Risk assessment for a video surveillance system based on Fuzzy Cognitive Maps

For various IT systems security is considered a key quality factor. In particular, it might be crucial for video surveillance systems, as their goal is to provide continuous protection of critical infrastructure and other facilities. Risk assessment is an important activity in security management; it aims at identifying assets, threats and vulnerabilities, analysis of implemented countermeasures and their effectiveness in mitigating risks. This paper discusses an application of a new risk assessment method, in which risk calculation is based on Fuzzy Cognitive Maps (FCMs) to a complex automated video surveillance system. FCMs are used to capture dependencies between assets and FCM based reasoning is applied to aggregate risks assigned to lower-level assets (e.g. cameras, hardware, software modules, communications, people) to such high level assets as services, maintained data and processes. Lessons learned indicate, that the proposed method is an efficient and low-cost approach, giving instantaneous feedback and enabling reasoning on effectiveness of security system.     

域间路由系统的安全威胁及其对策

BGP是用于在自治系统之间转发路由信息的协议,它是Internet路由系统中一个非常重要的组成部分.虽然它已被证明是一种非常稳定和有效的协议,但是随着Internet的快速发展与商业化,BGP的一个主要的局限性是它不能处理安全问题,因此经常遭到恶意攻击和人为错误的影响.加之BGP协议自身的脆弱性,使得域间路由系统正面临着非常严峻的安全问题.文中详述了域间路由系统所面临的安全威胁,全面地探讨了协议增强和安全防范机制,并对现有安全方案进行了分析.     

What is computer security?

Computer and network security, or cybersecurity, are critical issues. But merely protecting the systems that hold data about citizens, corporations, and government agencies it is not enough. The infrastructure of networks, routers, domain name servers, and switches that glue these systems together must not fail, or computers will no longer be able to communicate accurately or reliably. Given the magnitude of securing cyberspace, a reflection on what we are trying to do seems in order. Several questions arise, such as what exactly the infrastructure is, what threats it must be secured against, and how protection can be provided on a cost-effective basis. But underlying all these questions is how to define a secure system. What is security? Having it is obviously good; everyone says so. But few people define it exactly, or even nebulously. This column tries to place cybersecurity in perspective, because it is, of course, central to countries, organizations, and even home users now and in the future.     

Least privilege analysis in software architectures

Due to the lack of both precise definitions and effective software engineering methodologies, security design principles are often neglected by software architects, resulting in potentially high-risk threats to systems. This work lays the formal foundations for understanding the security design principle of least privilege in software architectures and provides a technique to identify violations against this principle. The technique can also be leveraged to analyze violations against the security design principle of separation of duties. The proposed approach is supported by tools and has been validated in four case studies, two of which are presented in detail in this paper.     

移动Ad-hoc网络安全

移动Ad-hoc网络是一种不依赖任何固定的基础设施的新型的无线网络。在网络中，节点之间的通信完全依赖无线链路，网络拓扑随着节点的移动频繁变化。移动Ad-hoc网络不同于有线网络的特性对于保证其安全性提出了新的挑战。本文在探讨移动Ad-hoc网络的安全需求的基础上，着重分析了移动Ad-hoc网络易于遭受的攻击，并集中了讨论移动Ad-hoc网络的路由安全、密钥管理等关键问题。     

The Peer-to-Peer Threat

We often perceive the latest threats to corporate environments to be those that are directed at overtly attacking our infrastructure. Such examples include the introduction of a destructive application i.e. a virus or by overwhelming systems due to the replication of the agent as in the case of the worm. Other organizations consider industrial espionage to be a significant threat to their continued prosperity.Much effort is exerted, by those in security departments, to develop strategies and policies to defend against these threats. But there is another more insidious threat to organizations which now requires serious consideration — the potential threat posed by peer-to-peer (P2P) networks.     

基于状态相关的嵌入式因特网安全研究

一种有效嵌入式因特网安全架构的设计需要综合考虑到嵌入式因特网服务面对的所有安全威胁。本文分析了嵌入式因特网服务可能遭受的威胁,如拒绝服务、身份冒充、信息截取等,根据嵌入式因特网服务的特点,针对恶意的网络拒绝服务攻击,提出了基于状态相关的识别机制,以实现在不安全的网络环境下进行尽可能安全的服务。     

Spike in phishing and malware a danger to IT

Security firms are reporting that IT departments must be careful of increased threats to corporate networks and data from phishing and malware attacks. There are 33 million unique phishing messages every week, according to Dave Cole, director of security product management at Symantec Security Response. He says this plus an increase in the distribution of malware designed to steal confidential information presents a challenge for IT. Phishing, according to the Anti-Phishing Working Group (APWG), an industry association devoted to eliminating phishing, is definable as attacks that "use both social engineering and technical subterfuge to steal consumers' personal identity data and financial account credentials." Corporations often find that they are victims of another type of phishing attack in which attackers use their good brand names and logos to trick people into responding to bogus solicitations. Although basic security approaches can protect against phishing and malware, Cole says it is also important to have "good Internet security hygiene" and multiple levels of protection for mail clients, servers, and client machines.     

充/换电站监控系统信息安全研究及对策分析

充电基础设施是新能源汽车产业发展的重要基础,其信息系统自身的脆弱性以及面临的复杂网络空间安全威胁,引发的信息安全问题受到政府和企业高度重视.基于上述背景,对充电基础设施信息安全建设的相关政策进行了研究.以社会公共服务影响较大的纯电动公交车充/换电站为对象,详细分析了其监控系统的基本构成和功能、系统脆弱性以及面临的安全威...     

National cyber security enhancement scheme for intelligent surveillance capacity with public IoT environment

As the age of Internet of Things (IoT) has come, national-level cyber security measures should be prepared and concrete implementation plans should be established, so that critical infrastructure can be operated and maintained safely, protected from cyber attacks. In addition, IoT services for such infrastructure should be capable of closely obtaining and processing information in environments experienced by users. To provide reliable IoT services for critical infrastructure utilizing IoT devices, based on an understanding of the vulnerabilities of IoT technology and cutting-edge cyber threats, this paper proposes methods for predicting errors that may occur in physical situations, where things are connected to each other and analyzing and modeling the errors as a functional requirement. In addition to technical measures, security guidelines are presented for individual fields, such as policy, organization, manpower, budget, industry, R&D, and education.     

An extensible analysable system model

Analysing real-world systems for vulnerabilities with respect to security and safety threats is a difficult undertaking, not least due to a lack of availability of formalisations for those systems. While both formalisations and analyses can be found for artificial systems such as software, this does not hold for real physical systems. Approaches such as threat modelling try to target the formalisation of the real-world domain, but still are far from the rigid techniques available in security research. Many currently available approaches to assurance of critical infrastructure security are based on (quite successful) ad-hoc techniques. We believe they can be significantly improved beyond the state-of-the-art by pairing them with static analyses techniques.In this paper we present an approach to both formalising those real-world systems, as well as providing an underlying semantics, which allows for easy development of analyses for the abstracted systems. We briefly present one application of our approach, namely the analysis of systems for potential insider threats.     

Security and privacy in business networking

Business networking relies on application-specific quantity and quality of information in order to support social infrastructures in, e.g., energy allocation coordinated by smart grids, healthcare services with electronic health records, traffic management with personal sensors, RFID in retail and logistics, or integration of individuals’ social network information into good, services, and rescue operations. Due to the increasing reliance of networking applications on sharing ICT services, dependencies threaten privacy, security, and reliability of information and, thus, innovative business applications in smart societies. Resilience is becoming a new security approach, since it takes dependencies into account and aims at achieving equilibriums in case of opposite requirements. This special issue on 'Security and Privacy in Business Networking' contributes to the journal 'Electronic Markets' by introducing a different view on achieving acceptable secure business networking applications in spite of threats due to covert channels. This view is on adapting resilience to enforcement of IT security in business networking applications. Our analysis shows that privacy is an evidence to measure and improve trustworthy relationships and reliable interactions between participants of business processes and their IT systems. The articles of this special issue, which have been accepted after a double-blind peer review, contribute to this view on interdisciplinary security engineering in regard to the stages of security and privacy requirements analysis, enforcement of resulting security requirements for an information exchange, testing with a privacy-preserving detection of policy violations, and knowledge management for the purpose of keeping business processes resilient.     

A survey on security challenges in cloud computing: issues,threats, and solutions

Cloud computing has gained huge attention over the past decades because of continuously increasing demands. There are several advantages to organizations moving toward cloud-based data storage solutions. These include simplified IT infrastructure and management, remote access from effectively anywhere in the world with a stable Internet connection and the cost efficiencies that cloud computing can bring. The associated security and privacy challenges in cloud require further exploration. Researchers from academia, industry, and standards organizations have provided potential solutions to these challenges in the previously published studies. The narrative review presented in this survey provides cloud security issues and requirements, identified threats, and known vulnerabilities. In fact, this work aims to analyze the different components of cloud computing as well as present security and privacy problems that these systems face. Moreover, this work presents new classification of recent security solutions that exist in this area. Additionally, this survey introduced various types of security threats which are threatening cloud computing services and also discussed open issues and propose future directions. This paper will focus and explore a detailed knowledge about the security challenges that are faced by cloud entities such as cloud service provider, the data owner, and cloud user.

     

A real-time attack defense framework for 5G network slicing

Network Slicing (NS) is a key enabler to support 5G network services on-demand. However, since NS is a result of the recent advancement in Software-Defined Networking and Network Function Virtualization, it introduces new security issues which include attacks against an NS instance within an operator network and interslice security threats. In this scenario, identifying and mitigating attacks in real-time is of paramount importance to improve security aspects. However, it is far from being straightforward. Therefore, this work proposes the FrameRTP4, a P4-based framework that aims to deliver real-time attack detection and mitigation mechanisms in 5G NS scenarios. For this, it provides a P4-based switch that implements an Service Function Chaining protocol layer, an efficient and scalable Access Control List for the detection and mitigation of known attacks, and a monitoring system aiming to reduce the overhead induced on the control channel. Furthermore, it delivers an orchestrator that aims to control all switches in order to enable lifecycle management of NS instances and P4 table rules. Besides, it also performs some autonomous tasks such as the wildcard rules generation and the detection of new threats by using machine learning algorithms. Preliminary results point to the potential benefits of FrameRTP4 to be part of a 5G NS infrastructure.     

Security threats scenarios in trust and reputation models for distributed systems

Trust and reputation management over distributed systems has been proposed in the last few years as a novel and accurate way of dealing with some security deficiencies which are inherent to those environments. Thus, many models and theories have been developed in order to effective and accurately manage trust and reputation in those communities. Nevertheless, very few of them take into consideration all the possible security threats that can compromise the system. In this paper, we present some of the most important and critical security threats that could be applied in a trust and reputation scheme. We will describe and analyze each of those threats and propose some recommendations to face them when developing a new trust and reputation mechanism. We will also study how some trust and reputation models solve them. This work expects to be a reference guide when designing secure trust and reputation models.     

A secure fog-based platform for SCADA-based IoT critical infrastructure

The rapid proliferation of Internet of things (IoT) devices, such as smart meters and water valves, into industrial critical infrastructures and control systems has put stringent performance and scalability requirements on modern Supervisory Control and Data Acquisition (SCADA) systems. While cloud computing has enabled modern SCADA systems to cope with the increasing amount of data generated by sensors, actuators, and control devices, there has been a growing interest recently to deploy edge data centers in fog architectures to secure low-latency and enhanced security for mission-critical data. However, fog security and privacy for SCADA-based IoT critical infrastructures remains an under-researched area. To address this challenge, this contribution proposes a novel security “toolbox” to reinforce the integrity, security, and privacy of SCADA-based IoT critical infrastructure at the fog layer. The toolbox incorporates a key feature: a cryptographic-based access approach to the cloud services using identity-based cryptography and signature schemes at the fog layer. We present the implementation details of a prototype for our proposed secure fog-based platform and provide performance evaluation results to demonstrate the appropriateness of the proposed platform in a real-world scenario. These results can pave the way toward the development of a more secure and trusted SCADA-based IoT critical infrastructure, which is essential to counter cyber threats against next-generation critical infrastructure and industrial control systems. The results from the experiments demonstrate a superior performance of the secure fog-based platform, which is around 2.8 seconds when adding five virtual machines (VMs), 3.2 seconds when adding 10 VMs, and 112 seconds when adding 1000 VMs, compared to the multilevel user access control platform.     

Impact of Human Vulnerabilities on Cybersecurity

Today, security is a major challenge linked with computer network companies that cannot defend against cyber-attacks. Numerous vulnerable factors increase security risks and cyber-attacks, including viruses, the internet, communications, and hackers. Internets of Things (IoT) devices are more effective, and the number of devices connected to the internet is constantly increasing, and governments and businesses are also using these technologies to perform business activities effectively. However, the increasing uses of technologies also increase risks, such as password attacks, social engineering, and phishing attacks. Humans play a major role in the field of cybersecurity. It is observed that more than 39% of security risks are related to the human factor, and 95% of successful cyber-attacks are caused by human error, with most of them being insider threats. The major human factor issue in cybersecurity is a lack of user awareness of cyber threats. This study focuses on the human factor by surveying the vulnerabilities and reducing the risk by focusing on human nature and reacting to different situations. This study highlighted that most of the participants are not experienced with cybersecurity threats and how to protect their personal information. Moreover, the lack of awareness of the top three vulnerabilities related to the human factor in cybersecurity, such as phishing attacks, passwords, attacks, and social engineering, are major problems that need to be addressed and reduced through proper awareness and training.     

Developing a distributed system for infrastructure protection

Your business increasingly relies on computer-controlled systems vulnerable to intrusion and destruction. The recent distributed denial of service attacks against e-commerce companies showed that this vulnerability extends beyond your own corporate networks: the very infrastructure of the Internet is at risk. When infoterrorists use the networks' high connectivity and low security to launch attacks against critical information infrastructure systems, they can not only disrupt global e-commerce and communications, but can also adversely affect other critical infrastructure services such as energy, transportation, health care, finance, and water supply. How can organizations protect these systems from infoterrorism? They must leverage modern information technologies to create an infrastructure protection process that can operate quickly and seamlessly. We propose a six-stage protection process that involves intelligence gathering, analysis, interdiction, detection, response, and recovery. To implement this process, we've designed an underlying Web-like architecture that will serve as a platform for the decentralized monitoring and management of critical infrastructures     

Opening eyes: building company-wide IT security awareness

Managing IT system security is a never-ending effort. Regardless of how well you secure a system today, new threats and issues will appear tomorrow. User support, IT staff enthusiasm, and management buy-in are critical assets for overcoming the constant barrage of threats. Unfortunately, there is no standard playbook that tells IT managers how to manage these relationships and focus them on security issues. Every IT staff must build its own strategy. The article outlines concepts to manage security. This list serves as a good source of ideas for how IT managers can use awareness to advance their security goals     

Securing Cellular Infrastructure: Challenges and Opportunities

Cellular networks are the only means of digital communication for the vast majority of the world's population. Although such systems have traditionally been viewed as secure due to their relatively closed nature, their transition toward an all-IP infrastructure and convergence with the larger Internet creates the potential for new threats to users' security and privacy. This article considers a number of such challenges and discusses why solutions from the current Internet are unlikely to be directly applicable. Successfully addressing these issues is of critical interest to not only telecommunications providers, but also businesses and private citizens worldwide.