International Conference on Cyber Warfare and Security最新文献

{"title":"Using Blockchain to Secure Digital Identity and Privacy Across Digital Sectors","authors":"Jaynill Gopal, Stacey Omeleze-Baror","doi":"10.34190/iccws.19.1.2041","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2041","url":null,"abstract":"In the digital age digital data has been seen as the new currency for both companies and bad actors,leading to mismanagement of personal data by both entities. This mismanagement could lead to personal databeing breached while this may prove to be beneficial to certain entities, this however is not the case for usersand digital citizens. In recent years there has been an influx in data breaches and data mismanagement casesthroughout various industries, including corporations such as Apple and Facebook, involving critical datarelating to user's digital identities, personal data, and other identifiable information. This issue may beaddressed by employing the use of blockchain technology, a technology that has been recognized as a securesystem promoting security and privacy, we can prevent this mismanagement of data and data breaches fromhappening. While blockchain is a relatively new technology, there is potential to use it in the current age of theinternet and digital identities by employing blockchain technology to secure one’s digital identity. This researchaims to propose a potential solution to the issue of data protection and data breaches by proposing andmaking use of a conceptual model which makes use of a multi-level blockchain system. The system isolatesdata from digital identities between various digital platforms to minimize the amount of data breaches thatmay occur – further minimizing the amount of personal data which may be breached. This system allows theuser to have full control over who may access their private data, while preventing bad actors from accessingthe data without the user’s authorization. The multi-level blockchain splits the user's data according toindustrial or digital sector in which their data is used, with a master blockchain acting as the connecting link toa person's digital identity. Making use of this multi-level blockchain allows for the user to control who hasaccess to their data, while remaining anonymous and secure in a digital platform‘s database or digital storage.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":"51 s179","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140223434","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Federated Distributed Digital Forensic Readiness Model for the Cloud","authors":"R. Koen, H.S. Venter","doi":"10.34190/iccws.19.1.2175","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2175","url":null,"abstract":"Digital forensics in modern, cloud-based, microservice-based applications are complicated by multiple layers of abstraction, thereby making it difficult to accurately capture and correlate events that occur across these layers due to filtering caused by abstraction. The complexities linked to each layer of abstraction are primarily invisible to subsequent layers. Similarly, software services are often composed of one or more services provided by various service providers across the globe. Investigators are often faced with situations where breaches span over multiple service provider boundaries where not all digital forensic readiness evidence artefacts are captured by the service provider's forensic readiness processes. Instead, digital evidence artefacts are scattered across multiple service provider domains. This paper presents a novel, federated distributed digital forensic readiness model suitable for use in software-as-service, platform-as-service and infrastructure-as-service provider scenarios. The proposed model enables a service provider to capture and inspect forensic readiness artefacts in environments with various layers of abstraction. More importantly, the model also offers a way to share and access forensic readiness artefacts in a forensically sound manner to ultimately ensure that investigators can obtain a clear view of digital forensic events as they occur between amalgamated services provided by one or more separate service providers. ","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":" 21","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140222089","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Analysis of Media Influence on Military Decision-Making","authors":"Bonnie Rushing","doi":"10.34190/iccws.19.1.1962","DOIUrl":"https://doi.org/10.34190/iccws.19.1.1962","url":null,"abstract":"Information warfare challenges, including the \"CNN Effect,\" are increasing in quantity and complexity as the internet saturates modern life. Media communications, reliable or not, are constantly injected into American life, affecting opinions, decision-making, and actions—which may result in terrifying and permanent consequences when the media influences military members and government leaders.  This research focuses on the immersive learning environment—an engaging, simulation-based educational experience with realistic conflict scenarios where students apply lesson objectives through hands-on activities. Instructors conduct immersive learning in the US Air Force Academy's (USAFA) Multi-Domain Laboratory. Traditionally, students were taught military strategy in a classroom where they engaged in wargaming by rolling dice using a board game. Now, the Military & Strategic Studies (MSS) Department uses hands-on, real-time wargaming with unique hardware and software to teach future leaders how to apply classroom concepts using experiential learning. Wargames are critical for meeting the priorities of the Joint Chiefs of Staff—specifically, preparing leaders to conduct joint operations in all domains by integrating experiential learning. The guidance explains that \"curricula should leverage live, virtual, constructive, and gaming methodologies with wargames… to develop deeper insight and ingenuity.\" The wargame with media provides external influences like news and information from various sources, which may influence students' decision-making process, resulting in \"The CNN Effect.\"  \"The CNN Effect\" is a short-hand way to explain how news reports drive government leaders' responses, including military decision-making. This project builds upon existing research uniquely because this study examines decision-making from multiple leaders based on the same simulated media in USAFA's immersive learning environment. This research uses mixed methods analysis to explore how students act based on the wargame media inputs and compare course outcome differences after receiving enhanced Information Operations education or when exposed to different quantities of broadcasts. The Information Warfare (news literacy) module enhances education on the media's influence on decision-making and trust for students. Students learned to identify and research information sources, analyze biases, opinion versus fact-based reporting, and compare news reports from various outlets. ","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":" 6","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140222140","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Securi-Chain: Enhancing Smart Contract Security in Blockchain Systems Through Optimized Access Control","authors":"Keanu Swart, Stacey Omeleze Baror, Hein Venter","doi":"10.34190/iccws.19.1.2116","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2116","url":null,"abstract":"With the increase in usage of blockchain technology across domains, there is a high demand for the need of secure access control and a high level of security for smart contracts within blockchain to accommodate the domains that already implement blockchain and become accessible to other domains that require a high level of security in its transactions. This paper aims to evaluate the relationship between the best practices of access control and security of smart contracts in blockchain to optimise the usage of both technologies for blockchain usage across domains into a generalized blockchain model named the Securi-Chain Model. A literature review compares the relationship between access control and the security of smart contracts across three domains: Healthcare, IoT, and e-voting. Based on the findings of the literature review, Securi-Chain is proposed to implement the best practices displayed in these three domains and combine them in a way that ensures secure transactions across blockchain as a generalized approach that can be used throughout various domains. This model will also implement methods that enhance the security of transaction processes within the system. A Case Scenario is used to implement the Securi-Chain Model for the Healthcare and e-voting domains to display how this proposed model is used for domains that have been researched. The research that is conducted found that blockchain networks can support not only high-level access control across transactions in a network but also the security of smart contracts that comply to safeguard confidentiality, integrity, and data accessibility. Secrui-Chain, as well as the findings of the literature review, seem to benefit the domains that have been researched, as well as domains that require a high level of security regarding transactions across a network. These domains can benefit from using blockchain technology as well as the level of security that comes with the access control and security of smart contracts that have been implemented in Securi-Chain.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":"8 s2","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140222183","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Strengthening Aviation Cybersecurity with Security Operations Centres","authors":"Wesley Murisa, Marijke Coetzee","doi":"10.34190/iccws.19.1.2180","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2180","url":null,"abstract":"Even though cybersecurity is a top priority for the aviation industry, research indicates that there are still many challenges to address. Modern aviation systems encompass cloud computing, OT, IoT, mobile devices, and traditional IT infrastructure. The network complexity has expanded the attack surface, leading to an increase in security incidents. Due to this complexity, detecting security incidents on time is challenging. Research indicates that it may take up to 196 days to detect an incident and another 56 days to address it, highlighting the urgency of improving security response. In this regard, establishing Security Operations Centres (SOCs) in the aviation sector must be addressed. SOCs can be instrumental in reducing the time it takes to detect and respond to security incidents. They provide visibility into threats, aid investigations, and enhance forensic efforts, enabling proactive threat mitigation. Research has been carried out on SOC implementations for specific domains like IoT, mobile devices, and higher education, neglecting aviation systems. Aviation systems such as Air Traffic Management (ATM) face unique security vulnerabilities, including signal modification, jamming, flooding, data and command injection, GPS spoofing, and blocking attacks, primarily due to their reliance on wireless technology. Most of these wireless technologies do not use encryption or authentication because they were designed to maximise performance. Insufficient funding also negatively affects ATM systems, resulting in the wide use of legacy ATM systems and a shortage of skilled personnel. ATM systems are considered critical infrastructure frequently targeted by well-resourced threat actors, including terrorists and nation-state actors, necessitating higher protection levels. This paper motivates the development of a customised SOC implementation framework for ATM systems to enhance aviation security by increasing visibility into threats and facilitating timely remediation.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":" 4","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140222415","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Unpacking AI Security Considerations","authors":"N. Veerasamy, Danielle Badenhorst, Mazwi Ntshangase, Errol Baloyi, Noku Siphambili, Oyena Mahlasela","doi":"10.34190/iccws.19.1.2104","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2104","url":null,"abstract":"The field of Artificial Intelligence has emerged as a convincing tool to be used in a myriad of applications like finance, traffic prediction, health and travel sectors. Due to the enormous benefits provided in terms of automation, convenience, processing time, reduced manhours, and productivity, AI is being seen as the next technical revolution.  AI is being showcased as a useful tool to stimulate creativity as well as provide support with its tremendous computational power. The release of tools like ChatGPT has exploded onto the technological scene. Users are making use of Large Language Models (LLMs) and tools to perform a host of activities like writing an essay, translating documents, and finding travel plans. However, the popularity of these tools has not been without risk.  In the technology marketplace, the race to dominance can force competitors to waive safety concerns in favour of product adoption. Many are unaware of the potential dangers and risks that may inherently reside within AI tools. This paper looks at the potential risks of AI tools such the creation of misinformation or scams. AI security has now become a paramount concern that should not be ignored. In this paper, the potential risks and threat vectors of Artificial Intelligence will be covered. The aim will be to provide insight into the malicious use of Artificial Intelligence Tools through a discussion of techniques to bypass security controls.  The paper aims to provide a more detailed account on how AI can be manipulated in order to empower users about the latest attack schemes.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":"65 s257","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140223253","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cybersecurity Implications of Virtual Currency Reward Systems in the Metaverse","authors":"Hamza Allimia, Stacey Baror, Hein Venter","doi":"10.34190/iccws.19.1.2057","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2057","url":null,"abstract":"In the digital age, the metaverse emerges as a revolutionary platform, intertwining virtual reality, augmented reality, and the internet. Central to its allure is the virtual currency reward system, a dynamic mechanism driving user engagement and economic transactions. However, with innovation comes vulnerability. This paper delves into the pressing question: How do virtual currency reward systems in the metaverse introduce cybersecurity threats, and what measures can safeguard against them? The metaverse's vastness, while offering unparalleled opportunities, is a fertile ground for cyber threats. As users navigate virtual landscapes, engage in transactions, and earn rewards, they become potential targets for cyberattacks. This research, rooted in a comprehensive literature review, identifies the gaps in current cybersecurity measures within the metaverse's virtual currency reward systems. Through a vivid case scenario, we illustrate the real-world ramifications of these vulnerabilities, offering readers a tangible grasp of potential threats. Our methodology, a blend of qualitative analysis and conceptual modelling, dissects the intricate relationship between reward systems and their cybersecurity implications. The findings, derived from rigorous analysis, unveil a set of best practices tailored to combat cybersecurity threats specific to virtual currency reward systems. The distilled insights propose a suite of best practices, encompassing both preventive and reactive strategies tailored for the unique challenges posed by virtual currency systems. This research holds immense value for a diverse audience: metaverse users seeking a secure experience, businesses aiming to establish a foothold in this digital realm, cybersecurity professionals navigating new challenges, and platform developers striving for robustness. In essence, as the metaverse's horizon expands, understanding and fortifying its virtual currency reward systems against cyber threats becomes paramount. This paper offers a roadmap to that secure future, emphasizing the need for vigilance, innovation, and collaboration in the face of evolving cyber challenges.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":" 15","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140222094","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Integrating Enterprise Architecture into Cybersecurity Risk Management in Higher Education","authors":"Mafika Nkambule, Joey Jansen van Vuuren","doi":"10.34190/iccws.19.1.2189","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2189","url":null,"abstract":"Cybercriminals constantly seek new methods to infiltrate a company's defences, making cybersecurity investments essential. Enterprise architecture (EA) provides a systematic risk detection and mitigation process by emphasising the interdependencies between systems, data, processes, people, and other factors. This paper provides a comprehensive approach, also referred to as a process, based on EA to assist African universities in developing a comprehensive cybersecurity plan. The EA process comprises four pillars: business architecture, data architecture, application architecture, and technology architecture. African universities can develop a comprehensive cybersecurity strategy using an EA approach in cybersecurity to achieve institutional goals and objectives. The potential attack surface comprises isolated EA components and their interconnections.This article comprehensively examines various EA processes such as business, information, application, and technology architecture. These processes are carefully analysed to evaluate the organisational structures and uncover opportunities to enhance security protocols. Additionally, we delve deep into abstract security patterns, seeking to cultivate an environment of trustworthiness within complex systems. Our research findings underscore the significant potential within African higher education institutions. By embracing a model-based approach to risk analysis and mitigation, these institutions can fortify their cybersecurity defences to ensure uninterrupted business operations and enhance overall resilience in the face of evolving security challenges.When we combine EA and information security (ICS), we uncover many vulnerabilities malicious actors might exploit. By embracing a holistic EA-based methodology, institutions can craft and implement robust security protocols to safeguard their components and connections. Leveraging EA, our proposed integrated approach aims to forge a comprehensive cybersecurity risk management strategy tailored to the African higher education sector. This strategy seeks to facilitate the identification of critical elements and their intricate interrelationships, thus formulating an effective defence strategy against potential cyber threats. The synergy promises to elevate cybersecurity practices, ensure uninterrupted business operations, and fortify the continent's resilience.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":"227 S722","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140222568","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Hardware Sequence Combinators","authors":"Stephen Taylor, Gunnar Pope","doi":"10.34190/iccws.19.1.1965","DOIUrl":"https://doi.org/10.34190/iccws.19.1.1965","url":null,"abstract":"Recent advances in formal methods for constructing parsers have employed the notion of combinators: primitive elemental parsers with well-defined methods for combining them in sequences or through choice. This paper explores the subtleties associated with leveraging sequence combinators to produce compact, custom hardware traffic validators. This involves a fully automated process that takes as input a formal grammar specifying message formats and produces a parsing circuit capable of validating traffic headers and payload content. The resulting circuit is deployed through network guard appliances that employ Field Programmable Gate Array (FPGA) devices, or alternatively, within the on-chip FPGA associated with System-on-Chip (SoC) devices, such as the Xilinx UltraScale MPSoC. Each guard appliance acts as a hidden “bump-in-the-wire” that either forwards or drops individual packets based on the message parsing outcome, thereby hardening network segments against zero-day attacks and persistent implants. Guards may operate on a wide variety traffic protocols and formats including TCP/IP, CAN/J1939, or MIL-STD-1553. The central step in parser construction is to build a collection of standard shift/reduce parsing tables that can be employed by a push-down automata to check each byte in a message. Typically, these tables are sparse, resulting in excessive use of FPGA circuit resources to represent them. By leveraging sequence combinators, along with other optimizations, we have been able to produce highly compact representations that can reduce table size by up to 95% for non-trivial grammars. Depending on the grammar, this translates directly into FPGA resource reductions. The reductions now make it viable to implement complex parsers on small, inexpensive FPGA’s, or alternatively combine parsers with encryption and encapsulation to enhance guard capabilities.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":"165 2","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140222774","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Identifying the Scope of Cybersecurity Research Conducted in the Maritime Industry: 2003 - 2023","authors":"Tshepo Mawer, S. von Solms, Johan Meyer","doi":"10.34190/iccws.19.1.2037","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2037","url":null,"abstract":"The maritime industry plays a pivotal role in the modern economy, global trade, safety and transportation globally. Due to the rapid advancement and utilisation of technology in the field, the maritime industry is increasingly vulnerable to cybersecurity threats. The last decade saw many instances of infrastructure having been exploited or attacked, such as the maritime vessels themselves, the port infrastructure and the supply chain. Each component constituting the maritime industry requires unique system critical operations to ensure cybersecurity, however this paper focuses on certain aspects of the maritime industry only. As cybersecurity in the maritime industry is a growing field, this study determines the scope of cybersecurity research on maritime infrastructure which has been published to establish a baseline understanding of the current field. The paper presents the results from a systematic literature review conducted to assess the scope of current cybersecurity work published focusing on the maritime industry. The result from the study clearly shows the increased attention to cybersecurity in the maritime industry, which can be seen from the increased number of publications which showed a sharp increase after 2014.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":" 6","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140220970","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}