Arms Industry

A summary assessment of the dimensions and concentrations of military equipment manufacture primarily in the United States and western Europe and the extent of availability of this equipment to buyers throughout the world. Treaty-based limitations are also listed

Evaluation of Botnet Threats Based on Evidence Chain

The current network security faces a serious threat, which has been brought about by the large-scale proliferation of botnet, and its detection has become one of the important tasks of the existing cyberspace security. At present, although network administrators have firewalls, intrusion detection systems, intrusion prevention systems, and other technical means to achieve partial network protection, they are still confronted with severe challenges in the detection and prevention of a botnet known as a threatening attack platform. The new botnet is characterized by its large scale and multifunction. Further, it is hard to detect, and it may cause a sharp decline in the normal defense level of the protected object in a short period of time. In this chapter, we propose a method of botnet threat assessment based on evidence chain. The DS evidence theory is used for network security situational awareness. On the basis of determining the recognition framework, all possible results are considered, and each evidence is assigned a basic credibility, and the final credibility of the target is fused by using the composition rule. The experiments show that this method can work efficiently and detect the major threats in the protected network in time

X-Secure:protecting users from big bad wolves

In 2014 over 70% of people in Great Britain accessed the Internet every day. This resource is an optimal vector for malicious attackers to penetrate home computers and as such compromised pages have been increasing in both number and complexity. This paper presents X-Secure, a novel browser plug-in designed to present and raise the awareness of inexperienced users by analysing web-pages before malicious scripts are executed by the host computer. X-Secure was able to detect over 90% of the tested attacks and provides a danger level based on cumulative analysis of the source code, the URL, and the remote server, by using a set of heuristics, hence increasing the situational awareness of users browsing the internet

A taxonomy of malicious traffic for intrusion detection systems

With the increasing number of network threats it is essential to have a knowledge of existing and new network threats to design better intrusion detection systems. In this paper we propose a taxonomy for classifying network attacks in a consistent way, allowing security researchers to focus their efforts on creating accurate intrusion detection systems and targeted datasets

Adversarial Evasion Attacks Practicality in Networks: Testing the Impact of Dynamic Learning

Machine Learning (ML) has become ubiquitous, and its deployment in Network Intrusion Detection Systems (NIDS) is inevitable due to its automated nature and high accuracy in processing and classifying large volumes of data. However, ML has been found to have several flaws, on top of them are adversarial attacks, which aim to trick ML models into producing faulty predictions. While most adversarial attack research focuses on computer vision datasets, recent studies have explored the practicality of such attacks against ML-based network security entities, especially NIDS. This paper presents two distinct contributions: a taxonomy of practicality issues associated with adversarial attacks against ML-based NIDS and an investigation of the impact of continuous training on adversarial attacks against NIDS. Our experiments indicate that continuous re-training, even without adversarial training, can reduce the effect of adversarial attacks. While adversarial attacks can harm ML-based NIDSs, our aim is to highlight that there is a significant gap between research and real-world practicality in this domain which requires attention

A Dashboard for Cyber Situational Awareness and Decision Support in Network Security Management

This demo paper presents a dashboard for network security management, a web application that visualizes data gathered by various sensors in the network and allows the user to achieve cyber situational awareness and provides decision support in the incident handling process. The dashboard and its underlying database use modern graph-based approaches to data modelling, storing, and querying. The dashboard speeds up routine tasks in incident handling, such as getting a context of a situation and quickly assessing the spread and impact of vulnerabilities. The implementation uses modern graph-based approaches to data storage and visualization

A Privacy-Aware Access Control Model for Distributed Network Monitoring

International audienceIn this paper, we introduce a new access control model that aims at addressing the privacy implications surrounding network monitoring. In fact, despite its importance, network monitoring is natively leakage-prone and, moreover, this is exacerbated due to the complexity of the highly dynamic monitoring procedures and infrastructures, that may include multiple traffic observation points, distributed mitigation mechanisms and even inter-operator cooperation. Conceived on the basis of data protection legislation, the proposed approach is grounded on a rich in expressiveness information model, that captures all the underlying monitoring concepts along with their associations. The model enables the specification of contextual authorisation policies and expressive separation and binding of duty constraints. Finally, two key innovations of our work consist in the ability to define access control rules at any level of abstraction and in enabling a verification procedure, which results in inherently privacy-aware workflows, thus fostering the realisation of the Privacy by Design vision

Analysis on NSAW Reminder Based on Big Data Technology

NSAWS is an intelligent and real-time large database management system. By analyzing the user identity data and access rights contained in the collected information, the NSAWS finds out the potential risks and issues an alarm notice in a timely manner. This paper mainly studies how to strengthen the prevention of network attacks in BD environment from the following aspects. This paper first introduces the common technology on the Internet in our country and its application status; secondly, it expounds the architecture, deployment mode and operation mode of the large database system based on the basic security facilities such as cloud computing platform and firewall. Then the traditional NSAWS is analyzed and the simulation platform is tested. The results show that the platform has high accuracy and stability in alerting network security hazards and can effectively protect network security

An Analytical Evaluation of Network Security Modelling Techniques Applied to Manage Threats

The current ubiquity of information coupled with the reliance on such data by businesses has led to a great deal of resources being deployed to ensure the security of this information. Threats can come from a number of sources and the dangers from those insiders closest to the source have increased significantly recently. This paper focuses on techniques used to identify and manage threats as well as the measures that every organisation should consider to put into action. A novel game-based onion skin model has been proposed, combining techniques used in theory-based and hardware-based hardening strategies