Analysis of Cyber-Attacks against the Transportation Sector

2017 ◽  
pp. 68-91 ◽  
Author(s):  
Brett van Niekerk
Keyword(s):  
Information Sharing ◽  
Cyber Security ◽  
Power Grid ◽  
Tourism Industry ◽  
Cyber Attacks ◽  
Transport Infrastructure ◽  
Cyber Defense ◽  
Transportation Sector ◽  
Threat Intelligence ◽  
Security Incidents

For many countries the physical transport infrastructure is critical to the economy, with ports forming a gateway for the majority of trade, and rail and road used to distribute goods. Airlines are crucial to the tourism industry. Whilst the focus of cyber-defense is on financial networks and the power grid, recent incidents illustrate that the transport infrastructure is also susceptible to cyber-attacks. The chapter provides an overview of cyber-security incidents related to the transportation sector, and analyses the reports of the incidents to illustrate the prevalence of threat types and impact. The chapter then discusses some efforts to mitigate the threats in terms of regulations, threat intelligence and information sharing, and awareness training.

Analysis of Cyber-Attacks Against the Transportation Sector

2018 ◽  
pp. 1384-1402
Author(s):  
Brett van Niekerk
Keyword(s):  
Information Sharing ◽  
Cyber Security ◽  
Power Grid ◽  
Tourism Industry ◽  
Cyber Attacks ◽  
Transport Infrastructure ◽  
Cyber Defense ◽  
Transportation Sector ◽  
Threat Intelligence ◽  
Security Incidents

For many countries the physical transport infrastructure is critical to the economy, with ports forming a gateway for the majority of trade, and rail and road used to distribute goods. Airlines are crucial to the tourism industry. Whilst the focus of cyber-defense is on financial networks and the power grid, recent incidents illustrate that the transport infrastructure is also susceptible to cyber-attacks. The chapter provides an overview of cyber-security incidents related to the transportation sector, and analyses the reports of the incidents to illustrate the prevalence of threat types and impact. The chapter then discusses some efforts to mitigate the threats in terms of regulations, threat intelligence and information sharing, and awareness training.

scholarly journals Revealing and Sharing Malware Profile Using Malware Threat Intelligence Platform

2021 ◽  
Vol 6 (1) ◽  
pp. 72-82
Author(s):  
Faiz Iman Djufri ◽  
Charles Lim
Keyword(s):  
Cyber Security ◽  
Security Threats ◽  
Cyber Intelligence ◽  
Intelligence Sharing ◽  
Signature Detection ◽  
Threat Intelligence ◽  
User Data ◽  
Self Discovery ◽  
New Generation ◽  
Security Incidents

Cyber Security is an interchange between attackers and defenders, a non-static balancing force. The increasing trend of novel security threats and security incidents, which does not seem to be stopping, prompts the need to add another line of security defences. This is because the risk management and risk detection has become virtually impossible due to the limited access towards user data and the variations of modern threat taxonomies. The traditional strategy of self-discovery and signature detection which has a static nature is now obsolete in facing threats of the new generation with a dynamic nature; threats which are resilient, complex, and evasive. Therefore, this thesis discusses the use of MISP and The Triad Investigation approach to share the Indicator of Compromise on Cyber Intelligence Sharing Platform to be able to address the newt threats.

Cooperation and Free Riding in Cyber Security Information-Sharing Programs

2018 ◽  
pp. 309-324 ◽  
Author(s):  
Asmeret Bier Naugle ◽  
Austin Silva ◽  
Munaf Aamir
Keyword(s):  
Information Sharing ◽  
Cyber Security ◽  
Low Cost ◽  
Cost Savings ◽  
Free Riding ◽  
Cyber Attacks ◽  
Defense Strategies ◽  
Shared Information ◽  
Substantial Investment ◽  
Human Decision

Even with substantial investment in cyber defense, the risk of harm from cyber attacks is significant for many organizations. Multi-organization information-sharing programs have the potential to improve cyber security at relatively low cost by allowing organizations that face similar threats to share information on vulnerabilities, attacks, and defense strategies. The dynamics of an information-sharing program are likely to depend heavily on interactions between human decision makers. This article describes a system dynamics model of an information-sharing program. The model incorporates decision-making strategies of managers and cyber defenders in each participating organization. The model was used to assess how free-riding behavior is likely to affect the success of a multi-organization information-sharing program. Results shows that free riding may make information sharing more volatile and less beneficial early on, but other factors, including cost savings and the perceived utility of shared information, are likely to create success later in the time horizon.

Machine Learning Forensics

2021 ◽  
pp. 47-66
Author(s):  
Angad Gupta ◽  
Ruchika Gupta ◽  
A. Sankaran
Keyword(s):  
Machine Learning ◽  
Cyber Security ◽  
Defense Responses ◽  
Cyber Attacks ◽  
Process Data ◽  
Cyber Defense ◽  
High Expectations ◽  
Malicious Activity ◽  
Malicious Behavior ◽  
Normal Behavior

Machine learning (without human interference) can collect, analyze, and process data. In the case of cyber security, this technology helps to better analyze previous cyber-attacks and develop respective defense responses. This approach enables an automated cyber defense system with a minimum-skilled cyber security force. There are high expectations for machine learning (ML) in cyber security, and for good reasons. With the help of ML algorithms, we can sift through massive amounts of security events looking for anomalies, deviations from normal behavior that are often indicative of malicious activity. These findings are then presented to the analyst for review and vetting, and the results of his determination fed back into the system for training. As we process more and more data through the system, it evolves: it learns to recognize similar events and, eventually, the underlying traits of malicious behavior that we're trying to detect. This chapter explores machine learning forensics.

Cooperation and Free Riding in Cyber Security Information-Sharing Programs

2017 ◽  
Vol 6 (2) ◽  
pp. 71-85
Author(s):  
Asmeret Bier Naugle ◽  
Austin Silva ◽  
Munaf Aamir
Keyword(s):  
Information Sharing ◽  
Cyber Security ◽  
Low Cost ◽  
Cost Savings ◽  
Free Riding ◽  
Cyber Attacks ◽  
Defense Strategies ◽  
Shared Information ◽  
Substantial Investment ◽  
Human Decision

Even with substantial investment in cyber defense, the risk of harm from cyber attacks is significant for many organizations. Multi-organization information-sharing programs have the potential to improve cyber security at relatively low cost by allowing organizations that face similar threats to share information on vulnerabilities, attacks, and defense strategies. The dynamics of an information-sharing program are likely to depend heavily on interactions between human decision makers. This article describes a system dynamics model of an information-sharing program. The model incorporates decision-making strategies of managers and cyber defenders in each participating organization. The model was used to assess how free-riding behavior is likely to affect the success of a multi-organization information-sharing program. Results shows that free riding may make information sharing more volatile and less beneficial early on, but other factors, including cost savings and the perceived utility of shared information, are likely to create success later in the time horizon.

scholarly journals A Cyber-secure Framework for Power Grids Based on Federated Learning

2020 ◽  
Author(s):  
Shutang You
Keyword(s):  
Power Systems ◽  
Cyber Security ◽  
Power Grid ◽  
Main Idea ◽  
Cyber Attacks ◽  
Power Grids ◽  
Grid Data ◽  
Local Data ◽  
Reliable Power Supply ◽  
Secure Framework

Cyber security is important of power grids to ensure secure and reliable power supply. This paper presented a cyber- secure framework for power grids based on federated learning. In this framework, each entity, which may be a distribution/transmission/generation service provider or even a customer, can contribute to the overall system immunity and robustness to cyber-attacks, while not required to share local data, which may have privacy, legal and property concerns. The main idea is to use the federated learning framework to share the knowledge learned from local data instead of sharing power grid data itself. With complete knowledge learned from all data from the power grid, each entity is better positioned to defend the cyber-attacks and improve power grid resiliency. Future work on applying this federated learning based framework in power systems is also discussed.

scholarly journals OSINT investigation to detect and prevent cyber attacks and cyber security incidents

2021 ◽  
Vol 9 (2) ◽  
pp. 209-218
Author(s):  
Dmytro Lande ◽  
Oleksandr Puchkov ◽  
Ihor Subach ◽  
Mykhailo Boliukh ◽  
Dmytro Nahornyi
Keyword(s):  
Cyber Security ◽  
Cyber Attacks ◽  
Security Incidents

scholarly journals Cyber Threat Intelligence and its Role in Proactive Incident Response

2017 ◽  
Author(s):  
Husam Hassan Ambusaidi ◽  
Dr. PRAKASH KUMAR UDUPI
Keyword(s):  
Early Detection ◽  
Cyber Security ◽  
Cyber Attacks ◽  
Incident Response ◽  
Cyber Threats ◽  
Threat Intelligence ◽  
Reliable Source ◽  
Cyber Threat ◽  
Cyber Threat Intelligence

Every day organizations are targeted by different and sophisticated cyber attacks. Most of these organizations are unaware that they are targeted and their networks are compromised. To detect the compromised networks the organizations need a reliable source of cyber threats information.  Many cyber security service vendors provide threat intelligence information to allow early detection of the cyber threats. This research will explore different type of cyber threat intelligence and its role in proactive incident response. The research study the threat intelligence features and how the threat feeds collected and then distributed.  The research studies the role of cyber threat intelligence in early detection of the threats.

scholarly journals A Multi-Layer Security Scheme for Mitigating Smart Grid Vulnerability against Faults and Cyber-Attacks

2021 ◽  
Vol 11 (21) ◽  
pp. 9972
Author(s):  
Jian Chen ◽  
Mohamed A. Mohamed ◽  
Udaya Dampage ◽  
Mostafa Rezaei ◽  
Saleh H. Salmen ◽  
...  
Keyword(s):  
Smart Grid ◽  
Cyber Security ◽  
Power Grid ◽  
Cyber Attacks ◽  
Security Protocol ◽  
Comprehensive Approach ◽  
Transform Method ◽  
General Role ◽  
Uncertainty Parameters ◽  
The Impact

To comply with electric power grid automation strategies, new cyber-security protocols and protection are required. What we now experience is a new type of protection against new disturbances namely cyber-attacks. In the same vein, the impact of disturbances arising from faults or cyber-attacks should be surveyed by network vulnerability criteria alone. It is clear that the diagnosis of vulnerable points protects the power grid against disturbances that would inhibit outages such as blackouts. So, the first step is determining the network vulnerable points, and then proposing a support method to deal with these outages. This research proposes a comprehensive approach to deal with outages by determining network vulnerable points due to physical faults and cyber-attacks. The first point, the network vulnerable points against network faults are covered by microgrids. As the second one, a new cyber-security protocol named multi-layer security is proposed in order to prevent targeted cyber-attacks. The first layer is a cyber-security-based blockchain method that plays a general role. The second layer is a cyber-security-based reinforcement-learning method, which supports the vulnerable points by monitoring data. On the other hand, the trend of solving problems becomes routine when no ambiguity arises in different sections of the smart grid, while it is far from a big network’s realities. Hence, the impact of uncertainty parameters on the proposed framework needs to be considered. Accordingly, the unscented transform method is modeled in this research. The simulation results illustrate that applying such a comprehensive approach can greatly pull down the probability of blackouts.

Cyber Diplomacy

2021 ◽  
Vol 10 (2) ◽  
pp. 37-50
Author(s):  
Andreea DRAGOMIR
Keyword(s):  
European Union ◽  
Cyber Security ◽  
Main Idea ◽  
Cyber Attacks ◽  
The European Union ◽  
Security Strategy ◽  
Cyber Defense ◽  
Member States ◽  
Cross Border ◽  
The Cross

The article aims to highlight issues related to the risks to both the European Union and the Member States, but at the same time seeks to highlight current legislative and political approaches applicable in cyberspace. This set of tools used in cyber diplomacy includes the concepts of cooperation and diplomatic dialogue (common cyber network of EU states, common cyber defense unit) but also measures to prevent cyber-attacks (European Union Cyber Security Strategy), as well as sanctions. Throughout this presentation, the main idea is supported by the cross-border nature of cyberspace.

Sign in / Sign up

Export Citation Format

Share Document