Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences

In this survey, we first briefly review the current state of cyber attacks, highlighting significant recent changes in how and why such attacks are performed. We then investigate the mechanics of malware command and control (C2) establishment: we provide a comprehensive review of the techniques used by attackers to set up such a channel and to hide its presence from the attacked parties and the security tools they use. We then switch to the defensive side of the problem, and review approaches that have been proposed for the detection and disruption of C2 channels. We also map such techniques to widely-adopted security controls, emphasizing gaps or limitations (and success stories) in current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages. Listing abstract compressed from version appearing in repor

Securing intellectual capital:an exploratory study in Australian universities

Purpose – To investigate the links between IC and the protection of data, information and knowledge in universities, as organizations with unique knowledge-related foci and challenges.Design/methodology/approach – We gathered insights from existing IC-related research publications to delineate key foundational aspects of IC, identify and propose links to traditional information security that impact the protection of IC. We conducted interviews with key stakeholders in Australian universities in order to validate these links.Findings – Our investigation revealed two kinds of embeddedness characterizing the organizational fabric of universities: (1) vertical and (2) horizontal, with an emphasis on the connection between these and IC-related knowledge protection within these institutions.Research implications – There is a need to acknowledge the different roles played by actors within the university, and the relevance of information security to IC-related preservation.Practical implications – Framing information security as an IC-related issue can help IT security managers communicate the need for knowledge security with executives in higher education, and secure funding to preserve and secure such IC-related knowledge, once its value is recognized.Originality/value – This is one of the first studies to explore the connections between data and information security and the three core components of IC’s knowledge security in the university context

Engaging youth in post-disaster research: Lessons learned from a creative methods approach

Children and youth often demonstrate resilience and capacity in the face of disasters. Yet, they are typically not given the opportunities to engage in youth-driven research and lack access to official channels through which to contribute their perspectives to policy and practice during the recovery process. To begin to fill this void in research and action, this multi-site research project engaged youth from disaster-affected communities in Canada and the United States. This article presents a flexible youth-centric workshop methodology that uses participatory and arts-based methods to elicit and explore youth’s disaster and recovery experiences. The opportunities and challenges associated with initiating and maintaining partnerships, reciprocity and youth-adult power differentials using arts-based methods, and sustaining engagement in post-disaster settings, are discussed. Ultimately, this work contributes to further understanding of the methods being used to conduct research for, with, and about youth.Keywords: youth, disaster recovery, engagement, resilience, arts-based methods, participatory researc