scholarly journals Simulative Evaluation of Security Attacks in Networked Critical Infrastructures

2015 ◽  
pp. 314-323 ◽  
Author(s):  
Marco Tiloca ◽  
Francesco Racciatti ◽  
Gianluca Dini
Keyword(s):  
Critical Infrastructures ◽  
Security Attacks

Browser Security Attacks and Detection Techniques: A Case of Tabnabbing

2020 ◽  
Vol 8 (1) ◽  
pp. 33-41
Author(s):  
Dr. S. Sarika ◽  
Keyword(s):  
Credit Card ◽  
State Of The Art ◽  
Experimental Results ◽  
Detection Technique ◽  
Security Attacks ◽  
Agent Based ◽  
Detection Techniques ◽  
Browser Security ◽  
Cyber Threats ◽  
Multi Agent

Phishing is a malicious and deliberate act of sending counterfeit messages or mimicking a webpage. The goal is either to steal sensitive credentials like login information and credit card details or to install malware on a victim’s machine. Browser-based cyber threats have become one of the biggest concerns in networked architectures. The most prolific form of browser attack is tabnabbing which happens in inactive browser tabs. In a tabnabbing attack, a fake page disguises itself as a genuine page to steal data. This paper presents a multi agent based tabnabbing detection technique. The method detects heuristic changes in a webpage when a tabnabbing attack happens and give a warning to the user. Experimental results show that the method performs better when compared with state of the art tabnabbing detection techniques.

scholarly journals Attack Categorisation for IoT Applications in Critical Infrastructures, a Survey

2021 ◽  
Vol 11 (16) ◽  
pp. 7228
Author(s):  
Edward Staddon ◽  
Valeria Loscri ◽  
Nathalie Mitton
Keyword(s):  
Critical Infrastructure ◽  
Attack Detection ◽  
Critical Infrastructures ◽  
Cyber Attack ◽  
Specific System ◽  
Iot Applications ◽  
War Zone ◽  
Clear Vision ◽  
The Internet Of Things ◽  
Do So

With the ever advancing expansion of the Internet of Things (IoT) into our everyday lives, the number of attack possibilities increases. Furthermore, with the incorporation of the IoT into Critical Infrastructure (CI) hardware and applications, the protection of not only the systems but the citizens themselves has become paramount. To do so, specialists must be able to gain a foothold in the ongoing cyber attack war-zone. By organising the various attacks against their systems, these specialists can not only gain a quick overview of what they might expect but also gain knowledge into the specifications of the attacks based on the categorisation method used. This paper presents a glimpse into the area of IoT Critical Infrastructure security as well as an overview and analysis of attack categorisation methodologies in the context of wireless IoT-based Critical Infrastructure applications. We believe this can be a guide to aid further researchers in their choice of adapted categorisation approaches. Indeed, adapting appropriated categorisation leads to a quicker attack detection, identification, and recovery. It is, thus, paramount to have a clear vision of the threat landscapes of a specific system.

A Simulation Software for the Evaluation of Vulnerabilities in Reputation Management Systems

2021 ◽  
Vol 37 (1-4) ◽  
pp. 1-30
Author(s):  
Vincenzo Agate ◽  
Alessandra De Paola ◽  
Giuseppe Lo Re ◽  
Marco Morana
Keyword(s):  
Quality Of Service ◽  
Distributed Systems ◽  
State Of The Art ◽  
Simulation Software ◽  
Reputation Management ◽  
Management Systems ◽  
Security Attacks ◽  
Vulnerability Evaluation ◽  
Multi Agent

Multi-agent distributed systems are characterized by autonomous entities that interact with each other to provide, and/or request, different kinds of services. In several contexts, especially when a reward is offered according to the quality of service, individual agents (or coordinated groups) may act in a selfish way. To prevent such behaviours, distributed Reputation Management Systems (RMSs) provide every agent with the capability of computing the reputation of the others according to direct past interactions, as well as indirect opinions reported by their neighbourhood. This last point introduces a weakness on gossiped information that makes RMSs vulnerable to malicious agents’ intent on disseminating false reputation values. Given the variety of application scenarios in which RMSs can be adopted, as well as the multitude of behaviours that agents can implement, designers need RMS evaluation tools that allow them to predict the robustness of the system to security attacks, before its actual deployment. To this aim, we present a simulation software for the vulnerability evaluation of RMSs and illustrate three case studies in which this tool was effectively used to model and assess state-of-the-art RMSs.

scholarly journals A Comparative Study of AI-Based Intrusion Detection Techniques in Critical Infrastructures

2021 ◽  
Vol 21 (4) ◽  
pp. 1-22
Author(s):  
Safa Otoum ◽  
Burak Kantarci ◽  
Hussein Mouftah
Keyword(s):  
Reinforcement Learning ◽  
Intrusion Detection ◽  
Comparative Study ◽  
Performance Metrics ◽  
Action Learning ◽  
Smart Devices ◽  
Critical Infrastructures ◽  
State Action ◽  
Detection Techniques ◽  
Depth Analysis

Volunteer computing uses Internet-connected devices (laptops, PCs, smart devices, etc.), in which their owners volunteer them as storage and computing power resources, has become an essential mechanism for resource management in numerous applications. The growth of the volume and variety of data traffic on the Internet leads to concerns on the robustness of cyberphysical systems especially for critical infrastructures. Therefore, the implementation of an efficient Intrusion Detection System for gathering such sensory data has gained vital importance. In this article, we present a comparative study of Artificial Intelligence (AI)-driven intrusion detection systems for wirelessly connected sensors that track crucial applications. Specifically, we present an in-depth analysis of the use of machine learning, deep learning and reinforcement learning solutions to recognise intrusive behavior in the collected traffic. We evaluate the proposed mechanisms by using KDD’99 as real attack dataset in our simulations. Results present the performance metrics for three different IDSs, namely the Adaptively Supervised and Clustered Hybrid IDS (ASCH-IDS), Restricted Boltzmann Machine-based Clustered IDS (RBC-IDS), and Q-learning based IDS (Q-IDS), to detect malicious behaviors. We also present the performance of different reinforcement learning techniques such as State-Action-Reward-State-Action Learning (SARSA) and the Temporal Difference learning (TD). Through simulations, we show that Q-IDS performs with detection rate while SARSA-IDS and TD-IDS perform at the order of .

Sign in / Sign up

Export Citation Format

Share Document