175 research outputs found
An n-sided polygonal model to calculate the impact of cyber security events
This paper presents a model to represent graphically the impact of cyber
events (e.g., attacks, countermeasures) in a polygonal systems of n-sides. The
approach considers information about all entities composing an information
system (e.g., users, IP addresses, communication protocols, physical and
logical resources, etc.). Every axis is composed of entities that contribute to
the execution of the security event. Each entity has an associated weighting
factor that measures its contribution using a multi-criteria methodology named
CARVER. The graphical representation of cyber events is depicted as straight
lines (one dimension) or polygons (two or more dimensions). Geometrical
operations are used to compute the size (i.e, length, perimeter, surface area)
and thus the impact of each event. As a result, it is possible to identify and
compare the magnitude of cyber events. A case study with multiple security
events is presented as an illustration on how the model is built and computed.Comment: 16 pages, 5 figures, 2 tables, 11th International Conference on Risks
and Security of Internet and Systems, (CRiSIS 2016), Roscoff, France,
September 201
Recommended from our members
Cyber insurance of information systems: Security and privacy cyber insurance contracts for ICT and helathcare organizations
Nowadays, more-and-more aspects of our daily activities are digitalized. Data and assets in the cyber-space, both for individuals and organizations, must be safeguarded. Thus, the insurance sector must face the challenge of digital transformation in the 5G era with the right set of tools. In this paper, we present CyberSure-an insurance framework for information systems. CyberSure investigates the interplay between certification, risk management, and insurance of cyber processes. It promotes continuous monitoring as the new building block for cyber insurance in order to overcome the current obstacles of identifying in real-time contractual violations by the insured party and receiving early warning notifications prior the violation. Lightweight monitoring modules capture the status of the operating components and send data to the CyberSure backend system which performs the core decision making. Therefore, an insured system is certified dynamically, with the risk and insurance perspectives being evaluated at runtime as the system operation evolves. As new data become available, the risk management and the insurance policies are adjusted and fine-tuned. When an incident occurs, the insurance company possesses adequate information to assess the situation fast, estimate accurately the level of a potential loss, and decrease the required period for compensating the insured customer. The framework is applied in the ICT and healthcare domains, assessing the system of medium-size organizations. GDPR implications are also considered with the overall setting being effective and scalable
Using the Pattern-of-Life in Networks to Improve the Effectiveness of Intrusion Detection Systems
The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.As the complexity of cyber-attacks keeps increasing, new and more robust detection mechanisms need to be developed. The next generation of Intrusion Detection Systems (IDSs) should be able to adapt their detection characteristics based not only on the measureable network traffic, but also on the available high- level information related to the protected network to improve their detection results. We make use of the Pattern-of-Life (PoL) of a network as the main source of high-level information, which is correlated with the time of the day and the usage of the network resources. We propose the use of a Fuzzy Cognitive Map (FCM) to incorporate the PoL into the detection process. The main aim of this work is to evidence the improved the detection performance of an IDS using an FCM to leverage on network related contextual information. The results that we present verify that the proposed method improves the effectiveness of our IDS by reducing the total number of false alarms; providing an improvement of 9.68% when all the considered metrics are combined and a peak improvement of up to 35.64%, depending on particular metric combination
Multistage Voting Model with Alternative Elimination
The voting process is formalized as a multistage voting model with successive
alternative elimination. A finite number of agents vote for one of the
alternatives each round subject to their preferences. If the number of votes
given to the alternative is less than a threshold, it gets eliminated from the
game. A special subclass of repeated games that always stop after a finite
number of stages is considered. Threshold updating rule is proposed. A computer
simulation is used to illustrate two properties of these voting games
The Evolution of Embedding Metadata in Blockchain Transactions
The use of blockchains is growing every day, and their utility has greatly
expanded from sending and receiving crypto-coins to smart-contracts and
decentralized autonomous organizations. Modern blockchains underpin a variety
of applications: from designing a global identity to improving satellite
connectivity. In our research we look at the ability of blockchains to store
metadata in an increasing volume of transactions and with evolving focus of
utilization. We further show that basic approaches to improving blockchain
privacy also rely on embedding metadata. This paper identifies and classifies
real-life blockchain transactions embedding metadata of a number of major
protocols running essentially over the bitcoin blockchain. The empirical
analysis here presents the evolution of metadata utilization in the recent
years, and the discussion suggests steps towards preventing criminal use.
Metadata are relevant to any blockchain, and our analysis considers primarily
bitcoin as a case study. The paper concludes that simultaneously with both
expanding legitimate utilization of embedded metadata and expanding blockchain
functionality, the applied research on improving anonymity and security must
also attempt to protect against blockchain abuse.Comment: 9 pages, 6 figures, 1 table, 2018 International Joint Conference on
Neural Network
OPBUS: Risk-aware framework for the conformance of security-quality requirements in business processes
Several reports indicate that one of the most important business priorities is the improvement of business
and IT management. Nowadays, business processes and in general service-based ones use other external
services which are not under their jurisdiction. Organizations do not usually consider their exposition to
security risks when business processes cross organizational boundaries. In this paper, we propose a risk aware framework for security-quality requirements in business processes management. This framework is
focused on the inclusion of security issues from design to execution. The framework provides innovative
mechanisms based on model-based diagnosis and constraint programming in order to carry out the risk
assessment of business processes and the automatic check of the conformance of security requirements.Junta de Andalucía P08-TIC-04095Ministerio de Ciencia y Tecnología TIN2009-1371
Enhanced risk assessment equation for IPV6 deployment
Deploying IPv6 concomitant with the emerging technologies exposes the enterprise networks to the unforeseen threats as well as the existing
threats.In mitigating the threats, calculating the risks value for each of the identified threats is vital. However, the existing equation for risk assessment is inappropriate to be applied in assessing the risks in IPv6 because of their limitation in asset determination.Therefore, this paper highlights the modification made in the existing risk assessment equation.The enhanced
risk assessment equation is used to calculate the risk value for IPv6 deployment.The enhanced equation adapts three elements: confidentiality, integrity and availability in achieving security goals. The importance of having the enhanced equation is it enables the network administrator to calculate the potential risks for each of the potential IPv6 attack.Securing the enterprise
networks is an iterative process that has no ended points. Hence, it is crucial to modify and adapt a proper equation when performing the risk assessment.In the future, more experiments will be conducted to test for feasibility of the equation
Impact of User Experience and Comprehension on Awareness Training
The human component of information systems is a target of cyberattacks. Firms address the threat using security awareness training, monitoring, controls, and enforcement. User security awareness as a part of the information system is key. Increasing telework, remote access, and collaborative technologies require user security hygiene. The problem is acute with small and mid-sized businesses, more likely to invest less in cybersecurity. This study seeks to assess the effectiveness of security awareness training at influencing user behaviors. The assessment includes the influence of training and culture on policy compliance via leadership prerogative and the moderating effect of user comprehension of security tool messaging. Security tools are integral to defense-in-depth. Little research has examined how security tools use affects user compliance intention. This study seeks to incorporate employee cognition of information from security tools into an understanding of factors that influence user attitudes toward security policy compliance
- …