Spartan Daily, September 19, 2013

Volume 141, Issue 10https://scholarworks.sjsu.edu/spartandaily/1429/thumbnail.jp

Using Case Studies To Teach Cybersecurity Courses

This paper introduces a holistic and case-analysis teaching model by integrating case studies into cybersecurity courses. The proposed model starts by analyzing real-world cyber breaches. Students look into the details of these attacks and learn how these attacks took place from the beginning to the end. During the process of case analysis, a list of security topics reflecting different aspects of these breaches is introduced. Through guided in-class discussion and hands-on lab assignments, student learning in lecture will be reinforced. Overall, the entire cybersecurity course is driven by case studies. The proposed model is great for teaching cybersecurity. First, the new model can easily draw students’ interests with real-world cases. Second, the new model can help to teach human and business factors in cybersecurity. Third, the new model can improve student learning outcomes, particularly helping students gain a holistic view of security

Cybersecurity Architectural Analysis for Complex Cyber-Physical Systems

In the modern military’s highly interconnected and technology-reliant operational environment, cybersecurity is rapidly growing in importance. Moreover, as a number of highly publicized attacks have occurred against complex cyber-physical systems such as automobiles and airplanes, cybersecurity is no longer limited to traditional computer systems and IT networks. While architectural analysis approaches are critical to improving cybersecurity, these approaches are often poorly understood and applied in ad hoc fashion. This work addresses these gaps by answering the questions: 1. “What is cybersecurity architectural analysis?” and 2. “How can architectural analysis be used to more effectively support cybersecurity decision making for complex cyber-physical systems?” First, a readily understandable description of key architectural concepts and definitions is provided which culminates in a working definition of “cybersecurity architectural analysis,” since none is available in the literature. Next, we survey several architectural analysis approaches to provide the reader with an understanding of the various approaches being used across government and industry. Based on our proposed definition, the previously introduced key concepts, and our survey results, we establish desirable characteristics for evaluating cybersecurity architectural analysis approaches. Lastly, each of the surveyed approaches is assessed against the characteristics and areas of future work are identified

Conceptual Systems Security Analysis Aerial Refueling Case Study

In today’s highly interconnected and technology reliant environment, systems security is rapidly growing in importance to complex systems such as automobiles, airplanes, and defense-oriented weapon systems. While systems security analysis approaches are critical to improving the security of these advanced cyber-physical systems-of-systems, such approaches are often poorly understood and applied in ad hoc fashion. To address these gaps, first a study of key architectural analysis concepts and definitions is provided with an assessment of their applicability towards complex cyber-physical systems. From this initial work, a definition of cybersecurity architectural analysis for cyber-physical systems is proposed. Next, the System Theory Theoretic Process Analysis approach for Security (STPA Sec) is tailored and presented in three phases which support the development of conceptual-level security requirements, applicable design-level criteria, and architectural-level security specifications. This work uniquely presents a detailed case study of a conceptual-level systems security analysis of a notional aerial refueling system based on the tailored STPA-Sec approach. This work is critically important for advancing the science of systems security engineering by providing a standardized approach for understanding security, safety, and resiliency requirements in complex systems with traceability and testability

Doctor of Philosophy

dissertationThis dissertation establishes a new visualization design process model devised to guide visualization designers in building more effective and useful visualization systems and tools. The novelty of this framework includes its flexibility for iteration, actionability for guiding visualization designers with concrete steps, concise yet methodical definitions, and connections to other visualization design models commonly used in the field of data visualization. In summary, the design activity framework breaks down the visualization design process into a series of four design activities: understand, ideate, make, and deploy. For each activity, the framework prescribes a descriptive motivation, list of design methods, and expected visualization artifacts. To elucidate the framework, two case studies for visualization design illustrate these concepts, methods, and artifacts in real-world projects in the field of cybersecurity. For example, these projects employ user-centered design methods, such as personas and data sketches, which emphasize our teams' motivations and visualization artifacts with respect to the design activity framework. These case studies also serve as examples for novice visualization designers, and we hypothesized that the framework could serve as a pedagogical tool for teaching and guiding novices through their own design process to create a visualization tool. To externally evaluate the efficacy of this framework, we created worksheets for each design activity, outlining a series of concrete, tangible steps for novices. In order to validate the design worksheets, we conducted 13 student observations over the course of two months, received 32 online survey responses, and performed a qualitative analysis of 11 in-depth interviews. Students found the worksheets both useful and effective for framing the visualization design process. Next, by applying the design activity framework to technique-driven and evaluation-based research projects, we brainstormed possible extensions to the design model. Lastly, we examined implications of the design activity framework and present future work in this space. The visualization community is challenged to consider how to more effectively describe, capture, and communicate the complex, iterative nature of data visualization design throughout research, design, development, and deployment of visualization systems and tools

Cyber warfare: threats and opportunities

Relatório apresentado à Universidade Fernando Pessoa como parte dos requisitos para o cumprimento do programa de Pós-Doutoramento em Ciências da InformaçãoCybersecurity has gone through several changes that have presented new challenges in recent years, complicated by the rise of cybercrime and digital warfare. With the introduction of militarizing the space domain, it has become apparent that we must consider multidomain concepts. Thus, the threat landscape has again shifted, and defenders must become knowledgeable about how the cyber domain crosses into maritime, land, air, and space. The traditional thinking of protecting enterprise systems locked away in a building is no longer. Thus, we have the emergence of cyber warfare and cyber as a fifth domain that brings together maritime, land, space, and air. These domains are not just for the military but the civilian sector as well. Understanding the role of cyber and how it can be used to take advantage or secure the remaining domains will give entities the upper hand in strategy. The technological advancements that pave the way to the mass implementation of the Internet of Things (IoT) and Internet connectivity to everyday devices have led to an explosion in cyberattacks such as breaches resulting in millions of accounts being compromised. (Dawson, Eltayeb, & Omar, 2016). Bad actors such as those focused on criminal activities regarding human trafficking and espionage navigate these domains to circumvent law enforcement agencies globally. We must understand how exploitation, circumvention, and defense needs to occur in a multidomain concept. However, knowing that the cyber domain is a domain that goes through land, maritime, space, and air can be an area that serves as a central point for realizing assured security. Executive Orders (EO), laws, policies, doctrine, and other directives have shaped the landscape of cybersecurity. New EOs have been released that allow a cyber-attack with responsive measures such as one that involves military force. Laws created that impose rights for Personal Identifiable Information (PII) being breached, leaving millions of individuals unprotected. One of these most well-known items is General Data Protection Regulation (GDPR) as it relates to the European Union (EU) and the evolving threats with hyperconnectivity (Martínez, 2019a; Martínez, 2019b). Understanding the role of cybercrime and digital warfare and how they continue to play in shaping the technological landscape is critical. These various actions change the spectrum regarding combating nefarious actors or design errors that leave the system susceptible. As attacks continue to rise from bad actors such as nation-states, terrorists, and other entities, it is essential to understand the threat landscape and select cybersecurity methodologies that can be put in place to provide adequate measures. This document presents the work form a post-doctoral project that provides a perspective of cybersecurity under a information science perspective. This six-month project allows to stress the broadly importance that information and its management (not just within the information security context), and the urgent need to deal with cybersecurity as a societal challenge. The document is organized in four main chapters presenting different but complementary issues, going from high level to a more operational level: National Cybersecurity Education: Bridging Defense to Offense, stressing the importance of societal awareness and education. Emerging Technologies in the Fourth Industrial Revolution, stressing the importance to consider cybersecurity issues as core ones, even to economic and production areas. Nefarious Activities within the Deep Layers of the Internet, stressing the need to be part of digital places where information is traded, shared and, even sometimes, created. The fourth chapter provide a few hints and issues related with software development and test: Software Security Considerations. A final session presents several remarks as Final Thoughts, closing the work pointing out some of the current challenges that we are facing of.N/

Machine Learning in Application Security

Security threat landscape has transformed drastically over a period of time. Right from viruses, trojans and Denial of Service (DoS) to the newborn malicious family of ransomware, phishing, distributed DoS, and so on, there is no stoppage. The phenomenal transformation has led the attackers to have a new strategy born in their attack vector methodology making it more targeted—a direct aim towards the weakest link in the security chain aka humans. When we talk about humans, the first thing that comes to an attacker\u27s mind is applications. Traditional signature‐based techniques are inadequate for rising attacks and threats that are evolving in the application layer. They serve as good defences for protecting the organisations from perimeter and endpoint‐driven attacks, but what needs to be focused and analysed is right at the application layer where such defences fail. Protecting web applications has its unique challenges in identifying malicious user behavioural patterns being converted into a compromise. Thus, there is a need to look at a dynamic and signature‐independent model of identifying such malicious usage patterns within applications. In this chapter, the authors have explained on the technical aspects of integrating machine learning within applications in detecting malicious user behavioural pattern