China
Africa
Explore chapters and articles related to this topic
Cyber threat on critical infrastructure
Published in Paolo Gardoni, Routledge Handbook of Sustainable and Resilient Infrastructure, 2018
Omar Kammouh, Gian Paolo Cimellaro
In Korman (2016), the following additional measures are reported: Network segmentation and DMZs between networks: DMZ stands for demilitarized zone, and in computer systems stands for an exposed network created to add an additional layer of security.FirewallsConnection tracking and network access controlBlacklistingIntrusion detection (both based on signatures and models of normal behavior)Honeypots: “A honeypot consists of data (for example, in a network site) that appears to be a legitimate part of the site, but is actually isolated and monitored, and that seems to contain information or a resource of value to attackers, who are then blocked” (Wu et al. 2008).
Security Challenges of IoT and Medical Devices in Healthcare
Published in S. Velliangiri, Sathish A. P. Kumar, P. Karthikeyan, Internet of Things, 2020
Gnanaprakasam Pandian, Vivek Vinayagam, Brian Xu, Mark Sue
where Assets: An Asset is a data or a device. Assets are assigned a level of criticality from low to high. For medical devices, the default criticality is high.Threats: Threats will include those detected by IDS (intrusion detection systems), including Malware, Trojan, Recons, or OS Exploits, Bad/Phishing URL Access, C&C (command and control) Communication, Data Exfiltration, Behavior Anomaly, Weak TLS (Transport Layer Security), and Cipher usage among others.Vulnerabilities: Vulnerabilities include older operating systems, AV (anti-virus) not up to date, ICS-CERT (Industrial Control Systems—Cyber Emergency Response Team) advisories, FDA recall, MDS2 (Medical Device Security), Open Ports Detection, Weak Passwords, Software Vulnerabilities (through mostly using network-based passive scan techniques), and exploitable weaknesses in the design of the device.Controls: Controls include OS/AV update, Blacklist MAC (Media Access Control), shut switch port, quarantine VLAN (virtual LAN), Flow Whitelisting/blacklisting, Automatic Access control, Policy Push to Switch/Firewall/ISE (Identity Services Engine), SIEM (Security Information and Event Management) and CMS (content management system) notification, Alarm workflow, and techniques used for micro-segmentation.
A survey of phishing attack techniques, defence mechanisms and open research challenges
Published in Enterprise Information Systems, 2022
Whitelisting or blacklisting scheme consists of either a list of legitimate websites known as whitelist or a list of malicious sites known as blacklist. Whitelist is the list of reliable websites frequently visited by users. Maintaining a blacklist requires several resources to confirm and report the malicious URL. The access time of these solutions is very fast as compared to machine learning and visual similarity-based approaches. However, these solutions suffer from the low detection accuracy because most of the list-based techniques do not protect against zero-hour attack.