Cyber Attacks Analysis Using Decision Tree Technique for Improving Cyber Situational Awareness

2016 ◽  
pp. 155-172
Author(s):  
Sina Pournouri ◽  
Babak Akhgar ◽  
Petra Saskia Bayerl
Keyword(s):  
Decision Tree ◽  
Situational Awareness ◽  
Cyber Attacks

scholarly journals A Review of Cyber-Ranges and Test-Beds: Current and Future Trends

Sensors ◽  
2020 ◽  
Vol 20 (24) ◽  
pp. 7148
Author(s):  
Elochukwu Ukwandu ◽  
Mohamed Amine Ben Farah ◽  
Hanan Hindy ◽  
David Brosset ◽  
Dimitris Kavallieros ◽  
...  
Keyword(s):  
Decision Making ◽  
Situational Awareness ◽  
Cyber Attacks ◽  
Future Trends ◽  
Accurate Assessment ◽  
Comprehensive Understanding ◽  
The Future ◽  
Test Beds

Cyber situational awareness has been proven to be of value in forming a comprehensive understanding of threats and vulnerabilities within organisations, as the degree of exposure is governed by the prevailing levels of cyber-hygiene and established processes. A more accurate assessment of the security provision informs on the most vulnerable environments that necessitate more diligent management. The rapid proliferation in the automation of cyber-attacks is reducing the gap between information and operational technologies and the need to review the current levels of robustness against new sophisticated cyber-attacks, trends, technologies and mitigation countermeasures has become pressing. A deeper characterisation is also the basis with which to predict future vulnerabilities in turn guiding the most appropriate deployment technologies. Thus, refreshing established practices and the scope of the training to support the decision making of users and operators. The foundation of the training provision is the use of Cyber-Ranges (CRs) and Test-Beds (TBs), platforms/tools that help inculcate a deeper understanding of the evolution of an attack and the methodology to deploy the most impactful countermeasures to arrest breaches. In this paper, an evaluation of documented CRs and TBs platforms is evaluated. CRs and TBs are segmented by type, technology, threat scenarios, applications and the scope of attainable training. To enrich the analysis of documented CRs and TBs research and cap the study, a taxonomy is developed to provide a broader comprehension of the future of CRs and TBs. The taxonomy elaborates on the CRs/TBs dimensions, as well as, highlighting a diminishing differentiation between application areas.

scholarly journals A dynamic landslide hazard assessment system for Central America and Hispaniola

2015 ◽  
Vol 15 (10) ◽  
pp. 2257-2272 ◽  
Author(s):  
D. B. Kirschbaum ◽  
T. Stanley ◽  
J. Simmons
Keyword(s):  
Decision Tree ◽  
Real Time ◽  
Central America ◽  
Hazard Assessment ◽  
Situational Awareness ◽  
Landslide Hazard ◽  
Antecedent Rainfall ◽  
Landslide Hazard Assessment ◽  
Flexible Framework ◽  
The Caribbean

Abstract. Landslides pose a serious threat to life and property in Central America and the Caribbean Islands. In order to allow regionally coordinated situational awareness and disaster response, an online decision support system was created. At its core is a new flexible framework for evaluating potential landslide activity in near real time: Landslide Hazard Assessment for Situational Awareness. This framework was implemented in Central America and the Caribbean by integrating a regional susceptibility map and satellite-based rainfall estimates into a binary decision tree, considering both daily and antecedent rainfall. Using a regionally distributed, percentile-based threshold approach, the model outputs a pixel-by-pixel nowcast in near real time at a resolution of 30 arcsec to identify areas of moderate and high landslide hazard. The daily and antecedent rainfall thresholds in the model are calibrated using a subset of the Global Landslide Catalog in Central America available for 2007–2013. The model was then evaluated with data for 2014. Results suggest reasonable model skill over Central America and poorer performance over Hispaniola due primarily to the limited availability of calibration and validation data. The landslide model framework presented here demonstrates the capability to utilize globally available satellite products for regional landslide hazard assessment. It also provides a flexible framework to interchange the individual model components and adjust or calibrate thresholds based on access to new data and calibration sources. The availability of free satellite-based near real-time rainfall data allows the creation of similar models for any study area with a spatiotemporal record of landslide events. This method may also incorporate other hydrological or atmospheric variables such as numerical weather forecasts or satellite-based soil moisture estimates within this decision tree approach for improved hazard analysis.

scholarly journals Decision Tree Based Interference Recognition for Fog Enabled IOT Architecture

2020 ◽  
Vol 2 (1) ◽  
pp. 15-25
Author(s):  
Dr. Mugunthan S. R.
Keyword(s):  
Internet Of Things ◽  
Initial Data ◽  
Decision Tree ◽  
False Alarm ◽  
Final Stage ◽  
Cyber Attacks ◽  
The Internet ◽  
Data Set ◽  
The Internet Of Things ◽  
Decision Forest

The cyber-attacks nowadays are becoming more and more erudite causing challenges in distinguishing them and confining. These attacks affect the sensitized information’s of the network by penetrating into the network and behaving normally. The paper devises a system for such interference recognition in the internet of things architecture that is aided by the FOG. The proposed system is a combination of variety of classifiers that are founded on the decision tree as well as the rule centered conceptions. The system put forth involves the JRip and the REP tree algorithm to utilize the features of the data set as input and distinguishes between the benign and the malicious traffic in the network and includes an decision forest that is improved with the penalizing attributes of the previous trees in the final stage to classify the traffic in the network utilizing the initial data set as well as the outputs of the classifiers that were engaged in the former stages. The proffered system was examined using the dataset such BOT-Internet of things and the CICIDS2017 to evince its competence in terms of rate of false alarm, detection, and accuracy. The attained results proved that the performance of the proposed system was better compared to the exiting methodologies to recognize the interference.

Providing Cyber Situational Awareness (CSA) for PTC Using a Distributed IDS System (DIDS)

2018 ◽  
Author(s):  
Satish Kolli ◽  
Joshua Lilly ◽  
Duminda Wijesekera
Keyword(s):  
Real Time ◽  
Cyber Security ◽  
Software Defined Radio ◽  
Situational Awareness ◽  
Radio Networks ◽  
Cyber Attacks ◽  
Worker Safety ◽  
The Status ◽  
Interface Unit ◽  
Office System

American Railroads are planning to complete implementation of their Positive Train Control (PTC) systems by 2020 with the primary safety objectives of avoiding inter-train collisions, train derailments and ensuring railroad worker safety. Under published I-ETMS specifications, the onboard unit (OBU) communicates with two networks; (1) the Signaling network that conveys track warrants to occupy blocks etc. and (2) the Wayside Interface Unit (WIU) network, a sensor network situated on tracks to gather navigational information. These include the status of rail infrastructure (such as switches) and any operational hazards that may affect the intended train path. In order to facilitate timely delivery of messages, PTC systems will have a reliable radio network operating in the reserved 220MHz spectrum, although the PTC system itself is designed to be a real-time fail safe distributed control systems. Both the signaling and the WIUs communicate their information (track warrants, speed restrictions, and Beacon status) using software defined radio networks. Given that PTC systems are controlled by radio networks, they are subjected to cyber-attacks. We show a design and a prototype implementation of a PTC Cyber Situational awareness system that gathers information from WIU devices and Locomotives for the use of rail operators. In order to do so, we designed secure IDS components to reside on the On Board Units (OBU), signaling points (SP) and the WIUs that gather real-time status information and share them with the Back Office system to provide the cyber-security health of the communication fabric. Our system is able to detect and share information about command replay, hash breaking guessing and message corruption attacks.

scholarly journals Enhancing Navigator Competence by Demonstrating Maritime Cyber Security

2018 ◽  
Vol 71 (5) ◽  
pp. 1025-1039 ◽  
Author(s):  
Odd Sveinung Hareide ◽  
Øyvind Jøsok ◽  
Mass Soldal Lund ◽  
Runar Ostnes ◽  
Kirsi Helkala
Keyword(s):  
Work Environment ◽  
Information And Communication Technology ◽  
Communication Technology ◽  
Cyber Security ◽  
Situational Awareness ◽  
Cyber Attacks ◽  
The Internet ◽  
Cyber Attack ◽  
Cyber Threats ◽  
Information And Communication

As technology continues to develop, information and communication technology and operational technology on board ships are increasingly being networked, and more frequently connected to the Internet. The introduction of cyber systems changes the work environment with the aim of decreasing the workload for the navigator, but at the same time introduces more complexity and vulnerabilities that in turn may alter the competencies needed to perform safe and efficient navigation. Contemporary examples of how cyber-attacks can distort situational awareness and interfere with operations are needed to enhance the navigator's competence through increased system awareness. This paper demonstrates some of the possible attack vectors that a cyber-attack can present to a ship, as well as discussing the plausibility and consequences of such attacks. In this study we provide a practical example to better understand how one can demystify cyber threats in order to enhance the navigators' competence.

scholarly journals A dynamic landslide hazard assessment system for Central America and Hispaniola

2015 ◽  
Vol 3 (4) ◽  
pp. 2847-2882 ◽  
Author(s):  
D. B. Kirschbaum ◽  
T. Stanley ◽  
J. Simmons
Keyword(s):  
Decision Tree ◽  
Real Time ◽  
Central America ◽  
Hazard Assessment ◽  
Situational Awareness ◽  
Landslide Hazard ◽  
Antecedent Rainfall ◽  
Landslide Hazard Assessment ◽  
Flexible Framework ◽  
The Caribbean

Abstract. Landslides pose a serious threat to life and property in Central America and the Caribbean Islands. In order to allow regionally coordinated situational awareness and disaster response, an online decision support system was created. At its core is a new flexible framework for evaluating potential landslide activity in near real-time: Landslide Hazard Assessment for Situational Awareness. This framework was implemented in Central America and the Caribbean by integrating a regional susceptibility map and satellite-based rainfall estimates into a binary decision tree, considering both daily and antecedent rainfall. Using a regionally distributed, percentile-based threshold approach, the model outputs a pixel-by-pixel nowcast in near real-time at a resolution of 30 arcsec to identify areas of moderate and high landslide hazard. The daily and antecedent rainfall thresholds in the model are calibrated using a subset of the Global Landslide Catalog in Central America available for 2007–2013. The model was then evaluated with data for 2014. Results suggest reasonable model skill over Central America and poorer performance over Hispaniola, due primarily to the limited availability of calibration and validation data. The landslide model framework presented here demonstrates the capability to utilize globally available satellite products for regional landslide hazard assessment. It also provides a flexible framework to interchange the indiviual model components and adjust or calibrate thresholds based on access to new data and calibration sources. The availability of free, satellite-based near real-time rainfall data allows the creation of similar models for any study area with a spatiotemporal record of landslide events. This method may also incorporate other hydrological or atmospheric variables such as numerical weather forecasts or satellite-based soil moisture estimates within this decision tree approach for improved hazard analysis.

scholarly journals Towards Lightweight URL-Based Phishing Detection

2021 ◽  
Vol 13 (6) ◽  
pp. 154
Author(s):  
Andrei Butnaru ◽  
Alexios Mylonas ◽  
Nikolaos Pitropakis
Keyword(s):  
Situational Awareness ◽  
Initial Step ◽  
Cyber Attacks ◽  
Supervised Machine Learning ◽  
Web Browsers ◽  
Web Browsing ◽  
Security Risks ◽  
Phishing Attacks ◽  
Target Individual ◽  
One Year

Nowadays, the majority of everyday computing devices, irrespective of their size and operating system, allow access to information and online services through web browsers. However, the pervasiveness of web browsing in our daily life does not come without security risks. This widespread practice of web browsing in combination with web users’ low situational awareness against cyber attacks, exposes them to a variety of threats, such as phishing, malware and profiling. Phishing attacks can compromise a target, individual or enterprise, through social interaction alone. Moreover, in the current threat landscape phishing attacks typically serve as an attack vector or initial step in a more complex campaign. To make matters worse, past work has demonstrated the inability of denylists, which are the default phishing countermeasure, to protect users from the dynamic nature of phishing URLs. In this context, our work uses supervised machine learning to block phishing attacks, based on a novel combination of features that are extracted solely from the URL. We evaluate our performance over time with a dataset which consists of active phishing attacks and compare it with Google Safe Browsing (GSB), i.e., the default security control in most popular web browsers. We find that our work outperforms GSB in all of our experiments, as well as performs well even against phishing URLs which are active one year after our model’s training.

Sign in / Sign up

Export Citation Format

Share Document