European Conference on Cyber Warfare and Security最新文献

{"title":"DPIA for Cloud-based Health Organizations in the context of GDPR","authors":"Dimitra Georgiou, C. Lambrinoudakis","doi":"10.34190/eccws.22.1.1144","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1144","url":null,"abstract":"The General Data Protection Regulation is the core instrument of the reformed legal framework for personal data protection in the European Union. The GDPR was put into effect on May 25, 2018, and requires assessing and conducting a Data Protection Impact Assessment for processing operations that are likely to result in a high risk to the rights and freedoms of natural persons, specifically using new technologies and considering the nature, scope, context, and purposes of the processing. Although GDPR does not precisely specify the types of processing activities for which a DPIA would be necessary, through the guidelines that it provides, the organization should conduct a DPIA, if there is large scale processing of health data. An example of this, is a Cloud-based Health Organization. Taking into account this parameter, that Cloud-based Health Organization processes personal data that could impact the freedoms and rights of a data subject under the GDPR and that the GDPR does not specify a DPIA process to follow, instead it allows organizations to use a framework that complements their existing processes, this paper presents the last two steps of a DPIA study for a Cloud-based Health Organization and provides guidelines on how to carry them out effectively. This study is part of a project for the compliance of Cloud-based Health Organizations with the General Data Protection Regulation 2016/679. For fulfilling the objectives of this study, the PIA-CNIL methodology is applied, which is in accordance with the data privacy impact assessment that has been described in ISO/IEC 29134. The main contribution of this work is the development of a guide that is designed to help Cloud-based Health organizations identify, analyze and reduce data protection risks in relation to their processing activities. More analytically, this research presents the risks that could be materialized by the data processing activities carried out by a Cloud-based Health Organization regarding its Processing Activities and could have an impact on the fundamental rights and freedoms of natural persons.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"70 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128384712","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Deep-learning-based Intrusion Detection for Software-defined Networking Space Systems","authors":"Uakomba Uhongora, Ronald Mulinde, Yee Wei Law, J. Slay","doi":"10.34190/eccws.22.1.1085","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1085","url":null,"abstract":"This paper briefly reviews the application of the Software-defined Networking (SDN) architecture to satellite networks. It highlights the prominent cyber threats that SDN-based satellite networks are vulnerable to and proposes relevant defence mechanisms. SDN transforms traditional networking architectures by separating the control plane from the forwarding (data) plane. This separation enhances scalability and centralises management. In comparison, in traditional networks, the control plane and the data plane are usually combined, resulting in complex network management and reduced scalability. Satellite networks can take advantage of these benefits offered by SDN and this supports them as key enablers of critical services, including weather prediction, global broadband Internet coverage, and Internet of Things (IoT) services. Ease of configuration and flexibility are essential for satellites providing critical services to instantly adapt to network changes. These desirable attributes can be realised by applying SDN to satellite networks.  Although SDN offers significant benefits to satellite networks, it is vulnerable to cyber-attacks and particularly due to its centralised architecture. A common attack on SDN is the Distributed Denial of Service (DDoS) attack which could render the entire SDN unavailable. To mitigate such threats, an efficient Intrusion Detection System (IDS) is required to monitor the network and detect any suspicious traffic. However, traditional IDSs produce too many false positives and often fail to detect advanced attacks. For their ability to learn feature hierarchies in network traffic data automatically, whether, for network traffic classification or anomaly detection, deep learning (DL) plays an increasingly important role in IDSs. In this paper, we present a brief review of recent developments in cyber security for SDN-based space systems, and we identify vulnerabilities and threats to an SDN-based satellite network. We further discuss the potential of a DL-based IDS for the detection of cyber threats. Finally, we identify further research gaps in the recent literature and propose future research directions.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"130 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131742874","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Fake news as a distortion of media reality: tell-truth strategy in the post-truth era","authors":"Anastasiia Iufereva","doi":"10.34190/eccws.22.1.1080","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1080","url":null,"abstract":"The article deals with fake news which has been considered one of the greatest threats to information security. The expansion of digital technologies and the development of communication networks have contributed to the spreading of misinformation. In particular, the emergence of different sources of information on the Internet, the growing polarization of opinions in the political and socio-economic dimensions, the devaluation of the fact, and the widespread fake news on the Internet (e.g., social media) form the question of revision of the process of collecting, verifying presenting information, methods, and technologies for verifying facts, including methods for countering fake news. Although this issue has been widely investigated in academic discourse, there are still controversial arguments regarding which elements should form a tell-truth strategy. This paper focuses on recent research that reflects trends and patterns in this field and on the author’s empirical survey - interviews with university professors and media experts (N=6), journalists (N=6), and students (N=14) in Russia. In this study, the author describes the key characteristics of fake news and the elements of this tell-truth strategy. It is intended that this paper focuses on both professional journalists and professors who may use the results of this investigation in such courses as political science, sociology, philosophy, and journalism.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"306 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133690340","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"How Does the Tallinn Manual 2.0 Shed Light on the Threat of Cyber Attacks against Taiwan?","authors":"Chih-Hsiang Chang","doi":"10.34190/eccws.22.1.1294","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1294","url":null,"abstract":"This paper will identify possible unsettled issues when applying jus ad bellum and jus in bello to case scenarios based on China's cyber operations against Taiwan, pursuant to the rules of international law governing cyber or military operations attributable to States reflected in Tallinn Manual 2.0. This paper will argue that because of Taiwan’s legal international status as a sovereign State, the different responsive actions it may take, should it be faced with any such aggressive cyber or military attack, may be considered controversial.  This paper will then identify the possible legal issues that may pertain under current international law, should any such armed conflict occur between China and Taiwan.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133597459","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Target Audiences’ Characteristics and Prospective in Countering Information Warfare","authors":"Daniel Ionel Andrei Nistor","doi":"10.34190/eccws.22.1.1169","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1169","url":null,"abstract":"NATO Defense Education Enhancement Program defines Information Warfare as an operation run to get cognitive assets over the opponents, by controlling one’s own information space while disrupting the opponents’ one. Not new as a process, continuous technological progress has endowed this phenomenon with speed and instruments to fight cyber and cognitive battles, to attack perceptions, trust, polarise and disrupt societies at large. The all present and undergoing kinetic conflict between Russia and Ukraine doubled by an even stronger cognitive and information war since February 2022 has highlighted even more the need to better understand individuals’ behaviour and characteristics when faced with unconventional attacks, irrespective of a passive or active feedback. By identifying and analysing specific public categories, one can establish which are contextual variables that trigger a social reaction, to be able to then design a set of protective or defensive measures. For a full understanding of the way Information Warfare impacts people’s thinking and decision-making process, to see how a resilience plan can be designed, one should investigate not only the information war instruments but also their effects over people at large. Not knowing the voice of the hostile authors, it Is still important to understand the domestic audience and their reaction to it, so that protective actions be taken for resilience and protection, through education. The domestic public’s identity and its dominant characteristics are brought into attention to understand which is the relation between these and the way Information Warfare can be countered through education, with examples from the Russian’s hostile activity. Values, national identity, stereotypes and generalist psychological profiles will be looked at in this paper, to be put in relation to behaviours, attitude change and resistance in front of types of messages, campaigns and types of media-embedded grey zone threats. The present paper is part of a larger PhD research program that focuses on consolidating a society’s security culture through better institutional strategic communication, therefore all the findings will be used to this end.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121284930","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cyberspace Geography and Cyber Terrain: Challenges Producing a Universal map of Cyberspace","authors":"Alexander Grandin","doi":"10.34190/eccws.22.1.1255","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1255","url":null,"abstract":"Much in the same way that cyber has become the fifth military domain, cyberspace has also brought forth the research area of Cyberspace Geography. The challenge of producing a universal map of cyberspace however still exists. Cybersecurity specialists, military personnel and researchers still begin with a blank sheet on which the wanted elements of cyberspace are arranged before solving their actual problem. The abundance of elements in cyberspace requires a careful selection of factors to include in one's map, depending on how it will be used. However, a complex and ever-changing environment such as cyberspace could make use of a generally acknowledged starting point, facilitating this work. In previous research cyberspace has been described as a combination of the physical world, the social world and the information world. The multidisciplinary research in Cyberspace Geography has developed models for mapping and displaying cyberspace. This is often done by creating topological maps, much like the map of the New York subway system. Military cybersecurity researchers have through the concept of Cyber Terrain presented similar models of cyberspace for military operations. Research has also been produced on the techniques and methods for mapping cyberspace as well as the different presentations of the mapped information. Graph theory has for instance been used as a mathematical model of cyberspace. It is nonetheless unclear if there is some degree of universality in the elements that the different research presents. Which are e.g. the similar features between the cyberspace maps that are used for military operations, that describe the cyber environment of a country or between the elements used for modelling a cybersecurity system? This paper aims to present a solution to this challenge by systematically reviewing the research on Cyberspace Geography and Cyber Terrain using thematic analysis. The different elements of the maps of cyberspace are reviewed. The research will answer if a universal map, that can be used as a starting point for solving multiple challenges in cyberspace, can at present be prepared.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130700599","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"NCSS: A global census of national positions on conflict, neutrality and cooperation","authors":"Radu Antonio Serrano Iova, Tomoe Watashiba","doi":"10.34190/eccws.22.1.1168","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1168","url":null,"abstract":"The ubiquity of ICT and the increase in cyber threats have pushed countries to view cybersecurity from a national perspective and draft appropriate national strategies on the topic. While containing similar terminology, these strategies are tailored to the national contexts and hence, differ across regions, cultures, and political contexts. Previous research of these documents has been focused on comparative analysis of countries that can either be considered well developed on this topic or for specific subtopics of cybersecurity. However, some of the subtopics have not been addressed, only now having become more prevalent due to current international conflicts and national / regional socio-political scuffles that have spilled into cyberspace. In our paper, we investigate all countries that have published a National Cyber Security Strategy - NCSS - (or any similar document under a different nomenclature, e.g., policy, decree, etc.), specifically in reference to their position on war, neutrality, and international cooperation. Countries maintaining an NCSS will first be identified using international databases, upon which further study of the aforementioned topics in the NCSSs will occur. We hypothesize, that while international cooperation will be present in most, if not all NCSSs, armed conflicts and neutrality will not be addressed at all nor in depth, in those that contain any reference to them. The resulting paper will present a near-global case study of these topics, which can then signify potential areas of improvement, capacity building, and strengthening of democratic coalitions, globally.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"75 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132910577","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Role of Techno-Economic Coalitions in Future Cyberspace Governance: 'Backcasting' as a Method for Strategic Foresight","authors":"Mari Ristolainen","doi":"10.34190/eccws.22.1.1078","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1078","url":null,"abstract":"In an increasingly complex threat landscape, many nations struggle with developing and implementing effective cybersecurity policies for cyberspace governance at a national and international level. Balancing between the demands for establishing national sovereignty and strengthening international collaboration in cyberspace have become a problematic assignment. Collaborating with nations supporting extensively dissimilar ideologies and cybersecurity policies is controversial. Yet, it is almost impossible for a single country to achieve 'self-sufficiency' in cyberspace. Thus, in order to remain competitive, protected, and resilient one must either join or strengthen a developing techno-economic coalition with similar national cybersecurity policies and/or ideological framework. Consequently, this paper argues that techno-economic coalitions serve as an emerging issue or trend for strategic foresight in cyberspace governance in the future. This paper discusses the potential formation of techno-economic coalitions and shows how 'backcasting' can be used in strategic foresight. In this paper, 'backcasting' is not used as a method for creating a traditional strategic map to a future goal, but as a framework for determining what should have happened in order for the techno-economic coalitions to emerge in future cyberspace, i.e. for finding issues or trends that should be followed in strategic foresight today. Firstly, cyberspace governance in relation to national cybersecurity policies is contextualised. Secondly, the concept of techno-economic coalition is defined and the potential emerging techno-economic coalitions are explicated. Thirdly, 'backcasting' as a method for strategic foresight is described. Fourthly, the results of a 'backcasting' experiment in a strategic foresight workshop are presented. And finally, the future formation and role of techno-economic coalitions in cyberspace governance and in cyber defence both at a national and international level are discussed. The role of techno-economic coalitions in future cyberspace governance should be understood and considered today when developing strategic plans and implementing national and international cybersecurity policies.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"2012 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114800137","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An Analysis of the MTI Crypto Investment Scam: User Case","authors":"J. Botha, Thor Pederson, L. Leenen","doi":"10.34190/eccws.22.1.1441","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1441","url":null,"abstract":"Since the start of the Covid-19 pandemic, blockchain and cryptocurrency adoption has increased significantly. The adoption rate of blockchain-based technologies has surpassed the Internet adoption rate in the 90s and early 2000s. As this industry has grown significantly, so too has the instances of crypto scams. Numerous cryptocurrency scams exist to exploit users. The generally limited understanding of how cryptocurrencies operate has increased the possible number of scams, relying on people’s misplaced sense of trust and desire for making money quickly and easily. As such, investment scams have also been growing in popularity. Mirror Trading International (MTI) has been named South Africa’s biggest crypto scam in 2020, resulting in losses of $1.7 billion. It is also one of the largest reported international crypto investment scams. This paper focuses on a specific aspect of the MTI scam; an analysis on the fund movements on the blockchain from the perpetrators and members who benefited the most from the scam. The authors used various Open-Source Intelligence (OSINT) tools, alongside QLUE, as well as news articles and blockchain explorers. These tools and techniques are used to follow the money-trial on the blockchain, in search of possible mistakes made by the perpetrator. This could include instances where some personal information might have been leaked. With such disclosed personal information, OSINT tools and investigative techniques can be used to identify the criminals. Due to the CEO of MTI having been arrested, and the case currently being dealt with in the court of law in South Africa, this paper also presents investigative processes that could be followed. Thus, the focus of this paper is to follow the money and consequently propose a process for an investigator to investigate crypto crimes and scams on the blockchain. As the adoption of blockchain technologies continues to increase at unprecedented rates, it is imperative to produce investigative toolkits and use cases to help reduce time spent trying to catch bad actors within the generally anonymous realm of cryptocurrencies.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"77 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117223340","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Digital Forensic Readiness Model for Internet Voting","authors":"Edmore Muyambo, Stacey O Baror","doi":"10.34190/eccws.22.1.1186","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1186","url":null,"abstract":"Voting is an exercise of choosing a preferred candidate through a process called an election. In many countries, this exercise is a basic human right. In every election process, there are some pre-requisite processes and procedures which must be set up first. These are essential in the pre-vote-casting stage, during vote-casting and post-vote-casting stage. Electoral disagreements amongst stakeholders and parties of interest are usually experienced in each of the above-mentioned voting process stages. The main points of conflict in an election process are vote rigging and vote fraud. Failure to amicably mitigate these issues can result in a criticised/rejected election result. Therefore, this research aims to address the problem of vote rigging and vote fraud allegations in an election process. The resolution thereof is achieved through the introduction of an online based voting system which is supported by a digital forensic readiness mechanism. Online voting system gives citizens the flexibility to use internet-enabled devices such as cell phones and laptops to cast their votes in a safe, secrete and secure protocol. To address the problem of vote rigging and vote fraud, the online voting system is integrated with cyber security and vote protection mechanisms. The cyber security and vote protection mechanism is based on Blockchain algorithms. A Blockchain-based voting process is a peer-to-peer mechanism where a decentralised database is used to store data. Tokens move directly from one peer (voter) to another peer (candidate). The results are tallied by counting the number of tokens paid to each candidate. Each voter is allocated a Bitcoin token and each candidate is allocated a Bitcoin address. During vote casting, the voter transfers their Bitcoin token into the wallet of a registered candidate. At the end of the voting process, the total number of Bitcoin tokens transferred to each candidate is counted and tallied up. The wallet is loaded with only one Bitcoin token, hence there is no possibility of double voting. The model ensures vote security, anonymity, auditability, accountability, accuracy and uniqueness.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124249794","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}