发布求助
文献互助 智能选刊 最新文献

2012 International Conference on Cyber Security最新文献

筛选
英文 中文
A Dynamic Covert Passive Actors Detection Scheme for a Healthy Networked Community 健康网络社区的动态隐蔽被动行动者检测方案
2012 International Conference on Cyber Security Pub Date : 2012-12-14 DOI: 10.1109/CyberSecurity.2012.30
Munene W. Kanampiu, J. Zhan
{"title":"A Dynamic Covert Passive Actors Detection Scheme for a Healthy Networked Community","authors":"Munene W. Kanampiu, J. Zhan","doi":"10.1109/CyberSecurity.2012.30","DOIUrl":"https://doi.org/10.1109/CyberSecurity.2012.30","url":null,"abstract":"For a network community, passive attacks are of the nature of eavesdropping on, monitoring of, transmissions where the goal of the attacker is to obtain information that is being transmitted. Unlike active attacks that are easy to detect and prevent, passive attacks are difficult to detect and therefore hard to prevent. Research in this area has mainly focused on preventing the attacks rather than detecting the covert attacker. For example existing eavesdropping schemes address the problem mainly by employing encryption. But encryption by itself is not enough because passive attacks can occur in more ways than just observing exposed data. It is also known that encryption is not always applicable for example in open wireless communication protocols. This observation has motivated us to design a scheme that aims to reduce such attackers' capability extent by intercepting and eradicating them as soon as possible. Our scheme detects, sequesters, investigates, and expels such malicious passive actors from the networked community.","PeriodicalId":162858,"journal":{"name":"2012 International Conference on Cyber Security","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125242378","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Systems for Detecting Advanced Persistent Threats: A Development Roadmap Using Intelligent Data Analysis 检测高级持续威胁的系统:使用智能数据分析的发展路线图
2012 International Conference on Cyber Security Pub Date : 2012-12-14 DOI: 10.1109/CyberSecurity.2012.14
J. D. Vries, H. Hoogstraaten, J. Berg, S. Daskapan
{"title":"Systems for Detecting Advanced Persistent Threats: A Development Roadmap Using Intelligent Data Analysis","authors":"J. D. Vries, H. Hoogstraaten, J. Berg, S. Daskapan","doi":"10.1109/CyberSecurity.2012.14","DOIUrl":"https://doi.org/10.1109/CyberSecurity.2012.14","url":null,"abstract":"Cyber-attacks against companies and governments are increasing in complexity, persistence and numbers. Common intrusion detection methods lack the ability to detect such - what are commonly termed - advanced persistent threats. A new approach is needed that takes the stepwise characteristics of this type of threats into account and links analysis methods to attack features. This paper takes up this challenge. First, an analysis framework is proposed to relate complex attack attributes to detection and business aspects. Second, the framework is used to define a development roadmap for designing advanced intrusion detection systems, such systems can analyze network traffic and client data at multiple network locations using both signature and anomaly detection methods derived from the intelligent data analysis field. Third, a test case is provided showing the potential power of the proposed development roadmap.","PeriodicalId":162858,"journal":{"name":"2012 International Conference on Cyber Security","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122083435","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 46
Leveraging an Inventory of the Cognitive Radio Attack Surface 利用认知无线电攻击面清单
2012 International Conference on Cyber Security Pub Date : 2012-12-14 DOI: 10.1109/CyberSecurity.2012.24
Andre Abadie, D. Wijesekera
{"title":"Leveraging an Inventory of the Cognitive Radio Attack Surface","authors":"Andre Abadie, D. Wijesekera","doi":"10.1109/CyberSecurity.2012.24","DOIUrl":"https://doi.org/10.1109/CyberSecurity.2012.24","url":null,"abstract":"The cognitive radio is an emerging technology that holds great promise due to its adaptive nature and ability to exploit the advantages inherent to software defined radios (SDR). The cognitive radio's potential to address spectrum access challenges resulting from an exponential increase in the number of network devices will make it a leading technology of the next decade. For this reason, it is imperative to investigate the security considerations of the cognitive radio in its infancy rather than attempt to address them at maturity. Though research in the vulnerabilities of cognitive radio exists, few explore the threat vectors against both the cognitive engine and the underlying SDR infrastructure within which it operates. This paper takes such a holistic approach, and then further contributes to the research area by offering three misuse cases that portray how the vulnerabilities discussed could be exploited. These cases visualize the risk environment based on a denial of service, an advanced persistent threat, and an insider threat and will allow for security practitioners to anticipate how their organizations may be impacted. Moreover, by introducing a simulation of the threat one can use existing principles to analyze its prosecution (i.e. attack graphs, evidence graphs, etc.).","PeriodicalId":162858,"journal":{"name":"2012 International Conference on Cyber Security","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122163545","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Towards Defeating DDoS Attacks 如何应对DDoS攻击
2012 International Conference on Cyber Security Pub Date : 2012-12-14 DOI: 10.1109/CyberSecurity.2012.34
Alexander S. Doyal, J. Zhan, Huiming Yu
{"title":"Towards Defeating DDoS Attacks","authors":"Alexander S. Doyal, J. Zhan, Huiming Yu","doi":"10.1109/CyberSecurity.2012.34","DOIUrl":"https://doi.org/10.1109/CyberSecurity.2012.34","url":null,"abstract":"Distributed Denial of Service (DDoS) attacks are attacks where a host of compromised systems are used to target a single system. This single system can be either an actual machine or a network resource. What makes these attacks so prevalent and hard to deal with is the fact that they are distributed. They come from a wide variety of machines, making them hard to trace and even harder to counter. This, in conjunction with the fact that many tools are becoming available on the market that make DDoS attacks easier, makes preventing DDoS attacks a very imperative issue. This paper proposes a mechanism, DDDoS, or Triple Dos, which will deal with DDoS attacks on the Internet layer. There are registration and authentication protocols used to connect clients and servers, so that an unregistered client cannot access the network and thus flood it with traffic. The Triple Dos service will only be activated when a DDoS attack is detected (using clustering), and it will ensure that registered clients and servers can always communicate.","PeriodicalId":162858,"journal":{"name":"2012 International Conference on Cyber Security","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129524400","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Crucial Nodes Centric Visual Monitoring and Analysis of Computer Networks 以关键节点为中心的计算机网络可视化监控与分析
2012 International Conference on Cyber Security Pub Date : 2012-12-14 DOI: 10.1109/CyberSecurity.2012.9
Hanchen Song, C. Muelder, K. Ma
{"title":"Crucial Nodes Centric Visual Monitoring and Analysis of Computer Networks","authors":"Hanchen Song, C. Muelder, K. Ma","doi":"10.1109/CyberSecurity.2012.9","DOIUrl":"https://doi.org/10.1109/CyberSecurity.2012.9","url":null,"abstract":"Monitoring of computer network events is essential in uncertain and time varying situations. Several techniques and tools have been developed to reveal useful patterns from raw network data sets. Challenges for network monitoring include processing massive data, spotting unknown patterns, and interactive analysis for deeper reasoning. Generally, computers in intranets are categorized into crucial nodes or not depending on their roles. We address the issue of network events monitoring by focusing on crucial network nodes, and we present visualization approaches for crucial nodes monitoring and analysis. Contributions of this paper include an efficient categorization and exchange mechanism for multiple streaming data, a comprehensive interactive visualization system with coordinated views, and an intuitive radial visualization which fuses firewall data and IDS data inherently for crucial node monitoring. In our study using the IEEE VAST Challenge 2011 dataset, we found two kinds of anomalies.","PeriodicalId":162858,"journal":{"name":"2012 International Conference on Cyber Security","volume":"64 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133173909","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
A Context-Based Detection Framework for Advanced Persistent Threats 基于上下文的高级持续威胁检测框架
2012 International Conference on Cyber Security Pub Date : 2012-12-14 DOI: 10.1109/CyberSecurity.2012.16
P. Giura, Wei Wang
{"title":"A Context-Based Detection Framework for Advanced Persistent Threats","authors":"P. Giura, Wei Wang","doi":"10.1109/CyberSecurity.2012.16","DOIUrl":"https://doi.org/10.1109/CyberSecurity.2012.16","url":null,"abstract":"Besides a large set of malware categories such as worms and Trojan horses, Advanced Persistent Threat (APT) is another more sophisticated attack entity emerging in the cyber threats environment. In this paper we propose a model of the APT detection problem as well as a methodology to implement it on a generic organization network. From our knowledge, the proposed method is the first to address the problem of modeling an APT and to provide a possible detection framework.","PeriodicalId":162858,"journal":{"name":"2012 International Conference on Cyber Security","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133810404","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 86
Principal Causes of Information Communication Technology (ICT) Risk Failure in an SME 中小企业信息通信技术风险失效的主要原因
2012 International Conference on Cyber Security Pub Date : 2012-12-14 DOI: 10.1109/CyberSecurity.2012.26
A. Bayaga, Stephen Flowerday
{"title":"Principal Causes of Information Communication Technology (ICT) Risk Failure in an SME","authors":"A. Bayaga, Stephen Flowerday","doi":"10.1109/CyberSecurity.2012.26","DOIUrl":"https://doi.org/10.1109/CyberSecurity.2012.26","url":null,"abstract":"The objective of the research was to analyze the principal causes of information communication technology (ICT) risk failure in an SME. Hence, it was hypothesized that there is a significant relationship between the principal causes of ICT failure and operational risk management (ORM) adoption in small and medium enterprise (SME). In order to address the hypothesis, two questions were posed (1) how well do the measures of principal causes of ICT failure predict ORM adoption within SMEs? and (2) which is the best predictor of principal causes of ICT failure? From the review of literature, an instrument (closed ended questionnaire) was developed with the aim of covering the research objective. Questionnaires were sent to 107 respondents of the SME according to simple random sampling plan. The questionnaires were analysed for correlation and multiple regression analysis to predict ORM adoption based on the ICT failure. The results of the analysis presented answered the two questions posed at the beginning. The findings revealed that the ICT principal failures included five sub variables which explained 13% (R2 =. 13) of the variance in principal causes of ICT failure as predictor of ORM adoption within SMEs. Of the five sub variables, insufficient or improper user participation in the systems development process made the largest unique contribution (â= -.38, p. 05).","PeriodicalId":162858,"journal":{"name":"2012 International Conference on Cyber Security","volume":"78 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117307021","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
A Generic Approach to Critical Infrastructure Modeling and Simulation 关键基础设施建模与仿真的通用方法
2012 International Conference on Cyber Security Pub Date : 2012-12-14 DOI: 10.1109/CyberSecurity.2012.25
Marlies Rybnicek, R. Poisel, Manfred Ruzicka, S. Tjoa
{"title":"A Generic Approach to Critical Infrastructure Modeling and Simulation","authors":"Marlies Rybnicek, R. Poisel, Manfred Ruzicka, S. Tjoa","doi":"10.1109/CyberSecurity.2012.25","DOIUrl":"https://doi.org/10.1109/CyberSecurity.2012.25","url":null,"abstract":"Nowadays health, safety or economic wealth more than ever depend on the correct functionality of services (e.g. water supply, power supply) provided by critical infrastructures. To provide the demanded service level and to mitigate the effects of malfunctions and breakdowns of components it is vital to have flexible modeling and simulation capabilities. In this paper we therefore present a generic approach that aims to model and simulate critical infrastructure entities. We also briefly outline how the approach can be realized by introducing our proof-of-concept prototype architecture.","PeriodicalId":162858,"journal":{"name":"2012 International Conference on Cyber Security","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117094312","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Gaining Big Picture Awareness through an Interconnected Cross-Layer Situation Knowledge Reference Model 通过相互关联的跨层情境知识参考模型获得全局意识
2012 International Conference on Cyber Security Pub Date : 2012-12-14 DOI: 10.1109/CyberSecurity.2012.18
Jun Dai, Xiaoyan Sun, Peng Liu, N. Giacobe
{"title":"Gaining Big Picture Awareness through an Interconnected Cross-Layer Situation Knowledge Reference Model","authors":"Jun Dai, Xiaoyan Sun, Peng Liu, N. Giacobe","doi":"10.1109/CyberSecurity.2012.18","DOIUrl":"https://doi.org/10.1109/CyberSecurity.2012.18","url":null,"abstract":"In both military operations and the commercial world, cyber situation awareness (SA) is a key element of mission assurance. Due to the needs for mission damage and impact assessment and asset identification (and prioritization), cyber SA is beyond intrusion detection and attack graph analysis. In this paper, we propose a cross-layer situation knowledge reference model (SKRM) to address the unique cyber SA needs of real-world missions. SKRM provides new insight on how to break the \"stovepipes\" created by isolated situation knowledge collectors and gain comprehensive level big picture awareness. Through a concrete case study, we show that SKRM is the key enabler for two SA capabilities beyond intrusion detection and aintrusionttack graph analysis. The potentials and the current limitations of SKRM and SKRM-enabled analysis are also discussed.","PeriodicalId":162858,"journal":{"name":"2012 International Conference on Cyber Security","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116856898","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Fault Tree Analysis of Accidental Insider Security Events 意外内部安全事件的故障树分析
2012 International Conference on Cyber Security Pub Date : 2012-12-14 DOI: 10.1109/CyberSecurity.2012.21
P. Patil, P. Zavarsky, Dale Lindskog, Ron Ruhl
{"title":"Fault Tree Analysis of Accidental Insider Security Events","authors":"P. Patil, P. Zavarsky, Dale Lindskog, Ron Ruhl","doi":"10.1109/CyberSecurity.2012.21","DOIUrl":"https://doi.org/10.1109/CyberSecurity.2012.21","url":null,"abstract":"Insider threats have been categorized as unintentional and malicious. The frameworks and models which are used to detect malicious behavior of employees would likely fail to detect unintentional insider as there is no malicious intent. This paper accentuates the limitation of MERIT (Management and Education of Risks of Insider Threat) in its scope for accidental insider threats and proposes Fault Tree Analysis (FTA) of the security events caused by accidental insiders. We perform FTA on two cases involving accidental insiders which help understand human side behind the user errors. The first case involves data loss via outbound email due to employee error while the second case involves accidental disclosure of sensitive information by insiders. The countermeasures are thus better interpreted and communicated as the causes of a threat are well understood which is essential for human fault avoidance.","PeriodicalId":162858,"journal":{"name":"2012 International Conference on Cyber Security","volume":"650 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124269772","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信