Modeling Deception for Cyber Security

In the era of software-intensive, smart and connected systems, the growing power and so- phistication of cyber attacks poses increasing challenges to software security. The reactive posture of traditional security mechanisms, such as anti-virus and intrusion detection systems, has not been sufficient to combat a wide range of advanced persistent threats that currently jeopardize systems operation. To mitigate these extant threats, more ac- tive defensive approaches are necessary. Such approaches rely on the concept of actively hindering and deceiving attackers. Deceptive techniques allow for additional defense by thwarting attackers’ advances through the manipulation of their perceptions. Manipu- lation is achieved through the use of deceitful responses, feints, misdirection, and other falsehoods in a system. Of course, such deception mechanisms may result in side-effects that must be handled. Current methods for planning deception chiefly portray attempts to bridge military deception to cyber deception, providing only high-level instructions that largely ignore deception as part of the software security development life cycle. Con- sequently, little practical guidance is provided on how to engineering deception-based techniques for defense. This PhD thesis contributes with a systematic approach to specify and design cyber deception requirements, tactics, and strategies. This deception approach consists of (i) a multi-paradigm modeling for representing deception requirements, tac- tics, and strategies, (ii) a reference architecture to support the integration of deception strategies into system operation, and (iii) a method to guide engineers in deception mod- eling. A tool prototype, a case study, and an experimental evaluation show encouraging results for the application of the approach in practice. Finally, a conceptual coverage map- ping was developed to assess the expressivity of the deception modeling language created.Na era digital o crescente poder e sofisticação dos ataques cibernéticos apresenta constan- tes desafios para a segurança do software. A postura reativa dos mecanismos tradicionais de segurança, como os sistemas antivírus e de detecção de intrusão, não têm sido suficien- tes para combater a ampla gama de ameaças que comprometem a operação dos sistemas de software actuais. Para mitigar estas ameaças são necessárias abordagens ativas de defesa. Tais abordagens baseiam-se na ideia de adicionar mecanismos para enganar os adversários (do inglês deception). As técnicas de enganação (em português, "ato ou efeito de enganar, de induzir em erro; artimanha usada para iludir") contribuem para a defesa frustrando o avanço dos atacantes por manipulação das suas perceções. A manipula- ção é conseguida através de respostas enganadoras, de "fintas", ou indicações erróneas e outras falsidades adicionadas intencionalmente num sistema. É claro que esses meca- nismos de enganação podem resultar em efeitos colaterais que devem ser tratados. Os métodos atuais usados para enganar um atacante inspiram-se fundamentalmente nas técnicas da área militar, fornecendo apenas instruções de alto nível que ignoram, em grande parte, a enganação como parte do ciclo de vida do desenvolvimento de software seguro. Consequentemente, há poucas referências práticas em como gerar técnicas de defesa baseadas em enganação. Esta tese de doutoramento contribui com uma aborda- gem sistemática para especificar e desenhar requisitos, táticas e estratégias de enganação cibernéticas. Esta abordagem é composta por (i) uma modelação multi-paradigma para re- presentar requisitos, táticas e estratégias de enganação, (ii) uma arquitetura de referência para apoiar a integração de estratégias de enganação na operação dum sistema, e (iii) um método para orientar os engenheiros na modelação de enganação. Uma ferramenta protó- tipo, um estudo de caso e uma avaliação experimental mostram resultados encorajadores para a aplicação da abordagem na prática. Finalmente, a expressividade da linguagem de modelação de enganação é avaliada por um mapeamento de cobertura de conceitos

The Dark Web: Cyber-Security Intelligence Gathering Opportunities, Risks and Rewards

We offer a partial articulation of the threats and opportunities posed by the so-called Dark Web (DW). We go on to propose a novel DW attack detection and prediction model. Signalling aspects are considered wherein the DW is seen to comprise a low cost signaling environment. This holds inherent dangers as well as rewards for investigators as well as those with criminal intent. Suspected DW perpetrators typically act entirely in their own self-interest (e.g. illicit financial gain, terrorism, propagation of extremist views, extreme forms of racism, pornography, and politics; so-called ‘radicalisation’). DWinvestigators therefore need to be suitably risk aware such that the construction of a credible legally admissible, robust evidence trail does not expose investigators to undue operational or legal risk

A conceptual framework for cyber counterintelligence

Abstract :D.Com (Computer Science

DRONE DELIVERY OF CBNRECy – DEW WEAPONS Emerging Threats of Mini-Weapons of Mass Destruction and Disruption (WMDD)

Drone Delivery of CBNRECy – DEW Weapons: Emerging Threats of Mini-Weapons of Mass Destruction and Disruption (WMDD) is our sixth textbook in a series covering the world of UASs and UUVs. Our textbook takes on a whole new purview for UAS / CUAS/ UUV (drones) – how they can be used to deploy Weapons of Mass Destruction and Deception against CBRNE and civilian targets of opportunity. We are concerned with the future use of these inexpensive devices and their availability to maleficent actors. Our work suggests that UASs in air and underwater UUVs will be the future of military and civilian terrorist operations. UAS / UUVs can deliver a huge punch for a low investment and minimize human casualties.https://newprairiepress.org/ebooks/1046/thumbnail.jp

A systematic survey of online data mining technology intended for law enforcement

As an increasing amount of crime takes on a digital aspect, law enforcement bodies must tackle an online environment generating huge volumes of data. With manual inspections becoming increasingly infeasible, law enforcement bodies are optimising online investigations through data-mining technologies. Such technologies must be well designed and rigorously grounded, yet no survey of the online data-mining literature exists which examines their techniques, applications and rigour. This article remedies this gap through a systematic mapping study describing online data-mining literature which visibly targets law enforcement applications, using evidence-based practices in survey making to produce a replicable analysis which can be methodologically examined for deficiencies

Developing Multi-Scale Models for Water Quality Management in Drinking Water Distribution Systems

Drinking water supply systems belong to the group of critical infrastructure systems that support the socioeconomic development of our modern societies. In addition, drinking water infrastructure plays a key role in the protection of public health by providing a common access to clean and safe water for all our municipal, industrial, and firefighting purposes. Yet, in the United States, much of our national water infrastructure is now approaching the end of its useful life while investments in its replacement and rehabilitation have been consistently inadequate. Furthermore, the aging water infrastructure has often been operated empirically, and the embracement of modern technologies in infrastructure monitoring and management has been limited. Deterioration of the water infrastructure and poor water quality management practices both have serious impacts on public health due to the increased likelihood of contamination events and waterborne disease outbreaks. Water quality reaching the consumers’ taps is largely dependent on a group of physical, chemical, and biological interactions that take place as the water transports through the pipes of the distribution system and inside premise plumbing. These interactions include the decay of disinfectant residuals, the formation of disinfection by-products (DBPs), the corrosion of pipe materials, and the growth and accumulation of microbial species. In addition, the highly dynamic nature of the system’s hydraulics adds another layer of complexity as they control the fate and transport of the various constituents. On the other hand, the huge scale of water distribution systems contributes dramatically to this deterioration mainly due to the long transport times between treatment and consumption points. Hence, utilities face a considerable challenge to efficiently manage the water quality in their aging distribution systems, and to stay in compliance with all regulatory standards. By integrating on-line monitoring with real-time simulation and control, smart water networks offer a promising paradigm shift to the way utilities manage water quality in their systems. Yet, multiple scientific gaps and engineering challenges still stand in the way towards the successful implementation of such advanced systems. In general, a fundamental understanding of the different physical, chemical, and biological processes that control the water quality is a crucial first step towards developing useful modeling tools. Furthermore, water quality models need to be accurate; to properly simulate the concentrations of the different constituents at the points of consumption, and fast; to allow their implementation in real-time optimization algorithms that sample different operational scenarios in real-time. On-line water quality monitoring tools need be both reliable and inexpensive to enable the ubiquitous surveillance of the system at all times. The main objective of this dissertation is to create advanced computational tools for water quality management in water distribution systems through the development and application of a multi-scale modeling framework. Since the above-mentioned interactions take place at different length and time scales, this work aims at developing computational models that are capable of providing the best description of each of the processes of interest by properly simulating each of its underlying phenomena at its appropriate scale of resolution. Molecular scale modeling using tools of ab-initio quantum chemical calculations and molecular dynamics simulations is employed to provide detailed descriptions of the chemical reactions happening at the atomistic level with the aim of investigating reaction mechanisms and developing novel materials for environmental sensing. Continuum scale reactive-transport models are developed for simulating the spatial and temporal distributions of the different compounds at the pipe level considering the effects of the dynamic hydraulics in the system driven by the spatiotemporal variability in water demands. System scale models are designed to optimize the operation of the different elements of the system by performing large-scale simulations coupled with optimization algorithms to identify the optimal operational strategies as a basis for accurate decision-making and superior water quality management. In conclusion, the computational models developed in this study can either be implemented as stand-alone tools for simulating the fundamental processes dictating the water quality at different scales of resolution, or be integrated into a unified framework in which information from the small scale models are propagated into the larger scale models to render a high fidelity representation of these processes

NATO and Offensive Cybersecurity: A Strategic Analysis

This thesis presents a strategic analysis on the possibility of use of offensive cyber capabilities by NATO in its defensive efforts. There is a vast array of academic literature regarding the strategic value of the use of offensive capabilities in cybersecurity, and NATO's cyber posture, however, there is little available regarding the relationship between both. Through the use of tools borrowed from Strategic Studies, this thesis attempts to determine whether it is possible to formulate valid cybersecurity strategies for the use of offensive cyber capabilities from the combination of known academic concepts with current NATO capabilities. The thesis also analyzes the possible implications of using such strategies as well as the underlying causes of their potential success or failure. Viana, André Lopes C. NATO and Offensive Cybersecurity: A Strategic Analysis, [number of pages]p. Master Thesis. Charles University, Faculty of Social Sciences, Institute of Political Studies. Supervisor PhDr. Vít Střítecký, M.Phil., Ph.D.Katedra bezpečnostních studiíDepartment of Security StudiesFaculty of Social SciencesFakulta sociálních vě

An Evaluation Schema for the Ethical Use of Autonomous Robotic Systems in Security Applications

We propose a multi-step evaluation schema designed to help procurement agencies and others to examine the ethical dimensions of autonomous systems to be applied in the security sector, including autonomous weapons systems

Legal Phantoms in Cyberspace: The Problematic Status of Information as a Weapon and a Target Under International Humanitarian Law

Reports of state-sponsored harmful cyber intrusions abound. The prevailing view among academics holds that if the effects or consequences of such intrusions are sufficiently damaging, international humanitarian law (IHL) should generally govern them-and recourse to armed force may also be justified against states responsible for these actions under the jus ad bellum. This Article argues, however, that there are serious problems and perils in relying on analogies with physical armed force to extend these legal regimes to most events in cyberspace. Armed conflict models applied to the use of information as a weapon and a target are instead likely to generate legal phantoms in cyberspace-that is, situations in which numerous policy questions and domestic criminal issues are often misinterpreted as legal problems governed by the IHL framework or the jus ad bellum. This Article assesses this dilemma in the context of four key problem areas relating to dimensions of information: (1) problems of origin, organization, and availability; (2) problems of access and control; (3) problems of exploitation; and (4) problems of manipulation and content