Your search keyword '"targeted attacks"' showing total 104 results

1. Information security outsourcing in a resource-sharing environment: The impacts of attack modes.

Author

Gao, Xing, Gong, Siyu, Wang, Ying, and Zhang, Yanfang

Subjects

INFORMATION technology security, CONTRACTING out, LEARNING ability, INFORMATION resources, RISK sharing, INFORMATION sharing, COST shifting

Abstract

Information security outsourcing has become an emerging trend in the operations of information security, but the relation between information assets of firms and attack modes of hackers have failed to be considered. Through building a game-theoretic model, this article analyzes security outsourcing of two firms who share their information resource with each other and are confronted with opportunistic attacks and targeted attacks. We find that in the case of security decisions in-house, the firms may obtain a lower expected cost and the hacker may derive a lower expected benefit under targeted attacks than under opportunistic attacks, even though targeted attacks are widely deemed to be more harmful to the firms. When outsourcing security operations to a MSSP (Managed Security Service Provider), we reveal that under targeted attacks the MSSP can reap a higher expected benefit and the hacker can still derive a lower expected benefit. Finally, we examine the effects of key security elements and find some interesting results. In particular, the MSSP may or may not benefit from the degree of resource sharing, and the hacker may suffer from its learning ability. [ABSTRACT FROM AUTHOR]

Published

2024

2. IG-Based Method for Voiceprint Universal Adversarial Perturbation Generation.

Author

Bi, Meng, Yu, Xianyun, Jin, Zhida, and Xu, Jian

Subjects

GREEDY algorithms, PROBLEM solving, ACCOUNTING methods, SAMPLE size (Statistics), EAR

Abstract

In this paper, we propose an Iterative Greedy-Universal Adversarial Perturbations (IGUAP) approach based on an iterative greedy algorithm to create universal adversarial perturbations for acoustic prints. A thorough, objective account of the IG-UAP method is provided, outlining its framework and approach. The method leverages a greedy iteration approach to formulate an optimization problem for solving acoustic universal adversarial perturbations, with a new objective function designed to ensure that the attack has higher accuracy in terms of minimizing the perceptibility of adversarial perturbations and increasing the accuracy of successful attacks. The perturbation generation process is described in detail, and the resulting acoustic universal adversarial perturbation is evaluated in both target-attack and no-target-attack scenarios. Experimental analysis and testing were carried out using comparable techniques and dissimilar target models. The findings reveal that the acoustic generality adversarial perturbation produced by the IG-UAP method can obtain effective attack results even when the audio training data sample size is minimal, i.e., one for each category. Moreover, the human ear finds it difficult to detect the loss of original data information and the addition of adversarial perturbation (for the case of a target attack, the ASR values range from 82.4% to 90.2% for the small sample data set). The success rates for untargeted and targeted attacks average 85.8% and 84.9%, respectively. [ABSTRACT FROM AUTHOR]

Published

2024

3. Targeted Clean-Label Poisoning Attacks on Federated Learning

Author

Patel, Ayushi, Singh, Priyanka, Filipe, Joaquim, Editorial Board Member, Ghosh, Ashish, Editorial Board Member, Prates, Raquel Oliveira, Editorial Board Member, Zhou, Lizhu, Editorial Board Member, Santosh, KC, editor, Goyal, Ayush, editor, Aouada, Djamila, editor, Makkar, Aaisha, editor, Chiang, Yao-Yi, editor, and Singh, Satish K, editor

Published

2023

4. DEVELOPMENT OF A MULTILOOP SECURITY SYSTEM OF INFORMATION INTERACTIONS IN SOCIO-CYBERPHYSICAL SYSTEMS.

Author

Yevseiev, Serhii, Milov, Oleksandr, Dzheniuk, Nataliia, Tolkachov, Maksym, Voitko, Tetiana, Prygara, Mykhailo, Voropay, Natalia, Shpak, Oleksandr, Volkov, Andrii, and Lezik, Oleksandr

Subjects

SOCIAL engineering (Fraud), VIRTUAL prototypes, INFORMATION storage & retrieval systems, METHODS engineering, CYBERTERRORISM, FAULT tolerance (Engineering)

Abstract

The object of the study is a multi-loop security system of information interactions in socio-cyberphysical systems. The dynamic nature of physical environments inherently challenges the ability of socio-cyber-physical systems to perform adequate control actions for physical assets in many contexts. However, adaptation and evolution actions must be evaluated before implementation in the control system to ensure fault tolerance while minimizing risks. Therefore, the design of socio-cyber-physical systems must ensure not only reliable autonomy, but also operational fault tolerance and safety. The proposed approach is based on the integration of targeted (mixed) threats based on the synthesis of technical cyber threats with social engineering methods. This approach allows forming a dynamic security model based on the analysis of the interaction of various agents in socio-cyberphysical systems, which makes it possible to increase the level of counteraction to targeted (mixed) cyber threats. The results of modeling are based on the proposed classification of threats using social engineering methods, which allows cyberattackers to ensure the probability of implementing targeted threats up to 95–98 %. The proposed classification of threats based on social engineering methods will allow forming an additional parameter for the objectivity of target threats, taking into account their integration and synergy. At the same time, the presented model will make it possible to timely provide knowledge about the possibility of implementing a targeted attack and timely take preventive countermeasures. This approach will improve the set of protection measures, as well as promptly create an increase in the level of resistance of the company's personnel (organization, enterprise, etc.) to threats of social engineering [ABSTRACT FROM AUTHOR]

Published

2023

5. Enhancing the Transferability of Targeted Attacks with Adversarial Perturbation Transform.

Author

Deng, Zhengjie, Xiao, Wen, Li, Xiyan, He, Shuqian, and Wang, Yizhen

Subjects

ALGORITHMS

Abstract

The transferability of adversarial examples has been proven to be a potent tool for successful attacks on target models, even in challenging black-box environments. However, the majority of current research focuses on non-targeted attacks, making it arduous to enhance the transferability of targeted attacks using traditional methods. This paper identifies a crucial issue in existing gradient iteration algorithms that generate adversarial perturbations in a fixed manner. These perturbations have a detrimental impact on subsequent gradient computations, resulting in instability of the update direction after momentum accumulation. Consequently, the transferability of adversarial examples is negatively affected. To overcome this issue, we propose an approach called Adversarial Perturbation Transform (APT) that introduces a transformation to the perturbations at each iteration. APT randomly samples clean patches from the original image and replaces the corresponding patches in the iterative output image. This transformed image is then used to compute the next momentum. In addition, APT could seamlessly integrate with other iterative gradient-based algorithms, incurring minimal additional computational overhead. Experimental results demonstrate that APT significantly enhances the transferability of targeted attacks when combined with traditional methods. Our approach achieves this improvement while maintaining computational efficiency. [ABSTRACT FROM AUTHOR]

Published

2023

6. Elephant Herding Robustness Evolution Algorithm With Multi-Clan Co-Evolution Against Cyber Attacks for Scale-Free Internet of Things in Smart Cities

Author

Talha Naeem Qureshi, Zahoor Ali Khan, Nadeem Javaid, Abdulaziz Aldegheishem, Muhammad Babar Rasheed, and Nabil Alrajeh

Subjects

Elephant herding robustness evolution, Internet of Things, scale-free networks, malicious attacks, targeted attacks, topology robustness, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

A large number of sensors are deployed for performing various tasks in the smart cities. The sensors are connected with each other through the Internet that leads to the emergence of Internet of Things (IoT). As the time passes, the number of deployed sensors is exponentially increasing. Not only this, the enhancement of sensors has also laid the base of automation. However, the increased number of sensors make the IoT networks more complex and scaled. Due to the increasing size and complexity, IoT networks of scale-free nature are found highly prone to attacks. In order to maintain the functionality of crucial applications, it is mandatory to increase the robustness of IoT networks. Additionally, it has been found that scale-free networks are resistant to random attacks. However, they are highly vulnerable to intentional, malicious, deliberate, targeted and cyber attacks where nodes are destroyed based on preference. Moreover, sensors of IoT network have limited communication, processing and energy resources. Hence, they cannot bear the load of computationally extensive robustness algorithms. A communication model is proposed in this paper to save the sensors from computational overhead of robustness algorithms by migrating the computational load to back-end high power processing clusters. Elephant Herding Robustness Evolution (EHRE) algorithm is proposed based on an enhanced communication model. In the proposed work, 6 phases of operations are used: initialization, sorting, clan updating, clan separating,selection and formation, and filtration. These process collectively increase the robustness of the scale-free IoT networks. EHRE is compared with well-known previous algorithms and is proven to be robust with a remarkable lead in performance. Moreover, EHRE is capable to achieve global optimum results in less number of iterations. EHRE achieves 95% efficiency after 60 iterations and 99% efficiency after 70 iterations. Moreover, EHRE performs 58.77% better than Enhanced Differential Evolution (EDE) algorithm, 65.22% better than Genetic Algorithm (GA), 86.35% better than Simulating Annealing (SA) and 94.77% better than Hill climbing Algorithm (HA).

Published

2023

7. Need for a Realistic Measure of Attack Severity in Centrality Based Node Attack Strategies

Author

John, Jisha Mariyam, Lekha, Divya Sindhu, Kacprzyk, Janusz, Series Editor, Benito, Rosa Maria, editor, Cherifi, Chantal, editor, Cherifi, Hocine, editor, Moro, Esteban, editor, Rocha, Luis M., editor, and Sales-Pardo, Marta, editor

Published

2022

8. IG-Based Method for Voiceprint Universal Adversarial Perturbation Generation

Author

Meng Bi, Xianyun Yu, Zhida Jin, and Jian Xu

Subjects

iterative greedy, universal adversarial perturbations, voiceprint, targeted attacks, Technology, Engineering (General). Civil engineering (General), TA1-2040, Biology (General), QH301-705.5, Physics, QC1-999, Chemistry, QD1-999

Abstract

In this paper, we propose an Iterative Greedy-Universal Adversarial Perturbations (IGUAP) approach based on an iterative greedy algorithm to create universal adversarial perturbations for acoustic prints. A thorough, objective account of the IG-UAP method is provided, outlining its framework and approach. The method leverages a greedy iteration approach to formulate an optimization problem for solving acoustic universal adversarial perturbations, with a new objective function designed to ensure that the attack has higher accuracy in terms of minimizing the perceptibility of adversarial perturbations and increasing the accuracy of successful attacks. The perturbation generation process is described in detail, and the resulting acoustic universal adversarial perturbation is evaluated in both target-attack and no-target-attack scenarios. Experimental analysis and testing were carried out using comparable techniques and dissimilar target models. The findings reveal that the acoustic generality adversarial perturbation produced by the IG-UAP method can obtain effective attack results even when the audio training data sample size is minimal, i.e., one for each category. Moreover, the human ear finds it difficult to detect the loss of original data information and the addition of adversarial perturbation (for the case of a target attack, the ASR values range from 82.4% to 90.2% for the small sample data set). The success rates for untargeted and targeted attacks average 85.8% and 84.9%, respectively.

Published

2024

9. Robustness of knowledge networks under targeted attacks: Electric vehicle field of China evidence.

Author

Zhao, Jianyu, Wei, Jiang, Yu, Lean, and Xi, Xi

Subjects

*ELECTRIC fields, *ELECTRIC vehicles, *PRICES

Abstract

• Exposing the knowledge networks' robustness from aspects of structure and function. • Unveiling the possible damage of targeted attacks to knowledge networks. • Conceptualizing the knowledge element and measuring it by patent-related indicators. • Clarifying the diverse importance of knowledge elements in maintaining robustness. A new framework is proposed to comprehensively explore the robustness (structure and function) of knowledge networks under different targeted attacks. Results show that (1) recalculated-based attacks cause greater damage than initial-based attacks. Meanwhile, a higher price is needed to destroy the structure than disrupt the function of the knowledge network. (2) Maintaining the structure of the knowledge network not only depends on the position that high-degree knowledge elements occupy in the maximal connected subgraph and their upper limit of combinatorial value but also relies on the reducing requirement of new knowledge elements caused by local search and connections. (3) Embedding more knowledge elements that are involved in multiple knowledge domains with medium-degree distribution can consolidate the knowledge network's structure. With regard to enhancing network efficiency, highly relevant knowledge elements create an inverted U-shape influence, while diverse knowledge elements continuously exert positive effects. [ABSTRACT FROM AUTHOR]

Published

2022

10. Propagation of Bankruptcy Risk over Scale-Free Economic Networks.

Author

Andria, Joseph, di Tollo, Giacomo, and Kalda, Jaan

Subjects

*SCALE-free network (Statistical physics), *UNCERTAINTY (Information theory), *BANKRUPTCY, *BANKING industry, *ECONOMIC shock, *BANK failures

Abstract

The propagation of bankruptcy-induced shocks across domestic and global economies is sometimes very dramatic; this phenomenon can be modelled as a dynamical process in economic networks. Economic networks are usually scale-free, and scale-free networks are known to be vulnerable with respect to targeted attacks, i.e., attacks directed towards the biggest nodes of the network. Here we address the following question: to what extent does the scale-free nature of economic networks and the vulnerability of the biggest nodes affect the propagation of economic shocks? We model the dynamics of bankruptcies as the propagation of financial contagion across the banking sector over a scale-free network of banks, and perform Monte-Carlo simulations based on synthetic networks. In addition, we analyze the public data regarding the bankruptcy of US banks from the Federal Deposit Insurance Corporation. The dynamics of the shock propagation is characterized in terms of the Bank Failures Diffusion Index, i.e., the average number of new bankruptcies triggered by the bankruptcy of a single bank, and in terms of the Shannon entropy of the whole network. The simulation results are in-line with the empirical findings, and indicate the important role of the biggest banks in the dynamics of economic shocks. [ABSTRACT FROM AUTHOR]

Published

2022

11. Evaluation of the vulnerability in water distribution systems through targeted attacks

Author

Aiman Albarakati, Asifa Tassaddiq, and Yogesh Kale

Subjects

centrality measures, targeted attacks, vulnerability, water distribution systems, water flow, Environmental technology. Sanitary engineering, TD1-1066, Environmental sciences, GE1-350

Abstract

This paper presents the results of a vulnerability analysis in different water distribution system (WDS) benchmarks, performed under a framework based on a graph model that integrates topological features and hydraulic characteristics, allowing the comparison between different attack strategies and centrality measures in terms of their ability to predict the shortage of water supply. This vulnerability framework has been previously applied to electric power systems and it employs a vulnerability prediction measure to quantify the amount of damage caused in terms of the physical damage measure. Different attack strategies and centrality measures were applied to four WDS benchmarks: the New York Tunnel, the Hanoi, the Modena, and the Balerma networks. It was determined that removing the most central element and recalculating the centrality for each stage are the most damaging attack strategies. Degree, eigenvector, and Katz centrality measures presented the best performance to predict the elements that are more relevant to the network and can have a larger impact on the water supply. It was demonstrated that the vulnerability framework can be applied to the WDS in the same way it was previously applied to electric power systems. Future work will be oriented to the design of the WDS using optimization techniques to minimize the vulnerability of the network under faults that can be generated by droughts and other extreme weather conditions. HIGHLIGHT This paper presents the results of a vulnerability analysis in different WDS benchmarks, performed under a framework based on a graph model that integrates topological features and hydraulic characteristics, allowing the comparison between different attack strategies and centrality measures in terms of their ability to predict the shortage of water supply.;

Published

2021

12. Probabilistic Analysis of Targeted Attacks Using Transform-Domain Adversarial Examples

Author

Zakia Yahya, Muhammad Hassan, Shahzad Younis, and Muhammad Shafique

Subjects

Steganography, targeted attacks, DNN classifiers, perturbations, adversarial examples, imperceptibility, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

In the past decade, Deep Neural Networks (DNNs) have achieved breakthrough collaborations in developing smart intelligent systems within the field of computer vision, natural language processing, autonomous systems, etc. Recent research has revealed that stability of such smart systems is at greater risk when they come across to adversarial perturbations. Although, these perturbations may not be perceivable in nature when seen from naked eye, yet, they are capable enough to fool state-of-the-art DNN classifiers. Till now, much of the previous work related to fool such classifiers focuses on generating adversaries that directly change pixel values of an image in spatial-domain. In this paper, we propose a novel transform-domain imperceptible attack methodology “TDIAM” to generate adversaries based on image steganography-approach using a “single carefully selected targeted watermark”. We use three different frequency-domain approaches, i.e., Discrete Wavelet Transform (DWT), Discrete Cosine Transform (DCT) and Fast Fourier Transform (FFT) to craft perturbations in selective frequency component which makes it robust and it requires less computational time as it is a non-gradient approach. We present our case study on MNIST handwritten digits dataset. Our results demonstrate that the generated perturbation vector successfully fool simple Convolutional Neural Network (CNN), LeNet-5 and AlexNet architectures by increasing probability of adversarial examples for the targeted class (to which the targeted watermark belongs) in both “black-box” and “white-box” adversarial attacks. The results have shown that among these three perturbation approaches, DWT based perturbation shown promising results by effectively fooling DNNs while ensuring the high imperceptibility as well.

Published

2020

13. A possible quadruple point in networks of directed networks under targeted attacks

Author

Xueming Liu, Mengyu Lv, and Wenting Xu

Subjects

targeted attacks, quadruple point, percolation theory, networks of directed networks, Science, Physics, QC1-999

Abstract

Many real systems are known to interact with one another, forming networks of networks (NONs). Plenty of attention has been poured into the research on the robustness in NONs in the past decade. Previous studies focus on undirected networks, or directed networks under random attacks. While many real networks are directed and how networks of directed networks (NODNs) respond to targeted attacks remains unknown. We thus develop a general analytical tool for analyzing the robustness of NODNs under two kinds of targeted attacks: degree-based attacks and in-degree (out-degree)-based attacks. The analytical tool can perfectly predict the sizes of the final giant strongly connected components and the phase transitions on the NODNs in response to targeted attacks. By applying the tool to synthesis networks, we find that a quadruple point intersected by four different phase regions could appear in the random regular NODNs. To the best of our knowledge, it is the first time that a quadruple point is found in the studies of complex networks. In addition, we find triple points intersected by three phases in networks of directed scale-free networks, and critical points that connect two phases in networks of directed Erdös–Rényi networks. The discovery of these tipping points could help understand network robustness and enable better design of networked systems.

Published

2023

14. The Robustness of Interdependent Directed Networks With Intra-layer Angular Correlations

Author

Zongning Wu, Zengru Di, and Ying Fan

Subjects

robustness, interdependent directed networks, intra-layer geometric correlations, targeted attacks, network embedded, Physics, QC1-999

Abstract

The robustness of interdependent networks is a frontier topic in current network science. A line of studies has so far been investigated in the perspective of correlated structures on robustness, such as degree correlations and geometric correlations in interdependent networks, in-out degree correlations in interdependent directed networks, and so on. Advances in network geometry point that hyperbolic properties are also hidden in directed structures, but few studies link those features to the dynamical process in interdependent directed networks. In this paper, we discuss the impact of intra-layer angular correlations on robustness from the perspective of embedding interdependent directed networks into hyperbolic space. We find that the robustness declines as increasing intra-layer angular correlations under targeted attacks. Interdependent directed networks without intra-layer angular correlations are always robust than those with intra-layer angular correlations. Moreover, empirical networks also support our findings: the significant intra-layer angular correlations are hidden in real interdependent directed networks and contribute to the prediction of robustness. Our work sheds light that the impact of intra-layer angular correlations should be attention, although in-out degree correlations play a positive role in robustness. In particular, it provides an early warning indicator by which the system decoded the intrinsic rules for designing efficient and robust interacting directed networks.

Published

2021

15. Spearphishing Malware: Do We Really Know the Unknown?

Author

Baychev, Yanko, Bilge, Leyla, Hutchison, David, Series Editor, Kanade, Takeo, Series Editor, Kittler, Josef, Series Editor, Kleinberg, Jon M., Series Editor, Mattern, Friedemann, Series Editor, Mitchell, John C., Series Editor, Naor, Moni, Series Editor, Pandu Rangan, C., Series Editor, Steffen, Bernhard, Series Editor, Terzopoulos, Demetri, Series Editor, Tygar, Doug, Series Editor, Weikum, Gerhard, Series Editor, Giuffrida, Cristiano, editor, Bardin, Sébastien, editor, and Blanc, Gregory, editor

Published

2018

16. Analysis on Structural Vulnerability Under the Asymmetric Information

Author

He, Mingshu, Wang, Xiaojuan, You, Jingwen, Wang, Zhen, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Zu, Qiaohong, editor, and Hu, Bo, editor

Published

2018

17. Propagation of Bankruptcy Risk over Scale-Free Economic Networks

Author

Joseph Andria, Giacomo di Tollo, and Jaan Kalda

Subjects

financial contagion, bankruptcy risk, scale-free networks, targeted attacks, Shannon entropy, Science, Astrophysics, QB460-466, Physics, QC1-999

Abstract

The propagation of bankruptcy-induced shocks across domestic and global economies is sometimes very dramatic; this phenomenon can be modelled as a dynamical process in economic networks. Economic networks are usually scale-free, and scale-free networks are known to be vulnerable with respect to targeted attacks, i.e., attacks directed towards the biggest nodes of the network. Here we address the following question: to what extent does the scale-free nature of economic networks and the vulnerability of the biggest nodes affect the propagation of economic shocks? We model the dynamics of bankruptcies as the propagation of financial contagion across the banking sector over a scale-free network of banks, and perform Monte-Carlo simulations based on synthetic networks. In addition, we analyze the public data regarding the bankruptcy of US banks from the Federal Deposit Insurance Corporation. The dynamics of the shock propagation is characterized in terms of the Bank Failures Diffusion Index, i.e., the average number of new bankruptcies triggered by the bankruptcy of a single bank, and in terms of the Shannon entropy of the whole network. The simulation results are in-line with the empirical findings, and indicate the important role of the biggest banks in the dynamics of economic shocks.

Published

2022

18. Physics-aware targeted attacks against maritime industrial control systems.

Author

Longo, Giacomo, Lupia, Francesco, Pugliese, Andrea, and Russo, Enrico

Subjects

*PHYSICS, *MARINE west coast climate, *PROCESS mining, *INDUSTRIAL controls manufacturing, *MARINE machinery

Abstract

The advancement of the maritime industry towards technologically integrated and automated systems has significantly increased the complexity of onboard Industrial Control Systems (ICS), raising concerns about cybersecurity risks. In this paper, we examine typical onboard ICS configurations through an adversarial lens. We introduce a threat model that leverages domain-specific peculiarities, e.g., maritime protocols, and targets vulnerability vectors to execute software attacks against the infrastructures of shipboard ICS. This includes a case study on a critical subsystem of ship machinery: the steering gear system. We have developed a novel attack methodology intended for use by targeted malware. A comprehensive experimental assessment confirms the feasibility of attacks devised according to our methodology. [ABSTRACT FROM AUTHOR]

Published

2024

19. Malware Analysis and Detection via Activity Trees in User-Dependent Environment

Author

Tokhtabayev, Arnur, Kopeikin, Anton, Tashatov, Nurlan, Satybaldina, Dina, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Rak, Jacek, editor, Bay, John, editor, Kotenko, Igor, editor, Popyack, Leonard, editor, Skormin, Victor, editor, and Szczypiorski, Krzysztof, editor

Published

2017

20. Nodal vulnerability to targeted attacks in power grids

Author

Hale Cetinay, Karel Devriendt, and Piet Van Mieghem

Subjects

Power grids, Complex networks, Centrality metrics, Targeted attacks, Applied mathematics. Quantitative methods, T57-57.97

Abstract

Abstract Due to the open data policies, nowadays, some countries have their power grid data available online. This may bring a new concern to the power grid operators in terms of malicious threats. In this paper, we assess the vulnerability of power grids to targeted attacks based on network science. By employing two graph models for power grids as simple and weighted graphs, we first calculate the centrality metrics of each node in a power grid. Subsequently, we formulate different node-attack strategies based on those centrality metrics, and empirically analyse the impact of targeted attacks on the structural and the operational performance of power grids. We demonstrate our methodology in the high-voltage transmission networks of 5 European countries and in commonly used IEEE test power grids.

Published

2018

21. Centralized vs Decentralized Targeted Brute-Force Attacks: Guessing With Side-Information.

Author

Salamatian, Salman, Huleihel, Wasim, Beirami, Ahmad, Cohen, Asaf, and Medard, Muriel

Abstract

According to recent empirical studies, a majority of users have the same, or very similar, passwords across multiple password-secured online services. This practice can have disastrous consequences, as one password being compromised puts all the other accounts at much higher risk. Generally, an adversary may use any side-information he/she possesses about the user, be it demographic information, password reuse on a previously compromised account, or any other relevant information to devise a better brute-force strategy (so called targeted attack). In this work, we consider a distributed brute-force attack scenario in which $m$ adversaries, each observing some side information, attempt breaching a password secured system. We compare two strategies: an uncoordinated attack in which the adversaries query the system based on their own side-information until they find the correct password, and a fully coordinated attack in which the adversaries pool their side-information and query the system together. For passwords X of length $n$ , generated independently and identically from a distribution $P_{X}$ , we establish an asymptotic closed-form expression for the uncoordinated and coordinated strategies when the side-information $\mathrm {Y}_{(m)}$ are generated independently from passing X through a memoryless channel $P_{Y|X}$ , as the length of the password $n$ goes to infinity. We illustrate our results for binary symmetric channels and binary erasure channels, two families of side-information channels which model password reuse. We demonstrate that two coordinated agents perform asymptotically better than any finite number of uncoordinated agents for these channels, meaning that sharing side-information is very valuable in distributed attacks. [ABSTRACT FROM AUTHOR]

Published

2020

22. Proposed Approach for Targeted Attacks Detection

Author

Ghafir, Ibrahim, Prenosil, Vaclav, Sulaiman, Hamzah Asyrani, editor, Othman, Mohd Azlishah, editor, Othman, Mohd Fairuz Iskandar, editor, Rahim, Yahaya Abd, editor, and Pee, Naim Che, editor

Published

2016

23. Hacker Behavior, Network Effects, and the Security Software Market.

Author

Dey, Debabrata, Lahiri, Atanu, and Zhang, Guoying

Subjects

COMPUTER software security, COMPUTER security, ECONOMIC models, NETWORK effect, INDUSTRIAL organization (Economic theory), COMPUTER hacking

Abstract

The market for security software has witnessed an unprecedented growth in recent years. A closer examination of this market reveals certain idiosyncrasies that are not observed in a traditional market. For example, it is a highly competitive market with over 80 vendors. Yet the market coverage is relatively low. Prior research has not attempted to explain what makes this market so different. In this paper, we develop an economic model to find possible answers to this question. Our model uses existing classification of different types of attacks and models their resulting network effects. We find that the negative network effect from indirect attacks, which is further enhanced by value-based targeted attacks, provides a possible explanation for the unique structure of this market. Overall, our results highlight the unique nature of the security software market, furnish rigorous arguments for several counterintuitive observations in the real world, and provide managerial insights for vendors on market competition. [ABSTRACT FROM AUTHOR]

Published

2012

24. Information Security: Facilitating User Precautions Vis-à-Vis Enforcement Against Attackers.

Author

Png, Ivan P. L. and Wang, Qiu-Hong

Subjects

DATA security, END users (Information technology), INFORMATION resources, ENFORCEMENT, DATA protection, DATA security failures, SECURITY systems, GOVERNMENT policy

Abstract

We compare alternative information security policies--facilitating end-user precautions and enforcement against attackers. The context is mass and targeted attacks, taking account of strategic interactions between end users and attackers. For both mass and targeted attacks, facilitating end-user precautions reduces the expected loss of end users. However, the impact of enforcement on expected loss depends on the balance between deterrence and slackening of end-user precautions. Facilitating end-user precautions is more effective than enforcement against attackers when the cost of precautions and the cost of attacks are lower. With targeted attacks, facilitating end-user precautions is more effective for users with relatively high valuation of information security, while enforcement against attackers is more effective for users with relatively low valuation of security. [ABSTRACT FROM AUTHOR]

Published

2009

25. Are You at Risk? Profiling Organizations and Individuals Subject to Targeted Attacks

Author

Thonnard, Olivier, Bilge, Leyla, Kashyap, Anand, Lee, Martin, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Böhme, Rainer, editor, and Okamoto, Tatsuaki, editor

Published

2015

26. FlipThem: Modeling Targeted Attacks with FlipIt for Multiple Resources

Author

Laszka, Aron, Horvath, Gabor, Felegyhazi, Mark, Buttyán, Levente, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Kobsa, Alfred, Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Poovendran, Radha, editor, and Saad, Walid, editor

Published

2014

27. Studying node centrality based on the hidden hyperbolic metric space of complex networks.

Author

Ma, Lili

Subjects

*CENTRALITY, *NETWORK theory (Statistical physics), *HYPERBOLIC spaces, *METRIC spaces, *RANDOM effects model

Abstract

Abstract With the hyperbolic model of the hidden metric space of networks, the hyperbolic DC of a node is defined, totally based on node features in the hyperbolic space but not directly related to network structures. The effectiveness of the hyperbolic DC in forecasting the true importance ranking of nodes in the network structure is studied. Simulations on the forecasting accuracy show it has a certain effectiveness in forecasting a few of the most important nodes, which provides possibility to carry out targeted attacks on networks without knowing any information of network structures. Moreover, for random attacks, a mechanism based on the hyperbolic DC is designed to enhance the destructive power, and the macro-matching degree is proposed to measure the effectiveness of the mechanism. Simulations show when parameter β is not big, the mechanism has quite good performance, and the smaller the value of β , the more effective the mechanism. Furthermore, for parameters in the hyperbolic model, their influences on the mechanism are researched. Results show temperature has more obvious influences than curvature, and the mechanism is found to become more effective when temperature becomes lower. According to the relationship between temperature and the clustering feature of the network, the research indicates our mechanism for random attacks should be effective for most real-world networks. Highlights • A new kind of node centrality not directly related with network structures is defined. • A mechanism to study targeted attacks without knowing network structures is proposed. • A mechanism to greatly enhance the destructiveness of random attacks is proposed. • Influences of the parameters of the hyperbolic model on the mechanism is studied. [ABSTRACT FROM AUTHOR]

Published

2019

28. Infrastructure upgrade framework for Content Delivery Networks robust to targeted attacks.

Author

Natalino, Carlos, Yayimli, Aysegul, Wosinska, Lena, and Furdek, Marija

Subjects

CONTENT delivery networks, CLOUD computing, DISTRIBUTED computing, HEURISTIC, RULES

Abstract

Abstract Content Delivery Networks (CDNs) are crucial for enabling delivery of services that require high capacity and low latency, primarily through geographically-diverse content replication. Optical networks are the only available future-proof technology that meets the reach and capacity requirements of CDNs. However, the underlying physical network infrastructure is vulnerable to various security threats, and the increasing importance of CDNs in supporting vital services intensifies the concerns related to their robustness. Malicious attackers can target critical network elements, thus severely degrading network connectivity and causing large-scale service disruptions. One way in which network operators and cloud computing providers can increase the robustness against malicious attacks is by changing the topological properties of the network through infrastructure upgrades. This work proposes a framework for CDN infrastructure upgrade that performs sparse link and replica addition with the objective of maximizing the content accessibility under targeted link cut attacks. The framework is based on a newly defined content accessibility metric denoted as μ -ACA which allows the network operator to gauge the CDN robustness over a range of attacks with varying intensity. Two heuristics, namely Content-Accessibility-Aware Link Addition Heuristic (CAA-LAH), and Content-Accessibility-Aware Replica Addition Heuristic (CAA-RAH) are developed to perform strategic link and replica placement, respectively, and hamper attackers from disconnecting users from the content even in severe attack scenarios. Extensive experiments on real-world reference network topologies show that the proposed framework effectively increases the CDN robustness by adding a few links or replicas to the network. [ABSTRACT FROM AUTHOR]

Published

2019

29. Mitigating Covert Compromises : A Game-Theoretic Model of Targeted and Non-Targeted Covert Attacks

Author

Laszka, Aron, Johnson, Benjamin, Grossklags, Jens, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Chen, Yiling, editor, and Immorlica, Nicole, editor

Published

2013

30. Mitigation of Targeted and Non-targeted Covert Attacks as a Timing Game

Author

Laszka, Aron, Johnson, Benjamin, Grossklags, Jens, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Das, Sajal K., editor, Nita-Rotaru, Cristina, editor, and Kantarcioglu, Murat, editor

Published

2013

31. Customized Normalcy Profiles for the Detection of Targeted Attacks

Author

Skormin, Victor, Nykodym, Tomas, Dolgikh, Andrey, Antonakos, James, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Di Chio, Cecilia, editor, Agapitos, Alexandros, editor, Cagnoni, Stefano, editor, Cotta, Carlos, editor, de Vega, Francisco Fernández, editor, Di Caro, Gianni A., editor, Drechsler, Rolf, editor, Ekárt, Anikó, editor, Esparcia-Alcázar, Anna I., editor, Farooq, Muddassar, editor, Langdon, William B., editor, Merelo-Guervós, Juan J., editor, Preuss, Mike, editor, Richter, Hendrik, editor, Silva, Sara, editor, Simões, Anabela, editor, Squillero, Giovanni, editor, Tarantino, Ernesto, editor, Tettamanzi, Andrea G. B., editor, Togelius, Julian, editor, Urquhart, Neil, editor, Uyar, A. Şima, editor, and Yannakakis, Georgios N., editor

Published

2012

32. Receiver Based Traffic Control Mechanism to Protect Low Capacity Network in Infrastructure Based Wireless Mesh Network

Author

Gilani, Syed Sherjeel Ahmad, Zubair, Muhammad, Khan, Zeeshan Shafi, Bandyopadhyay, Samir Kumar, editor, Adi, Wael, editor, Kim, Tai-hoon, editor, and Xiao, Yang, editor

Published

2010

33. Robustness quantification of hierarchical complex networks under targeted failures.

Author

Bilal, Kashif, Manzano, Marc, Erbad, Aiman, Calle, Eusebi, and Khan, Samee U.

Subjects

*MULTICASTING (Computer networks), *ROBUST control, *JOB performance

Abstract

Abstract Robustness is one of the key properties in complex networks to ensure the expected level of performance and service availability in case of perturbations and failures. Network robustness is generally quantified using various classical metrics. However, whether the robustness quantification of the networks in various types of failures can be proved to be valid or not? Moreover, how does the hierarchy of a network impacts the robustness, is still not a well-explored domain. This paper presents the robustness quantification of hierarchical complex networks under targeted attacks. We analyze ten different real-world networks with varying graph characteristics using the classical robustness metrics. The level of the hierarchy of the considered networks is computed using the Global Reaching Centrality (GRC) measure. To depict the targeted attacks, we remove (decommission) specific network nodes based on the nodal degree and node betweenness centrality. Moreover, to compare various networks with varying size and characteristics, we employ deterioration strategy to evaluate the effect of the failures on hierarchical networks. Our results reveal a strong relationship between hierarchy and robustness of the networks. Moreover, the presented results reveal that the robustness inferences based on the classical robustness measures may be inaccurate. It can be inferred from the analysis that the classical robustness metrics may not be able to quantify the structural robustness of hierarchical complex networks appropriately, which lay down a need for new robustness metrics for robustness quantification. [ABSTRACT FROM AUTHOR]

Published

2018

34. Robustness of networks formed from interdependent correlated networks under intentional attacks.

Author

Liu, Long, Meng, Ke, and Dong, Zhaoyang

Subjects

*COUNTERTERRORISM, *CYBERTERRORISM, *TELECOMMUNICATION network management, *NATURAL gas pipelines, *ELECTRIC power distribution grids, *ETHERNET

Abstract

We study the problem of intentional attacks targeting to interdependent networks generated with known degree distribution (in-degree oriented model) or distribution of interlinks (out-degree oriented model). In both models, each node’s degree is correlated with the number of its links that connect to the other network. For both models, varying the correlation coefficient has a significant effect on the robustness of a system undergoing random attacks or attacks targeting nodes with low degree. For a system with an assortative relationship between in-degree and out-degree, reducing the broadness of networks’ degree distributions can increase the resistance of systems against intentional attacks. [ABSTRACT FROM AUTHOR]

Published

2018

35. Optimal Cost-Based Strengthening of Complex Networks

Author

Rong, Qingnan, Zhang, Jun, Sun, Xiaoqian, Wandelt, Sebastian, Zanin, Massimiliano, Tian, Liang, Rong, Qingnan, Zhang, Jun, Sun, Xiaoqian, Wandelt, Sebastian, Zanin, Massimiliano, and Tian, Liang

Abstract

Most real-world complex systems are extremely vulnerable to targeted attacks, making their immunization an important yet challenging task. One of the most effective attack strategies is targeting articulation points specifically. In this study, we first propose a generalized definition of network robustness. Then we address the problem of strengthening network robustness with the minimum cost by exploiting the intuition behind the attack strategy based on articulation points, that is proven to be NP-hard. Accordingly, we propose a heuristic for solving this problem, subject to a cost function whose choice determines the obtained network regime. Experiments on both random and real-world networks show that our algorithm strengthens the robustness by using significantly cheaper edge additions than state-of-the-art methods. Moreover, our algorithm excels against general attack strategies by revealing the essence of strengthening network robustness, that is, increasing the size of the giant connected component optimally in the process of node removal. While considering the realistic problem, our algorithm also provides a reasonable scheme to add edges at a low cost.

Published

2022

36. Optimal Cost-Based Strengthening of Complex Networks

Author

Qingnan Rong, Jun Zhang, Xiaoqian Sun, Sebastian Wandelt, Massimiliano Zanin, and Liang Tian

Subjects

Network robustness, Computer Networks and Communications, Control and Systems Engineering, Cost, Targeted attacks, Heuristic, Computer Science Applications, Strengthening problem

Abstract

Most real-world complex systems are extremely vulnerable to targeted attacks, making their immunization an important yet challenging task. One of the most effective attack strategies is targeting articulation points specifically. In this study, we first propose a generalized definition of network robustness. Then we address the problem of strengthening network robustness with the minimum cost by exploiting the intuition behind the attack strategy based on articulation points, that is proven to be NP-hard. Accordingly, we propose a heuristic for solving this problem, subject to a cost function whose choice determines the obtained network regime. Experiments on both random and real-world networks show that our algorithm strengthens the robustness by using significantly cheaper edge additions than state-of-the-art methods. Moreover, our algorithm excels against general attack strategies by revealing the essence of strengthening network robustness, that is, increasing the size of the giant connected component optimally in the process of node removal. While considering the realistic problem, our algorithm also provides a reasonable scheme to add edges at a low cost.

Published

2022

37. Robustness Comparison of 15 Real Telecommunication Networks: Structural and Centrality Measurements.

Author

Rueda, Diego, Calle, Eusebi, and Marzo, Jose

Subjects

*ROBUST control, *NUMERICAL analysis, *TELECOMMUNICATION systems, *INFORMATION & communication technologies, *ELECTRIC network topology

Abstract

Multiple failures can have catastrophic consequences on the normal operation of telecommunication networks. In this sense, guaranteeing network robustness to avoid users and services being disconnected is essential. A wide range of metrics have been proposed for measuring network robustness. In this paper the taxonomy of robustness metrics in telecommunication networks has been extended and a classification of multiple failures scenarios has been made. Moreover, a structural and centrality robustness comparison of 15 real telecommunication networks experiencing multiple failures was carried out. Through this analysis the topological properties which are common for grouping networks with similar robustness are able to be identified. [ABSTRACT FROM AUTHOR]

Published

2017

38. The Cousins of Stuxnet: Duqu, Flame, and Gauss

Author

Márk Félegyházi, Gábor Pék, Levente Buttyán, and Boldizsár Bencsáth

Subjects

targeted attacks, Advanced Persistent Threat (APT), cyber espionage, cyber weapons, Information technology, T58.5-58.64

Abstract

Stuxnet was the first targeted malware that received worldwide attention forcausing physical damage in an industrial infrastructure seemingly isolated from the onlineworld. Stuxnet was a powerful targeted cyber-attack, and soon other malware samples were discovered that belong to this family. In this paper, we will first present our analysis of Duqu, an information-collecting malware sharing striking similarities with Stuxnet. Wedescribe our contributions in the investigation ranging from the original detection of Duquvia finding the dropper file to the design of a Duqu detector toolkit. We then continue with the analysis of the Flame advanced information-gathering malware. Flame is unique in thesense that it used advanced cryptographic techniques to masquerade as a legitimate proxyfor the Windows Update service. We also present the newest member of the family, called Gauss, whose unique feature is that one of its modules is encrypted such that it can onlybe decrypted on its target system; hence, the research community has not yet been able to analyze this module. For this particular malware, we designed a Gauss detector serviceand we are currently collecting intelligence information to be able to break its very specialencryption mechanism. Besides explaining the operation of these pieces of malware, wealso examine if and how they could have been detected by vigilant system administrators manually or in a semi-automated manner using available tools. Finally, we discuss lessonsthat the community can learn from these incidents. We focus on technical issues, and avoidspeculations on the origin of these threats and other geopolitical questions.

Published

2012

39. Information security investment for competitive firms with hacker behavior and security requirements.

Author

Gao, Xing and Zhong, Weijun

Subjects

*INFORMATION technology security, *COMPUTER hackers, *BUSINESS, *CYBERTERRORISM, *DIGITAL asset management, *ATTITUDE (Psychology), *SECURITY systems

Abstract

This paper investigates information security investment strategies under both targeted attacks and mass attacks by considering strategic interactions between two competitive firms and a hacker. We find that the more attractive firm invests more in information security, suffers more frequent attacks and enjoys a lower expected benefit, while the hacker achieves a higher expected benefit under targeted attacks than under mass attacks. We further examine the effect of security requirements on the two firms' investment strategies in information security. We indicate that security requirements sometimes can drastically alter the comparisons of these investment strategies under the two types of cyber attacks. The hacker would balance the firms' attractiveness in information assets and security requirements when determining its investment decisions in cyber attacks. By assuming that security requirements are endogenous, we demonstrate that under targeted attacks and mass attacks both firms would like to regulate rigorous security requirements when their degree of competition becomes fierce but would like to choose loose security requirements when the degree of competition remains mild. [ABSTRACT FROM AUTHOR]

Published

2015

40. Insider threats in banking sybersecurity: overview

Author

Kovaleva, A. G., Ковалева, А. Г., Matvienko, D. K., Матвиенко, Д. К., Kovaleva, A. G., Ковалева, А. Г., Matvienko, D. K., and Матвиенко, Д. К.

Abstract

Сохранение целостности и конфиденциальности информации является важной задачей для банков. Средства защиты и способы нахождения угроз в системе нужно постоянно модифицировать. Если система защиты имеет уязвимости, то они могут быть использованы злоумышленниками для осуществления целенаправленных атак. Для того, чтобы предотвратить взлом и предсказать возможные пути проникновения в систему, необходимо рассмотреть атаки, производившиеся на различные системы. В статье рассматриваются существующие виды угроз кибербезопасности банков и какие атаки могут быть произведены на банковскую систему., Maintaining the integrity and confidentiality of information is an important task for banks. Security measures and ways to find threats in the system need to be constantly modified. If the security system has vulnerabilities, they may be used by attackers to carry out targeted attacks. In order to prevent hacking and predict possible ways of entering the system, it is necessary to consider the attacks that were made on various systems. The article discusses the existing types of threats to the cybersecurity of banks and what attacks can be made on the banking system.

Published

2021

41. Analysis of a multistage attack embedded in a video file.

Author

Nath, Hiran and Mehtre, B.

Subjects

BURGLARY, COMPUTER hackers, COMPUTER security, COMPUTER crimes, COMPUTER users

Abstract

In 1990s, burglars used to break into house, while the residents were viewing some interesting television shows. This type of attacks happened mainly in the physical world and it was expected that cyber world is free from such crimes. Unfortunately, this is not true. A skilled hacker could compromise a system, while the user is viewing (an interesting) video file. Quite often computer users, use their machines for viewing (interesting) videos. Such users may be naive users or could even be those who work on mission critical systems, like banking, defence, nuclear power-plant, space agencies etc. So playing a video file can lead to high security risk. In this paper, we have analysed video files, for detecting multistage attacks. We found that some video files contain malicious link through which an exploit gets downloaded into the host machine. The contribution of this paper is the discovery of novel attacks that are hidden (by perpetrator) in innocuous video files with the objective of staging a targeted attack in multiple stages. Finally, we propose a new method for detection of such attacks (carried through video files) using API calls. [ABSTRACT FROM AUTHOR]

Published

2015

42. Measuring the robustness of network controllability

Author

Dhiman, Ashish Kumar (author) and Dhiman, Ashish Kumar (author)

Abstract

Networks are all around us, telecommunication networks, road transportation networks, and the Internet are a few examples of networks that we encounter every day. The entities in a network are represented by nodes and the interconnections between them are represented by links. For example, in a telecommunication network, a node could be an end point for data transmission, a redistribution point or in physical terms, an entity that is capable of receiving, transmitting or redistributing information and a link could be a wired or a wireless connection between the nodes. It is of prime importance that the networks perform their functions properly. To ensure the effective operation of such networks, we need to control them by applying external inputs on some nodes which are known as driver nodes. We say that a network is controllable if it can be driven from any arbitrary state to any desired state in finite time under the control of driver nodes which are attached to the external inputs. Networks are often confronted with perturbations in the form of targeted and random attacks to disrupt their operation. Such perturbations make these networks less controllable. Thus, more driver nodes are needed to gain the full controllability of these networks. As a result, the robustness of network controllability decreases. In this study, the minimum number of driver nodes which gain full controllability after failures or attacks is chosen as the robustness metric. Existing closed-form analytical approximations estimate the normalized minimum number of driver nodes as a function of the fraction of removed links in both targeted and random attacks. However, the approximations sometimes do not fit with the simulations and the errors between the approximations and simulations are large. The main objectives of this study are to improve the analytical approximations using machine learning methods for both targeted and random attacks and additionally, derive a suitable analytical ap, Electrical Engineering | Telecommunications and Sensing Systems

Published

2020

43. Инсайдерские угрозы в банковской кибербезопасности: обзор

Author

Matvienko, D. K., Kovaleva, A. G., and Ковалева, А. Г.

Subjects

УЯЗВИМОСТЬ, VULNERABILITY, KEY THREATS, CYBERSECURITY, КИБЕРБЕЗОПАСНОСТЬ, ВНУТРЕННИЕ АТАКИ, ЦЕЛЕНАПРАВЛЕННЫЕ АТАКИ, BANKING SYSTEM, INTERNAL ATTACKS, TARGETED ATTACKS, ОСНОВНЫЕ УГРОЗЫ, БАНКОВСКАЯ СИСТЕМА

Abstract

Сохранение целостности и конфиденциальности информации является важной задачей для банков. Средства защиты и способы нахождения угроз в системе нужно постоянно модифицировать. Если система защиты имеет уязвимости, то они могут быть использованы злоумышленниками для осуществления целенаправленных атак. Для того, чтобы предотвратить взлом и предсказать возможные пути проникновения в систему, необходимо рассмотреть атаки, производившиеся на различные системы. В статье рассматриваются существующие виды угроз кибербезопасности банков и какие атаки могут быть произведены на банковскую систему. Maintaining the integrity and confidentiality of information is an important task for banks. Security measures and ways to find threats in the system need to be constantly modified. If the security system has vulnerabilities, they may be used by attackers to carry out targeted attacks. In order to prevent hacking and predict possible ways of entering the system, it is necessary to consider the attacks that were made on various systems. The article discusses the existing types of threats to the cybersecurity of banks and what attacks can be made on the banking system.

Published

2021

44. Analysis of Internet robustness in attacks.

Author

Xu, Ye and Zhang, Xiaoqian

Abstract

To study the robustness of Internet, measuring topology of regional Internet with monitors is performed first. The mathematical transformation of measured results into matrix is introduced to set up a simulation platform for further experiments. By setting up various simulation parameters, we found that Internet is to some extent having the performances of highly resistance to random attacks and great fragilities to intentional attacks. And in hybrid attack situations, Internet is also quite fragile no matter what ratio of intentional attacks over the random ones is. Besides, we find that networks with high loads would easily result in more damaged networks even under the same attacks. [ABSTRACT FROM PUBLISHER]

Published

2012

45. ИНФОРМАЦИОННАЯ БЕЗОПАСНОСТЬ ПРИ РЕАЛИЗАЦИИ КОНЦЕПЦИИ BYOD

Author

Ostanina, E.A.

Subjects

концепция Bring Your Own Device (BYOD), vulnerabilities, Information security, личные технические устройства, Информационная безопасность, уязвимости, personal technical devices, корпоративная сеть, privacy, cloud technologies, mobility, конфиденциальность, motivation, corporate network, мотивация, облачные технологии, Bring Your Own Device (BYOD) concept, targeted attacks, мобильность, целевые атаки

Abstract

The dynamics of the modern world dictates its working conditions for current companies. The introduction of new concepts in the organizations work, along with the positive aspects, is associated with many emerging risks. The article shows the integration process of Bring Your Own Device (BYOD) in organizations of different countries, the ratio of its supporters and opponents in a number of states. The issues of information security of the activities of organizations adopting the BYOD concept in its various manifestations are considered. The possible consequences of introducing this concept without proper support by the information security service are shown, the nuances of protecting mobile devices of various manufacturers that can be used by employees for work purposes are disclosed. The main directions of the work of information security services in the implementation of the BYOD concept in solving basic problems are indicated and examples of solutions are considered. A general security strategy is described. A formula is proposed that describes the general BYOD security strategy, which should be supplemented by a distributed personal component that takes into account the personal characteristics of the social engineering exposure of the organizations employees. The general recommendations for ensuring security when working in the BYOD concept are formulated, which include the installation of MDM / MAM for managing the security of mobile devices, organizing the connection of all devices only via VPN, preventing unauthorized access by using strong passwords with regular updates, encrypting data on devices, installing company-approved antivirus software, attracting third-party consultants, fixed control of any images eny to valuable files, the implementation of access control lists, and firewall settings for suspicious activity alerts, setting restrictions on downloading and installing programs, implementation of a comprehensive IT policy., Динамика современного мира диктует свои условия работы нынешних компаний. Внедрение новых концепций в работу организации наряду с положительными моментами связано со множеством возникающих рисков. В статье показан процесс интеграции Bring Your Own Device (BYOD) в организациях разных стран, соотношение ее сторонников и противников в ряде государств. Рассматриваются вопросы информационной безопасности деятельности организаций, принимающих концепцию BYOD в различных ее проявлениях. Показаны возможные последствия внедрения этой концепции без должного сопровождения процесса службой информационной безопасности, раскрыты нюансы защиты мобильных устройств различных производителей, которые могут использоваться сотрудниками в рабочих целях. Указаны основные направления работы служб информационной безопасности при реализации концепции BYOD при решении основных проблем и рассмотрены примеры решений. Описана общая стратегия безопасности. Предложена формула, описывающая общую стратегию безопасности BYOD, которую целесообразно дополнить распределенным личностным компонентом, учитывающим персональные характеристики подверженности социальной инженерии сотрудников организации. Сформулированы общие рекомендации по обеспечению безопасности при работе в концепции BYOD, которые включают установку MDM/MAM для управления безопасностью мобильных устройств, организацию подключения всех устройств только через VPN, предотвращение несанкционированного доступа с помощью использования надежных паролей с регулярным их обновлением, осуществление шифрования данных на устройствах, установку одобренного компанией антивирусного программного обеспечения, привлечение сторонних консультантов, фиксированный контроль любых обращений к ценным файлам, внедрение листов контроля доступа и брандмауэров, настройку оповещения о подозрительной деятельности, установку ограничений на скачивание и установку программ, внедрение комплексной ИТ-политики., №12(132) (2020)

Published

2020

46. Systematic Review and Quantitative Comparison of Cyberattack Scenario Detection and Projection

Author

Karlo Slovenec, Ivan Kovacevic, and Stjepan Gros

Subjects

Computer Networks and Communications, Computer science, intrusion detection, media_common.quotation_subject, False positives and false negatives, attack scenario, lcsh:TK7800-8360, 02 engineering and technology, Intrusion detection system, computer.software_genre, attack projection, cyber situational awareness, 0202 electrical engineering, electronic engineering, information engineering, Quality (business), targeted attacks, Electrical and Electronic Engineering, media_common, alert correlation, Event (computing), lcsh:Electronics, 020206 networking & telecommunications, Projection (relational algebra), Hardware and Architecture, Control and Systems Engineering, Signal Processing, 020201 artificial intelligence & image processing, State (computer science), Data mining, computer

Abstract

Intrusion Detection Systems (IDSs) automatically analyze event logs and network traffic in order to detect malicious activity and policy violations. Because IDSs have a large number of false positives and false negatives and the technical nature of their alerts requires a lot of manual analysis, the researchers proposed approaches that automate the analysis of alerts to detect large-scale attacks and predict the attacker’s next steps. Unfortunately, many such approaches use unique datasets and success metrics, making comparison difficult. This survey provides an overview of the state of the art in detecting and projecting cyberattack scenarios, with a focus on evaluation and the corresponding metrics. Representative papers are collected while using Google Scholar and Scopus searches. Mutually comparable success metrics are calculated and several comparison tables are provided. Our results show that commonly used metrics are saturated on popular datasets and cannot assess the practical usability of the approaches. In addition, approaches with knowledge bases require constant maintenance, while data mining and ML approaches depend on the quality of available datasets, which, at the time of writing, are not representative enough to provide general knowledge regarding attack scenarios, so more emphasis needs to be placed on researching the behavior of attackers.

Published

2020

47. Robustness quantification of hierarchical complex networks under targeted failures

Author

Samee U. Khan, Eusebi Calle, Marc Manzano, Aiman Erbad, and Kashif Bilal

Subjects

data center networks, Network robustness, 0301 basic medicine, General Computer Science, Computer science, Node (networking), Complex network, computer.software_genre, 01 natural sciences, 03 medical and health sciences, 030104 developmental biology, Betweenness centrality, Control and Systems Engineering, Robustness (computer science), 0103 physical sciences, hierarchical complex network, Structural robustness, targeted attacks, Data mining, Electrical and Electronic Engineering, 010306 general physics, Centrality, computer

Abstract

Robustness is one of the key properties in complex networks to ensure the expected level of performance and service availability in case of perturbations and failures. Network robustness is generally quantified using various classical metrics. However, whether the robustness quantification of the networks in various types of failures can be proved to be valid or not? Moreover, how does the hierarchy of a network impacts the robustness, is still not a well-explored domain. This paper presents the robustness quantification of hierarchical complex networks under targeted attacks. We analyze ten different real-world networks with varying graph characteristics using the classical robustness metrics. The level of the hierarchy of the considered networks is computed using the Global Reaching Centrality (GRC) measure. To depict the targeted attacks, we remove (decommission) specific network nodes based on the nodal degree and node betweenness centrality. Moreover, to compare various networks with varying size and characteristics, we employ deterioration strategy to evaluate the effect of the failures on hierarchical networks. Our results reveal a strong relationship between hierarchy and robustness of the networks. Moreover, the presented results reveal that the robustness inferences based on the classical robustness measures may be inaccurate. It can be inferred from the analysis that the classical robustness metrics may not be able to quantify the structural robustness of hierarchical complex networks appropriately, which lay down a need for new robustness metrics for robustness quantification. This publication was made possible by NPRP grant # [ 8-519-1-108 ] from the Qatar National Research Fund (a member of Qatar Foundation). The findings achieved herein are solely the responsibility of the author[ s ]. Scopus

Published

2018

48. When Does Targeting Make Sense for an Attacker?

Author

Herley, Cormac

Abstract

How do so many Internet users escape harm? The range of attacks is enormous and growing; we know that most users neglect even basic defense measures. Yet things somehow muddle along: 2 billion people use the Internet and seem to derive more good than harm from it. If security is only as good as the weakest link, why don't worst-case outcomes happen regularly? Why isn't everyone hacked every day? The answer might lie in economics rather than technology. [ABSTRACT FROM PUBLISHER]

Published

2013

49. Targeted Cyberattacks: A Superset of Advanced Persistent Threats.

Author

Sood, Aditya K and Enbody, Richard J.

Abstract

Targeted cyberattacks play an increasingly significant role in disrupting the online social and economic model, not to mention the threat they pose to nation-states. A variety of components and techniques come together to bring about such attacks. [ABSTRACT FROM PUBLISHER]

Published

2013

50. The Cousins of Stuxnet: Duqu, Flame, and Gauss.

Author

Bencsáth, Boldizsár, Pék, Gábor, Buttyán, Levente, and Félegyházi, Márk

Subjects

MALWARE, WINDOWS (Graphical user interfaces), COMPUTER files, DATA encryption, COMPUTER security

Abstract

Stuxnet was the first targeted malware that received worldwide attention for causing physical damage in an industrial infrastructure seemingly isolated from the online world. Stuxnet was a powerful targeted cyber-attack, and soon other malware samples were discovered that belong to this family. In this paper, we will first present our analysis of Duqu, an information-collecting malware sharing striking similarities with Stuxnet. We describe our contributions in the investigation ranging from the original detection of Duqu via finding the dropper file to the design of a Duqu detector toolkit. We then continue with the analysis of the Flame advanced information-gathering malware. Flame is unique in the sense that it used advanced cryptographic techniques to masquerade as a legitimate proxy for the Windows Update service. We also present the newest member of the family, called Gauss, whose unique feature is that one of its modules is encrypted such that it can only be decrypted on its target system; hence, the research community has not yet been able to analyze this module. For this particular malware, we designed a Gauss detector service and we are currently collecting intelligence information to be able to break its very special encryption mechanism. Besides explaining the operation of these pieces of malware, we also examine if and how they could have been detected by vigilant system administrators manually or in a semi-automated manner using available tools. Finally, we discuss lessons that the community can learn from these incidents. We focus on technical issues, and avoid speculations on the origin of these threats and other geopolitical questions. [ABSTRACT FROM AUTHOR]

Published

2012