Conference Paper

A state of the art survey - Impact of cyber attacks on SME's

  • July 2017
DOI:10.1145/3102304.3109812
  • Conference: the International Conference
Authors:
Jibran Saleem at Manchester Metropolitan University
Jibran Saleem
Bamidele Adebisi at Manchester Metropolitan University
Bamidele Adebisi
Ruth Ande at Manchester Metropolitan University
Ruth Ande
Mohammad Hammoudeh at King Fahd University of Petroleum and Minerals
Mohammad Hammoudeh
Download citation
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

Corporations and end users are €nding it hard to keep their devices safe from the ever evolving and complicated threat of cyber attacks. Currently, with the widespread adoption of the Internet of Things (IoT), cyber threat is becoming an even greater challenge for both technology providers and consumers. This paper presents a review of the recent and signifi€cant cyber security issues affecting many areas of digital technology. From IoT devices and smart automobiles to commonly used computers and typical corporate servers, we focus our analysis on current attack trends and the effects of intrusion on Small and Medium sized Enterprises(SMEs). This paper helps to build awareness among non-technical experts, practitioners and researchers about attack and defense strategies in the current digital market. We have created a guide with input from our in-house security researchers and information gathered from the literature to help the reader understand the challenges faced by the IT industry in the future.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

... Smartphones and other connected devices allow people to obtain information quickly and to perform business transactions remotely. However, the growth of these technologies also brought new and unique security issues to users of the technologies (Sukumar and Edgar, 2009;Saleem et al., 2017). The rapid growth of connected devices is also not followed by similar advances in security measures against cybersecurity attacks (Saleem et al., 2017). ...
... However, the growth of these technologies also brought new and unique security issues to users of the technologies (Sukumar and Edgar, 2009;Saleem et al., 2017). The rapid growth of connected devices is also not followed by similar advances in security measures against cybersecurity attacks (Saleem et al., 2017). ...
... It was estimated that 43% of recorded cybersecurity attacks targeted small businesses in 2015 (Symantec, 2016). Most small businesses tended to be vulnerable to cybersecurity attacks because they do not have adequate funds or human resources, which can be allocated to cybersecurity duties, and those who have tend to underappreciate cybersecurity threats (Rahman and Lackey, 2013;Saleem et al., 2017). This behaviour can create negative impacts on small businesses in the future if the proper security measures are not implemented. ...
What small businesses in developing country think of cybersecurity risks in the digital age: Indonesian case
Article
Purpose This study aims to identify and analyse the issues faced by internet-based small businesses in developing countries regarding cybersecurity and document how these businesses address the risks. Design/methodology/approach This study used the qualitative method. Respondents were internet-based small businesses selected by using theoretical sampling. Data were collected by using interviews and observations. The validity of the analysis was ensured by using triangulation and member checking. Findings This study reveals that small businesses managed to identify the loss of physical and monetary assets as possible damage. However, only a few businesses identified loss of intangible assets as possible cyber risks. Most small businesses had used basic cybersecurity measures to protect data access and some primary business activities. Unfortunately, they rarely take initiatives in preventing and early detecting cyber risks. Research limitations/implications Findings of this study cannot be generalised as it aims to obtain new insights and document unexplored findings. Thus, if this study’s findings are going to be generalised, it is necessary to conduct an additional study. Secondly, this study did not assess how far small business had fulfilled the relevant information security framework as assessment required additional research, and this study only aimed to map the current situation in small businesses. Practical implications This study emphasised the importance of identifying valuable assets or resources when implementing cybersecurity measures. Focusing on security measures to protect identified assets from cyber risk will make the efforts more efficient and effective than using standardised cybersecurity measures. Third-party developers can also use this study to understand small businesses’ current cybersecurity implementation and their characters to design online platforms that suit these needs. Governments can also design educational activities that address small businesses’ lack of knowledge. Originality/value Most studies which focus on small businesses and information technology (IT) usually only discuss how they use IT. This study also brings new contributions by focusing on developing countries and specifically addresses internet-based technology cyber risk faced by e-commerce businesses. The qualitative method is used as most studies in e-commerce adoption were positivistic in nature, and inductive-based studies were rarely found on the topic.
... In this section, we discuss related research into empathic symmetries, the deployment of e-business, and the study of IPv4 [23], [33]. Minoli et al. [18] developed a similar application, on the other hand we demonstrated that our heuristic is maximally efficient [22], [17], [26], [27]. Furthermore, C. Wang developed a similar solution, nevertheless we argued that our heuristic is maximally efficient [11], [32], [35]. ...
CROLL: An Expert System for Cyberanalysis of Networks
Article
Full-text available
  • Mar 2018
Cyberanalysis of Internet-of-Things (IoT) networks have garnered tremendous interest from both system developers and information theorists in the last several years. In fact, few cyberneticists would disagree with the development of the World Wide Web (WWW), which represents well-known principles of open network development. In order to realize this intent, we explore an application for cyberanalysis framework (CROLL), which we use to demonstrate on a real-world example of academic network.
... Cyber-security is a major concern for today's economy and society. It is a particular problem for small companies since they can lack the means to defend themselves [16]. First, they might not be technically savvy enough to understand the security problem and understand the measures that have to be taken. ...
Security governance as a service on the cloud
Article
Full-text available
  • Dec 2019
Abstract Small companies need help to detect and to respond to increasing security related threats. This paper presents a cloud service that automates processes that make checks for such threats, implement mitigating procedures, and generally instructs client companies on the steps to take. For instance, a process that automates the search for leaked credentials on the Dark Web will, in the event of a leak, trigger processes that instruct the client on how to change passwords and perhaps a micro-learning process on credential management. The security governance service runs on the cloud as it needs to be managed by a security expert and because it should run on an infrastructure separated from clients. It also runs as a cloud service for economy of scale: the processes it runs can service many clients simultaneously, since many threats are common to all. We also examine how the service may be used to prove to independent auditors (e.g., cyber-insurance agents) that a company is taking the necessary steps to implement its security obligations.
... Many citizens fall victim to these attacks and suffer from minor to life-changing consequences. From losing access to personal photographs of sentimental value due to a ransomware attack to losing the custody of your children, the result of these attacks can mean life or death in some severe cases [1]. When these attacks are targeted towards critical infrastructure, the consequences can be even more devastating. ...
Security Threats to Critical Infrastructure: The Human Factor
Article
Full-text available
In the 21st century, globalisation made corporate boundaries invisible and diffcult to manage. This new macroeconomic transformation caused by globalisation introduced new challenges for critical infrastructure management. By replacing manual tasks with automated decision making and sophisticated technology, no doubt we feel much more secure than half a century ago. As the technological advancement takes root, so does the maturity of security threats. It is common that today's critical infrastructures are operated by non-computer experts, e.g., nurses in healthcare, soldiers in military or firefighters in emergency services. In such challenging applications, protecting against insider attacks is often neither feasible nor economically possible, but these threats can be managed using suitable risk management strategies. Security technologies, e.g., firewalls, help protect data assets and computer systems against unauthorised entry. However, one area which is often largely ignored is the human factor of system security. Through social engineering techniques, malicious attackers are able to breach organisational security via people interactions. This paper presents a security awareness training framework, which can be used to train operators of critical infrastructure, on various social engineering security threats such as spear phishing, baiting, pretexting, amongst others.
... However,a IoT's development has been restricted by the lack of regulation in the industry, which is still considered to be in its infancy [3,26]. e International organisation for Standardisation (ISO) has conducted many studies, particularly in the past ten years to determine the economic bene t of standardisation for businesses using emerging technologies. ...
IoT standardisation: challenges, perspectives and solution
Conference Paper
Full-text available
  • Jun 2018
The success and widespread adoption of the Internet of Things (IoT) has increased many folds over the last few years. Industries, technologists and home users recognise the importance of IoT in their lives. Essentially, IoT has brought vast industrial revolution and has helped automate many processes within organisations and homes. However, the rapid growth of IoT is also a cause for significant concern. IoT is not only plagued with security, authentication and access control issues, it also doesn't work as well as it should with fourth industrial revolution, commonly known as Industry 4.0. The absence of effective regulation, standards and weak governance has led to a continual downward trend in the security of IoT networks and devices, as well as given rise to a broad range of privacy issues. This paper examines the IoT industry and discusses the urgent need for standardisation, the benefits of governance as well as the issues affecting the IoT sector due to the absence of regulation. Additionally, through this paper, we are introducing an IoT security framework (IoTSFW) for organisations to bridge the current lack of guidelines in the IoT industry. Implementation of the guidelines, defined in the proposed framework, will assist organisations in achieving security, privacy, sustainability and scalability within their IoT networks.
... The attacker's options are to either hack the design computer or the lathe. A study has shown that attackers spend an average 200 days in a system before being detected [58]. On the manufacturer's side is the defender, who oversees the cyber security of the system. ...
Enhancing Cyber-Physical Security in Manufacturing through Game-Theoretic Analysis
Article
Full-text available
  • Oct 2018
Modern manufacturing systems utilize cyber-physical systems that are interconnected through an Internet of Things (IoT) network. An IoT infrastructure enables cyber-physical systems to communicate with each other and coordinate the manufacturing process autonomously with minimal human assistance. A significant challenge for cyber-physical systems is cyber security. Adversaries can exploit weaknesses in the IoT security infrastructure to gain remote access to the system and modify or damage manufacturing processes and/or products. Due to the autonomous nature of cyber-physical systems, cyberattacks can go unnoticed by the users for a long time, further compounding the problem. Attacks on cyber-physical systems are on the rise, and manufacturers need to address this problem. In this paper, we discuss how game-theoretic thinking and modeling can help to identify a manufacturer's cyber vulnerabilities and enhance its security. We consider various attack and defense scenarios and analyze each through the corresponding game-theoretic model. Our approach and findings can be used to improve the effectiveness and efficiency of security strategies for cyber-physical manufacturing systems.
... It could also be that larger businesses are becoming harder to attack, leading cyber criminals to look for easier targets. SMEs are thus in an unenviable position of being increasingly targeted by cyber criminals, and not having the financial resources to defend themselves as well as large companies can (Saleem et al., 2017;Wlasuk, 2012). ...
Refining the PoinTER “human firewall” pentesting framework
Article
  • Jun 2019
Purpose Penetration tests have become a valuable tool in the cyber security defence strategy in terms of detecting vulnerabilities. Although penetration testing has traditionally focussed on technical aspects, the field has started to realise the importance of the human in the organisation, and the need to ensure that humans are resistant to cyberattacks. To achieve this, some organisations “pentest” their employees, testing their resilience and ability to detect and repel human-targeted attacks. In a previous paper, the authors reported on PoinTER (Prepare TEst Remediate), a human pentesting framework, tailored to the needs of SMEs. This paper aims to propose improvements to refine the framework. The improvements are based on a derived set of ethical principles that have been subjected to ethical scrutiny Design/methodology/approach The authors conducted a systematic literature review of academic research, a review of actual hacker techniques, industry recommendations and official body advice related to social engineering techniques. To meet the requirements to have an ethical human pentesting framework, the authors compiled a list of ethical principles from the research literature which they used to filter out techniques deemed unethical. Findings Drawing on social engineering techniques from academic research, reported by the hacker community, industry recommendations and official body advice and subjecting each technique to ethical inspection, using a comprehensive list of ethical principles, the authors propose the refined GDPR-compliant and privacy respecting PoinTER framework. The list of ethical principles, as suggested, could also inform ethical technical pentests. Originality/value Previous work has considered penetration testing humans, but few have produced a comprehensive framework such as PoinTER. PoinTER has been rigorously derived from multiple sources and ethically scrutinised through inspection, using a comprehensive list of ethical principles derived from the research literature.
... Historically, IoT security has been an after-thought, rather than being considered throughout the design and development of a system. This after-thought approach has led to huge security problems within IoT networks due to no, or low security in IoT endpoints, within network gateways, and throughout the communication layers [103]. These vulnerabilities have led to attacks such as the 2016 Distributed Denial of Service (DDoS) attack against a small jewellery shop, who were under attack from more than 25000 IoT cameras. ...
Internet of Things: Evolution and Technologies from a Security Perspective
Article
  • Jul 2019
In recent years, IoT has developed into many areas of life including smart homes, smart cities, agriculture, offices, and workplaces. Everyday physical items such as lights, locks and industrial machineries can now be part of the IoT ecosystem. IoT has redefined the management of critical and non-critical systems with the aim of making our lives more safe, efficient and comfortable. As a result, IoT technology is having a huge positive impact on our lives. However, in addition to these positives, IoT systems have also attracted negative attention from malicious users who aim to infiltrate weaknesses within IoT systems for their own gain, referred to as cyber security attacks. By creating an introduction to IoT, this paper seeks to highlight IoT cyber security vulnerabilities and mitigation techniques to the reader. The paper is suitable for developers, practitioners, and academics, particularly from fields such as computer networking, information or communication technology or electronics. The paper begins by introducing IoT as the culmination of two hundred years of evolution within communication technologies. Around 2014, IoT reached consumers, early products were mostly small closed IoT networks, followed by large networks such as smart cities, and continuing to evolve into Next Generation Internet; internet systems which incorporate human values. Following this evolutionary introduction, IoT architectures are compared and some of the technologies that are part of each architectural layer are introduced. Security threats within each architectural layer and some mitigation strategies are discussed, finally, the paper concludes with some future developments.
... Information security management is a crucial challenge for the companies, as they aim to prevent the exposure to security and privacy threats to information systems and networking infrastructure. Although many of SMEs may have a minimal IT infrastructure to fight cyberattacks [13,14], they can act on a preliminary phase in order to gradually improve their security level. Therefore, organisations must ensure that their businesses processes, policies, and workforce behaviour allow them to minimize and mitigate some of the risks that are involved in their information systems and IT infrastructures [15,16]. ...
Information Security and Cybersecurity Management: A Case Study with SMEs in Portugal
Article
Full-text available
  • Apr 2021
Information security plays a key role in enterprises management, as it deals with the confidentiality, privacy, integrity, and availability of one of their most valuable resources: data and information. Small and Medium-sized enterprises (SME) are seen as a blind spot in information security and cybersecurity management, which is mainly due to their size, regional and familiar scope, and financial resources. This paper presents an information security and cybersecurity management project, in which a methodology based on the well-known ISO-27001:2013 standard was designed and implemented in fifty SMEs that were located in the center region of Portugal. The project was conducted by a business association located at the center of Portugal and mainly participated by SMEs. The Polytechnic of Leiria and an IT auditing/consulting team were the other two entities that participated on the project. The characterisation of the participating enterprises, the ISO-27001:2013 based methodology developed and implemented in SMEs, as well as the results obtained in this case study, are depicted and analysed in the paper. The attained results show a clear benefit to the audited and intervened SMEs, being mainly attested by the increasing of their information security management robustness and collaborators’ cyberawareness.
... There is a rich body of literature on cybersecurity management within commercial organisations. Plenty of research has been devoted to combating cybercrimes on the technical front, including the common threats organisations are facing (Saleem et al., 2017;Tounsi and Rais, 2018;Spremić and Šimunic, 2018), the technological challenges in addressing those threats (Stanciu and Tinca, 2017;Dambra et al., 2020;Zlomislić et al., 2017) and strategies to mitigate such challenges (Clim, 2019;Tselios et al., 2020;Chan et al., 2019). More recently, research has also focused on the human factors in managing cybersecurity risks for organisations of various sizes. ...
'They're all about pushing the products and shiny things rather than fundamental security' Mapping Socio-technical Challenges in Securing the Smart Home
Preprint
  • May 2021
Insecure connected devices can cause serious threats not just to smart home owners, but also the underlying infrastructural network as well. There has been increasing academic and regulatory interest in addressing cybersecurity risks from both the standpoint of Internet of Things (IoT) vendors and that of end-users. In addition to the current data protection and network security legal frameworks, for example, the UK government has initiated the 'Secure by Design' campaign. While there has been work on how organisations and individuals manage their own cybersecurity risks, it remains unclear to what extent IoT vendors are supporting end-users to perform day-to-day management of such risks in a usable way, and what is stopping the vendors from improving such support. We interviewed 13 experts in the field of IoT and identified three main categories of barriers to making IoT products usably secure: technical, legal and organisational. In this paper we further discuss the policymaking implications of these findings and make some recommendations.
... An important context-based variable to consider is represented by the outsourcing (or not) of cybersecurity management [8]. This can be due to the specific skills own by the organization [9], to the organizational dimension [10], [11], to the cybersecurity budget [12], and other contextual variables. As extensively demonstrated in other managerial research streams, there are significant differences in the effectiveness of managing internally or outsourcing organizational and business processes and cybersecurity processes are no exception [13], [14]. ...
The Effectiveness of Outsourcing Cybersecurity Practices: A Study of the Italian Context
Chapter
  • Jan 2022
The increasing number of cyber-attacks requires an organizational awareness about the disruptive effects of fraud attempts and acts of vandalism on business continuity and, sometimes, on company survival. The context influences the way companies use and adapt these theories in practice, so we consider in this study differences in the effectiveness of cybersecurity best practices between organizations that manage internally or outsource the cybersecurity processes. We conducted a study involving 153 managers’ experts in cybersecurity who responded to a survey on the effectiveness of NIST procedures. Results revealed significant differences in the effectiveness of managing cybersecurity in-house or outsource it. Specifically, major differences can be observed in the variables related to the use of disciplinary processes, the protection of log information, and the use of lessons learned to improve recovery plans. These differences provide further insights for cybersecurity management literature and a practical instrument for organizations willing to adapt their cyber processes to their organizational context.
... If a backup fails, it can simply be restarted. In contrast, a restoration is done in an emergency, and if it fails, the backup operation was all for nothing [17]. Companies therefore require simple frameworks to support restoration. ...
Automated Testing of Data Survivability and Restorability
Conference Paper
  • Nov 2021
Regular data backups are fundamental for protection against cyber-attacks and damage to infrastructure. To ensure a successful restoration, backed up data must be tested regularly for restorability to the company’s current environment. Cloud providers generally test their backedup data, but a testing framework is also required for locally stored files and databases. The paper proposes an automated test framework that validates the continued usability of backed up data for target restoration environments. The framework tests backups of Excel files, MySQL and Postgres databases, PDF documents and flat files.
The Impact of Cyber Attacks on E-Governance During the COVID-19 Pandemic
Chapter
  • Mar 2022
A cyber-attack can damage data, computer programs, and network one or more computers through applying different methods and cybercriminal's activities to steal information. The increasing of new technologies among the users facilities them. The cyber-attacks are growing tremendously. E-governance is an application of IT and giving online services. These days the world is completely focused on creating social distance among the people, and billions of peoples around the world are working from home (online activities) and shops, and businesses are closed in the COVID-19 pandemic, which the WHO recommended. A remarkable cyber-crime has been recorded by the researcher's study in this environment, affecting society and businesses. This research's primary objective is to find cyber-attacks that steal information in the COVID-19 pandemic and assess the user loss. The results of five years have been compared on the machine learning techniques.
Internet of things and ransomware: Evolution, mitigation and prevention
Article
Full-text available
  • May 2020
Internet of things architecture is the integration of real-world objects and places with the internet. This booming in technology is bringing ease in our lifestyle and making formerly impossible things possible. Internet of things playing a vital role in bridging this gap easily and rapidly. IoT is changing our lifestyle and the way of working the technologies, by bringing them together at the one page in several application areas of daily life. However, IoT has to face several challenges in the form of cyber scams, one of the major challenges IoT has to face is the likelihood of Ransomware attack. Ransomware is a malicious kind of software that restricts access to vital information in some way and demand payment for getting access to this information. The ransomware attack is becoming widespread daily, and it is bringing disastrous consequences, including loss of sensitive data, loss of productivity, data destruction, and loss of reputation and business downtime. Which further leads to millions of dollar daily losses due to the downtime. This is inevitable for organizations to revise their annual cybersecurity goals and need to implement proper resilience and recovery plan to keep business running. However, before proceeding towards providing a practical solution, there is a need to synthesize the existing data and statistics about this crucial attack to make aware to the researchers and practitioners. To fill this gap, this paper provides a comprehensive survey on evolution, prevention and mitigation of Ransomware in IoT context. This paper differs from existing in various dimensions: firstly, it provides deeper insights about Ransomware evolution in IoT. Secondly; it discusses diverse aspects of Ransomware attacks on IoT which include, various types of Ransomware, Current research in Ransomware, Existing techniques to prevent and mitigate Ransomware attacks in IoT along with the ways to deal with an affected machine, the decision about paying the ransom or not, and future emerging trends of Ransomware propagation in IoT. Thirdly, a summary of current research is also provided to show various directions of research. In sum, this detailed survey is expected to be useful for researchers and practitioners who are involved in developing solutions for IoT security.
A dynamic simulation approach to support the evaluation of cyber risks and security investments in SMEs
Article
The growing amount of cyberspace threats highlights the need to evaluate cybersecurity risks and to plan for effective investments. One document internationally recognized for cybersecurity risk management is the framework (Framework for Improving Critical Infrastructure Cybersecurity (Version 1.1), National Institute of Standards and Technology, 2014.) by the US National Institute of Standards and Technology (NIST). It provides guidelines, best practices and standards for cybersecurity risk management. Nevertheless, as other self-assessment frameworks, it produces a static view of an organization's cyber posture and does not capture the dynamics of organizational changes and cyberattacks. Moreover, the current situation sees small and medium enterprises (SMEs) in a critical position since they need to manage their cybersecurity while usually not enough skilled or equipped to internalize this process. Therefore, there is a need for a practical and easily applicable model able to identify a cybersecurity risk profile and its dynamics. This study proposes a system dynamics methodology and tool (SMECRA - SME Cyber Risk Assessment) for supporting cybersecurity investment decisions for SMEs through the evaluation of cyber risk and previous investments. SMECRA addresses dynamic organizational complexity and can be used to assess cyber risks and related dynamics over time. Three case studies demonstrate its capability to assess a SME's cybersecurity status and to evaluate investments impacts on an organization's risk profile, raising cybersecurity awareness. This study is important for SMEs wishing to manage their own cybersecurity risk and for insurance companies in their economic evaluation of residual risks that SMEs wish to externalize.
SME Cybersecurity awareness program 1
Technical Report
Full-text available
  • Mar 2020
This document provides a systematic literature review of previously executed studies that focused on cybersecurity awareness across small and medium-sized enterprises within the European Union. The study seeks to: (i) identify and classify the research papers published on the topic of cybersecurity awareness, (ii) analyse and evaluate the identified studies, (iii) summarise the detailed research results, and (iv) to make recommendations for future research.
Cybersecurity Issues and Challenges for E-Government During COVID-19: A Review
Chapter
  • Mar 2022
Cyber-attacks can steal information by applying different methods and activities of cyber criminals, thereby destroying data, computer programs, and networking on one or more computers. There is an increase in new technology among users, and it provides them with more convenience. On the other hand, cyber-attacks are increasing dramatically today. The world is completely focused on creating social distancing between people. During the WHO-recommended COVID-19 pandemic, billions of people around the world are working from home, with shops and businesses closed. In their investigation of the environment, researchers have uncovered a notable type of cybercrime that has an impact on society and businesses. The pandemic has accelerated the transition of government employees and businesses to an actual workplace ecosystem. Dramatic changes in the workplace have created new and multi-layered challenges in dealing with cybersecurity risks and threats. Cyber-attacks can create problems that are detrimental to the economy, human privacy, and national security. These attacks have different perspectives on the problem and need to be understood first. In this chapter, the authors highlight several essential concerns and challenges facing e-government development as well as different departments that provide e-services. They also focus on and peer evaluate the major concerns and challenges facing e-government growth from a holistic perspective, offering methodologies and policy recommendations to address them in a complete and inclusive manner.
LCCI: A framework for least cybersecurity controls to be implemented for small and medium enterprises (SMEs)
Article
  • Apr 2022
Globally Small and Medium Enterprises (SMEs) are the biggest contributors to the economy by providing two-thirds of global employment opportunities and more than half the GDP of the developed economies. Regardless of many existing cybersecurity standards or frameworks, SMEs are most vulnerable to cyber threats. SMEs face serious impacts on their existence if undergo successful cyber-attacks by cybercriminals. There is a need to understand the challenges SMEs are facing especially in the implementation of cybersecurity controls. Through a research survey conducted by authors where one hundred and fifteen SMEs voluntarily participated, this research paper will throw light on the current cybersecurity controls implementation posture for different SMEs, along with the challenges they are facing which are stopping them to decide, plan and implement cybersecurity controls. Further, using an analysis of the inputs and the core concepts of cybersecurity, the authors are also going to propose a recommended solution for SMEs.
Botnet Command and Control Traffic Detection Challenges A Correlation based Solution
Conference Paper
Full-text available
  • Dec 2016
Botnet Command and Control Traffic Detection Challenges: A Correlation-based Solution
Article
Full-text available
  • Apr 2017
While high-speed computer networking and the Internet brought great convenience, a number of security challenges also emerged with these technologies. Amongst different computer network security threats, like viruses and worms, botnets have become one of the most malicious threats over the Internet. In this paper, we describe key research challenges in developing effective intrusion detection systems for botnet command and control traffic detection. Then, we outline a new approach to address such challenges, which is based on voting between intrusion detection methods to collaboratively identify command and control traffic. Each detection method analyzes the network traffic to detect one technique used for command and control communications. Four detection methods are initially investigated, these are: malicious IP address, malicious SSL certificate, domain flux and Tor connection detection. Initial analysis shows that the proposed voting-based intrusion detection significantly reduces the number of false positive alerts.
Fog Computing for the Internet of Things: Security and Privacy Issues
Article
Full-text available
The inherent characteristics of Internet of Things (IoT) devices, such as limited storage and computational power, require a new platform to efficiently process data. The concept of fog computing has been introduced as a technology to bridge the gap between remote data centers and IoT devices. Fog computing enables a wide range of benefits, including enhanced security, decreased bandwidth, and reduced latency. These benefits make the fog an appropriate paradigm for many IoT services in various applications such as connected vehicles and smart grids. Nevertheless, fog devices (located at the edge of the Internet) obviously face many security and privacy threats, much the same as those faced by traditional data centers. In this article, the authors discuss the security and privacy issues in IoT environments and propose a mechanism that employs fog to improve the distribution of certificate revocation information among IoT devices for security enhancement. They also present potential research directions aimed at using fog computing to enhance the security and privacy issues in IoT environments.
Defence for Distributed Denial of Service Attacks in Cloud Computing
Article
Full-text available
  • Dec 2015
Cloud computing offers users high-end and scalable infrastructure at an affordable cost. Virtualisation is the key to unlocking cloud computing. Although virtualisation has great benefits to the users, the complexity in its structure, introduces unseen and forcible threats to the security of the data and to the system infrastructure. This investigates the exploitation of compromised virtual machines to execute large-scale Distributed Denial-of-Service (DDoS) attacks. A critical review of most recent intrusion detection and prevention systems to mitigate potential DDoS attacks is presented.
Cyber attacks in mechatronics systems based on Internet of Things
Conference Paper
  • Feb 2017
Internet of things (IoT) systems are becoming multidisciplinary day by day and integrating more and more mechanical, electrical, electronics, control and information disciplines. This integration is making mechatronics systems based on IoT easily available for public uses. Government organisations, different industries, healthcare systems and individual users are using these systems to store different kind of public, private, confidential and classified information. This is attracting cyber attackers to make cyber and cyber physical attacks to these systems. Currently, security policy researchers of both industries and academic institutes are analysing existing cyber attacks and are developing different types of techniques to protect the systems against potential cyber-threats and cyber attacks. This paper analyses the increasing exploitation of IoT based mechatronics system, which has created more opportunities for the current cybercrimes. Contemporary and important mitigation approaches for cyber-crimes have also been articulated in this paper.
Social Engineering Attack Strategies and Defence Approaches
Conference Paper
  • Aug 2016
This paper examines the role and value of information security awareness efforts in defending against social engineering attacks. It categories the different social engineering threats and tactics used in targeting employees and the approaches to defend against such attacks. While we review these techniques, we attempt to develop a thorough understanding of human security threats, with a suitable balance between structured improvements to defend human weaknesses, and efficiently focused security training and awareness building. Finally, the paper shows that a multi-layered shield can mitigate various security risks and minimize the damage to systems and data.
That ’Internet of Things’ Thing
Article
  • Jan 2009
Intrusion Detection and Countermeasure of Virtual Cloud Systems - State of the Art and Current Challenges
Article
  • Jun 2015
Clouds are distributed Internet-based platforms that provide highly resilient and scalable environments to be used by enterprises in a multitude of ways. Cloud computing offers enterprises technology innovation that business leaders and IT infrastructure managers can choose to apply based on how and to what extent it helps them fulfil their business requirements. It is crucial that all technical consultants have a rigorous understanding of the ramifications of cloud computing as its influence is likely to spread the complete IT landscape. Security is one of the major concerns that is of practical interest to decision makers when they are making critical strategic operational decisions. Distributed Denial of Service (DDoS) attacks are becoming more frequent and effective over the past few years, since the widely publicised DDoS attacks on the financial services industry that came to light in September and October 2012 and resurfaced in the past two years. In this paper, we introduce advanced cloud security technologies and practices as a series of concepts and technology architectures, from an industry-centric point of view. This is followed by classification of intrusion detection and prevention mechanisms that can be part of an overall strategy to help understand, identify and mitigate potential DDoS attacks on business networks. The paper establishes solid coverage of security issues related to DDoS and virtualisation with a focus on structure, clarity, and well-defined blocks for mainstream cloud computing security solutions and platforms. In doing so, we aim to provide industry technologists, who may not be necessarily cloud or security experts, with an effective tool to help them understand the security implications associated with cloud adoption in their transition towards more knowledge-based systems.
Two thirds of large UK businesses hit by cyber breach or attack in past year. http://www.agcs.allianz.com/global-oces/united-kingdom/newspress-uk/allianz-risk-barometer-2016-press-uk [Online
  • Allianz
Allianz. 2016. Two thirds of large UK businesses hit by cyber breach or aaack in past year. =hhp://www.agcs.allianz.com/global-ooces/united-kingdom/newspress-uk/allianz-risk-barometer-2016-press-uk/. (2016). [Online; accessed 8June-2017].
security-annual-threat-report2016-white-paper-197571.pdf,. (2016) [Online; accessed 8 [Online
  • Jun 2016
  • Dell
Dell. 2016. Dell Security Annual reat Report 2016. =hhp://www.neehreat.co.uk/assets/assets/dell-security-annual-threat-report2016-white-paper-197571.pdf,. (2016). [Online; accessed 8-June-2017]. [9] FBI. 2016. Public Service Announcement. =hhps://www.ic3.gov/media/2016/160317.aspx,. (2016). [Online; accessed 8-June-2017]. [10] FDA. 2016. Cybersecurity Vulnerabilities Identiied in St.
reeye.com/current-threats/annual-threat-report/mtrends.html,. (2017) [Online; accessed 8
  • Jun 2016
  • 3436717
  • Fireeye
FireEye. 2017. M-Trends 2017 Cyber Security Trends. =hhps://www..reeye.com/current-threats/annual-threat-report/mtrends.html,. (2017). [Online; accessed 8-June-2017]. [12] Gartner. 2016. Gartner Says Organizations Must Update eir Network Access Policy to Address AAack of IoT Devices. =hhp://www.gartner.com/newsroom/id/3436717. (2016). [Online; accessed 8-June-2017].
Two thirds of large UK businesses hit by cyber breach or aŠack in past year. =https://www.gov.uk/government/news/two-thirds-of-large-ukbusinesses-hit-by-cyber-breach-or-aŠack-in-past-year. (2016) [Online
  • Gov
  • Co
  • Uk
Gov.co.uk. 2016. Two thirds of large UK businesses hit by cyber breach or aaack in past year. =hhps://www.gov.uk/government/news/two-thirds-of-large-ukbusinesses-hit-by-cyber-breach-or-aaack-in-past-year. (2016). [Online; accessed 8-June-2017].
Estimating the global cost of cybercrime
  • Mcafee
McAfee. 2014. Estimating the global cost of cybercrime. h ps://www.mcafee. com/de/resources/reports/rp-economic-impact-cybercrime2.pdf. (2014). [Online; accessed 19-July-2017].
Hackers Spend Over 200 Days Inside Systems Before Discovery. =https://www.infosecurity-magazine.com/news/hackers-spend-over-200-daysinside [Online; accessed 8
  • Phil Infosecurity Magazine
  • Uk Muncaster
  • Emea News
  • Reporter
Infosecurity Magazine Phil Muncaster UK / EMEA News Reporter. 2015. Hackers Spend Over 200 Days Inside Systems Before Discovery. =hhps://www.infosecurity-magazine.com/news/hackers-spend-over-200-daysinside/,. (2015). [Online; accessed 8-June-2017].
Roundup Of Internet of ings Forecasts And Market Estimates
  • Jun 2015
  • Louis Columbus
Louis Columbus. 2015. Roundup Of Internet of ings Forecasts And Market Estimates, 2015. =h ps://goo.gl/I90ewy. (2015). [Online; accessed 8-June-2017].
Dell Security Annual Threat Report =http://www.neshreat.co.uk/assets/assets/dell-security-annual-threat-report-2016-white-paper-197571.pdf,. (2016) [Online; accessed 8
  • Dell
Cyber Security Trends for
  • Navigant
Hackerpocalypse Cybercrime Report
  • Jun 2016
  • Cybersecurity Ventures
Cybersecurity Ventures. 2016. Hackerpocalypse Cybercrime Report. =h p://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/. (2016). [Online; accessed 8-June-2017].
M-Trends 2017 Cyber Security Trends. =https://www.reeye.com/current-threats/annual-threat-report/mtrends.html,. (2017) [Online; accessed 8
  • Fireeye
Gartner Says Organizations Must Update Their Network Access Policy to Address AŠack of IoT Devices [Online; accessed 8
  • Gartner
Vault 7: CIA Hacking Tools Revealed
  • Jan 2017
  • Wikipedia
Wikipedia. 2017. Vault 7: CIA Hacking Tools Revealed. =h ps://wikileaks.org/ciav7p1/index.html,. (2017).
Public Service Announcement
  • Fbi
FBI. 2016. Public Service Announcement. =h ps://www.ic3.gov/media/2016/160317.aspx,. (2016). [Online; accessed 8-June-2017].
Cybersecurity Vulnerabilities Identified in St. Jude Medical's Implantable Cardiac Devices and Merlin
  • Fda
FDA. 2016. Cybersecurity Vulnerabilities Identi ed in St. Jude Medical's Implantable Cardiac Devices and Merlin. =h ps://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm535843.htm.. (2016). [Online; accessed 8-June-2017].
Gartner Says Organizations Must Update Their Network Access Policy to Address Attack of IoT Devices
  • Gartner
Gartner. 2016. Gartner Says Organizations Must Update eir Network Access Policy to Address A ack of IoT Devices. =h p://www.gartner.com/newsroom/id/3436717. (2016). [Online; accessed 8-June-2017].
Two thirds of large UK businesses hit by cyber breach or attack in past year
  • Co Gov
Gov.co.uk. 2016. Two thirds of large UK businesses hit by cyber breach or a ack in past year. =h ps://www.gov.uk/government/news/two-thirds-of-large-ukbusinesses-hit-by-cyber-breach-or-a ack-in-past-year. (2016). [Online; accessed 8-June-2017].
Connected devices create millions of cyber security weak spots
  • Jun 2016
Financial Times. 2016. Connected devices create millions of cyber security weak spots. =h ps://www..com/content/a63b2de8-992c-11e6-8f9b-70e3cabccfae. (2016). [Online; accessed 8-June-2017].