International Conference on Cyber Warfare and Security最新文献

{"title":"Ukrainian Thoughts and Feelings based on One Year War Content Analysis","authors":"Clara Maathuis, Iddo Kerkhof","doi":"10.34190/iccws.19.1.1985","DOIUrl":"https://doi.org/10.34190/iccws.19.1.1985","url":null,"abstract":"In the age of remarkable technological innovations such as AI, quantum computing, IoT, and blockchain, one could argue that the world is becoming an increasingly connected, advanced, enlightened, and peaceful place. Nevertheless, paradoxically, conflicts and wars are still born deeply rooted in complex strategic, historical, and economic dynamics, and continue to arise finding a direct representation in both physical and digital battlefields through powerful and dynamic environments like social media. This environment enabled unprecedented connectivity and ideas, thoughts, ideologies, and experiences exchange shaping the narrative, amplifying ideas, feelings, and experiences while directly addressing the underlying causes, dynamics, and implications of conflicts and war through a multifaceted and multi-nuanced approach. The outbreak and ongoing war in Ukraine took the international community off guard representing a significant turning point in the contemporary era that received immediately intensive global attention, united global humanitarian, and strategic efforts to support and help the ones in need, and reflected its geopolitical and economic global complexities, dynamics, and implications. At the same time, a high degree of disinformation and misinformation exists surrounding different aspects about this war e.g., actions taken, and impact produced on civilians, which contributes to creating an altered perspective of reality. While different conventional media and social media outlets together with research, governmental, and practitioner efforts revealed and reflected on the nature, major incidents, and their known impact on civilians and civilian objects as well as military personnel and military objects, yet limited attention and a lower voice is given through dedicated studies to thoughts and emotions of Ukrainian users in unconventional social media platforms like Telegram. This represents the knowledge gap tackled in this research by building a set of Machine Learning-based solutions for analysing the discourses and sentiments of Ukrainian users using the Design Science Research methodology in a Data Science research approach. From this analysis, reflection is provided to important days and incidents experienced by Ukrainian population since February 2022 in the first year of war.  ","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":"210 2","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140222722","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Authentication in a Hyperconnected World: Challenges, Opportunities and Approaches","authors":"Christoph Lipps, Jan Herbst, Rekha Reddy, Matthias Rüb, Hans D. Schotten","doi":"10.34190/iccws.19.1.2070","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2070","url":null,"abstract":"Authentication and integrity are the prerequisites for trustworthy and secure communication. Without unambiguous knowledge of who is being interacted with, no confidential content can be exchanged, no (remote) access to systems and equipment can be granted, and no trust can be established. This situation is further exacerbated by an increasing interconnection and globalization towards a hyperconnected world. (Communication) Participants are no longer necessarily in close physical and social proximity and do not need to know each other, but can have their source/destination anywhere in the world. \u0000       An authentication process is used to verify that someone -whether human or machine-, is in fact who she claims to be: The process thus includes a validation step to evaluate an assertion. However, systems differ in terms of their requirements, for instance with regard to the authentication options available, the time period required for re-authentication and the frequency of re-authentication, as well as the level of security to be achieved with authentication. The latter particularly with regard to the cost/benefit ratio of the application. Additionally, there are efforts to finally abolish traditional passwords, passphrases and pin codes and render them obsolete. \u0000       In this work, technologies and methods for authentication beyond passwords and trustworthy authentication will be examined, particularly with regard to future communication infrastructures such as Beyond 5G and Sixth Generation (6G) wireless systems. Thereby, the impact of Artificial Intelligence (AI) methods, but also the relevance to Quantum Key Distribution (QKD) and Post Quantum Cryptography, as well as the use of 6G-enabling technologies like Reconfigurable Intelligent Surfaces (RISs), Wireless Optical Communication (WOC) and Physical Layer Security (PhySec), for example as additional factors of a multi-factor authentication process, will be considered, along with Body Area Networks (BANs) and the integration of the human body relying on biometrics. The various concepts are compared with regard to their requirements, limitations and possible applications in order to provide the user with an orientation as to which authentication method is conceivable and useful in which specific scenarios.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":"9 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140223656","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Human-Centered AI in Military Cyber Operations","authors":"Clara Maathuis","doi":"10.34190/iccws.19.1.1972","DOIUrl":"https://doi.org/10.34190/iccws.19.1.1972","url":null,"abstract":"Military Cyber Operations are an integral part of modern warfare and national security strategies as they crossed the science fiction realm, represent a real operational battlefield, and developed into an option in military toolboxes. Seeing ongoing technological advancements that allow the creation and use of complex mechanisms and technologies, the increasing digitalization of critical infrastructure, the growing abundance of data collected, generated, and exchanged between multiple parties, and the rise of stakeholders engaging in building and/or executing military Cyber Operations together with the increased number of such operations being conducted all over the globe reflects important lessons that need to be learned: the core element of such operations are humans: they build, acquire, execute, and assess them while also being impacted entities by them, e.g., through (psychological or physical) injury or death, or damage or destructions of human infrastructure. Moreover, the key process governing all the life cycle phases of military Cyber Operations is human decision-making or humanly assisted/augmented decision-making relying on advanced intelligent methods built with AI. Nevertheless, building and conducting military Cyber Operations should be done in a legal, responsible, and effective way  implying a deep understanding of the context and adversary, proper target and cyber weapon selection, development, and use, and a clear overview of potential effects produced. These represent important aspects that should be properly defined and tackled in this domain. Hence, this research aims to introduce the Human-Centred AI concept and approach in the military cyber domain to illustrate ways to prioritize human involvement and interaction, human understanding, effective decision-making, and ethical considerations when building and conducting military Cyber Operations. To this end, an extensive literature review is conducted in the military, cyber, and AI domains together with instantiation on military Cyber Operations.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":"115 6","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140223752","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Active Gait System for Real-Time Surveillance Against Cyber-Physical Attacks","authors":"G. Moepi, Topside E. Mathonsi","doi":"10.34190/iccws.19.1.2147","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2147","url":null,"abstract":"Cyberterrorism, espionage, and warfare are serious threats to national security. These attacks can harm people or destroy critical infrastructures like the data centres, computer networks, and systems. Surveillance systems currently used in monitoring critical infrastructures, national key points, and military exclusion zones (MEZ) are ineffective in detecting unauthorised intrusions. These issues compromise the stability of the countries, and the safety of the citizens and result in the loss of important assets. This experimental research study developed a Cyber Physical Security (CPS) defense gait-recognition monitoring system. Autonomous Machine Learning (ML) technology was employed to enhance the precision and reliability of the system against CPA, in tracking access, managing security clearances, and triggering alerts in the event of unauthorized entries to restricted areas. \u0000 ","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":"49 2‐3","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140223271","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cybercrime Classification: A Victimology-based approach","authors":"Sayonnha Mandal","doi":"10.34190/iccws.19.1.2199","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2199","url":null,"abstract":"The need for understanding cybercrime and the possibility of its occurrence is significant to mitigate its adverse effects on society. A comprehensive universally agreed-upon classification scheme for cybercrime is hugely lacking in terms of utilizing a complete perspective of the entities involved in the same. A new perspective in cybercrime classification is moving beyond the machines and focusing on the humans, especially the victims. Cyber victimization extends from the single user to a mass or system perspective, thereby representing governments, organizations, and society to be categorized as victims. This paper proposes a novel ontological classification of cyber victimology that can help illustrate the complete cybercrime incident from the perspective of the victim. We utilize a multidimensional typology to represent the dimensions and classifications of the cybercrime victim. We then analyse the semantic relationships between the ontological objects to develop a comprehensive victimology representation. The understanding of the type and role of the victim provides new insight into the analysis of the cyber incident. Moreover, the resultant representation can serve as an extension to current cybercrime ontological frameworks and help in providing a new point of defence in cybercrime incidents. Finally, such a victimology-based classification can subsequently result in a dynamic ontology which can be queried to obtain relevant insights into the nature and occurrence of cybercrimes.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":"109 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140223619","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Recognising Cyber Blockades as Crimes Against Humanity: Can International Criminal Law Keep Up?","authors":"Dora Vanda Velenczei","doi":"10.34190/iccws.19.1.1948","DOIUrl":"https://doi.org/10.34190/iccws.19.1.1948","url":null,"abstract":"As a result of the heavily digitalised world on top of our increasing online presence and interconnectedness, states and civilian populations are becoming more and more vulnerable to cyber attacks. It is thus imperative to examine the dangers large scale cyber attacks pose with respect to their contribution to potential human suffering. As such, these large scale cyber attacks, especially a cyber blockade, may be able to constitute an international crime. The Prosecutor of the International Criminal Court announced at the Digital Front Lines conference that his office is willing to investigate cyber operations as potential war crimes given that they are capable of causing severe consequences akin to kinetic warfare. (Yoon Onn, 2023) This is the first significant step towards recognising the harmful effects of malicious cyber operations as international crimes. However, not only is the Rome Statute itself silent on cyber operations as potential international crimes, the ICC has not yet seen a case concerning malicious cyber activities as either a war crime or as a crime against humanity. As such, the central question the paper seeks to answer is whether the Rome Statute could potentially encompass cyber blockades as the crime against humanity of “other inhumane acts” under Article 7(1)(k) of the Rome Statute. The paper looks at crimes against humanity for three reasons: firstly, Karim Khan KC has already touched on cyber attacks potentially prosecuted as war crimes, as mentioned above, thus the knowledge gap is gradually being bridged with respect to war crimes. Secondly, there is an absence of any regulatory framework should a cyber blockade be unleashed in peacetime, where international humanitarian principles do not apply. Thirdly, establishing a cyber blockade as a crime against humanity would lead to greater individual criminal responsibility as opposed to a war crimes conviction. This, in turn, would send a strong deterrent message in both war and peace.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":"88 6","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140224114","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Implementation of OSINT for Improving an International Finance Sector Organization’s Cybersecurity","authors":"J. Rajamäki, Krista Tiitta","doi":"10.34190/iccws.19.1.1977","DOIUrl":"https://doi.org/10.34190/iccws.19.1.1977","url":null,"abstract":"This work-in-progress paper addresses the need to improve intelligence processes and enhance an organization's response to cyber threats while managing associated risks and improving Business Continuity Management (BCM). The paper focuses on the role of Open-Source Intelligence (OSINT) in Cyber Threat Intelligence (CTI) gathering and presents an operational process for its implementation. The process includes defining goals, selecting open sources, data collection, filtering, analysis, and reporting. Testing in an international financial sector organization yielded positive results, demonstrating the process's value in threat intelligence. Future research should clarify the role of artificial intelligence in OSINT","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":" 42","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140220840","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An Analysis of Cybersecurity Architectures","authors":"Noluntu Mpekoa","doi":"10.34190/iccws.19.1.2115","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2115","url":null,"abstract":"The 4th Industrial Revolution has increased high-capacity connectivity, new human-machine interactions largely with IoTs and smart devices. This digital revolution offers incredible conveniences such as the ability for users to access volumes of data, governments can address social challenges, connect remote villages in the country, and more. Once secluded systems are now connected and sharing information. This connectedness also poses some inconveniences as well, whenever a device joins the Internet, it becomes publicly discovered. Once these devices are discovered, they become open to cyberattacks. Cybersecurity has become a crucial part of daily life as cyberattacks have increased over time and have become more and more severe. The challenge that cybersecurity consultants find is the difficulty of measuring cybersecurity efforts in organizations. Another challenge could be finding a cybersecurity architecture that is effective and can fit different situations. The main aim of this study was to develop a comprehensive cybersecurity architecture that can be used by cybersecurity consultants when measuring cybersecurity effectiveness. This study conducted an in-depth literature review on current cybersecurity architectures offered by national and international cybersecurity organizations. The identified cybersecurity architectures that have been developed by other organizations were translated, interpreted, compared, and synthesized and a new cybersecurity architecture is proposed. The proposed cybersecurity architecture has the NIST goals as a foundation and the CIA triad at the center. The proposed cybersecurity architecture has domains such as application and Systems security, Information security, Network security, End-point security, Critical Infrastructure security, Mobile security, Storage security, etc. The proposed cybersecurity architecture seeks to assist cybersecurity consultants in answering questions from executives such as: Are we secure? Are security investments delivering value to the business? What is our preparedness for a cyberattack?","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":" 24","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140221339","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Theory-Guided Feature Selection in Cybercrime Data Science","authors":"Shiven Naidoo, Rennie Naidoo","doi":"10.34190/iccws.19.1.2009","DOIUrl":"https://doi.org/10.34190/iccws.19.1.2009","url":null,"abstract":"Cybercrime data science is being significantly hampered by the presence of 'noisy' features within vast and complex datasets. We draw from the theoretical insights of the behavioural sciences to propose a feature selection model to enrich and improve the value and interpretability of cybercrime intelligence datasets. We piloted our theory-guided feature selection approach on a subset of intelligence datafeeds provided by a global fraud and cybercrime tracking firm. The results of the proposed social influence feature selection model show significant improvement in the interpretability of the machine learning-based exploratory analysis and advanced visualization techniques in an experimental setting. The feature selection model yielded rich insights about cybercriminal psychological tactics from social engineering scam data and has potential applicability in the areas of cyberthreat response and cybersecurity awareness training. Our study shows the value of an interdisciplinary theory-guided approach to cybercrime data analytics that integrates scientific knowledge from the behavioural sciences and data science expertise. Our paper concludes by suggesting avenues for future research on theory-guided feature selection seeking to incorporate behavioural science knowledge in cybercrime data science. We intend to refine, automate, evaluate, and scale our model in future research to assess its effectiveness in producing insights about cybercriminal activities and informing decision-making in a naturalistic and real-time setting. In future research efforts, we aim to automate the encoding of features and apply a wider range of machine learning tools and evaluation metrics to extract more meaningful insights into cybercriminal psychological tactics. We also intend to refine our model on larger datasets to enhance its efficiency and responsiveness to real-time cybercrime data.  We call on data scientists and cybercrime domain experts to work together to apply theory-guided feature selection to improve processes of knowledge discovery that enhance our cybersecurity capabilities.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":" 75","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140221472","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Teenagers: A Social Media Threat Vector","authors":"Henry Collier, Charlotte Morton","doi":"10.34190/iccws.19.1.1980","DOIUrl":"https://doi.org/10.34190/iccws.19.1.1980","url":null,"abstract":"Social media has grown significantly since the early days.  During this time, social media has grown to be a mainstay in most teenagers’ lives.  Whether they are on Facebook, Snapchat, X (formerly Twitter), or TikTok, teenagers have fully integrated social media into their lives.  Teens tend to post the ins and outs of their lives, sharing sensitive information about themselves to people they know, but also to strangers.  Although social media can be used for good, it can also be used by nefarious threat actors to take advantage of teenagers.  Social engineers count on their subject's desire to increase the number of virtual connections, which may increase the endorphin response received when they get “likes”.  As such, social engineers create targeting accounts and then try to get as many people to accept them as possible.  This increased footprint levitates the chances of a successful social engineering attack.  Add to this, when someone shares an abundance of information about themselves, social engineers use this information to target individuals with spear phishing attacks.  To further exacerbate the situation, social media uses algorithms to target its users and feed them with a significant amount of information that is not always vetted as being truthful.  When someone is influenced by disinformation, it increases their susceptibility by taking away their desire to verify the truth, but rather accept that what they are being told is the truth.  This case study examines the dynamics associated with teenagers and their susceptibility to becoming a victim of cybercrime and how social media perpetuates this situation.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":"157 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140222653","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}