International Conference on Cyber Warfare and Security最新文献

{"title":"A Case Study on Multi-Countries Money Laundering Scheme and A Proposed Automatic Detection System","authors":"Xiao Tan, Tsz-Fung Tony Tse, S. Yiu, Hiu-Man Human Lam","doi":"10.34190/iccws.19.1.1984","DOIUrl":"https://doi.org/10.34190/iccws.19.1.1984","url":null,"abstract":"This paper presents a case study on the Franco-Israeli syndicates orchestrating their cross-continental money laundering schemes.  These money laundering schemes have been operating for over two decades, ever since China’s entry to the World Trade Organization in 2001.  The paper reviews the operation of the money laundering schemes in detail and highlights the difficulties encountered by bankers and investigators in unearthing and investigating criminal activities within the banking systems.  The paper then proposes an automatic anti-money laundering system, which is expected to address these difficulties. Preliminary experimental results show that the system successfully identifies the crux of these money laundering syndicates within a few days’ time, something which usually takes years of investigation to track down the suspects using traditional methods, as well as its ability to initiate pre-warning procedures to the banks and law enforcement agencies once suspicious transaction clusters are found.  The paper concludes with  a discussion on the legal implications encompassing the evidence projected by this system.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":" 24","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140220730","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Art Crime Does not pay: Multiplexed Social Network Analysis in Cultural Heritage Trafficking Forensics","authors":"Jarno Salonen, Alessandro Guarino","doi":"10.34190/iccws.19.1.2066","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2066","url":null,"abstract":"Nowadays, crimes connected to cultural heritage can feature as a staple for organised crime networks and act as financial enablers for international conflicts, including terrorism organisations and even inter-state conflicts, in several ways. Goods of cultural significance include a range of valuable objects related to human cultures, like works of art, historical artefacts, and other antiques, but also forgeries based on such objects. These crimes are almost always transnational, for instance, involving theft or looting in one country and goods moved across borders to be sold. This article presents an intelligence methodology based on Social Network Analysis (SNA) techniques that can support law enforcement agencies (LEAs) in their daily struggle against criminals that also pose a threat to national security. The methodology proposed is based on the building of a blended, multiplexed social network graph, deriving from the fusion of a diverse set of data sources, both in the open-source domain (OSINT) and in the classified domain. We will present data collection methods, correlation between sources, possible ways to generate blended links between individuals that retain information from different sources, and SNA techniques applied to intelligence and investigations. The article provides an answer to the following research questions: how we can detect and identify criminal activities and networks related to cultural goods crimes, how we can assist LEAs in countering illicit trafficking, and how we can ensure that art crime does not pay.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":" 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140220958","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cyber Resilience, Dependability and Security","authors":"Gareth Davies, Angela Mison, Peter Eden","doi":"10.34190/iccws.19.1.2181","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2181","url":null,"abstract":"There is a continuing skills shortage associated with digital security and DevSecOps (World Economic Forum, 2023), but this paper argues that is due to non-recognition that it is time for cyber security and/or digital security to be defined, and a further separation of specialisms in computing to be made apparent. This has become increasingly important when considering Artificial Intelligence. The problem is not new. This paper presents a refinement of the principles suggested by Milner (2007) of using a model to describe behaviour and organise software, grappling with seemingly intractable and complex problems which cross boundaries between different systems: engineering, technological, social, economic, legal, and political, each with a distinct perspective and goal. It emphasises Hoare’s (1996) assertion that system failures are largely due to failed analysis impacting development of resilient systems.  It argues that there are dichotomies between resilience – a system security/safety perspective, dependability – a user/consumer perspective, and security – a technology perspective.  Many proposed systems to date have conflated these perspectives in the secure by design paradigm which requires a depth of knowledge and expertise.  Unicorns are rare.  This paper suggests how to overcome the skills shortage utilising the skill sets that are available in a manner that maximises the contribution to digital security. Recognising that not everyone and everything needs to communicate with the world reduces complexity and can increase trust.  Concentration on the operational purpose of a system, resulting in an Operational Design Domain (ODD) reduces complexity further.  Additional reduction in complexity is achieved by placing resilience in an engineering and programming development context, grounded in acceptable behaviours, while accepting dependability as a user expectation of system behaviour, and cyber security as a separate specialism addressing access to systems and infrastructure. Much of this paper is a reversion to defensive programming through the ODD. There is a need for any solution to the skills shortage be scalable and economic, and this paper suggests how that can be achieved using existing skill sets targeted at their specialisms.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":" 63","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140221412","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Systematic Review to Propose a Blockchain-based Digital Forensic Ready Internet Voting System","authors":"Edmore Muyambo, Stacey Baror","doi":"10.34190/iccws.19.1.2188","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2188","url":null,"abstract":"The ballot paper-based voting system has a high risk of data manipulation and vote tampering due to a lack of immutability, transparency and privacy. This systematic review is conducted with the intention of proposing a digital forensic-ready internet voting process to mitigate issues of vote rigging and vote fraud. The review focused on current and up-to-date literature. Publications that are out of this date range were ignored and considered stale or irrelevant. We extracted and reviewed publications with either or all the following keywords: “digital forensic”, “internet voting”, “e-voting” and “blockchain”. A total of thirteen databases were consulted. These include ACM, IEEE, Web of Science, Science Direct, Academic Search Complete, Access Science, ProQuest, Oxford Academy, Ingenta, Cambridge Core and Clarivate. From the inclusion list of one hundred and five (105) studies that were looked at in detail, twenty of them (i.e.,19%) covered blockchain technology. Two percent (2%) of them were focused on digital forensics in internet voting. The results herein were synthesised and presented in a qualitative methodology. The review shows that a secure and reliable digital forensic system could effectively mitigate vote rigging and fraud. Therefore, we proposed a blockchain-based digital forensic-ready internet voting system. The proposed system is beneficial to the electorate, election observers, electoral candidates, electoral administration bodies as well as the national law enforcement agencies. \u0000 ","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":" 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140221940","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Ransomware Detection Using Portable Executable Imports","authors":"Tanatswa Ruramai Dendere, Avinash Singh","doi":"10.34190/iccws.19.1.2031","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2031","url":null,"abstract":"In recent years, there has been a substantial surge in ransomware attacks, wreaking havoc on both organizations and individuals. These attacks, driven by the lure of profits, particularly with the widespread use of cryptocurrencies, have prompted attackers to continuously develop innovative evasion techniques and obfuscation tactics to avoid detection. Ransomware, employing seemingly benign functions such as encryption and file-locking, poses a formidable challenge for detection as it evolves beyond traditional signature-based methods. Consequently, there is a growing need to identify previously unexplored and unstudied ransomware strains, necessitating the deployment of artificial intelligence (AI) to discern the unique characteristics and objectives of ransomware. The adoption of AI hinges on the prior selection of distinguishing features. Given that ransomware's intent fundamentally differs from that of benign files, there are variations in the structure of Portable Executables (PE) files. This study posits that the imports used by PE files can serve as a discriminating factor between ransomware and benign files. This research explored using machine learning models to detect ransomware by analysing and deriving insights from the PE Imports structure. To achieve this, the study trains seven machine learning classifiers, namely Random Forest, Logistic Regression, Naïve Bayes, Support Vector Machine, K-Nearest Neighbors, Gradient Boost, and Decision Tree. These models are trained on a dataset of carefully selected features derived from PE imports. The classifiers are benchmarked and ranked based on several evaluation metrics, including latency, accuracy, and confidence levels. For a model to be effective in ransomware detection, it should offer near real-time and highly confident accuracy. In other words, it should exhibit low latency, high accuracy, and strong AUC rates. Among the models, Logistic Regression emerges as the top performer, identifying ransomware programs with an impressive 98.5% accuracy and a confidence level of 98.6% within a mere 0.998-millisecond latency. This study conclusively affirms the efficacy of employing PE imports for ransomware detection.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":" 22","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140222382","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Learn, Unlearn and Relearn: Adaptive Cybersecurity Culture Model","authors":"Tapiwa Gundu","doi":"10.34190/iccws.19.1.2177","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2177","url":null,"abstract":"In the ever-evolving cyberspace landscape, organisations face persistent threats that continuously mutate and adapt. To effectively defend against these dynamic cyber threats, a fundamental shift in cybersecurity culture is imperative. This paper presents a novel Adaptive Cybersecurity Culture Model (ACCM) that encapsulates the principles of \"Learn, Unlearn, and Relearn\" as a strategic stance to foster resilience and adaptability in the face of evolving cyber threats. The ACCM emphasizes the importance of continuous learning as the cornerstone of cybersecurity culture. It advocates the adoption of a growth mindset within organisations, encouraging employees to stay updated with emerging threats, technologies, and best practices. However, the model goes beyond mere learning; it underscores the significance of unlearning outdated practices and misconceptions that may hinder effective cybersecurity. Furthermore, the ACC model introduces the concept of \"Relearn,\" emphasizing the need to rapidly adapt and evolve strategies and tactics in response to ever-changing cyber threats. It promotes a culture of agility and adaptability, enabling organisations to respond effectively to both known and unforeseen cyber challenges. The model presented in this paper draws from case studies of various industries to illustrate the successful adoption and transformation of cybersecurity culture using the Learn, Unlearn, and Relearn principles. The ACCM represents a paradigm shift in cybersecurity culture, acknowledging that the ability to adapt is as critical as the ability to protect. By fostering a culture of continuous learning, unlearning, and relearning, organisations can proactively enhance their cyber resilience and effectively defend against the ever-evolving cyber threat landscape. This paper provides a roadmap for organisations to embark on this transformative journey toward a more adaptive and resilient cybersecurity culture.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":" 36","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140221033","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Proof of Concept of a Digital Forensic Readiness Cybercrime Language as a Service","authors":"Maryam Mohamad Al Mahdi, Stacey Baror","doi":"10.34190/iccws.19.1.2059","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2059","url":null,"abstract":"Welcome to the 21st century, where more devices are connected to the Internet than people on this earth. Each device will be or has been a target of cybercrime. The popularity of text-based cybercrimes has become prevalent with the advancement of the Internet. The number of cybercrimes increases yearly, unlike the reports of such crimes. The major problem is the lack of awareness and protection from cybercrimes. These issues cascade into greater consequences, such as a shortfall of reports, deficiency of cybercrime data, etc. The DFClaaS system is proposed as a solution; it allows users to report text-based cybercrimes anonymously. Next, several NLP techniques are applied to such reports to comprehend text-based cybercrimes as a language, and once the usage of the language is detected, an investigation proceeds. Subscribed users are individuals or businesses that are in some regard connected to the Internet. The DFClaaS system aims to protect its users from text-based cybercrimes and provide digital forensic investigators resources to conduct a successful investigation, enriching digital forensics research. The system is a feature-rich digital forensics readiness tool that will track the aggressive advancements of text-based cybercrimes, thus serving and protecting its users.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":" 7","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140221307","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Bibliometric Analysis of Cyber Warfare Research in Africa: Landscape and Trends","authors":"J. Mtsweni, M. Thaba","doi":"10.34190/iccws.19.1.2242","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2242","url":null,"abstract":"As the digital landscape continues to evolve, cyber warfare has emerged as a prominent domain of warfare, with superpower nations actively demonstrating their capabilities in the cyberspace. This study posits that African countries exhibit a relative lag in research and development of cyber warfare capabilities, as evidenced by the absence of African nations in the National Cyber Power Index released by the Belfer Centre for Science and International Affairs in 2022. To address this knowledge gap, this paper presents a comprehensive bibliometric analysis of cyber warfare research and development within the African continent. The analysis aims to illuminate research productivity, performance, science mapping, and key contributors at both national and institutional levels. It seeks to uncover thematic trends, pinpoint key research areas, and identify research connections within the African context. This research evaluates the African continent's research participation and development in the cyber and/or information warfare domain over the past 23 years. The analysis encompasses scholarly articles and conference proceedings published between 2000 and 2023, utilizing Scopus as the primary data source. Preliminary findings suggest that cyber warfare research in Africa is concentrated in a limited number of countries, with South Africa emerging as the leading contributor. A comparative analysis further reveals that developed countries generally outpace African nations in cyber warfare research and development, corroborating the rankings presented in the National Cyber Power Index (NCPI) and Global Cybersecurity Index (GCI).","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":"182 3","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140222760","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Typology of State Actors' Behavior in Cyber Space","authors":"Ada Peter, Ujunwa Ohakpougwu","doi":"10.34190/iccws.19.1.1979","DOIUrl":"https://doi.org/10.34190/iccws.19.1.1979","url":null,"abstract":"Cyberwar is no longer subject to \"if\" but \"when.\" Despite growing interest in cyberspace and cyber war readiness and resilience among academics, researchers, policymakers, and the media, the area needs to be more robust with different terminology that strategically captures the activities of state actors in cyberspace. The paper aims to provide a strategic classification of the activities of state actors in cyberspace. A typology is developed to encapsulate the strategic complexity of the activities of state actors in this terrain. The typology can illuminate the current global proportion and payoff of each type.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":"125 3","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140223577","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Assessing the Effectiveness of ADS-B Mitigations","authors":"Heinke Lubbe, Rudi Serfontein, Marijke Coetzee","doi":"10.34190/iccws.19.1.2032","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2032","url":null,"abstract":"The rise in aerial traffic necessitates aircraft localisation methods that go beyond radar technology's built-in capabilities. The Automated Dependent Surveillance-Broadcast (ADS-B) system is a novel aircraft localisation method that promises to provide the necessary precision to handle the current air traffic surge. The Federal Aviation Administration has, therefore, enforced ADS-B's deployment. However, the architecture of the ADS-B system holds several vulnerabilities. Most of these vulnerabilities are because ADS-B is designed to rely on wireless networks. This paper provides an in-depth analysis of the ADS-B threat landscape and potential mitigations to better understand their distinct characteristics and impact on the ADS-B system. Addressing these security concerns is imperative to ensure ADS-B systems' robustness and trustworthiness and safeguard the aviation industry from potential cyber threats. The paper concludes with a critical review of how well the proposed mitigations address the identified security threats.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":"89 2","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140224110","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}