discovery c. Attack Methodology i. DoS Tests (at what point does the device fail) ii. Malformed Packet Tests (packets that can cause equipment failure) iii. Session Hijacking (do anything that the operator can do) iv. Packet Injection (code and inject your own SCADA commands) v. Protocol Exploitation (Protocol Reverse Engineering / Fuzzing) This paper will provide information compiled from over five years of conducting cyber security testing on control systems hardware, software, and systems. (authors)

For the Common Defense of Cyberspace: Implications of a US Cyber Militia on Department of Defense Cyber Operations

Science.gov (United States)

2015-06-12

the Common Defense of Cyberspace: Implications of a US Cyber Militia on Department of Defense Cyber Operations 5a. CONTRACT NUMBER 5b. GRANT ...20130423/ NEWS/304230016/Navy-wants-1-000-more-cyber-warriors. 33 Edward Cardon , “Army Cyber Capabilities” (Lecture, Advanced Operations Course...Finally, once a cyber security professional is trained, many argue, to include the head of Army’s Cyber Command, Lieutenant General Edward Cardon

Simulating Cyber-Attacks for Fun and Profit

OpenAIRE

Futoransky, Ariel; Miranda, Fernando; Orlicki, Jose; Sarraute, Carlos

2010-01-01

We introduce a new simulation platform called Insight, created to design and simulate cyber-attacks against large arbitrary target scenarios. Insight has surprisingly low hardware and configuration requirements, while making the simulation a realistic experience from the attacker's standpoint. The scenarios include a crowd of simulated actors: network devices, hardware devices, software applications, protocols, users, etc. A novel characteristic of this tool is to simulate vulnerabilities (in...

Establishing Cyber Warfare Doctrine

Directory of Open Access Journals (Sweden)

Andrew M. Colarik

2012-01-01

Full Text Available Over the past several decades, advances in technology have transformed communications and the ability to acquire, disseminate, and utilize information in a range of environments. Modern societies and their respective militaries have taken advantage of a robust information space through network-centric systems. Because military and commercial operations have increasingly converged, communication and information infrastructures are now high-priority military objectives in times of war. This article examines the theoretical underpinning of current cyber warfare research, what we have learned so far about its application, and some of the emerging themes to be considered; it also postulates the development of a (national cyber warfare doctrine (CWD. An endeavor of this scale requires lots of considerations and preparation for its development if it is to be cooperatively embraced. This article considers why information technology systems and their supporting infrastructures should be considered legitimate military targets in conflicts, and offers several events that support this supposition. In addition, it identifies the various forms of doctrine that will become the basis for developing a CWD, discusses a CWD's possible components, and proposes a national collaborative and discussion framework for obtaining a nation's stakeholder buy-in for such an endeavor.

网络空间靶场技术研究%Cyber Ranges：state-of-the-art and research challenges

Institute of Scientific and Technical Information of China (English)

方滨兴; 贾焰; 李爱平; 张伟哲

2016-01-01

Cyber Range has become a very important means to support tasks such as network security technology valida-tion, network weapon testing, training of network attack and defense, and network risk assessment etc. In this survey, we first give an overview of the current research works in the field of Cyber Range, including both domestic and international contributions; secondly, state-of-the-art techniques of Cyber Range is described, including large-scale network simulation, network traffic/service and user behavior simulation, acquisition and analysis of testing data, and system security and management etc.; finally, we concluded the paper by discussing the challenges and trends of Cyber Range.%网络靶场已经成为支撑网络空间安全技术验证、网络武器试验、攻防对抗演练和网络风险评估的重要手段。本文首先介绍了网络靶场国内外研究现状；然后介绍了靶场相关技术的研究进展，包括大规模网络仿真、网络流量/服务与用户行为模拟、试验数据采集与评估、系统安全与管理等方面；最后阐述了网络靶场发展面临的挑战与发展趋势。

Toward a Visualization-Supported Workflow for Cyber Alert Management using Threat Models and Human-Centered Design

Energy Technology Data Exchange (ETDEWEB)

Franklin, Lyndsey; Pirrung, Megan A.; Blaha, Leslie M.; Dowling, Michelle V.; Feng, Mi

2017-10-09

Cyber network analysts follow complex processes in their investigations of potential threats to their network. Much research is dedicated to providing automated tool support in the effort to make their tasks more efficient, accurate, and timely. This tool support comes in a variety of implementations from machine learning algorithms that monitor streams of data to visual analytic environments for exploring rich and noisy data sets. Cyber analysts, however, often speak of a need for tools which help them merge the data they already have and help them establish appropriate baselines against which to compare potential anomalies. Furthermore, existing threat models that cyber analysts regularly use to structure their investigation are not often leveraged in support tools. We report on our work with cyber analysts to understand they analytic process and how one such model, the MITRE ATT&CK Matrix [32], is used to structure their analytic thinking. We present our efforts to map specific data needed by analysts into the threat model to inform our eventual visualization designs. We examine data mapping for gaps where the threat model is under-supported by either data or tools. We discuss these gaps as potential design spaces for future research efforts. We also discuss the design of a prototype tool that combines machine-learning and visualization components to support cyber analysts working with this threat model.

Security Scheme Based on Parameter Hiding Technic for Mobile Communication in a Secure Cyber World

Directory of Open Access Journals (Sweden)

Jong Hyuk Park

2016-10-01

Full Text Available Long Term Evolution (LTE and Long Term Evolution-Advanced (LTE-A support a better data transmission service than 3G dose and are globally commercialized technologies in a cyber world that is essential for constructing a future mobile environment, since network traffics have exponentially increased as people have started to use more than just one mobile device. However, when User Equipment (UE is executing initial attach processes to access LTE networks, there is a vulnerability in which identification parameters like International Mobile Subscriber Identity (IMSI and Radio Network Temporary Identities (RNTI are transmitted as plain texts. It can threat various services that are commercialized therewith in a cyber world. Therefore, a security scheme is proposed in this paper where identification parameters can be securely transmitted and hidden in four cases where initial attach occurs between UE and Mobility Management Entity (MME. The proposed security scheme not only supports encrypted transmission of identification parameters but also mutual authentication between Evolved Node B (eNB and MME to make a secure cyber world. Additionally, performance analysis results using an OPNET simulator showed the satisfaction of the average delay rate that is specified in LTE standards.

Computer Security of NPP Instrumentation and Control Systems: Cyber Threats

International Nuclear Information System (INIS)

Klevtsov, A.L.; Trubchaninov, S.A.

2015-01-01

The paper is devoted to cyber threats, as one of the aspects in computer security of instrumentation and control systems for nuclear power plants (NPP). The basic concepts, terms and definitions are shortly addressed. The paper presents a detailed analysis of potential cyber threats during the design and operation of NPP instrumentation and control systems. Eleven major types of threats are considered, including: the malicious software and hardware Trojans (in particular, in commercial-off-the-shelf software and hardware), computer attacks through data networks and intrusion of malicious software from an external storage media and portable devices. Particular attention is paid to the potential use of lower safety class software as a way of harmful effects (including the intrusion of malicious fragments of code) on higher safety class software. The examples of actual incidents at various nuclear facilities caused by intentional cyber attacks or unintentional computer errors during the operation of software of systems important to NPP safety.

Cyber Deterrence and Stability

Energy Technology Data Exchange (ETDEWEB)

Goychayev, Rustam [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Carr, Geoffrey A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Weise, Rachel A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Donnelly, David A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Clements, Samuel L. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Benz, Jacob M. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Rodda, Kabrena E. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Bartholomew, Rachel A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); McKinnon, Archibald D. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Andres, Richard B. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States)

2017-09-30

Throughout the 20th and early 21st centuries, deterrence and arms control have been cornerstones of strategic stability between the superpowers. However, the weaponization of the cyber realm by State actors and the multipolar nature of cyber conflict now undermines that stability. Strategic stability is the state in which nations believe that if they act aggressively to undermine U.S. national interests and the post-World War II liberal democratic order, the consequences will outweigh the benefits. The sense of lawlessness and lack of consequences in the cyber realm embolden States to be more aggressive in taking actions that undermine stability. Accordingly, this paper examines 1) the role of deterrence and arms control in securing cyber stability, and 2) the limitations and challenges associated with these traditional national security paradigms as applied to this emerging threat domain. This paper demonstrates that many 20th-century deterrence and arms control concepts are not particularly applicable in the cyber realm. However, they are not entirely irrelevant. The United States can distill lessons learned from this rich deterrence and arms control experience to develop and deploy a strategy to advance cyber stability.

The Case for Inclusion of Competitive Teams in Security Education

Science.gov (United States)

Serapiglia, Anthony

2016-01-01

Through industry news as well as contemporary reporting, the topic of computer security has become omnipresent in our daily lives. Whether the news is about corporate data breaches, international cyber espionage, or personal data compromises and identity theft--EVERYONE has had to deal with digital security in some way. Because of this, one of the…

Cyber Attacks and Combat Behavior

Directory of Open Access Journals (Sweden)

Carataș Maria Alina

2017-01-01

Full Text Available Cyber terrorism is an intangible danger, a real over the corner threat in the life of individuals,organizations, and governments and is getting harder to deal with its damages. The motivations forthe cyber-attacks are different, depending on the terrorist group, from cybercrime to hacktivism,attacks over the authorities’ servers. Organizations constantly need to find new ways ofstrengthening protection against cyber-attacks, assess their cyber readiness, expand the resiliencecapacity and adopts international security regulations.

The implications of transnational cyber threats in international humanitarian law: analysing the distinction between cybercrime, cyber attack, and cyber warfare in the 21st century

OpenAIRE

Faga, Hemen Philip

2017-01-01

This paper is an attempt to draw distinctive lines between the concepts of cybercrime, cyber-attack, and cyber warfare in the current information age, in which it has become difficult to separate the activities of transnational criminals from acts of belligerents using cyberspace. The paper considers the implications of transnational cyber threats in international humanitarian law (IHL) with a particular focus on cyber-attacks by non-state actors, the principles of state responsibility, and t...

Technical Aspects of Cyber Kill Chain

OpenAIRE

Yadav, Tarun; Mallari, Rao Arvind

2016-01-01

Recent trends in targeted cyber-attacks has increased the interest of research in the field of cyber security. Such attacks have massive disruptive effects on rganizations, enterprises and governments. Cyber kill chain is a model to describe cyber-attacks so as to develop incident response and analysis capabilities. Cyber kill chain in simple terms is an attack chain, the path that an intruder takes to penetrate information systems over time to execute an attack on the target. This paper broa...

MAS Based Distributed Automatic Generation Control for Cyber-Physical Microgrid System

Institute of Scientific and Technical Information of China (English)

Zhongwen Li; Chuanzhi Zang; Peng Zeng; Haibin Yu; Hepeng Li

2016-01-01

The microgrid is a typical cyber-physical microgrid system(CPMS). The physical unconventional distributed generators(DGs) are intermittent and inverter-interfaced which makes them very different to control. The cyber components,such as the embedded computer and communication network,are equipped with DGs, to process and transmit the necessary information for the controllers. In order to ensure system-wide observability, controllability and stabilization for the microgrid,the cyber and physical component need to be integrated. For the physical component of CPMS, the droop-control method is popular as it can be applied in both modes of operation to improve the grid transient performance. Traditional droop control methods have the drawback of the inherent trade-off between power sharing and voltage and frequency regulation. In this paper, the global information(such as the average voltage and the output active power of the microgrid and so on) are acquired distributedly based on multi-agent system(MAS). Based on the global information from cyber components of CPMS, automatic generation control(AGC) and automatic voltage control(AVC)are proposed to deal with the drawback of traditional droop control. Simulation studies in PSCAD demonstrate the effectiveness of the proposed control methods.

MAS Based Distributed Automatic Generation Control for Cyber-Physical Microgrid System

Institute of Scientific and Technical Information of China (English)

Zhongwen Li; Chuanzhi Zang; Peng Zeng; Haibin Yu; Hepeng Li

2016-01-01

The microgrid is a typical cyber-physical micro grid system (CPMS).The physical unconventional distributed generators (DGs) are intermittent and inverter-interfaced which makes them very different to control.The cyber components,such as the embedded computer and communication network,are equipped with DGs,to process and transmit the necessary information for the controllers.In order to ensure system-wide observability,controllability and stabilization for the microgrid,the cyber and physical component need to be integrated.For the physical component of CPMS,the droop-control method is popular as it can be applied in both modes of operation to improve the grid transient performance.Traditional droop control methods have the drawback of the inherent trade-off between power sharing and voltage and frequency regulation.In this paper,the global information (such as the average voltage and the output active power of the microgrid and so on) are acquired distributedly based on multi-agent system (MAS).Based on the global information from cyber components of CPMS,automatic generation control (AGC) and automatic voltage control (AVC) are proposed to deal with the drawback of traditional droop control.Simulation studies in PSCAD demonstrate the effectiveness of the proposed control methods.

Cyber warfare building the scientific foundation

CERN Document Server

Jajodia, Sushil; Subrahmanian, VS; Swarup, Vipin; Wang, Cliff

2015-01-01

This book features a wide spectrum of the latest computer science research relating to cyber warfare, including military and policy dimensions. It is the first book to explore the scientific foundation of cyber warfare and features research from the areas of artificial intelligence, game theory, programming languages, graph theory and more. The high-level approach and emphasis on scientific rigor provides insights on ways to improve cyber warfare defense worldwide. Cyber Warfare: Building the Scientific Foundation targets researchers and practitioners working in cyber security, especially gove

Cyber-physical-social systems and constructs in electric power engineering

CERN Document Server

Suryanarayanan, Siddharth; Roche, Robin

2016-01-01

Cyber-physical-social systems (CPSS) integrate computing, physical assets and human networks. Divided into four application areas to the electric grid, this book describes state-of-the-art CPSS in electric power systems, including detailed approaches on social constructs which are a critical aspect of the end-user realm.

A multi-level approach to understanding the impact of cyber crime on the financial sector

OpenAIRE

Monica Lagazio; Nazneen Sherif; Mike Cushman

2014-01-01

This paper puts forward a multi-level model, based on system dynamics methodology, to understand the impact of cyber crime on the financial sector. Consistent with recent findings, our results show that strong dynamic relationships, amongst tangible and intangible factors, affect cyber crime cost and occur at different levels of society and value network. Specifically, shifts in financial companies’ strategic priorities, having the protection of customer trust and loyalty as a key objective, ...

Dynamic Training Environments of the Future

Science.gov (United States)

2008-03-13

for cyber attacks, espionage, & command and control  MMORPG used to generate revenue through the sale of in-game items for real-world currency...The video game is the new media in cyberspace, it can be used by us and it will be used against us The MMORPG is the emergence of a new society Types

An Ontology for Identifying Cyber Intrusion Induced Faults in Process Control Systems

Science.gov (United States)

Hieb, Jeffrey; Graham, James; Guan, Jian

This paper presents an ontological framework that permits formal representations of process control systems, including elements of the process being controlled and the control system itself. A fault diagnosis algorithm based on the ontological model is also presented. The algorithm can identify traditional process elements as well as control system elements (e.g., IP network and SCADA protocol) as fault sources. When these elements are identified as a likely fault source, the possibility exists that the process fault is induced by a cyber intrusion. A laboratory-scale distillation column is used to illustrate the model and the algorithm. Coupled with a well-defined statistical process model, this fault diagnosis approach provides cyber security enhanced fault diagnosis information to plant operators and can help identify that a cyber attack is underway before a major process failure is experienced.

Closing the Cyber Gap: Integrating Cross-Government Cyber Capabilities to Support the DHS Cyber Security Mission

Science.gov (United States)

2014-12-01

identifies and eliminates the actors who seek to target our cyber 152 “2013 Data Breach Investigations Report,” Verizon Enterprise Solutions, accessed...future. 360 “2013 Data Breach Investigations Report,” Verizon Enterprise Solutions, accessed September 29, 2013, http://www.verizonenterprise.com/DBIR...critical system owners and worldwide cyber security teams.382 381 Data Breach on the Rise: Protecting Personal Information from Harm: Hearing

Cyber Security Analysis of Turkey

OpenAIRE

Senturk, Hakan; Çil, Zaim; Sağıroğlu, Şeref

2016-01-01

Considering the criticality of the cyber security threat in the 21st century, it is presumed that the nations are busy with series of activities in order to protect their security in the cyber space domain. In this paper, in light of the recent developments in the cyber security field, Turkey’s cyber security analysis is performed using a macro analysis model. We researched for the measures taken in Turkey with respect to those in the other countries, reviewed the posture, the activities and ...

Cyber defense and situational awareness

CERN Document Server

Kott, Alexander; Erbacher, Robert F

2015-01-01

This book is the first publication to give a comprehensive, structured treatment to the important topic of situational awareness in cyber defense. It presents the subject in a logical, consistent, continuous discourse, covering key topics such as formation of cyber situational awareness, visualization and human factors, automated learning and inference, use of ontologies and metrics, predicting and assessing impact of cyber attacks, and achieving resilience of cyber and physical mission. Chapters include case studies, recent research results and practical insights described specifically for th

A Social Cyber Contract Theory Model for Understanding National Cyber Strategies

NARCIS (Netherlands)

Bierens, R.H.; Klievink, A.J.; van den Berg, J.

2017-01-01

Today’s increasing connectivity creates cyber risks at personal, organizational up to societal level. Societal cyber risks require mitigation by all kinds of actors where government should take the lead due to its responsibility to protect its citizens. Since no formal global governance exists, the

Changing the face of cyber warfare with international cyber defense collaboration

CSIR Research Space (South Africa)

Grobler, M

2011-03-01

Full Text Available . The result is that many countries are not properly prepared, nor adequately protected by legislation, in the event of a cyber attack on a national level. This article will address the international cyber defense collaboration problem by looking at the impact...

What kind of cyber security? Theorising cyber security and mapping approaches

Directory of Open Access Journals (Sweden)

Laura Fichtner

2018-05-01

Full Text Available Building on conceptual work on security and cyber security, the paper explores how different approaches to cyber security are constructed. It outlines structural components and presents four common approaches. Each of them suggests a different role for the actors involved and is motivated and justified by different values such as privacy, economic order and national security. When a cyber security policy or initiative is chosen by policymakers, the analysis of the underlying approach enhances our understanding of how this shapes relationships between actors and of the values prioritised, promoted and inscribed into the concerned technologies.

Methodology for Applying Cyber Security Risk Evaluation from BN Model to PSA Model

Energy Technology Data Exchange (ETDEWEB)

Shin, Jin Soo; Heo, Gyun Young [Kyung Hee University, Youngin (Korea, Republic of); Kang, Hyun Gook [KAIST, Dajeon (Korea, Republic of); Son, Han Seong [Joongbu University, Chubu (Korea, Republic of)

2014-08-15

There are several advantages to use digital equipment such as cost, convenience, and availability. It is inevitable to use the digital I and C equipment replaced analog. Nuclear facilities have already started applying the digital system to I and C system. However, the nuclear facilities also have to change I and C system even though it is difficult to use digital equipment due to high level of safety, irradiation embrittlement, and cyber security. A cyber security which is one of important concerns to use digital equipment can affect the whole integrity of nuclear facilities. For instance, cyber-attack occurred to nuclear facilities such as the SQL slammer worm, stuxnet, DUQU, and flame. The regulatory authorities have published many regulatory requirement documents such as U.S. NRC Regulatory Guide 5.71, 1.152, IAEA guide NSS-17, IEEE Standard, and KINS Regulatory Guide. One of the important problem of cyber security research for nuclear facilities is difficulty to obtain the data through the penetration experiments. Therefore, we make cyber security risk evaluation model with Bayesian network (BN) for nuclear reactor protection system (RPS), which is one of the safety-critical systems to trip the reactor when the accident is happened to the facilities. BN can be used for overcoming these problems. We propose a method to apply BN cyber security model to probabilistic safety assessment (PSA) model, which had been used for safety assessment of system, structure and components of facility. The proposed method will be able to provide the insight of safety as well as cyber risk to the facility.

Methodology for Applying Cyber Security Risk Evaluation from BN Model to PSA Model

International Nuclear Information System (INIS)

Shin, Jin Soo; Heo, Gyun Young; Kang, Hyun Gook; Son, Han Seong

2014-01-01

There are several advantages to use digital equipment such as cost, convenience, and availability. It is inevitable to use the digital I and C equipment replaced analog. Nuclear facilities have already started applying the digital system to I and C system. However, the nuclear facilities also have to change I and C system even though it is difficult to use digital equipment due to high level of safety, irradiation embrittlement, and cyber security. A cyber security which is one of important concerns to use digital equipment can affect the whole integrity of nuclear facilities. For instance, cyber-attack occurred to nuclear facilities such as the SQL slammer worm, stuxnet, DUQU, and flame. The regulatory authorities have published many regulatory requirement documents such as U.S. NRC Regulatory Guide 5.71, 1.152, IAEA guide NSS-17, IEEE Standard, and KINS Regulatory Guide. One of the important problem of cyber security research for nuclear facilities is difficulty to obtain the data through the penetration experiments. Therefore, we make cyber security risk evaluation model with Bayesian network (BN) for nuclear reactor protection system (RPS), which is one of the safety-critical systems to trip the reactor when the accident is happened to the facilities. BN can be used for overcoming these problems. We propose a method to apply BN cyber security model to probabilistic safety assessment (PSA) model, which had been used for safety assessment of system, structure and components of facility. The proposed method will be able to provide the insight of safety as well as cyber risk to the facility

Towards a cyber-physical era: soft computing framework based multi-sensor array for water quality monitoring

OpenAIRE

Bhardwaj, Jyotirmoy; Gupta, Karunesh K.; Gupta, Rajiv

2018-01-01

New concepts and techniques are replacing traditional methods of water quality parameter measurement systems. This paper introduces a cyber-physical system (CPS) approach for water quality assessment in a distribution network. Cyber-physical systems with embedded sensors, processors and actuators can be designed to sense and interact with the water environment. The proposed CPS is comprised of sensing framework integrated with five different water quality parameter sensor no...

Cyber and physical infrastructure interdependencies.

Energy Technology Data Exchange (ETDEWEB)

Phillips, Laurence R.; Kelic, Andjelka; Warren, Drake E.

2008-09-01

The goal of the work discussed in this document is to understand the risk to the nation of cyber attacks on critical infrastructures. The large body of research results on cyber attacks against physical infrastructure vulnerabilities has not resulted in clear understanding of the cascading effects a cyber-caused disruption can have on critical national infrastructures and the ability of these affected infrastructures to deliver services. This document discusses current research and methodologies aimed at assessing the translation of a cyber-based effect into a physical disruption of infrastructure and thence into quantification of the economic consequences of the resultant disruption and damage. The document discusses the deficiencies of the existing methods in correlating cyber attacks with physical consequences. The document then outlines a research plan to correct those deficiencies. When completed, the research plan will result in a fully supported methodology to quantify the economic consequences of events that begin with cyber effects, cascade into other physical infrastructure impacts, and result in degradation of the critical infrastructure's ability to deliver services and products. This methodology enables quantification of the risks to national critical infrastructure of cyber threats. The work addresses the electric power sector as an example of how the methodology can be applied.

Cyber-Physical War Gaming

OpenAIRE

Colbert, E. J. M.; Sullivan, D. T.; Kott, A

2017-01-01

This paper presents general strategies for cyber war gaming of Cyber-Physical Systems (CPSs) that are used for cyber security research at the U.S. Army Research Laboratory (ARL). Since Supervisory Control and Data Acquisition (SCADA) and other CPSs are operational systems, it is difficult or impossible to perform security experiments on actual systems. The authors describe how table-top strategy sessions and realistic, live CPS war games are conducted at ARL. They also discuss how the recorde...

Recommended Practice: Creating Cyber Forensics Plans for Control Systems

Energy Technology Data Exchange (ETDEWEB)

Eric Cornelius; Mark Fabro

2008-08-01

issues and to accommodate for the diversity in both system and architecture types, a framework based in recommended practices to address forensics in the control systems domain is required. This framework must be fully flexible to allow for deployment into any control systems environment regardless of technologies used. Moreover, the framework and practices must provide for direction on the integration of modern network security technologies with traditionally closed systems, the result being a true defense-in-depth strategy for control systems architectures. This document takes the traditional concepts of cyber forensics and forensics engineering and provides direction regarding augmentation for control systems operational environments. The goal is to provide guidance to the reader with specifics relating to the complexity of cyber forensics for control systems, guidance to allow organizations to create a self-sustaining cyber forensics program, and guidance to support the maintenance and evolution of such programs. As the current control systems cyber security community of interest is without any specific direction on how to proceed with forensics in control systems environments, this information product is intended to be a first step.

Metrological Array of Cyber-Physical Systems. Part 3. Smart Energy-Efficient House

Directory of Open Access Journals (Sweden)

Ihor HNES

2015-04-01

Full Text Available Smart energy-efficient houses as the components of Cyber-Physical Systems are developed intensively. The main stream of progress consists in the research of Smart houses’ energy supply. By this option the mentioned objects are advancing from passive houses through net-zero energy houses to active houses that are capable of sharing their own accumulated energy with other components of Cyber-Physical Systems. We consider the problems of studying the metrology models and measuring the heat dissipation in such houses trying to apply network and software achievements as well as the new types of devices with improved characteristics.

Current Status of the Cyber Threat Assessment for Nuclear Facilities

Energy Technology Data Exchange (ETDEWEB)

Kim, Hyun Doo [KINAC, Daejeon (Korea, Republic of)

2016-05-15

In December 2014, unknown hackers hacked internal documents sourced from Korea Hydro and Nuclear Power (KHNP) and those electronic documents were posted five times on a Social Network Service (SNS). The data included personal profiles, flow charts, manuals and blueprints for installing pipes in the nuclear power plant. Although the data were not critical to operation or sabotage of the plant, it threatened people and caused social unrest in Korea and neighboring countries. In December 2015, cyber attack on power grid caused a blackout for hundreds of thousands of people in Ukraine. The power outage was caused by a sophisticated attack using destructive malware called 'BlackEnergy'. Cyber attacks are reality in today's world and critical infrastructures are increasingly targeted. Critical infrastructures, such as the nuclear power plant, need to be proactive and protect the nuclear materials, assets and facilities from potential cyber attacks. The threat assessment document and its detailed procedure are confidential for the State. Nevertheless, it is easy to find cooperation on assessing and evaluating the threats of nuclear materials and facilities with other government departments or agencies including the national police. The NSSC and KINAC also cooperated with the National Intelligence Service (NIS) and National Security Research Institute (NSR). However, robust cyber threat assessment system and regular consultative group should be established with domestic and overseas organization including NIS, NSR, the National Police Agency and the military force to protect and ensure to safety of people, public and environment from rapidly changing and upgrading cyber threats.

Current Status of the Cyber Threat Assessment for Nuclear Facilities

International Nuclear Information System (INIS)

Kim, Hyun Doo

2016-01-01

In December 2014, unknown hackers hacked internal documents sourced from Korea Hydro and Nuclear Power (KHNP) and those electronic documents were posted five times on a Social Network Service (SNS). The data included personal profiles, flow charts, manuals and blueprints for installing pipes in the nuclear power plant. Although the data were not critical to operation or sabotage of the plant, it threatened people and caused social unrest in Korea and neighboring countries. In December 2015, cyber attack on power grid caused a blackout for hundreds of thousands of people in Ukraine. The power outage was caused by a sophisticated attack using destructive malware called 'BlackEnergy'. Cyber attacks are reality in today's world and critical infrastructures are increasingly targeted. Critical infrastructures, such as the nuclear power plant, need to be proactive and protect the nuclear materials, assets and facilities from potential cyber attacks. The threat assessment document and its detailed procedure are confidential for the State. Nevertheless, it is easy to find cooperation on assessing and evaluating the threats of nuclear materials and facilities with other government departments or agencies including the national police. The NSSC and KINAC also cooperated with the National Intelligence Service (NIS) and National Security Research Institute (NSR). However, robust cyber threat assessment system and regular consultative group should be established with domestic and overseas organization including NIS, NSR, the National Police Agency and the military force to protect and ensure to safety of people, public and environment from rapidly changing and upgrading cyber threats

Using agility to combat cyber attacks.

Science.gov (United States)

Anderson, Kerry

2017-06-01

Some incident response practitioners feel that they have been locked in a battle with cyber criminals since the popular adoption of the internet. Initially, organisations made great inroads in preventing and containing cyber attacks. In the last few years, however, cyber criminals have become adept at eluding defence security technologies and rapidly modifying their exploit strategies for financial or political gains. Similar to changes in military combat tactics, cyber criminals utilise distributed attack cells, real-time communications, and rapidly mutating exploits to minimise the potential for detection. Cyber criminals have changed their attack paradigm. This paper describes a new incident response paradigm aimed at combating the new model of cyber attacks with an emphasis on agility to increase the organisation's ability to respond rapidly to these new challenges.

Anonymous As a Cyber Tribe: A New Model for Complex, Non-State Cyber Actors

Science.gov (United States)

2015-05-01

personas. Only then can cyber strategists exercise the required amount of cultural relativism needed to influence complex, and sometimes disturbing...that runs counter to their professional ethic ? When cyber tribes employ atrocity to create cultural barriers, how will planners remain focused on...as a cyber actor’s motivation? Meeting these challenges requires new levels of cultural relativism —the understanding of a “culture or a cultural

A genetic epidemiology approach to cyber-security.

Science.gov (United States)

Gil, Santiago; Kott, Alexander; Barabási, Albert-László

2014-07-16

While much attention has been paid to the vulnerability of computer networks to node and link failure, there is limited systematic understanding of the factors that determine the likelihood that a node (computer) is compromised. We therefore collect threat log data in a university network to study the patterns of threat activity for individual hosts. We relate this information to the properties of each host as observed through network-wide scans, establishing associations between the network services a host is running and the kinds of threats to which it is susceptible. We propose a methodology to associate services to threats inspired by the tools used in genetics to identify statistical associations between mutations and diseases. The proposed approach allows us to determine probabilities of infection directly from observation, offering an automated high-throughput strategy to develop comprehensive metrics for cyber-security.

Maritime Cyber Security University Research

Science.gov (United States)

2016-05-01

i Classification | CG-926 RDC | author | audience | month year Maritime Cyber Security University Research Phase I - Final Report...Distribution Statement A: Approved for public release; distribution is unlimited. May 2016 Report No. CG-D-06-16 Maritime Cyber Security...Director United States Coast Guard Research & Development Center 1 Chelsea Street New London, CT 06320 Maritime Cyber Security University

Cyber dating abuse in affective and sexual relationships: a literature review.

Science.gov (United States)

Flach, Roberta Matassoli Duran; Deslandes, Suely Ferreira

2017-07-27

Cyber culture with its related e-commerce, expanded since the 2000s through the advent of social network platforms, incites participants to engage in hyper-exposure and spectacularization of their private lives, with inherent consequences for personal image and privacy, publicizing private matters (especially those pertaining to sexuality and corporality) in the digital media. This raises the need to understand how the phenomenon of cyber dating abuse in affective and sexual relationships is conceptualized and characterized in scientific studies, which health problems are associated with it, and which social technologies are suggested for intervention. This form of abuse is a new expression of intimate partner violence that involves, among other practices, posting embarrassing photos and videos and intimate messages without prior consent, with the purpose of humiliating and defaming the person. The current study is an integrative systematic review, including 35 articles, with a predominance of studies in the United States (22). Types of cyber dating abuse range from direct aggression to stalking. Despite the high prevalence, especially among adolescents and youth, the literature highlights that this type of cyber abuse is often taken for granted. The suggested interventions are mostly for prevention and awareness-raising concerning relationship abuse, action by school counselors, and family orientation. The high reciprocity of cyber dating abuse between males and females indicates that future studies should attempt to elucidate how the dynamics of gender violence are reproduced or subverted by it.

No-hardware-signature cybersecurity-crypto-module: a resilient cyber defense agent

Science.gov (United States)

Zaghloul, A. R. M.; Zaghloul, Y. A.

2014-06-01

We present an optical cybersecurity-crypto-module as a resilient cyber defense agent. It has no hardware signature since it is bitstream reconfigurable, where single hardware architecture functions as any selected device of all possible ones of the same number of inputs. For a two-input digital device, a 4-digit bitstream of 0s and 1s determines which device, of a total of 16 devices, the hardware performs as. Accordingly, the hardware itself is not physically reconfigured, but its performance is. Such a defense agent allows the attack to take place, rendering it harmless. On the other hand, if the system is already infected with malware sending out information, the defense agent allows the information to go out, rendering it meaningless. The hardware architecture is immune to side attacks since such an attack would reveal information on the attack itself and not on the hardware. This cyber defense agent can be used to secure a point-to-point, point-to-multipoint, a whole network, and/or a single entity in the cyberspace. Therefore, ensuring trust between cyber resources. It can provide secure communication in an insecure network. We provide the hardware design and explain how it works. Scalability of the design is briefly discussed. (Protected by United States Patents No.: US 8,004,734; US 8,325,404; and other National Patents worldwide.)

Cyber operations as nuclear counterproliferation measures

OpenAIRE

Roscini, M.

2014-01-01

Focusing on recent malware that allegedly targeted Iran’s nuclear programme, this article discusses the legality of inter-state cyber operations as measures to prevent the proliferation of nuclear weapons approaching the problem from the perspective of the law of State responsibility, in particular the circumstances precluding wrongfulness. After examining the role that cyber attacks and cyber exploitation can play in preventing nuclear proliferation, the article explores whether cyber operat...

A practical introduction to human-in-the-loop cyber-physical systems

CERN Document Server

Nunes, David; Boavida, Fernando

2018-01-01

Studies estimate that by 2020 we will have a vast Internet of Things (IoT) network comprising 26 billion connected devices, including everything from light bulbs to refrigerators, coffee makers to cars. From the beginning, the concept of cyber-physical systems (CPS), or the sensing and control of physical phenomena through networks of devices that work together to achieve common goals, has been implicit in the IoT enterprise. This book focuses on the increasingly hot topic of Human-in-the-loop Cyber-Physical Systems (HiTLCPS)--CPSs that incorporate human responses in IoT equation. Why have we not yet integrated the human component into CPSs? What are the major challenges to achieving HiTLCPS? How can we take advantage of ubiquitous sensing platforms, such as smartphones and personal devices to achieve that goal? While mature HiTLCPS designs have yet to be achieved, or a general consensus reached on underlying HiTLCPS requirements, principles, and theory, researchers and developers worldwide are on the cusp ...

Cyber-bullying prevention in primary school: School leaders’ understanding of cyber-bullying prevention

OpenAIRE

Vestvik, Svitlana

2011-01-01

This master‟s thesis is about cyber-bullying prevention in primary school. My reason for choosing this issue was a desire to get a greater insight into cyber-bullying as a phenomenon. In addition, I found it interesting to find how the principals can work systematically for prevention and reduction of cyber-bullying incidents in schools, with the purpose of offering pupils a good psycho-social environment as enshrined in the Education Act, Section 9a-3. My attention was focused on understa...

Online Moral Disengagement, Cyberbullying, and Cyber-Aggression.

Science.gov (United States)

Runions, Kevin C; Bak, Michal

2015-07-01

The study of moral disengagement has greatly informed research on aggression and bullying. There has been some debate on whether cyberbullies and other cyber-aggressors show more or less of a tendency for moral disengagement than traditional aggressors and bullies. However, according to the triadic model of reciprocal determinism, an individual's behavior influences and is influenced by both personal factors and his/her social environment. This article reviews the literature to propose a new conceptual framework addressing how features of the online context may enable specific mechanisms that facilitate moral disengagement. Specific affordances for moral disengagement proposed here include the paucity of social-emotional cues, the ease of disseminating communication via social networks, and the media attention on cyberbullying, which may elicit moral justification, euphemistic labeling, palliative comparison, diffusion and displacement of responsibility, minimizing and disregarding the consequences for others, dehumanization, and attribution of blame. These ideas suggest that by providing affordances for these mechanisms of moral disengagement, online settings may facilitate cyber-aggression and cyberbullying.

Predicting Cyber Events by Leveraging Hacker Sentiment

OpenAIRE

Deb, Ashok; Lerman, Kristina; Ferrara, Emilio

2018-01-01

Recent high-profile cyber attacks exemplify why organizations need better cyber defenses. Cyber threats are hard to accurately predict because attackers usually try to mask their traces. However, they often discuss exploits and techniques on hacking forums. The community behavior of the hackers may provide insights into groups' collective malicious activity. We propose a novel approach to predict cyber events using sentiment analysis. We test our approach using cyber attack data from 2 major ...

Literature Review on Cyber Security Investment Decisions

OpenAIRE

ŞENTÜRK, Hakan; ÇİL, Celal Zaim; SAĞIROĞLU, Şeref

2016-01-01

Severe financial losses incurred by cyber security attacks with increasing complexity and frequency, as well as booming cyber security sector offering variety of products as investment options have led the focus of the research in the field to the economic dimension of cyber security. The need for determination of methods to be used when making cyber security investment decisions under budget constraints have become prominent. In five sections as the cyber security investment strategies, risk...

Information Assurance Cyber Ecology

National Research Council Canada - National Science Library

Jorgensen, Jane

2003-01-01

.... The goals of the Cyber Ecology project were to: (1) enable and demonstrate the discovery of noel IA technologies for the detection and mitigation of damage due to cyber attack through the application of ecological models, (2...

National Cyber Security Policy

Indian Academy of Sciences (India)

National Cyber Security Policy. Salient Features: Caters to ... Creating a secure cyber ecosystem. Creating an assurance framework. Encouraging Open Standards. Strengthening the Regulatory framework. Creating mechanisms for security threat early warning, vulnerability management and response to security threats.

Cybercom Chief Details U.S. Cyber Threats

Science.gov (United States)

Security Robots Lasers RSS Feed Cybercom Chief Details U.S. Cyber Threats - December 2, 2014 Navy Adm . Rogers, the commander of U.S. Cyber Command, director of the National Security Agency and chief of the Framework for Cyber Sharing But before Cybercom can help commercial companies deal with cyber criminals and

Understanding Strategic Information Manoeuvres in Network Media to Advance Cyber Operations: A Case Study Analysing Pro-Russian Separatists’ Cyber Information Operations in Crimean Water Crisis

Directory of Open Access Journals (Sweden)

Al-Khateeb Samer

2016-06-01

Full Text Available The inexpensive nature and wide availability of emerging media outlets, e.g. social networking sites and blogs makes them easy-to-use weapons, giving power and courage to individuals to form groups that are able to win or at least force concessions from stronger forces. Today, terrorist groups know that opinions can be influenced using networked media and this knowledge empowers and enables them to alienate their audience and sometimes provoke them into violent actions. To understand the strategic information manoeuvres used by such groups, e.g., trans-national terrorist groups, we study the channels (blogs, Twitter, etc. and methods (e.g., influential actors/groups they use to disseminate messages pertaining to recruitment, radicalization, and raising funds. We collect data from several sources, including over 130 blog websites known for pro-Russian propaganda for events such as the Crimean water crisis and Trident Juncture Exercise (TRJE 15. In addition to blogs, we collect data from Twitter for the above-mentioned events to study the crossinfluence of various social media platforms in conducting strategic information manoeuvres. The study shows that groups are able to spread their opinions and create emotional attitudes for their followers through the sophisticated and blended use of these network media platforms via powerful actors, trolls, and botnets. We design social and network science informed methodologies to study the sociotechnical behaviours of trolls and botnets and develop detection tools ready to be deployed for Cyber operations. The tools have been further tested in the information operations of ISIL, e.g., beheading of hostages in orange jump suits. This study helps identifying the actions needed to win this “battle of ideas”.

THE INFORMATION CONFIDENTIALITY AND CYBER SECURITY IN MEDICAL INSTITUTIONS

Directory of Open Access Journals (Sweden)

SABAU-POPA CLAUDIA DIANA

2015-07-01

Full Text Available The information confidentiality and cyber security risk affects the right to confidentiality and privacy of the patient, as regulated in Romania by the Law 46/2002. The manifestation of the cyber security risk event affects the reputation of the healthcare institution and is becoming more and more complex and often due to the: development of network technology, the medical equipment connected to wifi and the electronic databases. The databases containing medical records were implemented due to automation. Thus, transforming data into medical knowledge contribute to a better understanding of the disease. Due to these factors, the measures taken by the hospital management for this type of risk are adapted to the cyber changes. The hospital objectives aim: the implementation of a robust information system, the early threats identifications and the incident reporting. Neglecting this type of risk can generate financial loss, inability to continue providing health care services for a certain period of time, providing an erroneous diagnosis, medical equipment errors etc. Thus, in a digital age the appropriate risk management for the information security and cyber risk represent a necessity. The main concern of hospitals worldwide is to align with international requirements and obtain credentials in terms of data security from the International Organisation for Standardization, which regulates the management of this type of risk. Romania is at the beginning in terms of concerns regarding the management, avoidance and mitigation of information security, the health system being most highly exposed to its manifestation. The present paper examines the concerns of the health system to the confidentiality of information and cyber security risk and its management arrangements. Thus, a set of key risk indicators is implemented and monitored for 2011-2013, using a user interface, a Dashboard, which acts as an early warning system of the manifestation of the

Cyber bullying: Child and youth spirituality

OpenAIRE

Anastasia Apostolides

2017-01-01

Digital culture is part of children’s and adolescents’ everyday lives. Digital culture has both positive and negative consequences. One such negative consequence is cyber violence that has been termed cyber bullying. Cyber bullying can cause serious emotional, behavioural and academic problems for both the victim and the bully. Although there is ongoing research on the effects of cyber bullying on children and youth in South Africa, no research has been carried out on how children’s and youth...

Resilient Military Systems and the Advanced Cyber Threat

Science.gov (United States)

2013-01-01

Information Grid ( GIG ). Commercial technologies that enable the automation of some network maintenance activities and provide real-time mitigation of...will result in a serious competitive disadvantage to the U.S. economy . Key findings of the study include:  The cyber threat is serious, with...malware and other software attacks and then assuming that those systems are likely compromised. The larger GIG is then protected from those systems

Cyber-Warfare: Jus Post Bellum

Science.gov (United States)

2015-03-01

average data breach continues to increase, according to a report from Ponemon Institute (2014); there was a 201 dollars associated cost per...How much does cyber/ data breach insurance cost? Data Breach Insurance. Retrieved from http://databreachinsurancequote.com/cyber- insurance/cyber...insurance- data - breach -insurance-premiums/ Maxwell, D. (2013, Apr 11). What to make of North Korea. The Diplomat. Retrieved from http://thediplomat.com

Development of Cyber Theater titled "PINOCCHIO" and Cyber Theater Scenario Language: CTSL

Directory of Open Access Journals (Sweden)

Hiroshi Matsuda

2003-10-01

Full Text Available In Japan, most of children haven't read the Fairy Tales or tales of old Japan because the high technology video games are more exciting than most of picture books. But they must be effective to bring up the children's cultivation of aesthetic sensitivity. And we have heard from teachers of elementary schools that most of themes of computer education in school are the operation of Painting Tool or Game Software. To improve these problems and to aid the courses of computer-based education in elementary school, we developed new educational support tool named Cyber Theater. Cyber Theater provides the capability of easy making the 3D-CG animation of children's story by using Script language named CTSL (Cyber Theater Scenario Language. We hope schoolteachers will be able to use Cyber Tales as teaching materials in elementary schools. We also hope that upper-aged students (including junior high school students are able to make their original CG-animation stories as the Creative Lesson.

Network Challenges for Cyber Physical Systems with Tiny Wireless Devices: A Case Study on Reliable Pipeline Condition Monitoring

Directory of Open Access Journals (Sweden)

Salman Ali

2015-03-01

Full Text Available The synergy of computational and physical network components leading to the Internet of Things, Data and Services has been made feasible by the use of Cyber Physical Systems (CPSs. CPS engineering promises to impact system condition monitoring for a diverse range of fields from healthcare, manufacturing, and transportation to aerospace and warfare. CPS for environment monitoring applications completely transforms human-to-human, human-to-machine and machine-to-machine interactions with the use of Internet Cloud. A recent trend is to gain assistance from mergers between virtual networking and physical actuation to reliably perform all conventional and complex sensing and communication tasks. Oil and gas pipeline monitoring provides a novel example of the benefits of CPS, providing a reliable remote monitoring platform to leverage environment, strategic and economic benefits. In this paper, we evaluate the applications and technical requirements for seamlessly integrating CPS with sensor network plane from a reliability perspective and review the strategies for communicating information between remote monitoring sites and the widely deployed sensor nodes. Related challenges and issues in network architecture design and relevant protocols are also provided with classification. This is supported by a case study on implementing reliable monitoring of oil and gas pipeline installations. Network parameters like node-discovery, node-mobility, data security, link connectivity, data aggregation, information knowledge discovery and quality of service provisioning have been reviewed.

Network challenges for cyber physical systems with tiny wireless devices: a case study on reliable pipeline condition monitoring.

Science.gov (United States)

Ali, Salman; Qaisar, Saad Bin; Saeed, Husnain; Khan, Muhammad Farhan; Naeem, Muhammad; Anpalagan, Alagan

2015-03-25

The synergy of computational and physical network components leading to the Internet of Things, Data and Services has been made feasible by the use of Cyber Physical Systems (CPSs). CPS engineering promises to impact system condition monitoring for a diverse range of fields from healthcare, manufacturing, and transportation to aerospace and warfare. CPS for environment monitoring applications completely transforms human-to-human, human-to-machine and machine-to-machine interactions with the use of Internet Cloud. A recent trend is to gain assistance from mergers between virtual networking and physical actuation to reliably perform all conventional and complex sensing and communication tasks. Oil and gas pipeline monitoring provides a novel example of the benefits of CPS, providing a reliable remote monitoring platform to leverage environment, strategic and economic benefits. In this paper, we evaluate the applications and technical requirements for seamlessly integrating CPS with sensor network plane from a reliability perspective and review the strategies for communicating information between remote monitoring sites and the widely deployed sensor nodes. Related challenges and issues in network architecture design and relevant protocols are also provided with classification. This is supported by a case study on implementing reliable monitoring of oil and gas pipeline installations. Network parameters like node-discovery, node-mobility, data security, link connectivity, data aggregation, information knowledge discovery and quality of service provisioning have been reviewed.

Stuxnet and the Future of Cyber War

OpenAIRE

Farwell, James P.; Rohozinski, Rafal

2011-01-01

The discovery in June 2010 that a cyber worm dubbed 'Stuxnet' had struck the Iranian nuclear facility at Natanz suggested that, for cyber war, the future is now. Yet more important is the political and strategic context in which new cyber threats are emerging, and the effects the worm has generated in this respect. Perhaps most striking is the confluence between cyber crime and state action. States are capitalising on technology whose development is driven by cyber crime, and perhaps outsourc...

Comparing models of offensive cyber operations

CSIR Research Space (South Africa)

Grant, T

2015-10-01

Full Text Available would be needed by a Cyber Security Operations Centre in order to perform offensive cyber operations?". The analysis was performed, using as a springboard seven models of cyber-attack, and resulted in the development of what is described as a canonical...

Students' perspectives on cyber bullying.

Science.gov (United States)

Agatston, Patricia W; Kowalski, Robin; Limber, Susan

2007-12-01

The aim of this study was to gain a better understanding of the impact of cyber bullying on students and the possible need for prevention messages targeting students, educators, and parents. A total of 148 middle and high school students were interviewed during focus groups held at two middle and two high schools in a public school district. The focus groups were approximately 45 minutes in length. Students were divided by gender and asked a series of scripted questions by a same-gender student assistance counselor. We found that students' comments during the focus groups suggest that students-particularly females-view cyber bullying as a problem, but one rarely discussed at school, and that students do not see the school district personnel as helpful resources when dealing with cyber bullying. Students are currently experiencing the majority of cyber bullying instances outside of the school day; however there is some impact at school. Students were able to suggest some basic strategies for dealing with cyber bullying, but were less likely to be aware of strategies to request the removal of objectionable websites, as well as how to respond as a helpful bystander when witnessing cruel online behavior. We conclude that school districts should address cyber bullying through a combination of policies and information that are shared with students and parents. Schools should include cyber bullying as part of their bullying prevention strategies and include classroom lessons that address reporting and bystander behavior.

A Cyber-Vigilance System for Anti-Terrorist Drives Based on an Unmanned Aerial Vehicular Networking Signal Jammer for Specific Territorial Security

Directory of Open Access Journals (Sweden)

Dhiman Chowdhury

2018-05-01

Full Text Available During sudden anti-terrorist drives conducted by the law enforcement agencies, a localized cyber security system happens to be a special tactic to avert the unprecedented massacre and gruesome fatalities against the residents of that area by disconnecting the affected territory from the rest of the world; so that the militants and their outside accomplices cannot communicate with each other and also the terrorists cannot go through the ongoing apprehensive operation via wireless communications. This paper presents a novel framework of an unmanned aerial vehicular networking signal jammer which is oriented to block incoming and outgoing signals of all frequencies transmitted from a specifically marginalized territory scanned and explored by the aerial vehicle. During such a cyber-vigilance operation, the aerial vehicle is equipped with a transmitter and an auto-tuning band-pass filter module with automatic regulation of center frequencies according to the surrounding networking signals, which are considered to be the suppressing noise parameters. In order to restrict the signal blocking operation within the militant hub, the aerial vehicle with the network terminator is controlled to navigate within a particular boundary of a residential area and its navigation is continuously mapped and stored for effective evacuation process directed to save the innocent stranded people. A very low frequency (VLF metal detector has been designed to trace the explosives and buried landmines inside the exploration arena. An algorithm for 3-D mapping of the metal traces detected by the aerial navigator has been presented in this paper. Signal blocking, metal tracing and stable confined movements have been tested where the testbed is provided with signals of different frequencies along with variation in dimensions of the testing region to evaluate the reliability of the proposed framework.

Russia’s Approach to Cyber Warfare

Science.gov (United States)

2016-09-01

State University .” “’Information Troops’ -- a Russian Cyber Command?” 2011 3rd International Conference on Cyber Conflict, C. Czosseck, E. Tyugu, T...www.nytimes.com/2008/08/13/technology/13cyber.html?_r=0. 36 Ibid. 37 Joseph Mann, “Expert: Cyber-attacks on Georgia websites tied to mob , Russian government

On effectiveness of network sensor-based defense framework

Science.gov (United States)

Zhang, Difan; Zhang, Hanlin; Ge, Linqiang; Yu, Wei; Lu, Chao; Chen, Genshe; Pham, Khanh

2012-06-01

Cyber attacks are increasing in frequency, impact, and complexity, which demonstrate extensive network vulnerabilities with the potential for serious damage. Defending against cyber attacks calls for the distributed collaborative monitoring, detection, and mitigation. To this end, we develop a network sensor-based defense framework, with the aim of handling network security awareness, mitigation, and prediction. We implement the prototypical system and show its effectiveness on detecting known attacks, such as port-scanning and distributed denial-of-service (DDoS). Based on this framework, we also implement the statistical-based detection and sequential testing-based detection techniques and compare their respective detection performance. The future implementation of defensive algorithms can be provisioned in our proposed framework for combating cyber attacks.

Dampak Media Sosial dalam Cyber Bullying

OpenAIRE

Hidajat, Monica; Adam, Angry Ronald; Danaparamita, Muhammad; Suhendrik, Suhendrik

2015-01-01

The purpose of this research is to review two journals about social media effect for cyberbullying. First Journal is written by Eddie Fisher with the title From Cyber Bullying to Cyber Coping: The Misuse of Mobile Technology and Social Media and Their Effects on People’s Lives and the second journal is written by ReginaldH. Gonzales with the title Social Media as a Channel and its Implications on Cyber Bullying. First Journal focus on condition and cyber bullying state by interview respondent...

Cyber security level assignment for research reactor digital instrumentation and control system architecture using concept of defense in depth

International Nuclear Information System (INIS)

Shin, Jin Soo; Heo, Gyun Young; Son, Han Seong; Kim, Young Ki; Park, Jaek Wan

2012-01-01

Due to recent aging of the analog instrumentation of many nuclear power plants (NPPs) and research reactors, the system reliability decreases while maintenance and testing costs increase. In addition, it is difficult to find the substitutable analog equipment s due to obsolescence. Therefore, the instrumentation and control (I and C) systems have changed from analog system to digital system due to these facts. With the introduction of digital systems, research reactors are forced to care for the problem of cyber attacks because I and C systems have been digitalized using networks or communication systems. Especially, it is more issued at research reactors due to the accessibility of human resources. In the real world, an IBM researcher has been successful in controlling the software by penetrating a NPPs network in U.S. on July 2008 and acquiring the control right of nuclear facilities after one week. Moreover, the malignant code called 'stuxnet' impaired the nearly 1,000 centrifugal separators in Iran according to an IAEA report. The problem of cyber attacks highlights the important of cyber security, which should be emphasized. Defense.in.depth (DID) is a significant concept for the cyber security to work properly. DID institutes and maintains a hardy program for critical digital asset (CDA) by implementing multiple security boundaries. In this work, we assign cyber security levels to a typical digital I and C system using DID concept. This work is very useful in applying the concept of DID to nuclear industry with respect to cyber security

Cyber security level assignment for research reactor digital instrumentation and control system architecture using concept of defense in depth

Energy Technology Data Exchange (ETDEWEB)

Shin, Jin Soo; Heo, Gyun Young [Kyung Hee University, Seoul (Korea, Republic of); Son, Han Seong [Joongbu Univ., Chungnam (Korea, Republic of); Kim, Young Ki; Park, Jaek Wan [KAERI, Daejeon (Korea, Republic of)

2012-10-15

Due to recent aging of the analog instrumentation of many nuclear power plants (NPPs) and research reactors, the system reliability decreases while maintenance and testing costs increase. In addition, it is difficult to find the substitutable analog equipment s due to obsolescence. Therefore, the instrumentation and control (I and C) systems have changed from analog system to digital system due to these facts. With the introduction of digital systems, research reactors are forced to care for the problem of cyber attacks because I and C systems have been digitalized using networks or communication systems. Especially, it is more issued at research reactors due to the accessibility of human resources. In the real world, an IBM researcher has been successful in controlling the software by penetrating a NPPs network in U.S. on July 2008 and acquiring the control right of nuclear facilities after one week. Moreover, the malignant code called 'stuxnet' impaired the nearly 1,000 centrifugal separators in Iran according to an IAEA report. The problem of cyber attacks highlights the important of cyber security, which should be emphasized. Defense.in.depth (DID) is a significant concept for the cyber security to work properly. DID institutes and maintains a hardy program for critical digital asset (CDA) by implementing multiple security boundaries. In this work, we assign cyber security levels to a typical digital I and C system using DID concept. This work is very useful in applying the concept of DID to nuclear industry with respect to cyber security.

Operating nuclear power stations in a regulated cyber security environment: a roadmap for success

Energy Technology Data Exchange (ETDEWEB)

Dorman, E., E-mail: Erik.Dorman@areva.com [AREVA Inc., Cyber Security Solutions, Charlotte, NC (United States)

2015-07-01

The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NRC. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. The Program is designed to protect critical digital assets (CDAs) by applying and maintaining defense-in depth protective strategies to ensure the capability to detect, respond to, and recover from cyber-attacks. The Program references NEI 08-09 R. 6, the Nuclear Energy Institute Template that provides guidance for applying Cyber Security controls derived from NIST 800-53/82 and slightly modified to fit the nuclear environment. Many mature processes are in place at nuclear facilities in response to numerous regulations implemented over the past 30 years. Many of these processes such as the Physical Security Program offer protections that are leveraged to protect the functions of critical digital assets from unauthorized physical access. Other processes and technology such as engineering design control, work management and pre-job briefs, control of portable media and mobile devices, and deterministically segregated networks protect critical digital assets. By leveraging the regulated nuclear environment, integrating NIST type Cyber Security controls, and prudently deploying technology the Cyber Security posture of operating nuclear facilities supports on-demand base load electricity 24/7 with capacity factors exceeding 85%. This paper is designed to provide a glimpse into Cyber Security Programs that support safe operation and reliability in the regulated nuclear environment while supporting the on-demand base load electricity production 24/7. (author)

Operating nuclear power stations in a regulated cyber security environment: a roadmap for success

International Nuclear Information System (INIS)

Dorman, E.

2015-01-01

The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NRC. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. The Program is designed to protect critical digital assets (CDAs) by applying and maintaining defense-in depth protective strategies to ensure the capability to detect, respond to, and recover from cyber-attacks. The Program references NEI 08-09 R. 6, the Nuclear Energy Institute Template that provides guidance for applying Cyber Security controls derived from NIST 800-53/82 and slightly modified to fit the nuclear environment. Many mature processes are in place at nuclear facilities in response to numerous regulations implemented over the past 30 years. Many of these processes such as the Physical Security Program offer protections that are leveraged to protect the functions of critical digital assets from unauthorized physical access. Other processes and technology such as engineering design control, work management and pre-job briefs, control of portable media and mobile devices, and deterministically segregated networks protect critical digital assets. By leveraging the regulated nuclear environment, integrating NIST type Cyber Security controls, and prudently deploying technology the Cyber Security posture of operating nuclear facilities supports on-demand base load electricity 24/7 with capacity factors exceeding 85%. This paper is designed to provide a glimpse into Cyber Security Programs that support safe operation and reliability in the regulated nuclear environment while supporting the on-demand base load electricity production 24/7. (author)

Cyber-campaigning in Denmark

DEFF Research Database (Denmark)

Hansen, Kasper Møller; Kosiara-Pedersen, Karina

2014-01-01

sites and Facebook sites are popular among candidates but other features such as blogs, feeds, newsletter, video uploads, SMS and twitter are used by less than half the candidates. Second, only age and possibly education seem to matter when explaining the uptake of cyber-campaigning. The prominent...... candidates are not significantly more likely to use cyber-campaigning tools and activities. Third, the analysis of the effect of cyber-campaigning shows that the online score has an effect on the inter-party competition for personal votes, but it does not have a significant effect when controlling for other...

Addressing Human Factors Gaps in Cyber Defense

Science.gov (United States)

2016-09-23

awareness (Endsley, 1995), and thus stands a good chance of benefiting from similar study. It should be noted that cyber situation awareness as a...models of the environment, divided across multiple types of cyber operations (Tyworth, Giacobe, Mancuso, McNeese, & Hall, 2013). Given the... Attention Switching in Cyber Security Dr. Christopher Wickens Colorado State University Cyber-security analysts at whatever level they serve

Cyber Conflicts as a New Global Threat

Directory of Open Access Journals (Sweden)

Alexander Kosenkov

2016-09-01

Full Text Available In this paper, an attempt is made to analyze the potential threats and consequences of cyber conflicts and, in particular, the risks of a global cyber conflict. The material is based on a comprehensive analysis of the nature of cyber conflict and its elements from both technical and societal points of view. The approach used in the paper considers the societal component as an essential part of cyber conflicts, allowing basics of cyber conflicts often disregarded by researchers and the public to be highlighted. Finally, the conclusion offers an opportunity to consider cyber conflict as the most advanced form of modern warfare, which imposes the most serious threat and whose effect could be comparable to weapons of mass destruction.

A Method to Derive Monitoring Variables for a Cyber Security Test-bed of I and C System

Energy Technology Data Exchange (ETDEWEB)

Han, Kyung Soo; Song, Jae Gu; Lee, Joung Woon; Lee, Cheol Kwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2013-10-15

In the IT field, monitoring techniques have been developed to protect the systems connected by networks from cyber attacks and incidents. For the development of monitoring systems for I and C cyber security, it is necessary to review the monitoring systems in the IT field and derive cyber security-related monitoring variables among the proprietary operating information about the I and C systems. Tests for the development and application of these monitoring systems may cause adverse effects on the I and C systems. To analyze influences on the system and safely intended variables, the construction of an I and C system Test-bed should be preceded. This article proposes a method of deriving variables that should be monitored through a monitoring system for cyber security as a part of I and C Test-bed. The surveillance features and the monitored variables of NMS(Network Management System), a monitoring technique in the IT field, were reviewed in section 2. In Section 3, the monitoring variables for an I and C cyber security were derived by the of NMS and the investigation for information used for hacking techniques that can be practiced against I and C systems. The monitoring variables of NMS in the IT field and the information about the malicious behaviors used for hacking were derived as expected variables to be monitored for an I and C cyber security research. The derived monitoring variables were classified into the five functions of NMS for efficient management. For the cyber security of I and C systems, the vulnerabilities should be understood through a penetration test etc. and an assessment of influences on the actual system should be carried out. Thus, constructing a test-bed of I and C systems is necessary for the safety system in operation. In the future, it will be necessary to develop a logging and monitoring system for studies on the vulnerabilities of I and C systems with test-beds.

A Method to Derive Monitoring Variables for a Cyber Security Test-bed of I and C System

International Nuclear Information System (INIS)

Han, Kyung Soo; Song, Jae Gu; Lee, Joung Woon; Lee, Cheol Kwon

2013-01-01

In the IT field, monitoring techniques have been developed to protect the systems connected by networks from cyber attacks and incidents. For the development of monitoring systems for I and C cyber security, it is necessary to review the monitoring systems in the IT field and derive cyber security-related monitoring variables among the proprietary operating information about the I and C systems. Tests for the development and application of these monitoring systems may cause adverse effects on the I and C systems. To analyze influences on the system and safely intended variables, the construction of an I and C system Test-bed should be preceded. This article proposes a method of deriving variables that should be monitored through a monitoring system for cyber security as a part of I and C Test-bed. The surveillance features and the monitored variables of NMS(Network Management System), a monitoring technique in the IT field, were reviewed in section 2. In Section 3, the monitoring variables for an I and C cyber security were derived by the of NMS and the investigation for information used for hacking techniques that can be practiced against I and C systems. The monitoring variables of NMS in the IT field and the information about the malicious behaviors used for hacking were derived as expected variables to be monitored for an I and C cyber security research. The derived monitoring variables were classified into the five functions of NMS for efficient management. For the cyber security of I and C systems, the vulnerabilities should be understood through a penetration test etc. and an assessment of influences on the actual system should be carried out. Thus, constructing a test-bed of I and C systems is necessary for the safety system in operation. In the future, it will be necessary to develop a logging and monitoring system for studies on the vulnerabilities of I and C systems with test-beds

Cyber resilience: a review of critical national infrastructure and cyber security protection measures applied in the UK and USA.

Science.gov (United States)

Harrop, Wayne; Matteson, Ashley

This paper presents cyber resilience as key strand of national security. It establishes the importance of critical national infrastructure protection and the growing vicarious nature of remote, well-planned, and well executed cyber attacks on critical infrastructures. Examples of well-known historical cyber attacks are presented, and the emergence of 'internet of things' as a cyber vulnerability issue yet to be tackled is explored. The paper identifies key steps being undertaken by those responsible for detecting, deterring, and disrupting cyber attacks on critical national infrastructure in the United Kingdom and the USA.

Cyber attacks against state estimation in power systems: Vulnerability analysis and protection strategies

Science.gov (United States)

Liu, Xuan

Power grid is one of the most critical infrastructures in a nation and could suffer a variety of cyber attacks. With the development of Smart Grid, false data injection attack has recently attracted wide research interest. This thesis proposes a false data attack model with incomplete network information and develops optimal attack strategies for attacking load measurements and the real-time topology of a power grid. The impacts of false data on the economic and reliable operations of power systems are quantitatively analyzed in this thesis. To mitigate the risk of cyber attacks, a distributed protection strategies are also developed. It has been shown that an attacker can design false data to avoid being detected by the control center if the network information of a power grid is known to the attacker. In practice, however, it is very hard or even impossible for an attacker to obtain all network information of a power grid. In this thesis, we propose a local load redistribution attacking model based on incomplete network information and show that an attacker only needs to obtain the network information of the local attacking region to inject false data into smart meters in the local region without being detected by the state estimator. A heuristic algorithm is developed to determine a feasible attacking region by obtaining reduced network information. This thesis investigates the impacts of false data on the operations of power systems. It has been shown that false data can be designed by an attacker to: 1) mask the real-time topology of a power grid; 2) overload a transmission line; 3) disturb the line outage detection based on PMU data. To mitigate the risk of cyber attacks, this thesis proposes a new protection strategy, which intends to mitigate the damage effects of false data injection attacks by protecting a small set of critical measurements. To further reduce the computation complexity, a mixed integer linear programming approach is also proposed to

China's Cyber Initiatives Counter International Pressure

Directory of Open Access Journals (Sweden)

Emilio Iasiello

2017-03-01

Full Text Available Prior to its historic 2015 “no hack” pact for commercial advantage with the United States, Beijing has been engaged drafting and passing legislation, most with specific cyber components, to enhance its security posture while protecting its economic interests. This approach is in stark contrast to United States efforts that have demonstrated a focus on “acting globally, thinking locally” philosophy wherein most of its cyber efforts have been outwardly facing and are distinct from other security considerations. This paper suggests that by strengthening its domestic front with a legal framework, Beijing is preparing itself to counter any foreign initiative contrary to Beijing’s plans (e.g., cyber norms of behavior, cyber sanctions, etc. by being able to exert legal measures against foreign interests in country, thereby preserving its cyber sovereignty.

Establishing a Cyber Warrior Force

National Research Council Canada - National Science Library

Tobin, Scott

2004-01-01

Cyber Warfare is widely touted to be the next generation of warfare. As America's reliance on automated systems and information technology increases, so too does the potential vulnerability to cyber attack...

Cyber space bullying

OpenAIRE

Popović-Ćitić Branislava

2009-01-01

Cyber space bullying is a relatively new phenomenon that has received increased attention by scientists, researchers and practitioners in recent years. It is usually defined as an intentionally and repeatedly expression of aggression towards other people through information and communication technologies. Cyber space bullying is characterized by all the primary characteristics of traditional bullying and some specifics ones that clearly differ it from other forms of bullying. In addition to t...

Cyber Defense Management

Science.gov (United States)

2016-09-01

of market capitalization after a cyber security incident Financial Geer, 2001 Gordon and Loeb, 2005 Willemson, 2006 Determine the return on security...thoughtheir vulnerability may be less. That is because the return on investment for protecting agiven information set is a function both of its vulnerability...can ensure that it is investing properly to provide cyber resilience to its systems. The study investigated ways to inform future investment

What good cyber resilience looks like.

Science.gov (United States)

Hult, Fredrik; Sivanesan, Giri

In January 2012, the World Economic Forum made cyber attacks its fourth top global risk. In the 2013 risk report, cyber attacks were noted to be an even higher risk in absolute terms. The reliance of critical infrastructure on cyber working has never been higher; the frequency, intensity, impact and sophistication of attacks is growing. This trend looks likely to continue. It can be argued that it is no longer a question whether an organisation will be successfully hacked, but how long it will take to detect. In the ever-changing cyber environment, traditional protection techniques and reliance on preventive controls are not enough. A more agile approach is required to give assurance of a sufficiently secure digital society. Are we faced with a paradigm shift or a storm in a digital teacup? This paper offers an introduction to why cyber is important, a wider taxonomy on the topic and some historical context on how the discipline of cyber security has evolved, and an interpretation on what this means in the new normal of today.

NATIONAL SECURITY IMPLICATIONS OF CYBER THREATS

Directory of Open Access Journals (Sweden)

ALEJANDRO AMIGO TOSSI

2017-09-01

Full Text Available Cyber threat is one of the main risks for security in developing countries, as well in States on the development path, such as ours. This phenomena is a challenge to national security, that needs the adoption of a paramount approach in its analysis, that have to consider all the aspects that had transformed the actors and malevolent actions in this environment in one of the most important challenges to the security of governmental as well as private organizations all over the world. States, hackers, cyber activists, and cyber criminals have been main actors in several situations that had shaped a new dimension for international and national security. The purpose of this article is to propose topics that could be included in the national assessment of cyber threats to the Chilean national security, based upon several conceptual definitions, cyber attacks already executed to state and military organization’s in Chile, and lastly, considerations over cyber threats included in the National Security Strategies of some western powers.

Cyber Threats to Nuclear Infrastructures

Energy Technology Data Exchange (ETDEWEB)

Robert S. Anderson; Paul Moskowitz; Mark Schanfein; Trond Bjornard; Curtis St. Michel

2010-07-01

Nuclear facility personnel expend considerable efforts to ensure that their facilities can maintain continuity of operations against both natural and man-made threats. Historically, most attention has been placed on physical security. Recently however, the threat of cyber-related attacks has become a recognized and growing world-wide concern. Much attention has focused on the vulnerability of the electric grid and chemical industries to cyber attacks, in part, because of their use of Supervisory Control and Data Acquisition (SCADA) systems. Lessons learned from work in these sectors indicate that the cyber threat may extend to other critical infrastructures including sites where nuclear and radiological materials are now stored. In this context, this white paper presents a hypothetical scenario by which a determined adversary launches a cyber attack that compromises the physical protection system and results in a reduced security posture at such a site. The compromised security posture might then be malevolently exploited in a variety of ways. The authors conclude that the cyber threat should be carefully considered for all nuclear infrastructures.

Cyber Threats to Nuclear Infrastructures

International Nuclear Information System (INIS)

Anderson, Robert S.; Moskowitz, Paul; Schanfein, Mark; Bjornard, Trond; St. Michel, Curtis

2010-01-01

Nuclear facility personnel expend considerable efforts to ensure that their facilities can maintain continuity of operations against both natural and man-made threats. Historically, most attention has been placed on physical security. Recently however, the threat of cyber-related attacks has become a recognized and growing world-wide concern. Much attention has focused on the vulnerability of the electric grid and chemical industries to cyber attacks, in part, because of their use of Supervisory Control and Data Acquisition (SCADA) systems. Lessons learned from work in these sectors indicate that the cyber threat may extend to other critical infrastructures including sites where nuclear and radiological materials are now stored. In this context, this white paper presents a hypothetical scenario by which a determined adversary launches a cyber attack that compromises the physical protection system and results in a reduced security posture at such a site. The compromised security posture might then be malevolently exploited in a variety of ways. The authors conclude that the cyber threat should be carefully considered for all nuclear infrastructures.

CENTER FOR CYBER SECURITY STUDIES

Data.gov (United States)

Federal Laboratory Consortium — The mission of the Center for Cyber Security Studies is to enhance the education of midshipmen in all areas of cyber warfare, to facilitate the sharing of expertise...

Cyber Power Potential of the Army’s Reserve Component

Science.gov (United States)

2017-01-01

investigation of cyber events and/or crimes of IT systems, networks, and digital evidence. 5. Collect and operate: specialty areas responsible for...management and administration Strategic planning and policy development Operate and Collect Collection operations Digital forensics...the upper age limit; Pro- fessionally qualified and experienced in a relevant area; Hold UK or Commonwealth Citizenship ; Serve at least 19 days per

Definitions of Cyber Terrorism

NARCIS (Netherlands)

Luiijf, H.A.M.

2014-01-01

The phrase cyber terror appeared for the first time in the mid-eighties. According to several sources, Barry C. Collin, a senior person research fellow of the Institute for Security and Intelligence in California, defined cyber terror at that time as “the convergence of cybernetics and terrorism”—an

On a simulation study of cyber attacks on vehicle-to-infrastructure communication (V2I) in Intelligent Transportation System (ITS)

Science.gov (United States)

Ekedebe, Nnanna; Yu, Wei; Song, Houbing; Lu, Chao

2015-05-01

An intelligent transportation system (ITS) is one typical cyber-physical system (CPS) that aims to provide efficient, effective, reliable, and safe driving experiences with minimal congestion and effective traffic flow management. In order to achieve these goals, various ITS technologies need to work synergistically. Nonetheless, ITS's reliance on wireless connectivity makes it vulnerable to cyber threats. Thus, it is critical to understand the impact of cyber threats on ITS. In this paper, using real-world transportation dataset, we evaluated the consequences of cyber threats - attacks against service availability by jamming the communication channel of ITS. In this way, we can have a better understanding of the importance of ensuring adequate security respecting safety and life-critical ITS applications before full and expensive real-world deployments. Our experimental data shows that cyber threats against service availability could adversely affect traffic efficiency and safety performances evidenced by exacerbated travel time, fuel consumed, and other evaluated performance metrics as the communication network is compromised. Finally, we discuss a framework to make ITS secure and more resilient against cyber threats.

Dampak Media Sosial dalam Cyber Bullying

Directory of Open Access Journals (Sweden)

Monica Hidajat

2015-03-01

Full Text Available The purpose of this research is to review two journals about social media effect for cyberbullying. First Journal is written by Eddie Fisher with the title From Cyber Bullying to Cyber Coping: The Misuse of Mobile Technology and Social Media and Their Effects on People’s Lives and the second journal is written by ReginaldH. Gonzales with the title Social Media as a Channel and its Implications on Cyber Bullying. First Journal focus on condition and cyber bullying state by interview respondents in law terms. Second journal focus on handling cyber bullying case at social media. Social medial cause few cases of cyberbullying increasing because of its characteristic that possible to spread information easily and fast. Socialization proper use of social media needs to be done to improve public awareness about the dangers of misuse of social media.

Operationalizing Army Cyber

Science.gov (United States)

2013-03-01

killed just under 3,000 people and cost the U.S. economy somewhere between three and five trillion dollars. The Japanese attacked with a state... economy , and military readiness. The challenge is to design an Army Cyber force that can support the United States Cyber Command (USCYBERCOM) national...still keeps the intelligence and signal functions separate in most units today from battalion to echelon above Corps ( EAC ). There are many past reasons

Insurability of Cyber Risk: An Empirical Analysis

OpenAIRE

Biener, Christian; Eling, Martin; Wirfs, Jan Hendrik

2015-01-01

This paper discusses the adequacy of insurance for managing cyber risk. To this end, we extract 994 cases of cyber losses from an operational risk database and analyse their statistical properties. Based on the empirical results and recent literature, we investigate the insurability of cyber risk by systematically reviewing the set of criteria introduced by Berliner (1982). Our findings emphasise the distinct characteristics of cyber risks compared with other operational risks and bring to li...

A preliminary cyber-physical security assessment of the Robot Operating System (ROS)

Science.gov (United States)

McClean, Jarrod; Stull, Christopher; Farrar, Charles; Mascareñas, David

2013-05-01

Over the course of the last few years, the Robot Operating System (ROS) has become a highly popular software framework for robotics research. ROS has a very active developer community and is widely used for robotics research in both academia and government labs. The prevalence and modularity of ROS cause many people to ask the question: "What prevents ROS from being used in commercial or government applications?" One of the main problems that is preventing this increased use of ROS in these applications is the question of characterizing its security (or lack thereof). In the summer of 2012, a crowd sourced cyber-physical security contest was launched at the cyber security conference DEF CON 20 to begin the process of characterizing the security of ROS. A small-scale, car-like robot was configured as a cyber-physical security "honeypot" running ROS. DEFFCON-20 attendees were invited to find exploits and vulnerabilities in the robot while network traffic was collected. The results of this experiment provided some interesting insights and opened up many security questions pertaining to deployed robotic systems. The Federal Aviation Administration is tasked with opening up the civil airspace to commercial drones by September 2015 and driverless cars are already legal for research purposes in a number of states. Given the integration of these robotic devices into our daily lives, the authors pose the following question: "What security exploits can a motivated person with little-to-no experience in cyber security execute, given the wide availability of free cyber security penetration testing tools such as Metasploit?" This research focuses on applying common, low-cost, low-overhead, cyber-attacks on a robot featuring ROS. This work documents the effectiveness of those attacks.

Using Robots and Contract Learning to Teach Cyber-Physical Systems to Undergraduates

Science.gov (United States)

Crenshaw, T. L. A.

2013-01-01

Cyber-physical systems are a genre of networked real-time systems that monitor and control the physical world. Examples include unmanned aerial vehicles and industrial robotics. The experts who develop these complex systems are retiring much faster than universities are graduating engineering majors. As a result, it is important for undergraduates…

Cyber Security: US - Chinese Relations

OpenAIRE

Debnárová, Barbora

2015-01-01

This diploma thesis deals with cyber relation of the United States of America and the People's republic of China. The aim of this diploma thesis is to answer the following questions: What kind of cyber threat for the United States does China represent? How is China's cyber strategy characterised? How do USA react on this threat and what are the gaps in this reaction? The thesis is divided into four chapters. The first chapter deals with definition of cyberwarfare and its perception in Chinese...

Life satisfaction and school performance of children exposed to classic and cyber peer bullying.

Science.gov (United States)

Bilić, Vesna; Flander, Gordana Buljan; Rafajac, Branko

2014-03-01

This paper analyses the relationship between the exposure of school children to various forms of peer bullying (classic/cyber) and their life satisfaction in the domain of school, family, friends and school performance. The sample included 562 children from rural and urban areas of Croatia who were attending the seventh and the eighth grade of primary school. Results show that children were more often exposed to classic forms of peer bullying, especially verbal, and then physical bullying. On the other hand, cyber bullying most often comprises harassment in forums, blogs, chats or social networks, then on the web, by e-mail and mobile phone. Almost half of the examinees knew the identity of the bully, while a minority believes that bullies are the same ones who also physically abuse them at school. We found that children exposed to all forms of both classic and cyber bullying, unlike their peers who do not have such experience, show less satisfaction with friends, while those exposed to physical and cyber bullying show dissatisfaction with their family, too. However no statistically significant difference was found in their satisfaction with school. Children exposed to physical bullying showed poorer school performance, poorer achievement in Croatian and math, while children exposed to verbal and cyber bullying and children who were not exposed to such forms of bullying showed no differences in their school achievement.

SASTRA CYBER DI INDONESIA

Directory of Open Access Journals (Sweden)

Laily Fitriani

2011-10-01

Full Text Available The digital era started when the internet technology spread to the developing countries including Indonesia. The flourish of cyber literature leads to the debate on the quality of the work of literature. Above all, the existence of literature sites (cyber literature becomes an important alternative for writers and literary activist in Indonesia.

Finite Energy and Bounded Actuator Attacks on Cyber-Physical Systems

Energy Technology Data Exchange (ETDEWEB)

Djouadi, Seddik M [ORNL; Melin, Alexander M [ORNL; Ferragut, Erik M [ORNL; Laska, Jason A [ORNL; Dong, Jin [ORNL; Drira, Anis [ORNL

2015-01-01

As control system networks are being connected to enterprise level networks for remote monitoring, operation, and system-wide performance optimization, these same connections are providing vulnerabilities that can be exploited by malicious actors for attack, financial gain, and theft of intellectual property. Much effort in cyber-physical system (CPS) protection has focused on protecting the borders of the system through traditional information security techniques. Less effort has been applied to the protection of cyber-physical systems from intelligent attacks launched after an attacker has defeated the information security protections to gain access to the control system. In this paper, attacks on actuator signals are analyzed from a system theoretic context. The threat surface is classified into finite energy and bounded attacks. These two broad classes encompass a large range of potential attacks. The effect of theses attacks on a linear quadratic (LQ) control are analyzed, and the optimal actuator attacks for both finite and infinite horizon LQ control are derived, therefore the worst case attack signals are obtained. The closed-loop system under the optimal attack signals is given and a numerical example illustrating the effect of an optimal bounded attack is provided.

Developing a Conceptual Framwork for Modeling Deviant Cyber Flash Mob: A Socio-Computational Approach Leveraging Hypergraph Constructs

Directory of Open Access Journals (Sweden)

Samer Al-khateeb

2014-09-01

Full Text Available In a Flash Mob (FM a group of people get together in the physical world perform an unpredicted act and disperse quickly. Cyber Flash Mob (CFM is the cyber manifestation of flash mob coordinated primarily using social media. Deviant Cyber Flash Mob (or, DCFM is a special case of CFM, which is categorized as the new face of transnational crime organizations (TCOs. The DCFM phenomenon can be considered as a form of a cyber-collective action that is defined as an action aiming to improve group's conditions (such as, status or power. In this paper, we conduct a conceptual analysis of the DCFMs and model the factors that lead to success or failure with groundings in collective action and collective identity formation theories. Mathematical constructs of hypergraph are leveraged to represent the complex relations observed in the DCFM social networks. The model's efficacy is demonstrated through a test scenario.

Gamification for Measuring Cyber Security Situational Awareness

Energy Technology Data Exchange (ETDEWEB)

Fink, Glenn A.; Best, Daniel M.; Manz, David O.; Popovsky, V. M.; Endicott-Popovsky, Barbara E.

2013-03-01

Cyber defense competitions arising from U.S. service academy exercises, offer a platform for collecting data that can inform research that ranges from characterizing the ideal cyber warrior to describing behaviors during certain challenging cyber defense situations. This knowledge could lead to better preparation of cyber defenders in both military and civilian settings. This paper describes how one regional competition, the PRCCDC, a participant in the national CCDC program, conducted proof of concept experimentation to collect data during the annual competition for later analysis. The intent is to create an ongoing research agenda that expands on this current work and incorporates augmented cognition and gamification methods for measuring cybersecurity situational awareness under the stress of cyber attack.

Cyber security issues imposed on nuclear power plants

International Nuclear Information System (INIS)

Kim, Do-Yeon

2014-01-01

Highlights: • Provide history of cyber attacks targeting at nuclear facilities. • Provide cyber security issues imposed on nuclear power plants. • Provide possible countermeasures for protecting nuclear power plants. - Abstract: With the introduction of new technology based on the increasing digitalization of control systems, the potential of cyber attacks has escalated into a serious threat for nuclear facilities, resulting in the advent of the Stuxnet. In this regard, the nuclear industry needs to consider several cyber security issues imposed on nuclear power plants, including regulatory guidelines and standards for cyber security, the possibility of Stuxnet-inherited malware attacks in the future, and countermeasures for protecting nuclear power plants against possible cyber attacks

An Analysis of Cyber-Attack on NPP Considering Physical Impact

Energy Technology Data Exchange (ETDEWEB)

Lee, In Hyo; Kang, Hyun Gook [KAIST, Daejeon (Korea, Republic of); Son, Han Seong [Joonbu University, Geumsan (Korea, Republic of)

2016-05-15

Some research teams performed related works on cyber-physical system which is a system that cyber-attack can lead to serious consequences including product loss, damage, injury and death when it is attacked. They investigated the physical impact on cyber-physical system due to the cyber-attack. But it is hard to find the research about NPP cyber security considering the physical impact or safety. In this paper, to investigate the relationship between physical impact and cyber-attack, level 1 PSA results are utilized in chapter 2 and cyber-attack analysis is performed in chapter 3. The cyber security issue on NPP is inevitable issue. Unlike general cyber security, cyber-physical system like NPP can induce serious consequences such as core damage by cyber-attack. So in this paper, to find how hacker can attack the NPP, (1) PSA results were utilized to find the relationship between physical system and cyber-attack and (2) vulnerabilities on digital control systems were investigated to find how hacker can implement the possible attack. It is expected that these steps are utilized when establishing penetration test plans or cyber security drill plans.

An Analysis of Cyber-Attack on NPP Considering Physical Impact

International Nuclear Information System (INIS)

Lee, In Hyo; Kang, Hyun Gook; Son, Han Seong

2016-01-01

Some research teams performed related works on cyber-physical system which is a system that cyber-attack can lead to serious consequences including product loss, damage, injury and death when it is attacked. They investigated the physical impact on cyber-physical system due to the cyber-attack. But it is hard to find the research about NPP cyber security considering the physical impact or safety. In this paper, to investigate the relationship between physical impact and cyber-attack, level 1 PSA results are utilized in chapter 2 and cyber-attack analysis is performed in chapter 3. The cyber security issue on NPP is inevitable issue. Unlike general cyber security, cyber-physical system like NPP can induce serious consequences such as core damage by cyber-attack. So in this paper, to find how hacker can attack the NPP, (1) PSA results were utilized to find the relationship between physical system and cyber-attack and (2) vulnerabilities on digital control systems were investigated to find how hacker can implement the possible attack. It is expected that these steps are utilized when establishing penetration test plans or cyber security drill plans

Cyber threat metrics.

Energy Technology Data Exchange (ETDEWEB)

Frye, Jason Neal; Veitch, Cynthia K.; Mateski, Mark Elliot; Michalski, John T.; Harris, James Mark; Trevino, Cassandra M.; Maruoka, Scott

2012-03-01

Threats are generally much easier to list than to describe, and much easier to describe than to measure. As a result, many organizations list threats. Fewer describe them in useful terms, and still fewer measure them in meaningful ways. This is particularly true in the dynamic and nebulous domain of cyber threats - a domain that tends to resist easy measurement and, in some cases, appears to defy any measurement. We believe the problem is tractable. In this report we describe threat metrics and models for characterizing threats consistently and unambiguously. The purpose of this report is to support the Operational Threat Assessment (OTA) phase of risk and vulnerability assessment. To this end, we focus on the task of characterizing cyber threats using consistent threat metrics and models. In particular, we address threat metrics and models for describing malicious cyber threats to US FCEB agencies and systems.

The cyber threat, trophy information and the fortress mentality.

Science.gov (United States)

Scully, Tim

2011-10-01

'It won't happen to me' is a prevalent mindset among senior executives in the private and public sectors when considering targeted cyber intrusions. This is exacerbated by the long-term adoption of a 'fortress mentality' towards cyber security, and by the attitude of many of our cyber-security professionals, who speak a different language when it comes to communicating cyber-security events to senior executives. The prevailing approaches to cyber security have clearly failed. Almost every week another serious, targeted cyber intrusion is reported, but reported intrusions are only the tip of the iceberg. Why have we got it so wrong? It must be acknowledged that cyber security is no longer the domain of cyber-security experts alone. Many more of us at various levels of leadership must understand, and be more deeply engaged in, the cyber-security challenge if we are to deal with the threat holistically and effectively. Governments cannot combat the cyber threat alone, particularly the so-called advanced persistent threat; they must work closely with industry as trusted partners. Industry will be the 'boots on the ground' in cyber security, but there are challenges to building this relationship, which must be based on sound principles.

Countering the Cyber-Attack, a case-study [video

OpenAIRE

Keith Squires; Center for Homeland Defense and Security Naval Postgraduate School

2015-01-01

A cyber-criminal organization electronically diverts funds, a hacking group uses their prowess to try to influence politics, these are examples of the evolving world of cyber crime. Keith Squires, Commissioner of Public Safety and Homeland Security Advisor for the State of Utah talks about his experience in building a cyber security program to counter such cyber criminals.

The relationship between Cyber-Loafing and internet addiction

Directory of Open Access Journals (Sweden)

Hafize Keser

2016-03-01

Full Text Available The goal of this study was to investigate the relationship between preservice teachers’ internet addiction level and cyber-loafing activities. This study was conducted as a survey study. Participants of the study was Computer Education and Instructional Technology department students (n=139 at Ankara University. “Cyber loafing activity Scale” originally developed by Blanchard and Henle (2008, adopted to Turkish by Kalayci (2010 and updated by Yasar (2013 and “Internet Addiction Scale” developed by Sahin and Korkmaz (2011 was used as data collection instruments. To analyze the data descriptive statistics, Mann Whitney U, Kruskal Wallis H, and Spearman Rho Correlation coefficients was used. There were significant differences between the gender groups both in cyber-loafing activities and internet addiction levels. Male preservice teacher had higher internet addiction levels and cyber-loafing activity scores in average. However there were not significant differences between different groups based on grade level, period of internet usage, perceived internet ability, both for cyber-loafing activities and internet addiction levels. There were a moderate positive relationships between internet addiction and individual cyber-loafing, and search cyber-loafing. There were also a small positive relationships between internet addiction and social cyber-loafing. There was not a significant relationship between internet addiction and news cyber-loafing.

Cyber Security in Nuclear Power Plants - U.S. NRC Regulatory Guide 5.71

International Nuclear Information System (INIS)

Pogacic, Goran

2014-01-01

We have already made a big step into new millennia and with it there is no more dilemma about presence of computers and internet in our lives. Almost all modern facilities struggle with this new dimension of information flow and how to use it to their best interest. But there is also the other side of the coin- the security threat. For nuclear power plants this threat poses even greater risk. In addition to protecting their trade secrets, personal data or other common targets of cyber attacks, nuclear power plants need to protect their digital computers, communication systems and networks up to and including the design basis threat (DBT). As stated in U.S. Nuclear Regulatory Commission (NRC) Regulatory Commission Regulations, Title 10, Code of Federal Regulations (CFR), section 73.1, 'Purpose and Scope' this includes protection against acts of radiological sabotage and prevention of the theft or diversion of special nuclear material. The main purpose of this paper is to explore the NRC Regulatory Guide (RG) 5.71 and its guidance in implementing cyber security requirements stated in NRC 10 CFR, section 73.54, 'Protection of Digital Computer and Communication Systems and Networks'. In particular, this section requires protection of digital computers, communication systems and networks associated with the following categories of functions: · safety-related and important-to-safety functions, · security functions, · emergency preparedness functions, including offsite communication, and · support systems and equipment which, if compromised, would adversely impact safety, security, or emergency preparedness functions. This section requires protection of such systems and networks from those cyber attacks that would act to modify, destroy, or compromise the integrity or confidentiality of data or software; deny access to systems, services or data; and impact the operation of systems, networks, and equipment. This paper will also present some of

On Cyber Attacks and Signature Based Intrusion Detection for MODBUS Based Industrial Control Systems

Directory of Open Access Journals (Sweden)

Wei Gao

2014-03-01

Full Text Available Industrial control system communication networks are vulnerable to reconnaissance, response injection, command injection, and denial of service attacks.  Such attacks can lead to an inability to monitor and control industrial control systems and can ultimately lead to system failure. This can result in financial loss for control system operators and economic and safety issues for the citizens who use these services.  This paper describes a set of 28 cyber attacks against industrial control systems which use the MODBUS application layer network protocol. The paper also describes a set of standalone and state based intrusion detection system rules which can be used to detect cyber attacks and to store evidence of attacks for post incident analysis. All attacks described in this paper were validated in a laboratory environment. The detection rate of the intrusion detection system rules presented by attack class is also presented.

Directory Enabled Policy Based Networking; TOPICAL

International Nuclear Information System (INIS)

KELIIAA, CURTIS M.

2001-01-01

This report presents a discussion of directory-enabled policy-based networking with an emphasis on its role as the foundation for securely scalable enterprise networks. A directory service provides the object-oriented logical environment for interactive cyber-policy implementation. Cyber-policy implementation includes security, network management, operational process and quality of service policies. The leading network-technology vendors have invested in these technologies for secure universal connectivity that transverses Internet, extranet and intranet boundaries. Industry standards are established that provide the fundamental guidelines for directory deployment scalable to global networks. The integration of policy-based networking with directory-service technologies provides for intelligent management of the enterprise network environment as an end-to-end system of related clients, services and resources. This architecture allows logical policies to protect data, manage security and provision critical network services permitting a proactive defense-in-depth cyber-security posture. Enterprise networking imposes the consideration of supporting multiple computing platforms, sites and business-operation models. An industry-standards based approach combined with principled systems engineering in the deployment of these technologies allows these issues to be successfully addressed. This discussion is focused on a directory-based policy architecture for the heterogeneous enterprise network-computing environment and does not propose specific vendor solutions. This document is written to present practical design methodology and provide an understanding of the risks, complexities and most important, the benefits of directory-enabled policy-based networking

Cyber Security and Resilient Systems

Energy Technology Data Exchange (ETDEWEB)

Robert S. Anderson

2009-07-01

The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

Cyber Security and Resilient Systems

International Nuclear Information System (INIS)

Anderson, Robert S.

2009-01-01

The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation's cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested - both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

Cyber Security Penetration Test for Digital Safety I and C Systems

International Nuclear Information System (INIS)

Lee, C. K.; Kim, D. H.; Kwon, K. C.; Joo, H. K.; Song, J. S.

2010-01-01

In the Korea Nuclear I and C Systems Development project the platforms for plant protection systems are developed, which function as a reactor shutdown, actuation of engineered safety features and a control of the related equipment. Those are fully digitalized through the use of safety-grade programmable logic controllers (PLCs) and few types of communication network. However the Regulatory Guide 1.152 (Rev. 02) was published by the U.S. NRC in 2006 and it recommended the application of a cyber security to the safety systems in the Nuclear Power Plant (NPP). Therefore to incorporate the new licensing requirement, a cyber security risk assessment is performed for the platforms. Then the vulnerabilities identified by the risk assessment are validated by penetration test. This paper summarizes test scenario, test results and their incorporation into system design

Flow whitelisting in SCADA networks

NARCIS (Netherlands)

Barbosa, Rafael Ramos Regis; Sadre, Ramin; Pras, Aiko

2013-01-01

Supervisory control and data acquisition (SCADA) networks are commonly deployed in large industrial facilities. Modern SCADA networks are becoming more vulnerable to cyber attacks due to the common use of standard communications protocols and increased interconnections with corporate networks and

The cyber threat landscape: Challenges and future research directions

Science.gov (United States)

Gil, Santiago; Kott, Alexander; Barabási, Albert-László

2014-07-01

While much attention has been paid to the vulnerability of computer networks to node and link failure, there is limited systematic understanding of the factors that determine the likelihood that a node (computer) is compromised. We therefore collect threat log data in a university network to study the patterns of threat activity for individual hosts. We relate this information to the properties of each host as observed through network-wide scans, establishing associations between the network services a host is running and the kinds of threats to which it is susceptible. We propose a methodology to associate services to threats inspired by the tools used in genetics to identify statistical associations between mutations and diseases. The proposed approach allows us to determine probabilities of infection directly from observation, offering an automated high-throughput strategy to develop comprehensive metrics for cyber-security.

A Game Theoretic Approach to Cyber Attack Prediction

Energy Technology Data Exchange (ETDEWEB)

Peng Liu

2005-11-28

The area investigated by this project is cyber attack prediction. With a focus on correlation-based prediction, current attack prediction methodologies overlook the strategic nature of cyber attack-defense scenarios. As a result, current cyber attack prediction methodologies are very limited in predicting strategic behaviors of attackers in enforcing nontrivial cyber attacks such as DDoS attacks, and may result in low accuracy in correlation-based predictions. This project develops a game theoretic framework for cyber attack prediction, where an automatic game-theory-based attack prediction method is proposed. Being able to quantitatively predict the likelihood of (sequences of) attack actions, our attack prediction methodology can predict fine-grained strategic behaviors of attackers and may greatly improve the accuracy of correlation-based prediction. To our best knowledge, this project develops the first comprehensive framework for incentive-based modeling and inference of attack intent, objectives, and strategies; and this project develops the first method that can predict fine-grained strategic behaviors of attackers. The significance of this research and the benefit to the public can be demonstrated to certain extent by (a) the severe threat of cyber attacks to the critical infrastructures of the nation, including many infrastructures overseen by the Department of Energy, (b) the importance of cyber security to critical infrastructure protection, and (c) the importance of cyber attack prediction to achieving cyber security.

Security and the networked society

CERN Document Server

Gregory, Mark

2013-01-01

This book examines technological and social events during 2011 and 2012, a period that saw the rise of the hacktivist, the move to mobile platforms, and the ubiquity of social networks. It covers key technological issues such as hacking, cyber-crime, cyber-security and cyber-warfare, the internet, smart phones, electronic security, and information privacy. This book traces the rise into prominence of these issues while also exploring the resulting cultural reaction. The authors' analysis forms the basis of a discussion on future technological directions and their potential impact on society. T

Towards False Alarm Reduction using Fuzzy If-Then Rules for Medical Cyber Physical Systems

DEFF Research Database (Denmark)

Li, Wenjuan; Meng, Weizhi; Su, Chunhua

2018-01-01

Cyber-Physical Systems (CPS) are integrations of computation, networking and physical processes. Its process control is often referred to as embedded systems. Generally, CPS and Internet of Things (IoT) have the same basic architecture, whereas the former shows a higher combination and coordination...

Study on Nuclear Facility Cyber Security Awareness and Training Programs

International Nuclear Information System (INIS)

Lee, Jung-Woon; Song, Jae-Gu; Lee, Cheol-Kwon

2016-01-01

Cyber security awareness and training, which is a part of operational security controls, is defined to be implemented later in the CSP implementation schedule. However, cyber security awareness and training is a prerequisite for the appropriate implementation of a cyber security program. When considering the current situation in which it is just started to define cyber security activities and to assign personnel who has responsibilities for performing those activities, a cyber security awareness program is necessary to enhance cyber security culture for the facility personnel to participate positively in cyber security activities. Also before the implementation of stepwise CSP, suitable education and training should be provided to both cyber security teams (CST) and facility personnel who should participate in the implementation. Since such importance and urgency of cyber security awareness and training is underestimated at present, the types, trainees, contents, and development strategies of cyber security awareness and training programs are studied to help Korean nuclear facilities to perform cyber security activities more effectively. Cyber security awareness and training programs should be developed ahead of the implementation of CSP. In this study, through the analysis of requirements in the regulatory standard RS-015, the types and trainees of overall cyber security training programs in nuclear facilities are identified. Contents suitable for a cyber security awareness program and a technical training program are derived. It is suggested to develop stepwise the program contents in accordance with the development of policies, guides, and procedures as parts of the facility cyber security program. Since any training programs are not available for the specialized cyber security training in nuclear facilities, a long-term development plan is necessary. As alternatives for the time being, several cyber security training courses for industrial control systems by

Study on Nuclear Facility Cyber Security Awareness and Training Programs

Energy Technology Data Exchange (ETDEWEB)

Lee, Jung-Woon; Song, Jae-Gu; Lee, Cheol-Kwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2016-10-15

Cyber security awareness and training, which is a part of operational security controls, is defined to be implemented later in the CSP implementation schedule. However, cyber security awareness and training is a prerequisite for the appropriate implementation of a cyber security program. When considering the current situation in which it is just started to define cyber security activities and to assign personnel who has responsibilities for performing those activities, a cyber security awareness program is necessary to enhance cyber security culture for the facility personnel to participate positively in cyber security activities. Also before the implementation of stepwise CSP, suitable education and training should be provided to both cyber security teams (CST) and facility personnel who should participate in the implementation. Since such importance and urgency of cyber security awareness and training is underestimated at present, the types, trainees, contents, and development strategies of cyber security awareness and training programs are studied to help Korean nuclear facilities to perform cyber security activities more effectively. Cyber security awareness and training programs should be developed ahead of the implementation of CSP. In this study, through the analysis of requirements in the regulatory standard RS-015, the types and trainees of overall cyber security training programs in nuclear facilities are identified. Contents suitable for a cyber security awareness program and a technical training program are derived. It is suggested to develop stepwise the program contents in accordance with the development of policies, guides, and procedures as parts of the facility cyber security program. Since any training programs are not available for the specialized cyber security training in nuclear facilities, a long-term development plan is necessary. As alternatives for the time being, several cyber security training courses for industrial control systems by

Threat Assessment for Multistage Cyber Attacks in Smart Grid Communication Networks

OpenAIRE

He, Xiaobing

2017-01-01

In smart grids, managing and controlling power operations are supported by information and communication technology (ICT) and supervisory control and data acquisition (SCADA) systems. The increasing adoption of new ICT assets in smart grids is making smart grids vulnerable to cyber threats, as well as raising numerous concerns about the adequacy of current security approaches. As a single act of penetration is often not sufficient for an attacker to achieve his/her goal, multistage cyb...

Cyber Threats for Organizations of Financial Market Infrastructures

Directory of Open Access Journals (Sweden)

Natalia Georgievna Miloslavskaya

2016-03-01

Full Text Available Abstract: In the global informatization era the reliable and efficient financial market infrastructure of the Russian Federation (RF FMI plays an important role in the financial system and economy of the country. New cyber risks have acquired the status of the FR FMI systemic risk’s components, the importance of which is constantly growing due to the increase in the possible consequences of their implementation. The article introduces the basic concepts of cyber security, cyber space and cyber threats for the RF FMI and analyzes the specific features of cyber attacks against the RF FMI organizations.

A cyber infrastructure for the SKA Telescope Manager

Science.gov (United States)

Barbosa, Domingos; Barraca, João. P.; Carvalho, Bruno; Maia, Dalmiro; Gupta, Yashwant; Natarajan, Swaminathan; Le Roux, Gerhard; Swart, Paul

2016-07-01

The Square Kilometre Array Telescope Manager (SKA TM) will be responsible for assisting the SKA Operations and Observation Management, carrying out System diagnosis and collecting Monitoring and Control data from the SKA subsystems and components. To provide adequate compute resources, scalability, operation continuity and high availability, as well as strict Quality of Service, the TM cyber-infrastructure (embodied in the Local Infrastructure - LINFRA) consists of COTS hardware and infrastructural software (for example: server monitoring software, host operating system, virtualization software, device firmware), providing a specially tailored Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) solution. The TM infrastructure provides services in the form of computational power, software defined networking, power, storage abstractions, and high level, state of the art IaaS and PaaS management interfaces. This cyber platform will be tailored to each of the two SKA Phase 1 telescopes (SKA_MID in South Africa and SKA_LOW in Australia) instances, each presenting different computational and storage infrastructures and conditioned by location. This cyber platform will provide a compute model enabling TM to manage the deployment and execution of its multiple components (observation scheduler, proposal submission tools, MandC components, Forensic tools and several Databases, etc). In this sense, the TM LINFRA is primarily focused towards the provision of isolated instances, mostly resorting to virtualization technologies, while defaulting to bare hardware if specifically required due to performance, security, availability, or other requirement.

Cyber essentials a pocket guide

CERN Document Server

Calder, Alan

2014-01-01

Every year, thousands of computer systems in the UK are compromised. The majority fall victim to easily preventable cyber attacks, carried out with tools which are freely available on the Internet.   Cyber Essentials is the UK Government's reaction to the proliferation of these attacks. It requires that organisations put basic security measures in place, enabling them to reliably counter the most common tactics employed by cyber criminals. From 1 October 2014, all suppliers bidding for a range of government ICT contracts - in particu

Index of cyber integrity

Science.gov (United States)

Anderson, Gustave

2014-05-01

Unfortunately, there is no metric, nor set of metrics, that are both general enough to encompass all possible types of applications yet specific enough to capture the application and attack specific details. As a result we are left with ad-hoc methods for generating evaluations of the security of our systems. Current state of the art methods for evaluating the security of systems include penetration testing and cyber evaluation tests. For these evaluations, security professionals simulate an attack from malicious outsiders and malicious insiders. These evaluations are very productive and are able to discover potential vulnerabilities resulting from improper system configuration, hardware and software flaws, or operational weaknesses. We therefore propose the index of cyber integrity (ICI), which is modeled after the index of biological integrity (IBI) to provide a holistic measure of the health of a system under test in a cyber-environment. The ICI provides a broad base measure through a collection of application and system specific metrics. In this paper, following the example of the IBI, we demonstrate how a multi-metric index may be used as a holistic measure of the health of a system under test in a cyber-environment.

ADDRESSING THE SPECTRE OF CYBER TERRORISM: A COMPARATIVE PERSPECTIVE

Directory of Open Access Journals (Sweden)

Fawzia Cassim

2012-08-01

Full Text Available This article looks at the definition of cyber terrorism and terrorist use of the Internet. The article evaluates cyber terrorist threats facing countries such as the United States of America, the United Kingdom, India and South Africa. The article also examines measures introduced by the respective governments in these countries to counteract cyber terrorist threats. Finally, the article will propose a way forward to counteract such possible threats in the future.The face of terrorism is changing. The convergence of the physical and virtual worlds has resulted in the creation of a “new threat” called cyber terrorism. Cyber terrorism is one of the recognised cyber crimes. The absence of suitable legal frameworks to address cyber terrorism at national and regional levels, the lack of adequate safeguards, the lack of cyber security strategies and the pre-occupation of countries with internal factors have all contributed to the creation of an environment that can be easily infiltrated by cyber terrorists. The horrific events of 9/11 provided the impetus for many countries to introduce anti-terrorist legislation. The United States of America, United Kingdom, India and South Africa have introduced legislation to address the threat of cyber terrorism.

Cyber threat impact assessment and analysis for space vehicle architectures

Science.gov (United States)

McGraw, Robert M.; Fowler, Mark J.; Umphress, David; MacDonald, Richard A.

2014-06-01

This paper covers research into an assessment of potential impacts and techniques to detect and mitigate cyber attacks that affect the networks and control systems of space vehicles. Such systems, if subverted by malicious insiders, external hackers and/or supply chain threats, can be controlled in a manner to cause physical damage to the space platforms. Similar attacks on Earth-borne cyber physical systems include the Shamoon, Duqu, Flame and Stuxnet exploits. These have been used to bring down foreign power generation and refining systems. This paper discusses the potential impacts of similar cyber attacks on space-based platforms through the use of simulation models, including custom models developed in Python using SimPy and commercial SATCOM analysis tools, as an example STK/SOLIS. The paper discusses the architecture and fidelity of the simulation model that has been developed for performing the impact assessment. The paper walks through the application of an attack vector at the subsystem level and how it affects the control and orientation of the space vehicle. SimPy is used to model and extract raw impact data at the bus level, while STK/SOLIS is used to extract raw impact data at the subsystem level and to visually display the effect on the physical plant of the space vehicle.

Situational Awareness of Network System Roles (SANSR)

Energy Technology Data Exchange (ETDEWEB)

Huffer, Kelly M [ORNL; Reed, Joel W [ORNL

2017-01-01

In a large enterprise it is difficult for cyber security analysts to know what services and roles every machine on the network is performing (e.g., file server, domain name server, email server). Using network flow data, already collected by most enterprises, we developed a proof-of-concept tool that discovers the roles of a system using both clustering and categorization techniques. The tool's role information would allow cyber analysts to detect consequential changes in the network, initiate incident response plans, and optimize their security posture. The results of this proof-of-concept tool proved to be quite accurate on three real data sets. We will present the algorithms used in the tool, describe the results of preliminary testing, provide visualizations of the results, and discuss areas for future work. Without this kind of situational awareness, cyber analysts cannot quickly diagnose an attack or prioritize remedial actions.

You Are What You Read: The Belief Systems of Cyber-Bystanders on Social Networking Sites.

Science.gov (United States)

Leung, Angel N M; Wong, Natalie; Farver, JoAnn M

2018-01-01

The present study tested how exposure to two types of responses to a hypothetical simulated Facebook setting influenced cyber-bystanders' perceived control and normative beliefs using a 4 cyberbully-victim group (pure cyberbullies, non-involved, pure cyberbullied victims, and cyberbullied-victims) × 2 condition (offend vs. defend) experimental design. 203 Hong Kong Chinese secondary school and university students (132 females, 71 males; 12 to 28; M = 16.70; SD = 3.03 years old) were randomly assigned into one of two conditions. Results showed that participants' involvement in cyberbullying significantly related to their control beliefs about bully and victim assisting behaviors, while exposure to the two different conditions (offend vs. defend comments) was related to both their control and normative beliefs. In general, the defend condition promoted higher control beliefs to help the victims and promoted higher normative beliefs to help the victims. Regardless of their past involvement in cyberbullying and exposure to offend vs. defend conditions, both cyber-bullies and cyber-victims were more inclined to demonstrate normative beliefs to help victims than to assist bullies. These results have implications for examining environmental influences in predicting bystander behaviors in cyberbullying contexts, and for creating a positive environment to motivate adolescents to become "upstanders" in educational programs to combat cyberbullying.

You Are What You Read: The Belief Systems of Cyber-Bystanders on Social Networking Sites

Directory of Open Access Journals (Sweden)

Angel N. M. Leung

2018-04-01

Full Text Available The present study tested how exposure to two types of responses to a hypothetical simulated Facebook setting influenced cyber-bystanders’ perceived control and normative beliefs using a 4 cyberbully-victim group (pure cyberbullies, non-involved, pure cyberbullied victims, and cyberbullied-victims × 2 condition (offend vs. defend experimental design. 203 Hong Kong Chinese secondary school and university students (132 females, 71 males; 12 to 28; M = 16.70; SD = 3.03 years old were randomly assigned into one of two conditions. Results showed that participants’ involvement in cyberbullying significantly related to their control beliefs about bully and victim assisting behaviors, while exposure to the two different conditions (offend vs. defend comments was related to both their control and normative beliefs. In general, the defend condition promoted higher control beliefs to help the victims and promoted higher normative beliefs to help the victims. Regardless of their past involvement in cyberbullying and exposure to offend vs. defend conditions, both cyber-bullies and cyber-victims were more inclined to demonstrate normative beliefs to help victims than to assist bullies. These results have implications for examining environmental influences in predicting bystander behaviors in cyberbullying contexts, and for creating a positive environment to motivate adolescents to become “upstanders” in educational programs to combat cyberbullying.

You Are What You Read: The Belief Systems of Cyber-Bystanders on Social Networking Sites

Science.gov (United States)

Leung, Angel N. M.; Wong, Natalie; Farver, JoAnn M.

2018-01-01

The present study tested how exposure to two types of responses to a hypothetical simulated Facebook setting influenced cyber-bystanders’ perceived control and normative beliefs using a 4 cyberbully-victim group (pure cyberbullies, non-involved, pure cyberbullied victims, and cyberbullied-victims) × 2 condition (offend vs. defend) experimental design. 203 Hong Kong Chinese secondary school and university students (132 females, 71 males; 12 to 28; M = 16.70; SD = 3.03 years old) were randomly assigned into one of two conditions. Results showed that participants’ involvement in cyberbullying significantly related to their control beliefs about bully and victim assisting behaviors, while exposure to the two different conditions (offend vs. defend comments) was related to both their control and normative beliefs. In general, the defend condition promoted higher control beliefs to help the victims and promoted higher normative beliefs to help the victims. Regardless of their past involvement in cyberbullying and exposure to offend vs. defend conditions, both cyber-bullies and cyber-victims were more inclined to demonstrate normative beliefs to help victims than to assist bullies. These results have implications for examining environmental influences in predicting bystander behaviors in cyberbullying contexts, and for creating a positive environment to motivate adolescents to become “upstanders” in educational programs to combat cyberbullying. PMID:29740362

Cyber Victimization and Perceived Stress: Linkages to Late Adolescents' Cyber Aggression and Psychological Functioning

Science.gov (United States)

Wright, Michelle F.

2015-01-01

The present study examined multiple sources of strain, particular cyber victimization, and perceived stress from parents, peers, and academics, in relation to late adolescents' (ages 16-18; N = 423) cyber aggression, anxiety, and depression, each assessed 1 year later (Time 2). Three-way interactions revealed that the relationship between Time 1…

Cyberprints: Identifying Cyber Attackers by Feature Analysis

Science.gov (United States)

Blakely, Benjamin A.

2012-01-01

The problem of attributing cyber attacks is one of increasing importance. Without a solid method of demonstrating the origin of a cyber attack, any attempts to deter would-be cyber attackers are wasted. Existing methods of attribution make unfounded assumptions about the environment in which they will operate: omniscience (the ability to gather,…

Development Methodology of a Cyber Security Risk Analysis and Assessment Tool for Digital I and C Systems in Nuclear Power Plant

International Nuclear Information System (INIS)

Cha, K. H.; Lee, C. K.; Song, J. G.; Lee, Y. J.; Kim, J. Y.; Lee, J. W.; Lee, D. Y.

2011-01-01

With the use of digital computers and communication networks the hot issues on cyber security were raised about 10 years ago. The scope of cyber security application has now been extended from the safety Instrumentation and Control (I and C) system to safety important systems, plant security system, and emergency preparedness system. Therefore, cyber security should be assessed and managed systematically throughout the development life cycle of I and C systems in order for their digital assets to be protected from cyber attacks. Fig. 1 shows the concept of a cyber security risk management of digital I and C systems in nuclear power plants (NPPs). A lot of cyber security risk assessment methods, techniques, and supported tools have been developed for Information Technology (IT) systems, but they have not been utilized widely for cyber security risk assessments of the digital I and C systems in NPPs. The main reason is a difference in goals between IT systems and nuclear I and C systems. Confidentiality is important in IT systems, but availability and integrity are important in nuclear I and C systems. Last year, it was started to develop a software tool to be specialized for the development process of nuclear I and C systems. This paper presents a development methodology of the Cyber Security Risk analysis and Assessment Tool (CSRAT) for the digital I and C systems in NPP

Development Methodology of a Cyber Security Risk Analysis and Assessment Tool for Digital I and C Systems in Nuclear Power Plant

Energy Technology Data Exchange (ETDEWEB)

Cha, K. H.; Lee, C. K.; Song, J. G.; Lee, Y. J.; Kim, J. Y.; Lee, J. W.; Lee, D. Y. [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2011-05-15

With the use of digital computers and communication networks the hot issues on cyber security were raised about 10 years ago. The scope of cyber security application has now been extended from the safety Instrumentation and Control (I and C) system to safety important systems, plant security system, and emergency preparedness system. Therefore, cyber security should be assessed and managed systematically throughout the development life cycle of I and C systems in order for their digital assets to be protected from cyber attacks. Fig. 1 shows the concept of a cyber security risk management of digital I and C systems in nuclear power plants (NPPs). A lot of cyber security risk assessment methods, techniques, and supported tools have been developed for Information Technology (IT) systems, but they have not been utilized widely for cyber security risk assessments of the digital I and C systems in NPPs. The main reason is a difference in goals between IT systems and nuclear I and C systems. Confidentiality is important in IT systems, but availability and integrity are important in nuclear I and C systems. Last year, it was started to develop a software tool to be specialized for the development process of nuclear I and C systems. This paper presents a development methodology of the Cyber Security Risk analysis and Assessment Tool (CSRAT) for the digital I and C systems in NPP

The Soft Side of Cyber Security - Social Media

DEFF Research Database (Denmark)

Nissen, Thomas Elkjer

2016-01-01

The importance of cyber-security is growing. With the continued digitization of our everyday life we become increasingly vulnerable to cyber-attacks – also personally. Therefore, it is an issue to be taken extremely seriously.......The importance of cyber-security is growing. With the continued digitization of our everyday life we become increasingly vulnerable to cyber-attacks – also personally. Therefore, it is an issue to be taken extremely seriously....

An Analysis Of Cyber Security And How It Is Affecting A Contract Writing System, Seaport

Science.gov (United States)

2016-06-01

features to protect U.S. interests. Secure Socket Layers or SSL works by allowing a user to encrypt information sent or received across a network ...and to the Office of Management and Budget, Paperwork Reduction Project (0704-0188) Washington, DC 20503. 1. AGENCY USE ONLY (Leave blank) 2...however, theoretically, cyber security can be attributed. Recommendations include adding more servers to existing SeaPort network infrastructure and

Understanding Cyber Threats and Vulnerabilities

NARCIS (Netherlands)

Luiijf, H.A.M.

2012-01-01

This chapter reviews current and anticipated cyber-related threats to the Critical Information Infrastructure (CII) and Critical Infrastructures (CI). The potential impact of cyber-terrorism to CII and CI has been coined many times since the term was first coined during the 1980s. Being the

Resilia cyber resilience best practices

CERN Document Server

, AXELOS

2015-01-01

RESILIA™ Cyber Resilience Best Practices offers a practical approach to cyber resilience, reflecting the need to detect and recover from incidents, and not rely on prevention alone. It uses the ITIL® framework, which provides a proven approach to the provision of services that align to business outcomes.

Considerations on Cyber Security Assessments of Korean Nuclear Power Plants

International Nuclear Information System (INIS)

Lee, Jung-Woon; Song, Jae-Gu; Han, Kyung-Soo; Lee, Cheol Kwon; Kang, Mingyun

2015-01-01

Korea Institute of Nuclear Nonproliferation and Control (KINAC) has prepared the regulatory standard RS-015 based on RG 5.71. RS-015 defines the elements of a cyber security program to be established in nuclear facilities and describes the security control items and relevant requirements. Cyber security assessments are important initial activities in a cyber security program for NPPs. Cyber security assessments can be performed in the following key steps: 1) Formation of a cyber security assessment team (CSAT); 2) Identification of critical systems and critical digital assets (CDAs); 3) Plant compliance checks with the security control requirements in RS-015. Through the assessments, the current status of security controls applied to NPPs can be found out. The assessments provide baseline data for remedial activities. Additional analyses with the results from the assessments should be performed before the implementation of remedial security controls. The cyber security team at the Korea Atomic Energy Research Institute (KAERI) has studied how to perform cyber security assessments for NPPs based on the regulatory requirements. Recently, KAERI's cyber security team has performed pilot cyber security assessments of a Korean NPP. Based on this assessment experience, considerations and checkpoints which would be helpful for full-scale cyber security assessments of Korean NPPs and the implementation of remedial security controls are discussed in this paper. Cyber security assessment is one of important and immediate activities for NPP cyber security. The quality of the first assessment will be a barometer for NPP cyber security. Hence cyber security assessments of Korean NPPs should be performed elaborately

Considerations on Cyber Security Assessments of Korean Nuclear Power Plants

Energy Technology Data Exchange (ETDEWEB)

Lee, Jung-Woon; Song, Jae-Gu; Han, Kyung-Soo; Lee, Cheol Kwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of); Kang, Mingyun [E-Gonggam Co. Ltd., Daejeon (Korea, Republic of)

2015-10-15

Korea Institute of Nuclear Nonproliferation and Control (KINAC) has prepared the regulatory standard RS-015 based on RG 5.71. RS-015 defines the elements of a cyber security program to be established in nuclear facilities and describes the security control items and relevant requirements. Cyber security assessments are important initial activities in a cyber security program for NPPs. Cyber security assessments can be performed in the following key steps: 1) Formation of a cyber security assessment team (CSAT); 2) Identification of critical systems and critical digital assets (CDAs); 3) Plant compliance checks with the security control requirements in RS-015. Through the assessments, the current status of security controls applied to NPPs can be found out. The assessments provide baseline data for remedial activities. Additional analyses with the results from the assessments should be performed before the implementation of remedial security controls. The cyber security team at the Korea Atomic Energy Research Institute (KAERI) has studied how to perform cyber security assessments for NPPs based on the regulatory requirements. Recently, KAERI's cyber security team has performed pilot cyber security assessments of a Korean NPP. Based on this assessment experience, considerations and checkpoints which would be helpful for full-scale cyber security assessments of Korean NPPs and the implementation of remedial security controls are discussed in this paper. Cyber security assessment is one of important and immediate activities for NPP cyber security. The quality of the first assessment will be a barometer for NPP cyber security. Hence cyber security assessments of Korean NPPs should be performed elaborately.

Game Based Cyber Security Training: are Serious Games suitable for cyber security training?

Directory of Open Access Journals (Sweden)

Maurice Hendrix

2016-03-01

Full Text Available Security research and training is attracting a lot of investment and interest from governments and the private sector. Most efforts have focused on physical security, while cyber security or digital security has been given less importance. With recent high-profile attacks it has become clear that training in cyber security is needed. Serious Games have the capability to be effective tools for public engagement and behavioural change and role play games, are already used by security professionals. Thus cyber security seems especially well-suited to Serious Games. This paper investigates whether games can be effective cyber security training tools. The study is conducted by means of a structured literature review supplemented with a general web search.While there are early positive indications there is not yet enough evidence to draw any definite conclusions. There is a clear gap in target audience with almost all products and studies targeting the general public and very little attention given to IT professionals and managers. The products and studies also mostly work over a short period, while it is known that short-term interventions are not particularly effective at affecting behavioural change.

Cyber-Mobbing als verletzender Sprechakt im Sinne Judith Butlers

Directory of Open Access Journals (Sweden)

Katharina Luckner

2012-12-01

Full Text Available Dieser Beitrag widmet sich der Frage, inwiefern Cyber-Mobbing unter Bezugnahme auf Judith Butlers sprach- bzw. diskurstheoretisches Konzept als verletzender Sprechakt verstanden werden kann. Zu diesem Zweck werden in einem ersten Schritt die Besonderheiten von Cyber-Mobbing aufgezeigt und im Anschluss daran ein für diesen Text geeigneter Cyber-Mobbing-Begriff formuliert. Daraufhin erfolgt eine interpretative Auseinandersetzung mit der Butlerschen Konzeption verletzender Sprechakte, bevor anschließend anhand wesentlicher Schnittstellen herausgearbeitet wird, inwiefern Cyber-Mobbing als ein solcher verletzender sprachlicher Akt begriffen werden kann. Resümierend werden die zentralen Ergebnisse der Ausarbeitung zusammengefasst und es wird danach gefragt, welche Konsequenzen bzw. Folgen sich hieraus für ein mögliches verändertes Verständnis von Cyber-Mobbing ergeben.This Paper argues whether cyber bullying can be understood as violating speach act with reference to Judith Butler by starting with a definition of cyber bullying (respectively the term cyber 'mobbing' which is used synonymously in German speaking countries and an outline of Butler's theory. After that, the question of a new or different understanding of cyber bullying and its consequences is discussed.

Detection of complex cyber attacks

Science.gov (United States)

Gregorio-de Souza, Ian; Berk, Vincent H.; Giani, Annarita; Bakos, George; Bates, Marion; Cybenko, George; Madory, Doug

2006-05-01

One significant drawback to currently available security products is their inabilty to correlate diverse sensor input. For instance, by only using network intrusion detection data, a root kit installed through a weak username-password combination may go unnoticed. Similarly, an administrator may never make the link between deteriorating response times from the database server and an attacker exfiltrating trusted data, if these facts aren't presented together. Current Security Information Management Systems (SIMS) can collect and represent diverse data but lack sufficient correlation algorithms. By using a Process Query System, we were able to quickly bring together data flowing from many sources, including NIDS, HIDS, server logs, CPU load and memory usage, etc. We constructed PQS models that describe dynamic behavior of complicated attacks and failures, allowing us to detect and differentiate simultaneous sophisticated attacks on a target network. In this paper, we discuss the benefits of implementing such a multistage cyber attack detection system using PQS. We focus on how data from multiple sources can be combined and used to detect and track comprehensive network security events that go unnoticed using conventional tools.

Cyber Operations Between Russia and Ukraine During Ukrainian Conflict

Directory of Open Access Journals (Sweden)

Miroslava Pavlíková

2016-06-01

Full Text Available When the Ukraine crisis started in 2013, discussions about possible cyber warfare appeared. Debates about the usage of cyber tools in war conflicts have already been considered for the last few years and conflicts where actors possess these capacities emphasize the importance to analyze this phenomenon. This article examines cyber warfare between Russia and Ukraine during the Ukraine crisis and aims to analyze incidents in the cyber domain with considerations cyber war on a theoretical background.

Towards a Research Agenda for Cyber Friendly Fire

Energy Technology Data Exchange (ETDEWEB)

Greitzer, Frank L.; Clements, Samuel L.; Carroll, Thomas E.; Fluckiger, Jerry D.

2009-11-18

Historical assessments of combat fratricide reveal principal contributing factors in the effects of stress, degradation of skills due to continuous operations or sleep deprivation, poor situation awareness, and lack of training and discipline in offensive/defense response selection. While these problems are typically addressed in R&D focusing on traditional ground-based combat, there is also an emerging need for improving situation awareness and decision making on defensive/offensive response options in the cyber defense arena, where a mistaken response to an actual or perceived cyber attack could lead to destruction or compromise of friendly cyber assets. The purpose of this report is to examine cognitive factors that may affect cyber situation awareness and describe possible research needs to reduce the likelihood and effects of "friendly cyber fire" on cyber defenses, information infrastructures, and data. The approach is to examine concepts and methods that have been described in research applied to the more traditional problem of mitigating the occurrence of combat identification and fratricide. Application domains of interest include cyber security defense against external or internal (insider) threats.

Cyber security for greater service reliability

Energy Technology Data Exchange (ETDEWEB)

Vickery, P. [N-Dimension Solutions Inc., Richmond Hill, ON (Canada)

2008-05-15

Service reliability in the electricity transmission and distribution (T and D) industry is being challenged by increased equipment failures, harsher climatic conditions, and computer hackers who aim to disrupt services by gaining access to transmission and distribution resources. This article discussed methods of ensuring the cyber-security of T and D operators. Weak points in the T and D industry include remote terminal units; intelligent electronic devices; distributed control systems; programmable logic controllers; and various intelligent field devices. An increasing number of interconnection points exist between an operator's service control system and external systems. The North American Electric Reliability Council (NERC) standards specify that cyber security strategies should ensure that all cyber assets are protected, and that access points must be monitored to detect intrusion attempts. The introduction of new advanced metering initiatives must also be considered. Comprehensive monitoring systems should be available to support compliance with cyber security standards. It was concluded that senior management should commit to a periodic cyber security re-assessment program in order to keep up-to-date.