发布求助
文献互助 智能选刊 最新文献

2021 IEEE International Conference on Cyber Security and Resilience (CSR)最新文献

筛选
英文 中文
The Impact of COVID-19 on the Security and Resilience of the Maritime Transportation System 2019冠状病毒病对海上运输系统安全性和复原力的影响
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527935
Liam Brew, Logan Drazovich, S. Wetzel
{"title":"The Impact of COVID-19 on the Security and Resilience of the Maritime Transportation System","authors":"Liam Brew, Logan Drazovich, S. Wetzel","doi":"10.1109/CSR51186.2021.9527935","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527935","url":null,"abstract":"As a critical infrastructure component, the maritime transportation system plays a central role in today’s world economy. COVID-19 had an outsized impact on the maritime transportation system—especially also in regards to its security and resilience. This work analyzes the impacts and devises recommendations geared to improve the security and resilience posture of the maritime transportation system in case of future disruptive or black swan type events.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133931360","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Resilience learning through self adaptation in digital twins of human-cyber-physical systems 在人-网络-物理系统的数字孪生体中通过自我适应的弹性学习
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527913
E. Bellini, F. Bagnoli, M. Caporuscio, E. Damiani, Francesco Flammini, I. Linkov, P. Lio’, S. Marrone
{"title":"Resilience learning through self adaptation in digital twins of human-cyber-physical systems","authors":"E. Bellini, F. Bagnoli, M. Caporuscio, E. Damiani, Francesco Flammini, I. Linkov, P. Lio’, S. Marrone","doi":"10.1109/CSR51186.2021.9527913","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527913","url":null,"abstract":"Human-Cyber-Physical-Systems (HPCS), such as critical infrastructures in modern society, are subject to several systemic threats due to their complex interconnections and interdependencies. Management of systemic threats requires a paradigm shift from static risk assessment to holistic resilience modeling and evaluation using intelligent, data-driven and run-time approaches. In fact, the complexity and criticality of HCPS requires timely decisions considering many parameters and implications, which in turn require the adoption of advanced monitoring frameworks and evaluation tools. In order to tackle such challenge, we introduce those new paradigms in a framework named RESILTRON, envisioning Digital Twins (DT) to support decision making and improve resilience in HCPS under systemic stress. In order to represent possibly complex and heterogeneous HCPS, together with their environment and stressors, we leverage on multi-simulation approaches, combining multiple formalisms, data-driven approaches and Artificial Intelligence (AI) modelling paradigms, through a structured, modular and compositional framework. DT are used to provide an adaptive abstract representation of the system in terms of multi-layered spatially-embedded dynamic networks, and to apply self-adaptation to time-warped What-If analyses, in order to find the best sequence of decisions to ensure resilience under uncertainty and continuous HPCS evolution.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129223067","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Disposable identities; enabling trust-by-design to build more sustainable data driven value 一次性身份;实现设计信任,构建更可持续的数据驱动价值
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527950
Jari Isohanni, Lorna Goulden, K. Hermsen, M. Ross, Jef Vanbockryck
{"title":"Disposable identities; enabling trust-by-design to build more sustainable data driven value","authors":"Jari Isohanni, Lorna Goulden, K. Hermsen, M. Ross, Jef Vanbockryck","doi":"10.1109/CSR51186.2021.9527950","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527950","url":null,"abstract":"This article introduces a working definition of Disposable Identities, alongside reference use cases and an exploration of possible technical approaches. The Disposable Identities enable developers of mobile or web applications to employ a novel self-sovereign identity and data privacy framework, aimed primarily at rebuilding trust in digital services by providing greater transparency, decentralized identity and data control, with integrated General Data Protection Regulation (GDPR) compliance mechanisms. With a user interface enabling the management of multiple self sovereign identities, privacy consents, digital authorizations, and associated data driven transactions, the additional advantage of Disposable Identities is that they may also contain verifiable data such as the owner’s photograph, official or even biometric identifiers for more proactive prevention of identity abuse. Disposable Identities are designed for advanced decentralized privacy agreements, which can also be time, purpose and context bound through a secure digital contract; with verification functionalities based on tamper-proof technologies.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128742243","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Using Deep Packet Inspection in CyberTraffic Analysis 基于深度包检测的网络流量分析
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527976
L. Deri, F. Fusco
{"title":"Using Deep Packet Inspection in CyberTraffic Analysis","authors":"L. Deri, F. Fusco","doi":"10.1109/CSR51186.2021.9527976","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527976","url":null,"abstract":"In recent years we have observed an escalation of cybersecurity attacks, which are becoming more sophisticated and harder to detect as they use more advanced evasion techniques and encrypted communications. The research community has often proposed the use of machine learning techniques to overcome the limitations of traditional cybersecurity approaches based on rules and signatures, which are hard to maintain, require constant updates, and do not solve the problems of zero-day attacks. Unfortunately, machine learning is not the holy grail of cybersecurity: machine learning-based techniques are hard to develop due to the lack of annotated data, are often computationally intensive, they can be target of hard to detect adversarial attacks, and more importantly are often not able to provide explanations for the predicted outcomes. In this paper, we describe a novel approach to cybersecurity detection leveraging on the concept of security score. Our approach demonstrates that extracting signals via deep packet inspections paves the way for efficient detection using traffic analysis. This work has been validated against various traffic datasets containing network attacks, showing that it can effectively detect network threats without the complexity of machine learning-based solutions.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"69 6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116377392","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Machine Learning for Threat Recognition in Critical Cyber-Physical Systems 关键信息物理系统中威胁识别的机器学习
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527979
Paola Perrone, Francesco Flammini, R. Setola
{"title":"Machine Learning for Threat Recognition in Critical Cyber-Physical Systems","authors":"Paola Perrone, Francesco Flammini, R. Setola","doi":"10.1109/CSR51186.2021.9527979","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527979","url":null,"abstract":"Cybersecurity has become an emerging challenge for business information management and critical infrastructure protection in recent years. Artificial Intelligence (AI) has been widely used in different fields, but it is still relatively new in the area of Cyber-Physical Systems (CPS) security. In this paper, we provide an approach based on Machine Learning (ML) to intelligent threat recognition to enable run-time risk assessment for superior situation awareness in CPS security monitoring. With the aim of classifying malicious activity, several machine learning methods, such as k-nearest neighbours (kNN), Naïve Bayes (NB), Support Vector Machine (SVM), Decision Tree (DT) and Random Forest (RF), have been applied and compared using two different publicly available real-world testbeds. The results show that RF allowed for the best classification performance. When used in reference industrial applications, the approach allows security control room operators to get notified of threats only when classification confidence will be above a threshold, hence reducing the stress of security managers and effectively supporting their decisions.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114555072","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Securing an MQTT-based Traffic Light Perception System for Autonomous Driving 确保基于mqtt的自动驾驶红绿灯感知系统的安全性
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527989
A. O. Affia, Raimundas Matulevičius
{"title":"Securing an MQTT-based Traffic Light Perception System for Autonomous Driving","authors":"A. O. Affia, Raimundas Matulevičius","doi":"10.1109/CSR51186.2021.9527989","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527989","url":null,"abstract":"In this paper, we follow a security-by-design method to implement a secure MQTT-based traffic light perception system for autonomous driving vehicles. This security-by-design method is supported by a security risk management perspective where we analyse security threat information from existing literature as input to evaluate the MQTT assets, security risks and risk treatment decisions at the design phase. We also assess the security of the implemented MQTT system using security tools for MQTT security testing. Thus, showing the need for iterative security risk management as security gaps were identified that would pose challenges especially for decisions on scaling the MQTT system for autonomous driving.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"212 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126098597","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Enhancing SIEM Technology for protecting Electrical Power and Energy Sector 加强SIEM技术以保护电力和能源部门
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527944
Iosif Sklavidis, Christos Angelidis, Rosanna Babagiannou, Angelos Liapis
{"title":"Enhancing SIEM Technology for protecting Electrical Power and Energy Sector","authors":"Iosif Sklavidis, Christos Angelidis, Rosanna Babagiannou, Angelos Liapis","doi":"10.1109/CSR51186.2021.9527944","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527944","url":null,"abstract":"In the last couple of years, the evolution, the rate and the variety of cyberattacks have increased rapidly causing many unexpected and harmful issues. These attacks do not only target single individuals, but also firms, critical infrastructure as long as a whole government. The most common solutions like firewalls, antivirus, NIDS and NIPS are no longer sufficient as they were the old days. Malicious users and attackers change their behavior, adjust to new methods and \"invisible\" ways to infect the system.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"177 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131502019","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Evaluation and Enhancement of the Actionability of Publicly Available Cyber Threat Information in Digital Forensics 数字取证中可公开获取的网络威胁信息可诉性的评估和增强
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527934
Athanasios Dimitriadis, Efstratios Lontzetidis, I. Mavridis
{"title":"Evaluation and Enhancement of the Actionability of Publicly Available Cyber Threat Information in Digital Forensics","authors":"Athanasios Dimitriadis, Efstratios Lontzetidis, I. Mavridis","doi":"10.1109/CSR51186.2021.9527934","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527934","url":null,"abstract":"Cyber threat information can be utilized to investigate incidents by leveraging threat-related knowledge from prior incidents with digital forensic techniques and tools. However, the actionability of cyber threat information in digital forensics has not yet been evaluated. Such evaluation is important to ascertain that cyber threat information is as actionable as it can be and to reveal areas of improvement. In this study, a dataset of cyber threat information products was created from well-known cyber threat information sources and its actionability in digital forensics was evaluated. The evaluation results showed a high level of cyber threat information actionability that still needs enhancements in supporting some widely present types of attacks. To further enhance the provision of actionable cyber threat information, the development of the new TREVItoSTIX Autopsy module is presented. TREVItoSTIX allows the expression of the findings of an incident investigation in the structured threat information expression format in order to be easily shared and reused in future digital forensics investigations.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130358442","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Cyber-Range Federation and Cyber-Security Games: A Gamification Scoring Model 网络联盟和网络安全游戏:游戏化评分模型
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527972
Jason Diakoumakos, Evangelos Chaskos, N. Kolokotronis, George Lepouras
{"title":"Cyber-Range Federation and Cyber-Security Games: A Gamification Scoring Model","authors":"Jason Diakoumakos, Evangelos Chaskos, N. Kolokotronis, George Lepouras","doi":"10.1109/CSR51186.2021.9527972","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527972","url":null,"abstract":"Professional training is essential for organizations to successfully defend their assets against cyber-attacks. Successful detection and prevention of security incidents demands that personnel is not just aware about the potential threats, but its security expertise goes far beyond the necessary background knowledge. To fill-in the gap for competent security professionals, platforms offering realistic training environments and scenarios are designed that are referred to as cyber-ranges. Multiple cyber-ranges listed under a common platform can simulate more complex environments, referred as cyber-range federations. Security education approaches often implement gamification mechanics to increase trainees’ engagement and maximize the outcome of the training process. Scoring is an integral part of a gamification scheme, allowing both the trainee and the trainer to monitor the former’s performance and progress. In this article, a novel scoring model is presented that is designed to be agnostic with respect to the source of information: either a CR or a variety of different CRs being part of a federated environment.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"84 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116608820","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Towards Intrusion Response Intel 迈向入侵响应Intel
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527957
Kieran Hughes, K. Mclaughlin, S. Sezer
{"title":"Towards Intrusion Response Intel","authors":"Kieran Hughes, K. Mclaughlin, S. Sezer","doi":"10.1109/CSR51186.2021.9527957","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527957","url":null,"abstract":"Threat Intelligence has been a key part of the success of Intrusion Detection, with several trusted sources leading to wide adoption and greater understanding of new and trending threats to computer networks. Identifying potential threats and live attacks on networks is only half the battle, knowing how to correctly respond to these threats and attacks requires in-depth and domain specific knowledge, which may be unique to subject experts and software vendors. Network Incident Responders and Intrusion Response Systems can benefit from a similar approach to Threat Intel, with a focus on potential Response actions. A qualitative comparison of current Threat Intel Sources and prominent Intrusion Response Systems is carried out to aid in the identification of key requirements to be met to enable the adoption of Response Intel. Building on these requirements, a template for Response Intel is proposed which incorporates standardised models developed by MITRE. Similarly, to facilitate the automated use of Response Intel, a structure for automated Response Actions is proposed.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131200674","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信