Cyber situational awareness: from geographical alerts to high-level management

This paper focuses on cyber situational awareness and describes a visual analytics solution for monitoring and putting in tight relation data from network level with the organization business. The goal of the proposed solution is to make different security profiles (network security officer, network security manager, and financial security manager) aware of the actual network state (e.g., risk and attack progress) and the impact it actually has on the business tasks, making clear the relationships that exist between the network level and the business level. The proposed solution is instantiated on the ACEA infrastructure, the Italian company that provides power and water purification services to cities in central Italy (millions of end users

Modeling emergency management data by UML as an extension of geographic data sharing model: AST approach

Applying GIS functionality provides a powerful decision support in various application areas and the basis to integrate policies directed to citizens, business, and governments. The focus is changing toward integrating these functions to find optimal solutions to complex problems. As an integral part of this approach, geographic data sharing model for Turkey were developed as a new approach that enables using the data corporately and effectively. General features of this model are object-oriented model, based on ISO/TC211 standards and INSPIRE Data Specifications, describing nationwide unique object identifiers, and defining a mechanism to manage object changes through time. The model is fully described with Unified Modeling Language (UML) class diagram. This can be a starting point for geographic data providers in Turkey to create sector models like Emergency Management that has importance because of the increasing number of natural and man-made disasters. In emergency management, this sector model can provide the most appropriate data to many "Actors" that behave as emergency response organizations such as fire and medical departments. Actors work in "Sectors" such as fire department and urban security. Each sector is responsible for "Activities" such as traffic control, fighting dire, emission, and so on. "Tasks" such as registering incident, fire response, and evacuating area are performed by actors and part of activity. These tasks produce information for emergency response and require information based on the base data model. By this way, geographic data models of emergency response are designed and discussed with "Actor-Sector-Activity-Task" classes as an extension of the base model with some cases from Turkey

Interoperability, Trust Based Information Sharing Protocol and Security: Digital Government Key Issues

Improved interoperability between public and private organizations is of key significance to make digital government newest triumphant. Digital Government interoperability, information sharing protocol and security are measured the key issue for achieving a refined stage of digital government. Flawless interoperability is essential to share the information between diverse and merely dispersed organisations in several network environments by using computer based tools. Digital government must ensure security for its information systems, including computers and networks for providing better service to the citizens. Governments around the world are increasingly revolving to information sharing and integration for solving problems in programs and policy areas. Evils of global worry such as syndrome discovery and manage, terror campaign, immigration and border control, prohibited drug trafficking, and more demand information sharing, harmonization and cooperation amid government agencies within a country and across national borders. A number of daunting challenges survive to the progress of an efficient information sharing protocol. A secure and trusted information-sharing protocol is required to enable users to interact and share information easily and perfectly across many diverse networks and databases globally.Comment: 20 page

Towards a relation extraction framework for cyber-security concepts

In order to assist security analysts in obtaining information pertaining to their network, such as novel vulnerabilities, exploits, or patches, information retrieval methods tailored to the security domain are needed. As labeled text data is scarce and expensive, we follow developments in semi-supervised Natural Language Processing and implement a bootstrapping algorithm for extracting security entities and their relationships from text. The algorithm requires little input data, specifically, a few relations or patterns (heuristics for identifying relations), and incorporates an active learning component which queries the user on the most important decisions to prevent drifting from the desired relations. Preliminary testing on a small corpus shows promising results, obtaining precision of .82.Comment: 4 pages in Cyber & Information Security Research Conference 2015, AC

Securing the Participation of Safety-Critical SCADA Systems in the Industrial Internet of Things

In the past, industrial control systems were ‘air gapped’ and isolated from more conventional networks. They used specialist protocols, such as Modbus, that are very different from TCP/IP. Individual devices used proprietary operating systems rather than the more familiar Linux or Windows. However, things are changing. There is a move for greater connectivity – for instance so that higher-level enterprise management systems can exchange information that helps optimise production processes. At the same time, industrial systems have been influenced by concepts from the Internet of Things; where the information derived from sensors and actuators in domestic and industrial components can be addressed through network interfaces. This paper identifies a range of cyber security and safety concerns that arise from these developments. The closing sections introduce potential solutions and identify areas for future research

Indonesian Innovations on Information Technology 2013: Between Syntactic and Semantic Textual Network\ud

Network and graph model is a good alternative to analyze huge collective textual data for the ability to reduce the dimensionality of the data. Texts can be seen as syntactic and semantic network among words and phrases seen as concepts. The model is implemented to observe the proposals of Indonesian innovators for implementation of information technology. From the analysis some interesting insights are outlined