18,974 research outputs found
A spatio-temporal entropy-based approach for the analysis of cyber attacks (demo paper)
Computer networks are ubiquitous systems growing exponentially with a predicted 50 billion devices connected by 2050. This dramatically increases the potential attack surface of Internet networks. A key issue in cyber defense is to detect, categorize and identify these attacks, the way they are propagated and their potential impacts on the systems affected. The research presented in this paper models cyber attacks at large by considering the Internet as a complex system in which attacks are propagated over a network. We model an attack as a path from a source to a target, and where each attack is categorized according to its intention. We setup an experimental testbed with the concept of honeypot that evaluates the spatiotemporal distribution of these Internet attacks. The preliminary results show a series of patterns in space and time that illustrate the potential of the approach, and how cyber attacks can be categorized according to the concept and measure of entropy
SCADA System Testbed for Cybersecurity Research Using Machine Learning Approach
This paper presents the development of a Supervisory Control and Data
Acquisition (SCADA) system testbed used for cybersecurity research. The testbed
consists of a water storage tank's control system, which is a stage in the
process of water treatment and distribution. Sophisticated cyber-attacks were
conducted against the testbed. During the attacks, the network traffic was
captured, and features were extracted from the traffic to build a dataset for
training and testing different machine learning algorithms. Five traditional
machine learning algorithms were trained to detect the attacks: Random Forest,
Decision Tree, Logistic Regression, Naive Bayes and KNN. Then, the trained
machine learning models were built and deployed in the network, where new tests
were made using online network traffic. The performance obtained during the
training and testing of the machine learning models was compared to the
performance obtained during the online deployment of these models in the
network. The results show the efficiency of the machine learning models in
detecting the attacks in real time. The testbed provides a good understanding
of the effects and consequences of attacks on real SCADA environmentsComment: E-Preprin
An overview on the obsolescence of physical assets for the defence facing the challenges of industry 4.0 and the new operating environments
Libro en Open AccessThis contribution is intended to observe special features presented in physical assets for
defence. Particularly, the management of defence assets has to consider not only the reliability, availability,
maintainability and other factors frequently used in asset management. On the contrary, such systems
should also take into account their adaptation to changing operating environments as well as their capability
to changes on the technological context. This study approaches to the current real situation where, due
to the diversity of conflicts in our international context, the same type of defence systems must be able
to provide services under different boundary conditions in different areas of the globe. At the same time,
new concepts from the Industry 4.0 provide quick changes that should be considered along the life cycle
of a defence asset. As a finding or consequence, these variations in operating conditions and in technology
may accelerate asset degradation by modifying its reliability, its up-to-date status and, in general terms, its
end-of-life estimation, depending of course on a diversity of factors. This accelerated deterioration of the
asset is often known as “obsolescence” and its implications are often evaluated (when possible), in terms
of costs from different natures. The originality of this contribution is the introduction of a discussion on
how a proper analysis may help to reduce errors and mistakes in the decision-making process regarding the
suitability or not of repairing, replacing, or modernizing the asset or system under study. In other words,
the obsolescence analysis, from a reliability and technological point of view, could be used to determine the
conservation or not of a specific asset fleet, in order to understand the effects of operational and technology
factors variation over the functionality and life cycle cost of physical assets for defence
Social Aspects of New Technologies - the CCTV and Biometric (Framing Privacy and Data Protection) in the Case of Poland
The purpose of this paper is to review the institution responsible for the protection of personal data within the European Union and national example - Polish as a country representing the new Member States. The analysis of institutional system - providing legal security of communication and information institutions, companies and citizens against the dangers arising from the ongoing development of innovative new technologies in the European Union and Poland. This article is an attempt to analyze the possibility of using security systems and Biometry CTTV in Poland in terms of legislation. The results of the analysis indicate that, in terms of institutions Poland did not do badly in relation to the risks arising from the implementation of technology. The situation is not as good when it comes to the awareness of citizens and small businesses. This requires that facilitate greater access to free security software companies from data leakage or uncontrolled cyber-terrorist attacks. With regard to the use of security systems, CCTV and biometrics, Poland in legal terms is still early in the process of adapting to EU Directive. The continuous development of technology should force the legislature to establish clear standards and regulations for the application of CCTV technology and biometrics, as it is of great importance in ensuring the fundamental rights and freedoms of every citizen of the Polish Republic.Wyniki analizy wskazują, że pod względem instytucji Polska nie wypada źle w odniesieniu do zagrożeń wynikających z wdrożenia technologii. Sytuacja nie jest tak dobra, jeśli chodzi o świadomość obywateli i mniejszych firm. Wymaga to ułatwiania szerszego dostępu do darmowych programów zabezpieczających firmy przed wyciekiem danych lub niekontrolowanych cyber-ataków terrorystycznych. W odniesieniu do stosowania systemów zabezpieczeń CCTV oraz biometrii, Polska pod względem prawnym jest wciąż na początku procesu dostosowania do dyrektywy UE. Ciągły rozwój technologii powinien zmusić ustawodawcę do stworzenia jednoznacznych standardów i przepisów obowiązujących w zakresie stosowania technologii CCTV oraz biometrii, gdyż ma to ogromne znaczenie w zapewnieniu podstawowych praw i wolności każdego obywatela Rzeczypospolitej Polskiej
- …