2nd International Symposium for ICS & SCADA Cyber Security Research 2014 (ICS-CSR 2014) - Index

Our paper notices that with a high probability the computer faced with physical attacks can be in a suspended mode. We have more interest in addressing a series of existing and plausible threats to cyber security where the opponent possesses unconventional attack capabilities. Such unconventionality includes, in our exploration t but not restricted to, crowd sourcing, physical coercion, substantial machine resources, malicious insiders, etc. Throughout this paper, we have a tendency to tend to demonstrate but our philosophy is applied to affect several exemplary eventualities of unconventional threats, and elaborate on the model systems data secrets across sleepwake cycles. Most PCs, particularly laptops, remain in rest suspend to RAM, when not in dynamic use. A vital inspect for unattended PCs in rest is that the nearness of client insider facts in framework memory. An aggressor with material approach of a computer in rest will launch side vein memory attacks, by handling liable device drivers; regular mitigations include like bugs etc. A sophisticated assailant can likewise fall back on chilly boot assaults by handling DRAM memory impact. Hypnoguard2 protects in RAM information once a laptop is in sleep simply just in case of assorted memory attacks ecosystem for every desktop and mobile platforms, the appliance of reliable computing still remains rare or exclusively by certain manufacturers. In reality, a way larger issue is that the inspiration of trust is sometimes a combination, this becomes a significant barrier for the tutorial analysis due to lack of access to hardware primitives or public documentation. We believe the high level methodology of these research topics can contribute to advancing the security research under strong adversarial assumptions, and the promotion of software hardware orchestration in protecting execution integrity therein.

Download Full-text

How We Stopped Worrying about Cyber Doom and Started Collecting Data

Politics and Governance ◽

10.17645/pag.v6i2.1368 ◽

2018 ◽

Vol 6 (2) ◽

pp. 49-60 ◽

Cited By ~ 2

Author(s):

Brandon Valeriano ◽

Ryan C. Maness

Keyword(s):

Cyber Security ◽

Research Field ◽

Security Threats ◽

Dominant Form ◽

Policy Positions ◽

Security Research ◽

The Future ◽

Cyber War ◽

General Tone ◽

Research And Policy

Moderate and measured takes on cyber security threats are swamped by the recent flood of research and policy positions in the cyber research field offering hyperbolic perspectives based on limited observations. This skewed perspective suggests constant cyber disasters that are confronting humanity constantly. The general tone of the debate argues that cyber war is already upon us and our future will only witness more cyber doom. However, these hyperbolic perspectives are being countered by empirical investigations that produce the opposite of what is to be expected. It is generally observed that limited cyber engagements throughout the geopolitical system are the dominant form of interaction. Our task here is to offer a different path forward. We first posit what can be known about cyber security interactions with data as well as what cannot. Where is the water’s edge in cyber security research? We then examine the known works in the field that utilize data and evidence to examine cyber security processes. Finally, we conclude with an offering of what types of studies need to be done in the future to move the field forward, away from the prognostication and generalizations so typical in the discourse in this constantly changing and growing field.

Download Full-text

Game Based Cyber Security Training: are Serious Games suitable for cyber security training?

International Journal of Serious Games ◽

10.17083/ijsg.v3i1.107 ◽

2016 ◽

Vol 3 (1) ◽

Cited By ~ 32

Author(s):

Maurice Hendrix ◽

Ali Al-Sherbaz ◽

Victoria Bloom

Keyword(s):

Cyber Security ◽

Serious Games ◽

Behavioural Change ◽

Short Term ◽

High Profile ◽

Security Research ◽

Short Period ◽

Security Training ◽

Almost All ◽

And Training

Security research and training is attracting a lot of investment and interest from governments and the private sector. Most efforts have focused on physical security, while cyber security or digital security has been given less importance. With recent high-profile attacks it has become clear that training in cyber security is needed. Serious Games have the capability to be effective tools for public engagement and behavioural change and role play games, are already used by security professionals. Thus cyber security seems especially well-suited to Serious Games. This paper investigates whether games can be effective cyber security training tools. The study is conducted by means of a structured literature review supplemented with a general web search.While there are early positive indications there is not yet enough evidence to draw any definite conclusions. There is a clear gap in target audience with almost all products and studies targeting the general public and very little attention given to IT professionals and managers. The products and studies also mostly work over a short period, while it is known that short-term interventions are not particularly effective at affecting behavioural change.

Download Full-text