Cyber-attack and Measuring its Risk

Cybercrime continues to emerge, with new threats surfacing every year. Every business, regardless of its size, is a potential target of cyber-attack. Cybersecurity in today's connected world is a key component of any establishment. Amidst known security threats in a virtualization environment, side-channel attacks (SCA) target most impressionable data and computations. SCA is flattering major security interests that need to be inspected from a new point of view. As a part of cybersecurity aspects, secured implementation of virtualization infrastructure is very much essential to ensure the overall security of the cloud computing environment. We require the most effective tools for threat detection, response, and reporting to safeguard business and customers from cyber-attacks. The objective of this chapter is to explore virtualization aspects of cybersecurity threats and solutions in the cloud computing environment. The authors also discuss the design of their novel ‘Flush+Flush' cache attack detection approach in a virtualized environment.

Download Full-text

Cyber Security Aspects of Virtualization in Cloud Computing Environments

Quantum Cryptography and the Future of Cyber Security - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-2253-0.ch013 ◽

2020 ◽

pp. 283-299 ◽

Cited By ~ 1

Author(s):

Darshan Mansukhbhai Tank ◽

Akshai Aggarwal ◽

Nirbhay Kumar Chaubey

Keyword(s):

Cloud Computing ◽

Cyber Security ◽

Attack Detection ◽

Cyber Attacks ◽

Point Of View ◽

Cyber Attack ◽

Computing Environment ◽

Cloud Computing Environment ◽

Detection Approach ◽

Detection Response

Cybercrime continues to emerge, with new threats surfacing every year. Every business, regardless of its size, is a potential target of cyber-attack. Cybersecurity in today's connected world is a key component of any establishment. Amidst known security threats in a virtualization environment, side-channel attacks (SCA) target most impressionable data and computations. SCA is flattering major security interests that need to be inspected from a new point of view. As a part of cybersecurity aspects, secured implementation of virtualization infrastructure is very much essential to ensure the overall security of the cloud computing environment. We require the most effective tools for threat detection, response, and reporting to safeguard business and customers from cyber-attacks. The objective of this chapter is to explore virtualization aspects of cybersecurity threats and solutions in the cloud computing environment. The authors also discuss the design of their novel ‘Flush+Flush' cache attack detection approach in a virtualized environment.

Download Full-text

Predicting Cyber-Events by Leveraging Hacker Sentiment

Information ◽

10.3390/info9110280 ◽

2018 ◽

Vol 9 (11) ◽

pp. 280 ◽

Cited By ~ 7

Author(s):

Ashok Deb ◽

Kristina Lerman ◽

Emilio Ferrara

Keyword(s):

Sentiment Analysis ◽

Predictive Power ◽

Cyber Attacks ◽

Cyber Attack ◽

Business Organizations ◽

High Profile ◽

Malicious Activity ◽

Novel Approach ◽

Community Behavior ◽

Attack Data

Recent high-profile cyber-attacks exemplify why organizations need better cyber-defenses. Cyber-threats are hard to accurately predict because attackers usually try to mask their traces. However, they often discuss exploits and techniques on hacking forums. The community behavior of the hackers may provide insights into the groups’ collective malicious activity. We propose a novel approach to predict cyber-events using sentiment analysis. We test our approach using cyber-attack data from two major business organizations. We consider three types of events: malicious software installation, malicious-destination visits, and malicious emails that surmounted the target organizations’ defenses. We construct predictive signals by applying sentiment analysis to hacker forum posts to better understand hacker behavior. We analyze over 400 K posts written between January 2016 and January 2018 on over 100 hacking forums both on the surface and dark web. We find that some forums have significantly more predictive power than others. Sentiment-based models that leverage specific forums can complement state-of-the-art time-series models on forecasting cyber-attacks weeks ahead of the events.

Download Full-text

Emerging Challenges in Smart Grid Cybersecurity Enhancement: A Review

Energies ◽

10.3390/en14051380 ◽

2021 ◽

Vol 14 (5) ◽

pp. 1380

Author(s):

Fazel Mohammadi

Keyword(s):

Smart Grid ◽

Power Systems ◽

Cost Effective ◽

Attack Detection ◽

Cyber Attacks ◽

Point Of View ◽

Computational Time ◽

Cyber Attack ◽

Factors Affecting ◽

Detection And Identification

In this paper, a brief survey of measurable factors affecting the adoption of cybersecurity enhancement methods in the smart grid is provided. From a practical point of view, it is a key point to determine to what degree the cyber resilience of power systems can be improved using cost-effective resilience enhancement methods. Numerous attempts have been made to the vital resilience of the smart grid against cyber-attacks. The recently proposed cybersecurity methods are considered in this paper, and their accuracies, computational time, and robustness against external factors in detecting and identifying False Data Injection (FDI) attacks are evaluated. There is no all-inclusive solution to fit all power systems requirements. Therefore, the recently proposed cyber-attack detection and identification methods are quantitatively compared and discussed.

Download Full-text

Securing E-Learning Systems

Information Security and Ethics ◽

10.4018/978-1-59904-937-3.ch144 ◽

2008 ◽

pp. 2139-2148

Author(s):

Michelle Ramim ◽

Yair Levy

Keyword(s):

Cyber Attacks ◽

Point Of View ◽

Learning Systems ◽

Learning System ◽

The Internet ◽

Sensitive Information ◽

Cyber Attack ◽

Policies And Procedures ◽

E Learning

The growing use of e-learning systems has been documented by numerous studies (Levy, 2005). Yet in spite of this enormous growth, little attention has been given to the issue of security of e learning systems both in research and in practice. Security of e-learning systems has a unique challenge as these systems are accessed and managed via the Internet by thousands of users over hundreds of networks. However, the Internet can pose security threats such as unauthorized access, hacking/cracking, obtaining sensitive information, and altering data and configuration, as well as enabling academic misconduct incidents (Freeh, 2000; Ramim, 2005; Sridhar & Bhasker, 2003). At the same time, cyber attacks have proliferated significantly in recent years. As a result, proper IT policies and procedures, in particular ones related to security of information systems, have become critical for organizations. This case study was written from the IS consultant’s point of view and addresses the issues related to insider cyber attacks combined with novice IT management knowledge in a small university. After a year of substantial growth to its online learning program, the university in this case study experienced a devastating event that halted all academic activities enabled by the institution’s e-learning system. This case reveals that internal cyber attack as well as lack of proper IT policies and procedures all resulted in multiple instances of damage to the e-learning system. The case provides detailed documentation on the security audit performed as well as stimulation for class discussions on actions to be taken as a result of the insider’s cyber attack. Additionally, this case study attempts to provide a starting point on discussions in the area of security related to e-learning systems. It is hoped that this case study will stimulate discussions among practitioners and researchers related to e-learning systems security, and that it will help prevent such incidents from occurring at other academic institutions.

Download Full-text

BIO-ENERGY FROM PHOTOSYNTHETIC ALLOYS FOR USE IN BIOGUALS AND BIOPRODUCTS

International Conference on Technics Technologies and Education ◽

10.15547/ictte.2019.08.089 ◽

2019 ◽

pp. 613-618

Author(s):

Petar Kazakov ◽

Atanas Iliev ◽

Emil Ivanov ◽

Dobri Rusev

Keyword(s):

Technical Progress ◽

Point Of View ◽

Energy Sustainability ◽

International Activities ◽

Made In

Significant technical progress has been made in recent years in the development of algae-based bioenergy, and much of industrial and academic R&D projects have diverged from the biofuels strategy. This report summarizes the conclusions of a recently concluded symposium analyzing the prospects for using micro- and macroalgae as a feedstock for biofuels and bioenergy. It discusses international activities for the development of bio-energy and non-energy algae bioproducts, advances in the use of macroalgae (both non-cultivated and cultivated algae). Applications for various biochemical and thermochemical uses, bio-refining capabilities for various products, as well as an in-depth review of the process from the point of view of economy and energy sustainability are also given.

Download Full-text

The invisible hole of information on SMB's cybersecurity

Online Journal of Applied Knowledge Management ◽

10.36965/ojakm.2019.7(1)14-26 ◽

2019 ◽

Vol 7 (1) ◽

pp. 14-26

Author(s):

Ruti Gafni ◽

Tal Pavel

Keyword(s):

Mass Communication ◽

Cyber Attacks ◽

Communication Media ◽

Specific Information ◽

Exploratory Research ◽

Cyber Attack ◽

Public Attention ◽

Cyber Threats ◽

Accessible Information ◽

Types Of Information

Small and Medium Businesses (SMB) use Internet and computer-based tools in their daily processes, sometimes without being aware to the cyber threats, or without knowing how to be prepared in case of a cyber-attack, although they are a major target for cyber-attacks. Specific information about cybersecurity needed by SMBs, in order to cope with cyber threats, is not always available or easily accessible. In this study, a vast search of different types of information about SMBs’ cybersecurity was performed, in order to find whether a hole of accessible information exists in this area. This exploratory research covered general mass communication media channels, technological and professional cybersecurity websites, and academic journals, and found that indeed very few studies, articles and news items were published in this matter. Leveraging knowledge and awareness, diminishing the shame for reporting cyber-attacks, and increasing mass communication media interest and public attention, may be activities to cover this “invisible hole”.

Download Full-text

Competing risks joint models using R-INLA

Statistical Modelling ◽

10.1177/1471082x20913654 ◽

2021 ◽

Vol 21 (1-2) ◽

pp. 56-71

Author(s):

Janet van Niekerk ◽

Haakon Bakka ◽

Håvard Rue

Keyword(s):

Competing Risks ◽

Count Data ◽

Joint Model ◽

Point Of View ◽

Spatial Structures ◽

Joint Models ◽

Hazard Functions ◽

Longitudinal Count Data ◽

Non Gaussian ◽

Made In

The methodological advancements made in the field of joint models are numerous. None the less, the case of competing risks joint models has largely been neglected, especially from a practitioner's point of view. In the relevant works on competing risks joint models, the assumptions of a Gaussian linear longitudinal series and proportional cause-specific hazard functions, amongst others, have remained unchallenged. In this article, we provide a framework based on R-INLA to apply competing risks joint models in a unifying way such that non-Gaussian longitudinal data, spatial structures, times-dependent splines and various latent association structures, to mention a few, are all embraced in our approach. Our motivation stems from the SANAD trial which exhibits non-linear longitudinal trajectories and competing risks for failure of treatment. We also present a discrete competing risks joint model for longitudinal count data as well as a spatial competing risks joint model as specific examples.

Download Full-text

Dilatation of Vascular Prostheses in Ascending Aortic Position: A Long-Term Follow-Up Computed Tomography Study with Comparison of Different Measurement Methods

The Thoracic and Cardiovascular Surgeon ◽

10.1055/s-0036-1597116 ◽

2016 ◽

Vol 66 (03) ◽

pp. 206-214

Author(s):

Matthias Endlich ◽

Christian Krämer ◽

Chris Probst ◽

Armin Welz ◽

Kai Wilhelm ◽

...

Keyword(s):

Computed Tomography ◽

Measurement Methods ◽

Point Of View ◽

Cross Sectional ◽

Vascular Prostheses ◽

Aortic Replacement ◽

Ascending Aortic Replacement ◽

Long Term Follow Up ◽

Methods Of Measurement

Background The aim of this study was to evaluate long-term dilatation of Hemashield Gold and Hemashield Platinum vascular prostheses in ascending aortic position using different measurement methods to obtain precise results. Methods Between 1999 and 2007, 73 patients with Stanford type A dissection received ascending aortic replacement with Hemashield Gold and Hemashield Platinum prostheses. Measurements were performed using multiplanar reconstruction mode of electrocardiogram (ECG)-gated, multislice spiral computed tomography (MSCT) in strictly orthogonal cross-sectional planes. Different methods of measurement were compared and maximum dilatation was estimated for different time spans. Results Diameters calculated from the measured circumference showed a significant (p = 0.037) but clinically not relevant difference (0.1 mm) to the mean between the largest and the shortest cross-sectional diameter of the prosthesis. Dilatation after 24.2 ± 10.2 months was 8.5 ± 4.5%. Long-term dilatation after 91.8 ± 34 months amounted to 11.8 ± 4.2%. Conclusion Based on ECG-gated MSCT images, the presented methods of measurement provided reliable results. Long-term analysis shows low dilatation rates for Hemashield prostheses, which therefore can be considered as safe from this point of view. Nevertheless, a maximal dilatation of 20% could be relevant in valve sparing root replacement. It remains unclear if a dilatation like this contributes to the formation of suture aneurysms.

Download Full-text

Greedy control of cascading failures in interdependent networks

Scientific Reports ◽

10.1038/s41598-021-82843-8 ◽

2021 ◽

Vol 11 (1) ◽

Author(s):

Malgorzata Turalska ◽

Ananthram Swami

Keyword(s):

Optimal Control ◽

Complex Systems ◽

Control Strategy ◽

Cascading Failures ◽

Optimal Control Strategy ◽

Supercritical Regime ◽

Interdependent Networks ◽

Malicious Activity ◽

Cross System ◽

Made In

AbstractComplex systems are challenging to control because the system responds to the controller in a nonlinear fashion, often incorporating feedback mechanisms. Interdependence of systems poses additional difficulties, as cross-system connections enable malicious activity to spread between layers, increasing systemic risk. In this paper we explore the conditions for an optimal control of cascading failures in a system of interdependent networks. Specifically, we study the Bak–Tang–Wiesenfeld sandpile model incorporating a control mechanism, which affects the frequency of cascades occurring in individual layers. This modification allows us to explore sandpile-like dynamics near the critical state, with supercritical region corresponding to infrequent large cascades and subcritical zone being characterized by frequent small avalanches. Topological coupling between networks introduces dependence of control settings adopted in respective layers, causing the control strategy of a given layer to be influenced by choices made in other connected networks. We find that the optimal control strategy for a layer operating in a supercritical regime is to be coupled to a layer operating in a subcritical zone, since such condition corresponds to reduced probability of inflicted avalanches. However this condition describes a parasitic relation, in which only one layer benefits. Second optimal configuration is a mutualistic one, where both layers adopt the same control strategy. Our results provide valuable insights into dynamics of cascading failures and and its control in interdependent complex systems.

Download Full-text