scholarly journals Attack Analysis Framework for Cyber-Attack and Defense Test Platform

Electronics ◽  
2020 ◽  
Vol 9 (9) ◽  
pp. 1413
Author(s):  
Yulu Qi ◽  
Rong Jiang ◽  
Yan Jia ◽  
Aiping Li
Keyword(s):  
Association Analysis ◽  
Cyber Security ◽  
Rational Expectation ◽  
Automated Analysis ◽  
Knowledge Graph ◽  
Rule Base ◽  
Time Interval ◽  
Cyber Attack ◽  
Analysis Framework ◽  
Attack And Defense

In 2012, Google first proposed the knowledge graph and applied it in the field of intelligent searching. Subsequently, knowledge graphs have been used for in-depth association analysis in different fields. In recent years, composite attacks have been discovered through association analysis in the field of cyber security. This paper proposes an attack analysis framework for cyber-attack and defense test platforms, which stores prior knowledge in a cyber security knowledge graph and attack rule base as data that can be understood by a computer, sets the time interval of analysis on the Spark framework, and then mines attack chains from massive data with spatiotemporal constraints, so as to achieve the balance between automated analysis and real-time accurate performance. The experimental results show that the analysis accuracy depends on the completeness of the cyber security knowledge graph and the precision of the detection results from security equipment. With the rational expectation about more exposure of attacks and faster upgrade of security equipment, it is necessary and meaningful to constantly improve the cyber security knowledge graph in the attack analysis framework.

scholarly journals Cyber War - Trends and Technologies

2021 ◽  
Vol 21 (3) ◽  
pp. 65-94
Author(s):  
Darko Trifunović ◽  
Zoran Bjelica
Keyword(s):  
Cyber Security ◽  
Soft Power ◽  
Security Policy ◽  
Security Level ◽  
Cyber Warfare ◽  
Cyber Attack ◽  
Short Period ◽  
Attack And Defense ◽  
Cyber War

Cyberspace has become an indispensable part in which special operations such as cyber war or warfare take place. The role of special war as the use of so-called soft power was emphasized. The country's number of potential adversaries in cyber warfare is unlimited, making highly endangered aspects of cyber civilian infrastructure, which is essentially military readiness, including the mobilization of forces through the civilian sector, also a likely target. A special type of cyber war or warfare is hybrid warfare. This type of warfare is increasingly resorted to because it is extremely cheaper than the conventional method of warfare and at the same time brings exceptional results. The first thing that affects cyber security policy analysts comes with the issue of neutrality, as well as the huge variety of assessments about future attack and defense technologies. There is also a consideration that the new (problematic) cyber technology will be deployed in a short period of time, in time periods, in just a few days in terms of warnings. Second, is the trends in cyber-attack and defense technologies and who is following those processes. Third, decision making technology having in mind high-performance computers, technologies that are well known, although rapidly evolving, are increasingly seen as a basic means of managing cyber defense at the national military and security level, as well as a new weapon in the hands of opponents. Fourth, role of intelligence in planning future scenarios for defense against hybrid or any other cyber threat/s.

SARCP - Exploiting Cyber-Attack Prediction Through Socially-Aware Recommendation

2022 ◽  
Vol 14 (1) ◽  
pp. 0-0
Keyword(s):  
Social Network ◽  
Real World ◽  
Cyber Security ◽  
Betweenness Centrality ◽  
Cyber Attacks ◽  
Experimental Results ◽  
Cyber Attack ◽  
Defence Mechanisms ◽  
Network Measure ◽  
Recommender Algorithm

In the domain of cyber security, the defence mechanisms of networks has traditionally been placed in a reactionary role. Cyber security professionals are therefore disadvantaged in a cyber-attack situation due to the fact that it is vital that they maneuver such attacks before the network is totally compromised. In this paper, we utilize the Betweenness Centrality network measure (social property) to discover possible cyber-attack paths and then employ computation of similar personality of nodes/users to generate predictions about possible attacks within the network. Our method proposes a social recommender algorithm called socially-aware recommendation of cyber-attack paths (SARCP), as an attack predictor in the cyber security defence domain. In a social network, SARCP exploits and delivers all possible paths which can result in cyber-attacks. Using a real-world dataset and relevant evaluation metrics, experimental results in the paper show that our proposed method is favorable and effective.

scholarly journals Cyber Attacks on Critical Infrastructure

2016 ◽  
pp. 448-465
Author(s):  
Ana Kovacevic ◽  
Dragana Nikolic
Keyword(s):  
Control Systems ◽  
Cyber Security ◽  
Critical Infrastructure ◽  
Cyber Attacks ◽  
Cyber Attack ◽  
Future Directions ◽  
Infrastructure Systems ◽  
Cyber Threats ◽  
Scada Systems ◽  
Insight Into

We are facing the expansion of cyber incidents, and they are becoming more severe. This results in the necessity to improve security, especially in the vulnerable field of critical infrastructure. One of the problems in the security of critical infrastructures is the level of awareness related to the effect of cyberattacks. The threat to critical infrastructure is real, so it is necessary to be aware of it and anticipate, predict, and prepare against a cyber attack. The main reason for the escalation of cyberattacks in the field of Critical Infrastructure (CI) may be that most control systems used for CI do not utilise propriety protocols and software anymore; they instead utilise standard solutions. As a result, critical infrastructure systems are more than ever before becoming vulnerable and exposed to cyber threats. It is important to get an insight into what attack types occur, as this may help direct cyber security efforts. In this chapter, the authors present vulnerabilities of SCADA systems against cyber attack, analyse and classify existing cyber attacks, and give future directions to achieve better security of SCADA systems.

Cyber Security in Banking Sector

2019 ◽  
Vol 8 (2) ◽  
pp. 39-52
Author(s):  
Michael BEST ◽  
Lachezar KRUMOV ◽  
Ioan BACIVAROV
Keyword(s):  
Financial Institutions ◽  
Cyber Security ◽  
Banking Sector ◽  
Paper Analysis ◽  
Cyber Attacks ◽  
Cyber Attack ◽  
Network Graph ◽  
Bottom Line ◽  
Security Controls ◽  
Bank Robbery

Because banks are very often target of a cyber-attack, they have also good security controls in place. This paper analysis modern threats to banks and proposes an approach to detect and visualize the risk of data leakage. In the first part of this paper, a comparative analysis of the most common threats to the banking sector is made, based on both bank reports and cyber security companies. The authors came to the conclusion that at the bottom line, insider knowledge is necessary, which is the result of data leakage. This paper comparatively analysis modern threats to banks and shows an approach to detect and visualize the risk of data leakage. In the second part of the paper, a model - based on network graph - that can enumerate the risk of data leakage is proposed. Graphing a network of an organization with the connections of data flow between assets and actors can identify insecure connections that may lead to data leakage. As is demonstrated in this paper, financial institutions are important targets of cyber attacks. Consequently, the financial sector must invest heavily in cybersecurity and find the best ways to counter cyber attacks and cyber bank robbery attempts.

Cyber Attacks on Critical Infrastructure

2015 ◽  
pp. 1-18 ◽  
Author(s):  
Ana Kovacevic ◽  
Dragana Nikolic
Keyword(s):  
Control Systems ◽  
Cyber Security ◽  
Critical Infrastructure ◽  
Cyber Attacks ◽  
Cyber Attack ◽  
Future Directions ◽  
Infrastructure Systems ◽  
Cyber Threats ◽  
Scada Systems ◽  
Insight Into

We are facing the expansion of cyber incidents, and they are becoming more severe. This results in the necessity to improve security, especially in the vulnerable field of critical infrastructure. One of the problems in the security of critical infrastructures is the level of awareness related to the effect of cyberattacks. The threat to critical infrastructure is real, so it is necessary to be aware of it and anticipate, predict, and prepare against a cyber attack. The main reason for the escalation of cyberattacks in the field of Critical Infrastructure (CI) may be that most control systems used for CI do not utilise propriety protocols and software anymore; they instead utilise standard solutions. As a result, critical infrastructure systems are more than ever before becoming vulnerable and exposed to cyber threats. It is important to get an insight into what attack types occur, as this may help direct cyber security efforts. In this chapter, the authors present vulnerabilities of SCADA systems against cyber attack, analyse and classify existing cyber attacks, and give future directions to achieve better security of SCADA systems.

Cyber Security Aspects of Virtualization in Cloud Computing Environments

2021 ◽  
pp. 1658-1671
Author(s):  
Darshan Mansukhbhai Tank ◽  
Akshai Aggarwal ◽  
Nirbhay Kumar Chaubey
Keyword(s):  
Cloud Computing ◽  
Cyber Security ◽  
Attack Detection ◽  
Cyber Attacks ◽  
Point Of View ◽  
Cyber Attack ◽  
Computing Environment ◽  
Cloud Computing Environment ◽  
Detection Approach ◽  
Detection Response

Cybercrime continues to emerge, with new threats surfacing every year. Every business, regardless of its size, is a potential target of cyber-attack. Cybersecurity in today's connected world is a key component of any establishment. Amidst known security threats in a virtualization environment, side-channel attacks (SCA) target most impressionable data and computations. SCA is flattering major security interests that need to be inspected from a new point of view. As a part of cybersecurity aspects, secured implementation of virtualization infrastructure is very much essential to ensure the overall security of the cloud computing environment. We require the most effective tools for threat detection, response, and reporting to safeguard business and customers from cyber-attacks. The objective of this chapter is to explore virtualization aspects of cybersecurity threats and solutions in the cloud computing environment. The authors also discuss the design of their novel ‘Flush+Flush' cache attack detection approach in a virtualized environment.

16. The Rise of Cyberpower

2015 ◽  
Author(s):  
John B. Sheldon
Keyword(s):  
Cyber Security ◽  
Modern Society ◽  
Communication Technologies ◽  
First Century ◽  
Information Communication Technologies ◽  
Military Force ◽  
Cyber Attack ◽  
Information Communication ◽  
Rapid Spread ◽  
Revolution In Military Affairs

This chapter examines the rise of cyberpower and its implications for strategy. The rapid spread of information-communication technologies around the world created a globally connected domain called cyberspace. Nearly every function of modern society is enabled by cyberspace. This is both an advantage and a serious vulnerability. The pervasiveness of cyberspace, along with the growing importance of cyberpower, is influencing international politics and the use of military force in the twenty-first century in a variety of ways. The chapter begins with a discussion of relevant terms and definitions before discussing cyberspace, cyberpower, and the infosphere. It then considers how cyberspace has become a place of constant conflict, focusing in particular on the problem of cyber security as well as the challenges and unknowns of cyber-attack. It concludes by reflecting on the potential of cyberpower to spark a revolution in military affairs.

Sign in / Sign up

Export Citation Format

Share Document