scholarly journals Cyber-Attack Scoring Model Based on the Offensive Cybersecurity Framework

2021 ◽  
Vol 11 (16) ◽  
pp. 7738
Author(s):  
Kyounggon Kim ◽  
Faisal Abdulaziz Alfouzan ◽  
Huykang Kim

Cyber-attacks have become commonplace in the world of the Internet. The nature of cyber-attacks is gradually changing. Early cyber-attacks were usually conducted by curious personal hackers who used simple techniques to hack homepages and steal personal information. Lately, cyber attackers have started using sophisticated cyber-attack techniques that enable them to retrieve national confidential information beyond the theft of personal information or defacing websites. These sophisticated and advanced cyber-attacks can disrupt the critical infrastructures of a nation. Much research regarding cyber-attacks has been conducted; however, there has been a lack of research related to measuring cyber-attacks from the perspective of offensive cybersecurity. This motivated us to propose a methodology for quantifying cyber-attacks such that they are measurable rather than abstract. For this purpose, we identified each element of offensive cybersecurity used in cyber-attacks. We also investigated the extent to which the detailed techniques identified in the offensive cyber-security framework were used, by analyzing cyber-attacks. Based on these investigations, the complexity and intensity of cyber-attacks can be measured and quantified. We evaluated advanced persistent threats (APT) and fileless cyber-attacks that occurred between 2010 and 2020 based on the methodology we developed. Based on our research methodology, we expect that researchers will be able to measure future cyber-attacks.

2021 ◽  
Vol 9 (12) ◽  
pp. 669-710
Author(s):  
Dr.Yusuf Perwej ◽  
Syed Qamar Abbas ◽  
Jai Pratap Dixit ◽  
Dr. Nikhat Akhtar ◽  
Anurag Kumar Jaiswal

In recent years, the Internet has become an integral element of people's everyday lifestyles all across the world. Online criminality, on the other hand, has risen in tandem with the growth of Internet activity. Cyber security has advanced greatly in recent years in order to keep up with the rapid changes that occur in cyberspace. Cyber security refers to the methods that a country or organization can use to safeguard its products and information in cyberspace.  Two decades ago, the term "cyber security" was barely recognized by the general public. Cyber security isn't just a problem that affects individuals but it also applies to an organization or a government. Everything has recently been digitized, with cybernetics employing a variety of technologies such as cloud computing, smart phones, and Internet of Things techniques, among others. Cyber-attacks are raising concerns about privacy, security, and financial compensation. Cyber security is a set of technologies, processes, and practices aimed at preventing attacks, damage, and illegal access to networks, computers, programmes, and data.  The primary goal of this article is to conduct a thorough examination of cyber security kinds, why cyber security is important, cyber security framework, cyber security tools, and cyber security difficulties. Cyber security safeguards the data and integrity of computing assets that are part of or connected to an organization's network, with the goal of defending such assets from all threat actors throughout the life cycle of a cyber-attack.


2020 ◽  
Vol 3 (1) ◽  
Author(s):  
Ivana Cesarec

States, organizations and individuals are becoming targets of both individual and state-sponsored cyber-attacks, by those who recognize the impact of disrupting security systems and effect to people and governments. The energy sector is seen as one of the main targets of cyber-attacks against critical infrastructure, but transport, public sector services, telecommunications and critical (manufacturing) industries are also very vulnerable. One of most used example of cyber-attack is the Ukraine power grid attack in 2015 that left 230,000 people without power for up to 6 hours. Another most high profile example of a cyber-attack against critical infrastructure is the Stuxnet computer virus (first used on Iranian nuclear facility) which could be adapted to attack the SCADA systems (industrial control systems) used by many critical infrastructures in Europe.Wide range of critical infrastructure sectors are reliant on industrial control systems for monitoring processes and controlling physical devices (sensors, pumps, etc.) and for that reason, physical connected devices that support industrial processes are becoming more vulnerable. Not all critical infrastructure operators in all sectors are adequately prepared to manage protection (and raise resilience) effectively across both cyber and physical environments. Additionally there are few challenges in implementation of protection measures, such as lack of collaboration between private and public sector and low levels of awareness on existence of national key legislation.From supranational aspect, in relation to this papers topic, the European Union has took first step in defense to cyber threats in 2016 with „Directive on security of network and information systems“ (NIS Directive) by prescribing member states to adopt more rigid cyber-security standards. The aim of directive is to improve the deterrent and increase the EU’s defenses and reactions to cyber attacks by expanding the cyber security capacity, increasing collaboration at an EU level and introducing measures to prevent risk and handle cyber incidents. There are lot of other „supporting tools“ for Member States countries, such as European Union Agency for Network and Information Security – ENISA (which organize regular cyber security exercises at an EU level, including a large and comprehensive exercise every two years, raising preparedness of EU states); Network of National Coordination Centers and the European Cybersecurity Industrial, Technology and Research Competence Centre; and Coordinated response to major cyber security incidents and crises (Blueprint) with aim to ensure a rapid and coordinated response to large-scale cyber attacks by setting out suitable processes within the EU.Yet, not all Member States share the same capacities for achieving the highest level of cyber-security. They need to continuously work on enhancing the capability of defense against cyber threats as increased risk to state institutions information and communication systems but also the critical infrastructure objects. In Southeast Europe there are few additional challenges – some countries even don't have designated critical infrastructures (lower level of protection; lack of „clear vision“ of criticality) and critical infrastructures are only perceived through physical prism; non-EU countries are not obligated to follow requirements of European Union and its legislation, and there are interdependencies and transboundary cross-sector effects that needs to be taken in consideration. Critical infrastructure Protection (CIP) is the primary area of action, and for some of SEE countries (like the Republic of Croatia) the implementation of cyber security provisions just complements comprehensive activities which are focused on physical protection.This paper will analyze few segments of how SEE countries cope with new security challenges and on which level are they prepared for cyber-attacks and threats: 1. Which security mechanisms they use; 2. The existing legislation (Acts, Strategies, Plan of Action, etc.) related to cyber threats in correlation with strategic critical infrastructure protection documents. Analysis will have two perspectives: from EU member states and from non-EU member states point of view. Additionally, for EU member states it will be analyzed if there were any cyber security legislation before NIS directive that meets same aims. The aim of research is to have an overall picture of efforts in region regarding cyber-security as possibility for improvement thorough cooperation, organizational measures, etc. providing also some recommendations to reduce the gap in the level of cyber-security development with other regions of EU.


Due to the ubiquity of the internet in all the lines of the disciplines, cyber security becomes essential in day to day life. To make the cyber assets resilient from the challenging attacks like Advanced Persistent Threats (APT), the experts needs a strategic rules and proactive decision-making models The Caldera is a adversarial emulator for both blue and red team to test the APT along with the cyber kill chain(CKC).The resilience could be achieved when the blue team and red team work together in analyzing the cyber threats based on the probabilistic of creating adversarial profile with different characteristic helps in finding the priority of the assets of the organization from the point of an adversary in launching the cyber -attack.


Communities and states are targets of cyber-attacks. Cities are popular because of generally lax cybersecurity postures and the fact that they have money. States and communities also have personal information on citizens, which can be used for identity theft. With the realization they are becoming frequent targets, communities are looking to enhance their cybersecurity programs, but many do not know where or how to start. The community cyber security maturity model is designed for this purpose – to help states and communities to develop their own viable and sustainable cybersecurity programs. There has also been considerable media attention on the NIST Cyber Security Framework. This is a program designed for organizations, and it contains a lot of good information organizations can use to enhance their cybersecurity posture. From a whole community perspective, however, it is not as useful though there are parts of it that are applicable to a community.


2018 ◽  
Vol 71 (5) ◽  
pp. 1025-1039 ◽  
Author(s):  
Odd Sveinung Hareide ◽  
Øyvind Jøsok ◽  
Mass Soldal Lund ◽  
Runar Ostnes ◽  
Kirsi Helkala

As technology continues to develop, information and communication technology and operational technology on board ships are increasingly being networked, and more frequently connected to the Internet. The introduction of cyber systems changes the work environment with the aim of decreasing the workload for the navigator, but at the same time introduces more complexity and vulnerabilities that in turn may alter the competencies needed to perform safe and efficient navigation. Contemporary examples of how cyber-attacks can distort situational awareness and interfere with operations are needed to enhance the navigator's competence through increased system awareness. This paper demonstrates some of the possible attack vectors that a cyber-attack can present to a ship, as well as discussing the plausibility and consequences of such attacks. In this study we provide a practical example to better understand how one can demystify cyber threats in order to enhance the navigators' competence.


Author(s):  
Alaa Hussein Al-Hamami

Through commercial networks and across the Internet, there are data files, millions of images and videos, and trillions of messages flow each day to drive the world economy. This vast electronic infrastructure is what our nation depends on. To commit crime by using a computer and communication to forge a person's identity, illegal imports or malicious programs, the computer here is used as an object or subject for the cybercrime. Most of the online activities are vulnerable to intrusion and can compromise personal safety just as effectively as common everyday crimes. This chapter concentrates on explaining and discussing the terms of cyber security, cybercrimes, and cyber-attacks. A history for each term has been given and the problems of cyber security have been discussed. Finally, a proposed solution has been suggested and future trends have been forecasted, and at the end of the chapter a conclusion will be given.


Author(s):  
Sachin Umrao

This chapter is structured around the concepts of risk analysis due to underwater deployment of the cables for data transfer. Most of the organizations have deployed their networks below the water for shortening the distances between peers and also to reduce the physical destruction cost of cables. Furthermore, some organizations like Google kept their servers below the water because it reduced the cost of getting it cool, which in turn increases the efficiency. However, security consultants around the world in recent past expressed their considerations that a cyber-attack on these servers or cables might result in miserable economic collision. This might be overstated but there are infrequent situations in which cable breakage could be riotous. Although organizations cannot rule the threat of attacks on these apparatuses, there are fewer check measures that could reduce the possible attack chances in underwater communication.


Author(s):  
Norman Schneidewind

There is little evidence that the world is more secure from a major cyber attack than in 2000 because attacks on the Internet go on unabated . In addition to calling for new legislation and oversight, this chapter serves as a source of information about cyber security that domestic and international security analysts can use as a resource for understanding the critical issues and as a guide for preparing for hearings and legislative initiatives.


2018 ◽  
pp. 1438-1453
Author(s):  
Alaa Hussein Al-Hamami

Through commercial networks and across the Internet, there are data files, millions of images and videos, and trillions of messages flow each day to drive the world economy. This vast electronic infrastructure is what our nation depends on. To commit crime by using a computer and communication to forge a person's identity, illegal imports or malicious programs, the computer here is used as an object or subject for the cybercrime. Most of the online activities are vulnerable to intrusion and can compromise personal safety just as effectively as common everyday crimes. This chapter concentrates on explaining and discussing the terms of cyber security, cybercrimes, and cyber-attacks. A history for each term has been given and the problems of cyber security have been discussed. Finally, a proposed solution has been suggested and future trends have been forecasted, and at the end of the chapter a conclusion will be given.


2022 ◽  
Vol 14 (1) ◽  
pp. 0-0

In the domain of cyber security, the defence mechanisms of networks has traditionally been placed in a reactionary role. Cyber security professionals are therefore disadvantaged in a cyber-attack situation due to the fact that it is vital that they maneuver such attacks before the network is totally compromised. In this paper, we utilize the Betweenness Centrality network measure (social property) to discover possible cyber-attack paths and then employ computation of similar personality of nodes/users to generate predictions about possible attacks within the network. Our method proposes a social recommender algorithm called socially-aware recommendation of cyber-attack paths (SARCP), as an attack predictor in the cyber security defence domain. In a social network, SARCP exploits and delivers all possible paths which can result in cyber-attacks. Using a real-world dataset and relevant evaluation metrics, experimental results in the paper show that our proposed method is favorable and effective.


Sign in / Sign up

Export Citation Format

Share Document