Tracking advanced persistent threats in critical infrastructures through opinion dynamics

Advanced persistent threats pose a serious issue for modern industrial environments, due to their targeted and complex attack vectors that are difficult to detect. This is especially severe in critical infrastructures that are accelerating the integration of IT technologies. It is then essential to further develop effective monitoring and response systems that ensure the continuity of business to face the arising set of cyber-security threats. In this paper, we study the practical applicability of a novel technique based on opinion dynamics, that permits to trace the attack throughout all its stages along the network by correlating different anomalies measured over time, thereby taking the persistence of threats and the criticality of resources into consideration. The resulting information is of essential importance to monitor the overall health of the control system and cor- respondingly deploy accurate response procedures. Advanced Persistent Threat Detection Traceability Opinion Dynamics.Universidad de Málaga. Campus de Excelencia Internacional Andalucía Tech

Dependability engineering in Isabelle

In this paper, we introduce a process of formal system development supported by interactive theorem proving in a dedicated Isabelle framework. This Isabelle Infrastructure framework implements specification and verification in a cyclic process supported by attack tree analysis closely inter-connected with formal refinement of the specification. The process is cyclic: in a repeated iteration the refinement adds more detail to the system specification. It is a known hard problem how to find the next refinement step: this problem is addressed by the attack based analysis using Kripke structures and CTL logic. We call this cyclic process the Refinement-Risk cycle (RR-cycle). It has been developed for security and privacy of IoT healthcare systems initially but is more generally applicable for safety as well, that is, dependability in general. In this paper, we present the extensions to the Isabelle Infrastructure framework implementing a formal notion of property preserving refinement interleaved with attack tree analysis for the RR-cycle. The process is illustrated on the specification development and privacy analysis of the mobile Corona-virus warning app

Impacts and Risk of Generative AI Technology on Cyber Defense

Generative Artificial Intelligence (GenAI) has emerged as a powerful technology capable of autonomously producing highly realistic content in various domains, such as text, images, audio, and videos. With its potential for positive applications in creative arts, content generation, virtual assistants, and data synthesis, GenAI has garnered significant attention and adoption. However, the increasing adoption of GenAI raises concerns about its potential misuse for crafting convincing phishing emails, generating disinformation through deepfake videos, and spreading misinformation via authentic-looking social media posts, posing a new set of challenges and risks in the realm of cybersecurity. To combat the threats posed by GenAI, we propose leveraging the Cyber Kill Chain (CKC) to understand the lifecycle of cyberattacks, as a foundational model for cyber defense. This paper aims to provide a comprehensive analysis of the risk areas introduced by the offensive use of GenAI techniques in each phase of the CKC framework. We also analyze the strategies employed by threat actors and examine their utilization throughout different phases of the CKC, highlighting the implications for cyber defense. Additionally, we propose GenAI-enabled defense strategies that are both attack-aware and adaptive. These strategies encompass various techniques such as detection, deception, and adversarial training, among others, aiming to effectively mitigate the risks posed by GenAI-induced cyber threats

The Evolution of Cyber Conflicts and its Impact on International Security: A Comprehensive analysis

openThe rapid advancement of technology has given rise to a new form of warfare known as cyber conflicts. As our world becomes increasingly interconnected, the importance of understanding the historical development and impact of cyber conflicts on international security has become paramount. This thesis aims to provide a comprehensive historical analysis of cyber conflicts and their implications for global security. The objectives of this research are to examine the historical development of cyber conflicts, investigate different types of cyber conflicts, and analyze their effects on state behavior within the broader context of international security. By delving into case studies, conducting a thorough literature review, and employing relevant theoretical frameworks, this study aims to provide valuable insights into the evolving landscape of cyber conflicts and their intersection with traditional warfare. The research will begin by tracing the historical evolution of cyber conflicts, exploring their origins, and highlighting significant milestones that have shaped the field. It will delve into the development of cyber warfare tactics, the emergence of state-sponsored cyber attacks, and the changing motivations behind cyber conflicts. Furthermore, we will investigate different types of cyber conflicts, including cyber espionage, cyber warfare, hacktivism, and cyber terrorism. By analyzing their characteristics, tactics, and objectives, a comprehensive typology of cyber conflicts will be developed, aiding in understanding the diverse nature of this complex domain. The research will also explore the impact of cyber conflicts on state behavior within the broader context of international security. It will examine how cyber attacks and cyber capabilities shape the strategies, decision-making processes, and military doctrines of states. The interplay between cyber conflicts and traditional conventional warfare will be analyzed, shedding light on their interconnectedness and the evolving nature of global security dynamics. Ultimately, one of the main aims within this research is to assess the implications of cyber conflicts for international security. It will explore the challenges posed by cyber threats to national security, the stability of international relations, and the effectiveness of existing security mechanisms. By drawing on case studies, theoretical frameworks, and expert analysis, this study seeks to contribute to academic knowledge, inform policy discussions, and provide a foundation for further research in this critical and rapidly evolving field.The rapid advancement of technology has given rise to a new form of warfare known as cyber conflicts. As our world becomes increasingly interconnected, the importance of understanding the historical development and impact of cyber conflicts on international security has become paramount. This thesis aims to provide a comprehensive historical analysis of cyber conflicts and their implications for global security. The objectives of this research are to examine the historical development of cyber conflicts, investigate different types of cyber conflicts, and analyze their effects on state behavior within the broader context of international security. By delving into case studies, conducting a thorough literature review, and employing relevant theoretical frameworks, this study aims to provide valuable insights into the evolving landscape of cyber conflicts and their intersection with traditional warfare. The research will begin by tracing the historical evolution of cyber conflicts, exploring their origins, and highlighting significant milestones that have shaped the field. It will delve into the development of cyber warfare tactics, the emergence of state-sponsored cyber attacks, and the changing motivations behind cyber conflicts. Furthermore, we will investigate different types of cyber conflicts, including cyber espionage, cyber warfare, hacktivism, and cyber terrorism. By analyzing their characteristics, tactics, and objectives, a comprehensive typology of cyber conflicts will be developed, aiding in understanding the diverse nature of this complex domain. The research will also explore the impact of cyber conflicts on state behavior within the broader context of international security. It will examine how cyber attacks and cyber capabilities shape the strategies, decision-making processes, and military doctrines of states. The interplay between cyber conflicts and traditional conventional warfare will be analyzed, shedding light on their interconnectedness and the evolving nature of global security dynamics. Ultimately, one of the main aims within this research is to assess the implications of cyber conflicts for international security. It will explore the challenges posed by cyber threats to national security, the stability of international relations, and the effectiveness of existing security mechanisms. By drawing on case studies, theoretical frameworks, and expert analysis, this study seeks to contribute to academic knowledge, inform policy discussions, and provide a foundation for further research in this critical and rapidly evolving field

Online advertising: analysis of privacy threats and protection approaches

Online advertising, the pillar of the “free” content on the Web, has revolutionized the marketing business in recent years by creating a myriad of new opportunities for advertisers to reach potential customers. The current advertising model builds upon an intricate infrastructure composed of a variety of intermediary entities and technologies whose main aim is to deliver personalized ads. For this purpose, a wealth of user data is collected, aggregated, processed and traded behind the scenes at an unprecedented rate. Despite the enormous value of online advertising, however, the intrusiveness and ubiquity of these practices prompt serious privacy concerns. This article surveys the online advertising infrastructure and its supporting technologies, and presents a thorough overview of the underlying privacy risks and the solutions that may mitigate them. We first analyze the threats and potential privacy attackers in this scenario of online advertising. In particular, we examine the main components of the advertising infrastructure in terms of tracking capabilities, data collection, aggregation level and privacy risk, and overview the tracking and data-sharing technologies employed by these components. Then, we conduct a comprehensive survey of the most relevant privacy mechanisms, and classify and compare them on the basis of their privacy guarantees and impact on the Web.Peer ReviewedPostprint (author's final draft