Zero Trust and Advanced Persistent Threats: Who Will Win the War?

Advanced Persistent Threats (APTs) are state-sponsored actors who break into computer networks for political or industrial espionage. Because of the nature of cyberspace and ever-changing sophisticated attack techniques, it is challenging to prevent and detect APT attacks. 2020 United States Federal Government data breach once again showed how difficult to protect networks from targeted attacks. Among many other solutions and techniques, zero trust is a promising security architecture that might effectively prevent the intrusion attempts of APT actors. In the zero trust model, no process insider or outside the network is trusted by default. Zero trust is also called perimeterless security to indicate that it changes the focus from network devices to assets. All processes are required to verify themselves to access the resources. In this paper, we focused on APT prevention. We sought an answer to the question: could the 2020 United States Federal Government data breach have been prevented if the attacked networks used zero trust architecture? To answer this question, we used MITRE\u27s ATT&CK® framework to extract how the APT29 threat group techniques could be mitigated to prevent initial access to federal networks. Secondly, we listed basic constructs of the zero trust model using NIST Special Publication 800-207 and several other academic and industry resources. Finally, we analyzed how zero trust can prevent malicious APT activities. We found that zero trust has a strong potential of preventing APT attacks or mitigating them significantly. We also suggested that vulnerability scanning, application developer guidance, and training should not be neglected in zero trust implementations as they are not explicitly or strongly mentioned in NIST SP 800-207 and are among the mostly referred controls in academic and industry publications

MMM: May I Mine Your Mind?

Consider the following set-up for the plot of a possible future episode of the TV series Black Mirror: human brains can be connected directly to the net and MiningMind Inc. has developed a technology that merges a reward system with a cryptojacking engine that uses the human brain to mine cryptocurrency (or to carry out some other mining activity). Part of our brain will be committed to cryptographic calculations (mining), leaving the remaining part untouched for everyday operations, i.e., for our brain's normal daily activity. In this short paper, we briefly argue why this set-up might not be so far fetched after all, and explore the impact that such a technology could have on our lives and our society.Comment: 4 pages, 0 figure, Accepted at the "Re-Coding Black Mirror" workshop of the International World Wide Web Conferences (WWW

Marketing Aspects of Technology Ventures

Cílem diplomové práce je analýza marketingových nástrojů použitých firmou XAX a následně vyhodnotit a navrhnout zvýšení jejich efektivity. Popis strategie společnosti a faktory ovlivňující budou identifikovány. Práce obsahuje návrhy a doporučení na zvýšení efektivity marketingových nástrojů dané firmy v oblasti High-tech odvětví.The aim of diploma thesis is to analyze marketing tools used in Company XAX and under this condition evaluate and purpose increase efficiency used tools. The current marketing strategy of the company is described and main influencing factors are identified. The thesis contains proposals and recommendations for tools usage in the field of High-tech marketing.

Leveraging Artificial Intelligence and Machine Learning for Enhanced Cybersecurity: A Proposal to Defeat Malware

Cybersecurity is very crucial in the digital age in order to safeguard the availability, confidentiality, and integrity of data and systems. Mitigation techniques used in the industry include Multi-factor Authentication (MFA), Incident Response Planning (IRP), Security Information and Event Management (SIEM), and Signature-based and Heuristic Detection. MFA is employed as an additional layer of protection in several sectors to help prevent unauthorized access to sensitive data. IRP is a plan in place to address cybersecurity problems efficiently and expeditiously. SIEM offers real-time analysis and alerts the system of threats and vulnerabilities. Heuristic-based detection relies on detecting anomalies when it comes to the behavior of files and domains, whereas signature-based detection uses predefined malware codes and known signatures to help identify malware. Artificial intelligence along with machine learning could enhance cyber detection and response by utilizing a vast amount of data and algorithms to help identify trends, make predictions, and take actions without human supervision. This paper discusses how this proposal can be accomplished and could help defeat malware

Tapjacking Threats and Mitigation Techniques for Android Applications

With the increased dependency on web applications through mobile devices, malicious attack techniques have now shifted from traditional web applications running on desktop or laptop (allowing mouse click- based interactions) to mobile applications running on mobile devices (allowing touch-based interactions). Clickjacking is a type of malicious attack originating in web applications, where victims are lured to click on seemingly benign objects in web pages. However, when clicked, unintended actions are performed without the user’s knowledge. In particular, it is shown that users are lured to touch an object of an application triggering unintended actions not actually intended by victims. This new form of clickjacking on mobile devices is called tapjacking. There is little research that thoroughly investigates attacks and mitigation techniques due to tapjacking in mobile devices. In this thesis, we identify coding practices that can be helpful for software practitioners to avoid malicious attacks and define a detection techniques to prevent the consequence of malicious attacks for the end users. We first find out where tapjacking attack type falls within the broader literature of malware, in particular for Android malware. In this direction, we propose a classification of Android malware. Then, we propose a novel technique based on Kullback-Leibler Divergence (KLD) to identify possible tapjacking behavior in applications. We validate the approach with a set of benign and malicious android applications. We also implemented a prototype tool for detecting tapjacking attack symptom using the KLD based measurement. The evaluation results show that tapjacking can be detected effectively with KLD

Toward a sustainable cybersecurity ecosystem

© 2020 by the authors. Licensee MDPI, Basel, Switzerland. Cybersecurity issues constitute a key concern of today’s technology-based economies. Cybersecurity has become a core need for providing a sustainable and safe society to online users in cyberspace. Considering the rapid increase of technological implementations, it has turned into a global necessity in the attempt to adapt security countermeasures, whether direct or indirect, and prevent systems from cyberthreats. Identifying, characterizing, and classifying such threats and their sources is required for a sustainable cyber-ecosystem. This paper focuses on the cybersecurity of smart grids and the emerging trends such as using blockchain in the Internet of Things (IoT). The cybersecurity of emerging technologies such as smart cities is also discussed. In addition, associated solutions based on artificial intelligence and machine learning frameworks to prevent cyber-risks are also discussed. Our review will serve as a reference for policy-makers from the industry, government, and the cybersecurity research community

Cybersecurity: Past, Present and Future

The digital transformation has created a new digital space known as cyberspace. This new cyberspace has improved the workings of businesses, organizations, governments, society as a whole, and day to day life of an individual. With these improvements come new challenges, and one of the main challenges is security. The security of the new cyberspace is called cybersecurity. Cyberspace has created new technologies and environments such as cloud computing, smart devices, IoTs, and several others. To keep pace with these advancements in cyber technologies there is a need to expand research and develop new cybersecurity methods and tools to secure these domains and environments. This book is an effort to introduce the reader to the field of cybersecurity, highlight current issues and challenges, and provide future directions to mitigate or resolve them. The main specializations of cybersecurity covered in this book are software security, hardware security, the evolution of malware, biometrics, cyber intelligence, and cyber forensics. We must learn from the past, evolve our present and improve the future. Based on this objective, the book covers the past, present, and future of these main specializations of cybersecurity. The book also examines the upcoming areas of research in cyber intelligence, such as hybrid augmented and explainable artificial intelligence (AI). Human and AI collaboration can significantly increase the performance of a cybersecurity system. Interpreting and explaining machine learning models, i.e., explainable AI is an emerging field of study and has a lot of potentials to improve the role of AI in cybersecurity.Comment: Author's copy of the book published under ISBN: 978-620-4-74421-

Malware attack prevention, detection, response and recovery

The content of this document presents an in-depth study of the main current cybersecurity threats and an automated tool for managing responses to each of them. This study focuses on attacks in the banking sector, analysing the main entry channels of attackers, the attack vectors and the evolution of the attackers once inside the systems. As for the tool, based on VBA and Excel macros, it will allow to present the study at the level of the MITRE Matrix which will be explained later in this document, and through input parameters it will be able to show where its main security vulnerabilities are and if it meets the appropriate requirements to avoid most threats.El contenido de este documento presenta un estudio en profundidad de las principales amenazas actuales de ciberseguridad y una herramienta automatizada para la gestión de respuestas a cada una de ellas. Este estudio se centra en los ataques en el sector bancario, analizando los principales canales de entrada de atacantes, los vectores de ataque y la evolución de los atacantes una vez dentro de los sistemas. En cuanto a la herramienta, basada en macros VBA y Excel, permitirá presentar el estudio al nivel de la matriz MITRE que se explicará más adelante en este documento, y a través de los parámetros de entrada podrá mostrar donde están sus principales vulnerabilidades de seguridad y si cumple los requisitos apropiados para evitar la mayoría de las amenazas.El contingut d'aquest document presenta un estudi en profunditat de les principals amenaces actuals de ciberseguretat i una eina automatitzada per a la gestió de respostes a cadascuna d'elles. Aquest estudi se centra en els atacs en el sector bancari, analitzant els principals canals d'entrada d'atacants, els vectors d'atac i l'evolució dels atacants una vegada dins dels sistemes. En quant a l'eina, basada en macros VBA i Excel, permetrà presentar l'estudi al nivell de la matriu MITRE que s'explicarà més endavant en aquest document, i a través dels paràmetres d'entrada podrà mostrar on estan les seves principals vulnerabilitats de seguretat i si compleix els requisits apropiats per evitar la majoria de les amenace