Transparent password policies: A case study of investigating end-user situational awareness

Transparent password policies are utilized by organizations in an effort to ease the user from the burden of configuring authentication settings while maintaining a high level of security. However, authentication transparency can challenge security and usability and can impact the awareness of the end-users with regards to the protection level that is realistically achieved. For authentication transparency to be effective, the triptych security – usability – situational awareness should be considered when designing relevant security solutions. Although various efforts have been made in the literature, the usability aspects of the password selection process are not well understood or addressed in the context of end-user situational awareness. This research work specifies three security and usability-related strategies that represent the organizations’, the end users’ and the attackers’ objectives with regards to password construction. Understanding each actor’s perspective can greatly assist in increasing situational awareness with regards to the authentication controls usage and effectiveness. Furthermore, a case study is presented to evaluate if, and in what way, transparent password policies, that isolate users’ involvement can affect the perspective of the end-user with regards to the security situation. Results showed that the transparent approached utilized has created a negative situation, users were not aware and never dealt with changing or trying to alter default security settings, leaving their home network vulnerable to external attacks. Finally, initial recommendations are made to organizations that would like to implement and evaluate transparent authentication controls

Situation aware intrusion recovery policy in WSNs

Wireless Sensor Networks (WSNs) have been gaining tremendous research attention the last few years as they support a broad range of applications in the context of the Internet of Things. WSN-driven applications greatly depend on the sensors’ observations to support decision-making and respond accordingly to reported critical events. In case of compromisation, it is vital to recover compromised WSN services and continue to operate as expected. To achieve an effective restoration of compromised WSN services, sensors should be equipped with the logic to take recovery decisions and self-heal. Self-healing is challenging as sensors should be aware of a variety of aspects in order to take effective decisions and maximize the recovery benefits. So far situation awareness has not been actively investigated in an intrusion recovery context. This research work formulates situation aware intrusion recovery policy design guidelines in order to drive the design of new intrusion recovery solutions that are operated by an adaptable policy. An adaptable intrusion recovery policy is presented taking into consideration the proposed design guidelines. The evaluation results demonstrate that the proposed policy can address advanced attack strategies and aid the sensors to recover the network’s operation under different attack situations and intrusion recovery requirements

WSN operability during persistent attack execution

Wireless Sensor Networks (WSNs) are utilized in a number of critical infrastructures, e.g. healthcare, disaster and relief. In sensitive environments, it is vital to maintain the operability of the network in an effort to support the decision-making process that depends on the sensors’ observations. The network’s operability can be maintained if observations can reach the specified destination and also if the sensors have adequate energy resources. The operability is negatively affected by security attacks, such as the selective forward and the denial of service (DoS), that can be executed against the WSN. The attacks’ impact greatly depends on the attackers’ capabilities such as their knowledge and the number of malicious nodes they hold. Currently, the research community focuses on addressing casual attackers that don’t persist with their attack strategy. However, the proposed solutions cannot address persistent attackers that continue with their attack execution after the network has applied appropriate recovery countermeasures. Designing an adaptive recovery strategy is challenging as a number of issues need to be taken into consideration such as the network’s density, the number of malicious nodes and the persistent attack strategy. This research work formulates a persistent attack strategy and investigates the integration of different recovery countermeasures in WSNs. The evaluation results demonstrate that an adaptive recovery strategy can enhance the network’s recovery benefits, in terms of increased packet delivery and decreased energy consumption, and prolong its operability. Moreover, the observations made are envisioned to encourage new contributions in the area of adaptive intrusion recovery in WSNs

Back to Basics: Towards Building Societal Resilience Against a Cyber Pandemic

Cybersecurity experts have long been discussing the potential of a cyber pandemic leading to a massive disruption of ICT operations with a devastating societal impact. Even though society has not faced yet the full potential of a cyber pandemic, the recent COVID-19 pandemic demonstrated how a cyber pandemic can look like at its initial stages. Unfortunately, citizens proofed to be unprepared to handle the COVID-19 threat landscape and how fast cyber-attacks escalated at a global scale targeting individuals, corporations, and governments, all at once. This clearly demonstrates that society, at a global scale, is not adequately prepared to defend against a cyber pandemic, despite all the efforts of the cybersecurity community. Cybersecurity awareness and training efforts have been delivered as part of a national or corporate cybersecurity strategy, aiming to promote a cyber hygiene and enhance protection against cyber-attacks on an individual, a corporate, or a national level. The current level of citizens’ cybersecurity awareness is not yet the desired and actions need to be taken to upscale it. Thus, it is time to take a step back to identify what is missing from current awareness efforts and reconsider how people learn. This knowledge can drive the redesign of the national and corporate cybersecurity awareness activities, effectively building citizens’ cyber skills and knowledge, and leading to the development of robust cyber resilient societies, capable of defending and withstanding a future cyber pandemic

The Development of a Multidisciplinary Cybersecurity Workforce: An Investigation

The unexpected digital transformation that was forced due to COVID-19 found many citizens and organizations unprepared to deal with the relevant technological advances and the cyber threat landscape. This outcome high-lighted once more the cybersecurity skills shortage and the necessity to ad-dress this gap. A solution to this, is to consider a multidisciplinary cybersecurity workforce with professionals originating from different backgrounds, beyond the traditional ones such as computing and IT. To be able to engage people though, they need to be aware of the possibilities that exist in cyber-security for those that originate from non-traditional disciplines. Moreover, cybersecurity professionals need to be aware of the added value when collaborating with these professionals. These are aspects that need to be extensively investigated to provide insights to academia and industry, to develop education and training curricula towards building a multidisciplinary cyber-security workforce. This paper investigated these aspects in a Further Education and Higher Education College in the UK, where 88 students from 5 disciplines were surveyed, providing valuable observations as to the interest of students, and future professionals, to work in cybersecurity industry and their perception on the subject disciplines relevant to cybersecurity jobs

A password generator tool to increase users’ awareness on bad password construction strategies

Cybersecurity education and training activities are essential to empower end users to take informed decisions and address cyber threats. An ongoing problem that still troubles the cybersecurity community is the selection of weak passwords. Users keep using weak passwords, cultivating the risk of compromisation. Users often choose passwords that appear to be strong. This creates a false sense of security as users have the belief that their passwords cannot be guessed. Unfortunately, given that attackers are aware of the users’ habits, they often recover users’ passwords. Therefore, it is imperative to educate people about the bad password construction strategies and empower them to select stronger passwords. Educational activities should be enhanced by integrating practical aspects that will assist the users to realize the problem. This work identifies and combines a range of bad password construction strategies and designs a relevant tool to practically demonstrate the strategies to the users

Cybersecurity-related Curriculum for Diverse Postgraduate Cohorts: A Case Study

Cyber threats have highly increased over the last decade, including ransomware, identity stealing, etc. Ensuring the security of cyberspace is imperative and should constitute a top priority for society to promote its growth and support its sustainability. Educational organizations, worldwide, have recognized the need to educate people on cybersecurity. This need has driven educational organizations to design postgraduate cybersecurity curriculums to educate and train recent graduates and IT professionals. Having a diverse audience, with different experiences and backgrounds with regards to knowledge and practical skills, can greatly challenge the design and delivery of a cybersecurity curriculum. Moreover, the fact that blended environments are promoted, where a curriculum is delivered to both face-to-face and distance learning students, can challenge the curriculum design and delivery even further. This paper presents a case study, critically discussing the challenges in the design and delivery of an ethical hacking curriculum targeting diverse postgraduate cohorts in conventional and distance learning. Moreover, the utilized practices that have successfully addressed the challenges are discussed. The aim of this work is to assist curriculum planners and developers to deliver an enhanced teaching and learning cybersecurity environment

Global Perspectives on Cybersecurity Education for 2030: A Case for a Meta-discipline

Information security has been an area of research and teaching within various computing disciplines in higher education almost since the beginnings of modern computers. The need for security in computing curricula has steadily grown over this period. Recently, with an emerging global crisis, because of the limitations of security within the nascent information technology infrastructure, the field of “cybersecurity” is emerging with international interest and support. Recent evolution of cybersecurity shows that it has begun to take shape as a true academic perspective, as opposed to simply being a training domain for certain specialized jobs. This report starts from the premise that cybersecurity is a “meta-discipline.” That is, cybersecurity is used as an aggregate label for a wide variety of similar disciplines, much in the same way that the terms “engineering” and “computing” are commonly used. Thus, cybersecurity should be formally interpreted as a meta-discipline with a variety of disciplinary variants, also characterized through a generic competency model. The intention is that this simple organizational concept will improve the clarity with which the field matures, resulting in improved standards and goals for many different types of cybersecurity programs

Intrusion Recovery in NLOS WSNs with a Varying Network Density

The Internet of Things (IoT) paradigm, supported by the operation of wireless sensor networks (WSNs), has gained a great attention lately and new security concerns and challenges are emerging from its usage. The rising number of cyber threats makes the quest for solutions to promote resilient operations a necessity. A major threat that continues to concern the research community is a denial of service (DoS) attack. In case the network’s communication path is compromised, it needs to be restored so that sensors can continue to propagate observations to a control center and support decision-making. The performance of intrusion recovery measures is critical in order to be able to recover and restore network communication effectively. The network deployment layout can affect the effectiveness of a DoS attack and its respective intrusion recovery measures. This research work investigates how and in what way shadowing that occurs in the communication paths and the network density, can impact the efficiency of a DoS attack and its respective intrusion recovery measure. In this work, a low duty cycle measure is applied by sensor nodes once the DoS attack is detected. Investigations focus on: a) identifying if the malicious nodes chances for compromisation increase or decrease when shadowing is considered, and b) how the intrusion recovery performance is affected. In order to support the objectives of the investigations, comparisons are performed between Line of Sight (LOS) and Non LOS (NLOS) scenarios