An Optimization Framework for Generalized Relevance Learning Vector Quantization with Application to Z-Wave Device Fingerprinting

Z-Wave is low-power, low-cost Wireless Personal Area Network (WPAN) technology supporting Critical Infrastructure (CI) systems that are interconnected by government-to-internet pathways. Given that Z-wave is a relatively unsecure technology, Radio Frequency Distinct Native Attribute (RF-DNA) Fingerprinting is considered here to augment security by exploiting statistical features from selected signal responses. Related RF-DNA efforts include use of Multiple Discriminant Analysis (MDA) and Generalized Relevance Learning Vector Quantization-Improved (GRLVQI) classifiers, with GRLVQI outperforming MDA using empirically determined parameters. GRLVQI is optimized here for Z-Wave using a full factorial experiment with spreadsheet search and response surface methods. Two optimization measures are developed for assessing Z-Wave discrimination: 1) Relative Accuracy Percentage (RAP) for device classification, and 2) Mean Area Under the Curve (AUCM) for device identity (ID) verification. Primary benefits of the approach include: 1) generalizability to other wireless device technologies, and 2) improvement in GRLVQI device classification and device ID verification performance

Roadmap for NIS education programmes in Europe:education

This document continues work from previous activities by suggesting training materials, scenarios and a way forward for implementing the EC roadmap for NIS education in Europe. In doing so, the Agency has recognised the heterogeneous landscape of Europe in this area

The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

Características de los métodos de criminalística para cometer delitos informáticos y peculiaridades de su prevención

The article develops a new approach to computer crime, which consists in the forensic differentiation of methods of committing computer crimes by their complexity and danger level. We revealed the characteristic features of different types of computer crimes and classified the means and receptions of hi-tech ways of committing computer crimes, namely cyberterrorism, cyber-extremism and illegal influence on state critical information infrastructure. A new methodology for the forensic prevention of computer crimes has been proposed, based on the application of Honeypot technology. The results of the work allow to develop the modern criminalistic theory of crimes in the sphere of computer information, while data obtained during the research can be used as a scientific basis for conducting investigations of computer crimes.El artículo desarrolla un nuevo enfoque para el delito informático, que consiste en la diferenciación forense de los métodos para cometer delitos informáticos por su complejidad y nivel de peligro. Revelamos las características de los diferentes tipos de delitos informáticos y clasificamos los medios y las recepciones de las formas de alta tecnología para cometer delitos informáticos, a saber, el ciberterrorismo, el ciber-extremismo y la influencia ilegal en la infraestructura de información crítica del estado. Se ha propuesto una nueva metodología para la prevención forense de los delitos informáticos, basada en la aplicación de la tecnología Honeypot. Los resultados del trabajo permiten desarrollar la teoría criminalista moderna de los delitos en el ámbito de la información informática, mientras que los datos obtenidos durante la investigación pueden utilizarse como base científica para realizar investigaciones de delitos informáticos

Designing Monitoring Systems for Continuous Certification of Cloud Services: Deriving Meta-requirements and Design Guidelines

Continuous service certification (CSC) involves the consistently gathering and assessing certification-relevant information about cloud service operations to validate whether they continue to adhere to certification criteria. Previous research has proposed test-based CSC methodologies that directly assess the components of cloud service infrastructures. However, test-based certification requires that certification authorities can access the cloud infrastructure, which various issues may limit. To address these challenges, cloud service providers need to conduct monitoring-based CSC; that is, monitor their cloud service infrastructure to gather certification-relevant data by themselves and then provide these data to certification authorities. Nevertheless, we need to better understand how to design monitoring systems to enable cloud service providers to perform such monitoring. By taking a design science perspective, we derive universal meta-requirements and design guidelines for CSC monitoring systems based on findings from five expert focus group interviews with 33 cloud experts and 10 one-to-one interviews with cloud customers. With this study, we expand the current knowledge base regarding CSC and monitoring-based CSC. Our derived design guidelines contribute to the development of CSC monitoring systems and enable monitoring-based CSC that overcomes issues of prior test-based approaches