Cyber Threats Impacting Critical Infrastructures

Choraś, Michał; Kozik, Rafał; Flizikowski, Adam; Hołubowicz, Witold; Renk, Rafał

doi:10.1007/978-3-319-51043-9_7

Cited by 16 publications

(10 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Currently, major differences exist in the way companies are using technologies and adopting security practices into their design, development and operational processes making it more difficult to mitigate and fight against cyber attacks [14]. This problem has been elevated by the lack of adoption of security and cyber resilient posture by the stakeholders.…”

Section: Cyber Resilience and Cyber Security Regulationsmentioning

confidence: 99%

See 1 more Smart Citation

Establishing Cyber Resilience in Embedded Systems for Securing Next-Generation Critical Infrastructure

Siddiqui

Hagan

Sezer

2019

2019 32nd IEEE International System-on-Chip Conference (SOCC)

View full text Add to dashboard Cite

The mass integration and deployment of intelligent technologies within critical commercial, industrial and public environments have a significant impact on business operations and society as a whole. Though integration of these critical intelligent technologies pose serious embedded security challenges for technology manufacturers which are required to be systematically approached, in-line with international security regulations. This paper establish security foundation for such intelligent technologies by deriving embedded security requirements to realise the core security functions laid out by international security authorities, and proposing microarchitectural characteristics to establish cyber resilience in embedded systems. To bridge the research gap between embedded and operational security domains, a detailed review of existing embedded security methods, microarchitectures and design practises is presented. The existing embedded security methods have been found ad-hoc, passive and strongly rely on building and maintaining trust. To the best of our knowledge to date, no existing embedded security microarchitecture or defence mechanism provides continuity of data stream or security once trust has broken. This functionality is critical for embedded technologies deployed in critical infrastructure to enhance and maintain security, and to gain evidence of the security breach to effectively evaluate, improve and deploy active response and mitigation strategies. To this end, the paper proposes three microarchitectural characteristics that shall be designed and integrated into embedded architectures to establish, maintain and improve cyber resilience in embedded systems for next-generation critical infrastructure.

show abstract

Section: Cyber Resilience and Cyber Security Regulationsmentioning

confidence: 99%

“…As they have been designed to mitigate a certain class of known attacks [13]. Nevertheless, this strategy has been found vulnerable and compromised due to software vulnerabilities, microarchitectural weaknesses and poor use of secure design practices [8], [14], [15], [16], [17], [18].…”

Section: Introductionmentioning

confidence: 99%

Establishing Cyber Resilience in Embedded Systems for Securing Next-Generation Critical Infrastructure

Siddiqui

Hagan

Sezer

2019

2019 32nd IEEE International System-on-Chip Conference (SOCC)

View full text Add to dashboard Cite

show abstract

“…The rising numbers of attacks aimed at citizens, societies and even seemingly secure systems built for critical infrastructures are easily observable [2,5]. The inadequacy of signaturebased systems in cyberattack detection is one of the primary causes of this situation.…”

Section: Cybersecurity: a Quick Primer On Challenges And Trendsmentioning

confidence: 99%

“…This situation is echoed by the rankings of cyberattacks, e.g., by OWASP [1], where SQLIA (SQL Injection Attack) and XSS (Cross Site Scripting) are on top of the list. Selected examples of critical systems which were successfully attacked through the application layer are the flight management system in Poland or the energy grid in Ukraine [2]. Therefore, we aim at proposing novel methods to effectively detect and counter the cyberattacks in the application layer.…”

Section: Introduction and Rationalementioning

confidence: 99%

Practical Employment of Granular Computing to Complex Application Layer Cyberattack Detection

et al. 2019

Self Cite

View full text Add to dashboard Cite

Network and information security are regarded as some of the most pressing problems of contemporary economy, affecting both individual citizens and entire societies, making them a highlight for homeland security. Innovative approaches to handle this challenge are undertaken by the scientific community, proposing the utilization of the emerging, advanced machine learning methods. This very paper puts forward a novel approach to the detection of cyberattacks taking inventory of the practical application of information granules. The feasibility of utilizing Granular Computing (GC) as a solution to the most current challenges in cybersecurity is researched. To the best of our knowledge, granular computing has not yet been widely examined or used for cybersecurity application purposes. The major contribution of this work is a method for constructing information granules from network data. We then report promising results on a benchmark dataset.

show abstract

“…y que hasta el momento no podían más que accederse de manera física y presencial. De ahí que se introduzcan las llamadas ciberamenazas en los planes estratégicos de Protección de Infraestructuras Críticas (Choras, Kozik, Flizikowski, Hołubowicz, & Renk, 2016; véase al respecto Rinaldi, Peerenboom, & Kelly, 2001) y el ciberespacio se plantee como una amenaza para la soberanía y seguridad nacional (Bendrath, 2001;Manjikian, 2010, p. 391), tal y como plantea la recientemente publicada Estrategia Nacional de Ciberseguridad (Departamento de Seguridad Nacional, 2019).…”

Section: Fase Actual: Un Nuevo Conceptounclassified

Privacidad (digital) = (Digital) Privacy

Barbudo

2019

eunomia

View full text Add to dashboard Cite

Resumen: El desarrollo de las tecnologías de la información, y en particular Internet, ha supuesto la aparición de nuevas preocupaciones sociales que plantean la imposibilidad de preservar la privacidad ―que no la intimidad― de la población en el ámbito digital. Esta contribución aborda, en perspectiva histórica, la formación de un nuevo concepto sociopolítico de privacidad que ha sustituido al de intimidad en el ámbito digital. A tal fin se presentan los principales elementos que diferencian a ambos y cuáles son las transformaciones sociotécnicas fundamentales que han posibilitado este cambio conceptual. El desarrollo del texto llevará a defender la idoneidad de una mirada política sobre la privacidad y finaliza con la presentación de algunas propuestas recientes que abogan por entender la privacidad como un problema colectivo.Palabras clave: Espacio público, derecho a la privacidad, intimidad, público/privado, ciberespacio.Abstract: The development of information technologies, and in particular the Internet, has led to the emergence of new social concerns that raise the impossibility of preserving privacy in the digital sphere. This contribution addresses, in historical perspective, the formation of a new socio-political concept of privacy that has replaced the previous one. To this end, the main elements that differentiate both are presented and what are the fundamental sociotechnical transformations that have enabled this conceptual change. The development of the text will lead to defend the suitability of a political view on privacy and ends with the presentation of some recent proposals that advocate understanding privacy as a collective problem.Keywords: Public space, right to privacy, private life, public/private, cyberspace.

show abstract

Cyber Threats Impacting Critical Infrastructures

Cited by 16 publications

References 7 publications

Establishing Cyber Resilience in Embedded Systems for Securing Next-Generation Critical Infrastructure

Establishing Cyber Resilience in Embedded Systems for Securing Next-Generation Critical Infrastructure

Practical Employment of Granular Computing to Complex Application Layer Cyberattack Detection

Privacidad (digital) = (Digital) Privacy

Contact Info

Product

Resources

About