Network Defence Using Attacker-Defender Interaction Modelling

Network security is still lacking an efficient system which selects a response action based on observed security events and which is capable of running autonomously. The main reason for this is the lack of an effective defence strategy. In this Ph.D., we endeavour to create such a defence strategy. We propose to model the interaction between an attacker and a defender to comprehend how the attacker’s goals affect his actions and use the model as a basis for a more refined network defence strategy. We formulate the research questions that need to be answered and we discuss, how the answers to these questions relate to the proposed solution. This research is at the initial phase and will contribute to a Ph.D. thesis in four years

Cyber security: From regulations and policies to practice

The major target of cyber attacks is a country’s Critical National Infrastructure (CNI) such as ports, hospitals, water, gas or electricity producers, which use and rely upon Supervisory Control and Data Acquisitions (SCADA) and Industrial Control Systems (ICS) to manage their production. Protection of CNIs becomes an essential issue to be considered. Generally, available protective measures are classified according to legal, technical, organizational, capacity building, and cooperation aspects. In this article, we discuss regulations and policies that may be used to tackle cyber attacks to CNIs along with practical measures that need to be taken in order for these regulations to be effective. Attribution of cyber attacks, especially when these originate from another nation, is questionable regarding which country or law enforcement agency has the authority to investigate and prosecute the penetrators