A Survey of Security Models Using Effective Moving Target Defenses

B S Kiruthika Devi; T. Subbulakshmi; KV Mahesh Babu

doi:10.4018/ijisp.2018070107

A Survey of Security Models Using Effective Moving Target Defenses

International Journal of Information Security and Privacy ◽

10.4018/ijisp.2018070107 ◽

2018 ◽

Vol 12 (3) ◽

pp. 123-140

Author(s):

B S Kiruthika Devi ◽

T. Subbulakshmi ◽

KV Mahesh Babu

Keyword(s):

Formal Method ◽

Cyber Attacks ◽

Networked Systems ◽

Moving Target ◽

Security Model ◽

Attack Tree ◽

Attack Graph ◽

Representation Model ◽

Security Models ◽

Attack Surface

This article describes how nowadays, attackers are targeting valuable assets and infrastructures in networked systems causing an impact on enterprises and individuals. By implementing moving target defenses helps to prevent cyber-attacks by changing the attack surface. Some security models like Attack Graph (A.G) and Attack Tree (A.T) provide a formal method to access and compare the effectiveness of them. So, in this article, the authors incorporate moving target defenses in a security model, using a Hierarchical Attack Representation Model (HARM), to compare and access the effectiveness of the security. In addition, the authors are also taking important measures (IMs) for implementing MTD techniques to enhance the scalability of the network. Finally, they compare the scalability of an attack graph and HARM models by implementing MTD techniques to find the effectiveness of security in network.

Download Full-text

Transformative Cyber Security Model for Malaysian Government Agencies

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i4.15.21377 ◽

2018 ◽

Vol 7 (4.15) ◽

pp. 87

Author(s):

Sundresan Perumal ◽

Sakinah Ali Pitchay ◽

Ganthan Narayana Samy ◽

Bharanidharan Shanmugam ◽

Pritheega Magalingam ◽

...

Keyword(s):

Cyber Security ◽

Cyber Attacks ◽

Government Agencies ◽

Security Model ◽

Government Administration ◽

Security Models ◽

The Government ◽

Malaysian Government

The growth of cyberspace world has uprising government agencies in a new way to serve citizen in a proactive, efficient and productive manner. To have an open, stable and vibrant cyberspace, governments should be more resilient to cyber-attacks and able to protect all government agency’s interest in cyberspace. Therefore, the government needs a transformative cyber governance security model to protect valuable government agencies’ information. The model should be able to detect, defend and deter the vulnerabilities, threats and risks that will emerge in the day to day government administration operation. This paper has introduced a study for some existing cyber governance security models. Thus, it helps in determining the main features of the required model.

Download Full-text

"Highly networked systems offer a large attack surface"

ATZelectronics worldwide ◽

10.1007/s38314-021-0643-6 ◽

2021 ◽

Vol 16 (6) ◽

pp. 12-15

Author(s):

Robert Unseld

Keyword(s):

Networked Systems ◽

Attack Surface

Download Full-text

Differential Attack Graph-Based Approach for Assessing Change in the Network Attack Surface

Information Systems Security - Lecture Notes in Computer Science ◽

10.1007/978-3-030-36945-3_18 ◽

2019 ◽

pp. 324-344

Author(s):

Ghanshyam S. Bopche ◽

Gopal N. Rai ◽

B. Ramchandra Reddy ◽

B. M. Mehtre

Keyword(s):

Differential Attack ◽

Network Attack ◽

Attack Graph ◽

Attack Surface

Download Full-text

Assessing Cyber-Worthiness of Complex System Capabilities using MBSE: A new rigorous engineering methodology

10.36227/techrxiv.14703033.v1 ◽

2021 ◽

Author(s):

Stuart Fowler ◽

Keith Joiner ◽

Elena Sitnikova

Keyword(s):

Complex System ◽

Complex Systems ◽

Systems Engineering ◽

Cyber Attacks ◽

Simulation Methods ◽

Assessment Methodology ◽

Cyber Attack ◽

Cyber Threats ◽

Attack Surface ◽

Model Based Systems Engineering

<div>Cyber-worthiness as it is termed in Australian Defence, or cyber-maturity more broadly, is a necessary feature of modern complex systems which are required to operate in a hostile cyber environment. To evaluate the cyber-worthiness of complex systems, an assessment methodology is required to examine a complex system’s or system-of-system’s vulnerability to and risk of cyber-attacks that can compromise such systems. This assessment methodology should address the cyber-attack surface and threat kill chains, including supply chains and supporting infrastructure. A cyber-worthiness capability assessment methodology has been developed based on model-based systems engineering concepts to analyse the cyber-worthiness of complex systems and present a risk assessment of various cyber threats to the complex system. This methodology incorporates modelling and simulation methods that provide organisations greater visibility and consistency across diverse systems, especially to drive cybersecurity controls, investment and operational decisions involving aggregated systems. In this paper, the developed methodology will be presented in detail and hypothesised outcomes will be discussed.</div>

Download Full-text

Blockchain-Based Security Model for LoRaWAN Firmware Updates

Journal of Sensor and Actuator Networks ◽

10.3390/jsan11010005 ◽

2022 ◽

Vol 11 (1) ◽

pp. 5

Author(s):

Njabulo Sakhile Mtetwa ◽

Paul Tarwireyi ◽

Cecilia Nombuso Sibeko ◽

Adnan Abu-Mahfouz ◽

Matthew Adigun

Keyword(s):

Use Cases ◽

Smart Devices ◽

Area Network ◽

Sensitive Information ◽

Security Model ◽

Functional Requirements ◽

Wide Area Network ◽

Proposed Model ◽

Attack Surface ◽

Iot Devices

The Internet of Things (IoT) is changing the way consumers, businesses, and governments interact with the physical and cyber worlds. More often than not, IoT devices are designed for specific functional requirements or use cases without paying too much attention to security. Consequently, attackers usually compromise IoT devices with lax security to retrieve sensitive information such as encryption keys, user passwords, and sensitive URLs. Moreover, expanding IoT use cases and the exponential growth in connected smart devices significantly widen the attack surface. Despite efforts to deal with security problems, the security of IoT devices and the privacy of the data they collect and process are still areas of concern in research. Whenever vulnerabilities are discovered, device manufacturers are expected to release patches or new firmware to fix the vulnerabilities. There is a need to prioritize firmware attacks, because they enable the most high-impact threats that go beyond what is possible with traditional attacks. In IoT, delivering and deploying new firmware securely to affected devices remains a challenge. This study aims to develop a security model that employs Blockchain and the InterPlanentary File System (IPFS) to secure firmware transmission over a low data rate, constrained Long-Range Wide Area Network (LoRaWAN). The proposed security model ensures integrity, confidentiality, availability, and authentication and focuses on resource-constrained low-powered devices. To demonstrate the utility and applicability of the proposed model, a proof of concept was implemented and evaluated using low-powered devices. The experimental results show that the proposed model is feasible for constrained and low-powered LoRaWAN devices.

Download Full-text

Autoencoder Based Anomaly Detection for SCADA Networks

International Journal of Artificial Intelligence and Machine Learning ◽

10.4018/ijaiml.20210701.oa6 ◽

2021 ◽

Vol 11 (2) ◽

pp. 83-99

Author(s):

Sajid Nazir ◽

Shushma Patel ◽

Dilip Patel

Keyword(s):

Cyber Attacks ◽

Traffic Patterns ◽

Industrial Control ◽

Industrial Control Systems ◽

Physical Systems ◽

Anomalous Data ◽

National Importance ◽

Attack Patterns ◽

Attack Surface ◽

Scada Networks

Supervisory control and data acquisition (SCADA) systems are industrial control systems that are used to monitor critical infrastructures such as airports, transport, health, and public services of national importance. These are cyber physical systems, which are increasingly integrated with networks and internet of things devices. However, this results in a larger attack surface for cyber threats, making it important to identify and thwart cyber-attacks by detecting anomalous network traffic patterns. Compared to other techniques, as well as detecting known attack patterns, machine learning can also detect new and evolving threats. Autoencoders are a type of neural network that generates a compressed representation of its input data and through reconstruction loss of inputs can help identify anomalous data. This paper proposes the use of autoencoders for unsupervised anomaly-based intrusion detection using an appropriate differentiating threshold from the loss distribution and demonstrate improvements in results compared to other techniques for SCADA gas pipeline dataset.

Download Full-text

H∞ filtering for networked systems with hybrid-triggered communication mechanism and stochastic cyber attacks

Journal of the Franklin Institute ◽

10.1016/j.jfranklin.2017.10.007 ◽

2017 ◽

Vol 354 (18) ◽

pp. 8490-8512 ◽

Cited By ~ 22

Author(s):

Jinliang Liu ◽

Lili Wei ◽

Engang Tian ◽

Shumin Fei ◽

Jie Cao

Keyword(s):

Cyber Attacks ◽

Networked Systems ◽

Communication Mechanism

Download Full-text

A layer-crossing multi-factor and dynamic security model over a moving target defence

International Journal of Information and Computer Security ◽

10.1504/ijics.2021.117400 ◽

2021 ◽

Vol 16 (1/2) ◽

pp. 150

Author(s):

Zhanwei Cui ◽

Jianping Zeng ◽

Chengrong Wu

Keyword(s):

Moving Target ◽

Security Model ◽

Dynamic Security

Download Full-text

An Attack Graph Based Approach for Threat Identification of an Enterprise Network

Cyber Security and Global Information Assurance ◽

10.4018/978-1-60566-326-5.ch002 ◽

2009 ◽

pp. 23-47 ◽

Cited By ~ 1

Author(s):

Somak Bhattacharya ◽

Samresh Malhotra ◽

S. K. Ghosh

Keyword(s):

Causal Relationship ◽

Risk Mitigation ◽

Automatic Assessment ◽

Enterprise Network ◽

Attack Graphs ◽

Attack Graph ◽

Attack Path ◽

Critical Resource ◽

Attack Surface ◽

The Individual

As networks continue to grow in size and complexity, automatic assessment of the security vulnerability becomes increasingly important. The typical means by which an attacker breaks into a network is through a series of exploits, where each exploit in the series satisfies the pre-condition for subsequent exploits and makes a causal relationship among them. Such a series of exploits constitutes an attack path where the set of all possible attack paths form an attack graph. Attack graphs reveal the threat by enumerating all possible sequences of exploits that can be followed to compromise a given critical resource. The contribution of this chapter is to identify the most probable attack path based on the attack surface measures of the individual hosts for a given network and also identify the minimum possible network securing options for a given attack graph in an automated fashion. The identified network securing options are exhaustive and the proposed approach aims at detecting cycles in forward reachable attack graphs. As a whole, the chapter deals with identification of probable attack path and risk mitigation which may facilitate in improving the overall security of an enterprise network.

Download Full-text

Determining the Probability of Smart Grid Attacks by Combining Attack Tree and Attack Graph Analysis

Lecture Notes in Computer Science - Smart Grid Security ◽

10.1007/978-3-319-10329-7_3 ◽

2014 ◽

pp. 30-47 ◽

Cited By ~ 2

Author(s):

Kristian Beckers ◽

Maritta Heisel ◽

Leanid Krautsevich ◽

Fabio Martinelli ◽

Rene Meis ◽

...

Keyword(s):

Smart Grid ◽

Graph Analysis ◽

Attack Tree ◽

Attack Graph

Download Full-text