scholarly journals Cyber-Attack Penetration Test and Vulnerability Analysis

2017 ◽  
Vol 13 (01) ◽  
pp. 125 ◽  
Author(s):  
Deris Stiawan ◽  
Mohd. Yazid Idris ◽  
Abdul Hanan Abdullah ◽  
Fahad Aljaber ◽  
Rahmat Budiarto
Keyword(s):  
Information Systems ◽  
Personal Information ◽  
Vulnerability Analysis ◽  
Cyber Attacks ◽  
Security System ◽  
Cyber Attack ◽  
Penetration Test ◽  
Network Systems ◽  
Defense Systems ◽  
Security Officers

<p class="Abstract">Hacking attempts or cyber-attacks to information systems have recently evolved to be sophisticated and deadly, resulting in such incidents as leakage of personal information and system destruction. While various security solutions to cope with these risks are being developed and deployed, it is still necessary to systematically consider the methods to enhance the existing security system and build more effective defense systems. Under this circumstance, it is necessary to identify the latest types of attacks attempted to the primary security system.<span lang="IN"> This paper analyzes cyber attack techniques as well as the anatomy of penetration test in order to assist security officers to perform appropriate self security assesment on their network systems. </span></p>

Comparing Single Tier and Three Tier Infrastructure Designs against DDoS Attacks

2017 ◽  
Vol 7 (3) ◽  
pp. 59-75 ◽  
Author(s):  
Akashdeep Bhardwaj ◽  
Sam Goundar
Keyword(s):  
Data Center ◽  
Denial Of Service ◽  
Cyber Attacks ◽  
Cyber Attack ◽  
Ddos Attacks ◽  
Design Data ◽  
Application Performance ◽  
Server Virtualization ◽  
Security Officers ◽  
Cloud Environments

With the rise in cyber-attacks on cloud environments like Brute Force, Malware or Distributed Denial of Service attacks, information security officers and data center administrators have a monumental task on hand. Organizations design data center and service delivery with the aim of catering to maximize device provisioning & availability, improve application performance, ensure better server virtualization and end up securing data centers using security solutions at internet edge protection level. These security solutions prove to be largely inadequate in times of a DDoS cyber-attack. In this paper, traditional data center design is reviewed and compared to the proposed three tier data center. The resilience to withstand against DDoS attacks is measured for Real User Monitoring parameters, compared for the two infrastructure designs and the data is validated using T-Test.

Economic Impact of Cyber Attacks on Critical Infrastructures

2019 ◽  
pp. 291-314
Author(s):  
Merve Şener
Keyword(s):  
Economic Impact ◽  
Critical Infrastructure ◽  
Cyber Attacks ◽  
Economic Losses ◽  
Critical Infrastructures ◽  
Cyber Attack ◽  
Network Systems ◽  
Financial Losses

Critical infrastructures ensure that activities that are vital and important for individuals can be safely delivered to the society uninterruptedly. The damage on these critical infrastructures caused by cyber-attacks whose control is carried out through computers and network systems is very large. Cyber-attacks directly or indirectly affect companies, institutions, and organizations economically and cause great financial losses. In this chapter, two different categories, energy and finance sector, which are described as critical infrastructure, are discussed; cyber-attacks carried out on these sectors, cyber-attack weapons, and economic losses caused by these attacks are examined.

Comparing Single Tier and Three Tier Infrastructure Designs against DDoS Attacks

2021 ◽  
pp. 541-558
Author(s):  
Akashdeep Bhardwaj ◽  
Sam Goundar
Keyword(s):  
Data Center ◽  
Denial Of Service ◽  
Cyber Attacks ◽  
Cyber Attack ◽  
Ddos Attacks ◽  
Design Data ◽  
Application Performance ◽  
Server Virtualization ◽  
Security Officers ◽  
Cloud Environments

With the rise in cyber-attacks on cloud environments like Brute Force, Malware or Distributed Denial of Service attacks, information security officers and data center administrators have a monumental task on hand. Organizations design data center and service delivery with the aim of catering to maximize device provisioning & availability, improve application performance, ensure better server virtualization and end up securing data centers using security solutions at internet edge protection level. These security solutions prove to be largely inadequate in times of a DDoS cyber-attack. In this paper, traditional data center design is reviewed and compared to the proposed three tier data center. The resilience to withstand against DDoS attacks is measured for Real User Monitoring parameters, compared for the two infrastructure designs and the data is validated using T-Test.

scholarly journals Cyber-Attack Scoring Model Based on the Offensive Cybersecurity Framework

2021 ◽  
Vol 11 (16) ◽  
pp. 7738
Author(s):  
Kyounggon Kim ◽  
Faisal Abdulaziz Alfouzan ◽  
Huykang Kim
Keyword(s):  
Cyber Security ◽  
Personal Information ◽  
Cyber Attacks ◽  
The Internet ◽  
Critical Infrastructures ◽  
Cyber Attack ◽  
Security Framework ◽  
Scoring Model ◽  
Advanced Persistent Threats ◽  
The World

Cyber-attacks have become commonplace in the world of the Internet. The nature of cyber-attacks is gradually changing. Early cyber-attacks were usually conducted by curious personal hackers who used simple techniques to hack homepages and steal personal information. Lately, cyber attackers have started using sophisticated cyber-attack techniques that enable them to retrieve national confidential information beyond the theft of personal information or defacing websites. These sophisticated and advanced cyber-attacks can disrupt the critical infrastructures of a nation. Much research regarding cyber-attacks has been conducted; however, there has been a lack of research related to measuring cyber-attacks from the perspective of offensive cybersecurity. This motivated us to propose a methodology for quantifying cyber-attacks such that they are measurable rather than abstract. For this purpose, we identified each element of offensive cybersecurity used in cyber-attacks. We also investigated the extent to which the detailed techniques identified in the offensive cyber-security framework were used, by analyzing cyber-attacks. Based on these investigations, the complexity and intensity of cyber-attacks can be measured and quantified. We evaluated advanced persistent threats (APT) and fileless cyber-attacks that occurred between 2010 and 2020 based on the methodology we developed. Based on our research methodology, we expect that researchers will be able to measure future cyber-attacks.

The Value of Personal Information

2016 ◽  
pp. 161-180
Author(s):  
K.Y Williams ◽  
Dana-Marie Thomas ◽  
LaToya N. Johnson
Keyword(s):  
Personal Information ◽  
Cyber Attacks ◽  
Insider Threat ◽  
Cyber Attack ◽  
Data Loss ◽  
Computing Systems ◽  
Types Of Information ◽  
Network Software

Many cyber-attacks that result in data loss can be prevented if the target of the cyber-attack is properly prepared, has the necessary and latest defenses in place, and is constantly monitoring for attacks and intrusions. Whether those cyber-attacks occur as a result of user error; network issues (password files being created and distributed to a list of people); direct assaults (direct intrusion via a designed hack, system flaw, or exploitation of a known network/software issue); or due to an insider-threat (giving a password to a trusted co-worker who then uses it for other means) one aspect of prevention that must be addressed is the need for better security and additional layers of protection on the data that resides on the servers and in computing systems. With up-to-date protocols, reduced access to the system, and compartmentalization of information, it is possible to reduce the amount and type of data that is lost in many cyber-attacks. This chapter explores five types of information that are targeted during cyber-attacks, and discuss why this information is of importance.

scholarly journals Approach To Ship’s It And Ot Systems Cybersecurity Improvement

2021 ◽  
Vol 93 (7s) ◽  
pp. 185-196
Author(s):  
Stoyno Stoynov ◽  
◽  
Borislav Nikolov ◽  
Keyword(s):  
Information Systems ◽  
Cyber Attacks ◽  
Security Level ◽  
Cyber Attack ◽  
Maritime Industry ◽  
Rare Occurrence ◽  
Modern Methods ◽  
Trained Staff ◽  
Ship Security ◽  
Technical Solutions

Daily cyber-attacks on ships’ IT and OT systems are not a rare occurrence anymore. This has been taken into account in recent years and the IMO has issued directives and circulars with recommendations for increasing the cybersecurity of ship information systems as part of the overall ship security system. The effect of a successful cyber-attack of any kind, on elements of the ship’s IT and OT systems, can have a disastrous impact not only on the ship itself but also on the environment. While modern ships can be designed and all modern methods implemented to reduce and prevent the possibility of cyber-attacks onboard existing ships, it is not possible to achieve this security level and it is necessary to implement various solutions. At the same time, the ships’ crew is declining worldwide and most ships do not have IT officers or trained staff onboard to maintain the ship’s information systems. Because of that, the solutions that need to be put in place to increase the security of ship’s information systems must be easy to implement, use, and maintain. This article examines the need and some technical solutions that can be used to improve the cybersecurity of ship’s IT and OT systems in response to the existing cyber-attacks and threats in the global shipping and maritime industry.

The Value of Personal Information

2016 ◽  
pp. 308-326
Author(s):  
K.Y Williams ◽  
Dana-Marie Thomas ◽  
LaToya N. Johnson
Keyword(s):  
Personal Information ◽  
Cyber Attacks ◽  
Insider Threat ◽  
Cyber Attack ◽  
Data Loss ◽  
Computing Systems ◽  
Types Of Information ◽  
Network Software

Many cyber-attacks that result in data loss can be prevented if the target of the cyber-attack is properly prepared, has the necessary and latest defenses in place, and is constantly monitoring for attacks and intrusions. Whether those cyber-attacks occur as a result of user error; network issues (password files being created and distributed to a list of people); direct assaults (direct intrusion via a designed hack, system flaw, or exploitation of a known network/software issue); or due to an insider-threat (giving a password to a trusted co-worker who then uses it for other means) one aspect of prevention that must be addressed is the need for better security and additional layers of protection on the data that resides on the servers and in computing systems. With up-to-date protocols, reduced access to the system, and compartmentalization of information, it is possible to reduce the amount and type of data that is lost in many cyber-attacks. This chapter explores five types of information that are targeted during cyber-attacks, and discuss why this information is of importance.

scholarly journals Vulnerability Analysis of Existing Distributed Denial of Service (DDoS) Defense Frameworks

2018 ◽  
Vol 7 (3) ◽  
pp. 62-67
Author(s):  
Shaveta Gupta ◽  
Dinesh Grover ◽  
Abhinav Bhandari
Keyword(s):  
Defense Mechanism ◽  
Denial Of Service ◽  
False Negative ◽  
Vulnerability Analysis ◽  
Cyber Attacks ◽  
Distributed Denial Of Service ◽  
Cyber Attack ◽  
Detection Time ◽  
Ddos Attack ◽  
The World

The world is quickly moving towards an era of digitization. Scope and volume of the network are becoming vast that makes these machines more prone to cyber-attack due to vulnerabilities of the network. There are various types of cyber-attacks but most common and equally impactful is DDOS attack. A foolproof defense mechanism is need of the hour. Analysis of various existing defense mechanism frameworks has been done and their shortcomings have been reported by us. This analysis will help to define a framework which can provide better accuracy, lesser detection time and reduced false negative and positive rates. It will further ensure better response and mitigation against the attack.

KEMAMPUAN TEKNIK PERSONAL SISTEM INFORMASI, UKURAN ORGANISASI, KETERLIBATAN PEMAKAI DALAM SISTEM TERHADAP KINERJA SISTEM INFORMASI AKUNTANSI

2020 ◽  
Vol 5 (2) ◽  
pp. 175-184
Author(s):  
Prapti Ningsih ◽  
Danang Mintoyuwono ◽  
Wianda Bias Intan Sepvie
Keyword(s):  
Information Systems ◽  
Significant Influence ◽  
Personal Information ◽  
Accounting Information ◽  
User Involvement ◽  
Simple Random Sampling ◽  
Organizational Size ◽  
Significance Level ◽  
Accounting Information Systems ◽  
Technical Ability

This research was conducted to examine the effect of the technical ability of personal information systems, organizational size, user involvement in the system on the performance of accounting information systems. The population in this study includes all employees who use accounting information systems, namely tellers and back offices in conventional banks in the South Jakarta area. The sampling method used in this study is Simple Random Sampling. The final data generated are 48 samples that are ready to be analyzed and tested. The analysis technique used is multiple linear regression and uses the name of the SPPS statistical application with a significance level of 5%. The results of this study indicate that (1) the technical ability of personal information systems has a significant influence on the performance of accounting information systems, (2) the size of the organization has no significant effect on the performance of accounting information systems, (3) user involvement in the system has a significant influence on accounting performance information Systems.

The invisible hole of information on SMB's cybersecurity

2019 ◽  
Vol 7 (1) ◽  
pp. 14-26
Author(s):  
Ruti Gafni ◽  
Tal Pavel
Keyword(s):  
Mass Communication ◽  
Cyber Attacks ◽  
Communication Media ◽  
Specific Information ◽  
Exploratory Research ◽  
Cyber Attack ◽  
Public Attention ◽  
Cyber Threats ◽  
Accessible Information ◽  
Types Of Information

Small and Medium Businesses (SMB) use Internet and computer-based tools in their daily processes, sometimes without being aware to the cyber threats, or without knowing how to be prepared in case of a cyber-attack, although they are a major target for cyber-attacks. Specific information about cybersecurity needed by SMBs, in order to cope with cyber threats, is not always available or easily accessible. In this study, a vast search of different types of information about SMBs’ cybersecurity was performed, in order to find whether a hole of accessible information exists in this area. This exploratory research covered general mass communication media channels, technological and professional cybersecurity websites, and academic journals, and found that indeed very few studies, articles and news items were published in this matter. Leveraging knowledge and awareness, diminishing the shame for reporting cyber-attacks, and increasing mass communication media interest and public attention, may be activities to cover this “invisible hole”.

Sign in / Sign up

Export Citation Format

Share Document