12,202 research outputs found
NEMESYS: Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem
As a consequence of the growing popularity of smart mobile devices, mobile
malware is clearly on the rise, with attackers targeting valuable user
information and exploiting vulnerabilities of the mobile ecosystems. With the
emergence of large-scale mobile botnets, smartphones can also be used to launch
attacks on mobile networks. The NEMESYS project will develop novel security
technologies for seamless service provisioning in the smart mobile ecosystem,
and improve mobile network security through better understanding of the threat
landscape. NEMESYS will gather and analyze information about the nature of
cyber-attacks targeting mobile users and the mobile network so that appropriate
counter-measures can be taken. We will develop a data collection infrastructure
that incorporates virtualized mobile honeypots and a honeyclient, to gather,
detect and provide early warning of mobile attacks and better understand the
modus operandi of cyber-criminals that target mobile devices. By correlating
the extracted information with the known patterns of attacks from wireline
networks, we will reveal and identify trends in the way that cyber-criminals
launch attacks against mobile devices.Comment: Accepted for publication in Proceedings of the 28th International
Symposium on Computer and Information Sciences (ISCIS'13); 9 pages; 1 figur
Security, Privacy and Safety Risk Assessment for Virtual Reality Learning Environment Applications
Social Virtual Reality based Learning Environments (VRLEs) such as vSocial
render instructional content in a three-dimensional immersive computer
experience for training youth with learning impediments. There are limited
prior works that explored attack vulnerability in VR technology, and hence
there is a need for systematic frameworks to quantify risks corresponding to
security, privacy, and safety (SPS) threats. The SPS threats can adversely
impact the educational user experience and hinder delivery of VRLE content. In
this paper, we propose a novel risk assessment framework that utilizes attack
trees to calculate a risk score for varied VRLE threats with rate and duration
of threats as inputs. We compare the impact of a well-constructed attack tree
with an adhoc attack tree to study the trade-offs between overheads in managing
attack trees, and the cost of risk mitigation when vulnerabilities are
identified. We use a vSocial VRLE testbed in a case study to showcase the
effectiveness of our framework and demonstrate how a suitable attack tree
formalism can result in a more safer, privacy-preserving and secure VRLE
system.Comment: Tp appear in the CCNC 2019 Conferenc
A Characterization of Cybersecurity Posture from Network Telescope Data
Data-driven understanding of cybersecurity posture is an important problem
that has not been adequately explored. In this paper, we analyze some real data
collected by CAIDA's network telescope during the month of March 2013. We
propose to formalize the concept of cybersecurity posture from the perspectives
of three kinds of time series: the number of victims (i.e., telescope IP
addresses that are attacked), the number of attackers that are observed by the
telescope, and the number of attacks that are observed by the telescope.
Characterizing cybersecurity posture therefore becomes investigating the
phenomena and statistical properties exhibited by these time series, and
explaining their cybersecurity meanings. For example, we propose the concept of
{\em sweep-time}, and show that sweep-time should be modeled by stochastic
process, rather than random variable. We report that the number of attackers
(and attacks) from a certain country dominates the total number of attackers
(and attacks) that are observed by the telescope. We also show that
substantially smaller network telescopes might not be as useful as a large
telescope
An Overview of Economic Approaches to Information Security Management
The increasing concerns of clients, particularly in online commerce, plus the impact of legislations on information security have compelled companies to put more resources in information security. As a result, senior managers in many organizations are now expressing a much greater interest in information security. However, the largest body of research related to preventing breaches is technical, focusing on such issues as encryption and access control. In contrast, research related to the economic aspects of information security is small but rapidly growing. The goal of this technical note is twofold: i) to provide the reader with an structured overview of the economic approaches to information security and ii) to identify potential research directions
Studying Ransomware Attacks Using Web Search Logs
Cyber attacks are increasingly becoming prevalent and causing significant
damage to individuals, businesses and even countries. In particular, ransomware
attacks have grown significantly over the last decade. We do the first study on
mining insights about ransomware attacks by analyzing query logs from Bing web
search engine. We first extract ransomware related queries and then build a
machine learning model to identify queries where users are seeking support for
ransomware attacks. We show that user search behavior and characteristics are
correlated with ransomware attacks. We also analyse trends in the temporal and
geographical space and validate our findings against publicly available
information. Lastly, we do a case study on 'Nemty', a popular ransomware, to
show that it is possible to derive accurate insights about cyber attacks by
query log analysis.Comment: To appear in the proceedings of SIGIR 202
Distributed Denial of Service Attacks on Cloud Computing Environmentā
This paper aimed to identify the various kinds of distributed denial of service attacks (DDoS) attacks, their destructive capabilities, and most of all, how best these issues could be counter attacked and resolved for the benefit of all stakeholders along the cloud continuum, preferably as permanent solutions. A compilation of the various types of DDoS is done, their strike capabilities and most of all, how best cloud computing environment issues could be addressed and resolved for the benefit of all stakeholders along the cloud continuum. The key challenges against effective DDoS defense mechanism are also explored
Common Mechanism for Detecting Multiple DDoS Attacks
An important principle of an internet-based system is information security. Information security is a very important aspect of distributed systems and IoT (Internet of Things) based wireless systems. The attack which is more harmful to the distributed system and IoT-based wireless system is a DDoS (Distributed Denial of Service) attack since in this attack, an attacker can stop the work of all other connected devices or users to the network. For securing distributed applications, various intrusion detection mechanisms are used. But most existing mechanisms are only concentrated on one kind of DDoS attack. This paper focuses on the basic architecture of IoT systems and an overview of single intrusion detection systems. This paper presents a single detection method for different DDoS attacks on distributed systems with an IoT interface. In the future, the system will provide support for detecting and preventing different DDoS attacks in IoT-based systems
- ā¦