Cooperation and Free Riding in Cyber Security Information-Sharing Programs

Even with substantial investment in cyber defense, the risk of harm from cyber attacks is significant for many organizations. Multi-organization information-sharing programs have the potential to improve cyber security at relatively low cost by allowing organizations that face similar threats to share information on vulnerabilities, attacks, and defense strategies. The dynamics of an information-sharing program are likely to depend heavily on interactions between human decision makers. This article describes a system dynamics model of an information-sharing program. The model incorporates decision-making strategies of managers and cyber defenders in each participating organization. The model was used to assess how free-riding behavior is likely to affect the success of a multi-organization information-sharing program. Results shows that free riding may make information sharing more volatile and less beneficial early on, but other factors, including cost savings and the perceived utility of shared information, are likely to create success later in the time horizon.

Download Full-text

Exploring Cyber Security Vulnerabilities in the Age of IoT

Cyber Security and Threats ◽

10.4018/978-1-5225-5634-3.ch078 ◽

2018 ◽

pp. 1609-1623 ◽

Cited By ~ 1

Author(s):

Shruti Kohli

Keyword(s):

Cyber Security ◽

Low Cost ◽

Cyber Attacks ◽

Rolling Stock ◽

Security Vulnerabilities ◽

Security Breaches ◽

Closed Networks ◽

Train Control ◽

Potential Risks ◽

Physical Assets

The modernization of rail control systems has resulted in an increasing reliance on digital technology and increased the potential for security breaches and cyber-attacks. Higher-level European Train Control System(ETCS) systems in particular depend on communications technologies to enable greater automation of railway operations, and this has made the protecting the integrity of infrastructure, rolling stock, staff and passengers against cyber-attacks ever more crucial. The growth in Internet of Things (IoT) technology has also increased the potential risks in this area, bringing with it the potential for huge numbers of low-cost sensing devices from smaller manufacturers to be installed and used dynamically in large infrastructure systems; systems that previously relied on closed networks and known asset identifiers for protection against cyber-attacks. This chapter demonstrates that how existing data resources that are readily available to the railways could be rapidly combined and mapped to physical assets. This work contributes for developing secure reusable scalable framework for enhancing cyber security of rail assets

Download Full-text

Analysis of Cyber-Attacks Against the Transportation Sector

Cyber Security and Threats ◽

10.4018/978-1-5225-5634-3.ch069 ◽

2018 ◽

pp. 1384-1402

Author(s):

Brett van Niekerk

Keyword(s):

Information Sharing ◽

Cyber Security ◽

Power Grid ◽

Tourism Industry ◽

Cyber Attacks ◽

Transport Infrastructure ◽

Cyber Defense ◽

Transportation Sector ◽

Threat Intelligence ◽

Security Incidents

For many countries the physical transport infrastructure is critical to the economy, with ports forming a gateway for the majority of trade, and rail and road used to distribute goods. Airlines are crucial to the tourism industry. Whilst the focus of cyber-defense is on financial networks and the power grid, recent incidents illustrate that the transport infrastructure is also susceptible to cyber-attacks. The chapter provides an overview of cyber-security incidents related to the transportation sector, and analyses the reports of the incidents to illustrate the prevalence of threat types and impact. The chapter then discusses some efforts to mitigate the threats in terms of regulations, threat intelligence and information sharing, and awareness training.

Download Full-text

Grid Cyber-Security Strategy in an Attacker-Defender Model

Cryptography ◽

10.3390/cryptography5020012 ◽

2021 ◽

Vol 5 (2) ◽

pp. 12

Author(s):

Yu-Cheng Chen ◽

Vincent John Mooney ◽

Santiago Grijalva

Keyword(s):

Cyber Security ◽

Mathematical Proof ◽

Power Grid ◽

Cyber Attacks ◽

Security Strategy ◽

Defense Strategies ◽

Access Controls ◽

Average Probability ◽

Novel Concept ◽

First Time

The progression of cyber-attacks on the cyber-physical system is analyzed by the Probabilistic, Learning Attacker, and Dynamic Defender (PLADD) model. Although our research does apply to all cyber-physical systems, we focus on power grid infrastructure. The PLADD model evaluates the effectiveness of moving target defense (MTD) techniques. We consider the power grid attack scenarios in the AND configurations and OR configurations. In addition, we consider, for the first time ever, power grid attack scenarios involving both AND configurations and OR configurations simultaneously. Cyber-security managers can use the strategy introduced in this manuscript to optimize their defense strategies. Specifically, our research provides insight into when to reset access controls (such as passwords, internet protocol addresses, and session keys), to minimize the probability of a successful attack. Our mathematical proof for the OR configuration of multiple PLADD games shows that it is best if all access controls are reset simultaneously. For the AND configuration, our mathematical proof shows that it is best (in terms of minimizing the attacker′s average probability of success) that the resets are equally spaced apart. We introduce a novel concept called hierarchical parallel PLADD system to cover additional attack scenarios that require combinations of AND and OR configurations.

Download Full-text

Challenges, Trends and Solutions for Communication Networks and Cyber-Security in Smart Grid.

Current Chinese Engineering Science ◽

10.2174/2665998002666220114145027 ◽

2022 ◽

Vol 02 ◽

Author(s):

Qutaiba I. Ali ◽

Firas S. Alsharbaty

Keyword(s):

Wireless Communication ◽

Smart Grid ◽

Communication Networks ◽

Cyber Security ◽

Low Cost ◽

High Capacity ◽

Human Growth ◽

Cyber Attacks ◽

Renewable Energy Resources ◽

Quantum Leap

Abstract: Power grid is one of the most important manifestations of the modern civilization and the engine of it where it is described as a digestive system of the civil life. It is a structure has three main functions: generation, transmission lines, distribution. This concept was appropriate for a century. However, the beginning of the twenty-first century brought dramatic changes on different domains: media, human growth, economic, environmental, political, and technical etc. Smart grid is a sophisticated structure including cyber and physical bodies hence it reinforces the sustainability, the energy management, the capability of integration with microgrids, and exploiting the renewable energy resources. The quantum leap of smart grid is related to the advanced communication networks that deal with the cyber part. Moreover, the communication networks of smart grid offer attractive capabilities such as monitoring, control, and protection at the level of real time. The wireless communication techniques in integration frame are promised solution to compensate the requirements of smart grid designing such as wireless local area networks, worldwide interoperability for microwave access, long term evolution, and narrowband- internet of things. These technologies could provide high capacity, flexibility, low-cost maintenance for smart grid. However, the multi-interfaces in smart grid may exploit by persons or agencies to implement different types of cyber-attacks may lead to dangerous damage. This research paper reviews the up-to-date researches in the field of smart grid to handle the new trends and topics in one frame in order to offer integration vision in this vital section. It concentrates on the section of communication networks the mainstay of smart grid. This paper discusses the challenging and requirements of adopting the wireless communication technologies and delves deeply into literature review to devise and suggest solutions to compensate the impairments efficiently. Moreover, it explores the cyber security that representing the real defiant to implement the concept of smart grid safely.

Download Full-text

Exploring Cyber Security Vulnerabilities in the Age of IoT

Detecting and Mitigating Robotic Cyber Security Risks - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-2154-9.ch014 ◽

2017 ◽

pp. 192-206

Author(s):

Shruti Kohli

Keyword(s):

Cyber Security ◽

Low Cost ◽

Cyber Attacks ◽

Rolling Stock ◽

Security Vulnerabilities ◽

Security Breaches ◽

Closed Networks ◽

Train Control ◽

Potential Risks ◽

Physical Assets

The modernization of rail control systems has resulted in an increasing reliance on digital technology and increased the potential for security breaches and cyber-attacks. Higher-level European Train Control System(ETCS) systems in particular depend on communications technologies to enable greater automation of railway operations, and this has made the protecting the integrity of infrastructure, rolling stock, staff and passengers against cyber-attacks ever more crucial. The growth in Internet of Things (IoT) technology has also increased the potential risks in this area, bringing with it the potential for huge numbers of low-cost sensing devices from smaller manufacturers to be installed and used dynamically in large infrastructure systems; systems that previously relied on closed networks and known asset identifiers for protection against cyber-attacks. This chapter demonstrates that how existing data resources that are readily available to the railways could be rapidly combined and mapped to physical assets. This work contributes for developing secure reusable scalable framework for enhancing cyber security of rail assets

Download Full-text

Analysis of Cyber-Attacks against the Transportation Sector

Threat Mitigation and Detection of Cyber Warfare and Terrorism Activities - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-1938-6.ch004 ◽

2017 ◽

pp. 68-91 ◽

Cited By ~ 1

Author(s):

Brett van Niekerk

Keyword(s):

Information Sharing ◽

Cyber Security ◽

Power Grid ◽

Tourism Industry ◽

Cyber Attacks ◽

Transport Infrastructure ◽

Cyber Defense ◽

Transportation Sector ◽

Threat Intelligence ◽

Security Incidents

For many countries the physical transport infrastructure is critical to the economy, with ports forming a gateway for the majority of trade, and rail and road used to distribute goods. Airlines are crucial to the tourism industry. Whilst the focus of cyber-defense is on financial networks and the power grid, recent incidents illustrate that the transport infrastructure is also susceptible to cyber-attacks. The chapter provides an overview of cyber-security incidents related to the transportation sector, and analyses the reports of the incidents to illustrate the prevalence of threat types and impact. The chapter then discusses some efforts to mitigate the threats in terms of regulations, threat intelligence and information sharing, and awareness training.

Download Full-text

A Research on Cyber Security Awareness based on Big Data

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.b1156.0882s819 ◽

2019 ◽

Vol 8 (2S8) ◽

pp. 1798-1802

Keyword(s):

Private Information ◽

Cyber Security ◽

Personal Information ◽

Low Cost ◽

Cyber Attacks ◽

Network Resources ◽

Survey Paper ◽

Security Issues ◽

Dynamic Checking ◽

Wide Usage

In digital word cybersecurity is to help us to prevent attacks on network resources, private information and vital certifications of an association. The fundamental objective of this survey paper is to focus on the various types of cyber-attacks and their quick fix to how we can protect our self from such attacks. Other then, it also gives information about the various forms of cyber-crime and its protection worldwide. These days, with wide usage of internet services with low-cost everyone, is using the net. But many of them don't know about cyber fraud i.e.: how attackers steal their data or personal information and sell to others, this paper helps to create awareness of cybersecurity for such people. So as to determine digital security issues, the security specialist's locale including government segment, the scholarly community, the private part should cooperate to comprehend the rising dangers to the processing scene. This paper presents a specialized, social and moral association uninhibitedly sharing digital assault angle in the soul of worldwide co-task bridging geo-political fringes by conveying dynamic checking.

Download Full-text

Design of a dynamic and self-adapting system, supported with artificial intelligence, machine learning and real-time intelligence for predictive cyber risk analytics in extreme environments – cyber risk in the colonisation of Mars

Safety in Extreme Environments ◽

10.1007/s42797-021-00025-1 ◽

2021 ◽

Author(s):

Petar Radanliev ◽

David De Roure ◽

Kevin Page ◽

Max Van Kleek ◽

Omar Santos ◽

...

Keyword(s):

Artificial Intelligence ◽

Machine Learning ◽

Real Time ◽

Cyber Security ◽

Extreme Environments ◽

Learning Technologies ◽

Cyber Attacks ◽

Edge Computing ◽

Mathematical Formulas ◽

Cyber Risk

AbstractMultiple governmental agencies and private organisations have made commitments for the colonisation of Mars. Such colonisation requires complex systems and infrastructure that could be very costly to repair or replace in cases of cyber-attacks. This paper surveys deep learning algorithms, IoT cyber security and risk models, and established mathematical formulas to identify the best approach for developing a dynamic and self-adapting system for predictive cyber risk analytics supported with Artificial Intelligence and Machine Learning and real-time intelligence in edge computing. The paper presents a new mathematical approach for integrating concepts for cognition engine design, edge computing and Artificial Intelligence and Machine Learning to automate anomaly detection. This engine instigates a step change by applying Artificial Intelligence and Machine Learning embedded at the edge of IoT networks, to deliver safe and functional real-time intelligence for predictive cyber risk analytics. This will enhance capacities for risk analytics and assists in the creation of a comprehensive and systematic understanding of the opportunities and threats that arise when edge computing nodes are deployed, and when Artificial Intelligence and Machine Learning technologies are migrated to the periphery of the internet and into local IoT networks.

Download Full-text

Cybersecurity Teamwork: A Review of Current Practices and Suggested Improvements

Proceedings of the Human Factors and Ergonomics Society Annual Meeting ◽

10.1177/1071181320641101 ◽

2020 ◽

Vol 64 (1) ◽

pp. 451-455

Author(s):

Richard J. Simonson ◽

Joseph R. Keebler ◽

Mathew Lessmiller ◽

Tyson Richards ◽

John C. Lee

Keyword(s):

Cyber Security ◽

Cyber Attacks ◽

Team Science ◽

The Past ◽

Insight Into ◽

Current Practices

As cyber-attacks and their subsequent responses have become more frequent and complex over the past decade, research into the performance and effectiveness of cybersecurity teams has gained an immense amount of traction. However, investigation of teamwork in this domain is lacking due to the exclusion of known team competencies and a lack of reliance on team science. This paper serves to provide insight into the benefit that can be gained from utilizing the extant teamwork literature to improve teams’ research and applications in the domain of cyber-security.

Download Full-text