European Conference on Cyber Warfare and Security最新文献

{"title":"A Methodical Framework for Conducting Reconnaissance and Enumeration in the Ethical Hacking Lifecycle","authors":"Fouz Barman, N. Alkaabi, Hamda Almenhali, Mahra Alshedi, R. Ikuesan","doi":"10.34190/eccws.22.1.1438","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1438","url":null,"abstract":"Reconnaissance and enumeration are both equally significant phases of the penetration testing lifecycle. In hindsight, both reconnaissance and enumeration seem to be very similar as the pair involve information gathering. Whilst reconnaissance leverages passive approaches without direct interaction with the target, enumeration exploits susceptibilities and vulnerabilities in direct client-server communication. Both phases involve gathering information and pinpointing the attack surface within the network of the target. To do so, powerful tools such as Nmap and Netcat are utilized by ethical hackers and penetration testers to identify and resolve security vulnerabilities and weaknesses. Nmap is an open-source command-line tool used for information gathering, network discovery, and security auditing. Whereas Netcat is a back-end tool that manages networks, monitors traffic flow between systems, as well as allows port scanning and listening. However, the plethora of tools and approaches available for these two phases often introduce inconsistencies and time wastage, which can lead to frustration and poor outcome for inexperienced penetration testers. Additionally, not all commands found online are relevant and applicable. In such situations, there is a high probability that the user will feel overwhelmed and exasperated with the overflow of new and foreign information. To address this daunting challenge, this study developed a methodical framework that can provide a technical guide for the reconnaissance and enumeration phases of the penetration testing lifecycle. Furthermore, a clear and thorough step-by-step procedure and detailed explanations of each stage and commands initiated using Nmap and Netcat are provided. The output of this study will be extremely beneficial and informative to a vast group of audience, ranging from university students majoring in security to individuals interested in ethical hacking, and even someone looking for a job with a position of a penetration tester. Furthermore, this technical guide on Nmap and Netcat extends the common body of knowledge in penetration, as a bridge between the industry and academia.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129954403","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cybersecurity Through Thesis in Laurea University of Applied Sciences","authors":"Ilona Frisk, Harri Ruoslahti, Ilkka Tikanmäki","doi":"10.34190/eccws.22.1.1447","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1447","url":null,"abstract":"Information technology and its applications surround us and those have become crucial to our lives. However, the understanding of the digital world is not as strong. Successful and functional cybersecurity is a vital component for the defence of a civilised society. This study looks at how cybersecurity has been handled in thesis written at one University of Applied Sciences and what kind of topics have been chosen by thesis writers, and what is written about cybersecurity in them to understand how cybersecurity is seen in higher education. The goal of this paper was to find out how cybersecurity has been handled in theses and what kind of topics have been chosen by thesis writers. The two research questions are: what theses have been published that handle cybersecurity; and how does cybersecurity in them? As typical of a case study, attention is paid to a small number of cases (n = 15) attempting to describe the phenomenon they represent. Of the fifteen theses, two were master’s and thirteen bachelor’s theses, and mostly completed in Safety, Security and Risk Management, Security Management, and Business information technology programmes. Based on the results in this case, cyber security is being examined or developed from several, different points of view and in multidisciplinary ways.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"71 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130640305","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Deep-learning-based Intrusion Detection for Software-defined Networking Space Systems","authors":"Uakomba Uhongora, Ronald Mulinde, Yee Wei Law, J. Slay","doi":"10.34190/eccws.22.1.1085","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1085","url":null,"abstract":"This paper briefly reviews the application of the Software-defined Networking (SDN) architecture to satellite networks. It highlights the prominent cyber threats that SDN-based satellite networks are vulnerable to and proposes relevant defence mechanisms. SDN transforms traditional networking architectures by separating the control plane from the forwarding (data) plane. This separation enhances scalability and centralises management. In comparison, in traditional networks, the control plane and the data plane are usually combined, resulting in complex network management and reduced scalability. Satellite networks can take advantage of these benefits offered by SDN and this supports them as key enablers of critical services, including weather prediction, global broadband Internet coverage, and Internet of Things (IoT) services. Ease of configuration and flexibility are essential for satellites providing critical services to instantly adapt to network changes. These desirable attributes can be realised by applying SDN to satellite networks.  Although SDN offers significant benefits to satellite networks, it is vulnerable to cyber-attacks and particularly due to its centralised architecture. A common attack on SDN is the Distributed Denial of Service (DDoS) attack which could render the entire SDN unavailable. To mitigate such threats, an efficient Intrusion Detection System (IDS) is required to monitor the network and detect any suspicious traffic. However, traditional IDSs produce too many false positives and often fail to detect advanced attacks. For their ability to learn feature hierarchies in network traffic data automatically, whether, for network traffic classification or anomaly detection, deep learning (DL) plays an increasingly important role in IDSs. In this paper, we present a brief review of recent developments in cyber security for SDN-based space systems, and we identify vulnerabilities and threats to an SDN-based satellite network. We further discuss the potential of a DL-based IDS for the detection of cyber threats. Finally, we identify further research gaps in the recent literature and propose future research directions.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"130 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131742874","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"How Does the Tallinn Manual 2.0 Shed Light on the Threat of Cyber Attacks against Taiwan?","authors":"Chih-Hsiang Chang","doi":"10.34190/eccws.22.1.1294","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1294","url":null,"abstract":"This paper will identify possible unsettled issues when applying jus ad bellum and jus in bello to case scenarios based on China's cyber operations against Taiwan, pursuant to the rules of international law governing cyber or military operations attributable to States reflected in Tallinn Manual 2.0. This paper will argue that because of Taiwan’s legal international status as a sovereign State, the different responsive actions it may take, should it be faced with any such aggressive cyber or military attack, may be considered controversial.  This paper will then identify the possible legal issues that may pertain under current international law, should any such armed conflict occur between China and Taiwan.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133597459","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Fake news as a distortion of media reality: tell-truth strategy in the post-truth era","authors":"Anastasiia Iufereva","doi":"10.34190/eccws.22.1.1080","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1080","url":null,"abstract":"The article deals with fake news which has been considered one of the greatest threats to information security. The expansion of digital technologies and the development of communication networks have contributed to the spreading of misinformation. In particular, the emergence of different sources of information on the Internet, the growing polarization of opinions in the political and socio-economic dimensions, the devaluation of the fact, and the widespread fake news on the Internet (e.g., social media) form the question of revision of the process of collecting, verifying presenting information, methods, and technologies for verifying facts, including methods for countering fake news. Although this issue has been widely investigated in academic discourse, there are still controversial arguments regarding which elements should form a tell-truth strategy. This paper focuses on recent research that reflects trends and patterns in this field and on the author’s empirical survey - interviews with university professors and media experts (N=6), journalists (N=6), and students (N=14) in Russia. In this study, the author describes the key characteristics of fake news and the elements of this tell-truth strategy. It is intended that this paper focuses on both professional journalists and professors who may use the results of this investigation in such courses as political science, sociology, philosophy, and journalism.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"306 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133690340","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cyberspace Geography and Cyber Terrain: Challenges Producing a Universal map of Cyberspace","authors":"Alexander Grandin","doi":"10.34190/eccws.22.1.1255","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1255","url":null,"abstract":"Much in the same way that cyber has become the fifth military domain, cyberspace has also brought forth the research area of Cyberspace Geography. The challenge of producing a universal map of cyberspace however still exists. Cybersecurity specialists, military personnel and researchers still begin with a blank sheet on which the wanted elements of cyberspace are arranged before solving their actual problem. The abundance of elements in cyberspace requires a careful selection of factors to include in one's map, depending on how it will be used. However, a complex and ever-changing environment such as cyberspace could make use of a generally acknowledged starting point, facilitating this work. In previous research cyberspace has been described as a combination of the physical world, the social world and the information world. The multidisciplinary research in Cyberspace Geography has developed models for mapping and displaying cyberspace. This is often done by creating topological maps, much like the map of the New York subway system. Military cybersecurity researchers have through the concept of Cyber Terrain presented similar models of cyberspace for military operations. Research has also been produced on the techniques and methods for mapping cyberspace as well as the different presentations of the mapped information. Graph theory has for instance been used as a mathematical model of cyberspace. It is nonetheless unclear if there is some degree of universality in the elements that the different research presents. Which are e.g. the similar features between the cyberspace maps that are used for military operations, that describe the cyber environment of a country or between the elements used for modelling a cybersecurity system? This paper aims to present a solution to this challenge by systematically reviewing the research on Cyberspace Geography and Cyber Terrain using thematic analysis. The different elements of the maps of cyberspace are reviewed. The research will answer if a universal map, that can be used as a starting point for solving multiple challenges in cyberspace, can at present be prepared.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130700599","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"NCSS: A global census of national positions on conflict, neutrality and cooperation","authors":"Radu Antonio Serrano Iova, Tomoe Watashiba","doi":"10.34190/eccws.22.1.1168","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1168","url":null,"abstract":"The ubiquity of ICT and the increase in cyber threats have pushed countries to view cybersecurity from a national perspective and draft appropriate national strategies on the topic. While containing similar terminology, these strategies are tailored to the national contexts and hence, differ across regions, cultures, and political contexts. Previous research of these documents has been focused on comparative analysis of countries that can either be considered well developed on this topic or for specific subtopics of cybersecurity. However, some of the subtopics have not been addressed, only now having become more prevalent due to current international conflicts and national / regional socio-political scuffles that have spilled into cyberspace. In our paper, we investigate all countries that have published a National Cyber Security Strategy - NCSS - (or any similar document under a different nomenclature, e.g., policy, decree, etc.), specifically in reference to their position on war, neutrality, and international cooperation. Countries maintaining an NCSS will first be identified using international databases, upon which further study of the aforementioned topics in the NCSSs will occur. We hypothesize, that while international cooperation will be present in most, if not all NCSSs, armed conflicts and neutrality will not be addressed at all nor in depth, in those that contain any reference to them. The resulting paper will present a near-global case study of these topics, which can then signify potential areas of improvement, capacity building, and strengthening of democratic coalitions, globally.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"75 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132910577","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Role of Techno-Economic Coalitions in Future Cyberspace Governance: 'Backcasting' as a Method for Strategic Foresight","authors":"Mari Ristolainen","doi":"10.34190/eccws.22.1.1078","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1078","url":null,"abstract":"In an increasingly complex threat landscape, many nations struggle with developing and implementing effective cybersecurity policies for cyberspace governance at a national and international level. Balancing between the demands for establishing national sovereignty and strengthening international collaboration in cyberspace have become a problematic assignment. Collaborating with nations supporting extensively dissimilar ideologies and cybersecurity policies is controversial. Yet, it is almost impossible for a single country to achieve 'self-sufficiency' in cyberspace. Thus, in order to remain competitive, protected, and resilient one must either join or strengthen a developing techno-economic coalition with similar national cybersecurity policies and/or ideological framework. Consequently, this paper argues that techno-economic coalitions serve as an emerging issue or trend for strategic foresight in cyberspace governance in the future. This paper discusses the potential formation of techno-economic coalitions and shows how 'backcasting' can be used in strategic foresight. In this paper, 'backcasting' is not used as a method for creating a traditional strategic map to a future goal, but as a framework for determining what should have happened in order for the techno-economic coalitions to emerge in future cyberspace, i.e. for finding issues or trends that should be followed in strategic foresight today. Firstly, cyberspace governance in relation to national cybersecurity policies is contextualised. Secondly, the concept of techno-economic coalition is defined and the potential emerging techno-economic coalitions are explicated. Thirdly, 'backcasting' as a method for strategic foresight is described. Fourthly, the results of a 'backcasting' experiment in a strategic foresight workshop are presented. And finally, the future formation and role of techno-economic coalitions in cyberspace governance and in cyber defence both at a national and international level are discussed. The role of techno-economic coalitions in future cyberspace governance should be understood and considered today when developing strategic plans and implementing national and international cybersecurity policies.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"2012 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114800137","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An Analysis of the MTI Crypto Investment Scam: User Case","authors":"J. Botha, Thor Pederson, L. Leenen","doi":"10.34190/eccws.22.1.1441","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1441","url":null,"abstract":"Since the start of the Covid-19 pandemic, blockchain and cryptocurrency adoption has increased significantly. The adoption rate of blockchain-based technologies has surpassed the Internet adoption rate in the 90s and early 2000s. As this industry has grown significantly, so too has the instances of crypto scams. Numerous cryptocurrency scams exist to exploit users. The generally limited understanding of how cryptocurrencies operate has increased the possible number of scams, relying on people’s misplaced sense of trust and desire for making money quickly and easily. As such, investment scams have also been growing in popularity. Mirror Trading International (MTI) has been named South Africa’s biggest crypto scam in 2020, resulting in losses of $1.7 billion. It is also one of the largest reported international crypto investment scams. This paper focuses on a specific aspect of the MTI scam; an analysis on the fund movements on the blockchain from the perpetrators and members who benefited the most from the scam. The authors used various Open-Source Intelligence (OSINT) tools, alongside QLUE, as well as news articles and blockchain explorers. These tools and techniques are used to follow the money-trial on the blockchain, in search of possible mistakes made by the perpetrator. This could include instances where some personal information might have been leaked. With such disclosed personal information, OSINT tools and investigative techniques can be used to identify the criminals. Due to the CEO of MTI having been arrested, and the case currently being dealt with in the court of law in South Africa, this paper also presents investigative processes that could be followed. Thus, the focus of this paper is to follow the money and consequently propose a process for an investigator to investigate crypto crimes and scams on the blockchain. As the adoption of blockchain technologies continues to increase at unprecedented rates, it is imperative to produce investigative toolkits and use cases to help reduce time spent trying to catch bad actors within the generally anonymous realm of cryptocurrencies.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"77 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117223340","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Digital Forensic Readiness Model for Internet Voting","authors":"Edmore Muyambo, Stacey O Baror","doi":"10.34190/eccws.22.1.1186","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1186","url":null,"abstract":"Voting is an exercise of choosing a preferred candidate through a process called an election. In many countries, this exercise is a basic human right. In every election process, there are some pre-requisite processes and procedures which must be set up first. These are essential in the pre-vote-casting stage, during vote-casting and post-vote-casting stage. Electoral disagreements amongst stakeholders and parties of interest are usually experienced in each of the above-mentioned voting process stages. The main points of conflict in an election process are vote rigging and vote fraud. Failure to amicably mitigate these issues can result in a criticised/rejected election result. Therefore, this research aims to address the problem of vote rigging and vote fraud allegations in an election process. The resolution thereof is achieved through the introduction of an online based voting system which is supported by a digital forensic readiness mechanism. Online voting system gives citizens the flexibility to use internet-enabled devices such as cell phones and laptops to cast their votes in a safe, secrete and secure protocol. To address the problem of vote rigging and vote fraud, the online voting system is integrated with cyber security and vote protection mechanisms. The cyber security and vote protection mechanism is based on Blockchain algorithms. A Blockchain-based voting process is a peer-to-peer mechanism where a decentralised database is used to store data. Tokens move directly from one peer (voter) to another peer (candidate). The results are tallied by counting the number of tokens paid to each candidate. Each voter is allocated a Bitcoin token and each candidate is allocated a Bitcoin address. During vote casting, the voter transfers their Bitcoin token into the wallet of a registered candidate. At the end of the voting process, the total number of Bitcoin tokens transferred to each candidate is counted and tallied up. The wallet is loaded with only one Bitcoin token, hence there is no possibility of double voting. The model ensures vote security, anonymity, auditability, accountability, accuracy and uniqueness.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124249794","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}