发布求助
文献互助 智能选刊 最新文献

2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)最新文献

筛选
英文 中文
Automated computer network defence using ARMOUR: Mission-oriented decision support and vulnerability mitigation 使用armor的自动计算机网络防御:面向任务的决策支持和漏洞缓解
2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA) Pub Date : 2017-06-19 DOI: 10.1109/CyberSA.2017.8073389
N. Nakhla, K. Perrett, Christopher McKenzie
{"title":"Automated computer network defence using ARMOUR: Mission-oriented decision support and vulnerability mitigation","authors":"N. Nakhla, K. Perrett, Christopher McKenzie","doi":"10.1109/CyberSA.2017.8073389","DOIUrl":"https://doi.org/10.1109/CyberSA.2017.8073389","url":null,"abstract":"Mission assurance requires effective, near-real time defensive cyber operations to appropriately respond to cyber attacks, without having a significant impact on operations. The ability to rapidly compute, prioritize and execute network-based courses of action (CoAs) relies on accurate situational awareness and mission-context information. Although diverse solutions exist for automatically collecting and analysing infrastructure data, few deliver automated analysis and implementation of network-based CoAs in the context of the ongoing mission. In addition, such processes can be operatorintensive and available tools tend to be specific to a set of common data sources and network responses. To address these issues, Defence Research and Development Canada (DRDC) is leading the development of the Automated Computer Network Defence (ARMOUR) technology demonstrator and cyber defence science and technology (S&T) platform. ARMOUR integrates new and existing off-the-shelf capabilities to provide enhanced decision support and to automate many of the tasks currently executed manually by network operators. This paper describes the cyber defence integration framework, situational awareness, and automated mission-oriented decision support that ARMOUR provides.","PeriodicalId":365296,"journal":{"name":"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129022185","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
RicherPicture: Semi-automated cyber defence using context-aware data analytics 图片:使用上下文感知数据分析的半自动网络防御
2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA) Pub Date : 2017-06-19 DOI: 10.1109/CyberSA.2017.8073399
Arnau Erola, Ioannis Agrafiotis, J. Happa, M. Goldsmith, S. Creese, P. Legg
{"title":"RicherPicture: Semi-automated cyber defence using context-aware data analytics","authors":"Arnau Erola, Ioannis Agrafiotis, J. Happa, M. Goldsmith, S. Creese, P. Legg","doi":"10.1109/CyberSA.2017.8073399","DOIUrl":"https://doi.org/10.1109/CyberSA.2017.8073399","url":null,"abstract":"In a continually evolving cyber-threat landscape, the detection and prevention of cyber attacks has become a complex task. Technological developments have led organisations to digitise the majority of their operations. This practice, however, has its perils, since cybespace offers a new attack-surface. Institutions which are tasked to protect organisations from these threats utilise mainly network data and their incident response strategy remains oblivious to the needs of the organisation when it comes to protecting operational aspects. This paper presents a system able to combine threat intelligence data, attack-trend data and organisational data (along with other data sources available) in order to achieve automated network-defence actions. Our approach combines machine learning, visual analytics and information from business processes to guide through a decision-making process for a Security Operation Centre environment. We test our system on two synthetic scenarios and show that correlating network data with non-network data for automated network defences is possible and worth investigating further.","PeriodicalId":365296,"journal":{"name":"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125996888","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Stock market reaction to data breaches: The moderating role of corporate social responsibility 股市对数据泄露的反应:企业社会责任的调节作用
2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA) Pub Date : 2017-06-19 DOI: 10.1109/CyberSA.2017.8073393
Shuili Du, Jing Wang, Kholekile L. Gwebu
{"title":"Stock market reaction to data breaches: The moderating role of corporate social responsibility","authors":"Shuili Du, Jing Wang, Kholekile L. Gwebu","doi":"10.1109/CyberSA.2017.8073393","DOIUrl":"https://doi.org/10.1109/CyberSA.2017.8073393","url":null,"abstract":"This study explores the potential role of corporate social responsibility (CSR) in mitigating the damage of data breach, a topic that has received scant attention from the literature. Drawing upon the literatures on CSR, stakeholder theory, and the resource-based view (cites), we conceptualize that firms with greater CSR activities accumulate goodwill and cultivate stronger stakeholder relationships, and thus during times of a crisis, such as a data breach, stakeholders are more likely to give the socially responsible firm “the benefit of doubt” and temper their sanctions, mitigating the damage of the breach.","PeriodicalId":365296,"journal":{"name":"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124520664","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A preliminary radicalisation framework based on social engineering techniques 基于社会工程技术的初步激进化框架
2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA) Pub Date : 2017-06-19 DOI: 10.1109/CyberSA.2017.8073406
S. Sabouni, A. Cullen, Lorna Armitage
{"title":"A preliminary radicalisation framework based on social engineering techniques","authors":"S. Sabouni, A. Cullen, Lorna Armitage","doi":"10.1109/CyberSA.2017.8073406","DOIUrl":"https://doi.org/10.1109/CyberSA.2017.8073406","url":null,"abstract":"The use of online forums and social media sites by extremists for recruiting and radicalising individuals has been covered extensively by researchers. Meanwhile, the social engineering techniques utilised by these extremists to lure marginalised individuals into radicalisation has been neglected. In this article, the social engineering aspects of online radicalisation will be explored. Specifically, the five Principles of Persuasion in Social Engineering (PPSE) will be mapped onto the online radicalisation methods employed by extremists online. Analysing these tactics will aid in gaining a deeper understanding of the process of indoctrination and of the psychology of both the attacker and the target of such attacks. This understanding has enabled the development of a preliminary radicalisation framework based on the social traits of a target that may be exploited during an attack.","PeriodicalId":365296,"journal":{"name":"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133692671","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
A methodology for testing virtualisation security 一种测试虚拟化安全性的方法
2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA) Pub Date : 2017-06-19 DOI: 10.1109/CyberSA.2017.8073397
S. Donaldson, Natalie J. Coull, David McLuskie
{"title":"A methodology for testing virtualisation security","authors":"S. Donaldson, Natalie J. Coull, David McLuskie","doi":"10.1109/CyberSA.2017.8073397","DOIUrl":"https://doi.org/10.1109/CyberSA.2017.8073397","url":null,"abstract":"There is a growing interest in virtualisation due to its central role in cloud computing, virtual desktop environments and Green IT. Data centres and cloud computing utilise this technology to run multiple operating systems on one physical server, thus reducing hardware costs. However, vulnerabilities in the hypervisor layer have an impact on any virtual machines running on top, making security an important part of virtualisation. In this paper, we evaluate the security of virtualisation, including detection and escaping the environment. We present a methodology to investigate if a virtual machine can be detected and further compromised, based upon previous research. Finally, this methodology is used to evaluate the security of virtual machines. The methods used to evaluate the security include analysis of known vulnerabilities and fuzzing to test the virtual device drivers on three different platforms: VirtualBox, Hyper-V and VMware ESXI. Our results demonstrate that the attack surface of virtualisation is more prone to vulnerabilities than the hypervisor. Comparing our results with previous studies, each platform withstood IOCTL and random fuzzing, demonstrating that the platforms are more robust and secure than previously found. By building on existing research, the results show that security in the hypervisor has been improved. However, using the proposed methodology in this paper it has been shown that an attacker can easily determine that the machine is a virtual machine, which could be used for further exploitation. Finally, our proposed methodology can be utilised to effectively test the security of a virtualised environment.","PeriodicalId":365296,"journal":{"name":"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116156484","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Cybersecurity situational awareness taxonomy 网络安全态势感知分类法
2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA) Pub Date : 2017-06-19 DOI: 10.1109/CyberSA.2017.8073386
Antti Evesti, T. Kanstrén, T. Frantti
{"title":"Cybersecurity situational awareness taxonomy","authors":"Antti Evesti, T. Kanstrén, T. Frantti","doi":"10.1109/CyberSA.2017.8073386","DOIUrl":"https://doi.org/10.1109/CyberSA.2017.8073386","url":null,"abstract":"Ensuring cost-efficient cybersecurity for a networked system is a challenging task. In this task, cybersecurity situational awareness is a cornerstone to ensure that systems are protected in a meaningful way. However, cybersecurity situational awareness can be built in various ways. Firstly, several monitoring and analysing techniques can be applied, and secondly, a time window for the usage of situational awareness varies from short-term operational to long-term strategic decision making. Understanding differences and purposes of these aspects is an essential part to research and develop cybersecurity situational awareness. In this paper, we build a taxonomy of cybersecurity situational awareness. The taxonomy categorises terminology, makes it possible to recognise missing areas, and to understand the area in a uniform way. Moreover, the taxonomy helps to select the most effective techniques to be used in a specific situation awareness implementation.","PeriodicalId":365296,"journal":{"name":"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)","volume":"74 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124195867","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 25
Security awareness and affective feedback: Categorical behaviour vs. reported behaviour 安全意识和情感反馈:绝对行为vs.报告行为
2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA) Pub Date : 2017-06-19 DOI: 10.1109/CyberSA.2017.8073387
Lynsay A. Shepherd, J. Archibald
{"title":"Security awareness and affective feedback: Categorical behaviour vs. reported behaviour","authors":"Lynsay A. Shepherd, J. Archibald","doi":"10.1109/CyberSA.2017.8073387","DOIUrl":"https://doi.org/10.1109/CyberSA.2017.8073387","url":null,"abstract":"A lack of awareness surrounding secure online behaviour can lead to end-users, and their personal details becoming vulnerable to compromise. This paper describes an ongoing research project in the field of usable security, examining the relationship between end-user-security behaviour, and the use of affective feedback to educate end-users. Part of the aforementioned research project considers the link between categorical information users reveal about themselves online, and the information users believe, or report that they have revealed online. The experimental results confirm a disparity between information revealed, and what users think they have revealed, highlighting a deficit in security awareness. Results gained in relation to the affective feedback delivered are mixed, indicating limited short-term impact. Future work seeks to perform a long-term study, with the view that positive behavioural changes may be reflected in the results as end-users become more knowledgeable about security awareness.","PeriodicalId":365296,"journal":{"name":"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129004616","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Visualisation of device datasets to assist digital forensic investigation 设备数据集的可视化,以协助数字法医调查
2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA) Pub Date : 2017-06-19 DOI: 10.1109/CyberSA.2017.8073402
Gavin Hales
{"title":"Visualisation of device datasets to assist digital forensic investigation","authors":"Gavin Hales","doi":"10.1109/CyberSA.2017.8073402","DOIUrl":"https://doi.org/10.1109/CyberSA.2017.8073402","url":null,"abstract":"The increasing use of digital devices in our everyday lives, and their ever-increasing storage capacities places digital forensics investigatory resources under significant pressure. The workload for investigators is increasing, and the time required to analyse the datasets is not decreasing to compensate. This research looks at the potential for utilising information visualisation techniques to increase investigative efficiency with a view to decreasing the overall time taken to investigate a case, while still maintaining a high level of accuracy. It is envisaged that this may have the potential to lead to a reduced backlog of cases for law enforcement agencies, and expedited processing of criminal cases involving digital evidence.","PeriodicalId":365296,"journal":{"name":"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116711824","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
A temporal assessment of cyber intrusion chains using multidisciplinary frameworks and methodologies 使用多学科框架和方法的网络入侵链的时间评估
2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA) Pub Date : 2017-06-19 DOI: 10.1109/CyberSA.2017.8073398
Aunshul Rege, Z. Obradovic, N. Asadi, B. Singer, Nicholas Masceri
{"title":"A temporal assessment of cyber intrusion chains using multidisciplinary frameworks and methodologies","authors":"Aunshul Rege, Z. Obradovic, N. Asadi, B. Singer, Nicholas Masceri","doi":"10.1109/CyberSA.2017.8073398","DOIUrl":"https://doi.org/10.1109/CyberSA.2017.8073398","url":null,"abstract":"Current approaches to cybersecurity are response-driven and ineffective as they do not account for adaptive adversarial behavior and dynamic decision-making. Using empirical evidence of observations done at the US Industrial Control Systems Computer Emergency Response Team's (ICS-CERT) Red Team-Blue Team cybersecurity training exercise held at Idaho National Laboratory (INL), this paper identifies how adversaries carry out, and adapt during, cyberattacks. This paper employs a unique mixed methods approach of qualitative observations and quantitative data science to address three objectives: (i) providing a quantitative framework for temporal analysis of the cyberattack processes by creating a time series representation of the qualitative data, (ii) employing data science methods, such as hierarchical clustering analysis, on the generated time series data to complement and supplement our understanding of cyberattack processes, and (iii) understanding how adversaries adapt during the disruptions by defenders.","PeriodicalId":365296,"journal":{"name":"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)","volume":"74 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132604119","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Random forest explorations for URL classification URL分类的随机森林探索
2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA) Pub Date : 2017-06-19 DOI: 10.1109/CyberSA.2017.8073403
Martyn Weedon, D. Tsaptsinos, J. Denholm-Price
{"title":"Random forest explorations for URL classification","authors":"Martyn Weedon, D. Tsaptsinos, J. Denholm-Price","doi":"10.1109/CyberSA.2017.8073403","DOIUrl":"https://doi.org/10.1109/CyberSA.2017.8073403","url":null,"abstract":"Phishing is a major concern on the Internet today and many users are falling victim because of criminal's deceitful tactics. Blacklisting is still the most common defence users have against such phishing websites, but is failing to cope with the increasing number. In recent years, researchers have devised modern ways of detecting such websites using machine learning. One such method is to create machine learnt models of URL features to classify whether URLs are phishing. However, there are varying opinions on what the best approach is for features and algorithms. In this paper, the objective is to evaluate the performance of the Random Forest algorithm using a lexical only dataset. The performance is benchmarked against other machine learning algorithms and additionally against those reported in the literature. Initial results from experiments indicate that the Random Forest algorithm performs the best yielding an 86.9% accuracy.","PeriodicalId":365296,"journal":{"name":"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)","volume":"1206 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121052271","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信