The Social Engineering Attack Spiral (SEAS)

YesCybercrime is on the increase and attacks are becoming ever more sophisticated. Organisations are investing huge sums of money and vast resources in trying to establish effective and timely countermeasures. This is still a game of catch up, where hackers have the upper hand and potential victims are trying to produce secure systems hardened against what feels like are inevitable future attacks. The focus so far has been on technology and not people and the amount of resource allocated to countermeasures and research into cyber security attacks follows the same trend. This paper adds to the growing body of work looking at social engineering attacks and therefore seeks to redress this imbalance to some extent. The objective is to produce a model for social engineering that provides a better understanding of the attack process such that improved and timely countermeasures can be applied and early interventions implemented

A preliminary radicalisation framework based on social engineering techniques

YesThe use of online forums and social media sites by extremists for recruiting and radicalising individuals has been covered extensively by researchers. Meanwhile, the social engineering techniques utilised by these extremists to lure marginalised individuals into radicalisation has been neglected. In this article, the social engineering aspects of online radicalisation will be explored. Specifically, the five Principles of Persuasion in Social Engineering (PPSE) will be mapped onto the online radicalisation methods employed by extremists online. Analysing these tactics will aid in gaining a deeper understanding of the process of indoctrination and of the psychology of both the attacker and the target of such attacks. This understanding has enabled the development of a preliminary radicalisation framework based on the social traits of a target that may be exploited during an attack

Empirical study of cultural dimensions and cybersecurity development

yesThis study seeks to investigate how the development of e-government services impacts on cybersecurity. The study uses the methods of correlation and multiple regression to analyse two sets of global data, the e-government development index of the 2015 United Nations e-government survey and the 2015 Inter-national Telecommunication Union global cybersecurity develop-ment index (GCI 2015). After analysing the various contextual factors affecting e-government development , the study found that, various composite measures of e-government development are significantly correlated with cybersecurity development. The therefore study contributes to the understanding of the relation-ship between e-government and cybersecurity development. The authors developed a model to highlight this relationship and have validated the model using empirical data. This is expected to provide guidance on specific dimensions of e-government services that will stimulate the development of cybersecurity. The study provided the basis for understanding the patterns in cybersecurity development and has implication for policy makers in developing trust and confidence for the adoption e-government services.National Information Technology Development Agency, Nigeria

Empirical study of the impact of e-government services on cybersecurity development

YesThis study seeks to investigate how the development of e-government services impacts on cybersecurity. The study uses the methods of correlation and multiple regression to analyse two sets of global data, the e-government development index of the 2015 United Nations e-government survey and the 2015 Inter-national Telecommunication Union global cybersecurity develop-ment index (GCI 2015). After analysing the various contextual factors affecting e-government development , the study found that, various composite measures of e-government development are significantly correlated with cybersecurity development. The therefore study contributes to the understanding of the relation-ship between e-government and cybersecurity development. The authors developed a model to highlight this relationship and have validated the model using empirical data. This is expected to provide guidance on specific dimensions of e-government services that will stimulate the development of cybersecurity. The study provided the basis for understanding the patterns in cybersecurity development and has implication for policy makers in developing trust and confidence for the adoption e-government services.National Information Technology Development Agency, Nigeria

Automated labeling of unknown contracts in Ethereum

yesSmart contracts have recently attracted interest from diverse fields including law and finance. Ethereum in particular has grown rapidly to accommodate an entire ecosystem of contracts which run using its own crypto-currency. Smart contract developers can opt to verify their contracts so that any user can inspect and audit the code before executing the contract. However, the huge numbers of deployed smart contracts and the lack of supporting tools for the analysis of smart contracts makes it very challenging to get insights into this eco-environment, where code gets executed through transactions performing value transfer of a crypto-currency. We address this problem and report on the use of unsupervised clustering techniques and a seed set of verified contracts, in this work we propose a framework to group together similar contracts within the Ethereum network using only the contracts publicly available compiled code. We report qualitative and quantitative results on a dataset and provide the dataset and project code to the research community.Link to conference webpage: http://icccn.org/icccn17/workshop

An approach to failure prediction in a cloud based environment

yesFailure in a cloud system is defined as an even that occurs when the delivered service deviates from the correct intended behavior. As the cloud computing systems continue to grow in scale and complexity, there is an urgent need for cloud service providers (CSP) to guarantee a reliable on-demand resource to their customers in the presence of faults thereby fulfilling their service level agreement (SLA). Component failures in cloud systems are very familiar phenomena. However, large cloud service providers’ data centers should be designed to provide a certain level of availability to the business system. Infrastructure-as-a-service (Iaas) cloud delivery model presents computational resources (CPU and memory), storage resources and networking capacity that ensures high availability in the presence of such failures. The data in-production-faults recorded within a 2 years period has been studied and analyzed from the National Energy Research Scientific computing center (NERSC). Using the real-time data collected from the Computer Failure Data Repository (CFDR), this paper presents the performance of two machine learning (ML) algorithms, Linear Regression (LR) Model and Support Vector Machine (SVM) with a Linear Gaussian kernel for predicting hardware failures in a real-time cloud environment to improve system availability. The performance of the two algorithms have been rigorously evaluated using K-folds cross-validation technique. Furthermore, steps and procedure for future studies has been presented. This research will aid computer hardware companies and cloud service providers (CSP) in designing a reliable fault-tolerant system by providing a better device selection, thereby improving system availability and minimizing unscheduled system downtime

Cyber-Attack Modeling Analysis Techniques: An Overview

YesCyber attack is a sensitive issue in the world of Internet security. Governments and business organisations around the world are providing enormous effort to secure their data. They are using various types of tools and techniques to keep the business running, while adversaries are trying to breach security and send malicious software such as botnets, viruses, trojans etc., to access valuable data. Everyday the situation is getting worse because of new types of malware emerging to attack networks. It is important to understand those attacks both before and after they happen in order to provide better security to our systems. Understanding attack models provide more insight into network vulnerability; which in turn can be used to protect the network from future attacks. In the cyber security world, it is difficult to predict a potential attack without understanding the vulnerability of the network. So, it is important to analyse the network to identify top possible vulnerability list, which will give an intuitive idea to protect the network. Also, handling an ongoing attack poses significant risk on the network and valuable data, where prompt action is necessary. Proper utilisation of attack modelling techniques provide advance planning, which can be implemented rapidly during an ongoing attack event. This paper aims to analyse various types of existing attack modelling techniques to understand the vulnerability of the network; and the behaviour and goals of the adversary. The ultimate goal is to handle cyber attack in efficient manner using attack modelling techniques

A Framework for Dynamic Selection of Backoff Stages during Initial Ranging Process in Wireless Networks

yesThe only available solution in the IEEE 802.22 standard for avoiding collision amongst various contending customer premises equipment (CPEs) attempting to associate with a base station (BS) is binary exponential random backoff process in which the contending CPEs retransmit their association requests. The number of attempts the CPEs send their requests to the BS are fixed in an IEEE 802.22 network. This paper presents a mathematical framework that helps the BS in determining at which attempt the majority of the CPEs become part of the wireless regional area network from a particular number of contending CPEs. Based on a particular attempt, the ranging request collision probability for any number of contending CPEs with respect to contention window size is approximated. The numerical results validate the effectiveness of the approximation. Moreover, the average ranging success delay experienced by the majority of the CPEs is also determined.The full text will be available at the end of the publisher's embargo: 7th Aug 201

STAKCERT Framework in Eradicating Worms Attack

Abstrac

Cyber Threat Intelligence from Honeypot Data using Elasticsearch

yesCyber attacks are increasing in every aspect of daily life. There are a number of different technologies around to tackle cyber-attacks, such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), firewalls, switches, routers etc., which are active round the clock. These systems generate alerts and prevent cyber attacks. This is not a straightforward solution however, as IDSs generate a huge volume of alerts that may or may not be accurate: potentially resulting in a large number of false positives. In most cases therefore, these alerts are too many in number to handle. In addition, it is impossible to prevent cyber-attacks simply by using tools. Instead, it requires greater intelligence in order to fully understand an adversary’s motive by analysing various types of Indicator of Compromise (IoC). Also, it is important for the IT employees to have enough knowledge to identify true positive attacks and act according to the incident response process. In this paper, we have proposed a new threat intelligence technique which is evaluated by analysing honeypot log data to identify behaviour of attackers to find attack patterns. To achieve this goal, we have deployed a honeypot on an AWS cloud to collect cyber incident log data. The log data is analysed by using elasticsearch technology namely an ELK (Elasticsearch, Logstash and Kibana) stack