Can maturity models support cyber security?

© 2016 IEEE. We are living in a cyber space with an unprecedented rapid expansion of the space and its elements. All interactive information is processed and exchanged via this space. Clearly a well-built cyber security is vital to ensure the security of the cyber space. However the definitions and scopes of both cyber space and cyber security are still not well-defined and this makes it difficult to establish sound security models and mechanisms for protecting this space. Out of existing models, maturity models offer a manageable approach for assessing the security level of a system or organization. The paper first provides a review of various definitions of cyber space and cyber security in order to ascertain a common understanding of the space and its security. The paper investigates existing security maturity models, focusing on their defining characteristics and identifying their strengths and weaknesses. Finally, the paper discusses and suggests measures for a sound and applicable cyber security model

Capability maturity model and metrics framework for cyber cloud security

© 2017 SCPE. Cyber space is affecting all areas of our life. Cloud computing is the cutting-edge technology of this cyber space and has established itself as one of the most important resources sharing technologies for future on-demand services and infrastructures that support Internet of Things (IOTs), big data platforms and software-defined systems/services. More than ever, security is vital for cloud environment. There exist several cloud security models and standards dealing with emerging cloud security threats. However, these models are mostly reactive rather than proactive and they do not provide adequate measures to assess the overall security status of a cloud system. Out of existing models, capability maturity models, which have been used by many organizations, offer a realistic approach to address these problems using management by security domains and security assessment on maturity levels. The aim of the paper is twofold: first, it provides a review of capability maturity models and security metrics; second, it proposes a cloud security capability maturity model (CSCMM) that extends existing cyber security models with a security metric framework

Security threat probability computation using Markov Chain and Common Vulnerability Scoring System

© 2018 IEEE. Security metrics have become essential for assessing the security risks and making effective decisions concerning system security. Many security metrics rely on mathematical models, but are mainly based on empirical data, qualitative method, or compliance checking and this renders the outcome far from accurate. This paper proposes a novel approach to compute the probability distribution of cloud security threats based on Markov chain and Common Vulnerability Scoring System (CVSS). The paper gives an application on cloud systems to demonstrate the use of the proposed approach

A Threat Computation Model using a Markov Chain and Common Vulnerability Scoring System and its Application to Cloud Security

Copyright © 2019 Securing cyber infrastructures has become critical because they are increasingly exposed to attackers while accommodating a huge number of IoT devices and supporting numerous sophisticated emerging applications. Security metrics are essential for assessing the security risks and making effective decisions concerning system security. Many security metrics rely on mathematical models, but are mainly based on empirical data, qualitative methods, or compliance checking, and this renders the outcome far from satisfactory. Computing the probability of an attack, or more precisely a threat that materialises into an attack, forms an essential basis for a quantitative security metric. This paper proposes a novel approach to compute the probability distribution of cloud security threats based on a Markov chain and Common Vulnerability Scoring System. Moreover, the paper introduces the method to estimate the probability of security attacks. The use of the new security threat model and its computation is demonstrated through their application to estimating the probabilities of cloud threats and types of attacks

MLAMAN: a novel multi-level authentication model and protocol for preventing wormhole attack in mobile ad hoc network

© 2018, Springer Science+Business Media, LLC, part of Springer Nature. Wormhole attack is a serious security issue in Mobile Ad hoc Network where malicious nodes may distort the network topology and obtain valuable information. Many solutions, based on round trip time, packet traversal time, or hop-count, have been proposed to detect wormholes. However, these solutions were only partially successful in dealing with node high-speed mobility, variable tunnel lengths, and fake information by malicious nodes. To address those issues, this paper proposes a novel multi-level authentication model and protocol (MLAMAN) for detecting and preventing wormhole attacks reliably. MLAMAN allows all intermediate nodes to authenticate control packets on a hop-by-hop basis and at three levels: (1) the packet level where the integrity of the packets can be verified, (2) the node membership level where a public key holder-member can be certified, and (3) the neighborhood level where the neighborhood relationship between nodes can be determined. The novelty of the model is that it prevents malicious nodes from joining the network under false information and pretense. It detects wormhole nodes effectively under various scenarios including variable tunnel lengths and speeds of moving nodes. The effectiveness of our approach is confirmed by simulation results through various scenarios

FAPRP: A Machine Learning Approach to Flooding Attacks Prevention Routing Protocol in Mobile Ad Hoc Networks

© 2019 Ngoc T. Luong et al. Request route flooding attack is one of the main challenges in the security of Mobile Ad Hoc Networks (MANETs) as it is easy to initiate and difficult to prevent. A malicious node can launch an attack simply by sending an excessively high number of route request (RREQ) packets or useless data packets to nonexistent destinations. As a result, the network is rendered useless as all its resources are used up to serve this storm of RREQ packets and hence unable to perform its normal routing duty. Most existing research efforts on detecting such a flooding attack use the number of RREQs originated by a node per unit time as the threshold to classify an attacker. These algorithms work to some extent; however, they suffer high misdetection rate and reduce network performance. This paper proposes a new flooding attacks detection algorithm (FADA) for MANETs based on a machine learning approach. The algorithm relies on the route discovery history information of each node to capture similar characteristics and behaviors of nodes belonging to the same class to decide if a node is malicious. The paper also proposes a new flooding attacks prevention routing protocol (FAPRP) by extending the original AODV protocol and integrating FADA algorithm. The performance of the proposed solution is evaluated in terms of successful attack detection ratio, packet delivery ratio, and routing load both in normal and under RREQ attack scenarios using NS2 simulation. The simulation results show that the proposed FAPRP can detect over 99% of RREQ flooding attacks for all scenarios using route discovery frequency vector of sizes larger than 35 and performs better in terms of packet delivery ratio and routing load compared to existing solutions for RREQ flooding attacks

Energy Management and Time Scheduling for Heterogeneous IoT Wireless-Powered Backscatter Networks

© 2019 IEEE. In this paper, we propose a novel approach to jointly address energy management and network throughput maximization problems for heterogeneous IoT low-power wireless communication networks. In particular, we consider a low-power communication network in which the IoT devices can harvest energy from a dedicated RF energy source to support their transmissions or backscatter the signals of the RF energy source to transmit information to the gateway. Different IoT devices may have dissimilar hardware configurations, and thus they may have various communications types and energy requirements. In addition, the RF energy source may have a limited energy supply source which needs to be minimized. Thus, to maximize the network throughput, we need to jointly optimize energy usage and operation time for the IoT devices under different energy demands and communication constraints. However, this optimization problem is non-convex due to the strong relation between energy supplied by the RF energy source and the IoT communication time, and thus obtaining the optimal solution is intractable. To address this problem, we study the relation between energy supply and communication time, and then transform the non-convex optimization problem to an equivalent convex-optimization problem which can achieve the optimal solution. Through simulation results, we show that our solution can achieve greater network throughputs (up to five times) than those of other conventional methods, e.g., TDMA. In addition, the simulation results also reveal some important information in controlling energy supply and managing low-power IoT devices in heterogeneous wireless communication networks