China 
Africa 
Explore chapters and articles related to this topic
Intelligent Situation Assessment to Secure Smart Cities with Cryptography
Published in Huansheng Ning, Liming Chen, Ata Ullah, Xiong Luo, Cyber-Enabled Intelligence, 2019
Pushpinder Kaur Chouhan, Jorge Martinez Carracedo, Bryan Scotney, Sally McClean
Steps are being taken towards smart city security enhancement, as ENISA [4] has released two detailed guidelines for cyber security of smart cities: architecture model for public transport and security and resilience for smart health service and infrastructure. In addition, the EU has released the NIS directive [5], which mentions that member states for European cyber security should raise EU citizens’ awareness of cyber security. The framework [6] seeks to ensure an EU-wide certification scheme consisting of comprehensive rules, technical requirements, standards, and procedures. The CRISALIS [7] program has been launched, aimed at providing means to secure critical infrastructure environments from attacks caused by malware and threat agents such as Stuxnet and Duqu.
A Bio-inspired Approach To Cyber Security
Published in Brij B. Gupta, Michael Sheng, Machine Learning for Computer and Cyber Security, 2019
Siyakha N. Mthunzi, Elhadj Benkhelifa, Tomasz Bosakowski, Salim Hariri
On the other hand, traditional computing infrastructures mean that security controls were managed within a contained systems [23] and static environments. In this sense, protections against threats was designed and planned based on the assumption that outcomes of security solutions were linearly related to threat. For instance, [24]’s game theoretic approach to protect critical infrastructure against terrorist threats assumes an initial threat score for a particular target according to original and inherent counter measures relevant to that threat. Based on this assumption, they suggest that choices of subsequent solutions will decrease the overall threat. Whilst in a general theoretic sense, functions that convert inputs into required system outputs can be designed and controlled given that all inputs are provided [25], literature shows that the complexity of cyberspace limits the amount of initial threat knowledge cyber security solutions have. It has been demonstrated that sophisticated and persistent adversaries and zero-day attacks are able to systematically plan their attacks and persist within the compromised networks [26]. Cyberspace enables adversaries to increase their attack surface, thus complicating vulnerability management and elevating the attack complexity. Cases in point include Stuxnet, Flame and Duqu, which obfuscate network traffic to evade detection [27]. Based upon the foregoing, this section identifies complexity as central to future cyber security solutions research.
Intrusion Detection System in Self-Organizing Networks: A Survey
Published in Georgios Kambourakis, Asaf Shabtai, Constantinos Kolias, Dimitrios Damopoulos, Intrusion Detection and Prevention for Mobile Ecosystems, 2017
Razan Abdulhammed, Miad Faezipour, Khaled Elleithy
Yoon et al. [97] proposed an ABD IDS using statistical measures for a real-time embedded system. The proposed framework aims to protect the real-time embedded system from malicious entities such as W32.Stuxnet and Duqu worms. The basic idea behind this work was to statistically analyze and observe the execution profiles of the real-time system to find inherent properties. The results showed that the proposed system effectively detected on the fly the malicious code execution, keeping the physical system safe. This investigation used statistical analysis, and system and program activities for collecting data concerning the adversary. Nonetheless, the work did not report responses to analysis.
Cyber-Espionage Malware Attacks Detection and Analysis: A Case Study
Published in Journal of Computer Information Systems, 2022
In 2010, the Stuxnet event created a large effect around the world. Even though it was not designed for spying, the results of Stuxnet were complex and the Stuxnet has been known as an attack used for sabotage more than spying activities.3,11 The malware “Duqu” was discovered in October 2011. Stolen data were stored in filenames beginning with “DQ.” Though not as famous as Stuxnet, the operating logic was identified to be similar and developed for spying activities.3,20 Malware known as SKyWIper and Flamer were discovered in 2012. Comprising nearly 20 MB and 20 modules, they are known to be the largest malware designed to date.26 Flamer has similar features to the Duqu and Stuxnet designs and was the espionage software used for targeted cyberspying attacks at the time.3
A game-theoretic method for resilient control design in industrial multi-agent CPSs with Markovian and coupled dynamics
Published in International Journal of Control, 2021
Jiajun Shen, Xiangshen Ye, Dongqin Feng
The globally worst-case disturbance strategy denoted in Equation (7) is indeed designed under the mass of all ‘cooperative’ controller (with same optimisation/control goal, i.e. minimising the overall cost function ), and aims to degrade the overall system performance. The reason why we adopt this worst-case design setting is due to the practical security scenario of industrial multi-agent CPSs where the malware payload of rational attackers is of indirect type (such as Stuxnet Langner, 2011, Duqu worm Tsoumas & Gritzalis, 2012, Flame virus Marks, 2012). Comparing with the direct type malware payload (such as BlackEnergy Kang et al., 2015, PowerGrid attack Zhu et al., 2019), the indirect ones are always more covert and hard to detect since it will not directly give rise to explosion or breakdown of physical plant device but compromise the system/control performance such that some process indices (production standards) are not satisfied. In this case, due to the complexity and large scale of coupled industrial production process, the engineering/administrator is less likely to locate the specific component (or trace the attack route), which has been compromised, and has no choice but to shut down the production line for resetting and re-downloading the secure configuration and control code. Consequently, the rational attack can postpone the specific project/construction, and cause economic loss.
Policy reconciliation for access control in dynamic cross-enterprise collaborations
Published in Enterprise Information Systems, 2018
D. Preuveneers, W. Joosen, E. Ilie-Zudor
Cyber-security remains a clear challenge for the rollout of the smart factories of the future. Many of the systems, technologies and protocols that exist today and that will become constituents of Industry 4.0 were never designed with networked production and large scale connectivity in mind. This can be witnessed from recent successful attacks on SCADA systems by dangerous malware like Stuxnet, Duqu, Flame, and Gauss (Langner 2011; Bencsáth et al. 2012). Nicholson et al. (2012) survey ongoing research and present an overview of risks, threats and mitigation strategies in the area of SCADA security.