Trace malicious source to guarantee cyber security for mass monitor critical infrastructure

The proposed traceback scheme does not take into account the trust of node which leads to the low effectiveness. A trust-aware probability marking (TAPM) traceback scheme is proposed to locate malicious source quickly. In TAPM scheme, the node is marked with difference marking probability according to its trust which is deduced by trust evaluation. The high marking probability for low trust node can locate malicious source quickly, and the low marking probability for high trust node can reduce the number of marking to improve the network lifetime, so the security and the network lifetime can be improved in TAPM scheme

The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

Securing Critical Infrastructures

1noL'abstract è presente nell'allegato / the abstract is in the attachmentopen677. INGEGNERIA INFORMATInoopenCarelli, Albert

A Game of One/Two Strategic Friendly Jammers Versus a Malicious Strategic Node

We present a game-theoretic analysis of the interaction between a malicious node, attempting to perform unauthorized radio transmission, and friendly jammers trying to disrupt the malicious communications. We investigate the strategic behavior of the jammers against a rational malicious node and highlight counterintuitive results for this conflict. We also analyze the impact of multiple friendly jammers sharing the same goal but acting without coordination; we find out that this scenario offers a better payoff for the jammers, which has some strong implications on how to implement friendly jamming

Collaborative Intrusion Detection in Federated Cloud Environments

Moving services to the Cloud is a trend that has steadily gained popularity over recent years, with a constant increase in sophistication and complexity of such services. Today, critical infrastructure operators are considering moving their services and data to the Cloud. Infrastructure vendors will inevitably take advantage of the benefits Cloud Computing has to offer. As Cloud Computing grows in popularity, new models are deployed to exploit even further its full capacity, one of which is the deployment of Cloud federations. A Cloud federation is an association among different Cloud Service Providers (CSPs) with the goal of sharing resources and data. In providing a larger-scale and higher performance infrastructure, federation enables on-demand provisioning of complex services. In this paper we convey our contribution to this area by outlining our proposed methodology that develops a robust collaborative intrusion detection methodology in a federated Cloud environment. For collaborative intrusion detection we use the Dempster-Shafer theory of evidence to fuse the beliefs provided by the monitoring entities, taking the final decision regarding a possible attack. Protecting the federated Cloud against cyber attacks is a vital concern, due to the potential for significant economic consequences

A Survey on Botnet Attacks

Devices connected to the Internet are the target of numerous attacks to steal or exploit their resources. As these attacks become widespread (and sophisticated), the first step in protecting your organization is knowing exactly what you are facing. We currently have botnets that are the main source of network attacks such as spam, denial of service (DDoS), click fraud, data theft, Pass the Hash, and RDC attack. With the evolution of technology, we have several solutions to protect against attacks that undermine businesses, governments, individuals, but security attack methods are increasing daily. This study seeks further investigate botnet attacks and also provide a comparison of these attacks, lastly, the survey will create awareness for forthcoming botnet research endeavors

Reducing the Threat of State-to-State Cyber Attack against Critical Infrastructure through International Norms and Agreements

The global proliferation of networked computer systems within the public and private sectors presents an increased opportunity for malicious cyber attacks to disrupt the daily functions of governments, national emergency systems, the global economy, and our modern way of life. The potentially pandemic nature of network failures presents opportunities for states to work together to identify key infrastructure sectors of shared interest and formulate international norms and strategies to protect them from cyber attacks and prevent cascading failures within modern society. Nation-states that share information infrastructure critical to modern social functions will have a vested interest in protecting these systems from cyber attacks while mitigating their own inclination to attack these same networks. This paper outlines the state-to-state cyber threat to critical-system infrastructures and the role international agreements can play in limiting this threat. The paper has been structured as follows. It begins by defining a critical system and discussing the actors who pose threats to these systems and the motivations behind their decisions. This is followed by a detailed description of a hypothetical scenario that depicts the methods by which one state could attack another state’s critical infrastructure, to include the motivations behind the attack. In conclusion, it makes recommendations regarding the development of an international agreement designed to limit this specific type of attack

Navigating the IoT landscape: Unraveling forensics, security issues, applications, research challenges, and future

Given the exponential expansion of the internet, the possibilities of security attacks and cybercrimes have increased accordingly. However, poorly implemented security mechanisms in the Internet of Things (IoT) devices make them susceptible to cyberattacks, which can directly affect users. IoT forensics is thus needed for investigating and mitigating such attacks. While many works have examined IoT applications and challenges, only a few have focused on both the forensic and security issues in IoT. Therefore, this paper reviews forensic and security issues associated with IoT in different fields. Future prospects and challenges in IoT research and development are also highlighted. As demonstrated in the literature, most IoT devices are vulnerable to attacks due to a lack of standardized security measures. Unauthorized users could get access, compromise data, and even benefit from control of critical infrastructure. To fulfil the security-conscious needs of consumers, IoT can be used to develop a smart home system by designing a FLIP-based system that is highly scalable and adaptable. Utilizing a blockchain-based authentication mechanism with a multi-chain structure can provide additional security protection between different trust domains. Deep learning can be utilized to develop a network forensics framework with a high-performing system for detecting and tracking cyberattack incidents. Moreover, researchers should consider limiting the amount of data created and delivered when using big data to develop IoT-based smart systems. The findings of this review will stimulate academics to seek potential solutions for the identified issues, thereby advancing the IoT field.Comment: 77 pages, 5 figures, 5 table

Analysis of the Australian Government’s Security Strategy in Countering the Potential Threat of Terrorism Groups Through Cyber Terrorism Instruments

This paper discusses the strategies adopted by Australia in dealing with and overcoming the violent acts of Cyber Terrorism. Since the terrorist attack on September 11, 2001 in the United States, countries in the world have assumed the existence of terrorist groups as a global threat. Globalization has enabled the terrorist groups to transform conventional media in the cyber world into the infamous cyber terrorism which they use as a propaganda instrument for recruitment, providing logistics, training, forming paramilitaries, planning, carrying out attacks, hiding, and funding. This paper discussed the concept Australian national security which has developed beyond military. The concept of security according to the non-traditional approach is emphasized on the security interests of non-state actors (non-state actors). The present research used descriptive qualitative research, employing literature review or library research for data collection. The results found that the Australian government remains vigilant against cyberterrorism through law enforcement and international cooperation. The Australian government has stipulated the Criminal Code Act 1995 part 5.3 to fight against the acts of terrorism. In addition, to increase domestic skills in cyberspace, The Australian government also establish Australia's Cyber Security, through which the Australian Cyber Security Centre (ACSC) founded Joint Cyber Security Centres (JCSCs), AustCyber, the Australian Cyber Security Growth Network, and the Cyber Security Cooperative Research Centre.  and. Australia is also committed to supporting and maintaining international mechanisms that promote stability and to working with partners on a voluntary basis to prevent and respond to threats, including cyber terrorism