WORK IN GROUP OR PERSONAL MAINTENANCE OF CORPORATE SOCIAL MEDIA

Objective. Social media have become one of the main technologies for promoting the university library. The purpose of the work is to characterize the main stages of organizing work in social media for librarians (SMM specialists and a working group) of the Scientific Library of the Belarusian National Technical University (BNTU). Methods. Statistical analysis tools made it possible to study in detail the corporate networks of the BNTU Library. A comparative analysis of the experience of maintaining BNTU accounts in social media by an SMM specialist and a working group of employees from various library departments was carried out. Results. The advantages and risks in the work of the group are summarized. The following areas highlighted: Team building; Communication and work organization; Creativity and creative power; Overcoming the challenges of group work; Content formation techniques; Potential. Conclusions. Working in a group produces creative and interesting content in large volumes. The experience of managing the process of forming a content policy in 2020 proves that the process has become more flexible and independent of the personality of an SMM specialist.

Bayesian network model to distinguish between intentional attacks and accidental technical failures: a case study of floodgates

Water management infrastructures such as floodgates are critical and increasingly operated by Industrial Control Systems (ICS). These systems are becoming more connected to the internet, either directly or through the corporate networks. This makes them vulnerable to cyber-attacks. Abnormal behaviour in floodgates operated by ICS could be caused by both (intentional) attacks and (accidental) technical failures. When operators notice abnormal behaviour, they should be able to distinguish between those two causes to take appropriate measures, because for example replacing a sensor in case of intentional incorrect sensor measurements would be ineffective and would not block corresponding the attack vector. In the previous work, we developed the attack-failure distinguisher framework for constructing Bayesian Network (BN) models to enable operators to distinguish between those two causes, including the knowledge elicitation method to construct the directed acyclic graph and conditional probability tables of BN models. As a full case study of the attack-failure distinguisher framework, this paper presents a BN model constructed to distinguish between attacks and technical failures for the problem of incorrect sensor measurements in floodgates, addressing the problem of floodgate operators. We utilised experts who associate themselves with the safety and/or security community to construct the BN model and validate the qualitative part of constructed BN model. The constructed BN model is usable in water management infrastructures to distinguish between intentional attacks and accidental technical failures in case of incorrect sensor measurements. This could help to decide on appropriate response strategies and avoid further complications in case of incorrect sensor measurements.

DMAPT: Study of Data Mining and Machine Learning Techniques in Advanced Persistent Threat Attribution and Detection

Modern-day malware is intelligent enough to hide its presence and perform stealthy operations in the background. Advance Persistent Threat (APT) is one such kind of malware attack on sensitive corporate and banking networks to stay there for a long time undetected. In real-time corporate networks, identifying the presence of intruders is a big challenging task for security experts. Recent APT attacks like Carbanak, The Big Bang, and Red Echo attack (targeting the Indian power sector) are ringing alarms globally. New data exfiltration methods and advancements in malware techniques are the two main reasons for rapid and robust APT evolution. Although many traditional and hybrid methods are available to detect this stealthy malware, the number of target-specific attacks are increasing rapidly at global level. Attackers have been crafting payloads resistant to malware sandbox environments so that traditional sandboxing techniques may not work with these APT malware detection. In this paper, we shed light on various Data Mining, Machine Learning techniques and frameworks used in both Attribution and Detection of APT malware. Added to this, our work highlight GAP analysis and need for paradigm shift in existing techniques to deal with evolving modern APT malware.