1,234 research outputs found
Mining Threat Intelligence about Open-Source Projects and Libraries from Code Repository Issues and Bug Reports
Open-Source Projects and Libraries are being used in software development
while also bearing multiple security vulnerabilities. This use of third party
ecosystem creates a new kind of attack surface for a product in development. An
intelligent attacker can attack a product by exploiting one of the
vulnerabilities present in linked projects and libraries.
In this paper, we mine threat intelligence about open source projects and
libraries from bugs and issues reported on public code repositories. We also
track library and project dependencies for installed software on a client
machine. We represent and store this threat intelligence, along with the
software dependencies in a security knowledge graph. Security analysts and
developers can then query and receive alerts from the knowledge graph if any
threat intelligence is found about linked libraries and projects, utilized in
their products
Security Management Framework for the Internet of Things
The increase in the design and development of wireless communication technologies
offers multiple opportunities for the management and control of cyber-physical systems
with connections between smart and autonomous devices, which provide the delivery
of simplified data through the use of cloud computing. Given this relationship with the
Internet of Things (IoT), it established the concept of pervasive computing that allows
any object to communicate with services, sensors, people, and objects without human
intervention. However, the rapid growth of connectivity with smart applications through
autonomous systems connected to the internet has allowed the exposure of numerous
vulnerabilities in IoT systems by malicious users.
This dissertation developed a novel ontology-based cybersecurity framework to
improve security in IoT systems using an ontological analysis to adapt appropriate
security services addressed to threats. The composition of this proposal explores
two approaches: (1) design time, which offers a dynamic method to build security
services through the application of a methodology directed to models considering
existing business processes; and (2) execution time, which involves monitoring the IoT
environment, classifying vulnerabilities and threats, and acting in the environment,
ensuring the correct adaptation of existing services.
The validation approach was used to demonstrate the feasibility of implementing the
proposed cybersecurity framework. It implies the evaluation of the ontology to offer
a qualitative evaluation based on the analysis of several criteria and also a proof of
concept implemented and tested using specific industrial scenarios. This dissertation
has been verified by adopting a methodology that follows the acceptance in the research
community through technical validation in the application of the concept in an industrial
setting.O aumento no projeto e desenvolvimento de tecnologias de comunicação sem fio oferece
múltiplas oportunidades para a gestão e controle de sistemas ciber-físicos com conexões
entre dispositivos inteligentes e autônomos, os quais proporcionam a entrega de dados
simplificados através do uso da computação em nuvem. Diante dessa relação com
a Internet das Coisas (IoT) estabeleceu-se o conceito de computação pervasiva que
permite que qualquer objeto possa comunicar com os serviços, sensores, pessoas e objetos
sem intervenção humana. Entretanto, o rápido crescimento da conectividade com as
aplicações inteligentes através de sistemas autônomos conectados com a internet permitiu
a exposição de inúmeras vulnerabilidades dos sistemas IoT para usuários maliciosos.
Esta dissertação desenvolveu um novo framework de cibersegurança baseada em
ontologia para melhorar a segurança em sistemas IoT usando uma análise ontológica
para a adaptação de serviços de segurança apropriados endereçados para as ameaças. A
composição dessa proposta explora duas abordagens: (1) tempo de projeto, o qual oferece
um método dinâmico para construir serviços de segurança através da aplicação de uma
metodologia dirigida a modelos, considerando processos empresariais existentes; e (2)
tempo de execução, o qual envolve o monitoramento do ambiente IoT, a classificação de
vulnerabilidades e ameaças, e a atuação no ambiente garantindo a correta adaptação dos
serviços existentes.
Duas abordagens de validação foram utilizadas para demonstrar a viabilidade da
implementação do framework de cibersegurança proposto. Isto implica na avaliação da
ontologia para oferecer uma avaliação qualitativa baseada na análise de diversos critérios
e também uma prova de conceito implementada e testada usando cenários específicos.
Esta dissertação foi validada adotando uma metodologia que segue a validação na
comunidade científica através da validação técnica na aplicação do nosso conceito em
um cenário industrial
Evaluation of Cloud-Based Cyber Security System
Cloud-based cyber security systems leverage the power of cloud computing to protect digital assets from cyber threats. By utilizing remote servers and advanced algorithms, these systems provide real-time monitoring, threat detection, and incident response. They offer scalable solutions, enabling businesses to adapt to evolving threats and handle increasing data volumes. Cloud-based security systems provide benefits such as reduced infrastructure costs, continuous updates and patches, centralized management, and global threat intelligence. They protect against various attacks, including malware, phishing, DDoS, and unauthorized access. With their flexibility, reliability, and ease of deployment, cloud-based cyber security systems are becoming essential for organizations seeking robust protection in today's interconnected digital landscape. The research significance of cloud-based cyber security systems lies in their ability to address the growing complexity and scale of cyber threats in today's digital landscape. By leveraging cloud computing, these systems offer several key advantages for researchers and organizations: Scalability: Cloud-based systems can scale resources on-demand, allowing researchers to handle large volumes of data and analyze complex threat patterns effectively. Cost-efficiency: The cloud eliminates the need for extensive on-premises infrastructure, reducing costs associated with hardware, maintenance, and upgrades. Researchers can allocate resources based on their needs, optimizing cost-effectiveness. Real-time monitoring and threat detection: Cloud-based systems provide real-time monitoring of network traffic, enabling quick identification of suspicious activities and potential threats. Researchers can leverage advanced analytics and machine learning algorithms to enhance threat detection capabilities. Collaboration and knowledge sharing: Cloud platforms facilitate collaboration among researchers and organizations by enabling the sharing of threat intelligence, best practices, and research findings. Compliance and regulatory requirements: Cloud platforms often offer built-in compliance features and tools to meet regulatory requirements, assisting researchers in adhering to data protection and privacy standards. Overall, the research significance of cloud-based cyber security systems lies in their ability to provide scalable, cost-effective, and advanced security capabilities, empowering researchers to mitigate evolving cyber threats and protect sensitive data and systems effectively. We will be using Weighted Product Methodology (WPM) which is a decision-making technique that assigns weights to various criteria and ranks alternatives based on their weighted scores. It involves multiplying the ratings of each criterion by their corresponding weights and summing them up to determine the overall score. This method helps prioritize options and make informed decisions in complex situations. Taken of Operational, Technological, Organizational Recorded Electronic Delivery, Recorded Electronic Deliver, Blockchain technology, Database security, Software updates, Antivirus and antimalware The Organizational cyber security measures comes in last place, while Technological cyber security measures is ranked top and Operational measures comes in between the above two in second place. In conclusion, a cloud-based cyber security system revolutionizes the way organizations safeguard their digital assets. By utilizing remote servers, advanced algorithms, and real-time monitoring, it offers scalable and robust protection against evolving threats. With features like threat detection, data encryption, and centralized management, it ensures enhanced security, agility, and efficiency. Embracing a cloud-based approach empowers organizations to stay ahead in the ever-changing landscape of cyber security, effectively safeguarding their critical data and infrastructure
Developing and Building Ontologies in Cyber Security
Cyber Security is one of the most arising disciplines in our modern society.
We work on Cybersecurity domain and in this the topic we chose is Cyber
Security Ontologies. In this we gather all latest and previous ontologies and
compare them on the basis of different analyzing factors to get best of them.
Reason to select this topic is to assemble different ontologies from different
era of time. Because, researches that included in this SLR is mostly studied
single ontology. If any researcher wants to study ontologies, he has to study
every single ontology and select which one is best for his research. So, we
assemble different types of ontology and compare them against each other to get
best of them. A total 24 papers between years 2010-2020 are carefully selected
through systematic process and classified accordingly. Lastly, this SLR have
been presented to provide the researchers promising future directions in the
domain of cybersecurity ontologies.Comment: 8 pages, 2 figure
Ontology in Information Security
The past several years we have witnessed that information has become the most precious asset, while protection and security of information is becoming an ever greater challenge due to the large amount of knowledge necessary for organizations to successfully withstand external threats and attacks. This knowledge collected from the domain of information security can be formally described by security ontologies. A large number of researchers during the last decade have dealt with this issue, and in this paper we have tried to identify, analyze and systematize the relevant papers published in scientific journals indexed in selected scientific databases, in period from 2004 to 2014. This paper gives a review of literature in the field of information security ontology and identifies a total of 52 papers systematized in three groups: general security ontologies (12 papers), specific security ontologies (32 papers) and theoretical works (8 papers). The papers were of different quality and level of detail and varied from presentations of simple conceptual ideas to sophisticated frameworks based on ontology
Cybersecurity knowledge graphs
Cybersecurity knowledge graphs, which represent cyber-knowledge with a graph-based data model, provide holistic approaches for processing massive volumes of complex cybersecurity data derived from diverse sources. They can assist security analysts to obtain cyberthreat intelligence, achieve a high level of cyber-situational awareness, discover new cyber-knowledge, visualize networks, data flow, and attack paths, and understand data correlations by aggregating and fusing data. This paper reviews the most prominent graph-based data models used in this domain, along with knowledge organization systems that define concepts and properties utilized in formal cyber-knowledge representation for both background knowledge and specific expert knowledge about an actual system or attack. It is also discussed how cybersecurity knowledge graphs enable machine learning and facilitate automated reasoning over cyber-knowledge
- …