WorldWideScience

Sample records for service targets cyber

  1. Legal Issues in Cyber Targeting

    DEFF Research Database (Denmark)

    Juhlin, Jonas Alastair

    Imagine this scenario: Two states are in armed conflict with each other. In order to gain an advantage, one side launches a cyber-attack against the opponent’s computer network. The malicious malware paralyze the military computer network, as intended, but the malware spreads into the civilian...... system with physical damage to follow. This can happen and the natural question arises: What must be considered lawful targeting according to the international humanitarian law in cyber warfare? What steps must an attacker take to minimize the damage done to unlawful targets when conducting an offensive...... operation? How can the attacker separate military targets from civilian targets in cyber space? This paper addresses these questions and argues that a network (civilian or military) consist of several software components and that it is the individual components that is the target. If the components are used...

  2. Cyber security for greater service reliability

    Energy Technology Data Exchange (ETDEWEB)

    Vickery, P. [N-Dimension Solutions Inc., Richmond Hill, ON (Canada)

    2008-05-15

    Service reliability in the electricity transmission and distribution (T and D) industry is being challenged by increased equipment failures, harsher climatic conditions, and computer hackers who aim to disrupt services by gaining access to transmission and distribution resources. This article discussed methods of ensuring the cyber-security of T and D operators. Weak points in the T and D industry include remote terminal units; intelligent electronic devices; distributed control systems; programmable logic controllers; and various intelligent field devices. An increasing number of interconnection points exist between an operator's service control system and external systems. The North American Electric Reliability Council (NERC) standards specify that cyber security strategies should ensure that all cyber assets are protected, and that access points must be monitored to detect intrusion attempts. The introduction of new advanced metering initiatives must also be considered. Comprehensive monitoring systems should be available to support compliance with cyber security standards. It was concluded that senior management should commit to a periodic cyber security re-assessment program in order to keep up-to-date.

  3. Moving Target Techniques: Cyber Resilience throught Randomization, Diversity, and Dynamism

    Science.gov (United States)

    2017-03-03

    attacks. Simply put, these techniques turn systems into moving targets that will be hard for cyber attackers to compromise. MT techniques leverage...been diversified, they can attack it as if it was not diversified at all. Dynamic Data: Techniques in the dynamic data domain change the format

  4. 75 FR 57086 - Submission for Review: Federal Cyber Service: Scholarship for Service (SFS) Registration Web Site

    Science.gov (United States)

    2010-09-17

    ... OFFICE OF PERSONNEL MANAGEMENT Submission for Review: Federal Cyber Service: Scholarship for Service (SFS) Registration Web Site AGENCY: Office of Personnel Management. ACTION: 30-Day Notice and... National Science Foundation in accordance with [[Page 57087

  5. Positioning navigation and timing service applications in cyber physical systems

    Science.gov (United States)

    Qu, Yi; Wu, Xiaojing; Zeng, Lingchuan

    2017-10-01

    The positioning navigation and timing (PNT) architecture was discussed in detail, whose history, evolvement, current status and future plan were presented, main technologies were listed, advantages and limitations of most technologies were compared, novel approaches were introduced, and future capacities were sketched. The concept of cyber-physical system (CPS) was described and their primary features were interpreted. Then the three-layer architecture of CPS was illustrated. Next CPS requirements on PNT services were analyzed, including requirements on position reference and time reference, requirements on temporal-spatial error monitor, requirements on dynamic services, real-time services, autonomous services, security services and standard services. Finally challenges faced by PNT applications in CPS were concluded. The conclusion was expected to facilitate PNT applications in CPS, and furthermore to provide references to the design and implementation of both architectures.

  6. 75 FR 20400 - Submission for Review: Federal Cyber Service: Scholarship for Service (SFS) Registration Web Site

    Science.gov (United States)

    2010-04-19

    ... OFFICE OF PERSONNEL MANAGEMENT Submission for Review: Federal Cyber Service: Scholarship for Service (SFS) Registration Web Site AGENCY: U.S. Office of Personnel Management. ACTION: 60-Day Notice and... applicable supporting documentation, may be obtained by contacting the San Antonio Services Branch, Office of...

  7. Cybersecurity protecting critical infrastructures from cyber attack and cyber warfare

    CERN Document Server

    Johnson, Thomas A

    2015-01-01

    The World Economic Forum regards the threat of cyber attack as one of the top five global risks confronting nations of the world today. Cyber attacks are increasingly targeting the core functions of the economies in nations throughout the world. The threat to attack critical infrastructures, disrupt critical services, and induce a wide range of damage is becoming more difficult to defend against. Cybersecurity: Protecting Critical Infrastructures from Cyber Attack and Cyber Warfare examines the current cyber threat landscape and discusses the strategies being used by governments and corporatio

  8. Impact modeling and prediction of attacks on cyber targets

    Science.gov (United States)

    Khalili, Aram; Michalk, Brian; Alford, Lee; Henney, Chris; Gilbert, Logan

    2010-04-01

    In most organizations, IT (information technology) infrastructure exists to support the organization's mission. The threat of cyber attacks poses risks to this mission. Current network security research focuses on the threat of cyber attacks to the organization's IT infrastructure; however, the risks to the overall mission are rarely analyzed or formalized. This connection of IT infrastructure to the organization's mission is often neglected or carried out ad-hoc. Our work bridges this gap and introduces analyses and formalisms to help organizations understand the mission risks they face from cyber attacks. Modeling an organization's mission vulnerability to cyber attacks requires a description of the IT infrastructure (network model), the organization mission (business model), and how the mission relies on IT resources (correlation model). With this information, proper analysis can show which cyber resources are of tactical importance in a cyber attack, i.e., controlling them enables a large range of cyber attacks. Such analysis also reveals which IT resources contribute most to the organization's mission, i.e., lack of control over them gravely affects the mission. These results can then be used to formulate IT security strategies and explore their trade-offs, which leads to better incident response. This paper presents our methodology for encoding IT infrastructure, organization mission and correlations, our analysis framework, as well as initial experimental results and conclusions.

  9. Cyber crimes.

    Science.gov (United States)

    Nuzback, Kara

    2014-07-01

    Since it began offering cyber liability coverage in December 2011, the Texas Medical Liability Trust has received more than 150 cyber liability claims, most of which involved breaches of electronic protected health information. TMLT's cyber liability insurance will protect practices financially should a breach occur. The insurance covers a breach notification to customers and business partners, expenses for legal counsel, information security and forensic data services, public relations support, call center and website support, credit monitoring, and identity theft restoration services.

  10. Optimizing targeted vaccination across cyber-physical networks: an empirically based mathematical simulation study.

    Science.gov (United States)

    Mones, Enys; Stopczynski, Arkadiusz; Pentland, Alex 'Sandy'; Hupert, Nathaniel; Lehmann, Sune

    2018-01-01

    Targeted vaccination, whether to minimize the forward transmission of infectious diseases or their clinical impact, is one of the 'holy grails' of modern infectious disease outbreak response, yet it is difficult to achieve in practice due to the challenge of identifying optimal targets in real time. If interruption of disease transmission is the goal, targeting requires knowledge of underlying person-to-person contact networks. Digital communication networks may reflect not only virtual but also physical interactions that could result in disease transmission, but the precise overlap between these cyber and physical networks has never been empirically explored in real-life settings. Here, we study the digital communication activity of more than 500 individuals along with their person-to-person contacts at a 5-min temporal resolution. We then simulate different disease transmission scenarios on the person-to-person physical contact network to determine whether cyber communication networks can be harnessed to advance the goal of targeted vaccination for a disease spreading on the network of physical proximity. We show that individuals selected on the basis of their closeness centrality within cyber networks (what we call 'cyber-directed vaccination') can enhance vaccination campaigns against diseases with short-range (but not full-range) modes of transmission. © 2018 The Author(s).

  11. A Survey of Cyber Crime in Greece

    Directory of Open Access Journals (Sweden)

    A. Papanikolaou

    2014-11-01

    Full Text Available During the past years, the Internet has evolved into the so-called “Web 2.0”. Nevertheless, the wide use of the offered Internet services has rendered individual users a potential target to cyber criminals. The paper presents a review and analysis of various cyber crimes, based on the cases that were reported to the Cyber Crime and Computer Crime Unit of the Greek Police Force and compares them to similar data of other EU countries.

  12. Cyber security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

  13. Moving Target Techniques: Leveraging Uncertainty for Cyber Defense

    Science.gov (United States)

    2015-12-15

    program’s source code and is not possible with proprietary, third - party software for which source code is not made available. Furthermore, ensuring...implemented in most modern operating systems including Linux, Windows, Mac OSX, Android , and iOS. By randomizing the addresses, ASLR makes exploit...applications, and software versions that are running on the target machine to develop an attack against it. During the third phase, the attacker

  14. Federated Access to Cyber Observables for Detection of Targeted Attacks

    Science.gov (United States)

    2014-10-01

    each manages. The DQNs also utilize an intelligent information ex- traction capability for automatically suggesting mappings from text found in audit ...Harmelen, and others, “OWL web ontology language overview,” W3C Recomm., vol. 10, no. 2004–03, p. 10, 2004. [4] D. Miller and B. Pearson , Security...Online]. Available: http://www.disa.mil/Services/Information- Assurance /HBS/HBSS. [21] S. Zanikolas and R. Sakellariou, “A taxonomy of grid

  15. On a Malware Targeting Private Telephony Networks during Cyber Conflict

    Directory of Open Access Journals (Sweden)

    I. I. Androulidakis

    2013-06-01

    Full Text Available Telecommunication networks have long ago entered the Critical Infrastructure domain. Apart from the public telephony network, there is a parallel private telephony network, consisting of Private Branch Exchanges (PBXs that serve the communication needs of private or public entities. Their penetration in the market is substantial. As a result, thousands of PBX installations are present in every country serving many times more users in vital infrastructures (including health, safety, security, economy, energy. Therefore, attacking PBXs can have critical effects that disrupt society and can clearly be used in warlike situations. PBXs are an integral part of the critical infrastructure, along with the public telephony network. The contribution of this work focuses on the theoretical and practical capabilities of a malware able to target PBXs. Such an occurrence would have devastating effects on the communication confidentiality, integrity and availability.

  16. 78 FR 26664 - Submission for Review: CyberCorps®: Scholarship For Service (SFS) Registration Web Site

    Science.gov (United States)

    2013-05-07

    ... OFFICE OF PERSONNEL MANAGEMENT Submission for Review: CyberCorps[supreg]: Scholarship For Service (SFS) Registration Web Site AGENCY: U.S. Office of Personnel Management. ACTION: 60-Day Notice and..., Mid-Atlantic Services Branch, 200 Granby Street, Suite 500, Norfolk, VA 23510-1886, Attention: Kathy...

  17. Automating cyber offensive operations for cyber challenges

    CSIR Research Space (South Africa)

    Burke, I

    2016-03-01

    Full Text Available with regards to attack automation. 2. Background on cyber games CTF exercises are offensive and defensive cyber training exercises whereby teams compete against one another to obtain flags or tokens hidden on various servers. In some cases these flags... are located on an opponent’s servers, which results in teams being required to attack adversary servers while maintaining defences on their own services (The National Cyber League 2013). These challenges are often time based and victors are determined based...

  18. Evaluation of target coverage and margins adequacy during CyberKnife Lung Optimized Treatment.

    Science.gov (United States)

    Ricotti, Rosalinda; Seregni, Matteo; Ciardo, Delia; Vigorito, Sabrina; Rondi, Elena; Piperno, Gaia; Ferrari, Annamaria; Zerella, Maria Alessia; Arculeo, Simona; Francia, Claudia Maria; Sibio, Daniela; Cattani, Federica; De Marinis, Filippo; Spaggiari, Lorenzo; Orecchia, Roberto; Riboldi, Marco; Baroni, Guido; Jereczek-Fossa, Barbara Alicja

    2018-04-01

    Evaluation of target coverage and verification of safety margins, in motion management strategies implemented by Lung Optimized Treatment (LOT) module in CyberKnife system. Three fiducial-less motion management strategies provided by LOT can be selected according to tumor visibility in the X ray images acquired during treatment. In 2-view modality the tumor is visible in both X ray images and full motion tracking is performed. In 1-view modality the tumor is visible in a single X ray image, therefore, motion tracking is combined with an internal target volume (ITV)-based margin expansion. In 0-view modality the lesion is not visible, consequently the treatment relies entirely on an ITV-based approach. Data from 30 patients treated in 2-view modality were selected providing information on the three-dimensional tumor motion in correspondence to each X ray image. Treatments in 1-view and 0-view modalities were simulated by processing log files and planning volumes. Planning target volume (PTV) margins were defined according to the tracking modality: end-exhale clinical target volume (CTV) + 3 mm in 2-view and ITV + 5 mm in 0-view. In the 1-view scenario, the ITV encompasses only tumor motion along the non-visible direction. Then, non-uniform ITV to PTV margins were applied: 3 mm and 5 mm in the visible and non-visible direction, respectively. We defined the coverage of each voxel of the CTV as the percentage of X ray images where such voxel was included in the PTV. In 2-view modality coverage was calculated as the intersection between the CTV centred on the imaged target position and the PTV centred on the predicted target position, as recorded in log files. In 1-view modality, coverage was calculated as the intersection between the CTV centred on the imaged target position and the PTV centred on the projected predictor data. In 0-view modality coverage was calculated as the intersection between the CTV centred on the imaged target position and the non

  19. Cyber Warfare/Cyber Terrorism

    National Research Council Canada - National Science Library

    O'Hara, Timothy

    2004-01-01

    .... Section 1 concludes with a review of offensive and defensive cyber warfare concepts. Section 2 presents a general overview of cyber terrorism, including definitions of cyber terrorism and cyber terrorism support...

  20. Towards Cyber City: DKI Jakarta and Surabaya Provincial Government Digital Public Services

    Directory of Open Access Journals (Sweden)

    Mia Angeline

    2016-10-01

    Full Text Available The goal of this research was to do a comparative study on the use of information technology in DKI Jakarta Provincial Government through Jakarta.go.id website and Surabaya City Local Government through Surabaya.go.id website. This research focused on public services and interactive use of communication media. Research method used was descriptive qualitative. Data were collected through a depth interview with Jakarta.go.id and Surabaya.go.id website administrators, observation of digital data, literature review, and through secondary data. Data analysis was done through a constant comparative technique. The results indicates that diffusion innovation theory is used by provincial government to give digital public services. It means that the government is seeking people to adopt the use of information technology in the interaction with the government. Local and Provincial Government provides a media center for public services, which the public can access information and provide input to the government. Some of the challenges show that society is not fully ready to change from conventional public services to digital public services received from the government. There is a massive need to educate society while also providing free mobile internet services. Other than that, there is also a gap in internal governmental human resources skill and competences. As a solution to some of these problems, both DKI Jakarta and Surabaya Provincial Government need to apply information technology to achieve e-government and cyber city. 

  1. Defining cyber warfare

    Directory of Open Access Journals (Sweden)

    Dragan D. Mladenović

    2012-04-01

    Full Text Available Cyber conflicts represent a new kind of warfare that is technologically developing very rapidly. Such development results in more frequent and more intensive cyber attacks undertaken by states against adversary targets, with a wide range of diverse operations, from information operations to physical destruction of targets. Nevertheless, cyber warfare is waged through the application of the same means, techniques and methods as those used in cyber criminal, terrorism and intelligence activities. Moreover, it has a very specific nature that enables states to covertly initiate attacks against their adversaries. The starting point in defining doctrines, procedures and standards in the area of cyber warfare is determining its true nature. In this paper, a contribution to this effort was made through the analysis of the existing state doctrines and international practice in the area of cyber warfare towards the determination of its nationally acceptable definition.

  2. Personal Denial Of Service (PDOS Attacks: A Discussion and Exploration of a New Category of Cyber Crime

    Directory of Open Access Journals (Sweden)

    Michael Raymond Bartolacci

    2014-03-01

    Full Text Available The growth of the Internet has created a corresponding growth in Internet-based crimes and online misbehavior, particularly among younger computer-savvy people who learned the technical skills necessary for such activities throughout their entire lives. We define a new category of cyber crime called a Personal Denial of Service attack (PDOS. A PDOS is a cyber crime in which an individual deliberately prevents the access of an individual or small group to online services such as email or banking. Due to the nature of a PDOS, these acts can be overlooked by law enforcement and organizations that operate Internet infrastructure such as universities. We analyze a PDOS attack in the context of the Routine Activities Theory of criminal justice. We also surveyed university students to ascertain their attitudes towards online account breaches as related to a PDOS attack.  Our motivation for this work is twofold: to stress the need for cyber ethics education at the university level, and to illustrate how a previously uncategorized type of cyber crime is easily perpetrated in such an environment.

  3. The GMOS cyber(e)-infrastructure: advanced services for supporting science and policy.

    Science.gov (United States)

    Cinnirella, S; D'Amore, F; Bencardino, M; Sprovieri, F; Pirrone, N

    2014-03-01

    The need for coordinated, systematized and catalogued databases on mercury in the environment is of paramount importance as improved information can help the assessment of the effectiveness of measures established to phase out and ban mercury. Long-term monitoring sites have been established in a number of regions and countries for the measurement of mercury in ambient air and wet deposition. Long term measurements of mercury concentration in biota also produced a huge amount of information, but such initiatives are far from being within a global, systematic and interoperable approach. To address these weaknesses the on-going Global Mercury Observation System (GMOS) project ( www.gmos.eu ) established a coordinated global observation system for mercury as well it retrieved historical data ( www.gmos.eu/sdi ). To manage such large amount of information a technological infrastructure was planned. This high-performance back-end resource associated with sophisticated client applications enables data storage, computing services, telecommunications networks and all services necessary to support the activity. This paper reports the architecture definition of the GMOS Cyber(e)-Infrastructure and the services developed to support science and policy, including the United Nation Environmental Program. It finally describes new possibilities in data analysis and data management through client applications.

  4. Cyber-Informed Engineering

    Energy Technology Data Exchange (ETDEWEB)

    Anderson, Robert S. [Idaho National Lab. (INL), Idaho Falls, ID (United States); Benjamin, Jacob [Idaho National Lab. (INL), Idaho Falls, ID (United States); Wright, Virginia L. [Idaho National Lab. (INL), Idaho Falls, ID (United States); Quinones, Luis [Idaho National Lab. (INL), Idaho Falls, ID (United States); Paz, Jonathan [Idaho National Lab. (INL), Idaho Falls, ID (United States)

    2017-03-01

    A continuing challenge for engineers who utilize digital systems is to understand the impact of cyber-attacks across the entire product and program lifecycle. This is a challenge due to the evolving nature of cyber threats that may impact the design, development, deployment, and operational phases of all systems. Cyber Informed Engineering is the process by which engineers are made aware of both how to use their engineering knowledge to positively impact the cyber security in the processes by which they architect and design components and the services and security of the components themselves.

  5. Cyber-Informed Engineering

    International Nuclear Information System (INIS)

    Anderson, Robert S.; Benjamin, Jacob; Wright, Virginia L.; Quinones, Luis; Paz, Jonathan

    2017-01-01

    A continuing challenge for engineers who utilize digital systems is to understand the impact of cyber-attacks across the entire product and program lifecycle. This is a challenge due to the evolving nature of cyber threats that may impact the design, development, deployment, and operational phases of all systems. Cyber Informed Engineering is the process by which engineers are made aware of both how to use their engineering knowledge to positively impact the cyber security in the processes by which they architect and design components and the services and security of the components themselves.

  6. Technical Aspects of Cyber Kill Chain

    OpenAIRE

    Yadav, Tarun; Mallari, Rao Arvind

    2016-01-01

    Recent trends in targeted cyber-attacks has increased the interest of research in the field of cyber security. Such attacks have massive disruptive effects on rganizations, enterprises and governments. Cyber kill chain is a model to describe cyber-attacks so as to develop incident response and analysis capabilities. Cyber kill chain in simple terms is an attack chain, the path that an intruder takes to penetrate information systems over time to execute an attack on the target. This paper broa...

  7. Modeling and Simulation of Cyber Battlefield

    Directory of Open Access Journals (Sweden)

    AliJabar Rashidi

    2017-12-01

    Full Text Available In order to protect cyberspace against cyber-attacks we need cyber situation awareness framework for the implementation of our cyber maneuvers. This article allows execution cyber maneuvers with dynamic cyber battlefield simulator. Cyber battlefield contains essential information for the detection of cyber events, therefore, it can be considered most important and complicated factor in the high-level fusion. Cyber battlefield by gather detail data of cyberspace elements, including knowledge repository of vulnerability, tangible and intangible elements of cyberspace and the relationships between them, can provide and execute cyber maneuvers, penetration testing, cyber-attacks injection, attack tracking, visualization, cyber-attacks impact assessment and risk assessment. The dynamic maker Engine in simulator is designed to update the knowledge base of vulnerabilities, change the topology elements, and change the access list, services, hosts and users. Evaluation of simulator do with qualitative method of research and with create a focus group.

  8. Bio-inspiring cyber security and cloud services trends and innovations

    CERN Document Server

    Kim, Tai-Hoon; Kacprzyk, Janusz; Awad, Ali

    2014-01-01

    This volume presents recent research in cyber security, and reports how organizations can gain competitive advantages by applying the different security techniques in real-world scenarios. The volume provides reviews of cutting–edge technologies, algorithms, applications and insights for bio-inspiring cyber security-based systems. The book will be a valuable companion and comprehensive reference for both postgraduate and senior undergraduate students who are taking a course in cyber security. The volume is organized in self-contained chapters to provide greatest reading flexibility.  

  9. Cyber-physical securi

    Directory of Open Access Journals (Sweden)

    Aditya Ashok

    2014-07-01

    Full Text Available Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments.

  10. Cyber Threats/Attacks and a Defensive Model to Mitigate Cyber Activities

    Directory of Open Access Journals (Sweden)

    Jawad Hussain Awan

    2018-04-01

    Full Text Available Nowadays, every internet user is part of cyber world. In this way, millions of users, knowledge seekers, and service provider organizations are connected to each other, a vast number of common people shifted their everyday activities to cyber world as they can save their time, traffic problem and gets effective and costless services by using various services such as, online banking, social networking sites, government services and cloud services. The use of Cyber services, eBusiness, eCommerce and eGovernance increases the usage of online/cyber services also increased the issue of cyber security. Recently, various cases have been reported in the literature and media about the cyber-attacks and crimes which seriously disrupted governments, businesses and personal lives. From the literature. It is noticed that every cyber user is unaware about privacy and security practices and measures. Therefore, cyber user has provided knowledge and fully aware them from the online services and also about cyber privacy and security. This paper presents a review on the recent cybercrimes, threats and attacks reported in the literature and media. In addition, the impact of these cyber breaches and cyber law to deal with cyber security has been discussed. At last, a defensive model is also proposed to mitigate cyber-criminal activities.

  11. Timing of cyber conflict.

    Science.gov (United States)

    Axelrod, Robert; Iliev, Rumen

    2014-01-28

    Nations are accumulating cyber resources in the form of stockpiles of zero-day exploits as well as other novel methods of engaging in future cyber conflict against selected targets. This paper analyzes the optimal timing for the use of such cyber resources. A simple mathematical model is offered to clarify how the timing of such a choice can depend on the stakes involved in the present situation, as well as the characteristics of the resource for exploitation. The model deals with the question of when the resource should be used given that its use today may well prevent it from being available for use later. The analysis provides concepts, theory, applications, and distinctions to promote the understanding strategy aspects of cyber conflict. Case studies include the Stuxnet attack on Iran's nuclear program, the Iranian cyber attack on the energy firm Saudi Aramco, the persistent cyber espionage carried out by the Chinese military, and an analogous case of economic coercion by China in a dispute with Japan. The effects of the rapidly expanding market for zero-day exploits are also analyzed. The goal of the paper is to promote the understanding of this domain of cyber conflict to mitigate the harm it can do, and harness the capabilities it can provide.

  12. 75 FR 26171 - Cyber Security Certification Program

    Science.gov (United States)

    2010-05-11

    ... Internet users rely are becoming increasingly susceptible to operator error and malicious cyber attack. For... susceptibility to operator error and malicious cyber attack, Federal entities, frequently in cooperation with the... transfers from cyber threats, such as espionage, disruption, and denial of service attacks. Specifically...

  13. Cyber operations as nuclear counterproliferation measures

    OpenAIRE

    Roscini, M.

    2014-01-01

    Focusing on recent malware that allegedly targeted Iran’s nuclear programme, this article discusses the legality of inter-state cyber operations as measures to prevent the proliferation of nuclear weapons approaching the problem from the perspective of the law of State responsibility, in particular the circumstances precluding wrongfulness. After examining the role that cyber attacks and cyber exploitation can play in preventing nuclear proliferation, the article explores whether cyber operat...

  14. Resilia cyber resilience best practices

    CERN Document Server

    , AXELOS

    2015-01-01

    RESILIA™ Cyber Resilience Best Practices offers a practical approach to cyber resilience, reflecting the need to detect and recover from incidents, and not rely on prevention alone. It uses the ITIL® framework, which provides a proven approach to the provision of services that align to business outcomes.

  15. Cyber Threats/Attacks and a Defensive Model to Mitigate Cyber Activities

    OpenAIRE

    Jawad Hussain Awan; Shazad Memon; Sheeraz Memon; Kamran Taj Pathan; Niaz Hussain Arijo

    2018-01-01

    Nowadays, every internet user is part of cyber world. In this way, millions of users, knowledge seekers, and service provider organizations are connected to each other, a vast number of common people shifted their everyday activities to cyber world as they can save their time, traffic problem and gets effective and costless services by using various services such as, online banking, social networking sites, government services and cloud services. The use of Cyber services, eBusiness, eCommerc...

  16. Cyber Guerilla

    NARCIS (Netherlands)

    van Haaster, J.; Gevers, R.; Sprengers, M.

    2016-01-01

    Much as Che Guevara’s book Guerilla Warfare helped define and delineate a new type of warfare in the wake of the Cuban revolution in 1961, Cyber Guerilla will help define the new types of threats and fighters now appearing in the digital landscape. Cyber Guerilla provides valuable insight for

  17. Cyber warfare building the scientific foundation

    CERN Document Server

    Jajodia, Sushil; Subrahmanian, VS; Swarup, Vipin; Wang, Cliff

    2015-01-01

    This book features a wide spectrum of the latest computer science research relating to cyber warfare, including military and policy dimensions. It is the first book to explore the scientific foundation of cyber warfare and features research from the areas of artificial intelligence, game theory, programming languages, graph theory and more. The high-level approach and emphasis on scientific rigor provides insights on ways to improve cyber warfare defense worldwide. Cyber Warfare: Building the Scientific Foundation targets researchers and practitioners working in cyber security, especially gove

  18. Service differentiated and adaptive CSMA/CA over IEEE 802.15.4 for Cyber-Physical Systems.

    Science.gov (United States)

    Xia, Feng; Li, Jie; Hao, Ruonan; Kong, Xiangjie; Gao, Ruixia

    2013-01-01

    Cyber-Physical Systems (CPS) that collect, exchange, manage information, and coordinate actions are an integral part of the Smart Grid. In addition, Quality of Service (QoS) provisioning in CPS, especially in the wireless sensor/actuator networks, plays an essential role in Smart Grid applications. IEEE 802.15.4, which is one of the most widely used communication protocols in this area, still needs to be improved to meet multiple QoS requirements. This is because IEEE 802.15.4 slotted Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) employs static parameter configuration without supporting differentiated services and network self-adaptivity. To address this issue, this paper proposes a priority-based Service Differentiated and Adaptive CSMA/CA (SDA-CSMA/CA) algorithm to provide differentiated QoS for various Smart Grid applications as well as dynamically initialize backoff exponent according to traffic conditions. Simulation results demonstrate that the proposed SDA-CSMA/CA scheme significantly outperforms the IEEE 802.15.4 slotted CSMA/CA in terms of effective data rate, packet loss rate, and average delay.

  19. Multiple cyber attacks against a target with observation errors and dependent outcomes: Characterization and optimization

    International Nuclear Information System (INIS)

    Hu, Xiaoxiao; Xu, Maochao; Xu, Shouhuai; Zhao, Peng

    2017-01-01

    In this paper we investigate a cybersecurity model: An attacker can launch multiple attacks against a target with a termination strategy that says that the attacker will stop after observing a number of successful attacks or when the attacker is out of attack resources. However, the attacker's observation of the attack outcomes (i.e., random variables indicating whether the target is compromised or not) has an observation error that is specified by both a false-negative and a false-positive probability. The novelty of the model we study is the accommodation of the dependence between the attack outcomes, because the dependence was assumed away in the literature. In this model, we characterize the monotonicity and bounds of the compromise probability (i.e., the probability that the target is compromised). In addition to extensively showing the impact of dependence on quantities such as compromise probability and attack cost, we give methods for finding the optimal strategy that leads to maximum compromise probability or minimum attack cost. This study highlights that the dependence between random variables cannot be assumed away, because the results will be misleading. - Highlights: • A novel cybersecurity model is proposed to accommodate the dependence among attack outcomes. • The monotonicity and bounds of the compromise probability are studied. • The dependence effect on the compromise probability and attack cost is discussed via simulation. • The optimal strategy that leads to maximum compromise probability or minimum attack cost is presented.

  20. Cyber Panel Experimentation Program

    National Research Council Canada - National Science Library

    Haines, Joshua

    2003-01-01

    .... A variety of multi-step cyber attacks were perpetrated against the target network each of which typifies a current-day real-world attack. The preliminary results presented here represent those available at conclusion of the experiment process by BBN.

  1. Current Status of the Cyber Threat Assessment for Nuclear Facilities

    Energy Technology Data Exchange (ETDEWEB)

    Kim, Hyun Doo [KINAC, Daejeon (Korea, Republic of)

    2016-05-15

    In December 2014, unknown hackers hacked internal documents sourced from Korea Hydro and Nuclear Power (KHNP) and those electronic documents were posted five times on a Social Network Service (SNS). The data included personal profiles, flow charts, manuals and blueprints for installing pipes in the nuclear power plant. Although the data were not critical to operation or sabotage of the plant, it threatened people and caused social unrest in Korea and neighboring countries. In December 2015, cyber attack on power grid caused a blackout for hundreds of thousands of people in Ukraine. The power outage was caused by a sophisticated attack using destructive malware called 'BlackEnergy'. Cyber attacks are reality in today's world and critical infrastructures are increasingly targeted. Critical infrastructures, such as the nuclear power plant, need to be proactive and protect the nuclear materials, assets and facilities from potential cyber attacks. The threat assessment document and its detailed procedure are confidential for the State. Nevertheless, it is easy to find cooperation on assessing and evaluating the threats of nuclear materials and facilities with other government departments or agencies including the national police. The NSSC and KINAC also cooperated with the National Intelligence Service (NIS) and National Security Research Institute (NSR). However, robust cyber threat assessment system and regular consultative group should be established with domestic and overseas organization including NIS, NSR, the National Police Agency and the military force to protect and ensure to safety of people, public and environment from rapidly changing and upgrading cyber threats.

  2. Current Status of the Cyber Threat Assessment for Nuclear Facilities

    International Nuclear Information System (INIS)

    Kim, Hyun Doo

    2016-01-01

    In December 2014, unknown hackers hacked internal documents sourced from Korea Hydro and Nuclear Power (KHNP) and those electronic documents were posted five times on a Social Network Service (SNS). The data included personal profiles, flow charts, manuals and blueprints for installing pipes in the nuclear power plant. Although the data were not critical to operation or sabotage of the plant, it threatened people and caused social unrest in Korea and neighboring countries. In December 2015, cyber attack on power grid caused a blackout for hundreds of thousands of people in Ukraine. The power outage was caused by a sophisticated attack using destructive malware called 'BlackEnergy'. Cyber attacks are reality in today's world and critical infrastructures are increasingly targeted. Critical infrastructures, such as the nuclear power plant, need to be proactive and protect the nuclear materials, assets and facilities from potential cyber attacks. The threat assessment document and its detailed procedure are confidential for the State. Nevertheless, it is easy to find cooperation on assessing and evaluating the threats of nuclear materials and facilities with other government departments or agencies including the national police. The NSSC and KINAC also cooperated with the National Intelligence Service (NIS) and National Security Research Institute (NSR). However, robust cyber threat assessment system and regular consultative group should be established with domestic and overseas organization including NIS, NSR, the National Police Agency and the military force to protect and ensure to safety of people, public and environment from rapidly changing and upgrading cyber threats

  3. Monitoring outcomes of environmental service provision in low socio-economic indigenous Australia using innovative CyberTracker Technology

    Directory of Open Access Journals (Sweden)

    E J Ens

    2012-01-01

    Full Text Available Payments for environmental services (PES are increasingly promoted as an economic mechanism that could potentially address socio-economic and environmental conservation objectives in developing regions. However, the reporting and conditionality requirements of PES projects can be inhibitory, particularly for people with low environmental monitoring or administration capacity. Here, I provide five case studies where Indigenous Land and Sea Management groups in remote northern Australia, have combined Indigenous ecological knowledge, Western science, and the innovative CyberTracker technology to record and monitor the ecological outcomes of their land management activities to facilitate engagement with mainstream economies in Australia. The case studies elucidate methods of data collection and recording for established and potential PES projects where environmental monitoring and adaptive land and sea management are clear objectives, with longer term prospects for socio-economic benefits of Indigenous community education, empowerment and development. Similar monitoring and reporting methods could be applied in other contexts where individuals or community groups want to engage in emerging mainstream environmental service markets, but lack environmental monitoring and reporting capacity, such as other Indigenous groups, people from economically poor regions, or farmers in environmentally valuable regions.

  4. Cyber Forensics Ontology for Cyber Criminal Investigation

    Science.gov (United States)

    Park, Heum; Cho, Sunho; Kwon, Hyuk-Chul

    We developed Cyber Forensics Ontology for the criminal investigation in cyber space. Cyber crime is classified into cyber terror and general cyber crime, and those two classes are connected with each other. The investigation of cyber terror requires high technology, system environment and experts, and general cyber crime is connected with general crime by evidence from digital data and cyber space. Accordingly, it is difficult to determine relational crime types and collect evidence. Therefore, we considered the classifications of cyber crime, the collection of evidence in cyber space and the application of laws to cyber crime. In order to efficiently investigate cyber crime, it is necessary to integrate those concepts for each cyber crime-case. Thus, we constructed a cyber forensics domain ontology for criminal investigation in cyber space, according to the categories of cyber crime, laws, evidence and information of criminals. This ontology can be used in the process of investigating of cyber crime-cases, and for data mining of cyber crime; classification, clustering, association and detection of crime types, crime cases, evidences and criminals.

  5. Cyber and physical infrastructure interdependencies.

    Energy Technology Data Exchange (ETDEWEB)

    Phillips, Laurence R.; Kelic, Andjelka; Warren, Drake E.

    2008-09-01

    The goal of the work discussed in this document is to understand the risk to the nation of cyber attacks on critical infrastructures. The large body of research results on cyber attacks against physical infrastructure vulnerabilities has not resulted in clear understanding of the cascading effects a cyber-caused disruption can have on critical national infrastructures and the ability of these affected infrastructures to deliver services. This document discusses current research and methodologies aimed at assessing the translation of a cyber-based effect into a physical disruption of infrastructure and thence into quantification of the economic consequences of the resultant disruption and damage. The document discusses the deficiencies of the existing methods in correlating cyber attacks with physical consequences. The document then outlines a research plan to correct those deficiencies. When completed, the research plan will result in a fully supported methodology to quantify the economic consequences of events that begin with cyber effects, cascade into other physical infrastructure impacts, and result in degradation of the critical infrastructure's ability to deliver services and products. This methodology enables quantification of the risks to national critical infrastructure of cyber threats. The work addresses the electric power sector as an example of how the methodology can be applied.

  6. Introducing cyber.

    Science.gov (United States)

    Hult, Fredrik; Sivanesan, Giri

    In January 2012, the World Economic Forum made cyber attacks its fourth top global risk. In the 2013 risk report, cyber attacks were noted to be an even higher risk in absolute terms. The reliance of critical infrastructure on cyber working has never been higher; the frequency, intensity, impact and sophistication of attacks is growing. This trend looks likely to continue. It can be argued that it is no longer a question whether an organisation will be successfully hacked, but how long it will take to detect. In the ever-changing cyber environment, traditional protection techniques and reliance on preventive controls are not enough. A more agile approach is required to give assurance of a sufficiently secure digital society. Are we faced with a paradigm shift or a storm in a digital teacup? This paper offers an introduction to why cyber is important, a wider taxonomy on the topic and some historical context on how the discipline of cyber security has evolved, and an interpretation on what this means in the new normal of today.

  7. Cyber Warfare/Cyber Terrorism

    National Research Council Canada - National Science Library

    O'Hara, Timothy

    2004-01-01

    Section 1 of this paper provides an overview of cyber warfare as an element of information warfare, starting with the general background of the current strategic environment the United States is operating...

  8. Policing cyber hate, cyber threat and cyber terrorism

    OpenAIRE

    Chambers-Jones, C.

    2013-01-01

    In late August 2012 the Government Forum of Incident Response and Cyber security Teams (GFIRST) gathered in Atlanta to discuss cyber threats and how new realities are emerging and how new forms of regulation are needed. At the same time Policing cyber hate, cyber threat and cyber terrorism was published. This comprehensive book brings together a divergent problem and tackles each with a candid exploration. The book has ten chapters and covers aspects such as extortion via the internet, the ps...

  9. Cyber Friendly Fire

    Energy Technology Data Exchange (ETDEWEB)

    Greitzer, Frank L.; Carroll, Thomas E.; Roberts, Adam D.

    2011-09-01

    Cyber friendly fire (FF) is a new concept that has been brought to the attention of Department of Defense (DoD) stakeholders through two workshops that were planned and conducted by the Air Force Research Laboratory (AFRL) and research conducted for AFRL by the Pacific Northwest National Laboratory. With this previous work in mind, we offer a definition of cyber FF as intentional offensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintentionally harms the mission effectiveness of friendly or neutral forces. Just as with combat friendly fire, a fundamental need in avoiding cyber FF is to maintain situation awareness (SA). We suggest that cyber SA concerns knowledge of a system's topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system (and that populate the nodes), the nature of the activities or work performed, and the available defensive (and offensive) countermeasures that may be applied to thwart network attacks. A training implication is to raise awareness and understanding of these critical knowledge units; an approach to decision aids and/or visualizations is to focus on supporting these critical knowledge units. To study cyber FF, we developed an unclassified security test range comprising a combination of virtual and physical devices that present a closed network for testing, simulation, and evaluation. This network offers services found on a production network without the associated costs of a real production network. Containing enough detail to appear realistic, this virtual and physical environment can be customized to represent different configurations. For our purposes, the test range was configured to appear as an Internet-connected Managed Service Provider (MSP) offering specialized web applications to the general public

  10. Students' perspectives on cyber bullying.

    Science.gov (United States)

    Agatston, Patricia W; Kowalski, Robin; Limber, Susan

    2007-12-01

    The aim of this study was to gain a better understanding of the impact of cyber bullying on students and the possible need for prevention messages targeting students, educators, and parents. A total of 148 middle and high school students were interviewed during focus groups held at two middle and two high schools in a public school district. The focus groups were approximately 45 minutes in length. Students were divided by gender and asked a series of scripted questions by a same-gender student assistance counselor. We found that students' comments during the focus groups suggest that students-particularly females-view cyber bullying as a problem, but one rarely discussed at school, and that students do not see the school district personnel as helpful resources when dealing with cyber bullying. Students are currently experiencing the majority of cyber bullying instances outside of the school day; however there is some impact at school. Students were able to suggest some basic strategies for dealing with cyber bullying, but were less likely to be aware of strategies to request the removal of objectionable websites, as well as how to respond as a helpful bystander when witnessing cruel online behavior. We conclude that school districts should address cyber bullying through a combination of policies and information that are shared with students and parents. Schools should include cyber bullying as part of their bullying prevention strategies and include classroom lessons that address reporting and bystander behavior.

  11. Internet Governance amp Cyber Crimes In UAE

    OpenAIRE

    Ayesha Al Neyadi; Alia Al Kaabi; Laila Al Kaabi; Mariam Al Ghufli; Maitha Al Shamsi; Dr. Muhammad Khan

    2015-01-01

    Abstract Most people in UAE dont feel safe while they are use the Internet because most internet users have been a victim for cyber crime. Cyber crime threat rate has increased which has targeted on citizen privacy property and governments also the reputation problems. There are many criminal activities such as indecent acts Copyright issues Terrorist Acts State security and Contempt of religion. Cyber crimes due to several reasons such as they have lack of social intelligence they are being ...

  12. Towards Service-Oriented Middleware for Fog and Cloud Integrated Cyber Physical Systems

    DEFF Research Database (Denmark)

    Mohamed, Nader; Lazarova-Molnar, Sanja; Jawhar, Imad

    2017-01-01

    enables the integration of CPS with other systems such as Cloud and Fog Computing. Furthermore, as CPS can be developed for various applications at different scales, this paper provides a classification for CPS applications and discusses how CPSWare can effectively deal with the different issues in each...... of the applications. An appropriate middleware is needed to provide infrastructural support and assist the development and operations of diverse CPS applications. This paper studies utilizing the service-oriented middleware (SOM) approach for CPS and discusses the advantages and requirements for such utilization....... In addition, it proposes an SOM for CPS, called CPSWare. This middleware views all CPS components as a set of services and provides a service-based infrastructure to develop and operate CPS applications. This approach provides systemic solutions for solving many computing and networking issues in CPS. It also...

  13. DNSSEC for cyber forensics

    OpenAIRE

    Shulman, Haya; Waidner, Michael

    2014-01-01

    Domain Name System (DNS) cache poisoning is a stepping stone towards advanced (cyber) attacks. DNS cache poisoning can be used to monitor users activities for censorship, to distribute malware and spam and to subvert correctness and availability of Internet clients and services. Currently, the DNS infrastructure relies on challenge-response defences against attacks by (the common) off-path adversaries. Such defences do not suffice against stronger, man-in-the-middle (MitM), adversaries. Howev...

  14. CYBER SECURITY FOR AIRPORTS

    OpenAIRE

    Kasthurirangan Gopalakrishnan; Manimaran Govindarasu; Doug W. Jacobson; Brent M. Phares

    2013-01-01

    In today’s information age, government organizations and business enterprises are heavily relying on interconnected computer systems to manage a variety of public services including energy, transportation, water, etc. While this increased connectivity has many operational advantages benefitting the public, they have also become vulnerable to cyber attacks such as Corporate Security Breaches, Spear Phishing, and Social Media Fraud. The aviation sector is one the critical infrastructure systems...

  15. CyberWar, CyberTerror, CyberCrime

    CERN Document Server

    Mehan, Julie E

    2008-01-01

    CyberWar, CyberTerror, CyberCrime provides a stark and timely analysis of the increasingly hostile online landscape that today’s corporate systems inhabit, and gives a practical introduction to the defensive strategies that can be employed in response.

  16. Private ordering and the rise of terms of service as cyber-regulation

    Directory of Open Access Journals (Sweden)

    Luca Belli

    2016-12-01

    Full Text Available Online communications and activities require the intermediation of numerous private entities that unilaterally define and implement their terms of service (ToS. The substantive provisions set in the ToS regulate the relationships between intermediaries and users with a binding force that may be even stronger than the one exercised by the law. Notably, we stress that internet intermediaries privately enforce their contractual regulation by shaping the architecture of the networks and platforms under their control. Such regulation and implementation do not need to rely on “traditional” public law-enforcement mechanisms and may apply in a transnational fashion. This paper argues that internet governance is witnessing the increasing centralisation of power in the hands of internet intermediaries defining private orderings. While acknowledging that ToS are an efficient and well-suited instrument to regulate the online world, we claim that ToS unilaterally impose rules, despite being presented as voluntarily accepted by the involved parties through the expression of free and informed consent. Based on empirical research, we highlight that ToS and their private implementation affect internet users’ capability to enjoy their human rights, with particular regard to freedom of expression (and innovation, the right to privacy and to due process. Lastly, we put forward some recommendations on internet intermediaries’ compliance with human rights standards.

  17. Cyber Power

    Science.gov (United States)

    2010-05-01

    government. Another way of looking at power in the cyber domain is to consider the three faces or aspects of relational power. 1st Face: (A induces B do...power. For example, on the February 2010 anniversary of the Iranian Revolution, the government slowed the internet to prevent protesters sending films ...all but a few government controlled Web sites. The damage to business and tourism was significant, but the Chinese government was more concerned

  18. CyberPET: a PET service distributed over a wide area

    International Nuclear Information System (INIS)

    Pilloy, W.J.; Hellwig, D.; Schaeffer, A.; Hoffmann, P.; Lens, V.

    2002-01-01

    Aim: Demonstration of bi-directional PET data transmission, interactive display and co-registration, for the purpose of correlative imaging, treatment planning and teaching. Material and Method: In the year 2000, the initial problem to attend was to provide an effective PET service to a hospital (in Luxemburg) which lies 150 km away from a PET center (in another country). Once this solved, the procedure was expanded (in 2001) to co-registration with CT/MRI scans performed locally, and with radiotherapy simulation CT performed in another center 25 km away (in 2002). Equipment from various vendors was used (Siemens, Adac, GE, Hermes). With preliminary agreement of the national medical aid, patients are sent from the Nuclear Medicine Dept of the Centre Hospitalier in Luxemburg (CHL) to the Dept NM of the Saarland University Medical Center for PET examination. The digital data are then sent from the Siemens PET camera to a PC connected to the LAN, and then to a FTP server (Healthnet). The data are similarly collected by a PC of the hospital network in Luxemburg, and transferred to a Hermes NM station. The Dicom PET data are converted on the fly to Interfile, displayed interactively as any other tomographic data, printed and available on the NM image server. Since 2001, the PET data are co-registered with whole-body CT data recorded at CHL according to a specific protocol (see other paper of this group). Now in 2002, we are busy implementing the co-registration of PET data and simulation CT data obtained from the Centre Baclesse (CFB, 25 km from CHL) for the treatment planning of brain tumours (input into an ADAC system). Furthermore, we plan to send the data (after deletion of their digital ID) to a (South African) university which does not yet dispose of a PET camera, to allow the training of their registrars. Results: For the end-user clinician at CHL and CFB , the PET data have the quality of 'live data', which can be examined interactively, along with other imaging

  19. Preparing South Africa for Cyber Crime and Cyber Defense

    Directory of Open Access Journals (Sweden)

    Marthie Grobler

    2013-10-01

    deal with making the civil community aware of Cyber Crime and provide a defense mechanism to assist governments from developing countries to prevent their countries to be used as targets or intermediary for either Cyber Crime or Cyber Warfare.

  20. You Outsource the Service but Not the Risk: Supply Chain Risk Management for the Cyber Security of Safety Critical Systems

    OpenAIRE

    Johnson, Chris W.

    2016-01-01

    Companies increasingly form interdependent relationships between contractors and sub-contractors that extend\\ud across national borders and legal jurisdictions. In consequence, supply chain risk management (SCRM) is an\\ud increasing concern for the cyber security of safety-critical systems. The following pages argue that outsourcing\\ud undermines SCRM by eroding technical expertise, which companies need to select and audit their suppliers. They\\ud are still held accountable when the failure o...

  1. On Cyber Warfare Command and Control Systems

    National Research Council Canada - National Science Library

    Howes, Norman R; Mezzino, Michael; Sarkesain, John

    2004-01-01

    .... Cyber warfare then becomes a one-sided battle where the attacker makes all the strikes and the target of the attack responds so slowly that the attacker usually gets away without being identified...

  2. Gamification for Measuring Cyber Security Situational Awareness

    Energy Technology Data Exchange (ETDEWEB)

    Fink, Glenn A.; Best, Daniel M.; Manz, David O.; Popovsky, V. M.; Endicott-Popovsky, Barbara E.

    2013-03-01

    Cyber defense competitions arising from U.S. service academy exercises, offer a platform for collecting data that can inform research that ranges from characterizing the ideal cyber warrior to describing behaviors during certain challenging cyber defense situations. This knowledge could lead to better preparation of cyber defenders in both military and civilian settings. This paper describes how one regional competition, the PRCCDC, a participant in the national CCDC program, conducted proof of concept experimentation to collect data during the annual competition for later analysis. The intent is to create an ongoing research agenda that expands on this current work and incorporates augmented cognition and gamification methods for measuring cybersecurity situational awareness under the stress of cyber attack.

  3. Audit to Target Food-Service Corporations

    Science.gov (United States)

    Shah, Nirvi

    2011-01-01

    The author reports on the U.S. Department of Agriculture's plan to look closely at whether the food-service-management companies running many school cafeterias are passing along all the discounts and rebates they receive from their suppliers to the districts that hire them. The plan to probe companies will begin in August, said Alison Decker, a…

  4. The cyber threat, trophy information and the fortress mentality.

    Science.gov (United States)

    Scully, Tim

    2011-10-01

    'It won't happen to me' is a prevalent mindset among senior executives in the private and public sectors when considering targeted cyber intrusions. This is exacerbated by the long-term adoption of a 'fortress mentality' towards cyber security, and by the attitude of many of our cyber-security professionals, who speak a different language when it comes to communicating cyber-security events to senior executives. The prevailing approaches to cyber security have clearly failed. Almost every week another serious, targeted cyber intrusion is reported, but reported intrusions are only the tip of the iceberg. Why have we got it so wrong? It must be acknowledged that cyber security is no longer the domain of cyber-security experts alone. Many more of us at various levels of leadership must understand, and be more deeply engaged in, the cyber-security challenge if we are to deal with the threat holistically and effectively. Governments cannot combat the cyber threat alone, particularly the so-called advanced persistent threat; they must work closely with industry as trusted partners. Industry will be the 'boots on the ground' in cyber security, but there are challenges to building this relationship, which must be based on sound principles.

  5. Cyber risk in banking

    OpenAIRE

    Linert, Jan

    2015-01-01

    The bachelor thesis deals with the cyber risk in banking industry. Its main goal is to stress the imporatance of cyber risk both verbally and numericaly and review the approach of banks to this risk. The first part of this thesis specifies what cyber risk is and how it fits among other operational risks, presents the common cyber-attacks and archetypes of cyber criminals, later it delves into the cyber risk in Czech Republic and at the end of this part it mentions the legislation that covers ...

  6. Information Assurance Cyber Ecology

    National Research Council Canada - National Science Library

    Jorgensen, Jane

    2003-01-01

    .... The goals of the Cyber Ecology project were to: (1) enable and demonstrate the discovery of noel IA technologies for the detection and mitigation of damage due to cyber attack through the application of ecological models, (2...

  7. National Cyber Security Policy

    Indian Academy of Sciences (India)

    National Cyber Security Policy. Salient Features: Caters to ... Creating a secure cyber ecosystem. Creating an assurance framework. Encouraging Open Standards. Strengthening the Regulatory framework. Creating mechanisms for security threat early warning, vulnerability management and response to security threats.

  8. Preventing and Coping Strategies for Cyber Bullying and Cyber Victimization

    OpenAIRE

    Erdinc Ozturk; Gizem Akcan

    2016-01-01

    Although there are several advantages of information and communication technologies, they cause some problems like cyber bullying and cyber victimization. Cyber bullying and cyber victimization have lots of negative effects on people. There are lots of different strategies to prevent cyber bullying and victimization. This study was conducted to provide information about the strategies that are used to prevent cyber bullying and cyber victimization. 120 (60 women, 60 men) university students w...

  9. [Segment analysis of the target market of physiotherapeutic services].

    Science.gov (United States)

    Babaskin, D V

    2010-01-01

    The objective of the present study was to demonstrate the possibilities to analyse selected segments of the target market of physiotherapeutic services provided by medical and preventive-facilities of two major types. The main features of a target segment, such as provision of therapeutic massage, are illustrated in terms of two characteristics, namely attractiveness to the users and the ability of a given medical facility to satisfy their requirements. Based on the analysis of portfolio of the available target segments the most promising ones (winner segments) were selected for further marketing studies. This choice does not exclude the possibility of involvement of other segments of medical services in marketing activities.

  10. Closing the Cyber Gap: Integrating Cross-Government Cyber Capabilities to Support the DHS Cyber Security Mission

    Science.gov (United States)

    2014-12-01

    identifies and eliminates the actors who seek to target our cyber 152 “2013 Data Breach Investigations Report,” Verizon Enterprise Solutions, accessed...future. 360 “2013 Data Breach Investigations Report,” Verizon Enterprise Solutions, accessed September 29, 2013, http://www.verizonenterprise.com/DBIR...critical system owners and worldwide cyber security teams.382 381 Data Breach on the Rise: Protecting Personal Information from Harm: Hearing

  11. Training the Cyber Warrior

    OpenAIRE

    Fulp, J.D.

    2003-01-01

    This paper suggests the major educational components of a curriculum that is designed to educate individuals for job assignments as Information Assurance professionals - also known as: cyber warriors. It suggests a minimum common body of knowledge for all cyber warriors along with two major specialization categories: cyber tacticians and cyber strategists. The paper describes the distinction between tactician and strategist and offers a rough outline of the education each should receive.

  12. Plethora of Cyber Forensics

    OpenAIRE

    N.Sridhar; Dr.D.Lalitha Bhaskari; Dr.P.S.Avadhani

    2011-01-01

    As threats against digital assets have risen and there is necessitate exposing and eliminating hidden risks and threats. The ability of exposing is called “cyber forensics.” Cyber Penetrators have adopted more sophistical tools and tactics that endanger the operations of the global phenomena. These attackers are also using anti-forensic techniques to hide evidence of a cyber crime. Cyber forensics tools must increase its toughness and counteract these advanced persistent threats. This paper f...

  13. Optimizing Active Cyber Defense

    OpenAIRE

    Lu, Wenlian; Xu, Shouhuai; Yi, Xinlei

    2016-01-01

    Active cyber defense is one important defensive method for combating cyber attacks. Unlike traditional defensive methods such as firewall-based filtering and anti-malware tools, active cyber defense is based on spreading "white" or "benign" worms to combat against the attackers' malwares (i.e., malicious worms) that also spread over the network. In this paper, we initiate the study of {\\em optimal} active cyber defense in the setting of strategic attackers and/or strategic defenders. Specific...

  14. Commercial and Industrial Cyber Espionage in Israel

    OpenAIRE

    Shahar Argaman; Gabi Siboni

    2014-01-01

    Cyberspace is especially suited to the theft of business information and to espionage. The accessibility of information, along with the ability to remain anonymous and cover one’s tracks, allows various entities to engage in the theft of valuable information, an act that can cause major damage. Israel, rich in advanced technology and a leader in innovation-based industries that rely on unique intellectual property, is a prime target for cyber theft and commercial cyber attacks. This article e...

  15. The Implications of Transnational Cyber Threats in International Humanitarian Law: Analysing the Distinction Between Cybercrime, Cyber Attack, and Cyber Warfare in the 21st Century

    Directory of Open Access Journals (Sweden)

    Faga Hemen Philip

    2017-06-01

    Full Text Available This paper is an attempt to draw distinctive lines between the concepts of cybercrime, cyber-attack, and cyber warfare in the current information age, in which it has become difficult to separate the activities of transnational criminals from acts of belligerents using cyberspace. The paper considers the implications of transnational cyber threats in international humanitarian law (IHL with a particular focus on cyber-attacks by non-state actors, the principles of state responsibility, and the implications of targeting non-state perpetrators under IHL. It concludes that current international law constructs are inadequate to address the implications of transnational cyber threats; the author recommends consequential amendments to the laws of war in order to address the challenges posed by transnational cyber threats.

  16. Recommendations on Future Operational Environments Command Control and Cyber Security

    OpenAIRE

    Goztepe, Kerim

    2015-01-01

    It is a well-known fact that today a nation's telecommunication networks, critical infrastructure, and information systems are vulnerable to growing number of attacks in cyberspace. Cyber space contains very different problems involving various sets of threats, targets and costs. Cyber security is not only problem of banking, communication or transportation. It also threatens core systems of army as command control. Some significant recommendations on command control (C2) and cyber security h...

  17. Cyber terrorism and cyber-crime – threats for cyber security

    OpenAIRE

    Ackoski, Jugoslav; Dojcinovski, Metodija

    2012-01-01

    This paper has aim to give contribution in supporting efforts against cyber threats recognized as a cyber terrorism and cyber crime. Also, it has aim to show future challenges related to cyber security and their emerging threats – cyber war, cyber terrorism and cyber crime. Accelerate weapon development called ICT (Information Communication Technology) which is developed every day faster and faster, and development of human conscious on higher level about consequences of ICT enormous pene...

  18. Establishing Cyber Warfare Doctrine

    Directory of Open Access Journals (Sweden)

    Andrew M. Colarik

    2012-01-01

    Full Text Available Over the past several decades, advances in technology have transformed communications and the ability to acquire, disseminate, and utilize information in a range of environments. Modern societies and their respective militaries have taken advantage of a robust information space through network-centric systems. Because military and commercial operations have increasingly converged, communication and information infrastructures are now high-priority military objectives in times of war. This article examines the theoretical underpinning of current cyber warfare research, what we have learned so far about its application, and some of the emerging themes to be considered; it also postulates the development of a (national cyber warfare doctrine (CWD. An endeavor of this scale requires lots of considerations and preparation for its development if it is to be cooperatively embraced. This article considers why information technology systems and their supporting infrastructures should be considered legitimate military targets in conflicts, and offers several events that support this supposition. In addition, it identifies the various forms of doctrine that will become the basis for developing a CWD, discusses a CWD's possible components, and proposes a national collaborative and discussion framework for obtaining a nation's stakeholder buy-in for such an endeavor.

  19. CYBER COUNSELING ASSISTED WITH FACEBOOK TO REDUCE ONLINE GAME ADDICTION

    Directory of Open Access Journals (Sweden)

    Hardi Prasetiawan

    2016-06-01

    Full Text Available Cyber counseling is divided into various shapes, one form is the use of facebook. Guidance and counseling teacher in schools can implement the cyber counseling assited with facebook to reduce online game addiction the students who are more likely to prefer to communicate by text relationship, and students who do not feel comfortable with counseling services by face to face. Problems of children who are addicted Online Games at school require a relief to effort with Group Counseling assited with facebook services for addressing and alleviating the problems experienced, both personal and social through cyber counseling. The positive impact of service delivery cyber counseling assited with facebook is not out of the role from well counselors as providers to service with the active role of students while finding information on social media like Facebook, so socializing continually needs to be implemented further Keyword : Cyber Counseling, Facebook, Online Game Addiction

  20. CYBER COUNSELING ASSISTED WITH FACEBOOK TO REDUCE ONLINE GAME ADDICTION

    Directory of Open Access Journals (Sweden)

    Hardi Prasetiawan

    2016-06-01

    Full Text Available Cyber counseling is divided into various shapes, one form is the use of facebook. Guidance and counseling teacher in schools can implement the cyber counseling assited with facebook to reduce online game addiction the students who are more likely to prefer to communicate by text relationship, and students who do not feel comfortable with counseling services by face to face. Problems of children who are addicted Online Games at school require a relief to effort with Group Counseling assited with facebook services for addressing and alleviating the problems experienced, both personal and social through cyber counseling. The positive impact of service delivery cyber counseling assited with facebook is not out of the role from well counselors as providers to service with the active role of students while finding information on social media like Facebook, so socializing continually needs to be implemented furtherKeyword : Cyber Counseling, Facebook, Online Game Addiction

  1. Cyber security issues imposed on nuclear power plants

    International Nuclear Information System (INIS)

    Kim, Do-Yeon

    2014-01-01

    Highlights: • Provide history of cyber attacks targeting at nuclear facilities. • Provide cyber security issues imposed on nuclear power plants. • Provide possible countermeasures for protecting nuclear power plants. - Abstract: With the introduction of new technology based on the increasing digitalization of control systems, the potential of cyber attacks has escalated into a serious threat for nuclear facilities, resulting in the advent of the Stuxnet. In this regard, the nuclear industry needs to consider several cyber security issues imposed on nuclear power plants, including regulatory guidelines and standards for cyber security, the possibility of Stuxnet-inherited malware attacks in the future, and countermeasures for protecting nuclear power plants against possible cyber attacks

  2. Defining Cyber and Focusing the Military’s Role in Cyberspace

    Science.gov (United States)

    2013-03-01

    Service (USSS) and the U.S. Immigration and Customs Enforcement (ICE) to investigate cyber criminals .7 DoD’s role is not only to defend its own...identify trends, tactics, techniques, and procedures that cyber criminals use so that if the same type of events meet the definition of cyber war, DoD

  3. Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

    International Nuclear Information System (INIS)

    Lee, Chanyoung; Seong, Poong Hyun

    2016-01-01

    estimate how much the system with cyber security enhancements is improved. The framework to quantify the extent of cyber security enhancement was proposed and implemented for the case study. In this case study, a target system for evaluating cyber security enhancement is the digital plant protection system (DPPS) which is a safety-critical I and C system of NPP. For the case study, an example of cyber security enhancement was suggested. Suggested cyber security enhancement was evaluated according to possible types of attacks on the target system using the proposed framework

  4. Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Chanyoung; Seong, Poong Hyun [KAIST, Daejeon (Korea, Republic of)

    2016-10-15

    possible to estimate how much the system with cyber security enhancements is improved. The framework to quantify the extent of cyber security enhancement was proposed and implemented for the case study. In this case study, a target system for evaluating cyber security enhancement is the digital plant protection system (DPPS) which is a safety-critical I and C system of NPP. For the case study, an example of cyber security enhancement was suggested. Suggested cyber security enhancement was evaluated according to possible types of attacks on the target system using the proposed framework.

  5. Cyberbully and Victim Experiences of Pre-service Teachers

    OpenAIRE

    Nilgün Tosun

    2016-01-01

    The aim of this study was to determine the prevalence of different types of cyber bullying, the ways in which cyber bullying occurred, whether the identity of cyber bullies were known, and reaction to being cyber bullied among pre-service teachers. Relationships between gender and likelihood of being a cyber bully/victim were also investigated. Using a questionnaire based on the Cyber Bully and Victim Scale developed by [1], males were found to engage in cyber bullying more than females. Cybe...

  6. Cyber Security : Home User's Perspective

    OpenAIRE

    Ikonen, Mikko

    2014-01-01

    Cyber security is important to understand for home users. New technology allows for new cyber threats to emerge and new solutions must be considered to counter them. Nearly every device is connected to the Internet and this opens new possibilities and threats to cyber security. This Bachelor's thesis explores the different aspects of cyber security and suggests solutions to different cyber security issues found. The different aspects of cyber security under research here include personal ...

  7. Cyber Epidemic Models with Dependences

    OpenAIRE

    Xu, Maochao; Da, Gaofeng; Xu, Shouhuai

    2016-01-01

    Studying models of cyber epidemics over arbitrary complex networks can deepen our understanding of cyber security from a whole-system perspective. In this paper, we initiate the investigation of cyber epidemic models that accommodate the {\\em dependences} between the cyber attack events. Due to the notorious difficulty in dealing with such dependences, essentially all existing cyber epidemic models have assumed them away. Specifically, we introduce the idea of Copulas into cyber epidemic mode...

  8. Cyber space bullying

    Directory of Open Access Journals (Sweden)

    Popović-Ćitić Branislava

    2009-01-01

    Full Text Available Cyber space bullying is a relatively new phenomenon that has received increased attention by scientists, researchers and practitioners in recent years. It is usually defined as an intentionally and repeatedly expression of aggression towards other people through information and communication technologies. Cyber space bullying is characterized by all the primary characteristics of traditional bullying and some specifics ones that clearly differ it from other forms of bullying. In addition to the analysis of characteristics and specifics of cyber space bullying, the paper describes the basic forms of cyber space bullying (flaming, harassment, denigration, impersonation, outing, trickery, exclusion, stalking and happy slapping, as well as, the types of cyber space bullies (vengeful angel, power-hungry, revenge of the nerd, mean girls and inadvertent. The main goal of this paper is to provide initial theoretical guidelines for designing future empirical research on the complex phenomenon of cyber space bullying.

  9. Multiple hypothesis tracking for the cyber domain

    Science.gov (United States)

    Schwoegler, Stefan; Blackman, Sam; Holsopple, Jared; Hirsch, Michael J.

    2011-09-01

    This paper discusses how methods used for conventional multiple hypothesis tracking (MHT) can be extended to domain-agnostic tracking of entities from non-kinematic constraints such as those imposed by cyber attacks in a potentially dense false alarm background. MHT is widely recognized as the premier method to avoid corrupting tracks with spurious data in the kinematic domain but it has not been extensively applied to other problem domains. The traditional approach is to tightly couple track maintenance (prediction, gating, filtering, probabilistic pruning, and target confirmation) with hypothesis management (clustering, incompatibility maintenance, hypothesis formation, and Nassociation pruning). However, by separating the domain specific track maintenance portion from the domain agnostic hypothesis management piece, we can begin to apply the wealth of knowledge gained from ground and air tracking solutions to the cyber (and other) domains. These realizations led to the creation of Raytheon's Multiple Hypothesis Extensible Tracking Architecture (MHETA). In this paper, we showcase MHETA for the cyber domain, plugging in a well established method, CUBRC's INFormation Engine for Real-time Decision making, (INFERD), for the association portion of the MHT. The result is a CyberMHT. We demonstrate the power of MHETA-INFERD using simulated data. Using metrics from both the tracking and cyber domains, we show that while no tracker is perfect, by applying MHETA-INFERD, advanced nonkinematic tracks can be captured in an automated way, perform better than non-MHT approaches, and decrease analyst response time to cyber threats.

  10. Data Intensive Architecture for Scalable Cyber Analytics

    Energy Technology Data Exchange (ETDEWEB)

    Olsen, Bryan K.; Johnson, John R.; Critchlow, Terence J.

    2011-12-19

    Cyber analysts are tasked with the identification and mitigation of network exploits and threats. These compromises are difficult to identify due to the characteristics of cyber communication, the volume of traffic, and the duration of possible attack. In this paper, we describe a prototype implementation designed to provide cyber analysts an environment where they can interactively explore a month’s worth of cyber security data. This prototype utilized On-Line Analytical Processing (OLAP) techniques to present a data cube to the analysts. The cube provides a summary of the data, allowing trends to be easily identified as well as the ability to easily pull up the original records comprising an event of interest. The cube was built using SQL Server Analysis Services (SSAS), with the interface to the cube provided by Tableau. This software infrastructure was supported by a novel hardware architecture comprising a Netezza TwinFin® for the underlying data warehouse and a cube server with a FusionIO drive hosting the data cube. We evaluated this environment on a month’s worth of artificial, but realistic, data using multiple queries provided by our cyber analysts. As our results indicate, OLAP technology has progressed to the point where it is in a unique position to provide novel insights to cyber analysts, as long as it is supported by an appropriate data intensive architecture.

  11. A Cyber Pearl Harbor

    Science.gov (United States)

    2016-02-03

    door for an attack. These medium-potential cyber tools can present the pathway to espionage or attack when weaponized.18 It is important to...facilitate espionage or up to and including destruction of the system.27 Cyber attack falls on the right end of the spectrum. Before the definition for...warfare or war. Congruent with international laws on war, there is delineation between an act of espionage and act of war. Advancements in cyber

  12. Cyber-bombing ISIS

    DEFF Research Database (Denmark)

    Ringsmose, Jens; Teglskov Jacobsen, Jeppe

    2017-01-01

    It has become a conventional wisdom in strategic studies that the development and use of cyber weapons should be kept secret, as the effectiveness of these tools is dependent on opponents being unaware of a particular cyber weapon’s characteristics. Why, then, has the US military repeatedly publi...... the enemy’s trust in his own IT-infrastructure, and command and control systems, (3) signal “cyber strength” to third parties, and (4) establish norms regarding how to use cyber weapons in accordance with International Humanitarian Law....

  13. Cyberbully and Victim Experiences of Pre-Service Teachers

    Science.gov (United States)

    Tosun, Nilgün

    2016-01-01

    The aim of this study was to determine the prevalence of different types of cyber bullying, the ways in which cyber bullying occurred, whether the identity of cyber bullies were known, and reaction to being cyber bullied among pre-service teachers. Relationships between gender and likelihood of being a cyber bully/victim were also investigated.…

  14. Cyber Insurance - Managing Cyber Risk

    Science.gov (United States)

    2015-04-01

    disaster response plans, how employees and others access data systems, and at a minimum, the antivirus and anti- malware software used by the business, the...a policy for insuring data stored in the cloud.[5] Typically, businesses that install or ser- vice software or networks or provide IT consulting for...security, and privacy. Errors and omissions covers claims related to performance of services such as software development or consulting services

  15. Security Pricing as an Enabler of Cyber-Insurance: A First Look at Differentiated Pricing Markets

    OpenAIRE

    Pal, Ranjan; Golubchik, Leana; Psounis, Konstantinos; Hui, Pan

    2016-01-01

    Despite the promising potential of network risk management services (e.g., cyber-insurance) to improve information security, their deployment is relatively scarce, primarily due to such service companies being unable to guarantee profitability. As a novel approach to making cyber-insurance services more viable, we explore a symbiotic relationship between security vendors (e.g., Symantec) capable of price differentiating their clients, and cyber-insurance agencies having possession of informat...

  16. SASTRA CYBER DI INDONESIA

    Directory of Open Access Journals (Sweden)

    Laily Fitriani

    2011-10-01

    Full Text Available The digital era started when the internet technology spread to the developing countries including Indonesia. The flourish of cyber literature leads to the debate on the quality of the work of literature. Above all, the existence of literature sites (cyber literature becomes an important alternative for writers and literary activist in Indonesia.

  17. Definitions of Cyber Terrorism

    NARCIS (Netherlands)

    Luiijf, H.A.M.

    2014-01-01

    The phrase cyber terror appeared for the first time in the mid-eighties. According to several sources, Barry C. Collin, a senior person research fellow of the Institute for Security and Intelligence in California, defined cyber terror at that time as “the convergence of cybernetics and terrorism”—an

  18. Cyber Crime & Cyber War – "Part of the Game": Cyber Security, Quo Vadis?

    OpenAIRE

    Karl H. Stingeder

    2015-01-01

    Welche Rolle spielt Cyber Crime gegenwärtig? Was unterscheidet Cyber Crime von Cyber War? Wie muss Cyber Security gestaltet sein, um effektiven Schutz nachhaltig zu gewährleisten? Cyber Crime-Aktivitäten kennzeichnen sich häufig durch eine einfache Zugänglichkeit von betrügerischem Know-How und technischen Hilfsmitteln. Bedingt durch eine schleppende und mangelhafte Umsetzung von koordinierten Gegenmaßnahmen, resultieren Cyber-Delikte in einem Low-Risk und High-Reward Szenario für Cyber-Krimi...

  19. Cyber crime and cyber warfare with international cyber collaboration for RSA – preparing communities

    CSIR Research Space (South Africa)

    Grobler, M

    2012-03-01

    Full Text Available aspects come into play that may have an influence on the manner in which the military reacts to cyber attacks (Wilson 2007): ? new national security policy issues; ? consideration of psychological operations used to affect friendly nations... relationship between modern cyber space, cyber warfare and traditional legislation. As a starting point, cyber warfare is defined for the purpose of this article as the use of exploits in cyber space as a way to intentionally cause harm to people, assets...

  20. Finding Malicious Cyber Discussions in Social Media

    Science.gov (United States)

    2015-12-11

    automatically filter cyber discussions from Stack Exchange, Reddit, and Twitter posts written in English. Criminal hackers often use social media...monitoring hackers on Facebook and in private chat rooms. As a result, system administrators were prepared to counter distributed denial-of-service

  1. A Neuroimaging Web Services Interface as a Cyber Physical System for Medical Imaging and Data Management in Brain Research: Design Study.

    Science.gov (United States)

    Lizarraga, Gabriel; Li, Chunfei; Cabrerizo, Mercedes; Barker, Warren; Loewenstein, David A; Duara, Ranjan; Adjouadi, Malek

    2018-04-26

    Structural and functional brain images are essential imaging modalities for medical experts to study brain anatomy. These images are typically visually inspected by experts. To analyze images without any bias, they must be first converted to numeric values. Many software packages are available to process the images, but they are complex and difficult to use. The software packages are also hardware intensive. The results obtained after processing vary depending on the native operating system used and its associated software libraries; data processed in one system cannot typically be combined with data on another system. The aim of this study was to fulfill the neuroimaging community’s need for a common platform to store, process, explore, and visualize their neuroimaging data and results using Neuroimaging Web Services Interface: a series of processing pipelines designed as a cyber physical system for neuroimaging and clinical data in brain research. Neuroimaging Web Services Interface accepts magnetic resonance imaging, positron emission tomography, diffusion tensor imaging, and functional magnetic resonance imaging. These images are processed using existing and custom software packages. The output is then stored as image files, tabulated files, and MySQL tables. The system, made up of a series of interconnected servers, is password-protected and is securely accessible through a Web interface and allows (1) visualization of results and (2) downloading of tabulated data. All results were obtained using our processing servers in order to maintain data validity and consistency. The design is responsive and scalable. The processing pipeline started from a FreeSurfer reconstruction of Structural magnetic resonance imaging images. The FreeSurfer and regional standardized uptake value ratio calculations were validated using Alzheimer’s Disease Neuroimaging Initiative input images, and the results were posted at the Laboratory of Neuro Imaging data archive. Notable

  2. Targeted In-service Inspections Using Risk Insights

    International Nuclear Information System (INIS)

    Kulat, S.; Montgomery, B.; Robin Graybeal, M.

    2012-01-01

    This paper includes a discussion of the historical background and rationale for development of a targeted In-service Inspection (ISI) program using risk insights, known as Risk-Informed In-service Inspection (RI-ISI). RI-ISI programs are optimized inspection programs which target specific welds for inspection based upon potential degradation mechanisms and consequences of failure. Inspections are performed on those welds that are the highest contributors to plant risk. Additionally the inspections are tailored to detect the specific postulated degradation mechanisms. As a result, the numbers of inspections are reduced along with the associated cost and radiation exposure, while maintaining or improving the level of quality and safety. Provided in this paper are the basic principles of RI-ISI program development, and a summary of the impact of the implementation of such programs. For example, implementation of a Risk-Informed In-service Inspection program results in a reduction of both cost and radiation exposure. Cost savings are estimated at between USD 1,000,000 and USD 2,300,000 per unit per ten year interval for a Class 1 and2 RI-ISI application. Cost savings are estimated based on average cost per weld of USD 7600 for examination, including the following activities: erection and removal of scaffolding, removal and replacement of insulation, removal and replacement of interferences, weld preparation, examination, documentation, craft support. Reduction in radiation exposure is estimated at 75% to 90% for a Class 1 and2 RI-ISI application. Reduction in radiation exposure is due to the following factors: number of welds selected for examination decreases by 60% to 75%, surface examinations essentially eliminated, within a given risk category, welds can be selected for examination based on additional factors such as the minimization of radiation exposure.(author).

  3. Cyber-Victimized Students

    Directory of Open Access Journals (Sweden)

    Kaitlyn N. Ryan

    2013-12-01

    Full Text Available Bullying is a common topic in the media and academic settings. Teachers are regularly expected to provide curriculum and intervene regarding all forms of bullying, including cyber-bullying. Altering the behaviors of those who bully is often the focus of interventions, with less attention being placed on victim impact. The purpose of this article was to provide educators with a review of evidence regarding the occurrence, impact, and interventions for victims of cyber-bullying. Evidence reveals that cyber-bullying can have emotional, social, and academic impacts but that there are very few documented, and even fewer evidence-based, programs for victims of cyber-bullying. We conclude by proposing that school-wide programs and support be developed and provided to victims.

  4. Cyber space bullying

    OpenAIRE

    Popović-Ćitić Branislava

    2009-01-01

    Cyber space bullying is a relatively new phenomenon that has received increased attention by scientists, researchers and practitioners in recent years. It is usually defined as an intentionally and repeatedly expression of aggression towards other people through information and communication technologies. Cyber space bullying is characterized by all the primary characteristics of traditional bullying and some specifics ones that clearly differ it from other forms of bullying. In addition to t...

  5. Operationalizing Army Cyber

    Science.gov (United States)

    2013-03-01

    killed just under 3,000 people and cost the U.S. economy somewhere between three and five trillion dollars. The Japanese attacked with a state... economy , and military readiness. The challenge is to design an Army Cyber force that can support the United States Cyber Command (USCYBERCOM) national...still keeps the intelligence and signal functions separate in most units today from battalion to echelon above Corps ( EAC ). There are many past reasons

  6. Cyber Defense Management

    Science.gov (United States)

    2016-09-01

    of market capitalization after a cyber security incident Financial Geer, 2001 Gordon and Loeb, 2005 Willemson, 2006 Determine the return on security...thoughtheir vulnerability may be less. That is because the return on investment for protecting agiven information set is a function both of its vulnerability...can ensure that it is investing properly to provide cyber resilience to its systems. The study investigated ways to inform future investment

  7. Cyber Deterrence and Stability

    Energy Technology Data Exchange (ETDEWEB)

    Goychayev, Rustam [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Carr, Geoffrey A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Weise, Rachel A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Donnelly, David A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Clements, Samuel L. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Benz, Jacob M. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Rodda, Kabrena E. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Bartholomew, Rachel A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); McKinnon, Archibald D. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Andres, Richard B. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States)

    2017-09-30

    Throughout the 20th and early 21st centuries, deterrence and arms control have been cornerstones of strategic stability between the superpowers. However, the weaponization of the cyber realm by State actors and the multipolar nature of cyber conflict now undermines that stability. Strategic stability is the state in which nations believe that if they act aggressively to undermine U.S. national interests and the post-World War II liberal democratic order, the consequences will outweigh the benefits. The sense of lawlessness and lack of consequences in the cyber realm embolden States to be more aggressive in taking actions that undermine stability. Accordingly, this paper examines 1) the role of deterrence and arms control in securing cyber stability, and 2) the limitations and challenges associated with these traditional national security paradigms as applied to this emerging threat domain. This paper demonstrates that many 20th-century deterrence and arms control concepts are not particularly applicable in the cyber realm. However, they are not entirely irrelevant. The United States can distill lessons learned from this rich deterrence and arms control experience to develop and deploy a strategy to advance cyber stability.

  8. Metaphors for cyber security.

    Energy Technology Data Exchange (ETDEWEB)

    Moore, Judy Hennessey; Parrott, Lori K.; Karas, Thomas H.

    2008-08-01

    This report is based upon a workshop, called 'CyberFest', held at Sandia National Laboratories on May 27-30, 2008. Participants in the workshop came from organizations both outside and inside Sandia. The premise of the workshop was that thinking about cyber security from a metaphorical perspective could lead to a deeper understanding of current approaches to cyber defense and perhaps to some creative new approaches. A wide range of metaphors was considered, including those relating to: military and other types of conflict, biological, health care, markets, three-dimensional space, and physical asset protection. These in turn led to consideration of a variety of possible approaches for improving cyber security in the future. From the proposed approaches, three were formulated for further discussion. These approaches were labeled 'Heterogeneity' (drawing primarily on the metaphor of biological diversity), 'Motivating Secure Behavior' (taking a market perspective on the adoption of cyber security measures) and 'Cyber Wellness' (exploring analogies with efforts to improve individual and public health).

  9. Cyber Crime & Cyber War – "Part of the Game": Cyber Security, Quo Vadis?

    Directory of Open Access Journals (Sweden)

    Karl H. Stingeder

    2015-09-01

    Full Text Available Welche Rolle spielt Cyber Crime gegenwärtig? Was unterscheidet Cyber Crime von Cyber War? Wie muss Cyber Security gestaltet sein, um effektiven Schutz nachhaltig zu gewährleisten? Cyber Crime-Aktivitäten kennzeichnen sich häufig durch eine einfache Zugänglichkeit von betrügerischem Know-How und technischen Hilfsmitteln. Bedingt durch eine schleppende und mangelhafte Umsetzung von koordinierten Gegenmaßnahmen, resultieren Cyber-Delikte in einem Low-Risk und High-Reward Szenario für Cyber-Kriminelle. Je organisierter und spezialisierter ein Cyber-Crime-Netzwerk gestaltet ist, desto größer wird das Schadenspotenzial. Cyber Crime ist der Überbegriff für betrügerische Aktivitäten über das Internet. Diese stützen sich auf das Vorbild von "traditionellen" Offline-Kriminalitätsverhaltensmustern, welche durch das technologische Spektrum des Internets einfach zugänglich sind. Nichtsdestoweniger ist es die technische Ausführung der Delikte, die ein wesentliches Unterscheidungsmerkmal zwischen Online- und Offline-Betrug bildet. Auch steht die für organisierte, kriminelle Verbindungen, so auch für Regierungen oder Terrororganisationen geringere Hemmschwelle für eine militärische Instrumentalisierung des Internets im Brennpunkt von Cyber Security. Erfolgen Cyber Crime Aktivitäten unter dem Anspruch der Verfolgung politischer Ziele, sprechen wir von Cyber War. Nachhaltige, gegen Cyber Crime und Cyber War gerichtete Cyber Security-Maßnahmen finden in einem hochdynamischen Umfeld statt. Cyber-Kriminelle sind im Regelfall logistisch und finanziell gut ausgestattet. Viele werden von Regierungen unterstützt. Cyber Crime-Player verfügen über weitreichende technische Fähigkeiten, sodass sie maßgeschneiderte Schadprogramme (Malware für ihre Ziele entwickeln können. Aktuell fehlt vielen Unternehmen und öffentlichen Institutionen das Bewusstsein für die Notwendigkeit von Abwehrsystemen. Ein Cyber Security-Fokus auf Pr

  10. Enhanced clinical pharmacy service targeting tools: risk-predictive algorithms.

    Science.gov (United States)

    El Hajji, Feras W D; Scullin, Claire; Scott, Michael G; McElnay, James C

    2015-04-01

    This study aimed to determine the value of using a mix of clinical pharmacy data and routine hospital admission spell data in the development of predictive algorithms. Exploration of risk factors in hospitalized patients, together with the targeting strategies devised, will enable the prioritization of clinical pharmacy services to optimize patient outcomes. Predictive algorithms were developed using a number of detailed steps using a 75% sample of integrated medicines management (IMM) patients, and validated using the remaining 25%. IMM patients receive targeted clinical pharmacy input throughout their hospital stay. The algorithms were applied to the validation sample, and predicted risk probability was generated for each patient from the coefficients. Risk threshold for the algorithms were determined by identifying the cut-off points of risk scores at which the algorithm would have the highest discriminative performance. Clinical pharmacy staffing levels were obtained from the pharmacy department staffing database. Numbers of previous emergency admissions and admission medicines together with age-adjusted co-morbidity and diuretic receipt formed a 12-month post-discharge and/or readmission risk algorithm. Age-adjusted co-morbidity proved to be the best index to predict mortality. Increased numbers of clinical pharmacy staff at ward level was correlated with a reduction in risk-adjusted mortality index (RAMI). Algorithms created were valid in predicting risk of in-hospital and post-discharge mortality and risk of hospital readmission 3, 6 and 12 months post-discharge. The provision of ward-based clinical pharmacy services is a key component to reducing RAMI and enabling the full benefits of pharmacy input to patient care to be realized. © 2014 John Wiley & Sons, Ltd.

  11. Major Cyber threat on Nuclear Facility and Key Entry Points of Malicious Codes

    Energy Technology Data Exchange (ETDEWEB)

    Shin, Ickhyun; Kwon, Kookheui [Korea Institute of Nuclear Nonproliferation and Control, Daejeon (Korea, Republic of)

    2013-05-15

    Cyber security incident explicitly shows that the domestic intra net system which is not connected to the Internet can be compromised by the USB based mal ware which was developed by the state-sponsored group. It also tells that the actor for cyber-attack has been changed from script kiddies to state's governments and the target has been changed to nation's main infrastructures such as electricity, transportation and etc. Since the cyber sabotage on nuclear facility has been proven to be possible and can be replicated again with same method, the cyber security on nuclear facility must be strengthened. In this paper, it is explained why the malicious code is the one of the biggest cyber threat in nuclear facility's digital I and C(Instrumentation and Controls) system by analyzing recent cyber attacks and well-known malicious codes. And a feasible cyber attack scenario on nuclear facility's digital I and C system is suggested along with some security measures for prevention of malicious code. As experienced from the cyber sabotage on Iranian nuclear facility in 2010, cyber attack on nuclear facility can be replicated by infecting the computer network with malicious codes. One of the cyber attack scenario on nuclear digital I and C computer network with using malicious code was suggested to help security manager establishing cyber security plan for prevention of malicious code. And some security measures on prevention of malicious code are also provided for reference.

  12. Major Cyber threat on Nuclear Facility and Key Entry Points of Malicious Codes

    International Nuclear Information System (INIS)

    Shin, Ickhyun; Kwon, Kookheui

    2013-01-01

    Cyber security incident explicitly shows that the domestic intra net system which is not connected to the Internet can be compromised by the USB based mal ware which was developed by the state-sponsored group. It also tells that the actor for cyber-attack has been changed from script kiddies to state's governments and the target has been changed to nation's main infrastructures such as electricity, transportation and etc. Since the cyber sabotage on nuclear facility has been proven to be possible and can be replicated again with same method, the cyber security on nuclear facility must be strengthened. In this paper, it is explained why the malicious code is the one of the biggest cyber threat in nuclear facility's digital I and C(Instrumentation and Controls) system by analyzing recent cyber attacks and well-known malicious codes. And a feasible cyber attack scenario on nuclear facility's digital I and C system is suggested along with some security measures for prevention of malicious code. As experienced from the cyber sabotage on Iranian nuclear facility in 2010, cyber attack on nuclear facility can be replicated by infecting the computer network with malicious codes. One of the cyber attack scenario on nuclear digital I and C computer network with using malicious code was suggested to help security manager establishing cyber security plan for prevention of malicious code. And some security measures on prevention of malicious code are also provided for reference

  13. Developing the cyber victimisation experiences and cyber bullying behaviours scales

    OpenAIRE

    Betts, LR; Spenser, KA

    2017-01-01

    The reported prevalence rates of cyber victimisation experiences and cyber bullying behaviours vary. Part of this variation is likely due to the diverse definitions and operationalisations of the constructs adopted in previous research and the lack of psychometrically robust measures. Through two studies, the current research developed (Study 1) and evaluated (Study 2) the cyber victimisation experiences and cyber bullying behaviours scales. In Study 1 393 (122 male, 171 female), and in Study...

  14. Establishing a Cyber Warrior Force

    National Research Council Canada - National Science Library

    Tobin, Scott

    2004-01-01

    Cyber Warfare is widely touted to be the next generation of warfare. As America's reliance on automated systems and information technology increases, so too does the potential vulnerability to cyber attack...

  15. CENTER FOR CYBER SECURITY STUDIES

    Data.gov (United States)

    Federal Laboratory Consortium — The mission of the Center for Cyber Security Studies is to enhance the education of midshipmen in all areas of cyber warfare, to facilitate the sharing of expertise...

  16. Situational awareness of a coordinated cyber attack

    Science.gov (United States)

    Sudit, Moises; Stotz, Adam; Holender, Michael

    2005-03-01

    As technology continues to advance, services and capabilities become computerized, and an ever increasing amount of business is conducted electronically the threat of cyber attacks gets compounded by the complexity of such attacks and the criticality of the information which must be secured. A new age of virtual warfare has dawned in which seconds can differentiate between the protection of vital information and/or services and a malicious attacker attaining their goal. In this paper we present a novel approach in the real-time detection of multistage coordinated cyber attacks and the promising initial testing results we have obtained. We introduce INFERD (INformation Fusion Engine for Real-time Decision-making), an adaptable information fusion engine which performs fusion at levels zero, one, and two to provide real-time situational assessment and its application to the cyber domain in the ECCARS (Event Correlation for Cyber Attack Recognition System) system. The advantages to our approach are fourfold: (1) The complexity of the attacks which we consider, (2) the level of abstraction in which the analyst interacts with the attack scenarios, (3) the speed at which the information fusion is presented and performed, and (4) our disregard for ad-hoc rules or a priori parameters.

  17. Cyber Attacks and Combat Behavior

    Directory of Open Access Journals (Sweden)

    Carataș Maria Alina

    2017-01-01

    Full Text Available Cyber terrorism is an intangible danger, a real over the corner threat in the life of individuals,organizations, and governments and is getting harder to deal with its damages. The motivations forthe cyber-attacks are different, depending on the terrorist group, from cybercrime to hacktivism,attacks over the authorities’ servers. Organizations constantly need to find new ways ofstrengthening protection against cyber-attacks, assess their cyber readiness, expand the resiliencecapacity and adopts international security regulations.

  18. Special Operations And Cyber Warfare

    Science.gov (United States)

    2016-12-01

    Cyber weapons have multiple functions and can be used for espionage or OPE. It is important to highlight the similarities between the intelligence...James Clapper, Director of National Intelligence, emphasized the importance of cyber operations as he identified cyber as the third major hazard facing...support the development of the capacity and capability of foreign security forces and their supporting institutions.”52 The DOD’s Cyber Strategy states

  19. Maritime Cyber Security University Research

    Science.gov (United States)

    2016-05-01

    i Classification | CG-926 RDC | author | audience | month year Maritime Cyber Security University Research Phase I - Final Report...Distribution Statement A: Approved for public release; distribution is unlimited. May 2016 Report No. CG-D-06-16 Maritime Cyber Security...Director United States Coast Guard Research & Development Center 1 Chelsea Street New London, CT 06320 Maritime Cyber Security University

  20. CYBER COUNSELING ASSISTED WITH FACEBOOK TO REDUCE ONLINE GAME ADDICTION

    OpenAIRE

    Hardi Prasetiawan; Hardi Prasetiawan

    2016-01-01

    Cyber counseling is divided into various shapes, one form is the use of facebook. Guidance and counseling teacher in schools can implement the cyber counseling assited with facebook to reduce online game addiction the students who are more likely to prefer to communicate by text relationship, and students who do not feel comfortable with counseling services by face to face. Problems of children who are addicted Online Games at school require a relief to effort with Group Counseling assited wi...

  1. Cyber Deterrence: The Wrong Question for the Wrong Problem

    Science.gov (United States)

    2018-04-20

    eye. Cyber thrusts. parries, and ripostes occur at speeds only artificial intelligence can truly monitor. But humans do retain an advantage in...fallen to various entities spread across the government spanning services, agencies, offices, and directorates. Despite the citation of cybersecurity as...Staff for an Executive Branch Cybersecurity Coordinator, a fully realized national cyber strategy remains elusive.3 A leading reason that effective

  2. Preparing South Africa for cyber crime and cyber defense

    CSIR Research Space (South Africa)

    Grobler, M

    2013-01-01

    Full Text Available revolution on cybercrime and cyber defense in a developing country and will evaluate the relevant South African legislation. It will also look at the influence of cyber defense on the international position of the South African Government. South Africa... legislation and a lack of cyber defense mechanisms. As a starting point, cyber warfare for the purpose of this article is defined as the use of exploits in cyber space as a way to intentionally cause harm to people, assets or economies (Owen 2008). It can...

  3. CyberGIS software: a synthetic review and integration roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Wang, Shaowen [University of Illinois, Urbana-Champaign; Anselin, Luc [Arizona State University; Bhaduri, Budhendra L [ORNL; Cosby, Christopher [University Navstar Consortium, Boulder, CO; Goodchild, Michael [University of California, Santa Barbara; Liu, Yan [University of Illinois, Urbana-Champaign; Nygers, Timothy L. [University of Washington, Seattle

    2013-01-01

    CyberGIS defined as cyberinfrastructure-based geographic information systems (GIS) has emerged as a new generation of GIS representing an important research direction for both cyberinfrastructure and geographic information science. This study introduces a 5-year effort funded by the US National Science Foundation to advance the science and applications of CyberGIS, particularly for enabling the analysis of big spatial data, computationally intensive spatial analysis and modeling (SAM), and collaborative geospatial problem-solving and decision-making, simultaneously conducted by a large number of users. Several fundamental research questions are raised and addressed while a set of CyberGIS challenges and opportunities are identified from scientific perspectives. The study reviews several key CyberGIS software tools that are used to elucidate a vision and roadmap for CyberGIS software research. The roadmap focuses on software integration and synthesis of cyberinfrastructure, GIS, and SAM by defining several key integration dimensions and strategies. CyberGIS, based on this holistic integration roadmap, exhibits the following key characteristics: high-performance and scalable, open and distributed, collaborative, service-oriented, user-centric, and community-driven. As a major result of the roadmap, two key CyberGIS modalities gateway and toolkit combined with a community-driven and participatory approach have laid a solid foundation to achieve scientific breakthroughs across many geospatial communities that would be otherwise impossible.

  4. A Cyber Security Risk Assessment of Hospital Infrastructure including TLS/SSL and other Threats

    OpenAIRE

    Millar, Stuart

    2016-01-01

    Cyber threats traditionally target governments, financial institutions and businesses. However, of growing concern is the threat to healthcare organizations. This study conducts a cyber security risk assessment of a theoretical hospital environment, to include TLS/SSL, which is an encryption protocol for network communications, plus other physical, logical and human threats. Despite significant budgets in the UK for the NHS, the spend on cyber security appears worryingly low and many hospital...

  5. On Cyber Risk Management of Blockchain Networks: A Game Theoretic Approach

    OpenAIRE

    Feng, Shaohan; Wang, Wenbo; Xiong, Zehui; Niyato, Dusit; Wang, Ping; Wang, Shaun Shuxun

    2018-01-01

    Open-access blockchains based on proof-of-work protocols have gained tremendous popularity for their capabilities of providing decentralized tamper-proof ledgers and platforms for data-driven autonomous organization. Nevertheless, the proof-of-work based consensus protocols are vulnerable to cyber-attacks such as double-spending. In this paper, we propose a novel approach of cyber risk management for blockchain-based service. In particular, we adopt the cyber-insurance as an economic tool for...

  6. NATO’s Options for Defensive Cyber Against Non-State Actors

    Science.gov (United States)

    2013-04-01

    services to cyber criminals and hacker patriots.”33 The FSB had maintained an unsavory relationship with hackers since the early 1990s; 9 Oleg...responsibility under international law to stop the DDOS being facilitated by botnet controllers located within its geographic borders, and prosecute the cyber ... criminals involved. “Rule 5” of the Tallinn Manual addresses the cyber responsibility of a nation-state: “A State shall not knowingly allow the

  7. Cyber threat metrics.

    Energy Technology Data Exchange (ETDEWEB)

    Frye, Jason Neal; Veitch, Cynthia K.; Mateski, Mark Elliot; Michalski, John T.; Harris, James Mark; Trevino, Cassandra M.; Maruoka, Scott

    2012-03-01

    Threats are generally much easier to list than to describe, and much easier to describe than to measure. As a result, many organizations list threats. Fewer describe them in useful terms, and still fewer measure them in meaningful ways. This is particularly true in the dynamic and nebulous domain of cyber threats - a domain that tends to resist easy measurement and, in some cases, appears to defy any measurement. We believe the problem is tractable. In this report we describe threat metrics and models for characterizing threats consistently and unambiguously. The purpose of this report is to support the Operational Threat Assessment (OTA) phase of risk and vulnerability assessment. To this end, we focus on the task of characterizing cyber threats using consistent threat metrics and models. In particular, we address threat metrics and models for describing malicious cyber threats to US FCEB agencies and systems.

  8. A framework for cyber security test

    International Nuclear Information System (INIS)

    Han, Kyungsoo; Song, Jaegu; Jung, Sungmin; Lee, Jungwoon; Lee, Cheolkwon

    2014-01-01

    The person in charge of I and C cyber security must not only perform real-time security inspections but also have the capabilities for performing vulnerability scanning and penetration testing, in order for vulnerability assessment. Vulnerability scanning and penetration testing are intended to find vulnerabilities in a digital system in order to make it more secure, and to determine whether it is vulnerable to attacks. In the IT sector, automated vulnerability scanning and penetration testing tools are being developed and continually researched. However, for a NPP I and C systems in which the method of communication is mixed (TCP/IP and serial), it is difficult to use the existing tools. This paper describes the penetration test framework for the IT sector, which is one of the cyber security test methods available. It concludes by discussing the need to develop a new penetration method for performing cyber security testing for NPP I and C systems, as well as the need for the NPP I and C test-bed. Security vulnerabilities need to be identified and continuously managed through vulnerability scans and assessments. For known vulnerabilities, the vulnerabilities of the target system can be periodically managed via a vulnerability database. These activities such as fuzzing, penetration testing, etc. must not affect the availability or the integrity of the NPP I and C systems. It is desired that a NPP I and C cyber security test-bad environment that exactly models the actual system must be first constructed and then penetration testing done

  9. Internet Governance amp Cyber Crimes In UAE

    Directory of Open Access Journals (Sweden)

    Ayesha Al Neyadi

    2015-08-01

    Full Text Available Abstract Most people in UAE dont feel safe while they are use the Internet because most internet users have been a victim for cyber crime. Cyber crime threat rate has increased which has targeted on citizen privacy property and governments also the reputation problems. There are many criminal activities such as indecent acts Copyright issues Terrorist Acts State security and Contempt of religion. Cyber crimes due to several reasons such as they have lack of social intelligence they are being greedy and not being content also some of them have financial troubles these reasons usually exploited by criminals. Thus the decree will be a punishment or criminalizes formally on any person who using any kind of information technology and any others private life to blackmail or to threaten others online. In addition at the present time with the most detailed new cybercrime law that can be used to prove found guilty. As well the author discusses that the new cyber-crime law provides protection of personal information including banking information credit cards and electronic payment information.

  10. A framework for cyber security test

    Energy Technology Data Exchange (ETDEWEB)

    Han, Kyungsoo; Song, Jaegu; Jung, Sungmin; Lee, Jungwoon; Lee, Cheolkwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2014-05-15

    The person in charge of I and C cyber security must not only perform real-time security inspections but also have the capabilities for performing vulnerability scanning and penetration testing, in order for vulnerability assessment. Vulnerability scanning and penetration testing are intended to find vulnerabilities in a digital system in order to make it more secure, and to determine whether it is vulnerable to attacks. In the IT sector, automated vulnerability scanning and penetration testing tools are being developed and continually researched. However, for a NPP I and C systems in which the method of communication is mixed (TCP/IP and serial), it is difficult to use the existing tools. This paper describes the penetration test framework for the IT sector, which is one of the cyber security test methods available. It concludes by discussing the need to develop a new penetration method for performing cyber security testing for NPP I and C systems, as well as the need for the NPP I and C test-bed. Security vulnerabilities need to be identified and continuously managed through vulnerability scans and assessments. For known vulnerabilities, the vulnerabilities of the target system can be periodically managed via a vulnerability database. These activities such as fuzzing, penetration testing, etc. must not affect the availability or the integrity of the NPP I and C systems. It is desired that a NPP I and C cyber security test-bad environment that exactly models the actual system must be first constructed and then penetration testing done.

  11. Nuclear Cyber Security Case Study and Analysis

    Energy Technology Data Exchange (ETDEWEB)

    Park, Sunae [ChungNam National Univ., Daejeon (Korea, Republic of); Kim, Kyung doo [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2016-10-15

    Due to the new trend in cyber attacks, there is an increased security threat towards every country's infrastructure. So, security measures are required now than ever before. Previous cyber attacks normal process consists of paralyzing a server function, data extraction, or data control into the IT system for trespassing. However, nowadays control systems and infrastructures are also targeted and attacking methods have changed a lot. These days, the virus is becoming increasingly serious and hacker attacks are also becoming more frequent. This virus is a computer virus produced for the purpose of destroying the infrastructure, such as power plants, airports, railways June 2010, and it was first discovered in Belarus. Israel, the US, and other countries are believed culprits behind Stuxnet attacks on other nations such as Iran. Recent malware distribution, such as website hacking threat is growing. In surveys today one of the most long-term posing security threats is from North Korea. In particular, North Korea has been caught launching ongoing cyber-attacks after their latest nuclear test. South Korea has identified national trends regarding North Korean nuclear tests and analyzed them in order to catch disclosed confidential information. Especially, many nuclear power plants in the world are found to be vulnerable to cyber-attacks. Industrial facilities should be more wary of the risk of a serious cyber attack in the middle is going to increase the reliance on universal and commercial digital systems (off the shelf) software, civilian nuclear infrastructure. Senior executives’ current risk rate levels are increasing. Digitalization of the perception of risk is lacking in nuclear power plants and workers are creating prevention methods to make them fully aware of the risks of cyber-attacks. It is suggested that it may be inappropriate to assume we are prepared for potential attacks. Due to advances in technology, a warning that the growing sense of crisis

  12. Nuclear Cyber Security Case Study and Analysis

    International Nuclear Information System (INIS)

    Park, Sunae; Kim, Kyung doo

    2016-01-01

    Due to the new trend in cyber attacks, there is an increased security threat towards every country's infrastructure. So, security measures are required now than ever before. Previous cyber attacks normal process consists of paralyzing a server function, data extraction, or data control into the IT system for trespassing. However, nowadays control systems and infrastructures are also targeted and attacking methods have changed a lot. These days, the virus is becoming increasingly serious and hacker attacks are also becoming more frequent. This virus is a computer virus produced for the purpose of destroying the infrastructure, such as power plants, airports, railways June 2010, and it was first discovered in Belarus. Israel, the US, and other countries are believed culprits behind Stuxnet attacks on other nations such as Iran. Recent malware distribution, such as website hacking threat is growing. In surveys today one of the most long-term posing security threats is from North Korea. In particular, North Korea has been caught launching ongoing cyber-attacks after their latest nuclear test. South Korea has identified national trends regarding North Korean nuclear tests and analyzed them in order to catch disclosed confidential information. Especially, many nuclear power plants in the world are found to be vulnerable to cyber-attacks. Industrial facilities should be more wary of the risk of a serious cyber attack in the middle is going to increase the reliance on universal and commercial digital systems (off the shelf) software, civilian nuclear infrastructure. Senior executives’ current risk rate levels are increasing. Digitalization of the perception of risk is lacking in nuclear power plants and workers are creating prevention methods to make them fully aware of the risks of cyber-attacks. It is suggested that it may be inappropriate to assume we are prepared for potential attacks. Due to advances in technology, a warning that the growing sense of crisis about

  13. Cyber child sexual exploitation.

    Science.gov (United States)

    Burgess, Ann Wolbert; Mahoney, Meghan; Visk, Julie; Morgenbesser, Leonard

    2008-09-01

    A 2-year review of 285 child cyber crime cases reported in the newspaper revealed how the Internet offenders were apprehended, the content of child pornography, and crime classification. A subsample of 100 cases with data on offender occupation revealed 73% of cases involved people in positions of authority. The dynamics of child cyber crime cases direct the implications for nursing practice in terms of evidence-based suspicion for reporting, categorizing the content of Internet images, referral of children for counseling, and treatment of offenders.

  14. Effectively protecting cyber infrastructure and assessing security needs

    Energy Technology Data Exchange (ETDEWEB)

    Robbins, J.; Starman, R. [EWA Canada Ltd., Edmonton, AB (Canada)

    2002-07-01

    This presentation addressed some of the requirements for effectively protecting cyber infrastructure and assessing security needs. The paper discussed the hype regarding cyber attacks, and presented the Canadian reality (as viewed by CanCERT). An assessment of security concerns was also presented. Recent cyber attacks on computer networks have raised fears of unsafe energy networks. Some experts claim the attacks are linked to terrorism, others blame industrial spying and mischief. Others dismiss the notion that somebody could bring down a power grid with a laptop as being far-fetched. It was noted that the cyber security threat is real, and that attacks are becoming more sophisticated as we live in a target rich environment. The issue of assessing vulnerabilities was discussed along with the selection of safeguards such as improving SCADA systems and the latest encryption methods to prevent hackers from bringing down computer networks. 3 tabs., 23 figs.

  15. Detection and Modeling of Cyber Attacks with Petri Nets

    Directory of Open Access Journals (Sweden)

    Bartosz Jasiul

    2014-12-01

    Full Text Available The aim of this article is to present an approach to develop and verify a method of formal modeling of cyber threats directed at computer systems. Moreover, the goal is to prove that the method enables one to create models resembling the behavior of malware that support the detection process of selected cyber attacks and facilitate the application of countermeasures. The most common cyber threats targeting end users and terminals are caused by malicious software, called malware. The malware detection process can be performed either by matching their digital signatures or analyzing their behavioral models. As the obfuscation techniques make the malware almost undetectable, the classic signature-based anti-virus tools must be supported with behavioral analysis. The proposed approach to modeling of malware behavior is based on colored Petri nets. This article is addressed to cyber defense researchers, security architects and developers solving up-to-date problems regarding the detection and prevention of advanced persistent threats.

  16. Neural Cognition and Affective Computing on Cyber Language.

    Science.gov (United States)

    Huang, Shuang; Zhou, Xuan; Xue, Ke; Wan, Xiqiong; Yang, Zhenyi; Xu, Duo; Ivanović, Mirjana; Yu, Xueer

    2015-01-01

    Characterized by its customary symbol system and simple and vivid expression patterns, cyber language acts as not only a tool for convenient communication but also a carrier of abundant emotions and causes high attention in public opinion analysis, internet marketing, service feedback monitoring, and social emergency management. Based on our multidisciplinary research, this paper presents a classification of the emotional symbols in cyber language, analyzes the cognitive characteristics of different symbols, and puts forward a mechanism model to show the dominant neural activities in that process. Through the comparative study of Chinese, English, and Spanish, which are used by the largest population in the world, this paper discusses the expressive patterns of emotions in international cyber languages and proposes an intelligent method for affective computing on cyber language in a unified PAD (Pleasure-Arousal-Dominance) emotional space.

  17. Empirical analysis of the effects of cyber security incidents.

    Science.gov (United States)

    Davis, Ginger; Garcia, Alfredo; Zhang, Weide

    2009-09-01

    We analyze the time series associated with web traffic for a representative set of online businesses that have suffered widely reported cyber security incidents. Our working hypothesis is that cyber security incidents may prompt (security conscious) online customers to opt out and conduct their business elsewhere or, at the very least, to refrain from accessing online services. For companies relying almost exclusively on online channels, this presents an important business risk. We test for structural changes in these time series that may have been caused by these cyber security incidents. Our results consistently indicate that cyber security incidents do not affect the structure of web traffic for the set of online businesses studied. We discuss various public policy considerations stemming from our analysis.

  18. Neural Cognition and Affective Computing on Cyber Language

    Directory of Open Access Journals (Sweden)

    Shuang Huang

    2015-01-01

    Full Text Available Characterized by its customary symbol system and simple and vivid expression patterns, cyber language acts as not only a tool for convenient communication but also a carrier of abundant emotions and causes high attention in public opinion analysis, internet marketing, service feedback monitoring, and social emergency management. Based on our multidisciplinary research, this paper presents a classification of the emotional symbols in cyber language, analyzes the cognitive characteristics of different symbols, and puts forward a mechanism model to show the dominant neural activities in that process. Through the comparative study of Chinese, English, and Spanish, which are used by the largest population in the world, this paper discusses the expressive patterns of emotions in international cyber languages and proposes an intelligent method for affective computing on cyber language in a unified PAD (Pleasure-Arousal-Dominance emotional space.

  19. Will electrical cyber-physical interdependent networks undergo first-order transition under random attacks?

    Science.gov (United States)

    Ji, Xingpei; Wang, Bo; Liu, Dichen; Dong, Zhaoyang; Chen, Guo; Zhu, Zhenshan; Zhu, Xuedong; Wang, Xunting

    2016-10-01

    Whether the realistic electrical cyber-physical interdependent networks will undergo first-order transition under random failures still remains a question. To reflect the reality of Chinese electrical cyber-physical system, the "partial one-to-one correspondence" interdependent networks model is proposed and the connectivity vulnerabilities of three realistic electrical cyber-physical interdependent networks are analyzed. The simulation results show that due to the service demands of power system the topologies of power grid and its cyber network are highly inter-similar which can effectively avoid the first-order transition. By comparing the vulnerability curves between electrical cyber-physical interdependent networks and its single-layer network, we find that complex network theory is still useful in the vulnerability analysis of electrical cyber-physical interdependent networks.

  20. Cyber security: a critical examination of information sharing versus data sensitivity issues for organisations at risk of cyber attack.

    Science.gov (United States)

    Mallinder, Jason; Drabwell, Peter

    Cyber threats are growing and evolving at an unprecedented rate.Consequently, it is becoming vitally important that organisations share information internally and externally before, during and after incidents they encounter so that lessons can be learned, good practice identified and new cyber resilience capabilities developed. Many organisations are reluctant to share such information for fear of divulging sensitive information or because it may be vague or incomplete. This provides organisations with a complex dilemma: how to share information as openly as possibly about cyber incidents, while protecting their confidentiality and focusing on service recovery from such incidents. This paper explores the dilemma of information sharing versus sensitivity and provides a practical overview of considerations every business continuity plan should address to plan effectively for information sharing in the event of a cyber incident.

  1. Automated Cyber Red Teaming

    Science.gov (United States)

    2015-04-01

    affect one’s cyber system by searching for viable attack plans1, and examining its effect on the system. It is a labour - intensive exercise as it...Both Satisfaction and Optimization Problems,” AI Magazine, vol. 22, no. 3, pp. 85-87, 2001. [183] S. Milton, Machine Learning methods for

  2. ARMY CYBER STRUCTURE ALIGNMENT

    Science.gov (United States)

    2016-02-16

    content/?q=historic-cyber-unit-begins- daily-action . 14 John M. McHugh , Secretary of the Army, HQDA General Order 2014-02, Affirmation of Secretary of...support-plays-role-in-tactical-operations/75545442/. McHugh , John M., Secretary of the Army, HQDA General Order 2014-02, Affirmation of Secretary of

  3. Index of cyber integrity

    Science.gov (United States)

    Anderson, Gustave

    2014-05-01

    Unfortunately, there is no metric, nor set of metrics, that are both general enough to encompass all possible types of applications yet specific enough to capture the application and attack specific details. As a result we are left with ad-hoc methods for generating evaluations of the security of our systems. Current state of the art methods for evaluating the security of systems include penetration testing and cyber evaluation tests. For these evaluations, security professionals simulate an attack from malicious outsiders and malicious insiders. These evaluations are very productive and are able to discover potential vulnerabilities resulting from improper system configuration, hardware and software flaws, or operational weaknesses. We therefore propose the index of cyber integrity (ICI), which is modeled after the index of biological integrity (IBI) to provide a holistic measure of the health of a system under test in a cyber-environment. The ICI provides a broad base measure through a collection of application and system specific metrics. In this paper, following the example of the IBI, we demonstrate how a multi-metric index may be used as a holistic measure of the health of a system under test in a cyber-environment.

  4. Temporal Cyber Attack Detection.

    Energy Technology Data Exchange (ETDEWEB)

    Ingram, Joey Burton [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Draelos, Timothy J. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Galiardi, Meghan [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Doak, Justin E. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2017-11-01

    Rigorous characterization of the performance and generalization ability of cyber defense systems is extremely difficult, making it hard to gauge uncertainty, and thus, confidence. This difficulty largely stems from a lack of labeled attack data that fully explores the potential adversarial space. Currently, performance of cyber defense systems is typically evaluated in a qualitative manner by manually inspecting the results of the system on live data and adjusting as needed. Additionally, machine learning has shown promise in deriving models that automatically learn indicators of compromise that are more robust than analyst-derived detectors. However, to generate these models, most algorithms require large amounts of labeled data (i.e., examples of attacks). Algorithms that do not require annotated data to derive models are similarly at a disadvantage, because labeled data is still necessary when evaluating performance. In this work, we explore the use of temporal generative models to learn cyber attack graph representations and automatically generate data for experimentation and evaluation. Training and evaluating cyber systems and machine learning models requires significant, annotated data, which is typically collected and labeled by hand for one-off experiments. Automatically generating such data helps derive/evaluate detection models and ensures reproducibility of results. Experimentally, we demonstrate the efficacy of generative sequence analysis techniques on learning the structure of attack graphs, based on a realistic example. These derived models can then be used to generate more data. Additionally, we provide a roadmap for future research efforts in this area.

  5. Cyber warfare: critical perspectives

    NARCIS (Netherlands)

    Ducheine, P.; Osinga, F.; Soeters, J.

    2012-01-01

    Next to sea, land, air and space, ‘cyber space’ appears to be the fifth operational domain for the military. This manmade and virtual sphere brings along opportunities and threats. In this book, academics of the Netherlands Defence Academy as well as specialists and military professionals from other

  6. Simulating cyber warfare and cyber defenses: information value considerations

    Science.gov (United States)

    Stytz, Martin R.; Banks, Sheila B.

    2011-06-01

    Simulating cyber warfare is critical to the preparation of decision-makers for the challenges posed by cyber attacks. Simulation is the only means we have to prepare decision-makers for the inevitable cyber attacks upon the information they will need for decision-making and to develop cyber warfare strategies and tactics. Currently, there is no theory regarding the strategies that should be used to achieve objectives in offensive or defensive cyber warfare, and cyber warfare occurs too rarely to use real-world experience to develop effective strategies. To simulate cyber warfare by affecting the information used for decision-making, we modify the information content of the rings that are compromised during in a decision-making context. The number of rings affected and value of the information that is altered (i.e., the closeness of the ring to the center) is determined by the expertise of the decision-maker and the learning outcome(s) for the simulation exercise. We determine which information rings are compromised using the probability that the simulated cyber defenses that protect each ring can be compromised. These probabilities are based upon prior cyber attack activity in the simulation exercise as well as similar real-world cyber attacks. To determine which information in a compromised "ring" to alter, the simulation environment maintains a record of the cyber attacks that have succeeded in the simulation environment as well as the decision-making context. These two pieces of information are used to compute an estimate of the likelihood that the cyber attack can alter, destroy, or falsify each piece of information in a compromised ring. The unpredictability of information alteration in our approach adds greater realism to the cyber event. This paper suggests a new technique that can be used for cyber warfare simulation, the ring approach for modeling context-dependent information value, and our means for considering information value when assigning cyber

  7. Game Based Cyber Security Training: are Serious Games suitable for cyber security training?

    Directory of Open Access Journals (Sweden)

    Maurice Hendrix

    2016-03-01

    Full Text Available Security research and training is attracting a lot of investment and interest from governments and the private sector. Most efforts have focused on physical security, while cyber security or digital security has been given less importance. With recent high-profile attacks it has become clear that training in cyber security is needed. Serious Games have the capability to be effective tools for public engagement and behavioural change and role play games, are already used by security professionals. Thus cyber security seems especially well-suited to Serious Games. This paper investigates whether games can be effective cyber security training tools. The study is conducted by means of a structured literature review supplemented with a general web search.While there are early positive indications there is not yet enough evidence to draw any definite conclusions. There is a clear gap in target audience with almost all products and studies targeting the general public and very little attention given to IT professionals and managers. The products and studies also mostly work over a short period, while it is known that short-term interventions are not particularly effective at affecting behavioural change.

  8. Defending the Borderland: Ukrainian Military Experiences with IO, Cyber, and EW

    Science.gov (United States)

    2017-12-01

    from Kyiv to Boryslav, a targeted bombing resulted in the successful 17 The Army Cyber Institute at West Point...electromagnetic ( EM ) emissions has proved extremely successful at the tactical level against Ukrainian forces. While tactical cyber looks at content, EW...against Ukrainian personnel. The use by Ukrainian forces of devices with EM broadcasting enabled adversary tracking of individual devices or volumes

  9. CYBER FORENSICS COMPETENCY-BASED FRAMEWORK - AREVIEW

    OpenAIRE

    Elfadil Sabeil; Azizah Bt Abdul Manaf; Zuraini Ismail; Mohamed Abas

    2011-01-01

    Lack of Cyber Forensics experts is a huge challenge facing the world today. It comes due to the fancy of Cyber Forensics training or education. The multidisciplinary nature of Cyber Forensics proliferates to diverse training programmes, from a handful day‟s workshop to Postgraduate in Cyber Forensics. Consequently, this paper concentrates on analyzing the Cyber Forensics training programmes in terms of Competency-Based Framework. The study proves that Cyber Forensics training or education h...

  10. Literature Review on Modeling Cyber Networks and Evaluating Cyber Risks.

    Energy Technology Data Exchange (ETDEWEB)

    Kelic, Andjelka; Campbell, Philip L

    2018-04-01

    The National Infrastructure Simulations and Analysis Center (NISAC) conducted a literature review on modeling cyber networks and evaluating cyber risks. The literature review explores where modeling is used in the cyber regime and ways that consequence and risk are evaluated. The relevant literature clusters in three different spaces: network security, cyber-physical, and mission assurance. In all approaches, some form of modeling is utilized at varying levels of detail, while the ability to understand consequence varies, as do interpretations of risk. This document summarizes the different literature viewpoints and explores their applicability to securing enterprise networks.

  11. Cyber Defense Exercises and their Role in Cyber Warfare

    OpenAIRE

    Bogdan Alexandru Bratosin

    2014-01-01

    The threat of cyber-attacks is increasing with the access to PC’s and Internet of a larger number of people around the world. Although the Internet provides a large number of advantages, it can also be used as a cyber-weapon in order to serve the interests of counties, political and economic groups or individual. The cyber-attacks of today are capable to disable the manufacturing of nuclear bombs of a country. Thus, there is an increasing demand for IT security specialists. Cyber-defense exer...

  12. ON THE OFFENSE: USING CYBER WEAPONS TO INFLUENCE COGNITIVE BEHAVIOR

    Directory of Open Access Journals (Sweden)

    Mary Fendley

    2012-12-01

    Full Text Available There is an increasing recognition that cyber warfare is an important area of development for targeting and weaponeering, with far-reaching effects in national defense and economic security. The ability to conduct effective operations in cyberspace relies on a robust situational awareness of events occurring in both the physical and information domains, with an understanding of how they affect the cognitive domain of friendly, neutral, and adversary population sets. The dynamic nature of the battlefield complicates efforts to understand shifting adversary motivations and intentions. There are very few approaches, to date, that systematically evaluate the effects of the repertoire of cyber weapons on the cognitive, perceptual, and behavioral characteristics of the adversary. In this paper, we describe a software environment called Cognitive Cyber Weapon Selection Tool (CCWST that simulates a scenario involving cyber weaponry.This tool provides the capabilities to test weapons which may induce behavioral state changes in the adversaries. CCWST provides the required situational awareness to the Cyber Information Operations (IO planner to conduct intelligent weapon selection during weapon activation in order to induce the desired behavioral change in the perception of the adversary. Weapons designed to induce the cognitive state changes of deception, distraction, distrust and confusion were then tested empirically to evaluate the capabilities and expected cognitive state changes induced by these weapons. The results demonstrated that CCWST is a powerful environment within which to test and evaluate the impact of cyber weapons on influencing cognitive behavioral states during information processing.

  13. Cyber-Physical War Gaming

    OpenAIRE

    Colbert, E. J. M.; Sullivan, D. T.; Kott, A

    2017-01-01

    This paper presents general strategies for cyber war gaming of Cyber-Physical Systems (CPSs) that are used for cyber security research at the U.S. Army Research Laboratory (ARL). Since Supervisory Control and Data Acquisition (SCADA) and other CPSs are operational systems, it is difficult or impossible to perform security experiments on actual systems. The authors describe how table-top strategy sessions and realistic, live CPS war games are conducted at ARL. They also discuss how the recorde...

  14. Cyber Security Test Strategy for Non-safety Display System

    International Nuclear Information System (INIS)

    Son, Han Seong; Kim, Hee Eun

    2016-01-01

    Cyber security has been a big issue since the instrumentation and control (I and C) system of nuclear power plant (NPP) is digitalized. A cyber-attack on NPP should be dealt with seriously because it might cause not only economic loss but also the radioactive material release. Researches on the consequences of cyber-attack onto NPP from a safety point of view have been conducted. A previous study shows the risk effect brought by initiation of event and deterioration of mitigation function by cyber terror. Although this study made conservative assumptions and simplifications, it gives an insight on the effect of cyber-attack. Another study shows that the error on a non-safety display system could cause wrong actions of operators. According to this previous study, the failure of the operator action caused by a cyber-attack on a display system might threaten the safety of the NPP by limiting appropriate mitigation actions. This study suggests a test strategy focusing on the cyber-attack on the information and display system, which might cause the failure of operator. The test strategy can be suggested to evaluate and complement security measures. Identifying whether a cyber-attack on the information and display system can affect the mitigation actions of operator, the strategy to obtain test scenarios is suggested. The failure of mitigation scenario is identified first. Then, for the test target in the scenario, software failure modes are applied to identify realistic failure scenarios. Testing should be performed for those scenarios to confirm the integrity of data and to assure effectiveness of security measures

  15. Cyber Security Test Strategy for Non-safety Display System

    Energy Technology Data Exchange (ETDEWEB)

    Son, Han Seong [Joongbu University, Geumsan (Korea, Republic of); Kim, Hee Eun [KAIST, Daejeon (Korea, Republic of)

    2016-10-15

    Cyber security has been a big issue since the instrumentation and control (I and C) system of nuclear power plant (NPP) is digitalized. A cyber-attack on NPP should be dealt with seriously because it might cause not only economic loss but also the radioactive material release. Researches on the consequences of cyber-attack onto NPP from a safety point of view have been conducted. A previous study shows the risk effect brought by initiation of event and deterioration of mitigation function by cyber terror. Although this study made conservative assumptions and simplifications, it gives an insight on the effect of cyber-attack. Another study shows that the error on a non-safety display system could cause wrong actions of operators. According to this previous study, the failure of the operator action caused by a cyber-attack on a display system might threaten the safety of the NPP by limiting appropriate mitigation actions. This study suggests a test strategy focusing on the cyber-attack on the information and display system, which might cause the failure of operator. The test strategy can be suggested to evaluate and complement security measures. Identifying whether a cyber-attack on the information and display system can affect the mitigation actions of operator, the strategy to obtain test scenarios is suggested. The failure of mitigation scenario is identified first. Then, for the test target in the scenario, software failure modes are applied to identify realistic failure scenarios. Testing should be performed for those scenarios to confirm the integrity of data and to assure effectiveness of security measures.

  16. Comparative Study on Cyber Securities between Power Reactor and Research Reactor with Bayesian Update

    International Nuclear Information System (INIS)

    Shin, Jinsoo; Heo, Gyunyoung; Son, Han Seong

    2016-01-01

    The Stuxnet has shown that nuclear facilities are no more safe from cyber-attack. Due to practical experiences and concerns on increasing of digital system application, cyber security has become the important issue in nuclear industry. Korea Institute of Nuclear Nonproliferation and control (KINAC) published a regulatory standard (KINAC/RS-015) to establish cyber security framework for nuclear facilities. However, it is difficult to research about cyber security. It is hard to quantify cyber-attack which has malicious activity which is different from existing design basis accidents (DBAs). We previously proposed a methodology on development of a cyber security risk model with BBN. However, the methodology had a limitation in which the input data as prior information was solely on expert opinions. In this study, we propose a cyber security risk model for instrumentation and control (I and C) system of nuclear facilities with some equation for quantification by using Bayesian Belief Network (BBN) in order to overcome the limitation of previous research. The proposed model has been used for comparative study on cyber securities between large-sized nuclear power plants (NPPs) and small-sized Research Reactors (RR). In this study, we proposed the cyber security risk evaluation model with BBN. It includes I and C architecture, which is a target system of cyber-attack, malicious activity, which causes cyber-attack from attacker, and mitigation measure, which mitigates the cyber-attack risk. Likelihood and consequence as prior information are evaluated by considering characteristics of I and C architecture and malicious activity. The BBN model provides posterior information with Bayesian update by adding any of assumed cyber-attack scenarios as evidence. Cyber security risk for nuclear facilities is analyzed by comparing between prior information and posterior information of each node. In this study, we conducted comparative study on cyber securities between power reactor

  17. Comparative Study on Cyber Securities between Power Reactor and Research Reactor with Bayesian Update

    Energy Technology Data Exchange (ETDEWEB)

    Shin, Jinsoo; Heo, Gyunyoung [Kyung Hee University, Yongin (Korea, Republic of); Son, Han Seong [Joongbu Univiersity, Geumsan (Korea, Republic of)

    2016-10-15

    The Stuxnet has shown that nuclear facilities are no more safe from cyber-attack. Due to practical experiences and concerns on increasing of digital system application, cyber security has become the important issue in nuclear industry. Korea Institute of Nuclear Nonproliferation and control (KINAC) published a regulatory standard (KINAC/RS-015) to establish cyber security framework for nuclear facilities. However, it is difficult to research about cyber security. It is hard to quantify cyber-attack which has malicious activity which is different from existing design basis accidents (DBAs). We previously proposed a methodology on development of a cyber security risk model with BBN. However, the methodology had a limitation in which the input data as prior information was solely on expert opinions. In this study, we propose a cyber security risk model for instrumentation and control (I and C) system of nuclear facilities with some equation for quantification by using Bayesian Belief Network (BBN) in order to overcome the limitation of previous research. The proposed model has been used for comparative study on cyber securities between large-sized nuclear power plants (NPPs) and small-sized Research Reactors (RR). In this study, we proposed the cyber security risk evaluation model with BBN. It includes I and C architecture, which is a target system of cyber-attack, malicious activity, which causes cyber-attack from attacker, and mitigation measure, which mitigates the cyber-attack risk. Likelihood and consequence as prior information are evaluated by considering characteristics of I and C architecture and malicious activity. The BBN model provides posterior information with Bayesian update by adding any of assumed cyber-attack scenarios as evidence. Cyber security risk for nuclear facilities is analyzed by comparing between prior information and posterior information of each node. In this study, we conducted comparative study on cyber securities between power reactor

  18. Economic Analysis of Cyber Security

    National Research Council Canada - National Science Library

    Gallaher, Michael P; Rowe, Brent R; Rogozhin, Alex V; Link, Albert N

    2006-01-01

    .... However, few organizations attempt such analysis for their cyber security mechanisms. Key performance and evaluation metrics are not available, so organizations rely on qualitative assessments...

  19. Cyber Security Analysis of Turkey

    OpenAIRE

    Senturk, Hakan; Çil, Zaim; Sağıroğlu, Şeref

    2016-01-01

    Considering the criticality of the cyber security threat in the 21st century, it is presumed that the nations are busy with series of activities in order to protect their security in the cyber space domain. In this paper, in light of the recent developments in the cyber security field, Turkey’s cyber security analysis is performed using a macro analysis model. We researched for the measures taken in Turkey with respect to those in the other countries, reviewed the posture, the activities and ...

  20. Cyber defense and situational awareness

    CERN Document Server

    Kott, Alexander; Erbacher, Robert F

    2015-01-01

    This book is the first publication to give a comprehensive, structured treatment to the important topic of situational awareness in cyber defense. It presents the subject in a logical, consistent, continuous discourse, covering key topics such as formation of cyber situational awareness, visualization and human factors, automated learning and inference, use of ontologies and metrics, predicting and assessing impact of cyber attacks, and achieving resilience of cyber and physical mission. Chapters include case studies, recent research results and practical insights described specifically for th

  1. Service Failure and Recovery in a Public Setting: A Comparative Study of Target and Observing Customers

    OpenAIRE

    SEYED SHAHIN SHARIFI

    2017-01-01

    Previous research has examined the effect of service failure and recovery on target and the observing customers separately, with an emphasis on evaluations by target customers. It has been assumed that the reactions of those customers observing the recovery efforts would mirror those of target customers, or perhaps be even more favourable, given that they are not directly affected by the service failure. This research challenges this pre-conception. Through a series of experimental studies, t...

  2. The cyber security threat stops in the boardroom.

    Science.gov (United States)

    Scully, Tim

    The attitude that 'it won't happen to me' still prevails in the boardrooms of industry when senior executives consider the threat of targeted cyber intrusions. Not much has changed in the commercial world of cyber security over the past few years; hackers are not being challenged to find new ways to steal companies' intellectual property and confidential information. The consequences of even major security breaches seem not to be felt by the leaders of victim companies. Why is this so? Surely IT security practitioners are seeking new ways to detect and prevent targeted intrusions into companies' networks? Are the consequences of targeted intrusions so insignificant that the captains of industry tolerate them? Or do only others feel the pain of their failure? This paper initially explores the failure of cyber security in industry and contends that, while industry leaders should not be alone in accepting responsibility for this failure, they must take the initiative to make life harder for cyber threat actors. They cannot wait for government leadership on policy, strategy or coordination. The paper then suggests some measures that a CEO can adopt to build a new corporate approach to cyber security.

  3. Oxford CyberSEM: remote microscopy

    International Nuclear Information System (INIS)

    Rahman, M; Kirkland, A; Cockayne, D; Meyer, R

    2008-01-01

    The Internet has enabled researchers to communicate over vast geographical distances, sharing ideas and documents. e-Science, underpinned by Grid and Web Services, has enabled electronic communications to the next level where, in addition to document sharing, researchers can increasingly control high precision scientific instruments over the network. The Oxford CyberSEM project developed a simple Java applet via which samples placed in a JEOL 5510LV Scanning Electron Microscope (SEM) can be manipulated and examined collaboratively over the Internet. Designed with schoolchildren in mind, CyberSEM does not require any additional hardware or software other than a generic Java-enabled web browser. This paper reflects on both the technical and social challenges in designing real-time systems for controlling scientific equipments in collaborative environments. Furthermore, it proposes potential deployment beyond the classroom setting.

  4. Framework for Grading of Cyber Security Check-List upon I and C Architecture

    International Nuclear Information System (INIS)

    Shin, Jin Soo; Heo, Gyunyong; Son, Han Seong

    2016-01-01

    Cyber-attack can threaten research reactors as well as NPPs since the goal of cyber-attack is not only to make a catastrophic accident such as radiation exposure against public health but also to make chaos or anxiety among the public. Moreover, there is more probability to occur in research reactors than NPPs since research reactors has more users than NPPs. The nuclear regulatory agencies such as U.S.NRC and KINAC (Korea Institute of Nuclear Nonproliferation and Control) have published regulatory guides for rules against cyber-attack to maintain cyber security of nuclear facilities. U.S.NRC has published a regulatory guide (U.S.NRC / RG-5.71) and KINAC has developed a regulatory standard (KINAC / RS-015) to establish a cyber security for nuclear facilities. However, these regulatory documents represent check-list for cyber security regardless of reactor type such as NPPs or research reactors. The proposed framework in this paper was grading of cyber security check-lists with BBN by I and C architecture such as NPPs and research reactors. First, the BBN model was developed to apply I and C system architecture of target nuclear facility. The architecture model calculates the cyber security risk with structural architecture, vulnerability, and mitigation measure. Second, cyber security check-lists are defined in cyber security documents. It is, then, used with the consideration of mitigation measures of BBN model in order to apply architectural characteristic. Third, after assuming cyber-attack occurs to I and C system, the model calculates the posterior information using Bayesian update. Finally, the cyber security check-lists for nuclear facilities are graded upon I and C architecture with the posterior information for mitigation measures

  5. Framework for Grading of Cyber Security Check-List upon I and C Architecture

    Energy Technology Data Exchange (ETDEWEB)

    Shin, Jin Soo; Heo, Gyunyong [Kyunghee University, Yongin (Korea, Republic of); Son, Han Seong [Joongbu University, Geumsan (Korea, Republic of)

    2016-05-15

    Cyber-attack can threaten research reactors as well as NPPs since the goal of cyber-attack is not only to make a catastrophic accident such as radiation exposure against public health but also to make chaos or anxiety among the public. Moreover, there is more probability to occur in research reactors than NPPs since research reactors has more users than NPPs. The nuclear regulatory agencies such as U.S.NRC and KINAC (Korea Institute of Nuclear Nonproliferation and Control) have published regulatory guides for rules against cyber-attack to maintain cyber security of nuclear facilities. U.S.NRC has published a regulatory guide (U.S.NRC / RG-5.71) and KINAC has developed a regulatory standard (KINAC / RS-015) to establish a cyber security for nuclear facilities. However, these regulatory documents represent check-list for cyber security regardless of reactor type such as NPPs or research reactors. The proposed framework in this paper was grading of cyber security check-lists with BBN by I and C architecture such as NPPs and research reactors. First, the BBN model was developed to apply I and C system architecture of target nuclear facility. The architecture model calculates the cyber security risk with structural architecture, vulnerability, and mitigation measure. Second, cyber security check-lists are defined in cyber security documents. It is, then, used with the consideration of mitigation measures of BBN model in order to apply architectural characteristic. Third, after assuming cyber-attack occurs to I and C system, the model calculates the posterior information using Bayesian update. Finally, the cyber security check-lists for nuclear facilities are graded upon I and C architecture with the posterior information for mitigation measures.

  6. Rumination mediates the association between cyber-victimization and depressive symptoms.

    Science.gov (United States)

    Feinstein, Brian A; Bhatia, Vickie; Davila, Joanne

    2014-06-01

    The current study examined the 3-week prospective associations between cyber-victimization and both depressive symptoms and rumination. In addition, a mediation model was tested, wherein rumination mediated the association between cyber-victimization and depressive symptoms. Participants (N = 565 college-age young adults) completed online surveys at two time points 3 weeks apart. Results indicated that cyber-victimization was associated with increases in both depressive symptoms and rumination over time. Furthermore, results of the path analysis indicated that cyber-victimization was associated with increases in rumination over time, which were then associated with greater depressive symptoms, providing support for the proposed mediation effect for women, but not men. Findings extend previous correlational findings by demonstrating that cyber-victimization is associated with increases in symptomatology over time. Findings also suggest that the negative consequences of cyber-victimization extend beyond mental health problems to maladaptive emotion regulation. In fact, rumination may be a mechanism through which cyber-victimization influences mental health problems, at least for women. Mental health professionals are encouraged to assess cyber-victimization as part of standard victimization assessments and to consider targeting maladaptive emotion regulation in addition to mental health problems in clients who have experienced cyber-victimization.

  7. Bullying prevalence across contexts: a meta-analysis measuring cyber and traditional bullying.

    Science.gov (United States)

    Modecki, Kathryn L; Minchin, Jeannie; Harbaugh, Allen G; Guerra, Nancy G; Runions, Kevin C

    2014-11-01

    Bullying involvement in any form can have lasting physical and emotional consequences for adolescents. For programs and policies to best safeguard youth, it is important to understand prevalence of bullying across cyber and traditional contexts. We conducted a thorough review of the literature and identified 80 studies that reported corresponding prevalence rates for cyber and traditional bullying and/or aggression in adolescents. Weighted mean effect sizes were calculated, and measurement features were entered as moderators to explain variation in prevalence rates and in traditional-cyber correlations within the sample of studies. Prevalence rates for cyber bullying were lower than for traditional bullying, and cyber and traditional bullying were highly correlated. A number of measurement features moderated variability in bullying prevalence; whereas a focus on traditional relational aggression increased correlations between cyber and traditional aggressions. In our meta-analytic review, traditional bullying was twice as common as cyber bullying. Cyber and traditional bullying were also highly correlated, suggesting that polyaggression involvement should be a primary target for interventions and policy. Results of moderation analyses highlight the need for greater consensus in measurement approaches for both cyber and traditional bullying. Copyright © 2014 Society for Adolescent Health and Medicine. Published by Elsevier Inc. All rights reserved.

  8. Conflict in Cyber Space

    DEFF Research Database (Denmark)

    Friis, Karsten; Ringsmose, Jens

    Over the past two decades, a new man-made domain of conflict has materialized. Alongside armed conflict in the domains of land, sea, air, and space, hostilities between different types of political actors are now taking place in cyberspace. This volume addresses the challenges posed by cyberspace...... the different scholarly and political positions associated with various key aspects of cyber conflict and seek to answer the following questions: do existing theories provide sufficient answers to the current challenges posed by conflict in cyberspace, and, if not, could alternative approaches be developed......?; how do states and non-state actors make use of cyber-weapons when pursuing strategic and political aims?; and, how does the advent of conflict in cyberspace challenge our established legal framework? By asking important strategic questions on the theoretical, strategic, ethical and legal implications...

  9. Cyber Network Mission Dependencies

    Science.gov (United States)

    2015-09-18

    leak paths”) and determine if firewalls and router access control lists are violating network policy. Visualization tools are provided to help analysts...with which a supply agent may not be familiar. In this environment, errors in requisition are easy to make, and they are costly : an incomplete cyber...establishing an email network and recommend a firewall and additional laptops. YMAL would also match mission details like the deployment location with

  10. Cyber Workforce Retention

    Science.gov (United States)

    2016-10-01

    analysts, who most closely coincide with members of the 1B4 occupation skill set . However, adjusting for the local labor markets where approximately 80–85...fewer than 10 years. 2. Cyber Airmen, in particular 1B4s, have the skill sets needed in the labor market : their skills are extremely portable and...professionals collides with a world labor market already experi- encing a dramatic deficit in individuals with these skills . At the same time, the United

  11. Norwegian Cyber Defense

    Science.gov (United States)

    2013-12-01

    reliance on proprietary networks and hardware, SCADA systems were considered safe from cyber attacks and were not designed for security. The situation...operational data that could result in public safety concerns.43 In 2013 Norwegian newspaper Dagbladet found over 2,500 SCADA systems in Norway used for ...a. Siberian Pipeline Explosion (1982) In 1982, intruders planted a Trojan horse in the SCADA system that controls the Siberian Pipeline . This is the

  12. US Cyber Challenge Research

    Science.gov (United States)

    2012-02-01

    Computers (General Term), Information Systems or Information Technology 0 6 5 1 1 13 Criminal Justice 0 0 0 1 0 1 Economics 0 0 1 0 0 1 Electrical...Assurance or Computer Security 8 6 15 10 7 46 Information Technology 4 1 9 1 4 19 Nanotechnology 0 1 0 0 0 1 Networking or Network Security 7 1 2 2 4...FORCE RESEARCH LABORATORY INFORMATION DIRECTORATE US CYBER CHALLENGE RESEARCH CENTER FOR INTERNET SECURITY, INC FEBRUARY

  13. Fighting cyber crime through cyber forensics first responder training

    CSIR Research Space (South Africa)

    Venter, JP

    2008-11-01

    Full Text Available behind traces that are of interest to cyber forensic scientists. Cyber forensics is the science of analysing traces in order to extract evidence for use in court or at formal hearings. This rapid rise in the use of ICT for criminal purposes necessitated...

  14. Adolescent predictors of young adult cyber-bullying perpetration and victimization among Australian youth

    Science.gov (United States)

    Hemphill, Sheryl A.; Heerde, Jessica A.

    2014-01-01

    Purpose The purpose of the current paper was to examine the adolescent risk and protective factors (at the individual, peer group, and family level) for young adult cyber-bullying perpetration and victimization. Methods Data from 2006 (Grade 9) to 2010 (young adulthood) were analyzed from a community sample of 927 Victorian students originally recruited as a state-wide representative sample in Grade 5 (age 10–11 years) in 2002 and followed up to age 18–19 years in 2010 (N = 809). Participants completed a self-report survey on adolescent risk and protective factors and traditional and cyber-bullying perpetration and victimization, and young adult cyber-bullying perpetration and victimization. Results As young adults, 5.1% self-reported cyber-bullying perpetration only, 5.0% cyber-bullying victimization only, and 9.5% reported both cyber-bullying perpetration and victimization. In fully adjusted logistic regression analyses, the adolescent predictors of cyber-bullying perpetration only were traditional bullying perpetration, traditional bullying perpetration and victimization, and poor family management. For young adulthood cyber-bullying victimization only, the adolescent predictor was emotion control. The adolescent predictors for young adult cyber-bullying perpetration and victimization were traditional bullying perpetration and cyber-bullying perpetration and victimization. Conclusions Based on the results of this study, possible targets for prevention and early intervention are reducing adolescent involvement in (traditional or cyber-) bullying through the development of social skills and conflict resolution skills. In addition, another important prevention target is to support families with adolescents to ensure they set clear rules and monitor adolescent’s behavior. Universal programs that assist adolescents to develop skills in emotion control are warranted. PMID:24939014

  15. Segmenting, positioning and market targeting in service companies

    Directory of Open Access Journals (Sweden)

    Kancir Rade

    2004-01-01

    Full Text Available Effective marketing management system in every company, including service companies, assumes existence of adequate information infrastructure which enables production of information relevant for making of different types of marketing decisions. Information based decisions are necessary in every phase of the management process, both on strategic and operative level.

  16. Understanding Cyber Threats and Vulnerabilities

    NARCIS (Netherlands)

    Luiijf, H.A.M.

    2012-01-01

    This chapter reviews current and anticipated cyber-related threats to the Critical Information Infrastructure (CII) and Critical Infrastructures (CI). The potential impact of cyber-terrorism to CII and CI has been coined many times since the term was first coined during the 1980s. Being the

  17. Cyber Bullying and Academic Performance

    Science.gov (United States)

    Faryadi, Qais

    2011-01-01

    This research investigates the emotional and physiological effects of cyber bullying on the university students. The primary objective of this investigation is to identify the victims of cyber bullying and critically analyze their emotional state and frame of mind in order to provide them with a workable and feasible intervention in fighting cyber…

  18. Cyber Security Applications: Freeware & Shareware

    Science.gov (United States)

    Rogers, Gary; Ashford, Tina

    2015-01-01

    This paper will discuss some assignments using freeware/shareware instructors can find on the Web to use to provide students with hands-on experience in this arena. Also, the college, Palm Beach State College, via a grant with the U.S. Department of Labor, has recently purchased a unique cyber security device that simulates cyber security attacks…

  19. Russia’s Approach to Cyber Warfare

    Science.gov (United States)

    2016-09-01

    State University .” “’Information Troops’ -- a Russian Cyber Command?” 2011 3rd International Conference on Cyber Conflict, C. Czosseck, E. Tyugu, T...www.nytimes.com/2008/08/13/technology/13cyber.html?_r=0. 36 Ibid. 37 Joseph Mann, “Expert: Cyber-attacks on Georgia websites tied to mob , Russian government

  20. Stuxnet and the Future of Cyber War

    OpenAIRE

    Farwell, James P.; Rohozinski, Rafal

    2011-01-01

    The discovery in June 2010 that a cyber worm dubbed 'Stuxnet' had struck the Iranian nuclear facility at Natanz suggested that, for cyber war, the future is now. Yet more important is the political and strategic context in which new cyber threats are emerging, and the effects the worm has generated in this respect. Perhaps most striking is the confluence between cyber crime and state action. States are capitalising on technology whose development is driven by cyber crime, and perhaps outsourc...

  1. Predicting Cyber Events by Leveraging Hacker Sentiment

    OpenAIRE

    Deb, Ashok; Lerman, Kristina; Ferrara, Emilio

    2018-01-01

    Recent high-profile cyber attacks exemplify why organizations need better cyber defenses. Cyber threats are hard to accurately predict because attackers usually try to mask their traces. However, they often discuss exploits and techniques on hacking forums. The community behavior of the hackers may provide insights into groups' collective malicious activity. We propose a novel approach to predict cyber events using sentiment analysis. We test our approach using cyber attack data from 2 major ...

  2. Literature Review on Cyber Security Investment Decisions

    OpenAIRE

    ŞENTÜRK, Hakan; ÇİL, Celal Zaim; SAĞIROĞLU, Şeref

    2016-01-01

    Severe financial losses incurred by cyber security attacks with increasing complexity and frequency, as well as booming cyber security sector offering variety of products as investment options have led the focus of the research in the field to the economic dimension of cyber security. The need for determination of methods to be used when making cyber security investment decisions under budget constraints have become prominent. In five sections as the cyber security investment strategies, risk...

  3. TargetNet: a web service for predicting potential drug-target interaction profiling via multi-target SAR models.

    Science.gov (United States)

    Yao, Zhi-Jiang; Dong, Jie; Che, Yu-Jing; Zhu, Min-Feng; Wen, Ming; Wang, Ning-Ning; Wang, Shan; Lu, Ai-Ping; Cao, Dong-Sheng

    2016-05-01

    Drug-target interactions (DTIs) are central to current drug discovery processes and public health fields. Analyzing the DTI profiling of the drugs helps to infer drug indications, adverse drug reactions, drug-drug interactions, and drug mode of actions. Therefore, it is of high importance to reliably and fast predict DTI profiling of the drugs on a genome-scale level. Here, we develop the TargetNet server, which can make real-time DTI predictions based only on molecular structures, following the spirit of multi-target SAR methodology. Naïve Bayes models together with various molecular fingerprints were employed to construct prediction models. Ensemble learning from these fingerprints was also provided to improve the prediction ability. When the user submits a molecule, the server will predict the activity of the user's molecule across 623 human proteins by the established high quality SAR model, thus generating a DTI profiling that can be used as a feature vector of chemicals for wide applications. The 623 SAR models related to 623 human proteins were strictly evaluated and validated by several model validation strategies, resulting in the AUC scores of 75-100 %. We applied the generated DTI profiling to successfully predict potential targets, toxicity classification, drug-drug interactions, and drug mode of action, which sufficiently demonstrated the wide application value of the potential DTI profiling. The TargetNet webserver is designed based on the Django framework in Python, and is freely accessible at http://targetnet.scbdd.com .

  4. TargetNet: a web service for predicting potential drug-target interaction profiling via multi-target SAR models

    Science.gov (United States)

    Yao, Zhi-Jiang; Dong, Jie; Che, Yu-Jing; Zhu, Min-Feng; Wen, Ming; Wang, Ning-Ning; Wang, Shan; Lu, Ai-Ping; Cao, Dong-Sheng

    2016-05-01

    Drug-target interactions (DTIs) are central to current drug discovery processes and public health fields. Analyzing the DTI profiling of the drugs helps to infer drug indications, adverse drug reactions, drug-drug interactions, and drug mode of actions. Therefore, it is of high importance to reliably and fast predict DTI profiling of the drugs on a genome-scale level. Here, we develop the TargetNet server, which can make real-time DTI predictions based only on molecular structures, following the spirit of multi-target SAR methodology. Naïve Bayes models together with various molecular fingerprints were employed to construct prediction models. Ensemble learning from these fingerprints was also provided to improve the prediction ability. When the user submits a molecule, the server will predict the activity of the user's molecule across 623 human proteins by the established high quality SAR model, thus generating a DTI profiling that can be used as a feature vector of chemicals for wide applications. The 623 SAR models related to 623 human proteins were strictly evaluated and validated by several model validation strategies, resulting in the AUC scores of 75-100 %. We applied the generated DTI profiling to successfully predict potential targets, toxicity classification, drug-drug interactions, and drug mode of action, which sufficiently demonstrated the wide application value of the potential DTI profiling. The TargetNet webserver is designed based on the Django framework in Python, and is freely accessible at http://targetnet.scbdd.com.

  5. The Role of Malware in Reported Cyber Espionage: A Review of the Impact and Mechanism

    OpenAIRE

    Gaute Wangen

    2015-01-01

    This is the journal's PDF originally published in Information, http://dx.doi.org/10.3390/info6020183 The recent emergence of the targeted use of malware in cyber espionage versus industry requires a systematic review for better understanding of its impact and mechanism. This paper proposes a basic taxonomy to document major cyber espionage incidents, describing and comparing their impacts (geographic or political targets, origins and motivations) and their mechanisms (dropper, propagation,...

  6. Pilot Evaluation of a Web-Based Intervention Targeting Sexual Health Service Access

    Science.gov (United States)

    Brown, K. E.; Newby, K.; Caley, M.; Danahay, A.; Kehal, I.

    2016-01-01

    Sexual health service access is fundamental to good sexual health, yet interventions designed to address this have rarely been implemented or evaluated. In this article, pilot evaluation findings for a targeted public health behavior change intervention, delivered via a website and web-app, aiming to increase uptake of sexual health services among…

  7. Reconciling Malicious and Accidental Risk in Cyber Security

    NARCIS (Netherlands)

    Pieters, Wolter; Lukszo, Zofia; Hadziosmanovic, D.; van den Berg, Jan

    Consider the question whether a cyber security investment is cost-effective. The result will depend on the expected frequency of attacks. Contrary to what is referred to as threat event frequencies or hazard rates in safety risk management, frequencies of targeted attacks are not independent from

  8. Safe Cooperating Cyber-Physical Systems using Wireless Communication

    DEFF Research Database (Denmark)

    Pop, Paul; Scholle, Detlef; Sljivo, Irfan

    2017-01-01

    This paper presents an overview of the ECSEL project entitled ―Safe Cooperating Cyber-Physical Systems using Wireless Communication‖ (SafeCOP), which runs during the period 2016–2019. SafeCOP targets safety-related Cooperating Cyber-Physical Systems (CO-CPS) characterised by use of wireless...... detection of abnormal behaviour, triggering if needed a safe degraded mode. SafeCOP will also develop methods and tools, which will be used to produce safety assurance evidence needed to certify cooperative functions. SafeCOP will extend current wireless technologies to ensure safe and secure cooperation...

  9. Vulnerability of water supply systems to cyber-physical attacks

    Science.gov (United States)

    Galelli, Stefano; Taormina, Riccardo; Tippenhauer, Nils; Salomons, Elad; Ostfeld, Avi

    2016-04-01

    The adoption of smart meters, distributed sensor networks and industrial control systems has largely improved the level of service provided by modern water supply systems. Yet, the progressive computerization exposes these critical infrastructures to cyber-physical attacks, which are generally aimed at stealing critical information (cyber-espionage) or causing service disruption (denial-of-service). Recent statistics show that water and power utilities are undergoing frequent attacks - such as the December power outage in Ukraine - , attracting the interest of operators and security agencies. Taking the security of Water Distribution Networks (WDNs) as domain of study, our work seeks to characterize the vulnerability of WDNs to cyber-physical attacks, so as to conceive adequate defense mechanisms. We extend the functionality of EPANET, which models hydraulic and water quality processes in pressurized pipe networks, to include a cyber layer vulnerable to repeated attacks. Simulation results on a medium-scale network show that several hydraulic actuators (valves and pumps, for example) can be easily attacked, causing both service disruption - i.e., water spillage and loss of pressure - and structural damages - e.g., pipes burst. Our work highlights the need for adequate countermeasures, such as attacks detection and reactive control systems.

  10. Establishing an Effective Combat Strategy for Prevalent Cyber- Attacks

    OpenAIRE

    Vivian Ogochukwu Nwaocha; Inyiama H.C.

    2011-01-01

    As organisations continue to incorporate the Internet as a key component of their operations, the global cyber-threat level is increasing. One of the most common types of cyber-threats is known as the Distributed Denial of Service (DDoS) attack – an attack preventing users from accessing a system for a period of time. Recent DDoS attacks have left large corporate and government networks inaccessible to customers, partners and users for hours or days, resulting in significant financial, reputa...

  11. A Case Study on Cyber-security Program for the Programmable Logic Controller of Modern NPPs

    International Nuclear Information System (INIS)

    Song, S. H.; Lee, M. S.; Kim, T. H.; Park, C. H.; Park, S. P.; Kim, H. S.

    2014-01-01

    As instrumentation and control (I and C) systems for modern Nuclear Power Plants (NPPs) have been digitalized to cope with their growing complexity, the cyber-security has become an important issue. To protect the I and C systems adequately from cyber threats, such as Stuxnet that attacked Iran's nuclear facilities, regulations of many countries require a cyber-security program covering all the life cycle phases of the system development, from the concept to the retirement. This paper presents a case study of cyber-security program that has been performed during the development of the programmable logic controller (PLC) for modern NPPs of Korea. In the case study, a cyber-security plan, including technical, management, and operational controls, was established through a security risk assessment. Cyber-security activities, such as development of security functions and periodic inspections, were conducted according to the plan: the security functions were applied to the PLC as the technical controls, and periodic inspections and audits were held to check the security of the development environment, as the management and operational controls. A final penetration test was conducted to inspect all the security problems that had been issued during the development. The case study has shown that the systematic cyber-security program detected and removed the vulnerabilities of the target system, which could not be found otherwise, enhancing the cyber-security of the system

  12. A Case Study on Cyber-security Program for the Programmable Logic Controller of Modern NPPs

    Energy Technology Data Exchange (ETDEWEB)

    Song, S. H. [Korea University, Seoul (Korea, Republic of); Lee, M. S.; Kim, T. H. [Formal Work Inc., Seoul (Korea, Republic of); Park, C. H. [LINE Corp., Tokyo (Japan); Park, S. P. [Ahnlab Inc., Seoul (Korea, Republic of); Kim, H. S. [Sejong University, Seoul (Korea, Republic of)

    2014-08-15

    As instrumentation and control (I and C) systems for modern Nuclear Power Plants (NPPs) have been digitalized to cope with their growing complexity, the cyber-security has become an important issue. To protect the I and C systems adequately from cyber threats, such as Stuxnet that attacked Iran's nuclear facilities, regulations of many countries require a cyber-security program covering all the life cycle phases of the system development, from the concept to the retirement. This paper presents a case study of cyber-security program that has been performed during the development of the programmable logic controller (PLC) for modern NPPs of Korea. In the case study, a cyber-security plan, including technical, management, and operational controls, was established through a security risk assessment. Cyber-security activities, such as development of security functions and periodic inspections, were conducted according to the plan: the security functions were applied to the PLC as the technical controls, and periodic inspections and audits were held to check the security of the development environment, as the management and operational controls. A final penetration test was conducted to inspect all the security problems that had been issued during the development. The case study has shown that the systematic cyber-security program detected and removed the vulnerabilities of the target system, which could not be found otherwise, enhancing the cyber-security of the system.

  13. Cyber Security Testing and Training Programs for Industrial Control Systems

    International Nuclear Information System (INIS)

    Noyes, Daniel

    2012-01-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  14. Cyber Security Testing and Training Programs for Industrial Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    Daniel Noyes

    2012-03-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  15. Cyber threats to health information systems: A systematic review.

    Science.gov (United States)

    Luna, Raul; Rhine, Emily; Myhra, Matthew; Sullivan, Ross; Kruse, Clemens Scott

    2016-01-01

    Recent legislation empowering providers to embrace the electronic exchange of health information leaves the healthcare industry increasingly vulnerable to cybercrime. The objective of this systematic review is to identify the biggest threats to healthcare via cybercrime. The rationale behind this systematic review is to provide a framework for future research by identifying themes and trends of cybercrime in the healthcare industry. The authors conducted a systematic search through the CINAHL, Academic Search Complete, PubMed, and ScienceDirect databases to gather literature relative to cyber threats in healthcare. All authors reviewed the articles collected and excluded literature that did not focus on the objective. Researchers selected and examined 19 articles for common themes. The most prevalent cyber-criminal activity in healthcare is identity theft through data breach. Other concepts identified are internal threats, external threats, cyber-squatting, and cyberterrorism. The industry has now come to rely heavily on digital technologies, which increase risks such as denial of service and data breaches. Current healthcare cyber-security systems do not rival the capabilities of cyber criminals. Security of information is a costly resource and therefore many HCOs may hesitate to invest what is required to protect sensitive information.

  16. Cyber essentials a pocket guide

    CERN Document Server

    Calder, Alan

    2014-01-01

    Every year, thousands of computer systems in the UK are compromised. The majority fall victim to easily preventable cyber attacks, carried out with tools which are freely available on the Internet.   Cyber Essentials is the UK Government's reaction to the proliferation of these attacks. It requires that organisations put basic security measures in place, enabling them to reliably counter the most common tactics employed by cyber criminals. From 1 October 2014, all suppliers bidding for a range of government ICT contracts - in particu

  17. Cyber-campaigning in Denmark

    DEFF Research Database (Denmark)

    Hansen, Kasper Møller; Kosiara-Pedersen, Karina

    2014-01-01

    sites and Facebook sites are popular among candidates but other features such as blogs, feeds, newsletter, video uploads, SMS and twitter are used by less than half the candidates. Second, only age and possibly education seem to matter when explaining the uptake of cyber-campaigning. The prominent...... candidates are not significantly more likely to use cyber-campaigning tools and activities. Third, the analysis of the effect of cyber-campaigning shows that the online score has an effect on the inter-party competition for personal votes, but it does not have a significant effect when controlling for other...

  18. Cyber Security: US - Chinese Relations

    OpenAIRE

    Debnárová, Barbora

    2015-01-01

    This diploma thesis deals with cyber relation of the United States of America and the People's republic of China. The aim of this diploma thesis is to answer the following questions: What kind of cyber threat for the United States does China represent? How is China's cyber strategy characterised? How do USA react on this threat and what are the gaps in this reaction? The thesis is divided into four chapters. The first chapter deals with definition of cyberwarfare and its perception in Chinese...

  19. Cyber security assessment of a power plant

    Energy Technology Data Exchange (ETDEWEB)

    Nai Fovino, Igor; Masera, Marcelo; Stefanini, Alberto [Joint Research Centre, Institute for the Protection and Security of the Citizen, Ispra (Italy); Guidi, Luca [Enel Ingegneria e Innovazione, Pisa (Italy)

    2011-02-15

    Critical infrastructures and systems are today exposed not only to traditional safety and availability problems, but also to new kinds of security threats. These are mainly due to the large number of new vulnerabilities and architectural weaknesses introduced by the extensive use of information and communication technologies (ICT) into such complex systems. In this paper we present the outcomes of an exhaustive ICT security assessment, targeting an operational power plant, which consisted also of the simulation of potential cyber attacks. The assessment shows that the plant is considerably vulnerable to malicious attacks. This situation cannot be ignored, because the potential outcomes of an induced plant malfunction can be severe. (author)

  20. Security Engineering Project - System Aware Cyber Security for an Autonomous Surveillance System On Board an Unmanned Aerial Vehicle

    Science.gov (United States)

    2014-01-31

    includes the capability to show multiple aircraft to the cyber commander using the Google Maps API . Furthermore, cyber detections and a history of each...used for locking the gimbal on a point of interest and for geolocating tracked targets. The GPS data from the gimbal is stored as metadata for the

  1. Use of Cybercafe's Services by Households in Delta State, Nigeria ...

    African Journals Online (AJOL)

    Cyber cafés' provide important public services. They provide access to wide range of information through the internet via the computer. The study is centered on the use of cyber cafés by households in Delta State. Services provided by the cyber café's were identified. The study revealed that Household with children under ...

  2. Cyber-Terrorism: Modem Mayhem

    National Research Council Canada - National Science Library

    White, Kenneth

    1998-01-01

    .... The arrival of the information age has created a new menace cyber terrorism. This threat recognizes no boundaries, requires minimal resources to mount an attack, and leaves no human footprint at ground zero...

  3. Detection of complex cyber attacks

    Science.gov (United States)

    Gregorio-de Souza, Ian; Berk, Vincent H.; Giani, Annarita; Bakos, George; Bates, Marion; Cybenko, George; Madory, Doug

    2006-05-01

    One significant drawback to currently available security products is their inabilty to correlate diverse sensor input. For instance, by only using network intrusion detection data, a root kit installed through a weak username-password combination may go unnoticed. Similarly, an administrator may never make the link between deteriorating response times from the database server and an attacker exfiltrating trusted data, if these facts aren't presented together. Current Security Information Management Systems (SIMS) can collect and represent diverse data but lack sufficient correlation algorithms. By using a Process Query System, we were able to quickly bring together data flowing from many sources, including NIDS, HIDS, server logs, CPU load and memory usage, etc. We constructed PQS models that describe dynamic behavior of complicated attacks and failures, allowing us to detect and differentiate simultaneous sophisticated attacks on a target network. In this paper, we discuss the benefits of implementing such a multistage cyber attack detection system using PQS. We focus on how data from multiple sources can be combined and used to detect and track comprehensive network security events that go unnoticed using conventional tools.

  4. Cyber security in digitalized nuclear power plants

    Energy Technology Data Exchange (ETDEWEB)

    Sohn, Kwang Young; Yi, Woo June [KoRTS Co., Ltd., Daejeon (Korea, Republic of)

    2008-10-15

    This paper analyzer the cyber security issues pertaining to networks and general systems, and provides cyber security activity model. For this, the importance of security, and the domestic and international trends of cyber security are surveyed in order to introduce the strategies and countermeasures of cyber security which should be interfaced with Quality Assurance (QA) plan Based on the result of cyber security model introduced in this paper, activities for cyber security, work load, necessary resources and process for activities, and duration could be estimated hopefully.

  5. Cyber security in digitalized nuclear power plants

    International Nuclear Information System (INIS)

    Sohn, Kwang Young; Yi, Woo June

    2008-01-01

    This paper analyzer the cyber security issues pertaining to networks and general systems, and provides cyber security activity model. For this, the importance of security, and the domestic and international trends of cyber security are surveyed in order to introduce the strategies and countermeasures of cyber security which should be interfaced with Quality Assurance (QA) plan Based on the result of cyber security model introduced in this paper, activities for cyber security, work load, necessary resources and process for activities, and duration could be estimated hopefully

  6. Cyber Threat and Vulnerability Analysis of the U.S. Electric Sector

    Energy Technology Data Exchange (ETDEWEB)

    Glenn, Colleen [Idaho National Lab. (INL), Idaho Falls, ID (United States). Mission Support Center; Sterbentz, Dane [Idaho National Lab. (INL), Idaho Falls, ID (United States). Mission Support Center; Wright, Aaron [Idaho National Lab. (INL), Idaho Falls, ID (United States). Mission Support Center

    2016-12-20

    With utilities in the U.S. and around the world increasingly moving toward smart grid technology and other upgrades with inherent cyber vulnerabilities, correlative threats from malicious cyber attacks on the North American electric grid continue to grow in frequency and sophistication. The potential for malicious actors to access and adversely affect physical electricity assets of U.S. electricity generation, transmission, or distribution systems via cyber means is a primary concern for utilities contributing to the bulk electric system. This paper seeks to illustrate the current cyber-physical landscape of the U.S. electric sector in the context of its vulnerabilities to cyber attacks, the likelihood of cyber attacks, and the impacts cyber events and threat actors can achieve on the power grid. In addition, this paper highlights utility perspectives, perceived challenges, and requests for assistance in addressing cyber threats to the electric sector. There have been no reported targeted cyber attacks carried out against utilities in the U.S. that have resulted in permanent or long term damage to power system operations thus far, yet electric utilities throughout the U.S. have seen a steady rise in cyber and physical security related events that continue to raise concern. Asset owners and operators understand that the effects of a coordinated cyber and physical attack on a utility’s operations would threaten electric system reliability–and potentially result in large scale power outages. Utilities are routinely faced with new challenges for dealing with these cyber threats to the grid and consequently maintain a set of best practices to keep systems secure and up to date. Among the greatest challenges is a lack of knowledge or strategy to mitigate new risks that emerge as a result of an exponential rise in complexity of modern control systems. This paper compiles an open-source analysis of cyber threats and risks to the electric grid, utility best practices

  7. Subsidies to target specialist outreach services into more remote locations: a national cross-sectional study.

    Science.gov (United States)

    O'Sullivan, Belinda G; McGrail, Matthew R; Stoelwinder, Johannes U

    2017-07-01

    Objective Targeting rural outreach services to areas of highest relative need is challenging because of the higher costs it imposes on health workers to travel longer distances. This paper studied whether subsidies have the potential to support the provision of specialist outreach services into more remote locations. Methods National data about subsidies for medical specialist outreach providers as part of the Wave 7 Medicine in Australia: Balancing Employment and Life (MABEL) Survey in 2014. Results Nearly half received subsidies: 19% (n=110) from a formal policy, namely the Australian Government Rural Health Outreach Fund (RHOF), and 27% (n=154) from other sources. Subsidised specialists travelled for longer and visited more remote locations relative to the non-subsidised group. In addition, compared with non-subsidised specialists, RHOF-subsidised specialists worked in priority areas and provided equally regular services they intended to continue, despite visiting more remote locations. Conclusion This suggests the RHOF, although limited to one in five specialist outreach providers, is important to increase targeted and stable outreach services in areas of highest relative need. Other subsidies also play a role in facilitating remote service distribution, but may need to be more structured to promote regular, sustained outreach practice. What is known about this topic? There are no studies describing subsidies for specialist doctors to undertake rural outreach work and whether subsidies, including formal and structured subsidies via the Australian Government RHOF, support targeted outreach services compared with no financial support. What does this paper add? Using national data from Australia, we describe subsidisation among specialist outreach providers and show that specialists subsidised via the RHOF or another source are more likely to provide remote outreach services. What are the implications for practitioners? Subsidised specialist outreach providers are

  8. Cyber security in nuclear power plants and its portability to other industrial infrastructures

    International Nuclear Information System (INIS)

    Champigny, Sebastien; Gupta, Deeksha; Watson, Venesa; Waedt, Karl

    2017-01-01

    Power generation increasingly relies on decentralised and interconnected computerised systems. Concepts like ''Industrial Internet of Things'' of the Industrial Internet Consortium (IIC), and ''Industry 4.0'' find their way in this strategic industry. Risk of targeted exploits of errors and vulnerabilities increases with complexity, interconnectivity and decentralization. Inherently stringent security requirements and features make nuclear computerised applications and systems a benchmark for industrial counterparts seeking to hedge against those risks. Consequently, this contribution presents usual cyber security regulations and practices for nuclear power plants. It shows how nuclear cyber security can be ported and used in an industrial context to protect critical infrastructures against cyber-attacks and industrial espionage.

  9. Targeted Evolution of Embedded Librarian Services: Providing Mobile Reference and Instruction Services Using iPads.

    Science.gov (United States)

    Stellrecht, Elizabeth; Chiarella, Deborah

    2015-01-01

    The University at Buffalo Health Sciences Library provides reference and instructional services to support research, curricular, and clinical programs of the University at Buffalo. With funding from an NN/LM MAR Technology Improvement Award, the University at Buffalo Health Sciences Library (UBHSL) purchased iPads to develop embedded reference and educational services. Usage statistics were collected over a ten-month period to measure the frequency of iPad use for mobile services. While this experiment demonstrates that the iPad can be used to meet the library user's needs outside of the physical library space, this article will also offer advice for others who are considering implementing their own program.

  10. PENEGAKAN HUKUM TERHADAP CYBER CRIME DI BIDANG PERBANKAN SEBAGAI KEJAHATAN TRANSNASIONAL

    Directory of Open Access Journals (Sweden)

    Tri Kuncoro

    2013-11-01

    The forms of cyber crime in banking are typo site, keylogger / keystroke recorder, sniffing, brute-force attacking, deface web, email spamming, denial of service and virus, worm, trojan. Jurisdiction in the law enforcement against cyber crime in banking jurisdiction includes legislative, executive and enforcement jurisdiction. Jurisdiction specifically stipulated in Article 2 of Act of Republic of Indonesia Number 11 of 2008 concerning Information and Electronic Transactions. Banks should have an electronic security system to protect the system. The Law enforcement against cyber crime in banking requires cooperation between countries.

  11. Longitudinal associations between cyber-bullying perpetration and victimization and problem behavior and mental health problems in young Australians.

    Science.gov (United States)

    Hemphill, Sheryl A; Kotevski, Aneta; Heerde, Jessica A

    2015-02-01

    To investigate associations between Grade 9 and 10 cyber-bullying perpetration and victimization and Grade 11 problem behavior and mental health problems after controlling for risk factors for these outcomes in the analyses. The sample comprised 927 students from Victoria, Australia who completed a modified version of the self-report Communities That Care Youth Survey in Grades 9-11 to report on risk factors, traditional and cyber-bullying perpetration and victimization, problem behavior, and mental health. Complete data on over 650 participants were analyzed. Five per cent of Grade 9 and 10 students reported cyber-bullying perpetration only, 6-8% reported victimization only, and 8-9% both cyber-bullied others and were cyber-bullied. Results showed that cyber-bullying others in Grade 10 was associated with theft in Grade 11, cyber-victimization in Grade 10 was linked with Grade 11 depressive symptoms, and Grade 10 cyber-bullying perpetration and victimization combined predicted Grade 11 school suspension and binge drinking. Prevention approaches that target traditional and cyber-bullying, and established risk factors are necessary. Such multi-faceted programs may also reduce problem behavior and mental health problems.

  12. An Integrated Cyber Security Risk Management Approach for a Cyber-Physical System

    Directory of Open Access Journals (Sweden)

    Halima Ibrahim Kure

    2018-05-01

    Full Text Available A cyber-physical system (CPS is a combination of physical system components with cyber capabilities that have a very tight interconnectivity. CPS is a widely used technology in many applications, including electric power systems, communications, and transportation, and healthcare systems. These are critical national infrastructures. Cybersecurity attack is one of the major threats for a CPS because of many reasons, including complexity and interdependencies among various system components, integration of communication, computing, and control technology. Cybersecurity attacks may lead to various risks affecting the critical infrastructure business continuity, including degradation of production and performance, unavailability of critical services, and violation of the regulation. Managing cybersecurity risks is very important to protect CPS. However, risk management is challenging due to the inherent complex and evolving nature of the CPS system and recent attack trends. This paper presents an integrated cybersecurity risk management framework to assess and manage the risks in a proactive manner. Our work follows the existing risk management practice and standard and considers risks from the stakeholder model, cyber, and physical system components along with their dependencies. The approach enables identification of critical CPS assets and assesses the impact of vulnerabilities that affect the assets. It also presents a cybersecurity attack scenario that incorporates a cascading effect of threats and vulnerabilities to the assets. The attack model helps to determine the appropriate risk levels and their corresponding mitigation process. We present a power grid system to illustrate the applicability of our work. The result suggests that risk in a CPS of a critical infrastructure depends mainly on cyber-physical attack scenarios and the context of the organization. The involved risks in the studied context are both from the technical and

  13. Towards the cyber security paradigm of ehealth: Resilience and design aspects

    Science.gov (United States)

    Rajamäki, Jyri; Pirinen, Rauno

    2017-06-01

    Digital technologies have significantly changed the role of healthcare clients in seeking and receiving medical help, as well as brought up more cooperative policy issues in healthcare cross-border services. Citizens continue to take a more co-creative role in decisions about their own healthcare, and new technologies can enable and facilitate this emergent trend. In this study, healthcare services have been intended as a critical societal sector and therefore healthcare systems are focused on as critical infrastructures that ought to be protected from all types of fears, including cyber security threats and attacks. Despite continual progress in the systemic risk management of cyber domain, it is clear that anticipation and prevention of all possible types of attack and malfunction are not achievable for current or future cyber infrastructures. This study focuses on the investigation of a cyber security paradigm, adaptive systems and sense of resilience in a healthcare critical information infrastructure.

  14. Cyber bullying: Child and youth spirituality

    OpenAIRE

    Anastasia Apostolides

    2017-01-01

    Digital culture is part of children’s and adolescents’ everyday lives. Digital culture has both positive and negative consequences. One such negative consequence is cyber violence that has been termed cyber bullying. Cyber bullying can cause serious emotional, behavioural and academic problems for both the victim and the bully. Although there is ongoing research on the effects of cyber bullying on children and youth in South Africa, no research has been carried out on how children’s and youth...

  15. KYPO Cyber Range: Design and Use Cases

    OpenAIRE

    Vykopal Jan; Ošlejšek Radek; Čeleda Pavel; Vizváry Martin; Tovarňák Daniel

    2017-01-01

    The physical and cyber worlds are increasingly intertwined and exposed to cyber attacks. The KYPO cyber range provides complex cyber systems and networks in a virtualized, fully controlled and monitored environment. Time-efficient and cost-effective deployment is feasible using cloud resources instead of a dedicated hardware infrastructure. This paper describes the design decisions made during it’s development. We prepared a set of use cases to evaluate the proposed design decisions and to de...

  16. Addressing Human Factors Gaps in Cyber Defense

    Science.gov (United States)

    2016-09-23

    awareness (Endsley, 1995), and thus stands a good chance of benefiting from similar study. It should be noted that cyber situation awareness as a...models of the environment, divided across multiple types of cyber operations (Tyworth, Giacobe, Mancuso, McNeese, & Hall, 2013). Given the... Attention Switching in Cyber Security Dr. Christopher Wickens Colorado State University Cyber-security analysts at whatever level they serve

  17. Insurability of Cyber Risk: An Empirical Analysis

    OpenAIRE

    Biener, Christian; Eling, Martin; Wirfs, Jan Hendrik

    2015-01-01

    This paper discusses the adequacy of insurance for managing cyber risk. To this end, we extract 994 cases of cyber losses from an operational risk database and analyse their statistical properties. Based on the empirical results and recent literature, we investigate the insurability of cyber risk by systematically reviewing the set of criteria introduced by Berliner (1982). Our findings emphasise the distinct characteristics of cyber risks compared with other operational risks and bring to li...

  18. Cyber Security in Nuclear Power Plants - U.S. NRC Regulatory Guide 5.71

    International Nuclear Information System (INIS)

    Pogacic, Goran

    2014-01-01

    We have already made a big step into new millennia and with it there is no more dilemma about presence of computers and internet in our lives. Almost all modern facilities struggle with this new dimension of information flow and how to use it to their best interest. But there is also the other side of the coin- the security threat. For nuclear power plants this threat poses even greater risk. In addition to protecting their trade secrets, personal data or other common targets of cyber attacks, nuclear power plants need to protect their digital computers, communication systems and networks up to and including the design basis threat (DBT). As stated in U.S. Nuclear Regulatory Commission (NRC) Regulatory Commission Regulations, Title 10, Code of Federal Regulations (CFR), section 73.1, 'Purpose and Scope' this includes protection against acts of radiological sabotage and prevention of the theft or diversion of special nuclear material. The main purpose of this paper is to explore the NRC Regulatory Guide (RG) 5.71 and its guidance in implementing cyber security requirements stated in NRC 10 CFR, section 73.54, 'Protection of Digital Computer and Communication Systems and Networks'. In particular, this section requires protection of digital computers, communication systems and networks associated with the following categories of functions: · safety-related and important-to-safety functions, · security functions, · emergency preparedness functions, including offsite communication, and · support systems and equipment which, if compromised, would adversely impact safety, security, or emergency preparedness functions. This section requires protection of such systems and networks from those cyber attacks that would act to modify, destroy, or compromise the integrity or confidentiality of data or software; deny access to systems, services or data; and impact the operation of systems, networks, and equipment. This paper will also present some of

  19. Comparing models of offensive cyber operations

    CSIR Research Space (South Africa)

    Grant, T

    2015-10-01

    Full Text Available would be needed by a Cyber Security Operations Centre in order to perform offensive cyber operations?". The analysis was performed, using as a springboard seven models of cyber-attack, and resulted in the development of what is described as a canonical...

  20. Cyberprints: Identifying Cyber Attackers by Feature Analysis

    Science.gov (United States)

    Blakely, Benjamin A.

    2012-01-01

    The problem of attributing cyber attacks is one of increasing importance. Without a solid method of demonstrating the origin of a cyber attack, any attempts to deter would-be cyber attackers are wasted. Existing methods of attribution make unfounded assumptions about the environment in which they will operate: omniscience (the ability to gather,…

  1. A Trusted Autonomic Architecture to Safeguard Cyber-Physical Control Leaf Nodes and Protect Process Integrity

    OpenAIRE

    Chiluvuri, Nayana Teja

    2015-01-01

    Cyber-physical systems are networked through IT infrastructure and susceptible to malware. Threats targeting process control are much more safety-critical than traditional computing systems since they jeopardize the integrity of physical infrastructure. Existing defence mechanisms address security at the network nodes but do not protect the physical infrastructure if network integrity is compromised. An interface guardian architecture is implemented on cyber-physical control leaf nodes to mai...

  2. Enhancing Cyber Security for SME organizations through self-assessments : How self-assessment raises awareness

    OpenAIRE

    Hassinen, Tarmo

    2017-01-01

    This thesis primarily studied the importance of self-assessment in increasing business organizations’ cyber security awareness of their ICT environment. The secondary studied item was the relevance of self-assessment in detecting new business potential while understanding ICT environment changes. The self-assessment is based on FINCS, the Finnish basic level cyber security certificate launched in December 2016. FINCSC consists of physical and management security, ICT service and system securi...

  3. Usability Requirements for Complex Cyber-Physical Systems in a Totally Networked World

    OpenAIRE

    Kölmel , Bernhard; Bulander , Rebecca; Dittmann , Uwe; Schätter , Alfred; Würtz , Günther

    2014-01-01

    Part 7: Cyber-Physical Systems; International audience; “The Internet has made the world “flat” by transcending space. […] The Internet has transformed how we conduct research, studies, business, services, and entertainment.” [1] Cyber-physical systems (CPS) are engineered systems that are built from, and depend upon, the seamless integration of computational algorithms and physical components. Advances in CPS will enable capability, adaptability, scalability, resiliency, safety, security, an...

  4. Cyber security evaluation of II&C technologies

    Energy Technology Data Exchange (ETDEWEB)

    Thomas, Ken [Idaho National Laboratory (INL), Idaho Falls, ID (United States)

    2014-11-01

    The Light Water Reactor Sustainability (LWRS) Program is a research and development program sponsored by the Department of Energy, which is conducted in close collaboration with industry to provide the technical foundations for licensing and managing the long-term, safe and economical operation of current nuclear power plants The LWRS Program serves to help the US nuclear industry adopt new technologies and engineering solutions that facilitate the continued safe operation of the plants and extension of the current operating licenses. Within the LWRS Program, the Advanced Instrumentation, Information, and Control (II&C) Systems Technologies Pathway conducts targeted research and development (R&D) to address aging and reliability concerns with the legacy instrumentation and control and related information systems of the U.S. operating light water reactor (LWR) fleet. The II&C Pathway is conducted by Idaho National Laboratory (INL). Cyber security is a common concern among nuclear utilities and other nuclear industry stakeholders regarding the digital technologies that are being developed under this program. This concern extends to the point of calling into question whether these types of technologies could ever be deployed in nuclear plants given the possibility that the information in them can be compromised and the technologies themselves can potentially be exploited to serve as attack vectors for adversaries. To this end, a cyber security evaluation has been conducted of these technologies to determine whether they constitute a threat beyond what the nuclear plants already manage within their regulatory-required cyber security programs. Specifically, the evaluation is based on NEI 08-09, which is the industry’s template for cyber security programs and evaluations, accepted by the Nuclear Regulatory Commission (NRC) as responsive to the requirements of the nuclear power plant cyber security regulation found in 10 CFR 73.54. The evaluation was conducted by a

  5. Cyber Threats to Nuclear Infrastructures

    International Nuclear Information System (INIS)

    Anderson, Robert S.; Moskowitz, Paul; Schanfein, Mark; Bjornard, Trond; St. Michel, Curtis

    2010-01-01

    Nuclear facility personnel expend considerable efforts to ensure that their facilities can maintain continuity of operations against both natural and man-made threats. Historically, most attention has been placed on physical security. Recently however, the threat of cyber-related attacks has become a recognized and growing world-wide concern. Much attention has focused on the vulnerability of the electric grid and chemical industries to cyber attacks, in part, because of their use of Supervisory Control and Data Acquisition (SCADA) systems. Lessons learned from work in these sectors indicate that the cyber threat may extend to other critical infrastructures including sites where nuclear and radiological materials are now stored. In this context, this white paper presents a hypothetical scenario by which a determined adversary launches a cyber attack that compromises the physical protection system and results in a reduced security posture at such a site. The compromised security posture might then be malevolently exploited in a variety of ways. The authors conclude that the cyber threat should be carefully considered for all nuclear infrastructures.

  6. Cyber Threats to Nuclear Infrastructures

    Energy Technology Data Exchange (ETDEWEB)

    Robert S. Anderson; Paul Moskowitz; Mark Schanfein; Trond Bjornard; Curtis St. Michel

    2010-07-01

    Nuclear facility personnel expend considerable efforts to ensure that their facilities can maintain continuity of operations against both natural and man-made threats. Historically, most attention has been placed on physical security. Recently however, the threat of cyber-related attacks has become a recognized and growing world-wide concern. Much attention has focused on the vulnerability of the electric grid and chemical industries to cyber attacks, in part, because of their use of Supervisory Control and Data Acquisition (SCADA) systems. Lessons learned from work in these sectors indicate that the cyber threat may extend to other critical infrastructures including sites where nuclear and radiological materials are now stored. In this context, this white paper presents a hypothetical scenario by which a determined adversary launches a cyber attack that compromises the physical protection system and results in a reduced security posture at such a site. The compromised security posture might then be malevolently exploited in a variety of ways. The authors conclude that the cyber threat should be carefully considered for all nuclear infrastructures.

  7. An E xplorative S tudy of S atisfaction L evel of Cyber - crime V ictims with R espect to E - services of B anks

    OpenAIRE

    ATUL BAMRARA; GAJENDRA SINGH; MAMTA BHATT

    2012-01-01

    It is important for the organizations to make sure that how far the customers are satisfied wit h the services they offer. This has directed to a surge in the popularity of measuring customer satisfaction in last few years. (Rexha et al. 2003) revealed that the satisfaction of corporate clients with their bank does not directly affect their propensit y to use electronic banking. However, satisfaction does have a significant impact on trust and commitment,...

  8. Cyber Incidents Involving Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    Robert J. Turk

    2005-10-01

    The Analysis Function of the US-CERT Control Systems Security Center (CSSC) at the Idaho National Laboratory (INL) has prepared this report to document cyber security incidents for use by the CSSC. The description and analysis of incidents reported herein support three CSSC tasks: establishing a business case; increasing security awareness and private and corporate participation related to enhanced cyber security of control systems; and providing informational material to support model development and prioritize activities for CSSC. The stated mission of CSSC is to reduce vulnerability of critical infrastructure to cyber attack on control systems. As stated in the Incident Management Tool Requirements (August 2005) ''Vulnerability reduction is promoted by risk analysis that tracks actual risk, emphasizes high risk, determines risk reduction as a function of countermeasures, tracks increase of risk due to external influence, and measures success of the vulnerability reduction program''. Process control and Supervisory Control and Data Acquisition (SCADA) systems, with their reliance on proprietary networks and hardware, have long been considered immune to the network attacks that have wreaked so much havoc on corporate information systems. New research indicates this confidence is misplaced--the move to open standards such as Ethernet, Transmission Control Protocol/Internet Protocol, and Web technologies is allowing hackers to take advantage of the control industry's unawareness. Much of the available information about cyber incidents represents a characterization as opposed to an analysis of events. The lack of good analyses reflects an overall weakness in reporting requirements as well as the fact that to date there have been very few serious cyber attacks on control systems. Most companies prefer not to share cyber attack incident data because of potential financial repercussions. Uniform reporting requirements will do much to make this

  9. Cyber threats within civil aviation

    Science.gov (United States)

    Heitner, Kerri A.

    Existing security policies in civil aviation do not adequately protect against evolving cyber threats. Cybersecurity has been recognized as a top priority among some aviation industry leaders. Heightened concerns regarding cyber threats and vulnerabilities surround components utilized in compliance with the Federal Aviation Administration's (FAA) Next Generation Air Transportation (NextGen) implementation. Automated Dependent Surveillance-B (ADS-B) and Electronic Flight Bags (EFB) have both been exploited through the research of experienced computer security professionals. Civil aviation is essential to international infrastructure and if its critical assets were compromised, it could pose a great risk to public safety and financial infrastructure. The purpose of this research was to raise awareness of aircraft system vulnerabilities in order to provoke change among current national and international cybersecurity policies, procedures and standards. Although the education of cyber threats is increasing in the aviation industry, there is not enough urgency when creating cybersecurity policies. This project intended to answer the following questions: What are the cyber threats to ADS-B of an aircraft in-flight? What are the cyber threats to EFB? What is the aviation industry's response to the issue of cybersecurity and in-flight safety? ADS-B remains unencrypted while the FAA's mandate to implement this system is rapidly approaching. The cyber threat of both portable and non-portable EFB's have received increased publicity, however, airlines are not responding quick enough (if at all) to create policies for the use of these devices. Collectively, the aviation industry is not being proactive enough to protect its aircraft or airport network systems. That is not to say there are not leaders in cybersecurity advancement. These proactive organizations must set the standard for the future to better protect society and it's most reliable form of transportation.

  10. Human-Technology Centric In Cyber Security Maintenance For Digital Transformation Era

    Science.gov (United States)

    Ali, Firkhan Ali Bin Hamid; Zalisham Jali, Mohd, Dr

    2018-05-01

    The development of the digital transformation in the organizations has become more expanding in these present and future years. This is because of the active demand to use the ICT services among all the organizations whether in the government agencies or private sectors. While digital transformation has led manufacturers to incorporate sensors and software analytics into their offerings, the same innovation has also brought pressure to offer clients more accommodating appliance deployment options. So, their needs a well plan to implement the cyber infrastructures and equipment. The cyber security play important role to ensure that the ICT components or infrastructures execute well along the organization’s business successful. This paper will present a study of security management models to guideline the security maintenance on existing cyber infrastructures. In order to perform security model for the currently existing cyber infrastructures, combination of the some security workforces and security process of extracting the security maintenance in cyber infrastructures. In the assessment, the focused on the cyber security maintenance within security models in cyber infrastructures and presented a way for the theoretical and practical analysis based on the selected security management models. Then, the proposed model does evaluation for the analysis which can be used to obtain insights into the configuration and to specify desired and undesired configurations. The implemented cyber security maintenance within security management model in a prototype and evaluated it for practical and theoretical scenarios. Furthermore, a framework model is presented which allows the evaluation of configuration changes in the agile and dynamic cyber infrastructure environments with regard to properties like vulnerabilities or expected availability. In case of a security perspective, this evaluation can be used to monitor the security levels of the configuration over its lifetime and

  11. Reduction of Equipment Access Time through Cyber Plant Navigation

    Energy Technology Data Exchange (ETDEWEB)

    Suh, Jang Soo; Goo, Ja Sung; Kim, Yong Yi [Korea Hydro and Nuclera Power Co., Daejeon (Korea, Republic of)

    2012-05-15

    Safe and effective on-the-job training at a nuclear power plant has been gaining its importance in South Korea and in the UAE. As a solution to this, a cyber plant has been developed based on 3D model design data. It allows its users to access equipment and components in a virtual reality without risks or danger of potential radiation exposure and also increases their familiarity with NPP structures. Equipped with navigation functions similar to those of the applications installed in automobiles and smart phones, this application displays the shortest route to reach the target equipment and predicts estimated access time and radiation exposure dose. This application has contributed to the reduction of equipment access time, and therefore has facilitated early response to abnormal conditions, reduced radiation exposure dose, and maximized the effects of OJT at nuclear power plants. This paper will look at the realization of the cyber plant, the operations of the cyber plant, and how cyber plant applications can be applied further

  12. Revisiting the Estonian Cyber Attacks: Digital Threats and Multinational Responses

    Directory of Open Access Journals (Sweden)

    Stephen Herzog

    2011-01-01

    Full Text Available In April 2007, the Estonian Government moved a memorial commemorating the Soviet liberation of the country from the Nazis to a less prominent and visible location in Tallinn. This decision triggered rioting among Russian-speaking minorities and cyber terrorism targeting Estonia's critical economic and political infrastructure. Drawing upon the Estonian cyber attacks, this article argues that globalization and the Internet have enabled transnational groups—such as the Russian diaspora—to avenge their grievances by threatening the sovereignty of nation-states in cyberspace. Sophisticated and virtually untraceable political "hacktivists" may now possess the ability to disrupt or destroy government operations, banking transactions, city power grids, and even military weapon systems. Fortunately, western countries banded together to effectively combat the Estonian cyber attacks and minimize their effects. However, this article concludes that in the age of globalization, interdependence, and digital interconnectedness, nation-states must engage in increased cooperative cyber-defense activities to counter and prevent devastating Internet attacks and their implications.

  13. Reduction of Equipment Access Time through Cyber Plant Navigation

    International Nuclear Information System (INIS)

    Suh, Jang Soo; Goo, Ja Sung; Kim, Yong Yi

    2012-01-01

    Safe and effective on-the-job training at a nuclear power plant has been gaining its importance in South Korea and in the UAE. As a solution to this, a cyber plant has been developed based on 3D model design data. It allows its users to access equipment and components in a virtual reality without risks or danger of potential radiation exposure and also increases their familiarity with NPP structures. Equipped with navigation functions similar to those of the applications installed in automobiles and smart phones, this application displays the shortest route to reach the target equipment and predicts estimated access time and radiation exposure dose. This application has contributed to the reduction of equipment access time, and therefore has facilitated early response to abnormal conditions, reduced radiation exposure dose, and maximized the effects of OJT at nuclear power plants. This paper will look at the realization of the cyber plant, the operations of the cyber plant, and how cyber plant applications can be applied further

  14. China's Use of Cyber Warfare: Espionage Meets Strategic Deterrence

    Directory of Open Access Journals (Sweden)

    Magnus Hjortdal

    2011-01-01

    Full Text Available This article presents three reasons for states to use cyber warfare and shows that cyberspace is—and will continue to be—a decisive element in China's strategy to ascend in the international system. The three reasons are: deterrence through infiltration of critical infrastructure; military technological espionage to gain military knowledge; and industrial espionage to gain economic advantage. China has a greater interest in using cyberspace offensively than other actors, such as the United States, since it has more to gain from spying on and deterring the United States than the other way around. The article also documents China's progress in cyber warfare and shows how it works as an extension of its traditional strategic thinking and the current debate within the country. Several examples of cyber attacks traceable to China are also presented. This includes cyber intrusions on a nuclear arms laboratory, attacks on defense ministries (including the Joint Strike Fighter and an airbase and the U.S. electric grid, as well as the current Google affair, which has proved to be a small part of a broader attack that also targeted the U.S. Government. There are, however, certain constraints that qualify the image of China as an aggressive actor in cyberspace. Some believe that China itself is the victim of just as many attacks from other states. Furthermore, certain actors in the United States and the West have an interest in overestimating China's capabilities in cyberspace in order to maintain their budgets.

  15. Some of Indonesian Cyber Law Problems

    Science.gov (United States)

    Machmuddin, D. D.; Pratama, B.

    2017-01-01

    Cyber regulation is very important to control human interaction within the Internet network in cyber space. On the surface, innovation development in science and technology facilitates human activity. But on the inside, innovation was controlled by new business model. In cyber business activities mingle with individual protection. By this condition, the law should keep the balance of the activities. Cyber law problems, were not particular country concern, but its global concern. This is a good opportunity for developing country to catch up with developed country. Beside this opportunity for talented people in law and technology is become necessity. This paper tries to describe cyber law in Indonesia. As a product of a developing country there are some of weakness that can be explained. Terminology and territory of cyber space is become interesting to discuss, because this two problems can give a broad view on cyber law in Indonesia.

  16. Cyber Security and Resilient Systems

    International Nuclear Information System (INIS)

    Anderson, Robert S.

    2009-01-01

    The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation's cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested - both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

  17. Cyber Security and Resilient Systems

    Energy Technology Data Exchange (ETDEWEB)

    Robert S. Anderson

    2009-07-01

    The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

  18. The Cyber-Physical Attacker

    DEFF Research Database (Denmark)

    Vigo, Roberto

    2012-01-01

    The world of Cyber-Physical Systems ranges from industrial to national interest applications. Even though these systems are pervading our everyday life, we are still far from fully understanding their security properties. Devising a suitable attacker model is a crucial element when studying...... the security properties of CPSs, as a system cannot be secured without defining the threats it is subject to. In this work an attacker scenario is presented which addresses the peculiarities of a cyber-physical adversary, and we discuss how this scenario relates to other attacker models popular in the security...

  19. What Really Matters in Cyber? (where common protections are needed for ALL and your government product / service needs to accommodate them)

    Science.gov (United States)

    2012-08-06

    Phishing – targeted SPAM – Unsecured Wireless Internet Networks – Insider/Disgruntled Employee Where’s your data?   • Key  Business   Security  problems...13 Small business security overview (and detailed brief on the major security product details too) http://www.sciap.org/blog1/wp-content/uploads...Small- Business - Security -ADT-Cluster-v4_Mike_Davis_July_26_2011.pdf “Way Forward” (given all the unknowns, variables… this  is “one” approximately correct

  20. A cyber infrastructure for the SKA Telescope Manager

    Science.gov (United States)

    Barbosa, Domingos; Barraca, João. P.; Carvalho, Bruno; Maia, Dalmiro; Gupta, Yashwant; Natarajan, Swaminathan; Le Roux, Gerhard; Swart, Paul

    2016-07-01

    The Square Kilometre Array Telescope Manager (SKA TM) will be responsible for assisting the SKA Operations and Observation Management, carrying out System diagnosis and collecting Monitoring and Control data from the SKA subsystems and components. To provide adequate compute resources, scalability, operation continuity and high availability, as well as strict Quality of Service, the TM cyber-infrastructure (embodied in the Local Infrastructure - LINFRA) consists of COTS hardware and infrastructural software (for example: server monitoring software, host operating system, virtualization software, device firmware), providing a specially tailored Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) solution. The TM infrastructure provides services in the form of computational power, software defined networking, power, storage abstractions, and high level, state of the art IaaS and PaaS management interfaces. This cyber platform will be tailored to each of the two SKA Phase 1 telescopes (SKA_MID in South Africa and SKA_LOW in Australia) instances, each presenting different computational and storage infrastructures and conditioned by location. This cyber platform will provide a compute model enabling TM to manage the deployment and execution of its multiple components (observation scheduler, proposal submission tools, MandC components, Forensic tools and several Databases, etc). In this sense, the TM LINFRA is primarily focused towards the provision of isolated instances, mostly resorting to virtualization technologies, while defaulting to bare hardware if specifically required due to performance, security, availability, or other requirement.

  1. Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment.

    Science.gov (United States)

    Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

    2014-07-01

    Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation's electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments.

  2. Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment

    Science.gov (United States)

    Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

    2013-01-01

    Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments. PMID:25685516

  3. Anti-social networking: crowdsourcing and the cyber defence of national critical infrastructures.

    Science.gov (United States)

    Johnson, Chris W

    2014-01-01

    We identify four roles that social networking plays in the 'attribution problem', which obscures whether or not cyber-attacks were state-sponsored. First, social networks motivate individuals to participate in Distributed Denial of Service attacks by providing malware and identifying potential targets. Second, attackers use an individual's social network to focus attacks, through spear phishing. Recipients are more likely to open infected attachments when they come from a trusted source. Third, social networking infrastructures create disposable architectures to coordinate attacks through command and control servers. The ubiquitous nature of these architectures makes it difficult to determine who owns and operates the servers. Finally, governments recruit anti-social criminal networks to launch attacks on third-party infrastructures using botnets. The closing sections identify a roadmap to increase resilience against the 'dark side' of social networking.

  4. VTAC: virtual terrain assisted impact assessment for cyber attacks

    Science.gov (United States)

    Argauer, Brian J.; Yang, Shanchieh J.

    2008-03-01

    Overwhelming intrusion alerts have made timely response to network security breaches a difficult task. Correlating alerts to produce a higher level view of intrusion state of a network, thus, becomes an essential element in network defense. This work proposes to analyze correlated or grouped alerts and determine their 'impact' to services and users of the network. A network is modeled as 'virtual terrain' where cyber attacks maneuver. Overlaying correlated attack tracks on virtual terrain exhibits the vulnerabilities exploited by each track and the relationships between them and different network entities. The proposed impact assessment algorithm utilizes the graph-based virtual terrain model and combines assessments of damages caused by the attacks. The combined impact scores allow to identify severely damaged network services and affected users. Several scenarios are examined to demonstrate the uses of the proposed Virtual Terrain Assisted Impact Assessment for Cyber Attacks (VTAC).

  5. Identifying The Target Market For a New Floatation Therapy Service, Flowtion

    OpenAIRE

    Varpomaa, Jerry

    2016-01-01

    The purpose of this thesis was to probe and identify the most potential target market for a new kind of wellness-service for Flowtion, a state-of-the-art floatation therapy center, focusing on floatation tanks. To accomplish the main goal for this thesis, a survey was conducted using “Google Forms”. The survey was spread through social media (Facebook), and as a result 41 people answered. The survey helps Flowtion to define their most potential target segment, their behaviour and profile vari...

  6. Cyber security and vulnerability of 'smart' power grids

    OpenAIRE

    Jovanović, Slobodan

    2012-01-01

    Smart power grids deliver electric energy from generation to consumers using two-way Smart Meter technology (smart meters), enabling remote control of consumer energy use. However, smart power grids are increasingly very attractive targets for hackers and terrorists. This paper discusses the key characteristics of cyber security/vulnerability of smart power grids, and their communication architecture, and their vulnerability points. Then, it describes guidelines which are needed to be impleme...

  7. Simulating Cyber-Attacks for Fun and Profit

    OpenAIRE

    Futoransky, Ariel; Miranda, Fernando; Orlicki, Jose; Sarraute, Carlos

    2010-01-01

    We introduce a new simulation platform called Insight, created to design and simulate cyber-attacks against large arbitrary target scenarios. Insight has surprisingly low hardware and configuration requirements, while making the simulation a realistic experience from the attacker's standpoint. The scenarios include a crowd of simulated actors: network devices, hardware devices, software applications, protocols, users, etc. A novel characteristic of this tool is to simulate vulnerabilities (in...

  8. A Cyber Infrastructure for the SKA Telescope Manager

    OpenAIRE

    Barbosa, Domingos; Barracaa, Joao Paulo; Carvalho, Bruno; Maia, Dalmiro; Gupta, Yashwant; Natarajan, Swaminathan; Roux, Gerhard Le; Swart, Paul

    2016-01-01

    The Square Kilometre Array Telescope Manager (SKA TM) will be responsible for assisting the SKA Operations and Observation Management, carrying out System diagnosis and collecting Monitoring & Control data from the SKA sub-systems and components. To provide adequate compute resources, scalability, operation continuity and high availability, as well as strict Quality of Service, the TM cyber-infrastructure (embodied in the Local Infrastructure - LINFRA) consists of COTS hardware and infrastruc...

  9. Does Head Start differentially benefit children with risks targeted by the program's service model?

    Science.gov (United States)

    Miller, Elizabeth B; Farkas, George; Duncan, Greg J

    Data from the Head Start Impact Study ( N = 3540) were used to test for differential benefits of Head Start after one program year and after kindergarten on pre-academic and behavior outcomes for children at risk in the domains targeted by the program's comprehensive services. Although random assignment to Head Start produced positive treatment main effects on children's pre-academic skills and behavior problems, residualized growth models showed that random assignment to Head Start did not differentially benefit the pre-academic skills of children with risk factors targeted by the Head Start service model. The models showed detrimental impacts of Head Start for maternal-reported behavior problems of high-risk children, but slightly more positive impacts for teacher-reported behavior. Policy implications for Head Start are discussed.

  10. Execution Plans for Cyber Foraging

    DEFF Research Database (Denmark)

    Kristensen, Mads Darø

    2008-01-01

    Cyber foraging helps small devices perform heavy tasks by opportunistically discovering and utilising available resources (such as computation, storage, bandwidth, etc.) held by larger, nearby peers. This offloading is done in an ad-hoc manner, as larger machines will not always be within reach...

  11. Mitigating Higher Ed Cyber Attacks

    Science.gov (United States)

    Rogers, Gary; Ashford, Tina

    2015-01-01

    In this presentation we will discuss the many and varied cyber attacks that have recently occurred in the higher ed community. We will discuss the perpetrators, the victims, the impact and how these institutions have evolved to meet this threat. Mitigation techniques and defense strategies will be covered as will a discussion of effective security…

  12. Factors Affecting Teenager Cyber Delinquency

    Science.gov (United States)

    Joo, Young Ju; Lim, Kyu Yon; Cho, Sun Yoo; Jung, Bo Kyung; Choi, Se Bin

    2013-01-01

    The study aims to investigate structural relationships among teenagers' peer attachment, self-control, academic stress, internet usage time, and cyber delinquency. The data source was the Korea Youth Panel Survey, and the responses from 920 teenagers in the 12th grade provided the study data. Structural equation modeling was used for the analysis.…

  13. Execution Plans for Cyber Foraging

    DEFF Research Database (Denmark)

    Kristensen, Mads Darø

    2008-01-01

    Cyber foraging helps small devices perform heavy tasks by opportunistically discovering and utilising available resources (such as computation, storage, bandwidth, etc.) held by larger, nearby peers. This offloading is done in an ad-hoc manner, as larger machines will not always be within reach. ...

  14. European Cyber Security Perspectives 2015

    NARCIS (Netherlands)

    Baloo, J.; Geveke, H.G.; Paulissen, W.; Vries, H. de

    2015-01-01

    Following the success of last year’s publication, we are proud to present the second edition of our European Cyber Security Perspectives report. Through this collection of articles, we aim to share our different perspectives and insights, the latest developments and achievements in the field of

  15. THE INFORMATION CONFIDENTIALITY AND CYBER SECURITY IN MEDICAL INSTITUTIONS

    Directory of Open Access Journals (Sweden)

    SABAU-POPA CLAUDIA DIANA

    2015-07-01

    Full Text Available The information confidentiality and cyber security risk affects the right to confidentiality and privacy of the patient, as regulated in Romania by the Law 46/2002. The manifestation of the cyber security risk event affects the reputation of the healthcare institution and is becoming more and more complex and often due to the: development of network technology, the medical equipment connected to wifi and the electronic databases. The databases containing medical records were implemented due to automation. Thus, transforming data into medical knowledge contribute to a better understanding of the disease. Due to these factors, the measures taken by the hospital management for this type of risk are adapted to the cyber changes. The hospital objectives aim: the implementation of a robust information system, the early threats identifications and the incident reporting. Neglecting this type of risk can generate financial loss, inability to continue providing health care services for a certain period of time, providing an erroneous diagnosis, medical equipment errors etc. Thus, in a digital age the appropriate risk management for the information security and cyber risk represent a necessity. The main concern of hospitals worldwide is to align with international requirements and obtain credentials in terms of data security from the International Organisation for Standardization, which regulates the management of this type of risk. Romania is at the beginning in terms of concerns regarding the management, avoidance and mitigation of information security, the health system being most highly exposed to its manifestation. The present paper examines the concerns of the health system to the confidentiality of information and cyber security risk and its management arrangements. Thus, a set of key risk indicators is implemented and monitored for 2011-2013, using a user interface, a Dashboard, which acts as an early warning system of the manifestation of the

  16. Cyber bullying: Child and youth spirituality

    Directory of Open Access Journals (Sweden)

    Anastasia Apostolides

    2017-10-01

    Full Text Available Digital culture is part of children’s and adolescents’ everyday lives. Digital culture has both positive and negative consequences. One such negative consequence is cyber violence that has been termed cyber bullying. Cyber bullying can cause serious emotional, behavioural and academic problems for both the victim and the bully. Although there is ongoing research on the effects of cyber bullying on children and youth in South Africa, no research has been carried out on how children’s and youth’s spirituality may be affected when they are cyber bullied. This article discusses the accumulative results from different South African institutes that have researched the cyber bullying effects on children and adolescents. These results point to the spiritual effects that children and youth may experience as a result of cyber bullying. This article proposes that spirituality may prevent cyber bullying and even help children and youth heal from the trauma caused by cyber bullying. This article contributes in starting a conversation that may result in more specific research being done on how the spiritual lives of children and adolescents may be affected through the trauma caused by cyber bullying.

  17. Preparing pharmacists to deliver a targeted service in hypertension management: evaluation of an interprofessional training program

    OpenAIRE

    Bajorek, Beata V.; Lemay, Kate S.; Magin, Parker J.; Roberts, Christopher; Krass, Ines; Armour, Carol L.

    2015-01-01

    Background Non-adherence to medicines by patients and suboptimal prescribing by clinicians underpin poor blood pressure (BP) control in hypertension. In this study, a training program was designed to enable community pharmacists to deliver a service in hypertension management targeting therapeutic adjustments and medication adherence. A comprehensive evaluation of the training program was undertaken. Methods Tailored training comprising a self-directed pre-work manual, practical workshop (usi...

  18. Nuclear Cyber Security Issues and Policy Recommendations

    International Nuclear Information System (INIS)

    Lee, Cheol-Kwon; Lee, Dong-Young; Lee, Na-Young; Hwang, Young-Soo

    2015-01-01

    The cyber-attack against computer systems causes the loss of function which brings about the big economic loss, and it becomes a national-wide issue. In recent days the cyber threat has occurred in the national critical infrastructure around the world. In the nuclear industry, while discussing responses to various threats against nuclear facilities since 2006, cyber-terrorism was also discussed. But at that time, cyber-attacks against control networks in nuclear facilities were not seriously considered because those networks were isolated from the Internet thoroughly and it was evaluated that cyber penetration would not be possible. However Stuxnet worm virus which attacked Iran's nuclear facilities confirmed that the cyber security problem could occur even in other nuclear facilities. The facilities were isolated from the Internet. After the cyber incident, we began to discuss the topic of NPP cyber security. It is very difficult to predict whether or when or how the cyber-attack will be occurred, which is a characteristic of cyber-attack. They could be always detected only after when an incident had occurred. This paper summarizes the report, 'Nuclear Cyber Security Issues and Policy Recommendations' by issue committee in the Korea Nuclear Society, which reviewed the cyber security framework for nuclear facilities in the Republic of Korea being established to prevent nuclear facilities from cyber-attacks and to respond systematically. As a result this paper proposes several comments to improve the security and furthermore safety of nuclear facilities Digital technology will be used more widely at the national critical infrastructure including nuclear facilities in the future, and moreover wireless technologies and mobile devices will be soon introduced to nuclear industry. It is therefore anticipated that the rapid advance in digital technology will accelerate the opportunity of hacking these facilities

  19. Nuclear Cyber Security Issues and Policy Recommendations

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Cheol-Kwon; Lee, Dong-Young [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of); Lee, Na-Young; Hwang, Young-Soo [Korea Institute of Nuclear Nonproliferation and Control, Daejeon (Korea, Republic of)

    2015-10-15

    The cyber-attack against computer systems causes the loss of function which brings about the big economic loss, and it becomes a national-wide issue. In recent days the cyber threat has occurred in the national critical infrastructure around the world. In the nuclear industry, while discussing responses to various threats against nuclear facilities since 2006, cyber-terrorism was also discussed. But at that time, cyber-attacks against control networks in nuclear facilities were not seriously considered because those networks were isolated from the Internet thoroughly and it was evaluated that cyber penetration would not be possible. However Stuxnet worm virus which attacked Iran's nuclear facilities confirmed that the cyber security problem could occur even in other nuclear facilities. The facilities were isolated from the Internet. After the cyber incident, we began to discuss the topic of NPP cyber security. It is very difficult to predict whether or when or how the cyber-attack will be occurred, which is a characteristic of cyber-attack. They could be always detected only after when an incident had occurred. This paper summarizes the report, 'Nuclear Cyber Security Issues and Policy Recommendations' by issue committee in the Korea Nuclear Society, which reviewed the cyber security framework for nuclear facilities in the Republic of Korea being established to prevent nuclear facilities from cyber-attacks and to respond systematically. As a result this paper proposes several comments to improve the security and furthermore safety of nuclear facilities Digital technology will be used more widely at the national critical infrastructure including nuclear facilities in the future, and moreover wireless technologies and mobile devices will be soon introduced to nuclear industry. It is therefore anticipated that the rapid advance in digital technology will accelerate the opportunity of hacking these facilities.

  20. Isotope materials availability and services for target production at the Oak Ridge National Laboratory

    International Nuclear Information System (INIS)

    Ratledge, J.E.; Dahl, T.L.; Ottinger, C.L.; Aaron, W.S.; Adair, H.L.

    1987-01-01

    Materials available through the Isotope Distribution Program include separated stable isotopes, byproduct radioisotopes, and research quantities of source and special nuclear materials. Isotope products are routinely available in the forms listed in the product description section of the Isotopes Products and Services Catalog distributed by the Oak Ridge National Laboratory (ORNL). Different forms can be provided in some cases, usually at additional cost. Routinely available services include cyclotron target irradiations, fabrication of special physical forms, source encapsulation, ion implantation, and special purifications. Materials and services that are not offered as part of the routine distribution program may be made available from commercial sources in the United States. Specific forms of isotopic research materials include thin films and foils for use as accelerator targets, metal or other compounds in the form of bars or wires, and metal foils. Methods of fabrication include evaporation, sputtering, rolling, electrolytic deposition, pressing, sintering, and casting. High-purity metal forms of plutonium, americium, and curium are prepared by vacuum reduction/distillation. Both fissionable and nonfissionable neutron dosimeters are prepared for determining the neutron energy spectra, flux, and fluence at various locations within a reactor. Details on what materials are available and how the materials and related services can be obtained from ORNL are described. (orig.)

  1. The next challenge for psycho-oncology in the UK: targeting service quality and outcomes.

    Science.gov (United States)

    King, Alex

    2016-12-01

    The acceptance and provision of psychosocial cancer care in the UK is moving forward positively, aided by patient advocacy and psychologically minded healthcare policies. The unfolding challenge now is of targeting the quality and outcomes of clinical psycho-oncology services. This report outlines the clinically led development of UK-focused guidance to challenge psycho-oncology services to achieve and demonstrate their potential. It discusses how the guidance was particularly framed to encourage small, low-resource services, and outlines the potential benefits for patients. Overall, setting ourselves the challenge of quality on the same terms as physical healthcare, we can shape a direct path to achieving parity of esteem in mental with physical healthcare.

  2. An Investigation to Manufacturing Analytical Services Composition using the Analytical Target Cascading Method.

    Science.gov (United States)

    Tien, Kai-Wen; Kulvatunyou, Boonserm; Jung, Kiwook; Prabhu, Vittaldas

    2017-01-01

    As cloud computing is increasingly adopted, the trend is to offer software functions as modular services and compose them into larger, more meaningful ones. The trend is attractive to analytical problems in the manufacturing system design and performance improvement domain because 1) finding a global optimization for the system is a complex problem; and 2) sub-problems are typically compartmentalized by the organizational structure. However, solving sub-problems by independent services can result in a sub-optimal solution at the system level. This paper investigates the technique called Analytical Target Cascading (ATC) to coordinate the optimization of loosely-coupled sub-problems, each may be modularly formulated by differing departments and be solved by modular analytical services. The result demonstrates that ATC is a promising method in that it offers system-level optimal solutions that can scale up by exploiting distributed and modular executions while allowing easier management of the problem formulation.

  3. Cyber Conflicts as a New Global Threat

    Directory of Open Access Journals (Sweden)

    Alexander Kosenkov

    2016-09-01

    Full Text Available In this paper, an attempt is made to analyze the potential threats and consequences of cyber conflicts and, in particular, the risks of a global cyber conflict. The material is based on a comprehensive analysis of the nature of cyber conflict and its elements from both technical and societal points of view. The approach used in the paper considers the societal component as an essential part of cyber conflicts, allowing basics of cyber conflicts often disregarded by researchers and the public to be highlighted. Finally, the conclusion offers an opportunity to consider cyber conflict as the most advanced form of modern warfare, which imposes the most serious threat and whose effect could be comparable to weapons of mass destruction.

  4. Cyber security for nuclear power plants

    International Nuclear Information System (INIS)

    Verma, Ruchi; Razdan, Mayuri; Munshi, Prabhat

    2005-01-01

    Cyber Security, cyber terrorism and cyber crime are the buzzwords in security related aspects of information technology. These terms are related to computers and networks that are critical for normal functionality and operations of nuclear power plants. At one end, this inter connected era is giving us the ease to perform various critical operation with a click of command, but on the other end it is giving rise to the new world of terrorism. In today's internet connected world, terrorism has left all the boundaries back and taken the new form, term it cyber terrorism or cyber crime. This paper aims to spread the awareness about cyber terrorism and how it can affect the overall security of nuclear power plants and establishments. (author)

  5. Using agility to combat cyber attacks.

    Science.gov (United States)

    Anderson, Kerry

    2017-06-01

    Some incident response practitioners feel that they have been locked in a battle with cyber criminals since the popular adoption of the internet. Initially, organisations made great inroads in preventing and containing cyber attacks. In the last few years, however, cyber criminals have become adept at eluding defence security technologies and rapidly modifying their exploit strategies for financial or political gains. Similar to changes in military combat tactics, cyber criminals utilise distributed attack cells, real-time communications, and rapidly mutating exploits to minimise the potential for detection. Cyber criminals have changed their attack paradigm. This paper describes a new incident response paradigm aimed at combating the new model of cyber attacks with an emphasis on agility to increase the organisation's ability to respond rapidly to these new challenges.

  6. Cyber security issues in online games

    Science.gov (United States)

    Zhao, Chen

    2018-04-01

    With the rapid development of the Internet, online gaming has become a way of entertainment for many young people in the modern era. However, in recent years, cyber security issues in online games have emerged in an endless stream, which have also caused great attention of many game operators. Common cyber security problems in the game include information disclosure and cyber-attacks. These problems will directly or indirectly cause economic losses to gamers. Many gaming companies are enhancing the stability and security of their network or gaming systems in order to enhance the gaming user experience. This article has carried out the research of the cyber security issues in online games by introducing the background and some common cyber security threats, and by proposing the latent solution. Finally, it speculates the future research direction of the cyber security issues of online games in the hope of providing feasible solution and useful information for game operators.

  7. "Making Kind Cool": Parents' Suggestions for Preventing Cyber Bullying and Fostering Cyber Kindness

    Science.gov (United States)

    Cassidy, Wanda; Brown, Karen; Jackson, Margaret

    2012-01-01

    Cyber bullying among youth is rapidly becoming a global phenomenon, as educators, parents and policymakers grapple with trying to curtail this negative and sometimes devastating behavior. Since most cyber bullying emanates from the home computer, parents can play an important role in preventing cyber bullying and in fostering a kinder online…

  8. Addressing the Cyber-security and Cyber-terrorism Threats [video

    OpenAIRE

    Robi Sen; Center for Homeland Defense and Security Naval Postgraduate School

    2015-01-01

    While cyber terrorism is a relatively new threat in the world of national defense, the security issues we face are not necessarily new as a genre. In this segment, Chief Science Officer Robi Sen draws on the changing attitudes towards the cyber world. Topics include cooperation between law enforcement and hackers, the major motivations behind criminal hacking, and the realistic threats of cyber terrorism.

  9. For the Common Defense of Cyberspace: Implications of a US Cyber Militia on Department of Defense Cyber Operations

    Science.gov (United States)

    2015-06-12

    the Common Defense of Cyberspace: Implications of a US Cyber Militia on Department of Defense Cyber Operations 5a. CONTRACT NUMBER 5b. GRANT ...20130423/ NEWS/304230016/Navy-wants-1-000-more-cyber-warriors. 33 Edward Cardon , “Army Cyber Capabilities” (Lecture, Advanced Operations Course...Finally, once a cyber security professional is trained, many argue, to include the head of Army’s Cyber Command, Lieutenant General Edward Cardon

  10. IAEA puts cyber security in focus for nuclear facilities in 2015

    International Nuclear Information System (INIS)

    Shepherd, John

    2015-01-01

    Later in 2015 the International Atomic Energy Agency (IAEA) will convene a special conference to discuss computer security, in the wake of cyber attacks on global financial institutions and government agencies that were increasingly in the news. According to the IAEA, the prevalence of IT security incidents in recent years involving the Stuxnet malware 'demonstrated that nuclear facilities can be susceptible to cyber attack'. The IAEA said this and other events have significantly raised global concerns over potential vulnerabilities and the possibility of a cyber attack, or a joint cyber-physical attack, that could impact on nuclear security. The IAEA has correctly identified that the use of computers and other digital electronic equipment in physical protection systems at nuclear facilities, as well as in facility safety systems, instrumentation, information processing and communication, 'continues to grow and presents an ever more likely target for cyber attack'. The agency's Vienna conference, to be held in June, will review emerging trends in computer security and areas that may still need to be addressed. The meeting follows a declaration of ministers of IAEA member states in 2013 that called on the agency to help raise awareness of the growing threat of cyber attacks and their potential impact on nuclear security. The conference is being organised 'to foster international cooperation in computer security as an essential element of nuclear security', the IAEA said. Details of the IAEA's 'International Conference on Computer Security in a Nuclear World: Expert Discussion and Exchange' are on the 'meetings' section of the agency's web site.

  11. Research Note--A Pilot Cyber Counseling Course in a Graduate Social Work Program

    Science.gov (United States)

    Mishna, Faye; Tufford, Lea; Cook, Charlene; Bogo, Marion

    2013-01-01

    Cyber counseling is a new and growing medium for offering mental health services to children and youth. However, there is a lack of identification of the core competencies required to provide effective online counseling. A school of social work, in partnership with a national service agency providing online counseling to children and youth,…

  12. The psychological effects of cyber terrorism

    OpenAIRE

    Gross, Michael L.; Canetti, Daphna; Vashdi, Dana R.

    2016-01-01

    When ordinary citizens think of cyber threats, most are probably worried about their passwords and banking details, not a terrorist attack. The thought of a shooting in a mall or a bombing at an airport is probably more frightening than a cyber breach. Yet terrorists aim for mental as well as physical destruction, and our research has found that, depending on who the attackers and the victims are, the psychological effects of cyber threats can rival those of traditional terrorism.

  13. The psychological effects of cyber terrorism

    Science.gov (United States)

    Gross, Michael L.; Canetti, Daphna; Vashdi, Dana R.

    2016-01-01

    When ordinary citizens think of cyber threats, most are probably worried about their passwords and banking details, not a terrorist attack. The thought of a shooting in a mall or a bombing at an airport is probably more frightening than a cyber breach. Yet terrorists aim for mental as well as physical destruction, and our research has found that, depending on who the attackers and the victims are, the psychological effects of cyber threats can rival those of traditional terrorism. PMID:28366962

  14. Finding Malicious Cyber Discussions in Social Media

    Science.gov (United States)

    2016-02-02

    reverse engineering, security, malware , blackhat) were labeled as cyber and posts on non- cyber topics (e.g., astronomy, electronics, beer, biology, mu...firewall, hash, infect, inject, install, key, malicious, malware , network, obfuscate, overflow, packet, password, payload, request, risk, scan, script...cyber vulnerabilities (e.g., malware , overflow, attack). The keyword system lacked the keywords used in Heartbleed discussions, and thus suffered from

  15. Defending Critical Infrastructure as Cyber Key Terrain

    Science.gov (United States)

    2016-08-01

    to Secure Cyberspace (NSSC) is as it lists three strategic objectives:4 1) Prevent cyber attacks against America’s critical infrastructures; 2...House, “National Strategy to Secure Cyberspace,” (Washington, DC: The White House, 2003) Trey Herr, "PrEP: A framework for malware & cyber weapons...David Kuipers and Mark Fabro. “Control Systems Cyber Security : Defense in Depth Strategies,” [United States: Department of Energy, 2006]: 4

  16. Cyber-Warfare: Jus Post Bellum

    Science.gov (United States)

    2015-03-01

    average data breach continues to increase, according to a report from Ponemon Institute (2014); there was a 201 dollars associated cost per...How much does cyber/ data breach insurance cost? Data Breach Insurance. Retrieved from http://databreachinsurancequote.com/cyber- insurance/cyber...insurance- data - breach -insurance-premiums/ Maxwell, D. (2013, Apr 11). What to make of North Korea. The Diplomat. Retrieved from http://thediplomat.com

  17. The psychological effects of cyber terrorism.

    Science.gov (United States)

    Gross, Michael L; Canetti, Daphna; Vashdi, Dana R

    2016-01-01

    When ordinary citizens think of cyber threats, most are probably worried about their passwords and banking details, not a terrorist attack. The thought of a shooting in a mall or a bombing at an airport is probably more frightening than a cyber breach. Yet terrorists aim for mental as well as physical destruction, and our research has found that, depending on who the attackers and the victims are, the psychological effects of cyber threats can rival those of traditional terrorism.

  18. Targeted doctors, missing patients: obstetric health services and sectarian conflict in northern Pakistan.

    Science.gov (United States)

    Varley, Emma

    2010-01-01

    The spectre of exclusionary medical service provision, restricted clinic access and physician targeting in sectarian-divided Iraq underscores the crucial and timely need for qualitative research into the inter-relationship between conflict, identity and health. In response, this paper provides a critical ethnography of obstetric service provision and patient access during Shia-Sunni hostilities in Gilgit Town, capital of Pakistan's Northern Areas (2005). I analyse how services were embedded in and constrained by sectarian affiliation in ways that detrimentally impacted Sunni women patients and hospital staff, resulting in profoundly diminished clinic access, reduced physician coverage and a higher observed incidence of maternal morbidity and mortality. The paper first situates obstetric medicine at the interstices of contested sectarian terrain and competing historical projects of sectarian identity. Gilgiti Sunnis' high clinical reliance is argued to be a response to and consequence of, inter-sectarian dissonance and the ascendance of biomedicine during three decades of regional development. In 2005, conflict-incurred service deprivations and the enactment and strategic use of sectarian identity in clinical settings were associated with differential treatment and patient-perceived adverse health outcomes, leading Sunnis to generate alternative sect-specific health services. Obstetric morbidity and mortality during sectarian conflict are analyzed as distinctive manifestations of the wide range of direct harms routinely associated with violence and political strife.

  19. Connecticut's Value-Based Insurance Plan Increased The Use Of Targeted Services And Medication Adherence.

    Science.gov (United States)

    Hirth, Richard A; Cliff, Elizabeth Q; Gibson, Teresa B; McKellar, M Richard; Fendrick, A Mark

    2016-04-01

    In 2011 Connecticut implemented the Health Enhancement Program for state employees. This voluntary program followed the principles of value-based insurance design (VBID) by lowering patient costs for certain high-value primary and chronic disease preventive services, coupled with requirements that enrollees receive these services. Nonparticipants in the program, including those removed for noncompliance with its requirements, were assessed a premium surcharge. The program was intended to curb cost growth and improve health through adherence to evidence-based preventive care. To evaluate its efficacy in doing so, we compared changes in service use and spending after implementation of the program to trends among employees of six other states. Compared to employees of other states, Connecticut employees were similar in age and sex but had a slightly higher percentage of enrollees with chronic conditions and substantially higher spending at baseline. During the program's first two years, the use of targeted services and adherence to medications for chronic conditions increased, while emergency department use decreased, relative to the situation in the comparison states. The program's impact on costs was inconclusive and requires a longer follow-up period. This novel combination of VBID principles and participation requirements may be a tool that can help plan sponsors increase the use of evidence-based preventive services. Project HOPE—The People-to-People Health Foundation, Inc.

  20. Evaluation of cyber legislations: trading in the global cyber village

    OpenAIRE

    Jahankhani, Hamid

    2007-01-01

    The menace of organised crime and terrorist activity grows ever more sophisticated as the ability to enter, control and destroy our electronic and security systems grows at an equivalent rate. Cyber-crime (organised criminal acts using microchip and software manipulation) is the world's biggest growth industry and is now costing an estimated $220 billion loss to organisations and individuals, every year. There are serious threats to nations, governments, corporations and the most vulnerable g...

  1. Information Warfare in the Cyber Domain

    National Research Council Canada - National Science Library

    Takemoto, Glenn

    2001-01-01

    ...). This paper lays a foundation by defining the terminology associated with Information Warfare in the Cyber Domain, reviews the threat and illustrates the vulnerabilities of our information systems...

  2. Dampak Media Sosial dalam Cyber Bullying

    OpenAIRE

    Hidajat, Monica; Adam, Angry Ronald; Danaparamita, Muhammad; Suhendrik, Suhendrik

    2015-01-01

    The purpose of this research is to review two journals about social media effect for cyberbullying. First Journal is written by Eddie Fisher with the title From Cyber Bullying to Cyber Coping: The Misuse of Mobile Technology and Social Media and Their Effects on People’s Lives and the second journal is written by ReginaldH. Gonzales with the title Social Media as a Channel and its Implications on Cyber Bullying. First Journal focus on condition and cyber bullying state by interview respondent...

  3. Stuxnet and Cyber-Warfare (2/2)

    CERN Multimedia

    CERN. Geneva

    2016-01-01

    The first part of the lecture is devoted to the description of the Stuxnet worm, the first cyber-weapon whose existence has been made public, discovered in 2010 and targeting a specific industrial control system; the worm is responsible for the damaging of many centrifuges at an uranium enrichment facility, with the goal of sabotaging Iran's nuclear program. In the second part, the main features of cyber-warfare in conflict and pre-conflict activities will be discussed and compared to the conventional warfare domains, with also a general view at the international political debate on this topic.   Check the http://pugwash.org web site, an organisation that seeks a world free of nuclear weapons and other weapons of mass destruction. The lecturer invites comments via email to Gian.Piero.Siroli@cern.ch NB! All Academic Training lectures are recorded and are publicly available. There is no live webcast.

  4. Stuxnet and Cyber-Warfare (1/2)

    CERN Multimedia

    CERN. Geneva

    2016-01-01

    The first part of the lecture is devoted to the description of the Stuxnet worm, the first cyber-weapon whose existence has been made public, discovered in 2010 and targeting a specific industrial control system; the worm is responsible for the damaging of many centrifuges at an uranium enrichment facility, with the goal of sabotaging Iran's nuclear program. In the second part, the main features of cyber-warfare in conflict and pre-conflict activities will be discussed and compared to the conventional warfare domains, with also a general view at the international political debate on this topic. Check the http://pugwash.org web site, an organisation that seeks a world free of nuclear weapons and other weapons of mass destruction.   NB! All Academic Training lectures are recorded and are publicly available. There is no live webcast.

  5. Graph anomalies in cyber communications

    Energy Technology Data Exchange (ETDEWEB)

    Vander Wiel, Scott A [Los Alamos National Laboratory; Storlie, Curtis B [Los Alamos National Laboratory; Sandine, Gary [Los Alamos National Laboratory; Hagberg, Aric A [Los Alamos National Laboratory; Fisk, Michael [Los Alamos National Laboratory

    2011-01-11

    Enterprises monitor cyber traffic for viruses, intruders and stolen information. Detection methods look for known signatures of malicious traffic or search for anomalies with respect to a nominal reference model. Traditional anomaly detection focuses on aggregate traffic at central nodes or on user-level monitoring. More recently, however, traffic is being viewed more holistically as a dynamic communication graph. Attention to the graph nature of the traffic has expanded the types of anomalies that are being sought. We give an overview of several cyber data streams collected at Los Alamos National Laboratory and discuss current work in modeling the graph dynamics of traffic over the network. We consider global properties and local properties within the communication graph. A method for monitoring relative entropy on multiple correlated properties is discussed in detail.

  6. Cyber-Enabled Scientific Discovery

    International Nuclear Information System (INIS)

    Chan, Tony; Jameson, Leland

    2007-01-01

    It is often said that numerical simulation is third in the group of three ways to explore modern science: theory, experiment and simulation. Carefully executed modern numerical simulations can, however, be considered at least as relevant as experiment and theory. In comparison to physical experimentation, with numerical simulation one has the numerically simulated values of every field variable at every grid point in space and time. In comparison to theory, with numerical simulation one can explore sets of very complex non-linear equations such as the Einstein equations that are very difficult to investigate theoretically. Cyber-enabled scientific discovery is not just about numerical simulation but about every possible issue related to scientific discovery by utilizing cyberinfrastructure such as the analysis and storage of large data sets, the creation of tools that can be used by broad classes of researchers and, above all, the education and training of a cyber-literate workforce

  7. Serving some and serving all: how providers navigate the challenges of providing racially targeted health services.

    Science.gov (United States)

    Zhou, Amy

    2017-10-01

    Racially targeted healthcare provides racial minorities with culturally and linguistically appropriate health services. This mandate, however, can conflict with the professional obligation of healthcare providers to serve patients based on their health needs. The dilemma between serving a particular population and serving all is heightened when the patients seeking care are racially diverse. This study examines how providers in a multi-racial context decide whom to include or exclude from health programs. This study draws on 12 months of ethnographic fieldwork at an Asian-specific HIV organization. Fieldwork included participant observation of HIV support groups, community outreach programs, and substance abuse recovery groups, as well as interviews with providers and clients. Providers managed the dilemma in different ways. While some programs in the organization focused on an Asian clientele, others de-emphasized race and served a predominantly Latino and African American clientele. Organizational structures shaped whether services were delivered according to racial categories. When funders examined client documents, providers prioritized finding Asian clients so that their documents reflected program goals to serve the Asian population. In contrast, when funders used qualitative methods, providers could construct an image of a program that targets Asians during evaluations while they included other racial minorities in their everyday practice. Program services were organized more broadly by health needs. Even within racially targeted programs, the meaning of race fluctuates and is contested. Patients' health needs cross cut racial boundaries, and in some circumstances, the boundaries of inclusion can expand beyond specific racial categories to include racial minorities and underserved populations more generally.

  8. Cyber Defense: An International View

    Science.gov (United States)

    2015-09-01

    and Mathematics at the Royal Institute of Tech- nology, Stockholm, Sweden; and Otto von Guericke University, Magdeburg , Germany . viii ix SUMMARY...and analysis to influence policy debate and bridge the gap between military and academia. The Center for Strategic Leadership and Development...provide an overview of four different national approaches to cyber defense: those of Nor- way, Estonia, Germany , and Sweden. While provid- ing a

  9. Cyber Infrastructure Protection. Volume 2

    Science.gov (United States)

    2013-05-01

    danger of contamination across these systems has grown. Second, cyber attacks have become less eco- nomically or politically neutral than in previous... food for thought on how this norm has shaped our ongoing collective treatment of it going forward. Through the enactment of FOIA in 1966, the push to... Malaysia and other parts of Southeast Asia, where there are fewer legal risks for the buyers, sellers, and operators.35 THEORIZING THE STRUCTURAL

  10. Modeling Cyber Physical War Gaming

    Science.gov (United States)

    2017-08-07

    games share similar constructs. We also provide a game-theoretic approach to mathematically analyze attacker and defender strategies in cyber war...Military Practice of Course-of-Action Analysis 4 2. Game-Theoretic Method 7 2.1 Mathematical Model 7 2.2 Strategy Selection 10 2.2.1 Pure...officers, hundreds of combat and support vehicles, helicopters, sophisticated intelligence and communication equipment and specialists , artillery and

  11. Building An Adaptive Cyber Strategy

    Science.gov (United States)

    2016-06-01

    until other structures can be brought to bear .40 Policymakers have been deliberately unclear as to what threshold is necessary to authorize a military...partners AU/ACSC/SMITH, FI/AY16 to bring all available resources to bear against domestic cyber threats and their perpetrators.57 FBI led and...Apr 2016). 58 Mandiant, APT1. 59 Crowdstrike Global Intelligence Team, Crowdstrike Intelligence Report: Putter Panda . https://www.google.com/url?sa=t

  12. Cyber Vigilance: The Human Factor

    Science.gov (United States)

    2016-10-21

    2013): 502. 1~ Andy Field. Discovering Statistics Using SPSS (Sage Publications. 2009). l<· Thomas E. Nygren. ··Psychometric Properties of...based solely on computer network analysis." Though the algorithms and analytic techniques used in these systems vary considerably, most intrusion...IDS. cyber-defenders use a variety of tools, including hand-sorting, to discriminate attacks from false positives. T hi s effort involves search

  13. Training needs assessment of service providers: targeted intervention for HIV/AIDS in Jharkhand, India.

    Science.gov (United States)

    Kumar, Anant; Kumar, Prakash

    2013-01-01

    Training needs assessments are pivotal for any capacity building program. Building capacity of service providers and staff involved in HIV/AIDS intervention programs is crucial because of the distinct nature of such programs. It requires specific knowledge, skills, and attitudes that are of utmost importance, influencing the reach of the program and its impact in halting and reversing the epidemic. This study was conducted to identify the training needs assessment of personnel involved in targeted intervention for high risk populations vulnerable to HIV infection in Jharkhand, India. Through the study the authors critically examine the existing training needs and gaps and suggest strategies to address them.

  14. Microgrid cyber security reference architecture.

    Energy Technology Data Exchange (ETDEWEB)

    Veitch, Cynthia K.; Henry, Jordan M.; Richardson, Bryan T.; Hart, Derek H.

    2013-07-01

    This document describes a microgrid cyber security reference architecture. First, we present a high-level concept of operations for a microgrid, including operational modes, necessary power actors, and the communication protocols typically employed. We then describe our motivation for designing a secure microgrid; in particular, we provide general network and industrial control system (ICS)-speci c vulnerabilities, a threat model, information assurance compliance concerns, and design criteria for a microgrid control system network. Our design approach addresses these concerns by segmenting the microgrid control system network into enclaves, grouping enclaves into functional domains, and describing actor communication using data exchange attributes. We describe cyber actors that can help mitigate potential vulnerabilities, in addition to performance bene ts and vulnerability mitigation that may be realized using this reference architecture. To illustrate our design approach, we present a notional a microgrid control system network implementation, including types of communica- tion occurring on that network, example data exchange attributes for actors in the network, an example of how the network can be segmented to create enclaves and functional domains, and how cyber actors can be used to enforce network segmentation and provide the neces- sary level of security. Finally, we describe areas of focus for the further development of the reference architecture.

  15. Towards a cyber secure society

    CSIR Research Space (South Africa)

    Labuschagne, WA

    2012-10-01

    Full Text Available -Besse Nuclear Plant ?Plant safety monitoring system (Shut down) ?2005 ?Daimler Chrysler ?13 U.S manufacturing plants (Shut down) ? CSIR 2012 Slide 6 Is It Possible? ?Estonia (April 2007) ?First cyberwar ?Three-week wave of distributed denial...-of- service attacks ? Crippled country?s information technology infra-structure ? CSIR 2012 Slide 7 Is It Possible? ?Stuxnet ?Discovered in July 2010 ?Target was Iranian nuclear facility ?Cause refinery's centrifuge to malfunction ?Air-gapped from...

  16. Cyber secure systems approach for NPP digital control systems

    Energy Technology Data Exchange (ETDEWEB)

    McCreary, T. J.; Hsu, A. [HF Controls Corporation, 16650 Westgrove Drive, Addison, TX 75001 (United States)

    2006-07-01

    Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant and distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from

  17. Cyber secure systems approach for NPP digital control systems

    International Nuclear Information System (INIS)

    McCreary, T. J.; Hsu, A.

    2006-01-01

    Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant and distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from an intruder attempting to

  18. Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment

    OpenAIRE

    Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

    2013-01-01

    Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cy...

  19. The Markov multi-phase transferable belief model: A data fusion theory for enhancing cyber situational awareness

    OpenAIRE

    Ioannou, Georgios

    2015-01-01

    This thesis was submitted for the award of Doctor of Philosophy and was awarded by Brunel University London. eXfiltration Advanced Persistent Threats (XAPTs) increasingly account for incidents concerned with critical information exfiltration from High Valued Targets (HVT's) by terrorists, cyber criminals or enemy states. Existing Cyber Defence frameworks and data fusion models do not adequately address (i) the multi-stage nature of XAPTs and (ii) the uncertainty and conflicting...

  20. Cyber Operations Virtual Environment

    Science.gov (United States)

    2010-09-01

    capability independent of the operator’s willingness to make target responses (See, Macmillan & Creelman , 1991; Parasuraman, Masalonis, & Hancock, 2000...Ma, K-L. (2004). Visualization for security. Computer Graphics, 38, 4-6. Macmillan, N. A., & Creelman , C. D. (1991). Detection theory: A user’s

  1. Preparing pharmacists to deliver a targeted service in hypertension management: evaluation of an interprofessional training program.

    Science.gov (United States)

    Bajorek, Beata V; Lemay, Kate S; Magin, Parker J; Roberts, Christopher; Krass, Ines; Armour, Carol L

    2015-09-28

    Non-adherence to medicines by patients and suboptimal prescribing by clinicians underpin poor blood pressure (BP) control in hypertension. In this study, a training program was designed to enable community pharmacists to deliver a service in hypertension management targeting therapeutic adjustments and medication adherence. A comprehensive evaluation of the training program was undertaken. Tailored training comprising a self-directed pre-work manual, practical workshop (using real patients), and practice scenarios, was developed and delivered by an inter-professional team (pharmacists, GPs). Supported by practical and written assessment, the training focused on the principles of BP management, BP measurement skills, and adherence strategies. Pharmacists' experience of the training (expectations, content, format, relevance) was evaluated quantitatively and qualitatively. Immediate feedback was obtained via a questionnaire comprising Likert scales (1 = "very well" to 7 = "poor") and open-ended questions. Further in-depth qualitative evaluation was undertaken via semi-structured interviews several months post-training (and post service implementation). Seventeen pharmacists were recruited, trained and assessed as competent. All were highly satisfied with the training; other than the 'amount of information provided' (median score = 5, "just right"), all aspects of training attained the most positive score of '1'. Pharmacists most valued the integrated team-based approach, GP involvement, and inclusion of real patients, as well as the pre-reading manual, BP measurement workshop, and case studies (simulation). Post-implementation the interviews highlighted that comprehensive training increased pharmacists' confidence in providing the service, however, training of other pharmacy staff and patient recruitment strategies were highlighted as a need in future. Structured, multi-modal training involving simulated and inter-professional learning is effective in preparing

  2. Cyber-Bullying: The Situation in Ireland

    Science.gov (United States)

    O'Moore, Mona

    2012-01-01

    This paper reports on the first major survey of cyber-bullying undertaken in Ireland. While preliminary results have been published they were based on a smaller and incomplete sample of 12-16 year olds living in Ireland. The preliminary results addressed the incidence level of cyber-bullying and that of the different subcategories of…

  3. Learning Management Platform for CyberCIEGE

    Science.gov (United States)

    2011-12-01

    CLE is a platform that allows academic and research collaboration and it is built on open pedagogy and open standard [16]. In those situations...C. Irvine, “Active learning with the CyberCIEGE video game,” in Proceedings of the 4th Conference on Cyber Security Experimentation and Test, 2011

  4. Cyber-Cops: Angels on the Net.

    Science.gov (United States)

    Educom Review, 1996

    1996-01-01

    Curtis Sliwa, founder of the Guardian Angels citizens' safety patrol, discusses the development of the Cyber Angels, an online citizens' patrol group that monitors Internet communication. Cyber Angels voluntarily look for and report any illegal activity conducted over the Internet, such as pyramid scams, transmission of stolen credit card and…

  5. Maritime Cyber Security University Research: Phase 1

    Science.gov (United States)

    2016-05-01

    i Classification | CG-926 RDC | author | audience | month year Maritime Cyber Security University Research Phase I - Final Report...Appendices Distribution Statement A: Approved for public release; distribution is unlimited. May 2016 Report No. CG-D-07-16 Maritime ...Macesker Executive Director United States Coast Guard Research & Development Center 1 Chelsea Street New London, CT 06320 Maritime Cyber Security

  6. Cyber threat intelligence exchange: A growing requirement

    CSIR Research Space (South Africa)

    Veerasamy, Namosha

    2017-06-01

    Full Text Available Managing the rise of cyber-attacks has become a growing challenge. Cyber space has become a battleground of threats ranging from malware to phishing, spam and password theft. Cybersecurity solutions mainly try to take a defensive stance and build a...

  7. Self-Development for Cyber Warriors

    Science.gov (United States)

    2011-11-10

    Geospatial Intelligence (GEOINT), Human Intelligence (HUMINT), Open Source Intelligence ( OSINT ), Signals Intelligence (SIGINT) and Measurement and...from career fields with varying degrees of intersection with cyber warfare including: signals intelligence , all source intelligence , and...leverage them in support of cyber warfare operations. All Source Intelligence Ability to request, analyze, synthesize, and fuse intelligence from

  8. Strategies for Resolving the Cyber Attribution Challenge

    Science.gov (United States)

    2013-05-01

    involvement in cyber espionage and Internet censorship . The United States’ policies for responding to cyber events are still being developed...operational arm, although the United States does not currently support it.45 The IMPACT Global Response Centre, based in Cyberjaya, Malaysia , was set up

  9. Developing Cyber Foraging Applications for Portable Devices

    DEFF Research Database (Denmark)

    Kristensen, Mads Darø; Bouvin, Niels Olof

    2008-01-01

    This paper presents the Locusts cyber foraging framework. Cyber foraging is the opportunistic use of computing resources available in the nearby environment, and using such resources thus fall into the category of distributed computing. Furthermore, for the resources to be used efficiently, paral...

  10. Emotional Problems in Traditional and Cyber Victimization

    Science.gov (United States)

    Sjursø, Ida Risanger; Fandrem, Hildegunn; Roland, Erling

    2016-01-01

    Previous studies show an association between traditional and cyber victimization. However, there seem to be differences in how these forms of being bullied relates to emotional problems in the victims. Few studies focus on symptoms of general anxiety and depression as separate variables when comparing traditional and cyber victimization.…

  11. Ten national cyber security strategies: A comparison

    NARCIS (Netherlands)

    Luiijf, H.A.M.; Besseling, K. van; Spoelstra, M.; Graaf, P. de

    2013-01-01

    A number of nations developed and published a national cyber security strategy (NCSS). Most of them were published in the period 2009 - 2011. Despite the fact that each of these NCSS intends to address the cyber security threat, large differences exist between the NCSS approaches. This paper

  12. Kanttekeningen bij de Europese cyber security strategie

    NARCIS (Netherlands)

    Luiijf, H.A.M.; Smulders, A.C.M.; Kamphuis, P.

    2013-01-01

    In februari presenteerde de Europese Unie de Europese cyber security strategie en begeleidende concept richtlijn. The Hague Security Delta (HSD) is verheugd dat de Nederlandse Nationale Cyber Security Strategie nu ook op Europees niveau navolging krijgt. Toch plaatsen we een paar kantekeningen.

  13. Cyber Victimization and Depressive Symptoms in Sexual Minority College Students

    Science.gov (United States)

    Ramsey, Jaimi L.; DiLalla, Lisabeth F.; McCrary, Megan K.

    2016-01-01

    This study investigated the relations between sexual orientation, cyber victimization, and depressive symptoms in college students. Study aims were to determine whether sexual minority college students are at greater risk for cyber victimization and to examine whether recent cyber victimization (self-reported cyber victimization over the last…

  14. Countering the Cyber-Attack, a case-study [video

    OpenAIRE

    Keith Squires; Center for Homeland Defense and Security Naval Postgraduate School

    2015-01-01

    A cyber-criminal organization electronically diverts funds, a hacking group uses their prowess to try to influence politics, these are examples of the evolving world of cyber crime. Keith Squires, Commissioner of Public Safety and Homeland Security Advisor for the State of Utah talks about his experience in building a cyber security program to counter such cyber criminals.

  15. Cybercom Chief Details U.S. Cyber Threats

    Science.gov (United States)

    Security Robots Lasers RSS Feed Cybercom Chief Details U.S. Cyber Threats - December 2, 2014 Navy Adm . Rogers, the commander of U.S. Cyber Command, director of the National Security Agency and chief of the Framework for Cyber Sharing But before Cybercom can help commercial companies deal with cyber criminals and

  16. The Role of Malware in Reported Cyber Espionage: A Review of the Impact and Mechanism

    Directory of Open Access Journals (Sweden)

    Gaute Wangen

    2015-05-01

    Full Text Available The recent emergence of the targeted use of malware in cyber espionage versus industry requires a systematic review for better understanding of its impact and mechanism. This paper proposes a basic taxonomy to document major cyber espionage incidents, describing and comparing their impacts (geographic or political targets, origins and motivations and their mechanisms (dropper, propagation, types of operating systems and infection rates. This taxonomy provides information on recent cyber espionage attacks that can aid in defense against cyber espionage by providing both scholars and experts a solid foundation of knowledge about the topic. The classification also provides a systematic way to document known and future attacks to facilitate research activities. Geopolitical and international relations researchers can focus on the impacts, and malware and security experts can focus on the mechanisms. We identify several dominant patterns (e.g., the prevalent use of remote access Trojan and social engineering. This article concludes that the research and professional community should collaborate to build an open data set to facilitate the geopolitical and/or technical analysis and synthesis of the role of malware in cyber espionage.

  17. Setting Component Priorities in Protecting NPPs against Cyber-Attacks Using Reliability Analysis Techniques

    International Nuclear Information System (INIS)

    Choi, Moon Kyoung; Seong, Poong Hyun; Son, Han Seong

    2017-01-01

    The digitalization of infrastructure makes systems vulnerable to cyber threats and hybrid attacks. According to ICS-CERT report, as time goes by, the number of vulnerabilities in ICS industries increases rapidly. Digital I and C systems have been developed and installed in nuclear power plants, and due to installation of the digital I and C systems, cyber security concerns are increasing in nuclear industry. However, there are too many critical digital assets to be inspected in digitalized NPPs. In order to reduce the inefficiency of regulation in nuclear facilities, the critical components that are directly related to an accident are elicited by using the reliability analysis techniques. Target initial events are selected, and their headings are analyzed through event tree analysis about whether the headings can be affected by cyber-attacks or not. Among the headings, the headings that can be proceeded directly to the core damage by the cyber-attack when they are fail are finally selected as the target of deriving the minimum cut-sets. We analyze the fault trees and derive the minimum set-cuts. In terms of original PSA, the value of probability for the cut-sets is important but the probability is not important in terms of cyber security of NPPs. The important factors is the number of basic events consisting of the minimal cut-sets that is proportional to vulnerability.

  18. PENEGAKAN HUKUM TERHADAP CYBER CRIME DI BIDANG PERBANKAN SEBAGAI KEJAHATAN TRANSNASIONAL

    Directory of Open Access Journals (Sweden)

    Tri Kuncoro

    2013-11-01

    Full Text Available ABSTRACTInternet has been used in various fields of life, one of which is banking. Banking activities are performed through Internet-banking. Through the internet-banking service, customers can conduct financial transactions without having to come to the bank. In this study addressed two issues namely the forms of cyber crime in the banking and jurisdiction in the law enforcement against cyber crime in banking. This research is a normative legal research. Legal materials collected through library research. In this research, legal materials were analyzed by using the description, interpretation, argumentation, evaluation and systematization.The forms of cyber crime in banking are typo site, keylogger / keystroke recorder, sniffing, brute-force attacking, deface web, email spamming, denial of service and virus, worm, trojan. Jurisdiction in the law enforcement against cyber crime in banking jurisdiction includes legislative, executive and enforcement jurisdiction. Jurisdiction specifically stipulated in Article 2 of Act of Republic of Indonesia Number 11 of 2008 concerning Information and Electronic Transactions. Banks should have an electronic security system to protect the system. The Law enforcement against cyber crime in banking requires cooperation between countries.

  19. Dampak Media Sosial dalam Cyber Bullying

    Directory of Open Access Journals (Sweden)

    Monica Hidajat

    2015-03-01

    Full Text Available The purpose of this research is to review two journals about social media effect for cyberbullying. First Journal is written by Eddie Fisher with the title From Cyber Bullying to Cyber Coping: The Misuse of Mobile Technology and Social Media and Their Effects on People’s Lives and the second journal is written by ReginaldH. Gonzales with the title Social Media as a Channel and its Implications on Cyber Bullying. First Journal focus on condition and cyber bullying state by interview respondents in law terms. Second journal focus on handling cyber bullying case at social media. Social medial cause few cases of cyberbullying increasing because of its characteristic that possible to spread information easily and fast. Socialization proper use of social media needs to be done to improve public awareness about the dangers of misuse of social media.

  20. Mathematical and Statistical Opportunities in Cyber Security

    Energy Technology Data Exchange (ETDEWEB)

    Meza, Juan; Campbell, Scott; Bailey, David

    2009-03-23

    The role of mathematics in a complex system such as the Internet has yet to be deeply explored. In this paper, we summarize some of the important and pressing problems in cyber security from the viewpoint of open science environments. We start by posing the question 'What fundamental problems exist within cyber security research that can be helped by advanced mathematics and statistics'? Our first and most important assumption is that access to real-world data is necessary to understand large and complex systems like the Internet. Our second assumption is that many proposed cyber security solutions could critically damage both the openness and the productivity of scientific research. After examining a range of cyber security problems, we come to the conclusion that the field of cyber security poses a rich set of new and exciting research opportunities for the mathematical and statistical sciences.

  1. China's Cyber Initiatives Counter International Pressure

    Directory of Open Access Journals (Sweden)

    Emilio Iasiello

    2017-03-01

    Full Text Available Prior to its historic 2015 “no hack” pact for commercial advantage with the United States, Beijing has been engaged drafting and passing legislation, most with specific cyber components, to enhance its security posture while protecting its economic interests. This approach is in stark contrast to United States efforts that have demonstrated a focus on “acting globally, thinking locally” philosophy wherein most of its cyber efforts have been outwardly facing and are distinct from other security considerations. This paper suggests that by strengthening its domestic front with a legal framework, Beijing is preparing itself to counter any foreign initiative contrary to Beijing’s plans (e.g., cyber norms of behavior, cyber sanctions, etc. by being able to exert legal measures against foreign interests in country, thereby preserving its cyber sovereignty.

  2. Analyzing Cyber-Physical Threats on Robotic Platforms.

    Science.gov (United States)

    Ahmad Yousef, Khalil M; AlMajali, Anas; Ghalyon, Salah Abu; Dweik, Waleed; Mohd, Bassam J

    2018-05-21

    Robots are increasingly involved in our daily lives. Fundamental to robots are the communication link (or stream) and the applications that connect the robots to their clients or users. Such communication link and applications are usually supported through client/server network connection. This networking system is amenable of being attacked and vulnerable to the security threats. Ensuring security and privacy for robotic platforms is thus critical, as failures and attacks could have devastating consequences. In this paper, we examine several cyber-physical security threats that are unique to the robotic platforms; specifically the communication link and the applications. Threats target integrity, availability and confidential security requirements of the robotic platforms, which use MobileEyes/arnlServer client/server applications. A robot attack tool (RAT) was developed to perform specific security attacks. An impact-oriented approach was adopted to analyze the assessment results of the attacks. Tests and experiments of attacks were conducted in simulation environment and physically on the robot. The simulation environment was based on MobileSim; a software tool for simulating, debugging and experimenting on MobileRobots/ActivMedia platforms and their environments. The robot platform PeopleBot TM was used for physical experiments. The analysis and testing results show that certain attacks were successful at breaching the robot security. Integrity attacks modified commands and manipulated the robot behavior. Availability attacks were able to cause Denial-of-Service (DoS) and the robot was not responsive to MobileEyes commands. Integrity and availability attacks caused sensitive information on the robot to be hijacked. To mitigate security threats, we provide possible mitigation techniques and suggestions to raise awareness of threats on the robotic platforms, especially when the robots are involved in critical missions or applications.

  3. Analyzing Cyber-Physical Threats on Robotic Platforms †

    Science.gov (United States)

    2018-01-01

    Robots are increasingly involved in our daily lives. Fundamental to robots are the communication link (or stream) and the applications that connect the robots to their clients or users. Such communication link and applications are usually supported through client/server network connection. This networking system is amenable of being attacked and vulnerable to the security threats. Ensuring security and privacy for robotic platforms is thus critical, as failures and attacks could have devastating consequences. In this paper, we examine several cyber-physical security threats that are unique to the robotic platforms; specifically the communication link and the applications. Threats target integrity, availability and confidential security requirements of the robotic platforms, which use MobileEyes/arnlServer client/server applications. A robot attack tool (RAT) was developed to perform specific security attacks. An impact-oriented approach was adopted to analyze the assessment results of the attacks. Tests and experiments of attacks were conducted in simulation environment and physically on the robot. The simulation environment was based on MobileSim; a software tool for simulating, debugging and experimenting on MobileRobots/ActivMedia platforms and their environments. The robot platform PeopleBotTM was used for physical experiments. The analysis and testing results show that certain attacks were successful at breaching the robot security. Integrity attacks modified commands and manipulated the robot behavior. Availability attacks were able to cause Denial-of-Service (DoS) and the robot was not responsive to MobileEyes commands. Integrity and availability attacks caused sensitive information on the robot to be hijacked. To mitigate security threats, we provide possible mitigation techniques and suggestions to raise awareness of threats on the robotic platforms, especially when the robots are involved in critical missions or applications. PMID:29883403

  4. Analyzing Cyber-Physical Threats on Robotic Platforms

    Directory of Open Access Journals (Sweden)

    Khalil M. Ahmad Yousef

    2018-05-01

    Full Text Available Robots are increasingly involved in our daily lives. Fundamental to robots are the communication link (or stream and the applications that connect the robots to their clients or users. Such communication link and applications are usually supported through client/server network connection. This networking system is amenable of being attacked and vulnerable to the security threats. Ensuring security and privacy for robotic platforms is thus critical, as failures and attacks could have devastating consequences. In this paper, we examine several cyber-physical security threats that are unique to the robotic platforms; specifically the communication link and the applications. Threats target integrity, availability and confidential security requirements of the robotic platforms, which use MobileEyes/arnlServer client/server applications. A robot attack tool (RAT was developed to perform specific security attacks. An impact-oriented approach was adopted to analyze the assessment results of the attacks. Tests and experiments of attacks were conducted in simulation environment and physically on the robot. The simulation environment was based on MobileSim; a software tool for simulating, debugging and experimenting on MobileRobots/ActivMedia platforms and their environments. The robot platform PeopleBotTM was used for physical experiments. The analysis and testing results show that certain attacks were successful at breaching the robot security. Integrity attacks modified commands and manipulated the robot behavior. Availability attacks were able to cause Denial-of-Service (DoS and the robot was not responsive to MobileEyes commands. Integrity and availability attacks caused sensitive information on the robot to be hijacked. To mitigate security threats, we provide possible mitigation techniques and suggestions to raise awareness of threats on the robotic platforms, especially when the robots are involved in critical missions or applications.

  5. Cyber-Physical Architecture Assisted by Programmable Networking

    OpenAIRE

    Rubio-Hernan, Jose; Sahay, Rishikesh; De Cicco, Luca; Garcia-Alfaro, Joaquin

    2018-01-01

    Cyber-physical technologies are prone to attacks, in addition to faults and failures. The issue of protecting cyber-physical systems should be tackled by jointly addressing security at both cyber and physical domains, in order to promptly detect and mitigate cyber-physical threats. Towards this end, this letter proposes a new architecture combining control-theoretic solutions together with programmable networking techniques to jointly handle crucial threats to cyber-physical systems. The arch...

  6. Cyber risk: a big challenge in developed and emerging markets

    OpenAIRE

    Arcuri, Maria Cristina; Brogi, Marina; Gandolfi, Gino

    2016-01-01

    The dependence on cyberspace has considerably increased over time, as such, people look at risk associated with cyber technology. This chapter focuses on the cyber risk issue. The authors aim to describe the global state of the art and point out the potential negative consequences of this type of systemic risk. Cyber risk increasingly affects both public and private institutions. Some of the risks that entities face are the following: computer security breaches, cyber theft, cyber terrorism, ...

  7. Cyber Operations Between Russia and Ukraine During Ukrainian Conflict

    Directory of Open Access Journals (Sweden)

    Miroslava Pavlíková

    2016-06-01

    Full Text Available When the Ukraine crisis started in 2013, discussions about possible cyber warfare appeared. Debates about the usage of cyber tools in war conflicts have already been considered for the last few years and conflicts where actors possess these capacities emphasize the importance to analyze this phenomenon. This article examines cyber warfare between Russia and Ukraine during the Ukraine crisis and aims to analyze incidents in the cyber domain with considerations cyber war on a theoretical background.

  8. Integrating Biodiversity and Ecosystem Services in the Post-2015 Development Agenda: Goal Structure, Target Areas and Means of Implementation

    Directory of Open Access Journals (Sweden)

    Paul L. Lucas

    2013-12-01

    Full Text Available The United Nations’ discussions on defining a new set of post-2015 development goals focus on poverty eradication and sustainable development. Biodiversity and ecosystem services are essential for poverty eradication, which is also one of the foundations of the Strategic Plan for Biodiversity of the Convention on Biological Diversity (CBD. Based on an assessment of current proposals of goals and targets, and a quantitative pathway analysis to meet long term biodiversity and food security goals, this paper discusses how biodiversity and ecosystem services can be integrated into a broad set of goals and targets, and concludes with relevant target areas and means of implementation for which specific targets need to be defined. Furthermore, it responds to the call of the CBD to consider the Strategic Plan for Biodiversity and the related Aichi biodiversity targets in the post-2015 development agenda. The paper’s analysis identifies three overlapping but also supplemental ways to integrate biodiversity and ecosystem services in the post-2015 agenda: integrated goals, goals addressing earth system functioning and goals addressing environmental limits. It further concludes seven target areas to be included under the goals to address biodiversity and ecosystem services in the context of food and agriculture: access to food, demand for agricultural products, sustainable intensification, ecosystem fragmentation, protected areas, essential ecosystem services and genetic diversity. The Strategic Plan for Biodiversity provides a good basis for integrating biodiversity and ecosystem services in the post-2015 development agenda. Many Aichi targets address the proposed target areas and the means of implementation discussed, while they need to be complemented with targets that specifically address human well-being, as well as institutions and governance.

  9. Towards a Cyber Defense Framework for SCADA Systems Based on Power Consumption Monitoring

    Energy Technology Data Exchange (ETDEWEB)

    Hernandez Jimenez, Jarilyn M [ORNL; Chen, Qian [Savannah State University; Nichols, Jeff A. {Cyber Sciences} [ORNL; Calhoun, Chelsea [Savannah State University; Sykes, Summer [Savannah State University

    2017-01-01

    Supervisory control and data acquisition (SCADA) is an industrial automation system that remotely monitor, and control critical infrastructures. SCADA systems are major targets for espionage and sabotage attackers. According to the 2015 Dell security annual threat report, the number of cyber-attacks against SCADA systems has doubled in the past year. Cyber-attacks (i.e., buffer overflow, rootkits and code injection) could cause serious financial losses and physical infrastructure damages. Moreover, some specific cyber-attacks against SCADA systems could become a threat to human life. Current commercial off-the-shelf security solutions are insufficient in protecting SCADA systems against sophisticated cyber-attacks. In 2014 a report by Mandiant stated that only 69% of organizations learned about their breaches from third entities, meaning that these companies lack of their own detection system. Furthermore, these breaches are not detected in real-time or fast enough to prevent further damages. The average time between compromise and detection (for those intrusions that were detected) was 205 days. To address this challenge, we propose an Intrusion Detection System (IDS) that detects SCADA-specific cyber-attacks by analyzing the power consumption of a SCADA device. Specifically, to validate the proposed approach, we chose to monitor in real-time the power usage of a a Programmable Logic Controller (PLC). To this end, we configured the hardware of the tetsbed by installing the required sensors to monitor and collect its power consumption. After that two SCADA-specific cyber-attacks were simulated and TracerDAQ Pro was used to collect the power consumption of the PLC under normal and anomalous scenarios. Results showed that is possible to distinguish between the regular power usage of the PLC and when the PLC was under specific cyber-attacks.

  10. Development of Cyber Security Scheme for Nuclear Power Plant

    Energy Technology Data Exchange (ETDEWEB)

    Hong, S. B.; Choi, Y. S.; Cho, J. W. (and others)

    2009-12-15

    Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures.

  11. Development of Cyber Security Scheme for Nuclear Power Plant

    International Nuclear Information System (INIS)

    Hong, S. B.; Choi, Y. S.; Cho, J. W.

    2009-12-01

    Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures

  12. Cyber Vulnerabilities Within Critical Infrastructure: The Flaws of Industrial Control Systems in the Oil and Gas Industry

    Science.gov (United States)

    Alpi, Danielle Marie

    The 16 sectors of critical infrastructure in the US are susceptible to cyber-attacks. Potential attacks come from internal and external threats. These attacks target the industrial control systems (ICS) of companies within critical infrastructure. Weakness in the energy sector's ICS, specifically the oil and gas industry, can result in economic and ecological disaster. The purpose of this study was to establish means for oil companies to identify and stop cyber-attacks specifically APT threats. This research reviewed current cyber vulnerabilities and ways in which a cyber-attack may be deterred. This research found that there are insecure devices within ICS that are not regularly updated. Therefore, security issues have amassed. Safety procedures and training thereof are often neglected. Jurisdiction is unclear in regard to critical infrastructure. The recommendations this research offers are further examination of information sharing methods, development of analytic platforms, and better methods for the implementation of defense-in-depth security measures.

  13. Testing a user-driven approach in health promotion activities targeting users of psychiatric services

    DEFF Research Database (Denmark)

    Folmann Hempler, Nana; Saurbrey Pals, Regitze; Oest, Lone

    2017-01-01

    Compared to the general population, users of psychiatric services (users) are at higher risk of developing type 2 diabetes, which is associated with lifestyle behaviours. The aim of this study was to pilot test a new collaborative approach in health promotion targeting users. The approach is based...... with course participants and users. Professionals had to test at least one tool in a health promoting activity such as health checks, exercise etc. Data were collected through observations of health promoting activities (n=15) and questionnaires (n=54). Data were analysed using systematic text condensation...... and descriptive statistics. The majority of professionals found that the new approach to a moderate/high degree had improved their collaborative skills (89.3%) and Research Center of Health Promotionwas well-suited for their practice (93.5%). Observations showed that professionals successfully integrated...

  14. Building organisational cyber resilience: A strategic knowledge-based view of cyber security management.

    Science.gov (United States)

    Ferdinand, Jason

    The concept of cyber resilience has emerged in recent years in response to the recognition that cyber security is more than just risk management. Cyber resilience is the goal of organisations, institutions and governments across the world and yet the emerging literature is somewhat fragmented due to the lack of a common approach to the subject. This limits the possibility of effective collaboration across public, private and governmental actors in their efforts to build and maintain cyber resilience. In response to this limitation, and to calls for a more strategically focused approach, this paper offers a knowledge-based view of cyber security management that explains how an organisation can build, assess, and maintain cyber resilience.

  15. A Method to Analyze Threats and Vulnerabilities by Using a Cyber Security Test-bed of an Operating NPP

    Energy Technology Data Exchange (ETDEWEB)

    Kim, Yong Sik; Son, Choul Woong; Lee, Soo Ill [KHNP CRI, Daejeon (Korea, Republic of)

    2016-10-15

    In order to implement cyber security controls for an Operating NPP, a security assessment should conduct in advance, and it is essential to analyze threats and vulnerabilities for a cyber security risk assessment phase. It might be impossible to perform a penetration test or scanning for a vulnerability analysis because the test may cause adverse effects on the inherent functions of ones. This is the reason why we develop and construct a cyber security test-bed instead of using real I and C systems in the operating NPP. In this paper, we propose a method to analyze threats and vulnerabilities of a specific target system by using a cyber security test-bed. The test-bed is being developed considering essential functions of the selected safety and non-safety system. This paper shows the method to analyze threats and vulnerabilities of a specific target system by using a cyber security test-bed. In order to develop the cyber security test-bed with both safety and non-safety functions, test-bed functions analysis and preliminary threats and vulnerabilities identification have been conducted. We will determine the attack scenarios and conduct the test-bed based vulnerability analysis.

  16. A Method to Analyze Threats and Vulnerabilities by Using a Cyber Security Test-bed of an Operating NPP

    International Nuclear Information System (INIS)

    Kim, Yong Sik; Son, Choul Woong; Lee, Soo Ill

    2016-01-01

    In order to implement cyber security controls for an Operating NPP, a security assessment should conduct in advance, and it is essential to analyze threats and vulnerabilities for a cyber security risk assessment phase. It might be impossible to perform a penetration test or scanning for a vulnerability analysis because the test may cause adverse effects on the inherent functions of ones. This is the reason why we develop and construct a cyber security test-bed instead of using real I and C systems in the operating NPP. In this paper, we propose a method to analyze threats and vulnerabilities of a specific target system by using a cyber security test-bed. The test-bed is being developed considering essential functions of the selected safety and non-safety system. This paper shows the method to analyze threats and vulnerabilities of a specific target system by using a cyber security test-bed. In order to develop the cyber security test-bed with both safety and non-safety functions, test-bed functions analysis and preliminary threats and vulnerabilities identification have been conducted. We will determine the attack scenarios and conduct the test-bed based vulnerability analysis

  17. The Associations between Substance Use, Sexual Behaviors, Bullying, Deviant Behaviors, Health, and Cyber Dating Abuse Perpetration

    Science.gov (United States)

    Van Ouytsel, Joris; Torres, Elizabeth; Choi, Hye Jeong; Ponnet, Koen; Walrave, Michel; Temple, Jeff R.

    2017-01-01

    Dating violence is an important public health concern and is considered to be a form of school violence. While digital technologies have enabled perpetrators of dating violence to target their victims online (cyber dating abuse), little is known about how this form of perpetration relates to specific adolescent risk behaviors. This brief research…

  18. The Relationships between Cyber Bullying, Academic Constructs, and Extracurricular Participation among Middle Schoolers

    Science.gov (United States)

    Shamel, Kimberly A.

    2013-01-01

    Bullying is a large scale social problem impacting educational systems nationwide, and has been linked to negative outcomes for both bullies and targets. Bullying has become more highly technological and is most often referred to as cyber bullying. Bullies have begun to use the internet, social networking sites, e-mail, instant messaging (IM),…

  19. Cognitive and Non-cognitive Predictors of Career Intentions within Cyber Jobs

    Science.gov (United States)

    2016-04-01

    Aptitude Battery (ASVAB). FR-06-25). Alexandria, VA: Human Resources Research Organization. Edwards, J. R. (1991). Person-job-fit: A conceptual...Management (OPM) and Sony studios, are examples of this inclusion of specific agencies and organizations as targets of cyber warfare. Despite this

  20. New Tools for a New Terrain Air Force Support to Special Operations in the Cyber Environment

    Science.gov (United States)

    2016-08-01

    54 3 PREFACE As a career targeteer for the US...capabilities of a toolkit of cyber options, from hardware on the front lines to “digital reachback” relationships with USCYBERCOM, is to leave...of career fields, including, but not limited to, cyberspace operations, intelligence, aircrew operations, command and control systems operations, and

  1. Cyber-Bullying in the Online Classroom: Instructor Perceptions of Aggressive Student Behavior

    Science.gov (United States)

    Eskey, Michael T.; Taylor, Cathy L.; Eskey, Michael T., Jr.

    2014-01-01

    The advent of online learning has created the medium for cyber-bullying in the virtual classroom and also by e-mail. Bullying is usually expected in the workplace and between students in the classroom. Most recently, however, faculty members have become surprising targets of online bullying. For many, there are no established policies nor is…

  2. The SafeCOP ECSEL Project: Safe Cooperating Cyber-Physical Systems Using Wireless Communication

    DEFF Research Database (Denmark)

    Pop, Paul; Scholle, Detlef; Hansson, Hans

    2016-01-01

    This paper presents an overview of the ECSEL project entitled "Safe Cooperating Cyber-Physical Systems using Wireless Communication" (SafeCOP), which runs during the period 2016 -- 2019. SafeCOP targets safety-related Cooperating Cyber-Physical Systems (CO-CPS) characterised by use of wireless...... detection of abnormal behaviour, triggering if needed a safe degraded mode. SafeCOP will also develop methods and tools, which will be used to produce safety assurance evidence needed to certify cooperative functions. SafeCOP will extend current wireless technologies to ensure safe and secure cooperation...

  3. What kind of cyber security? Theorising cyber security and mapping approaches

    OpenAIRE

    Laura Fichtner

    2018-01-01

    Building on conceptual work on security and cyber security, the paper explores how different approaches to cyber security are constructed. It outlines structural components and presents four common approaches. Each of them suggests a different role for the actors involved and is motivated and justified by different values such as privacy, economic order and national security. When a cyber security policy or initiative is chosen by policymakers, the analysis of the underlying approach enhances...

  4. Anonymous As a Cyber Tribe: A New Model for Complex, Non-State Cyber Actors

    Science.gov (United States)

    2015-05-01

    personas. Only then can cyber strategists exercise the required amount of cultural relativism needed to influence complex, and sometimes disturbing...that runs counter to their professional ethic ? When cyber tribes employ atrocity to create cultural barriers, how will planners remain focused on...as a cyber actor’s motivation? Meeting these challenges requires new levels of cultural relativism —the understanding of a “culture or a cultural

  5. Co-simulation Design towards Cyber-Physical Robotic Applications : Leveraging FMI Standard and CSP Semantics

    NARCIS (Netherlands)

    Lu, Zhou; Broenink, Johannes F.

    2017-01-01

    Designing a software controller for multi-task automated service robotics is becoming increasingly complex. The combination of discrete (cyber) and continuous (physical) domains and multiple engineering fields makes it quite challenging to couple different subsystems as a whole for further

  6. PROHIBITION OF USE OF FORCE AND CYBER OPERATIONS AS “FORCE”

    Directory of Open Access Journals (Sweden)

    Huseyin Kuru

    2017-07-01

    Full Text Available Technology have become core element of the critical infrastructures that maintain communities’ vital services. While this situation facilitates the daily life of the societies, systems running online are exposed to risks from vulnerabilities based on internet and systems. Increasing cyber-attacks, especially between countries in governmental level, created a new term “cyber warfare”. As in all the evolutions of the war, the concept of cyber warfare also needs original rules due to its unique characteristics. International society has divided into two groups. First group claims that existing conflict rules should apply this new battle field and the other group says the situation requires a new consensus. The purpose of this study is to examine the scope of the prohibition and to explain exceptions, by examining the developed approaches for establishing the conditions for the use of force in cyber operations, highlighting the most appropriate evaluation criteria with emphasizing existing limitations. In the light of the data collected, the literature was searched exhaustively to achieve this aim. What characteristics cyber-operations should have and objective approaches that we can use for the assessment and we can suppose as use of force will be also discussed.

  7. Behavioural Profiling in Cyber-Social Systems

    DEFF Research Database (Denmark)

    Perno, Jason; Probst, Christian W.

    2017-01-01

    Computer systems have evolved from standalone systems, over networked systems, to cyber-physical systems. In all stages, human operators have been essential for the functioning of the system and for understanding system messages. Recent trends make human actors an even more central part of computer...... systems, resulting in what we call "cyber-social systems". In cyber-social systems, human actors and their interaction with a system are essential for the state of the system and its functioning. Both the system's operation and the human's operating it are based on an assumption of each other's behaviour...

  8. Perceptions of Popularity-Related Behaviors in the Cyber Context: Relations to Cyber Social Behaviors

    Directory of Open Access Journals (Sweden)

    Michelle F. Wright

    2015-01-01

    Full Text Available Despite acknowledging that adolescents are active users of electronic technology, little is known about their perceptions concerning how such technologies might be used to promote their social standing among their peer group and whether these perceptions relate to their cyber social behaviors (i.e., cyber aggression perpetration, cyber prosocial behavior. To address this gap in the literature, the present study included 857 seventh graders (M age: 12.19; 50.8% female from a large Midwestern city in the United States. They completed questionnaires on face-to-face social behaviors, cyber social behaviors, perceived popularity, social preference, and their perceptions of characteristics and activities related to the cyber context which might be used to promote popularity. Findings revealed four activities and characteristics used to improve adolescents’ social standing in the peer group, including antisocial behaviors, sociability, prosocial behaviors, and technology access. Using antisocial behaviors in the cyber context to promote popularity was related to cyber aggression perpetration, while controlling for gender, social preference, and perceived popularity. On the other hand, sociability and prosocial behaviors in the cyber context used to improve popularity as well as technology access were associated with cyber prosocial behavior. A call for additional research is made.

  9. Cyber security in nuclear power plants and its portability to other industrial infrastructures

    Energy Technology Data Exchange (ETDEWEB)

    Champigny, Sebastien; Gupta, Deeksha; Watson, Venesa; Waedt, Karl [AREVA GmbH, Erlangen (Germany)

    2017-06-15

    Power generation increasingly relies on decentralised and interconnected computerised systems. Concepts like ''Industrial Internet of Things'' of the Industrial Internet Consortium (IIC), and ''Industry 4.0'' find their way in this strategic industry. Risk of targeted exploits of errors and vulnerabilities increases with complexity, interconnectivity and decentralization. Inherently stringent security requirements and features make nuclear computerised applications and systems a benchmark for industrial counterparts seeking to hedge against those risks. Consequently, this contribution presents usual cyber security regulations and practices for nuclear power plants. It shows how nuclear cyber security can be ported and used in an industrial context to protect critical infrastructures against cyber-attacks and industrial espionage.

  10. A Review of Cyber-Physical Energy System Security Assessment

    DEFF Research Database (Denmark)

    Rasmussen, Theis Bo; Yang, Guangya; Nielsen, Arne Hejde

    2017-01-01

    Increasing penetration of renewable energy resources (RES) and electrification of services by implementing distributed energy resources (DER) has caused a paradigm shift in the operation of the power system. The controllability of the power system is predicted to be shifted from the generation side...... to the consumption side. This transition entails that the future power system evolves into a complex cyber-physical energy system (CPES) with strong interactions between the power, communication and neighboring energy systems. Current power system security assessment methods are based on centralized computation...

  11. Cyber Security: Assessing Our Vulnerabilities and Developing an Effective Defense

    Science.gov (United States)

    Spafford, Eugene H.

    The number and sophistication of cyberattacks continues to increase, but no national policy is in place to confront them. Critical systems need to be built on secure foundations, rather than the cheapest general-purpose platform. A program that combines education in cyber security, increasing resources for law enforcement, development of reliable systems for critical applications, and expanding research support in multiple areas of security and reliability is essential to combat risks that are far beyond the nuisances of spam email and viruses, and involve widespread espionage, theft, and attacks on essential services.

  12. Smart Cities as Cyber-Physical Social Systems

    Directory of Open Access Journals (Sweden)

    Christos G. Cassandras

    2016-06-01

    Full Text Available The emerging prototype for a Smart City is one of an urban environment with a new generation of innovative services for transportation, energy distribution, healthcare, environmental monitoring, business, commerce, emergency response, and social activities. Enabling the technology for such a setting requires a viewpoint of Smart Cities as cyber-physical systems (CPSs that include new software platforms and strict requirements for mobility, security, safety, privacy, and the processing of massive amounts of information. This paper identifies some key defining characteristics of a Smart City, discusses some lessons learned from viewing them as CPSs, and outlines some fundamental research issues that remain largely open.

  13. The implications of transnational cyber threats in international humanitarian law: analysing the distinction between cybercrime, cyber attack, and cyber warfare in the 21st century

    OpenAIRE

    Faga, Hemen Philip

    2017-01-01

    This paper is an attempt to draw distinctive lines between the concepts of cybercrime, cyber-attack, and cyber warfare in the current information age, in which it has become difficult to separate the activities of transnational criminals from acts of belligerents using cyberspace. The paper considers the implications of transnational cyber threats in international humanitarian law (IHL) with a particular focus on cyber-attacks by non-state actors, the principles of state responsibility, and t...

  14. Development of a cyber security risk model using Bayesian networks

    International Nuclear Information System (INIS)

    Shin, Jinsoo; Son, Hanseong; Khalil ur, Rahman; Heo, Gyunyoung

    2015-01-01

    Cyber security is an emerging safety issue in the nuclear industry, especially in the instrumentation and control (I and C) field. To address the cyber security issue systematically, a model that can be used for cyber security evaluation is required. In this work, a cyber security risk model based on a Bayesian network is suggested for evaluating cyber security for nuclear facilities in an integrated manner. The suggested model enables the evaluation of both the procedural and technical aspects of cyber security, which are related to compliance with regulatory guides and system architectures, respectively. The activity-quality analysis model was developed to evaluate how well people and/or organizations comply with the regulatory guidance associated with cyber security. The architecture analysis model was created to evaluate vulnerabilities and mitigation measures with respect to their effect on cyber security. The two models are integrated into a single model, which is called the cyber security risk model, so that cyber security can be evaluated from procedural and technical viewpoints at the same time. The model was applied to evaluate the cyber security risk of the reactor protection system (RPS) of a research reactor and to demonstrate its usefulness and feasibility. - Highlights: • We developed the cyber security risk model can be find the weak point of cyber security integrated two cyber analysis models by using Bayesian Network. • One is the activity-quality model signifies how people and/or organization comply with the cyber security regulatory guide. • Other is the architecture model represents the probability of cyber-attack on RPS architecture. • The cyber security risk model can provide evidence that is able to determine the key element for cyber security for RPS of a research reactor

  15. Extracranial stereotactic radiotherapy: preliminary results with the CyberKnife.

    Science.gov (United States)

    Lartigau, Eric; Mirabel, Xavier; Prevost, Bernard; Lacornerie, Thomas; Dubus, Francois; Sarrazin, Thierry

    2009-04-01

    In the field of radiation oncology, equipment for fractionated radiotherapy and single-dose radiosurgery has become increasingly accurate, together with the introduction of robotized treatments. A robot is a device that can be programmed to carry out accurate, repeated and adjusted tasks in a given environment. Treatment of extracranial lesions involves taking into account organ mobility (tumor and healthy tissue) whilst retaining the ability to stereotactically locate the target. New imaging techniques (single-photon emission computed tomography (SPECT), magnetic resonance imaging (MRI), positron emission tomography (PET)) provide further relevant information to slice images (computed tomography (CT) scans, MRI) for target definition. Hypo-fractionated treatments can only be used for curative treatment if the target is accurately defined and tracked during treatment. The CyberKnife is a non-invasive system of radiosurgery and fractionated stereotactic radiotherapy. For intracranial lesions treated by single-dose radiosurgery, it has been used to treat meningioma, acoustic neuromas, pituitary adenoma, metastases, arteriovenous malformations and refractory pain (trigeminal neuralgia). More than 10,000 patients have been treated worldwide. Currently, the most significant developments are in the field of extracranial stereotactic radiotherapy (lung, liver, reirradiation, prostate, etc.). Clinical results obtained in the CyberKnife Nord-Ouest program after 1 year of experience are presented. Copyright 2009 S. Karger AG, Basel.

  16. Information fusion for cyber-security analytics

    CERN Document Server

    Karabatis, George; Aleroud, Ahmed

    2017-01-01

    This book highlights several gaps that have not been addressed in existing cyber security research. It first discusses the recent attack prediction techniques that utilize one or more aspects of information to create attack prediction models. The second part is dedicated to new trends on information fusion and their applicability to cyber security; in particular, graph data analytics for cyber security, unwanted traffic detection and control based on trust management software defined networks, security in wireless sensor networks & their applications, and emerging trends in security system design using the concept of social behavioral biometric. The book guides the design of new commercialized tools that can be introduced to improve the accuracy of existing attack prediction models. Furthermore, the book advances the use of Knowledge-based Intrusion Detection Systems (IDS) to complement existing IDS technologies. It is aimed towards cyber security researchers. .

  17. HYBRID THREATS, CYBER WARFARE AND NATO'S ...

    African Journals Online (AJOL)

    Bachmans

    cyber'1 and kinetic responses to international terrorism have increasingly .... joint action and coordination is highlighted by the fact that the government in the scenario did ...... Qaeda), that man should live in the same technological conditions as.

  18. CYBER-DIGITAL PLAGIARISM: AN AWARENESS APPROACH*

    African Journals Online (AJOL)

    Lehobye

    Plagiarism, as opposed to cyber-ethics, is the practice of claiming or implying original authorship, in whole or in part, by incorporating ... the "Borrowing, purchasing, or otherwise obtaining work composed by someone else and submitting it ...

  19. Cyber Literature: A Reader – Writer Interactivity

    Directory of Open Access Journals (Sweden)

    Fathu Rahman

    2017-06-01

    Full Text Available Cyber Literature is a term known since the coming of the internet which brings a convenience, changing habit and world view. This study is a survey-based on respondents’ opinion about the existence of cyber literature on social media; of its benefit and impact to the reader. This study limits to the poems on Facebook group. The reason is simple; it favors the short form. For the study of a reader-writer interactivity in cyber literature is more likely on poetry. The approach is reader response literary theory with focus on the reader-writer interactivity on Facebook. This research aimed at uncovering the motivation of readers to response the uploaded text, the reasons why they love it and what its advantages. The results showed that cyber literature is successfully to introduce a new literary genre as well as to raise motivation and creativity of authors to make use the internet space.

  20. Realizing Scientific Methods for Cyber Security

    Energy Technology Data Exchange (ETDEWEB)

    Carroll, Thomas E.; Manz, David O.; Edgar, Thomas W.; Greitzer, Frank L.

    2012-07-18

    There is little doubt among cyber security researchers about the lack of scientic rigor that underlies much of the liter-ature. The issues are manifold and are well documented. Further complicating the problem is insufficient scientic methods to address these issues. Cyber security melds man and machine: we inherit the challenges of computer science, sociology, psychology, and many other elds and create new ones where these elds interface. In this paper we detail a partial list of challenges imposed by rigorous science and survey how other sciences have tackled them, in the hope of applying a similar approach to cyber security science. This paper is by no means comprehensive: its purpose is to foster discussion in the community on how we can improve rigor in cyber security science.

  1. Cyber security analytics, technology and automation

    CERN Document Server

    Neittaanmäki, Pekka

    2015-01-01

    Over the last two decades, the Internet and more broadly cyberspace has had a tremendous impact on all parts of society. Governments across the world have started to develop cyber security strategies and to consider cyberspace as an increasingly important international issue. The book, in addition to the cyber threats and technology, processes cyber security from many sides as a social phenomenon and how the implementation of the cyber security strategy is carried out. The book gives a profound idea of the most spoken phenomenon of this time. The book is suitable for a wide-ranging audience from graduate to professionals/practitioners and researchers. Relevant disciplines for the book are  Telecommunications / Network security, Applied mathematics / Data analysis, Mobile systems / Security, Engineering / Security of critical infrastructure and Military science / Security.

  2. Evaluating cyber security awareness in South Africa

    CSIR Research Space (South Africa)

    Grobler, M

    2011-07-01

    Full Text Available broadband capability and knowledge transfer within rural communities. To evaluate the current level of cyber security awareness, a series of exploratory surveys have been distributed to less technologically resourced entities in rural and deep rural...

  3. International co-operation in cyber resilience

    NARCIS (Netherlands)

    Zielstra, A.; Luiijf, H.A.M.; Duijnhoven, H.L.

    2015-01-01

    All stakeholders in cyber security and resilience have obligations; it is time to end the period of loose, non-binding collaborations, say Annemarie Zielstra, Eric Luiijf and Hanneke Duijnhoven, in this call for nations to work more closely together

  4. APPROACH TO CYBER SECURITY ISSUES IN NIGERIA: CHALLENGES AND SOLUTION

    OpenAIRE

    Frank Ibikunle; Odunayo Eweniyi

    2013-01-01

    Cyber-space refers to the boundless space known as the internet. Cyber-security is the body of rules put in place for the protection of the cyber space. Cyber-crime refers to the series of organized crime attacking both cyber space and cyber security. The Internet is one of the fastest-growing areas of technical infrastructure development. Over the past decades, the growth of the internet and its use afforded everyone this opportunity. Google, Wikipedia and Bing to mention a few, give detaile...

  5. DCT-based cyber defense techniques

    Science.gov (United States)

    Amsalem, Yaron; Puzanov, Anton; Bedinerman, Anton; Kutcher, Maxim; Hadar, Ofer

    2015-09-01

    With the increasing popularity of video streaming services and multimedia sharing via social networks, there is a need to protect the multimedia from malicious use. An attacker may use steganography and watermarking techniques to embed malicious content, in order to attack the end user. Most of the attack algorithms are robust to basic image processing techniques such as filtering, compression, noise addition, etc. Hence, in this article two novel, real-time, defense techniques are proposed: Smart threshold and anomaly correction. Both techniques operate at the DCT domain, and are applicable for JPEG images and H.264 I-Frames. The defense performance was evaluated against a highly robust attack, and the perceptual quality degradation was measured by the well-known PSNR and SSIM quality assessment metrics. A set of defense techniques is suggested for improving the defense efficiency. For the most aggressive attack configuration, the combination of all the defense techniques results in 80% protection against cyber-attacks with PSNR of 25.74 db.

  6. TCIA Secure Cyber Critical Infrastructure Modernization.

    Energy Technology Data Exchange (ETDEWEB)

    Keliiaa, Curtis M. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2017-02-01

    The Sandia National Laboratories (Sandia Labs) tribal cyber infrastructure assurance initiative was developed in response to growing national cybersecurity concerns in the the sixteen Department of Homeland Security (DHS) defined critical infrastructure sectors1. Technical assistance is provided for the secure modernization of critical infrastructure and key resources from a cyber-ecosystem perspective with an emphasis on enhanced security, resilience, and protection. Our purpose is to address national critical infrastructure challenges as a shared responsibility.

  7. Automated Big Traffic Analytics for Cyber Security

    OpenAIRE

    Miao, Yuantian; Ruan, Zichan; Pan, Lei; Wang, Yu; Zhang, Jun; Xiang, Yang

    2018-01-01

    Network traffic analytics technology is a cornerstone for cyber security systems. We demonstrate its use through three popular and contemporary cyber security applications in intrusion detection, malware analysis and botnet detection. However, automated traffic analytics faces the challenges raised by big traffic data. In terms of big data's three characteristics --- volume, variety and velocity, we review three state of the art techniques to mitigate the key challenges including real-time tr...

  8. The Rise of the Autonomous Cyber Criminal

    OpenAIRE

    Rogers, Marcus

    2015-01-01

    Are we on the threshold of a new evolution of cyber crime? There has been numerous discussions and SciFi themes that have centered around truly autonomous online criminal behavior. This talk will look at the myths and realities surrounding the potential for automated systems to turn to the "dark side" and become uber cyber criminals, and what if anything we can do to prevent or at least detect this type of criminal behavior.

  9. Critical infrastructure cyber-security risk management

    OpenAIRE

    Spyridopoulos, T.; Maraslis, K.; Tryfonas, T.; Oikonomou, G.

    2017-01-01

    Traditional IT cyber-security risk management methods are based on the evaluation of risks calculated as the likelihood of cyber-security incidents occurring. However, these probabilities are usually estimations or guesses based on past experience and incomplete data. Incorrect estimations can lead to errors in the evaluation of risks that can ultimately affect the protection of the system. This issue is also transferred to methods used in Industrial Control Systems (ICSs), as they are mainly...

  10. Cyber security in ports: Business as usual

    OpenAIRE

    Moerel, Lokke; Dezeure, Freddy

    2017-01-01

    Our paper summarizes the risks and provides concrete and pragmatic proposals to increase substantially the cyber maturity and resilience in the ports by organizing training and awareness raising, fostering cooperation and information exchange both between the stakeholders in the ports and across the ports and integrating the cyber risk into the physical security risk management processes and structures already in place within the ports. This also involves a higher degree of oversight by the P...

  11. National Guard Forces in the Cyber Domain

    Science.gov (United States)

    2015-05-22

    TITLE AND SUBTITLE National Guard Forces in the Cyber Domain 5a. CONTRACT NUMBER 5b. GRANT NUMBER 5c. PROGRAM ELEMENT NUMBER 6. AUTHOR(S...Soldiers. Army Cyber Command (ARCYBER) commander, Lieutenant General Edward Cardon stated that Guard will begin to build combat power with...90 2014 Quadrennial Defense Review, 15. 91 Ibid. 92 Edward C. Cardon , "ARMY.MIL, The Official Homepage of the United

  12. Human organ trafficking in the cyber space

    Directory of Open Access Journals (Sweden)

    Vuletić Dejan

    2009-01-01

    Full Text Available The accelerated growth of the information-communication technology use brought about cyber crime as a new form of crime connected with the misuse of computer network. Human trafficking and human organ trafficking are changing in line with the state-of-art technological achievements i.e. becoming more and more characteristic of cyber space. Passing appropriate regulations at both national and international levels presents an important step in solving the problem of human organ trafficking through Internet.

  13. Cyber Security Audit and Attack Detection Toolkit

    Energy Technology Data Exchange (ETDEWEB)

    Peterson, Dale

    2012-05-31

    This goal of this project was to develop cyber security audit and attack detection tools for industrial control systems (ICS). Digital Bond developed and released a tool named Bandolier that audits ICS components commonly used in the energy sector against an optimal security configuration. The Portaledge Project developed a capability for the PI Historian, the most widely used Historian in the energy sector, to aggregate security events and detect cyber attacks.

  14. What good cyber resilience looks like.

    Science.gov (United States)

    Hult, Fredrik; Sivanesan, Giri

    In January 2012, the World Economic Forum made cyber attacks its fourth top global risk. In the 2013 risk report, cyber attacks were noted to be an even higher risk in absolute terms. The reliance of critical infrastructure on cyber working has never been higher; the frequency, intensity, impact and sophistication of attacks is growing. This trend looks likely to continue. It can be argued that it is no longer a question whether an organisation will be successfully hacked, but how long it will take to detect. In the ever-changing cyber environment, traditional protection techniques and reliance on preventive controls are not enough. A more agile approach is required to give assurance of a sufficiently secure digital society. Are we faced with a paradigm shift or a storm in a digital teacup? This paper offers an introduction to why cyber is important, a wider taxonomy on the topic and some historical context on how the discipline of cyber security has evolved, and an interpretation on what this means in the new normal of today.

  15. NATIONAL SECURITY IMPLICATIONS OF CYBER THREATS

    Directory of Open Access Journals (Sweden)

    ALEJANDRO AMIGO TOSSI

    2017-09-01

    Full Text Available Cyber threat is one of the main risks for security in developing countries, as well in States on the development path, such as ours. This phenomena is a challenge to national security, that needs the adoption of a paramount approach in its analysis, that have to consider all the aspects that had transformed the actors and malevolent actions in this environment in one of the most important challenges to the security of governmental as well as private organizations all over the world. States, hackers, cyber activists, and cyber criminals have been main actors in several situations that had shaped a new dimension for international and national security. The purpose of this article is to propose topics that could be included in the national assessment of cyber threats to the Chilean national security, based upon several conceptual definitions, cyber attacks already executed to state and military organization’s in Chile, and lastly, considerations over cyber threats included in the National Security Strategies of some western powers.

  16. Reading Faculty’s Research Publications Helps to Determine Which Professors to Target for Data Services

    Directory of Open Access Journals (Sweden)

    Giovanna Badia

    2014-03-01

    Full Text Available Objective – The research project examined university faculty’s publications in order to find professors with previous data experiences. The professors could then be approached with an offer of the library’s data services. Design – Bibliographic study. Setting – Department of Crop Sciences in the College of Agricultural, Consumer, and Environmental Sciences at the University of Illinois at Urbana-Champaign. Subjects – A total of 62 assistant, associate, and full professors. Methods – The author searched Web of Science and faculty web pages to find each of the subjects’ two most recent research or review articles. Altogether, 124 articles were read to check whether data sources were used and shared. Data sources were defined as sources other than traditional citations to literature for information or ideas, such as data repositories, supplementary files, and weather stations. Data sharing was defined as publicly sharing data beyond that published in the journal article, such as providing supplementary files with the article or submitting data sets to a disciplinary repository (p. 205. Main Results – Thirty of the 124 articles, which were written by 20 different professors, referred to additional data that was made openly accessible. The analysis of the articles uncovered a variety of data experiences, such as faculty who utilized repository data, published supplementary files, submitted their own data to repositories, or posted data on their university’s website. These 20 faculty members were contacted and asked for a meeting “to discuss their data sharing thoughts and experiences and to ask whether they [saw] a role for the library in facilitating data sharing” (p. 206. The author received a positive response from seven of the faculty members and had a successful meeting with each of them. Conclusion – A bibliographic study can be employed to select which professors to target for data services. While this method is time

  17. International note: awareness and context of cyber-harassment among secondary school students in Oyo state, Nigeria.

    Science.gov (United States)

    Olumide, Adesola O; Adams, Patricia; Amodu, Olukemi K

    2015-02-01

    We determined the awareness and context of cyber-harassment among secondary school students (653 survey respondents and 18 in-depth interviewees) in Oyo state, Nigeria. Respondents' mean age was 14.2 ± 2.2 years and 53.9% were aware of cyber-harassment occurring in their school or among their friends. Cyber-harassment was often perpetrated via phone calls (62.5%), text messaging (36.9%), chat rooms (28.7%), through pictures or video clips sent via mobile phones (11.9%), emails (6.8%) or websites (5.9%). Cyber-harassment behaviours mentioned were the use of abusive words (25.4%), saying mean things or making fun of the victim (13.9%), solicitations for relationships (7.9%) or sex (6.8%) and spreading rumours about the victim (6.8%). In-depth interviewees recounted experiences of cyber-harassment suffered by their friends. Many were relationship-related, sexual solicitations and threats and corroborated quantitative findings. Respondents are aware of cyber-harassment occurring among students in the study area. Comprehensive interventions to address the problem need to be instituted. Copyright © 2014 The Foundation for Professionals in Services for Adolescents. Published by Elsevier Ltd. All rights reserved.

  18. Design concept of CSRAS (Cyber Security Risk Analysis and Assessment System) for digital I and C systems

    International Nuclear Information System (INIS)

    Song, J. G.; Lee, J. W.; Lee, D. Y.; Lee, C. K.

    2012-01-01

    The instrumentation and control (I and C) systems in nuclear power plants (NPPs) have been digitalized recently. Hence, cyber security becomes an important feature to be incorporated into the I and C systems. The Regulatory Guide 5.71 published by U.C NRC in 2010 presents a comprehensive set of security controls for the cyber security of I and C systems in NPPs. However, the application of security controls specified in the RG 5.71 in a specific I and C system still requires many analysis efforts based on the understanding of the security controls, since the guideline does not provide the details to system designers or developers regarding what, where, and how to apply the security controls. To apply security controls to I and C systems, cyber security requirements should be identified based on the cyber security policy and program, then the design and implementation of security controls should be performed along with the I and C system development life cycle. It can be assumed that cyber security requirements are identified during the system design(SD) phase and the design and implementation of security controls is performed during the component design(CD) phase. When identifying security requirements and performing the design and implementation of security controls, cyber security risk assessments should be processed with the understanding of the characteristics of target systems. In this study, the Cyber Security Risk Analysis and Assessment System (CSRAS) has been developed as a tool for analyzing security requirements and technical security controls considering based on a general cyber security risk assessment procedure with the consideration of the characteristics of I and C systems and the development phases

  19. Design concept of CSRAS (Cyber Security Risk Analysis and Assessment System) for digital I and C systems

    Energy Technology Data Exchange (ETDEWEB)

    Song, J. G.; Lee, J. W.; Lee, D. Y.; Lee, C. K. [KAERI, Daejeon (Korea, Republic of)

    2012-10-15

    The instrumentation and control (I and C) systems in nuclear power plants (NPPs) have been digitalized recently. Hence, cyber security becomes an important feature to be incorporated into the I and C systems. The Regulatory Guide 5.71 published by U.C NRC in 2010 presents a comprehensive set of security controls for the cyber security of I and C systems in NPPs. However, the application of security controls specified in the RG 5.71 in a specific I and C system still requires many analysis efforts based on the understanding of the security controls, since the guideline does not provide the details to system designers or developers regarding what, where, and how to apply the security controls. To apply security controls to I and C systems, cyber security requirements should be identified based on the cyber security policy and program, then the design and implementation of security controls should be performed along with the I and C system development life cycle. It can be assumed that cyber security requirements are identified during the system design(SD) phase and the design and implementation of security controls is performed during the component design(CD) phase. When identifying security requirements and performing the design and implementation of security controls, cyber security risk assessments should be processed with the understanding of the characteristics of target systems. In this study, the Cyber Security Risk Analysis and Assessment System (CSRAS) has been developed as a tool for analyzing security requirements and technical security controls considering based on a general cyber security risk assessment procedure with the consideration of the characteristics of I and C systems and the development phases.

  20. Cyber Space and Digital Democracy in South Korea

    Science.gov (United States)

    Lee, Jin Ro

    2017-03-01

    Korea is a very interesting case. Korea shows rapid growth of the Internet users, and largertrade surplus in telecommunication industry with the help of government’s successful information technology policy. And Koreans also made their country more democratic with active participation. This paper analyzed the growth of the Internet and SNS in South Korea. The Internet and SNS created cyber space. They have several advantages as an effective means of communication. Cyber space is influenced by three subjects such as the government [state], the market [capital], and citizens [people]. There are two research questions. First question is how the Korean CMC industry can grow fast after its birth. Three main subjects were dealt with in this research. They are the State, the Market, and the Citizen. I divided the history of Korean CMC industry into three periods. The first formation stage is from the birth of CMC in Korea between from 1980 and1990. The government initiated the monopolistic CMC market. Several conglomerates participated to co-operate the government. But the users are very small. The second growthstage is between from 1990 to 1995. The government also deregulated the Market with changing policy from ‘appointment’ to ‘registration’. The companies increased investment for the possibility of wide diffusion of CMC use. The third prosperity stage is between 1995 and 2010. The government promoted the CMC market’s competition with ‘notice’ policy. And citizens actively enjoy and apply CMC services. However, the fourth shift stage to smart phone faced several problems such as less democracy and one way communication which will weaken the creativity of the content. Second question is what the roles of three subjects are. I examined the cyber space by the uses of digital media with three subjects. Even though the state and the market have limits to promote democracy, the citizens are expected to make the digital society moredemocratic. If the state

  1. Intelligent methods for cyber warfare

    CERN Document Server

    Reformat, Marek; Alajlan, Naif

    2015-01-01

    Cyberwarfare has become an important concern for governmental agencies as well businesses of various types.  This timely volume, with contributions from some of the internationally recognized, leaders in the field, gives readers a glimpse of the new and emerging ways that Computational Intelligence and Machine Learning methods can be applied to address problems related to cyberwarfare. The book includes a number of chapters that can be conceptually divided into three topics: chapters describing different data analysis methodologies with their applications to cyberwarfare, chapters presenting a number of intrusion detection approaches, and chapters dedicated to analysis of possible cyber attacks and their impact. The book provides the readers with a variety of methods and techniques, based on computational intelligence, which can be applied to the broad domain of cyberwarfare.

  2. Cyber security awareness toolkit for national security: an approach to South Africa's cyber security policy implementation

    CSIR Research Space (South Africa)

    Phahlamohlaka, LJ

    2011-05-01

    Full Text Available The aim of this paper is to propose an approach that South Africa could follow in implementing its proposed cyber security policy. The paper proposes a Cyber Security Awareness Toolkit that is underpinned by key National Security imperatives...

  3. A Social Cyber Contract Theory Model for Understanding National Cyber Strategies

    NARCIS (Netherlands)

    Bierens, R.H.; Klievink, A.J.; van den Berg, J.

    2017-01-01

    Today’s increasing connectivity creates cyber risks at personal, organizational up to societal level. Societal cyber risks require mitigation by all kinds of actors where government should take the lead due to its responsibility to protect its citizens. Since no formal global governance exists, the

  4. Changing the face of cyber warfare with international cyber defense collaboration

    CSIR Research Space (South Africa)

    Grobler, M

    2011-03-01

    Full Text Available . The result is that many countries are not properly prepared, nor adequately protected by legislation, in the event of a cyber attack on a national level. This article will address the international cyber defense collaboration problem by looking at the impact...

  5. Cyber Victimization and Perceived Stress: Linkages to Late Adolescents' Cyber Aggression and Psychological Functioning

    Science.gov (United States)

    Wright, Michelle F.

    2015-01-01

    The present study examined multiple sources of strain, particular cyber victimization, and perceived stress from parents, peers, and academics, in relation to late adolescents' (ages 16-18; N = 423) cyber aggression, anxiety, and depression, each assessed 1 year later (Time 2). Three-way interactions revealed that the relationship between Time 1…

  6. Cyber attack analysis on cyber-physical systems: Detectability, severity, and attenuation strategy

    Science.gov (United States)

    Kwon, Cheolhyeon

    Security of Cyber-Physical Systems (CPS) against malicious cyber attacks is an important yet challenging problem. Since most cyber attacks happen in erratic ways, it is usually intractable to describe and diagnose them systematically. Motivated by such difficulties, this thesis presents a set of theories and algorithms for a cyber-secure architecture of the CPS within the control theoretic perspective. Here, instead of identifying a specific cyber attack model, we are focused on analyzing the system's response during cyber attacks. Firstly, we investigate the detectability of the cyber attacks from the system's behavior under cyber attacks. Specifically, we conduct a study on the vulnerabilities in the CPS's monitoring system against the stealthy cyber attack that is carefully designed to avoid being detected by its detection scheme. After classifying three kinds of cyber attacks according to the attacker's ability to compromise the system, we derive the necessary and sufficient conditions under which such stealthy cyber attacks can be designed to cause the unbounded estimation error while not being detected. Then, the analytical design method of the optimal stealthy cyber attack that maximizes the estimation error is developed. The proposed stealthy cyber attack analysis is demonstrated with illustrative examples on Air Traffic Control (ATC) system and Unmanned Aerial Vehicle (UAV) navigation system applications. Secondly, in an attempt to study the CPSs' vulnerabilities in more detail, we further discuss a methodology to identify potential cyber threats inherent in the given CPSs and quantify the attack severity accordingly. We then develop an analytical algorithm to test the behavior of the CPS under various cyber attack combinations. Compared to a numerical approach, the analytical algorithm enables the prediction of the most effective cyber attack combinations without computing the severity of all possible attack combinations, thereby greatly reducing the

  7. IAEA puts cyber security in focus for nuclear facilities in 2015

    Energy Technology Data Exchange (ETDEWEB)

    Shepherd, John [nuclear 24, Brighton (United Kingdom)

    2015-01-15

    Later in 2015 the International Atomic Energy Agency (IAEA) will convene a special conference to discuss computer security, in the wake of cyber attacks on global financial institutions and government agencies that were increasingly in the news. According to the IAEA, the prevalence of IT security incidents in recent years involving the Stuxnet malware 'demonstrated that nuclear facilities can be susceptible to cyber attack'. The IAEA said this and other events have significantly raised global concerns over potential vulnerabilities and the possibility of a cyber attack, or a joint cyber-physical attack, that could impact on nuclear security. The IAEA has correctly identified that the use of computers and other digital electronic equipment in physical protection systems at nuclear facilities, as well as in facility safety systems, instrumentation, information processing and communication, 'continues to grow and presents an ever more likely target for cyber attack'. The agency's Vienna conference, to be held in June, will review emerging trends in computer security and areas that may still need to be addressed. The meeting follows a declaration of ministers of IAEA member states in 2013 that called on the agency to help raise awareness of the growing threat of cyber attacks and their potential impact on nuclear security. The conference is being organised 'to foster international cooperation in computer security as an essential element of nuclear security', the IAEA said. Details of the IAEA's 'International Conference on Computer Security in a Nuclear World: Expert Discussion and Exchange' are on the 'meetings' section of the agency's web site.

  8. Deploying ICT with Entrepreneurship Culture can Fight Cyber-Crime ...

    African Journals Online (AJOL)

    Deploying ICT with Entrepreneurship Culture can Fight Cyber-Crime Menace ... Again he innovates, introducing new products & technologies by the ... Keywords: Cyber-crimes, entrepreneurs, compupreneur, firewalls, computer forensics, ICT, ...

  9. 77 FR 51033 - Notice of Change in Notification of Refugee Social Services and Targeted Assistance Formula Grant...

    Science.gov (United States)

    2012-08-23

    ... and 93.584] Notice of Change in Notification of Refugee Social Services and Targeted Assistance Formula Grant Allocations AGENCY: Office of Refugee Resettlement, ACF, HHS. ACTION: Notification of change. SUMMARY: The Office of Refugee Resettlement, Administration for Children and Families (ACF), is changing...

  10. Peripheral dose measurement for CyberKnife radiosurgery with upgraded linac shielding

    International Nuclear Information System (INIS)

    Chuang, Cynthia F.; Larson, David A.; Zytkovicz, Andrea; Smith, Vernon; Petti, Paula L.

    2008-01-01

    The authors investigated the peripheral dose reduction for CyberKnife radiosurgery treatments after the installation of a linac shielding upgrade. As in a previous investigation, the authors considered two treatment plans, one for a hypothetical target in the brain and another for a target in the thorax, delivered to an anthropomorphic phantom. The results of the prior investigation showed that the CyberKnife delivered significantly higher peripheral doses than comparable model C Gamma Knife or IMRT treatments. Current measurements, after the linac shielding upgrade, demonstrate that the additional shielding decreased the peripheral dose, expressed as a percentage of the delivered monitor units (MU), by a maximum of 59%. The dose reduction was greatest for cranial-caudal distances from the field edge less than 30 cm, and at these distances, the CyberKnife peripheral dose, expressed as a percentage of the delivered MU, is now comparable to that measured for the other treatment modalities in our previous investigation. For distances between 30 and 70 cm from the field edge, the additional shielding reduced the peripheral dose by between 20% and 55%. At these distances, the CyberKnife peripheral dose remains higher than doses measured in our previous study for the model C Gamma Knife and IMRT

  11. The Soft Side of Cyber Security - Social Media

    DEFF Research Database (Denmark)

    Nissen, Thomas Elkjer

    2016-01-01

    The importance of cyber-security is growing. With the continued digitization of our everyday life we become increasingly vulnerable to cyber-attacks – also personally. Therefore, it is an issue to be taken extremely seriously.......The importance of cyber-security is growing. With the continued digitization of our everyday life we become increasingly vulnerable to cyber-attacks – also personally. Therefore, it is an issue to be taken extremely seriously....

  12. Towards cyber safety education in primary schools in Africa

    CSIR Research Space (South Africa)

    Von Solms, S

    2014-07-01

    Full Text Available , but also increases users' vulnerability to malware infection, cyber-bullying, identity theft and cyber terrorism (Dlamini, Taute, & Radebe, 2011). Africa mainly consists of developing countries which are characterised by limited knowledge, expertise....e. hacking, malware and spyware.  Content-related risks, i.e. exposure to illicit or inappropriate content.  Harassment-related threats, i.e. cyber-bullying, cyber-stalking and other forms of unwanted contact.  Risk of exposing information, i...

  13. KYPO – A Platform for Cyber Defence Exercises

    OpenAIRE

    Čeleda Pavel; Čegan Jakub; Vykopal Jan; Tovarňák Daniel

    2015-01-01

    Correct and timely responses to cyber attacks are crucial for the effective implementation of cyber defence strategies and policies. The number of threats and ingenuity of attackers is ever growing, as is the need for more advanced detection tools, techniques and skilled cyber security professionals. KYPO – Cyber Exercise & Research Platform is focused on modelling and simulating complex computer systems and networks in a virtualized and separated environment. The platform enables realist...

  14. Towards Integrating Soil Quality Monitoring Targets as Measures of Soil Natural Capital Stocks with the Provision of Ecosystem Services

    Science.gov (United States)

    Taylor, M. D.; Mackay, A. D.; Dominati, E.; Hill, R. B.

    2012-04-01

    This paper presents the process used to review soil quality monitoring in New Zealand to better align indicators and indicator target ranges with critical values of change in soil function. Since its inception in New Zealand 15 year ago, soil quality monitoring has become an important state of the environment reporting tool for Regional Councils. This tool assists councils to track the condition of soils resources, assess the impact of different land management practices, and provide timely warning of emerging issues to allow early intervention and avoid irreversible loss of natural capital stocks. Critical to the effectiveness of soil quality monitoring is setting relevant, validated thresholds or target ranges. Provisional Target Ranges were set in 2003 using expert knowledge available and data on production responses. Little information was available at that time for setting targets for soil natural capital stocks other than those for food production. The intention was to revise these provisional ranges as further information became available and extend target ranges to cover the regulating and cultural services provided by soils. A recently developed ecosystems service framework was used to explore the feasibility of linking soil natural capital stocks measured by the current suite of soil quality indicators to the provision of ecosystem services by soils. Importantly the new approach builds on and utilises the time series data sets collected by current suite of soil quality indicators, adding value to the current effort, and has the potential to set targets ranges based on the economic and environmental outcomes required for a given farm, catchment or region. It is now timely to develop a further group of environmental indicators for measuring specific soil issues. As with the soil quality indicators, these environmental indicators would be aligned with the provision of ecosystem services. The toolbox envisaged is a set of indicators for specific soil issues

  15. APPROACH TO CYBER SECURITY ISSUES IN NIGERIA: CHALLENGES AND SOLUTION

    Directory of Open Access Journals (Sweden)

    Frank Ibikunle

    2013-06-01

    Full Text Available Cyber-space refers to the boundless space known as the internet. Cyber-security is the body of rules put in place for the protection of the cyber space. Cyber-crime refers to the series of organized crime attacking both cyber space and cyber security. The Internet is one of the fastest-growing areas of technical infrastructure development. Over the past decades, the growth of the internet and its use afforded everyone this opportunity. Google, Wikipedia and Bing to mention a few, give detailed answers to millions of questions every day. Cyberspace is a world that contains just about anything one is searching for. With the advent of these advancements in information accessibility and the advantages and applications of the internet comes an exponentially growing disadvantage- Cyber Crime. Cyber security has risen to become a national concern as threats concerning it now need to be taken more seriously. This paper attempts to provide an overview of Cybercrime and Cyber-security. It defines the concept of cybercrime, identify reasons for cyber-crime and its eradication. It look at those involved and the reasons for their involvement. Methods of stepping up cyber security and the recommendations that would help in checking the increasing rate of cyber-crimes were highlighted. The paper also attempts to name some challenges of cybercrime and present practical and logical solutions to these threats.

  16. Middle School Students' Perceptions of and Responses to Cyber Bullying

    Science.gov (United States)

    Holfeld, Brett; Grabe, Mark

    2012-01-01

    This study explored the nature and extent of middle school students' (n = 665) experiences with cyber bullying. Approximately one in five students reported being cyber bullied in the past year, with 55% of those students being repeatedly victimized within the past 30 days. Female students were more likely to be involved in cyber bullying (victim,…

  17. Psychological Impact of Cyber-Bullying: Implications for School Counsellors

    Science.gov (United States)

    Nordahl, Jennifer; Beran, Tanya; Dittrick, Crystal J.

    2013-01-01

    Cyber-bullying is a significant problem for children today. This study provides evidence of the psychological impact of cyber-bullying among victimized children ages 10 to 17 years (M = 12.48, SD = 1.79) from 23 urban schools in a western province of Canada (N = 239). Students who were cyber-bullied reported high levels of anxious,…

  18. Scheduling and development support in the Scavenger cyber foraging system

    DEFF Research Database (Denmark)

    Kristensen, Mads Darø; Bouvin, Niels Olof

    2010-01-01

    Cyber foraging is a pervasive computing technique where small mobile devices offload resource intensive tasks to stronger computing machinery in the vicinity. One of the main challenges within cyber foraging is that it is very difficult to develop cyber foraging enabled applications. An applicati...

  19. Work Package 2 Report - Cyber resilience for the shipping industry

    DEFF Research Database (Denmark)

    Sahay, Rishikesh; Sepúlveda Estay, Daniel Alberto

    2018-01-01

    This report describes the current state of the research performed as a part of the CyberShip project for its Work Package 2. This work package aims at defining a CyberShip model and KPIs for cyber resilience. This is a project funded by the Danish Maritime Fund (DMF) with the objective of proposing...

  20. Development of cyber training system for nuclear fields

    International Nuclear Information System (INIS)

    Kim, Young Taek; Park, Jong Kyun; Lee, Eui Jin; Lee, Han Young; Choi, Nan Young

    2002-02-01

    This report describes on technical contents related cyber training system construct on KAERI Nuclear Training Center, and on using cases of cyber education in domestic and foreign countries. Also realtime training system through the internet and cyber training management system for atomic fields is developed. All users including trainee, course managers and lecturers can use new technical for create new paradigm

  1. Cyber armies: the unseen military in the grid

    CSIR Research Space (South Africa)

    Aschmann, M

    2015-03-01

    Full Text Available power and/or civilian force within the cyber domain that has the ability to launch cyber-attacks and collect information in order to gain strategic military advantage on a national level. Selected cyber armies are compared to portray the impact...

  2. Challenges faced by engineering services group in meeting nuclear power project targets

    International Nuclear Information System (INIS)

    Phanse, N.R.

    2001-01-01

    Nuclear Power Corporation of India Ltd. (NPCIL) is an organisation building and operating nuclear power stations for which a number of different types of engineering services/activities are necessary. All these services are provided by Engineering Services Group of NPCIL. The activities and responsibilities of the group are discussed

  3. Facilitating the Easy Use of Earth Observation Data in Earth System Models through CyberConnector

    Science.gov (United States)

    Di, L.; Sun, Z.; Zhang, C.

    2017-12-01

    Earth system models (ESM) are an important tool used to understand the Earth system and predict its future states. On other hand, Earth observations (EO) provides the current state of the system. EO data are very useful in ESM initialization, verification, validation, and inter-comparison. However, EO data often cannot directly be consumed by ESMs because of the syntactic and semantic mismatches between EO products and ESM requirements. In order to remove the mismatches, scientists normally spend long time to customize EO data for ESM consumption. CyberConnector, a NSF EarthCube building block, is intended to automate the data customization so that scientists can be relieved from the laborious EO data customization. CyberConnector uses web-service-based geospatial processing models (GPM) as the mechanism to automatically customize the EO data into the right products in the right form needed by ESMs. It can support many different ESMs through its standard interfaces. It consists of seven modules: GPM designer, GPM binder, GPM runner, GPM monitor, resource register, order manager, and result display. In CyberConnector, EO data instances and GPMs are independent and loosely coupled. A modeler only needs to create a GPM in the GMP designer for EO data customization. Once the modeler specifies a study area, the designed GPM will be activated and take the temporal and spatial extents as constraints to search the data sources and customize the available EO data into the ESM-acceptable form. The execution of GMP is completely automatic. Currently CyberConnector has been fully developed. In order to validate the feasibility, flexibility, and ESM independence of CyberConnector, three ESMs from different geoscience disciplines, including the Cloud-Resolving Model (CRM), the Finite Volume Coastal Ocean Model (FVCOM), and the Community Multiscale Air Quality Model (CMAQ), have been experimented with CyberConnector through closely collaborating with modelers. In the experiment

  4. INFORMATION SYSTEM SECURITY (CYBER SECURITY

    Directory of Open Access Journals (Sweden)

    Muhammad Siddique Ansari

    2016-03-01

    system force and structure reliance – are discovered and tantamount with EU nations. Thusly I indicated reason viewpoints and figures of security of data structures it additionally relates to the reason of estimation of transient dangers of security of frameworks for that I begin my proposal with one of the fundamental class of data security which is Cyber security. Keyword : Cyber Security, IT

  5. Cyber bullying prevention: intervention in Taiwan.

    Directory of Open Access Journals (Sweden)

    Ming-Shinn Lee

    Full Text Available BACKGROUND: This study aimed to explore the effectiveness of the cyber bullying prevention WebQuest course implementation. METHODOLOGY/FINDINGS: The study adopted the quasi-experimental design with two classes made up of a total of 61 junior high school students of seventh grade. The study subjects comprised of 30 students from the experimental group and 31 students from the control group. The experimental group received eight sessions (total 360 minutes of the teaching intervention for four consecutive weeks, while the control group did not engage in any related courses. The self-compiled questionnaire for the student's knowledge, attitudes, and intentions toward cyber bullying prevention was adopted. Data were analysed through generalized estimating equations to understand the immediate results on the student's knowledge, attitudes, and intentions after the intervention. The results show that the WebQuest course immediately and effectively enhanced the knowledge of cyber bullying, reduced the intentions, and retained the effects after the learning. But it produced no significant impact on the attitude toward cyber bullying. CONCLUSIONS/SIGNIFICANCE: The intervention through this pilot study was effective and positive for cyber bulling prevention. It was with small number of students. Therefore, studies with large number of students and long experimental times, in different areas and countries are warranted.

  6. Cyber bullying prevention: intervention in Taiwan.

    Science.gov (United States)

    Lee, Ming-Shinn; Zi-Pei, Wu; Svanström, Leif; Dalal, Koustuv

    2013-01-01

    This study aimed to explore the effectiveness of the cyber bullying prevention WebQuest course implementation. The study adopted the quasi-experimental design with two classes made up of a total of 61 junior high school students of seventh grade. The study subjects comprised of 30 students from the experimental group and 31 students from the control group. The experimental group received eight sessions (total 360 minutes) of the teaching intervention for four consecutive weeks, while the control group did not engage in any related courses. The self-compiled questionnaire for the student's knowledge, attitudes, and intentions toward cyber bullying prevention was adopted. Data were analysed through generalized estimating equations to understand the immediate results on the student's knowledge, attitudes, and intentions after the intervention. The results show that the WebQuest course immediately and effectively enhanced the knowledge of cyber bullying, reduced the intentions, and retained the effects after the learning. But it produced no significant impact on the attitude toward cyber bullying. The intervention through this pilot study was effective and positive for cyber bulling prevention. It was with small number of students. Therefore, studies with large number of students and long experimental times, in different areas and countries are warranted.

  7. Cyber/Physical Security Vulnerability Assessment Integration

    International Nuclear Information System (INIS)

    MacDonald, Douglas G.; Key, Brad; Clements, Samuel L.; Hutton, William J.; Craig, Philip A.; Patrick, Scott W.; Crawford, Cary E.

    2011-01-01

    This internally funded Laboratory-Directed R and D project by the Pacific Northwest National Laboratory, in conjunction with QinetiQ North America, is intended to identify and properly assess areas of overlap (and interaction) in the vulnerability assessment process between cyber security and physical protection. Existing vulnerability analysis (VA) processes and software tools exist, and these are heavily utilized in the determination of predicted vulnerability within the physical and cyber security domains. These determinations are normally performed independently of one another, and only interact on a superficial level. Both physical and cyber security subject matter experts have come to realize that though the various interactive elements exist, they are not currently quantified in most periodic security assessments. This endeavor aims to evaluate both physical and cyber VA techniques and provide a strategic approach to integrate the interdependent relationships of each into a single VA capability. This effort will also transform the existing suite of software currently utilized in the physical protection world to more accurately quantify the risk associated with a blended attack scenario. Performance databases will be created to support the characterization of the cyber security elements, and roll them into prototype software tools. This new methodology and software capability will enable analysts to better identify and assess the overall risk during a vulnerability analysis.

  8. The impact of a conditional cash transfer program on the utilization of non-targeted services: Evidence from Afghanistan.

    Science.gov (United States)

    Witvorapong, Nopphol; Foshanji, Abo Ismael

    2016-03-01

    While existing research suggests that health-related conditional cash transfer (CCT) programs have positive impacts on the utilization of CCT-targeted health services, little is known as to whether they also influence the utilization of non-targeted health services-defined as general health services for which program participants are not financially motivated. Based on a sample of 6649 households in a CCT program that took place in May 2009-June 2011 in Afghanistan, we evaluate the impact of the receipt of CCTs on the utilization of non-targeted health services both by women, who were direct beneficiaries of the program, and by members of their households. We estimate the outcomes of interest through four probit models, accounting for potential endogeneity of the CCT receipt and dealing with lack of credible exclusion restrictions in different ways. In comparison with the control group, the receipt of CCTs is found to be associated with an increase in the probability of utilizing non-targeted services among household members across regression models. The results are mixed, with regard to the utilization by women, suggesting that there exist non-economic barriers to health care, unique to women, that are not captured by the data. The results confirm the importance of accounting for direct as well as indirect effects in policy evaluation and suggest that future studies investigate more deeply the role of community health workers in removing non-economic barriers for Afghan women and the possibility of introducing an incentive structure to motivate them to contribute more actively to population health in Afghanistan. Copyright © 2016 Elsevier Ltd. All rights reserved.

  9. Cyber-bullying prevention in primary school: School leaders’ understanding of cyber-bullying prevention

    OpenAIRE

    Vestvik, Svitlana

    2011-01-01

    This master‟s thesis is about cyber-bullying prevention in primary school. My reason for choosing this issue was a desire to get a greater insight into cyber-bullying as a phenomenon. In addition, I found it interesting to find how the principals can work systematically for prevention and reduction of cyber-bullying incidents in schools, with the purpose of offering pupils a good psycho-social environment as enshrined in the Education Act, Section 9a-3. My attention was focused on understa...

  10. What kind of cyber security? Theorising cyber security and mapping approaches

    Directory of Open Access Journals (Sweden)

    Laura Fichtner

    2018-05-01

    Full Text Available Building on conceptual work on security and cyber security, the paper explores how different approaches to cyber security are constructed. It outlines structural components and presents four common approaches. Each of them suggests a different role for the actors involved and is motivated and justified by different values such as privacy, economic order and national security. When a cyber security policy or initiative is chosen by policymakers, the analysis of the underlying approach enhances our understanding of how this shapes relationships between actors and of the values prioritised, promoted and inscribed into the concerned technologies.

  11. The cyber threat landscape: Challenges and future research directions

    Science.gov (United States)

    Gil, Santiago; Kott, Alexander; Barabási, Albert-László

    2014-07-01

    While much attention has been paid to the vulnerability of computer networks to node and link failure, there is limited systematic understanding of the factors that determine the likelihood that a node (computer) is compromised. We therefore collect threat log data in a university network to study the patterns of threat activity for individual hosts. We relate this information to the properties of each host as observed through network-wide scans, establishing associations between the network services a host is running and the kinds of threats to which it is susceptible. We propose a methodology to associate services to threats inspired by the tools used in genetics to identify statistical associations between mutations and diseases. The proposed approach allows us to determine probabilities of infection directly from observation, offering an automated high-throughput strategy to develop comprehensive metrics for cyber-security.

  12. Adoption of the Mobile Campus in a Cyber University

    Directory of Open Access Journals (Sweden)

    Insook Han

    2014-12-01

    Full Text Available The advantages of mobile technologies have not been lost on higher education institutions, and they have tried to provide educational services through the use of mobile learning management system (LMS. However, offering such services does not necessarily mean that the students will adopt the new technology. Thus, the purpose of this study was to examine what factors facilitate and hinder the students’ adoption of the mobile campus. The study was based on the diffusion of innovation model and compared the perceptions of mobile LMS users and nonusers. Eighty-five students in a cyber university responded to the survey, and the results revealed that even though nonusers perceived the advantages of using mobile LMS, they did not adopt the system because of its complexity and resistance. A discussion and the implications for further development of mobile LMS followed.

  13. A genetic epidemiology approach to cyber-security.

    Science.gov (United States)

    Gil, Santiago; Kott, Alexander; Barabási, Albert-László

    2014-07-16

    While much attention has been paid to the vulnerability of computer networks to node and link failure, there is limited systematic understanding of the factors that determine the likelihood that a node (computer) is compromised. We therefore collect threat log data in a university network to study the patterns of threat activity for individual hosts. We relate this information to the properties of each host as observed through network-wide scans, establishing associations between the network services a host is running and the kinds of threats to which it is susceptible. We propose a methodology to associate services to threats inspired by the tools used in genetics to identify statistical associations between mutations and diseases. The proposed approach allows us to determine probabilities of infection directly from observation, offering an automated high-throughput strategy to develop comprehensive metrics for cyber-security.

  14. Cyber Surveillance for Flood Disasters

    Directory of Open Access Journals (Sweden)

    Shi-Wei Lo

    2015-01-01

    Full Text Available Regional heavy rainfall is usually caused by the influence of extreme weather conditions. Instant heavy rainfall often results in the flooding of rivers and the neighboring low-lying areas, which is responsible for a large number of casualties and considerable property loss. The existing precipitation forecast systems mostly focus on the analysis and forecast of large-scale areas but do not provide precise instant automatic monitoring and alert feedback for individual river areas and sections. Therefore, in this paper, we propose an easy method to automatically monitor the flood object of a specific area, based on the currently widely used remote cyber surveillance systems and image processing methods, in order to obtain instant flooding and waterlogging event feedback. The intrusion detection mode of these surveillance systems is used in this study, wherein a flood is considered a possible invasion object. Through the detection and verification of flood objects, automatic flood risk-level monitoring of specific individual river segments, as well as the automatic urban inundation detection, has become possible. The proposed method can better meet the practical needs of disaster prevention than the method of large-area forecasting. It also has several other advantages, such as flexibility in location selection, no requirement of a standard water-level ruler, and a relatively large field of view, when compared with the traditional water-level measurements using video screens. The results can offer prompt reference for appropriate disaster warning actions in small areas, making them more accurate and effective.

  15. Impacts of privatising Britain's rail passenger services -- franchising, refranchising, and Ten Year Transport Plan targets

    OpenAIRE

    Richard D Knowles

    2004-01-01

    Britain's passenger rail services were privatised in 1996/97 to reduce public subsidies and produce customer benefits through the private sector competing for medium or long-term franchises. Private sector franchisees were committed to investment in rolling stock, services, and infrastructure and were expected to deliver more market-oriented and cost-effective services whilst subsidies decreased on an annual sliding scale. The author analyses why some franchisees have been unable to achieve t...

  16. Business Modelling for ICT based services targeted to Intellectually Disabled People

    OpenAIRE

    Peethambaran, Anoja

    2011-01-01

    Services are becoming a key focus in the current era. Organizations globally are facing rapid changes in providing services. Despite this alarming growth, the advancement in Information and Communications Technology (ICT) has created so many opportunities but considerable challenges for the service industry. Information and Communication Technologies (ICT) have become part of everyday life in recent years. ICT can provide dignity and well-being to people through self-facilitation. ICT lik...

  17. Cyber security deterrence and it protection for critical infrastructures

    CERN Document Server

    Martellini, Maurizio

    2013-01-01

    The experts of the International Working Group-Landau Network Centro Volta (IWG-LNCV) discuss aspects of cyber security and present possible methods of deterrence, defense and resilience against cyber attacks. This SpringerBrief covers state-of-the-art documentation on the deterrence power of cyber attacks and argues that nations are entering a new cyber arms race. The brief also provides a technical analysis of possible cyber attacks towards critical infrastructures in the chemical industry and chemical safety industry. The authors also propose modern analyses and a holistic approach to resil

  18. Cyber Threats for Organizations of Financial Market Infrastructures

    Directory of Open Access Journals (Sweden)

    Natalia Georgievna Miloslavskaya

    2016-03-01

    Full Text Available Abstract: In the global informatization era the reliable and efficient financial market infrastructure of the Russian Federation (RF FMI plays an important role in the financial system and economy of the country. New cyber risks have acquired the status of the FR FMI systemic risk’s components, the importance of which is constantly growing due to the increase in the possible consequences of their implementation. The article introduces the basic concepts of cyber security, cyber space and cyber threats for the RF FMI and analyzes the specific features of cyber attacks against the RF FMI organizations.

  19. Review on Cyber Security Programs for NPP Application

    Energy Technology Data Exchange (ETDEWEB)

    Oh, Eung Se [KEPRI, Daejeon (Korea, Republic of)

    2010-10-15

    Increased history records of cyber security (CS) attacks and concerns for computers and networks technical mishaps pull out cyber security to open places. In spite of secrete nature of security, transparent and shared knowledge of many security features are more required at modern plant floors. Korea Institute of Nuclear Safety (KINS), US Government and Nuclear Regulatory Commission (NRC) requested to develop cyber security plans and enforce their implementing to the NPPs. [KINS; CFR; RG 5.71] This paper reviews various cyber security guidelines and suggests an applicable cyber security program development models during the life cycle of NPP's Instrumentation and Control (I and C) systems

  20. Review on Cyber Security Programs for NPP Application

    International Nuclear Information System (INIS)

    Oh, Eung Se

    2010-01-01

    Increased history records of cyber security (CS) attacks and concerns for computers and networks technical mishaps pull out cyber security to open places. In spite of secrete nature of security, transparent and shared knowledge of many security features are more required at modern plant floors. Korea Institute of Nuclear Safety (KINS), US Government and Nuclear Regulatory Commission (NRC) requested to develop cyber security plans and enforce their implementing to the NPPs. [KINS] [CFR] [RG 5.71] This paper reviews various cyber security guidelines and suggests an applicable cyber security program development models during the life cycle of NPP's Instrumentation and Control (I and C) systems

  1. Cyber physical systems role in manufacturing technologies

    Science.gov (United States)

    Al-Ali, A. R.; Gupta, Ragini; Nabulsi, Ahmad Al

    2018-04-01

    Empowered by the recent development in single System-on-Chip, Internet of Things, and cloud computing technologies, cyber physical systems are evolving as a major controller during and post the manufacturing products process. In additional to their real physical space, cyber products nowadays have a virtual space. A product virtual space is a digital twin that is attached to it to enable manufacturers and their clients to better manufacture, monitor, maintain and operate it throughout its life time cycles, i.e. from the product manufacturing date, through operation and to the end of its lifespan. Each product is equipped with a tiny microcontroller that has a unique identification number, access code and WiFi conductivity to access it anytime and anywhere during its life cycle. This paper presents the cyber physical systems architecture and its role in manufacturing. Also, it highlights the role of Internet of Things and cloud computing in industrial manufacturing and factory automation.

  2. An analytic approach to cyber adversarial dynamics

    Science.gov (United States)

    Sweeney, Patrick; Cybenko, George

    2012-06-01

    To date, cyber security investment by both the government and commercial sectors has been largely driven by the myopic best response of players to the actions of their adversaries and their perception of the adversarial environment. However, current work in applying traditional game theory to cyber operations typically assumes that games exist with prescribed moves, strategies, and payos. This paper presents an analytic approach to characterizing the more realistic cyber adversarial metagame that we believe is being played. Examples show that understanding the dynamic metagame provides opportunities to exploit an adversary's anticipated attack strategy. A dynamic version of a graph-based attack-defend game is introduced, and a simulation shows how an optimal strategy can be selected for success in the dynamic environment.

  3. Designing a Data Warehouse for Cyber Crimes

    Directory of Open Access Journals (Sweden)

    Il-Yeol Song

    2006-09-01

    Full Text Available One of the greatest challenges facing modern society is the rising tide of cyber crimes. These crimes, since they rarely fit the model of conventional crimes, are difficult to investigate, hard to analyze, and difficult to prosecute. Collecting data in a unified framework is a mandatory step that will assist the investigator in sorting through the mountains of data. In this paper, we explore designing a dimensional model for a data warehouse that can be used in analyzing cyber crime data. We also present some interesting queries and the types of cyber crime analyses that can be performed based on the data warehouse. We discuss several ways of utilizing the data warehouse using OLAP and data mining technologies. We finally discuss legal issues and data population issues for the data warehouse.

  4. Control Systems Cyber Security Standards Support Activities

    Energy Technology Data Exchange (ETDEWEB)

    Robert Evans

    2009-01-01

    The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

  5. Law Enforcement of Cyber Terorism in Indonesia

    Directory of Open Access Journals (Sweden)

    Sri Ayu Astuti

    2015-12-01

    Full Text Available Cyber terrorism is one of the category of crimes that cross border organized and has been established as an extraordinary crime. This crime is becoming a serious threat to countries in the world. In this regard, the Government's attitude of firmness needed to enforce cyber laws against the freedom development in social media. The development of the immeasurable it in the country of Indonesia required the limitations by doing legal liability over the behavior of law which deviates towards the use of technology tools. Strict law enforcement efforts as a clear attitude to stop actively moving massive terrorism, by enacting the provisions of the law on information and electronic transactions as well as the law of terrorism effectively. How To Cite: Astuti, S. (2015. Law Enforcement of Cyber Terorism in Indonesia. Rechtsidee, 2(2, 157-178. doi:http://dx.doi.org/10.21070/jihr.v2i2.82

  6. Prevalence and Correlates of the Perpetration of Cyber Dating Abuse among Early Adolescents.

    Science.gov (United States)

    Peskin, Melissa F; Markham, Christine M; Shegog, Ross; Temple, Jeff R; Baumler, Elizabeth R; Addy, Robert C; Hernandez, Belinda; Cuccaro, Paula; Gabay, Efrat K; Thiel, Melanie; Emery, Susan Tortolero

    2017-02-01

    Much is known about the prevalence and correlates of dating violence, especially the perpetration of physical dating violence, among older adolescents. However, relatively little is known about the prevalence and correlates of the perpetration of cyber dating abuse, particularly among early adolescents. In this study, using a predominantly ethnic-minority sample of sixth graders who reported ever having had a boyfriend/girlfriend (n = 424, 44.2 % female), almost 15 % reported perpetrating cyber dating abuse at least once during their lifetime. Furthermore, using a cross-sectional design, across multiple levels of the socio-ecological model, the individual-level factors of (a) norms for violence for boys against girls, (b) having a current boyfriend/girlfriend, and (c) participation in bullying perpetration were correlates of the perpetration of cyber dating abuse. Collectively, the findings suggest that dating violence interventions targeting these particular correlates in early adolescents are warranted. Future studies are needed to establish causation and to further investigate the relative importance of correlates of the perpetration of cyber dating abuse among early adolescents that have been reported among older adolescents.

  7. Measuring Library Vendor Cyber Security: Seven Easy Questions Every Librarian Can Ask

    Directory of Open Access Journals (Sweden)

    Alex Caro

    2016-04-01

    Full Text Available This article is based on an independent cyber security risk management audit for a public library system completed by the authors in early 2015 and based on a research paper by the same group at Clark University in 2014. We stress that while cyber security must include raising public knowledge in regard to cyber security issues and resources, and libraries are indeed the perfect place to disseminate this knowledge, librarians are also in a unique position as the gatekeepers of information services provided to the public and should conduct internal audits to ensure our content partners and IT vendors take cyber security as seriously as the library and its staff. One way to do this is through periodic reviews of existing vendor relationships. To this end, the authors created a simple grading rubric you can adopt or modify to help take this first step towards securing your library data. It is intended to be used by both technical and non-technical staff as a simple measurement of what vendor agreements currently exist and how they rank, while at the same time providing a roadmap for which security features or policy statements the library can or should require moving forward.

  8. Business continuity strategies for cyber defence: battling time and information overload.

    Science.gov (United States)

    Streufert, John

    2010-11-01

    Can the same numbers and letters which are the life blood of modern business and government computer systems be harnessed to protect computers from attack against known information security risks? For the past seven years, Foreign Service officers and technicians of the US Government have sought to maintain diplomatic operations in the face of rising cyber attacks and test the hypothesis that an ounce of prevention is worth a pound of cure. As eight out of ten attacks leverage known computer security vulnerabilities or configuration setting weaknesses, a pound of cure would seem to be easy to come by. Yet modern security tools present an unusually consequential threat to business continuity - too much rather than too little information on cyber problems is presented, harking back to a phenomenon cited by social scientists in the 1960s called 'information overload'. Experience indicates that the longer the most serious cyber problems go untreated, the wider the attack surface adversaries can find. One technique used at the Department of State, called 'risk scoring', resulted in an 89 per cent overall reduction in measured risk over 12 months for the Department of State's servers and personal computers. Later refinements of risk scoring enabled technicians to correct unique security threats with unprecedented speed. This paper explores how the use of metrics, special care in presenting information to technicians and executives alike, as well as tactical use of organisational incentives can result in stronger cyber defences protecting modern organisations.

  9. A conceptual framework for cyber security awareness and education in SA

    Directory of Open Access Journals (Sweden)

    Noluxolo Kortjan

    2014-06-01

    Full Text Available The Internet is becoming increasingly interwoven in the daily lives of many individuals, organisations and nations. It has, to a large extent, had a positive effect on the way people communicate. It has also introduced new avenues for business; and it has offered nations an opportunity to govern online. Nevertheless, although cyberspace offers an endless list of services and opportunities, it is also accompanied by many risks, of which many Internet users are not aware. As such, various countries have developed and implemented cyber-security awareness and education measures to counter the perceived ignorance of the Internet users. However, there is currently a definite lack in South Africa (SA in this regard; as there are currently, little government-led and sponsored cyber-security awareness and education initiatives. The primary research objective of this paper, therefore, is to propose a cyber-security awareness and education framework for SA that would assist in creating a cyber-secure culture in SA among all of the users of the Internet. This framework will be developed on the basis of key factors extrapolated from a comparative analysis of relevant developed countries.

  10. Cyber Attacks and Terrorism: A Twenty-First Century Conundrum.

    Science.gov (United States)

    Albahar, Marwan

    2017-01-05

    In the recent years, an alarming rise in the incidence of cyber attacks has made cyber security a major concern for nations across the globe. Given the current volatile socio-political environment and the massive increase in the incidence of terrorism, it is imperative that government agencies rapidly realize the possibility of cyber space exploitation by terrorist organizations and state players to disrupt the normal way of life. The threat level of cyber terrorism has never been as high as it is today, and this has created a lot of insecurity and fear. This study has focused on different aspects of cyber attacks and explored the reasons behind their increasing popularity among the terrorist organizations and state players. This study proposes an empirical model that can be used to estimate the risk levels associated with different types of cyber attacks and thereby provide a road map to conceptualize and formulate highly effective counter measures and cyber security policies.

  11. Holistic Physical Risk and Crises Prioritization Approaches to Solve Cyber Defense Conundrums

    Directory of Open Access Journals (Sweden)

    Franco Oboni

    2015-08-01

    Full Text Available During the last decade the techniques and tools of cyber attacks have become more sophisticated, the distinctions between actors and threats have become blurred and attack prospects more worrying. The informational threat can hit any type of civilian or military controls, fixed or mobile infrastructures, putting them down or greatly reducing their service capabilities with direct and indirect physical / economic impacts from tactical or local scale to strategic / national and international level. It has been shown that broad spectrum protection investments and particularly poorly prioritized ones are not efficient as oftentimes they are limited in scope by other operational requirements. So it is simply not possible to protect each property from each threat. The cyberdefense must be rooted on intelligence based on prioritized Risk Management and not on standardized audits and practice of indolent regulations, written a priori, or the biased advice of fear monger solutions sellers. RM offers ultimately support for operational decisions and protection (mitigation, provided that we want to define the level of acceptable risk reduction /mitigation and that we formulate measurable performance targets to achieve .

  12. MEANS AND METHODS OF CYBER WARFARE

    Directory of Open Access Journals (Sweden)

    Dan-Iulian VOITAȘEC

    2016-06-01

    Full Text Available According to the Declaration of Saint Petersburg of 1868 “the only legitimate object which States should endeavor to accomplish during war is to weaken the military forces of the enemy”. Thus, International Humanitarian Law prohibits or limits the use of certain means and methods of warfare. The rapid development of technology has led to the emergence of a new dimension of warfare. The cyber aspect of armed conflict has led to the development of new means and methods of warfare. The purpose of this paper is to study how the norms of international humanitarian law apply to the means and methods of cyber warfare.

  13. Computational Intelligence, Cyber Security and Computational Models

    CERN Document Server

    Anitha, R; Lekshmi, R; Kumar, M; Bonato, Anthony; Graña, Manuel

    2014-01-01

    This book contains cutting-edge research material presented by researchers, engineers, developers, and practitioners from academia and industry at the International Conference on Computational Intelligence, Cyber Security and Computational Models (ICC3) organized by PSG College of Technology, Coimbatore, India during December 19–21, 2013. The materials in the book include theory and applications for design, analysis, and modeling of computational intelligence and security. The book will be useful material for students, researchers, professionals, and academicians. It will help in understanding current research trends and findings and future scope of research in computational intelligence, cyber security, and computational models.

  14. Securitization of cyber space in lithuania

    OpenAIRE

    Juknevičiūtė, Ieva

    2016-01-01

    The key question of this thesis was to find out how did the cyber space securitization process in Lithuania was carried out. The aim of this thesis was to find out whether the cyber space in the Lithuanian public and official discourses was securitized during the period of 2013 - 2015. In order to achieve the goals of this thesis, the following tasks were raised 1) using the theory of securitization determine the process of threat construction and the way securitization occurs; 2) determine w...

  15. SEKSUALITAS CYBER: SEX SEBAGAI KESENANGAN DAN KOMODITAS

    Directory of Open Access Journals (Sweden)

    Puji Rianto

    2016-02-01

    Tulisan ini ingin mengeksplorasi lebih jauh bagaimana seksualitas hadir dalam dunia cyber. Meskipun konstruksi seksualitas manusia seumuran manusia itu sendiri, tapi konstruksi atau representasinya akan sangat ditentukan oleh konteks sosialnya. Karakter-karakter yang berbeda dari dunia cyber dimana otoritas politik dan gatekeeper tidak berperan secara signifikan akan mempengaruhi konstruksi atas seksualitas. Studi ini menemukan bahwa seks lebih dipahami sebagai sebuah kesenangan dan komoditas. Berbagai reportasi pelaku seksual menggambarkan bagaimana kesenangan akan hubungan seksual dipuja sedemikian rupa. Seiring pemujaan seksualitas sebagai kesenangan itu, adalah seks sebagai komoditas, yang diwujudkan dalam bentuk berbagai penawaran atau iklan untuk menjual layanan seks yang mereka sediakan.

  16. Does Head Start differentially benefit children with risks targeted by the program’s service model?☆

    Science.gov (United States)

    Miller, Elizabeth B.; Farkas, George; Duncan, Greg J.

    2015-01-01

    Data from the Head Start Impact Study (N = 3540) were used to test for differential benefits of Head Start after one program year and after kindergarten on pre-academic and behavior outcomes for children at risk in the domains targeted by the program’s comprehensive services. Although random assignment to Head Start produced positive treatment main effects on children’s pre-academic skills and behavior problems, residualized growth models showed that random assignment to Head Start did not differentially benefit the pre-academic skills of children with risk factors targeted by the Head Start service model. The models showed detrimental impacts of Head Start for maternal-reported behavior problems of high-risk children, but slightly more positive impacts for teacher-reported behavior. Policy implications for Head Start are discussed. PMID:26379369

  17. Cyber resilience: a review of critical national infrastructure and cyber security protection measures applied in the UK and USA.

    Science.gov (United States)

    Harrop, Wayne; Matteson, Ashley

    This paper presents cyber resilience as key strand of national security. It establishes the importance of critical national infrastructure protection and the growing vicarious nature of remote, well-planned, and well executed cyber attacks on critical infrastructures. Examples of well-known historical cyber attacks are presented, and the emergence of 'internet of things' as a cyber vulnerability issue yet to be tackled is explored. The paper identifies key steps being undertaken by those responsible for detecting, deterring, and disrupting cyber attacks on critical national infrastructure in the United Kingdom and the USA.

  18. Psychological Needs as a Predictor of Cyber Bullying: A Preliminary Report on College Students

    Science.gov (United States)

    Dilmac, Bulent

    2009-01-01

    Recent surveys show that cyber bullying is a pervasive problem in North America. Many news stories have reported cyber bullying incidents around the world. Reports on the prevalence of cyber bullying and victimization as a result of cyber bullying increase yearly. Although we know what cyber bullying is it is important that we learn more about the…

  19. Approaches to Enhancing Cyber Resilience: Report of the North Atlantic Treaty Organization (NATO) Workshop IST-153

    Science.gov (United States)

    2018-04-01

    2017, at the University of Bundeswehr. Despite continual progress in managing risks in the cyber domain, anticipation and prevention of all possible...participants of the workshop saw as particularly important: 1) fundamental properties of cyber resilience, 2) approaches to measuring and modeling cyber...resilience. 15. SUBJECT TERMS cybersecurity, cyber resilience, risk management , cyber metrics, mission modeling, systems engineering, dynamic defense

  20. Cyber Security Policy. A methodology for Determining a National Cyber-Security Alert Level

    Directory of Open Access Journals (Sweden)

    Dan Constantin TOFAN

    2012-01-01

    Full Text Available Nowadays, assuring the security of the national cyber-space has become a big issue that can only be tackled through collaborative approaches. Threats cannot be confined to a single computer system just as much as computer systems are rendered useless without being con-nected to a supporting network. The authors of this article propose an innovative architecture of a system designated to help governments collect and analyze data about cyber-security in-cidents, from different organizations, dispersed nationwide, and acting within various economic sectors. The collected data will make us able to determine a national cyber-security alert score that could help policy makers in establishing the best strategies for protecting the national cyber-space.

  1. Considerations on Cyber Security Assessments of Korean Nuclear Power Plants

    International Nuclear Information System (INIS)

    Lee, Jung-Woon; Song, Jae-Gu; Han, Kyung-Soo; Lee, Cheol Kwon; Kang, Mingyun

    2015-01-01

    Korea Institute of Nuclear Nonproliferation and Control (KINAC) has prepared the regulatory standard RS-015 based on RG 5.71. RS-015 defines the elements of a cyber security program to be established in nuclear facilities and describes the security control items and relevant requirements. Cyber security assessments are important initial activities in a cyber security program for NPPs. Cyber security assessments can be performed in the following key steps: 1) Formation of a cyber security assessment team (CSAT); 2) Identification of critical systems and critical digital assets (CDAs); 3) Plant compliance checks with the security control requirements in RS-015. Through the assessments, the current status of security controls applied to NPPs can be found out. The assessments provide baseline data for remedial activities. Additional analyses with the results from the assessments should be performed before the implementation of remedial security controls. The cyber security team at the Korea Atomic Energy Research Institute (KAERI) has studied how to perform cyber security assessments for NPPs based on the regulatory requirements. Recently, KAERI's cyber security team has performed pilot cyber security assessments of a Korean NPP. Based on this assessment experience, considerations and checkpoints which would be helpful for full-scale cyber security assessments of Korean NPPs and the implementation of remedial security controls are discussed in this paper. Cyber security assessment is one of important and immediate activities for NPP cyber security. The quality of the first assessment will be a barometer for NPP cyber security. Hence cyber security assessments of Korean NPPs should be performed elaborately

  2. Considerations on Cyber Security Assessments of Korean Nuclear Power Plants

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Jung-Woon; Song, Jae-Gu; Han, Kyung-Soo; Lee, Cheol Kwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of); Kang, Mingyun [E-Gonggam Co. Ltd., Daejeon (Korea, Republic of)

    2015-10-15

    Korea Institute of Nuclear Nonproliferation and Control (KINAC) has prepared the regulatory standard RS-015 based on RG 5.71. RS-015 defines the elements of a cyber security program to be established in nuclear facilities and describes the security control items and relevant requirements. Cyber security assessments are important initial activities in a cyber security program for NPPs. Cyber security assessments can be performed in the following key steps: 1) Formation of a cyber security assessment team (CSAT); 2) Identification of critical systems and critical digital assets (CDAs); 3) Plant compliance checks with the security control requirements in RS-015. Through the assessments, the current status of security controls applied to NPPs can be found out. The assessments provide baseline data for remedial activities. Additional analyses with the results from the assessments should be performed before the implementation of remedial security controls. The cyber security team at the Korea Atomic Energy Research Institute (KAERI) has studied how to perform cyber security assessments for NPPs based on the regulatory requirements. Recently, KAERI's cyber security team has performed pilot cyber security assessments of a Korean NPP. Based on this assessment experience, considerations and checkpoints which would be helpful for full-scale cyber security assessments of Korean NPPs and the implementation of remedial security controls are discussed in this paper. Cyber security assessment is one of important and immediate activities for NPP cyber security. The quality of the first assessment will be a barometer for NPP cyber security. Hence cyber security assessments of Korean NPPs should be performed elaborately.

  3. Targeted neonatal echocardiography services: need for standardized training and quality assurance.

    LENUS (Irish Health Repository)

    Finan, Emer

    2014-10-01

    Targeted neonatal echocardiography refers to a focused assessment of myocardial performance and hemodynamics directed by a specific clinical question. It has become the standard of care in many parts of the world, but practice is variable, and there has been a lack of standardized training and evaluation to date. Targeted neonatal echocardiography was first introduced to Canada in 2006. The purpose of this study was to examine the characteristics of targeted neonatal echocardiography practice and training methods in Canadian neonatal intensive care units (NICUs).

  4. Examining relationship between being cyber bully/ cyber victim and social perceptual levels of adolescents

    OpenAIRE

    Şahin, Mustafa; Sarı, Sinan Volkan; Şafak, Zekeriya

    2010-01-01

    This study aims to investigate the relationship between being cyber- bully / cyber-victim and social perception levels in adolescents. In this study, descriptive method was employed. The sample of the study consited of 300 students whom attending different high schools in Trabzon in 2009-2010 school years. 159 students of the sample were boys (% 53) and 141 students were girls (% 47). Cyberbullying Scale and Social Comparision Scale were used to collect the data. Pearson correlation coefficie...

  5. Let Slip the Dogs of (CYBER) War: Progressing Towards a Warfighting U.S. Cyber Command

    Science.gov (United States)

    2013-04-01

    requirements, nor a headquarters building (it is currently housed within NSA facilities on Fort George G. Meade , MD).22 In addition, the DOD cyber...Information Conflict: National Security Law in Cyberspace (Falls Church, VA: Aegis Research Corporation, 2000); Herbert Lin, “Offensive Cyber Operations...this legislation was pocket-vetoed by then President George H.W. Bush due to a lack of consistency between the stated intent of the oversight

  6. Cyber Security Policy. A methodology for Determining a National Cyber-Security Alert Level

    OpenAIRE

    Dan Constantin TOFAN; Maria Lavinia ANDREI; Lavinia Mihaela DINCÄ‚

    2012-01-01

    Nowadays, assuring the security of the national cyber-space has become a big issue that can only be tackled through collaborative approaches. Threats cannot be confined to a single computer system just as much as computer systems are rendered useless without being con-nected to a supporting network. The authors of this article propose an innovative architecture of a system designated to help governments collect and analyze data about cyber-security in-cidents, from different organizations, di...

  7. Game based cyber security training: are serious games suitable for cyber security training?

    OpenAIRE

    Hendrix, Maurice; Al-Sherbaz, Ali; Victoria, Bloom

    2016-01-01

    Security research and training is attracting a lot of investment and interest from governments and the private sector. Most efforts have focused on physical security, while cyber security or digital security has been given less importance. With recent high-profile attacks it has become clear that training in cyber security is needed. Serious Games have the capability to be effective tools for public engagement and behavioural change and role play games, are already used by security profession...

  8. On a simulation study of cyber attacks on vehicle-to-infrastructure communication (V2I) in Intelligent Transportation System (ITS)

    Science.gov (United States)

    Ekedebe, Nnanna; Yu, Wei; Song, Houbing; Lu, Chao

    2015-05-01

    An intelligent transportation system (ITS) is one typical cyber-physical system (CPS) that aims to provide efficient, effective, reliable, and safe driving experiences with minimal congestion and effective traffic flow management. In order to achieve these goals, various ITS technologies need to work synergistically. Nonetheless, ITS's reliance on wireless connectivity makes it vulnerable to cyber threats. Thus, it is critical to understand the impact of cyber threats on ITS. In this paper, using real-world transportation dataset, we evaluated the consequences of cyber threats - attacks against service availability by jamming the communication channel of ITS. In this way, we can have a better understanding of the importance of ensuring adequate security respecting safety and life-critical ITS applications before full and expensive real-world deployments. Our experimental data shows that cyber threats against service availability could adversely affect traffic efficiency and safety performances evidenced by exacerbated travel time, fuel consumed, and other evaluated performance metrics as the communication network is compromised. Finally, we discuss a framework to make ITS secure and more resilient against cyber threats.

  9. Identifying ecosystem service hotspots for targeting land degradation neutrality investments in south-eastern Africa

    NARCIS (Netherlands)

    Willemen, Louise; Crossman, Neville D.; Quatrini, Simone; Egoh, Benis; Kalaba, Felix K.; Mbilinyi, Boniface; Groot, de Dolf

    2017-01-01

    Land degradation response actions need motivated stakeholders and investments to improve land management. In this study we present methods to prioritise locations for degradation mitigation investments based on stakeholder preferences for ecosystem services. We combine participatory and spatial

  10. Identifying ecosystem service hotspots for targeting land degradation neutrality investments in south-eastern Africa

    NARCIS (Netherlands)

    Willemen, Louise; Crossman, Neville D.; Quatrini, Simone; Egoh, Benis; Kalaba, Felix K.; Mbilinyi, Boniface; de Groot, Rudolf

    2017-01-01

    Land degradation response actions need motivated stakeholders and investments to improve land management. In this study we present methods to prioritise locations for degradation mitigation investments based on stakeholder preferences for ecosystem services. We combine participatory and spatial

  11. On Cyber Attacks and Signature Based Intrusion Detection for MODBUS Based Industrial Control Systems

    Directory of Open Access Journals (Sweden)

    Wei Gao

    2014-03-01

    Full Text Available Industrial control system communication networks are vulnerable to reconnaissance, response injection, command injection, and denial of service attacks.  Such attacks can lead to an inability to monitor and control industrial control systems and can ultimately lead to system failure. This can result in financial loss for control system operators and economic and safety issues for the citizens who use these services.  This paper describes a set of 28 cyber attacks against industrial control systems which use the MODBUS application layer network protocol. The paper also describes a set of standalone and state based intrusion detection system rules which can be used to detect cyber attacks and to store evidence of attacks for post incident analysis. All attacks described in this paper were validated in a laboratory environment. The detection rate of the intrusion detection system rules presented by attack class is also presented.

  12. Targeted neonatal echocardiography services: need for standardized training and quality assurance.

    Science.gov (United States)

    Finan, Emer; Sehgal, Arvind; Khuffash, Afif El; McNamara, Patrick J

    2014-10-01

    Targeted neonatal echocardiography refers to a focused assessment of myocardial performance and hemodynamics directed by a specific clinical question. It has become the standard of care in many parts of the world, but practice is variable, and there has been a lack of standardized training and evaluation to date. Targeted neonatal echocardiography was first introduced to Canada in 2006. The purpose of this study was to examine the characteristics of targeted neonatal echocardiography practice and training methods in Canadian neonatal intensive care units (NICUs). A total of 142 Canadian neonatologists were invited to participate in an online survey, which was conducted in September 2010. The survey consisted of questions related to the availability of targeted neonatal echocardiography, clinical indications, benefits and risks, and training methods. The overall survey response rate was 65%. Forty-eight respondents (34%) indicated that targeted neonatal echocardiography was available in their units, and the program was introduced within the preceding 1 to 5 years. In centers where it was unavailable, lack of on-site echocardiography expertise was cited as the major barrier to implementation. The most common indications for targeted neonatal echocardiography included evaluation of a hemodynamically significant ductus arteriosus, systemic or pulmonary blood flow, and response to cardiovascular treatments. Only 27% of respondents, working in centers where targeted neonatal echocardiography existed, actually performed the studies themselves; most individuals completed 11 to 20 studies per month. Almost half of the respondents said that training was available in their institutions, but methods of training and evaluation were inconsistent. Eighty-seven percent of respondents reported no formalized process for assessment of ongoing competency after the initial training period. Targeted neonatal echocardiography is becoming more widely available and is gaining acceptance in

  13. AAVSO Target Tool: A Web-Based Service for Tracking Variable Star Observations (Abstract)

    Science.gov (United States)

    Burger, D.; Stassun, K. G.; Barnes, C.; Kafka, S.; Beck, S.; Li, K.

    2018-06-01

    (Abstract only) The AAVSO Target Tool is a web-based interface for bringing stars in need of observation to the attention of AAVSOís network of amateur and professional astronomers. The site currently tracks over 700 targets of interest, collecting data from them on a regular basis from AAVSOís servers and sorting them based on priority. While the target tool does not require a login, users can obtain visibility times for each target by signing up and entering a telescope location. Other key features of the site include filtering by AAVSO observing section, sorting by different variable types, formatting the data for printing, and exporting the data to a CSV file. The AAVSO Target Tool builds upon seven years of experience developing web applications for astronomical data analysis, most notably on Filtergraph (Burger, D., et al. 2013, Astronomical Data Analysis Software and Systems XXII, Astronomical Society of the Pacific, San Francisco, 399), and is built using the web2py web framework based on the python programming language. The target tool is available at http://filtergraph.com/aavso.

  14. DETERMINING ELECTRONIC AND CYBER ATTACK RISK LEVEL FOR UNMANNED AIRCRAFT IN A CONTESTED ENVIRONMENT

    Science.gov (United States)

    2016-08-01

    facilitated by the luxury of operating in generally permissive airspace, facing little resistance from insurgent forces. Along with the increase of UAS...and would be almost exclusively cyber in nature. In this case, an enemy could target the highest levels of national C2 no matter where they lie... exclusively controlled by pilots in the cockpit, as are tankers, transports, and battlefield C2 aircraft. UAS assets can fill a variety of roles in this

  15. The Challenges of Defense Support of Civil Authorities and Homeland Defense in the Cyber Domain

    Science.gov (United States)

    2013-05-20

    of-service attack lasting one week or longer. Medical life-support systems would fail and a devastating impact to the economy would occur with the...Information Grid ( GIG ) against a cyber attack has taken the forefront in national level discussions. The U.S. homeland’s assumed sanctuary against...other U.S. government agencies and key operators within the private sector to detect, deter, prevent, and thwart exploitation of CIKR and the GIG

  16. Study on Nuclear Facility Cyber Security Awareness and Training Programs

    International Nuclear Information System (INIS)

    Lee, Jung-Woon; Song, Jae-Gu; Lee, Cheol-Kwon

    2016-01-01

    Cyber security awareness and training, which is a part of operational security controls, is defined to be implemented later in the CSP implementation schedule. However, cyber security awareness and training is a prerequisite for the appropriate implementation of a cyber security program. When considering the current situation in which it is just started to define cyber security activities and to assign personnel who has responsibilities for performing those activities, a cyber security awareness program is necessary to enhance cyber security culture for the facility personnel to participate positively in cyber security activities. Also before the implementation of stepwise CSP, suitable education and training should be provided to both cyber security teams (CST) and facility personnel who should participate in the implementation. Since such importance and urgency of cyber security awareness and training is underestimated at present, the types, trainees, contents, and development strategies of cyber security awareness and training programs are studied to help Korean nuclear facilities to perform cyber security activities more effectively. Cyber security awareness and training programs should be developed ahead of the implementation of CSP. In this study, through the analysis of requirements in the regulatory standard RS-015, the types and trainees of overall cyber security training programs in nuclear facilities are identified. Contents suitable for a cyber security awareness program and a technical training program are derived. It is suggested to develop stepwise the program contents in accordance with the development of policies, guides, and procedures as parts of the facility cyber security program. Since any training programs are not available for the specialized cyber security training in nuclear facilities, a long-term development plan is necessary. As alternatives for the time being, several cyber security training courses for industrial control systems by

  17. Study on Nuclear Facility Cyber Security Awareness and Training Programs

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Jung-Woon; Song, Jae-Gu; Lee, Cheol-Kwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2016-10-15

    Cyber security awareness and training, which is a part of operational security controls, is defined to be implemented later in the CSP implementation schedule. However, cyber security awareness and training is a prerequisite for the appropriate implementation of a cyber security program. When considering the current situation in which it is just started to define cyber security activities and to assign personnel who has responsibilities for performing those activities, a cyber security awareness program is necessary to enhance cyber security culture for the facility personnel to participate positively in cyber security activities. Also before the implementation of stepwise CSP, suitable education and training should be provided to both cyber security teams (CST) and facility personnel who should participate in the implementation. Since such importance and urgency of cyber security awareness and training is underestimated at present, the types, trainees, contents, and development strategies of cyber security awareness and training programs are studied to help Korean nuclear facilities to perform cyber security activities more effectively. Cyber security awareness and training programs should be developed ahead of the implementation of CSP. In this study, through the analysis of requirements in the regulatory standard RS-015, the types and trainees of overall cyber security training programs in nuclear facilities are identified. Contents suitable for a cyber security awareness program and a technical training program are derived. It is suggested to develop stepwise the program contents in accordance with the development of policies, guides, and procedures as parts of the facility cyber security program. Since any training programs are not available for the specialized cyber security training in nuclear facilities, a long-term development plan is necessary. As alternatives for the time being, several cyber security training courses for industrial control systems by

  18. Cyber safety education in developing countries

    CSIR Research Space (South Africa)

    Von Solms, R

    2015-01-01

    Full Text Available on the potential risks that are faced when using Internet communication tools, such as the social media, chat rooms, online gaming, email and instant messaging [1],[2] When users are educated about these risks, the users' vulnerability to malware attacks, cyber-bullying...

  19. Cyber safety education in developing countries

    CSIR Research Space (South Africa)

    Von Solms, R

    2015-07-01

    Full Text Available on the potential risks that are faced when using Internet communication tools, such as the social media, chat rooms, online gaming, email and instant messaging [1],[2] When users are educated about these risks, the users' vulnerability to malware attacks, cyber-bullying...

  20. Cyber terrorism prevention and counteraction workshop review

    NARCIS (Netherlands)

    Pastukhov, O.M.

    2011-01-01

    A NATO Advanced Training Course (ATC ) on Cyber Terrorism Prevention and Counteraction workshop, held in Kiev on September 27-29, 2010, allowed the participants to share their experiences with experts from Ukraine, a Partnership for Peace country. The participants exchanged their ideas on the ways

  1. Adult Basic Education and the Cyber Classroom

    Science.gov (United States)

    Johnson-Bailey, Juanita

    2016-01-01

    In this brief article, the author expresses her greatest concerns regarding learning in the cyber world: the appropriateness of online learning for courses with sensitive subject matter, the comfort level of nontraditional learners in this new setting, and the inability as an instructor to fully engage with the learner in real time. As an adult…

  2. Cyber security in ports : Business as usual

    NARCIS (Netherlands)

    Moerel, Lokke; Dezeure, Freddy

    2017-01-01

    Our paper summarizes the risks and provides concrete and pragmatic proposals to increase substantially the cyber maturity and resilience in the ports by organizing training and awareness raising, fostering cooperation and information exchange both between the stakeholders in the ports and across the

  3. Cyber-physical augmentation : An exploration

    NARCIS (Netherlands)

    Vroom, R.W.; Horvath, I.

    2014-01-01

    Ubiquitous technologies provide many product innovation opportunities for industrial design engineers, such as creating user centered cyber-physical systems with adaptive capabilities to individual users and environments. The exploration discussed in this paper aims to uncover needs to know for

  4. Multi sensor national cyber security data fusion

    CSIR Research Space (South Africa)

    Swart, I

    2015-03-01

    Full Text Available in a real world system. The data examined will then be applied to a case study that will show the results of applying available open source security information against the model to relate to the current South African cyber landscape....

  5. Wat maakt cyber security anders dan informatiebeveiliging?

    NARCIS (Netherlands)

    Van den Berg, J.

    2015-01-01

    De termen “informatiebeveiliging” en “cyber security” worden vaak door elkaar gebruikt soms met dezelfde, soms met een afwijkende betekenis. Velen spreken vandaag de dag ook over cyberspace, bijvoorbeeld als een nieuw (door de mens gecreëerd) vijfde domein naast de bestaande domeinen land, water,

  6. Cyber Security--Are You Prepared?

    Science.gov (United States)

    Newman, Scott

    2007-01-01

    During the summer 2002 term, Oklahoma State University-Okmulgee's Information Technologies Division offered a one credit-hour network security course--which barely had adequate student interest to meet the institution's enrollment requirements. Today, OSU-Okmulgee boasts one of the nation's premier cyber security programs. Many prospective…

  7. Smart Cyber Infrastructure for Big Data processing

    NARCIS (Netherlands)

    Makkes, M.X.; Cushing, R.; Oprescu, A.M.; Koning, R.; Grosso, P.; Meijer, R.J.; Laat, C. de

    2014-01-01

    The landscape of research cyber infrastructure is rapidly changing. There is a move towards virtualized and programmable infrastructure. The cloud paradigm enables the use of computing resources in different places and allows for optimizing workflows in either bringing computing to the data or the

  8. Pennsylvania Cyber School Funding: Follow the Money

    Science.gov (United States)

    Carr-Chellman, Alison A.; Marsh, Rose M.

    2009-01-01

    Cyber charter schools are public charter schools which are entirely online and typically serve all grades from pre-kindergarten through 12th grade. Pennsylvania implemented widespread charter school legislation as early as 1997. This has offered a great number of Pennsylvanians options in their public schooling. One of these options has been…

  9. DRDC Support to Exercise Cyber Storm III

    Science.gov (United States)

    2011-10-01

    d’intervention fédéraux portant sur les incidents cybernétiques sont encore relativement peu élaborés et insuffisamment développés et un examen des plans examinés...9 2.7 CSIII Ethics Protocol...30 Annex C .. Exercise Cyber Storm III Ethics

  10. Patterns of adolescent bullying behaviors: physical, verbal, exclusion, rumor, and cyber.

    Science.gov (United States)

    Wang, Jing; Iannotti, Ronald J; Luk, Jeremy W

    2012-08-01

    Patterns of engagement in cyber bullying and four types of traditional bullying were examined using latent class analysis (LCA). Demographic differences and externalizing problems were evaluated across latent class membership. Data were obtained from the 2005-2006 Health Behavior in School-aged Survey and the analytic sample included 7,508 U.S. adolescents in grades 6 through 10. LCA models were tested on physical bullying, verbal bullying, social exclusion, spreading rumors, and cyber bullying behaviors. Three latent classes were identified for each gender: All-Types Bullies (10.5% for boys and 4.0% for girls), Verbal/Social Bullies (29.3% for boys and 29.4% for girls), and a Non-Involved class (60.2% for boys and 66.6% for girls). Boys were more likely to be All-Types Bullies than girls. The prevalence rates of All-Types and Verbal/Social Bullies peaked during grades 6 to 8 and grades 7 and 8, respectively. Pairwise comparisons across the three latent classes on externalizing problems were conducted. Overall, the All-Types Bullies were at highest risk of using substances and carrying weapons, the Non-Involved were at lowest risk, and the Verbal/Social Bullies were in the middle. Results also suggest that most cyber bullies belong to a group of highly aggressive adolescents who conduct all types of bullying. This finding does not only improve our understanding of the relation between cyber bullying and traditional bullying, but it also suggests that prevention and intervention efforts could target cyber bullies as a high-risk group for elevated externalizing problems. Copyright © 2012 Society for the Study of School Psychology. All rights reserved.

  11. Cyber security issues, challenges and solutions for the emerging smart grid

    Energy Technology Data Exchange (ETDEWEB)

    Westlund, D. [N-Dimension Solutions Inc., Richmond Hill, ON (Canada)

    2007-07-01

    This paper explored the technology and business issues and challenges associated the smart grid's tolerance of physical and cyber security attacks and proposed a framework that provides practical solutions for the electric operator. The 7 characteristics of a smart grid were described. Notably, a smart grid is self healing; supports client equipment and usage behaviour; tolerates physical and cyber security attacks; delivers high-quality power to customers; supports various power generation technologies; supports competitive power markets; and, delivers capital asset optimization while minimizing operational costs. According to the North American Electric Reliability Council (NERC), power capacity will increase by 6 per cent in the United States and 9 per cent in Canada, while the demand for electricity is expected to rise by 19 and 13 per cent respectively. In addition, total transmission miles are projected to increase by less than 7 per cent in the U.S. and by only 3.5 per cent in Canada. A Smart Grid, with distributed monitoring and control, is therefore needed to meet the increased demand. However, the power and energy sectors are targets for cyber attackers. Cyber security in real-time grid operations is a complex matter. Cyber risks include unauthorized access to control systems; interception of control data; attack on system components; interception of monitoring data; intentional and unintentional human intervention; and, impairment to application software. The proposed solution framework is based on a roadmap developed by the United States Homeland Security organization, the United States Department of Energy, and the Canadian Energy Infrastructure Protection Division. NERC reliability standards and framework are also integrated into this framework. The technical aspects of the framework include: ease of use; defence-in-depth characteristics; extensive monitoring within electronic security perimeters; protection of legacy systems; auditing, logging

  12. An assessment of the cyber security legislation and its impact on the United States electrical sector

    Science.gov (United States)

    Born, Joshua

    The purpose of this research was to examine the cyber-security posture for the United States' electrical grid, which comprises a major component of critical infrastructure for the country. The United States electrical sector is so vast, that the Department of Homeland Security (DHS) estimates, it contains more than 6,413 power plants (this includes 3,273 traditional electric utilities and 1,738 nonutility power producers) with approximately 1,075 gigawatts of energy produced on a daily basis. A targeted cyber-security attack against the electric grid would likely have catastrophic results and could even serve as a precursor to a physical attack against the United States. A recent report by the consulting firm Black and Veatch found that one of the top five greatest concerns for United States electric utilities is the risk that cybersecurity poses to their industry and yet, only one-third state they are currently prepared to meet the increasingly likely threat. The report goes on to state, "only 32% of electric utilities surveyed had integrated security systems with the proper segmentation, monitoring and redundancies needed for cyber threat protection. Another 48 % said they did not" Recent estimates indicate that a large-scale cyber-attack against this sector could cost the United States economy as much as a trillion dollars within a weeks' time. Legislative efforts in the past have primarily been focused on creating mandates that encourage public and private partnership, which have been not been adopted as quickly as desired. With 85 % of all electric utilities being privately owned, it is key that the public and private sector partner in order to mitigate risks and respond as a cohesive unit in the event of a major attack. Keywords: Cybersecurity, Professor Riddell, cyber security, energy, intelligence, outlook, electrical, compliance, legislation, partnerships, critical infrastructure.

  13. Patterns of Adolescent Bullying Behaviors: Physical, Verbal, Exclusion, Rumor, and Cyber

    Science.gov (United States)

    Wang, Jing; Iannotti, Ronald J.; Luk, Jeremy W.

    2012-01-01

    Patterns of engagement in cyber bullying and four types of traditional bullying were examined using latent class analysis (LCA). Demographic differences and externalizing problems were evaluated across latent class membership. Data were obtained from the 2005–2006 Health Behavior in School-aged Survey and the analytic sample included 7,508 U.S. adolescents in grades 6 through 10. LCA models were tested on physical bullying, verbal bullying, social exclusion, spreading rumors, and cyber bullying behaviors. Three latent classes were identified for each gender: All-Types Bullies (10.5% for boys and 4.0% for girls), Verbal/Social Bullies (29.3% for boys and 29.4% for girls), and a Non-Involved class (60.2% for boys and 66.6% for girls). Boys were more likely to be All-Types Bullies than girls. The prevalence rates of All-Types and Verbal/Social Bullies peaked during grades 6 to 8 and grades 7 & 8, respectively. Pairwise comparisons across the three latent classes on externalizing problems were conducted. Overall, the All-Types Bullies were at highest risk of using substances and carrying weapons, the Non-Involved were at lowest risk, and the Verbal/Social Bullies were in the middle. Results also suggest that most cyber bullies belong to a group of highly aggressive adolescents who conduct all types of bullying. This finding does not only improve our understanding of the relation between cyber bullying and traditional bullying, but it also suggests that prevention and intervention efforts could target cyber bullies as a high-risk group for elevated externalizing problems. PMID:22710019

  14. ADDRESSING THE SPECTRE OF CYBER TERRORISM: A COMPARATIVE PERSPECTIVE

    Directory of Open Access Journals (Sweden)

    Fawzia Cassim

    2012-08-01

    Full Text Available This article looks at the definition of cyber terrorism and terrorist use of the Internet. The article evaluates cyber terrorist threats facing countries such as the United States of America, the United Kingdom, India and South Africa. The article also examines measures introduced by the respective governments in these countries to counteract cyber terrorist threats. Finally, the article will propose a way forward to counteract such possible threats in the future.The face of terrorism is changing. The convergence of the physical and virtual worlds has resulted in the creation of a “new threat” called cyber terrorism. Cyber terrorism is one of the recognised cyber crimes. The absence of suitable legal frameworks to address cyber terrorism at national and regional levels, the lack of adequate safeguards, the lack of cyber security strategies and the pre-occupation of countries with internal factors have all contributed to the creation of an environment that can be easily infiltrated by cyber terrorists. The horrific events of 9/11 provided the impetus for many countries to introduce anti-terrorist legislation. The United States of America, United Kingdom, India and South Africa have introduced legislation to address the threat of cyber terrorism.

  15. Rural and remote dental services shortages: filling the gaps through geo-spatial analysis evidence-based targeting.

    Science.gov (United States)

    Shiika, Yulia; Kruger, Estie; Tennant, Marc

    Australia has a significant mal-distribution of its limited dental workforce. Outside the major capital cities, the distribution of accessible dental care is at best patchy. This study applied geo-spatial analysis technology to locate gaps in dental service accessibility for rural and remote dwelling Australians, in order to test the hypothesis that there are a few key location points in Australia where further dental services could make a significant contribution to ameliorating the immediate shortage crisis. A total of 2,086 dental practices were located in country areas, covering a combined catchment area of 1.84 million square kilometers, based on 50 km catchment zones around each clinic. Geo-spatial analysis technology was used to identify gaps in the accessibility of dental services for rural and remote dwelling Australians. An extraction of data was obtained to analyse the integrated geographically-aligned database. Results: Resolution of the lack of dental practices for 74 townships (of greater than 500 residents) across Australia could potentially address access for 104,000 people. An examination of the socio-economic mix found that the majority of the dental practices (84%) are located in areas classified as less disadvantaged. Output from the study provided a cohesive national map that has identified locations that could have health improvement via the targeting of dental services to that location. The study identified potential location sites for dental clinics, to address the current inequity in accessing dental services in rural and remote Australia.

  16. Cyber Attacks and Energy Infrastructures: Anticipating Risks

    International Nuclear Information System (INIS)

    Desarnaud, Gabrielle

    2017-01-01

    This study analyses the likelihood of cyber-attacks against European energy infrastructures and their potential consequences, particularly on the electricity grid. It also delivers a comparative analysis of measures taken by different European countries to protect their industries and collaborate within the European Union. The energy sector experiences an unprecedented digital transformation upsetting its activities and business models. Our energy infrastructures, sometimes more than a decade old and designed to remain functional for many years to come, now constantly interact with light digital components. The convergence of the global industrial system with the power of advanced computing and analytics reveals untapped opportunities at every step of the energy value chain. However, the introduction of digital elements in old and unprotected industrial equipment also exposes the energy industry to the cyber risk. One of the most compelling example of the type of threat the industry is facing, is the 2015 cyber-attack on the Ukraine power grid, which deprived about 200 000 people of electricity in the middle of the winter. The number and the level of technical expertise of cyber-attacks rose significantly after the discovery of the Stuxnet worm in the network of Natanz uranium enrichment site in 2010. Energy transition policies and the growing integration of renewable sources of energy will intensify this tendency, if cyber security measures are not part of the design of our future energy infrastructures. Regulators try to catch up and adapt, like in France where the authorities collaborate closely with the energy industry to set up a strict and efficient regulatory framework, and protect critical operators. This approach is adopted elsewhere in Europe, but common measures applicable to the whole European Union are essential to protect strongly interconnected energy infrastructures against a multiform threat that defies frontiers

  17. CODING LOGICAL MECHANISM AND STEREOTYPING IN GENDER CYBER HUMORS

    Directory of Open Access Journals (Sweden)

    Truly Almendo Pasaribu

    2016-07-01

    Full Text Available Gender-related humors have their own way of being funny; and this research aims to find out how and why they are funny. For this purpose, both researchers have collected 50 gender cyber humors and analyzed them, first, to decode how their logical mechanism relates to specific linguistic features, and secondly, to uncover how gender stereotyping contributes to the comical effects. The twisting of logic and linguistic ambiguity is analyzed formally using Attardos (2001 General Theory of Verbal Humor (GTVH and supported by gender studies. The findings reveal that the logical mechanism consists of elements of incongruities, and gender stereotyping presents negative stereotypical images. The analysis further shows that some gender stereotypical images ridicule traditional roles of man and woman while others make fun of non-traditional representations. This shift from women only to both men and women as targets of gender humors has been an impact of effective feminist movements.

  18. Cyber-Neuropsychology: application of new technologies in neuropsychological evaluation.

    Science.gov (United States)

    Bernardo-Ramos, Mercedes; Franco-Martín, Manuel A; Soto-Pérez, Felipe

    2012-01-01

    Neuropsychological evaluation deals with the study of cerebral functioning through the persons' performance. It makes it possible to collaborate the clinical diagnosis and to provide information on deficit and skills. Specialized care in rural environments is uncommon, and often means impossibility to access some services. This study has aimed to evaluate the possibility of using neuropsychological evaluation by internet videoconferences. Our research was based on the traditional and online application of the SCIP-S to 30 subjects who were diagnosed with schizophrenia. The 30 subjects were randomly divided into two groups (Group A and B). Both groups underwent the two conditions inversely. The results show some differences and similarities when the results in both types of applications SCIP-S are compared. In conclusion, cyber-neuropsychology is possible and may be a complement and alternative to traditional assessment when they cannot develop.

  19. Software Engineering Issues for Cyber-Physical Systems

    DEFF Research Database (Denmark)

    Al-Jaroodi, Jameela; Mohamed, Nader; Jawhar, Imad

    2016-01-01

    step; however, designing and implementing the right software to integrate and use them effectively is essential. The software facilitates better interfaces, more control and adds smart services, high flexibility and many other added values and features to the CPS. However, software development for CPS......Cyber-Physical Systems (CPS) provide many smart features for enhancing physical processes. These systems are designed with a set of distributed hardware, software, and network components that are embedded in physical systems and environments or attached to humans. Together they function seamlessly...... to offer specific functionalities or features that help enhance human lives, operations or environments. While different CPS components play important roles in a successful CPS development, the software plays the most important role among them. Acquiring and using high quality CPS components is the first...

  20. Control Systems Cyber Security:Defense in Depth Strategies

    Energy Technology Data Exchange (ETDEWEB)

    David Kuipers; Mark Fabro

    2006-05-01

    Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

  1. Cyber Infrastructure: The Forgotten Vulnerability

    Science.gov (United States)

    2014-05-22

    Executives Apologize for Data Breach ,” Fox News, last modified February 5, 2014, http://www.foxnews.com/politics/2014/02/05/target-neiman-marcus...executives- apologize-for- data - breach / (accessessed February 6, 2014). 7Brendan Sasso, “After Defeat of Senate Cybersecurity Bill, Obama Weighs Executive...News. “Target, Neiman Marcus Executives Apologize for Data Breach .” Fox News. http://www.foxnews.com/politics/2014/02/05/target-neiman-marcus

  2. Anomaly-based online intrusion detection system as a sensor for cyber security situational awareness system

    OpenAIRE

    Kokkonen, Tero

    2016-01-01

    Almost all the organisations and even individuals rely on complex structures of data networks and networked computer systems. That complex data ensemble, the cyber domain, provides great opportunities, but at the same time it offers many possible attack vectors that can be abused for cyber vandalism, cyber crime, cyber espionage or cyber terrorism. Those threats produce requirements for cyber security situational awareness and intrusion detection capability. This dissertation conc...

  3. Recommendations for Model Driven Paradigms for Integrated Approaches to Cyber Defense

    Science.gov (United States)

    2017-03-06

    Human Cognitive Modeling in Cyber Security 13 4.1 Models of Human in the Cyber Detection Loop 14 4.2 Perception and Representation of the Cyber ...paradigm applied to cyber operations is likely to benefit traditional disciplines of cyber defense such as security , vulnerability analysis, intrusion...and simulation for full range of cyber specialties, not only for training and rehearsal. • Encourage participation of commercial companies , in NATO

  4. Scallywags--An Evaluation of a Service Targeting Conduct Disorders at School and at Home

    Science.gov (United States)

    Broadhead, M. A.; Hockaday, A.; Zahra, M.; Francis, P. J.; Crichton, C.

    2009-01-01

    Conduct disorder (CD) is one of the most common childhood psychiatric disorders. Some research has focused on reducing conduct difficulties through parent training programmes. However, there has been limited research focusing on early intervention services that deal with emotional and/or conduct problems in a community setting. The aim of this…

  5. Enhancing the metalinguistic abilities of pre-service teachers via coursework targeting language structure knowledge.

    Science.gov (United States)

    Purvis, Caralyn J; McNeill, Brigid C; Everatt, John

    2016-04-01

    Low metalinguistic knowledge of pre-service and in-service teachers is likely to restrict the provision of evidence-based literacy instruction in the classroom. Despite such concerns, relatively few studies have examined the effects of teacher preparation coursework in building pre-service teachers' language structure knowledge. This study examined the effects of 7 h of language structure coursework, delivered over 7 weeks, on 121 New Zealand pre-service teachers in their initial year of study. Changes in participants' phonological awareness, morphological awareness, and orthographic knowledge were tracked across the teaching period. The impact of the coursework for participants who presented with strong spelling (n = 24) and poor spelling (n = 24) ability was also compared. The cohort demonstrated significant gains across all measures. Strong spellers responded more favourably to the teaching than poor spellers, even when accounting for initial levels of meta-linguistic knowledge. Implications for the development of teacher preparation programmes that enhance the provision of effective literacy instruction are discussed.

  6. Lowering Entry Barriers for Multidisciplinary Cyber(e)-Infrastructures

    Science.gov (United States)

    Nativi, S.

    2012-04-01

    Multidisciplinarity is more and more important to study the Earth System and address Global Changes. To achieve that, multidisciplinary cyber(e)-infrastructures are an important instrument. In the last years, several European, US and international initiatives have been started to carry out multidisciplinary infrastructures, including: the Spatial Information in the European Community (INSPIRE), the Global Monitoring for Environment and Security (GMES), the Data Observation Network for Earth (DataOne), and the Global Earth Observation System of Systems (GEOSS). The majority of these initiatives are developing service-based digital infrastructures asking scientific Communities (i.e. disciplinary Users and data Producers) to implement a set of standards for information interoperability. For scientific Communities, this has represented an entry barrier which has proved to be high, in several cases. In fact, both data Producers and Users do not seem to be willing to invest precious resources to become expert on interoperability solutions -on the contrary, they are focused on developing disciplinary and thematic capacities. Therefore, an important research topic is lowering entry barriers for joining multidisciplinary cyber(e)-Infrastructures. This presentation will introduce a new approach to achieve multidisciplinary interoperability underpinning multidisciplinary infrastructures and lowering the present entry barriers for both Users and data Producers. This is called the Brokering approach: it extends the service-based paradigm by introducing a new a Brokering layer or cloud which is in charge of managing all the interoperability complexity (e.g. data discovery, access, and use) thus easing Users' and Producers' burden. This approach was successfully experimented in the framework of several European FP7 Projects and in GEOSS.

  7. GeoBrain Computational Cyber-laboratory for Earth Science Studies

    Science.gov (United States)

    Deng, M.; di, L.

    2009-12-01

    Computational approaches (e.g., computer-based data visualization, analysis and modeling) are critical for conducting increasingly data-intensive Earth science (ES) studies to understand functions and changes of the Earth system. However, currently Earth scientists, educators, and students have met two major barriers that prevent them from being effectively using computational approaches in their learning, research and application activities. The two barriers are: 1) difficulties in finding, obtaining, and using multi-source ES data; and 2) lack of analytic functions and computing resources (e.g., analysis software, computing models, and high performance computing systems) to analyze the data. Taking advantages of recent advances in cyberinfrastructure, Web service, and geospatial interoperability technologies, GeoBrain, a project funded by NASA, has developed a prototype computational cyber-laboratory to effectively remove the two barriers. The cyber-laboratory makes ES data and computational resources at large organizations in distributed locations available to and easily usable by the Earth science community through 1) enabling seamless discovery, access and retrieval of distributed data, 2) federating and enhancing data discovery with a catalogue federation service and a semantically-augmented catalogue service, 3) customizing data access and retrieval at user request with interoperable, personalized, and on-demand data access and services, 4) automating or semi-automating multi-source geospatial data integration, 5) developing a large number of analytic functions as value-added, interoperable, and dynamically chainable geospatial Web services and deploying them in high-performance computing facilities, 6) enabling the online geospatial process modeling and execution, and 7) building a user-friendly extensible web portal for users to access the cyber-laboratory resources. Users can interactively discover the needed data and perform on-demand data analysis and

  8. Mission Assurance Modeling and Simulation: A Cyber Security Roadmap

    Science.gov (United States)

    Gendron, Gerald; Roberts, David; Poole, Donold; Aquino, Anna

    2012-01-01

    This paper proposes a cyber security modeling and simulation roadmap to enhance mission assurance governance and establish risk reduction processes within constrained budgets. The term mission assurance stems from risk management work by Carnegie Mellon's Software Engineering Institute in the late 19905. By 2010, the Defense Information Systems Agency revised its cyber strategy and established the Program Executive Officer-Mission Assurance. This highlights a shift from simply protecting data to balancing risk and begins a necessary dialogue to establish a cyber security roadmap. The Military Operations Research Society has recommended a cyber community of practice, recognizing there are too few professionals having both cyber and analytic experience. The authors characterize the limited body of knowledge in this symbiotic relationship. This paper identifies operational and research requirements for mission assurance M&S supporting defense and homeland security. M&S techniques are needed for enterprise oversight of cyber investments, test and evaluation, policy, training, and analysis.

  9. 77 FR 13656 - Call for Papers: National Symposium on Moving Target Research

    Science.gov (United States)

    2012-03-07

    ... a dynamic attack surface to an adversary, increasing the work factor necessary to successfully attack and exploit a cyber target. Throughout the federal government, research related to MT has been... improvement in the defense of cyber systems (a game changer),'' including how to develop better measures of...

  10. Targeting Transfer in a STELLAR PBL Course for Pre-Service Teachers

    OpenAIRE

    Hmelo-Silver, Cindy E.; Derry, Sharon J.; Bitterman, Alan; Hatrak, Natalie

    2009-01-01

    Helping students in the professions apply conceptual ideas to the problems of practice is a key goal of problem-based learning (PBL). Because PBL is organized around small, collaborative groups, scaling up PBL to large, heterogeneous classes poses significant challenges for implementation. This study presents a hybrid model that mixes online and face-to-face PBL. The STELLAR system was developed to support online and hybrid PBL courses for pre-service teachers. It allows PBL to be implemented...

  11. Designing Fuzzy Rule Based Expert System for Cyber Security

    OpenAIRE

    Goztepe, Kerim

    2016-01-01

    The state of cyber security has begun to attract more attention and interest outside the community of computer security experts. Cyber security is not a single problem, but rather a group of highly different problems involving different sets of threats. Fuzzy Rule based system for cyber security is a system consists of a rule depository and a mechanism for accessing and running the rules. The depository is usually constructed with a collection of related rule sets. The aim of this study is to...

  12. Cognitive Task Analysis Based Training for Cyber Situation Awareness

    OpenAIRE

    Huang , Zequn; Shen , Chien-Chung; Doshi , Sheetal; Thomas , Nimmi; Duong , Ha

    2015-01-01

    Part 1: Innovative Methods; International audience; Cyber attacks have been increasing significantly in both number and complexity, prompting the need for better training of cyber defense analysts. To conduct effective training for cyber situation awareness, it becomes essential to design realistic training scenarios. In this paper, we present a Cognitive Task Analysis based approach to address this training need. The technique of Cognitive Task Analysis is to capture and represent knowledge ...

  13. 7 Key Challenges for Visualization in Cyber Network Defense

    Energy Technology Data Exchange (ETDEWEB)

    Best, Daniel M.; Endert, Alexander; Kidwell, Dan

    2014-12-02

    In this paper we present seven challenges, informed by two user studies, to be considered when developing a visualization for cyber security purposes. Cyber security visualizations must go beyond isolated solutions and “pretty picture” visualizations in order to make impact to users. We provide an example prototype that addresses the challenges with a description of how they are met. Our aim is to assist in increasing utility and adoption rates for visualization capabilities in cyber security.

  14. Intervention in National and Private Cyber Space and International Law

    OpenAIRE

    Wrange, Pål

    2013-01-01

    In international law discourse on cyber attacks, there has been much focus on the threshold for the use of force. Cyber attacks or intrusions which do not reach the threshold of the use of force have been held to be unproblematic. However, such intrusions -- including many measures amounting to cyber espionage or counter-terrorism -- will often constitute illegal interventions into the sovereignty of another state, or constitute violations of human rights.Unfortunately, states have not been v...

  15. Decision support systems for cyber-risk supervision in banks

    OpenAIRE

    Košak, Matjaž

    2016-01-01

    Cyber risk has been increasing due to fast development of information technology, increased using of smart gadgets, advanced way of communication, changing habits of users, and inventiveness of cyber criminals. Nowadays, cyber criminals are highly motivated professionals who are frequently financed by wealthy criminal organizations, or even states, and have clear goals and strategies. False working of critical systems might have important consequences for the whole society, therefore the ...

  16. Developing a Proportionate Response to a Cyber Attack

    OpenAIRE

    Limnéll, Jarno

    2016-01-01

    The debate on both the impacts of cyber attacks and how to response to attacks is active but precedents are only a few. Strategies and political speeches are always (at least partially) declaratory and vague by nature, and beyond these declarations the practical reality of cyber security as a matter of national security issue is challenging. At the same time cyber issues have catapulted into the highest of the high politics, cyberpolitics, and the line of digital and physical is blurring in m...

  17. Early Warnings of Cyber Threats in Online Discussions

    OpenAIRE

    Sapienza, Anna; Bessi, Alessandro; Damodaran, Saranya; Shakarian, Paulo; Lerman, Kristina; Ferrara, Emilio

    2018-01-01

    We introduce a system for automatically generating warnings of imminent or current cyber-threats. Our system leverages the communication of malicious actors on the darkweb, as well as activity of cyber security experts on social media platforms like Twitter. In a time period between September, 2016 and January, 2017, our method generated 661 alerts of which about 84% were relevant to current or imminent cyber-threats. In the paper, we first illustrate the rationale and workflow of our system,...

  18. Hyper-connectivity : intricacies of national and international cyber securities

    OpenAIRE

    Dawson, Maurice

    2017-01-01

    This thesis examined the three core themes: the role of education in cyber security, the role of technology in cyber security, and the role of policy in cyber security, the areas in which the papers are published. The associated works are published in referred journals, peer reviewed book chapters, and conference proceedings. Research can be found in the following outlets: 1. Security Solutions for Hyperconnectivity and the Internet of Things; 2. Developing Next-Generation Countermeasures for...

  19. Operating Nuclear Power Stations in a Regulated Cyber Security Environment

    Energy Technology Data Exchange (ETDEWEB)

    Dorman, E.

    2014-07-01

    The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NR C. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. (Author)

  20. A Cyber Situational Awareness Model for Network Administrators

    Science.gov (United States)

    2017-03-01

    amount of unnecessary data and focus on the most important information that can help them better guarantee cyber security of their systems. 14. SUBJECT...the most important information that can help them better guarantee cyber security of their systems. vi THIS PAGE INTENTIONALLY LEFT BLANK vii...DISTRIBUTION CODE 13. ABSTRACT (maximum 200 words) Although there are many well-established cyber security tools and techniques available to