Cyber Defense - Science topic

Though multilevel, in-depth information protection systems are employed to defend against unknown cyber threats, vulnerabilities in these systems are frequently exploited by cyberattacks. As a result, it becomes challenging to comprehensively counter these attacks within a constrained time frame. When a cyberattack is detected, immediate measures a...

The Summer issue 2023 of the Cyber Defense Review

C6ISR Training Workshop is a comprehensive program that provides participants with a deep understanding of Command, Control, Communications, Computers, Cyber-Defense, and Combat Systems (C6ISR). In today’s complex operational environments, the effective integration of these critical components is vital for success in defense and security operations...

Citation: Flor-Unda, O.; Simbaña, F.; Larriva-Novo, X.; Acuña, Á.; Tipán, R.; Acosta-Vargas, P. A Comprehensive Analysis of the Worst Cybersecurity Vulnerabilities in Latin America. Informatics 2023, 10, 71. https://doi.org/10.3390/ Abstract: Vulnerabilities in cyber defense in the countries of the Latin American region have favored the activities...

Online Guest Lecture on Cybersecurity threat landscape, Cyber defense, and Countermeasures on 16 September 2023, Saturday at SRM University, SRM Institute of Science & Technology, College of Engineering, Department of CSE.

As the world becomes increasingly militarized in cyberspace with the proliferation of offensive cyber capabilities, nation-states are struggling to build up their operational cyber capacity and establish a military cyber force in the form of an organized cyber command. This article discusses the challenges of balancing the imperative of cyber offen...

Intrusion detection systems (IDS) reinforce cyber defense by autonomously monitoring various data sources for traces of attacks. However, IDSs are also infamous for frequently raising false positives and alerts that are difficult to interpret without context. This results in high workloads on security operators who need to manually verify all repor...

By integrating the Explainable AI (XAI) into Marine cyber defense systems, the lack of trustworthiness, and low interpretability of complex black box Intrusion Detection Systems (IDS) models can be satisfied. XAI is a key focus, especially in achieving a Zero trust cybersecurity strategy in Marine communication networks. In this article we develop...

Information technology supports almost all aspects of life today, but the pace of development in this area is extremely rapid. The more we depend on electronic information systems, the more we are exposed to them. If IT services become unavailable, our business processes will also suffer. In the future, we will have to take more and more account of...

Artificial Intelligence (AI) has gripped modern society as a viable approach to revolutionize operational capabilities across multiple industries. One critical application area that could stand to benefit from the capabilities of AI is cybersecurity. Increasingly, federal funding agencies such as the National Science Foundation are calling for enha...

When dealing with large graphs, community detection is a useful data triage tool that can identify subsets of the network that a data analyst should investigate. In an adversarial scenario, the graph may be manipulated to avoid scrutiny of certain nodes by the analyst. Robustness to such behavior is an important consideration for data analysts in h...

There have been recent adversarial attacks that are difficult to find. These new adversarial attacks methods may pose challenges to current deep learning cyber defense systems and could influence the future defense of cyberattacks. The authors focus on this domain in this research paper. They explore the consequences of vulnerabilities in AI system...

Undoubtedly, the evolution of Generative AI (GenAI) models has been the highlight of digital transformation in the year 2022. As the different GenAI models like ChatGPT and Google Bard continue to foster their complexity and capability, it’s critical to understand its consequences from a cybersecurity perspective. Several instances recently have de...

As the financial sectors in the United States deal with expanding cyberthreats and a rising danger of financial crime, cybersecurity has become a top priority. This paper examines the crucial cybersecurity techniques used by financial institutions to protect client information and counter the growing risk of financial fraud. It proves that understa...

Keywords Abstract Cyber hygiene Education Identification Prevention Cooperation In recent years, societies around the world have made great strides in the field of information and communication technology. Albania ranks among the countries where the development of technology, access to the Internet and the computerization of society progresses very...

In this study, the methodology of cyber-resilience in small and medium-sized organizations (SMEs) is investigated, and a comprehensive solution utilizing prescriptive malware analysis, detection and response using open-source solutions is proposed for detecting new emerging threats. By leveraging open-source solutions and software, a system specifi...

The use of virtual assistants has grown significantly in recent years. This growth can be attributed to the prevalence of mobile devices and advances in the Internet of Things (IoT). While virtual assistants are widely used for interpersonal and social purposes such as ordering items from restaurants, creating reminders, and communicating with peer...

Undoubtedly, the evolution of Generative AI (GenAI) models has been the highlight of digital transformation in the year 2022. As the different GenAI models like ChatGPT and Google Bard continue to foster their complexity and capability, it's critical to understand its consequences from a cybersecurity perspective. Several instances recently have de...

The United States has undergone a remarkable metamorphosis, transitioning from its position as a formidable cyber superpower to assuming the pivotal role of a global protector, effectively shaping and influencing the cybersecurity practices of nations across the globe. This comprehensive article delves into the intricate dimensions and multifaceted...

As Internet of Things (IoT) technology grows, so does the threat of malware infections. A proposed countermeasure, the use of benevolent "white worms" to combat malicious "black worms", presents unique ethical and practical challenges. This study examines these issues via network epidemiology models and simulations, considering the propagation dyna...

Generative Artificial Intelligence (GenAI) has emerged as a powerful technology capable of autonomously producing highly realistic content in various domains, such as text, images, audio, and videos. With its potential for positive applications in creative arts, content generation, virtual assistants, and data synthesis, GenAI has garnered signific...

The information security landscape continually evolves with increasing publicly known vulnerabilities (e.g., 25064 new vulnerabilities in 2022). Vulnerabilities play a prominent role in all types of security related attacks, including ransomware and data breaches. Vulnerability Risk Management (VRM) is an essential cyber defense mechanism to elimin...

Smart homes present a serious challenge for the aged and those with mobility issues due to the environment's inherent danger. Unwary people have the propensity to fall over when bending over in these settings. Here, they show two time-based reasoning models to identify incidents of potentially fatal falls that have not been accounted for (CM-I and...

Cybersecurity systems have become increasingly important as businesses and individuals rely more on technology. However, the increasing complexity of these systems and the evolving nature of cyber threats require innovative solutions to protect against cyber attacks. One promising approach is the idea of autonomous self-learning and auto-training n...

Designing cyber defense systems to account for cognitive biases in human decision making has demonstrated significant success in improving performance against human attackers. However, much of the attention in this area has focused on relatively simple accounts of biases in human attackers, and little is known about adversarial behavior or how defe...

It is a fact, that important information related to systems’ behavior and dynamics, can be revealed as time passes. Observing changes over time, can often lead to the detection of patterns and trends that might not be immediately apparent from a single system’s snapshot. Additionally, the concept of time can be essential in understanding cause-and-...

Researcher at CISS-AJK. He holds an MPhil degree in International Relations from Quaid I Azam University, Islamabad. Pakistan is one of the few countries in the world that possess nuclear weapons. Since the acquisition of these weapons, there have been several attempts to spread propaganda against Pakistan's nuclear program. Moreover, it is also im...

The ongoing conflict between Russia and Ukraine has a significant cyber dimension. The two countries have engaged in various cyber operations and attacks against each other in an attempt to gain strategic advantage. Russia has been accused of being behind several cyber attacks against Ukraine, including the 2014 cyber attack on the Ukrainian power...

In cyber threat situations, the establishment of a shared situational awareness as a basis for cyber defense decision-making results from adequate communication of a Recognized Cyber Picture (RCP). RCPs consist of actively selected information and have the goal of accurately presenting the severity and potential consequences of the situation. RCPs...

Attack paths are the potential chain of malicious activities an attacker performs to compromise network assets and acquire privileges through exploiting network vulnerabilities. Attack path analysis helps organizations to identify new/unknown chains of attack vectors that reach critical assets within the network, as opposed to individual attack vec...

In fifth Generation (5G) networks, protection from internal attacks, external breaches, violation of confidentiality, and misuse of network vulnerabilities is a challenging task. Various approaches, especially deep-learning (DL) prototypes, have been adopted in order to counter such challenges. For 5G network defense, DL module are recommended here...

Automated Intelligent Cyberdefense Agents (AICAs) that are part Intrusion Detection Systems (IDS) and part Intrusion Response Systems (IRS) are being designed to protect against sophisticated and automated cyber-attacks. An AICA based on the ideas of Self-Adaptive Autonomic Computing Systems (SA-ACS) can be considered as a managing system that prot...

In this paper, we analyze the infection spreading dynamics of malware in a population of cyber nodes (i.e., computers or devices). Unlike most prior studies where nodes are reactive to infections, in our setting some nodes are active defenders meaning that they are able to clean up malware infections of their neighboring nodes, much like how spread...

Unlabelled: Despite pronouncements about the inevitable diffusion of artificial intelligence and autonomous technologies, in practice, it is human behavior, not technology in a vacuum, that dictates how technology seeps into-and changes-societies. To better understand how human preferences shape technological adoption and the spread of AI-enabled...

The internet is becoming increasingly pervasive in the daily lives of individuals across the world, serving many purposes such as email communication, online exploration, and financial transactions. However, as technology advances, cyber criminals also become more sophisticated in their attacks, posing a growing risk to individuals and organization...

Despite pronouncements about the inevitable diffusion of artificial intelligence and autonomous technologies, in practice it is human behavior, not technology in a vacuum, that dictates how technology seeps into -- and changes -- societies. In order to better understand how human preferences shape technological adoption and the spread of AI-enabled...

Attackers compromise organizations with increasingly sophisticated ways, such as Advanced Persistent Threat (APT) attackers. Usually, such attacks have the intention to exploit endpoints to gain access to critical data. For security controls and defense evaluation, organizations may employ offensive security activities. The most important one is pe...

Organizations and individuals worldwide are becoming increasingly vulnerable to cyberattacks as phishing continues to grow and the number of phishing websites grows. As a result, improved cyber defense necessitates more effective phishing detection (PD). In this paper, we introduce a novel method for detecting phishing sites with high accuracy. Our...

Due to its reliance on cryptographic techniques to ensure a high level of security, Blockchain technologies are witnessing widespread adoption in many domains ranging from decentralized Finance (DeFi), contract management, e-health, and cyber defense, to IoT among many others. However, quantum computing makes some cryptographic techniques used in t...

Represented by reactive security defense mechanisms, cyber defense possesses a static, reactive, and deterministic nature, with overwhelmingly high costs to defend against ever-changing attackers. To change this situation, researchers have proposed moving target defense (MTD), which introduces the concept of an attack surface to define cyber defens...

This chapter introduces the concept of Autonomous Intelligent Cyber-defense Agents (AICAs), and briefly explains the importance of this field and the motivation for its emergence. AICA is a software agent that resides on a system, and is responsible for defending the system from cyber compromises and enabling the response and recovery of the system...

Call for Book Chapters ! We are pleased to invite you to contribute a book chapter (20-25 pages) for our upcoming book which will be published by CRC Press. Topics invited (but not limited to): 1. BCT for Cybersecurity and Cyber Defense 2. BCT for Data and Information Security 3. BCT-enabled Tools and Techniques for Web Security 4. BCT for Digit...

The Spring 2023 Cyber Defense Review.

We implemented and evaluated an automated cyber defense agent. The agent takes security alerts as input and uses reinforcement learning to learn a policy for executing predefined defensive measures. The defender policies were trained in an environment intended to simulate a cyber attack. In the simulation, an attacking agent attempts to capture tar...

Given the increase in cybercrime, cybersecurity analysts (i.e. Defenders) are in high demand. Defenders must monitor an organization's network to evaluate threats and potential breaches into the network. Adversary simulation is commonly used to test defenders' performance against known threats to organizations. However, it is unclear how effective...

A big problem of our time is the constant increase in the energy used. An efficient energy household is one possible solution. Increasing efficiency requires examining the energy balance. System disturbance is one of the factors influencing the energy balance of systems. Social Engineering is a form of system disruption that manifests itself in cov...

Cyber resilience is the ability of a system to resist and recover from a cyber attack, thereby restoring the system's functionality. Effective design and development of a cyber resilient system requires experimental methods and tools for quantitative measuring of cyber resilience. This paper describes an experimental method and test bed for obtaini...

Network traffic analysis can raise privacy concerns due to its ability to reveal sensitive information about individuals and organizations. This paper proposes a privacy-preserving Block-chained AutoML Network Traffic Analyzer (BANTA). The system securely stores network traffic logs in a decentralized manner, providing transparency and security. Di...

Generative Language Models gained significant attention in late 2022 / early 2023, notably with the introduction of models refined to act consistently with users' expectations of interactions with AI (conversational models). Arguably the focal point of public attention has been such a refinement of the GPT3 model -- the ChatGPT and its subsequent i...

The views expressed by this paper are those of the author and do not reflect the official policy or position of the U.S. Department of Defense, or the U.S. Government or any of the U.S. Government’s affiliated entities or agencies. The content of this paper is solely written by the author. It does not include any commercial or proprietary software...

Hands-on and practical learning has been key to cybersecurity education and training success. Cyber Defense Exercises (CDX) are a common approach to training, testing, and verifying technical and soft skills. However, full-scale CDX implementation is also an expensive training event. In order to advance such exercises to the next level, CDX organiz...

Cybersecurity information sharing (CIS) is important in different business processes to secure data transmission, because it comprises Internet of Things (IoT) connectivity, workflow automation, collaboration, and communication. The shared information is influenced by intermediate users and alters the originality of the information. Although risk f...

Moving Target Defense and Cyber Deception emerged in recent years as two key proactive cyber defense approaches, contrasting with the static nature of the traditional reactive cyber defense. The key insight behind these approaches is to impose an asymmetric disadvantage for the attacker by using deception and randomization techniques to create a dy...

Cyber security encompasses a broad range of practices, tools and concepts related closely to those of information and operational technology security. Cyber security is distinctive in its inclusion of the offensive use of information technology to attack adversaries. Use of the term cyber security as a key challenge and a synonym for information se...

This paper discusses an in-progress study involving the use of deep reinforcement learning (DRL) to mitigate the effects of an advanced cyber-attack against industrial control systems (ICS). The research is a qualitative, exploratory study which emerged as a gap during the execution of two rapid prototyping studies. During these studies, cyber defe...

In cyber defense, we must contend with the massive amounts of data being generated in a variety of different formats and speeds. Unfortunately, traditional tools and methods are not meeting the requirements for scale and speed and rely too heavily on heuristics. Advancements in mobile technologies and the Internet of Things (IoTs) will continue to...

The work analyzes threats at seven layers of the Open Systems Interconnection reference model. Special attention is paid to the critical Transport Layer, one of the most desirable layers for an adversary to attack, and cyber defense techniques at this layer. The importance of protection against «Denial of Service» attacks at the Transport Layer has...

Recent years have witnessed increasing cyber-attack reports, e.g., the false data injection (FDI) cyber-attacks, which result in massive damage to power systems. This paper proposes a cost-effective two-stage cyber-defense strategy, which minimizes the FDI attack-induced region in the system planning stage, followed by the cybersecurity margin maxi...

In place of in-house solutions, organizations are increasingly moving towards managed services for cyber defense. Security Operations Centers are specialized cybersecurity units responsible for the defense of an organization, but the large-scale centralization of threat detection is causing SOCs to endure an overwhelming amount of false positive al...

We model a vehicle equipped with an autonomous cyber-defense system in addition to its inherent physical resilience features. When attacked, this ensemble of cyber-physical features (i.e., ``bonware'') strives to resist and recover from the performance degradation caused by the malware's attack. We model the underlying differential equations govern...

It is challenging for a security analyst to detect or defend against cyber-attacks. Moreover, traditional defense deployment methods require the security analyst to manually enforce the defenses in the presence of uncertainties about the defense to deploy. As a result, it is essential to develop an automated and resilient defense deployment mechani...

The Russian attack on Ukraine has brought the question of the German Armed Forces’ operational capability back into focus. National defense, which seemed to play only a minor role with the end of the Cold War and the dissolution of the Warsaw Pact and the Soviet Union in 1991, now has gained a higher political priority again. In his government decl...

Background Cyber defense decision-making during cyber threat situations is based on human-to-human communication aiming to establish a shared cyber situational awareness. Previous studies suggested that communication inefficiencies were among the biggest problems facing security operation center teams. There is a need for tools that allow for more...

This article explains the use of people's personal data to state security data that is currently interconnected and circulating on the internet network. Regulation of the Minister of Defense No. 16 years 2010 which mandated the establishment of a digital technology defense concept in Indonesia. Data surveillance is carried out physically and logica...

One of the promises of AI in the military domain that seems to guarantee its adoption is its broad applicability. In a military context, the potential for AI is present in all operational domains (i.e., land, sea, air, space, and cyber-space) and all levels of warfare (i.e., political, strategic, operational , and tactical). However, despite the po...

Background: Cyber operations unfold at superhuman speeds where cyber defense decisions are based on human-to-human communication aiming to achieve a shared cyber situational awareness. The recently proposed Orient, Locate, Bridge (OLB) model suggests a three-phase metacognitive approach for successful communication of cyber situational awareness fo...

With the significant growth of the cyber environment over recent years, defensive mechanisms against adversaries have become an important step in maintaining online safety. The adaptive defense mechanism is an evolving approach that, when combined with nature-inspired algorithms, allows users to effectively run a series of artificial intelligence-d...

Cybersecurity is the field where time plays a major role. Within a blink of an eye, things can get out of hand. Most of the approach the attackers use nowadays utilize the power of Artificial Intelligence which can easily outperform the traditional tools and approach used for Cyber Defense. For addressing this problem, we are proposing a system tha...

Cybersecurity is a top priority in industry, academia, and government, and information sharing about cyber-threats between different organizations has the potential to maximize vulnerability discovery while minimizing cost. Sharing information about cyber-threats can reduce the chances of an attacker exploiting the same vulnerability to launch mult...

Modern achievements of science and technology have allowed a person to create not only computing equipment, but also to build a new virtual space "cyberspace". With the emergence of cyberspace, the process of cyber socialization of the individual began at the same time, complementing this property with the interaction and communication of a person...

The goal of this study is to investigate mathematical concepts and quantitative measures of robustness and vulnerability of machine learning systems to adversarial data and develop computational methods capable of quantitatively evaluating the robustness and vulnerability of deep learning tools that can be applied in cybersecurity settings. The fir...

Artificial intelligence has the potential to address many societal, economic, and environmental challenges, but only if AI-enabled gadgets are kept secure. Many artificial intelligence (AI) models produced in recent years can be hacked by utilizing cutting-edge techniques. This issue has sparked intense research into adversarial AI to develop machi...

Planiranje kibernetičke sigurnosti unutar složenog sustava i primjena njezinih načela i postupaka ima cilj (eng. end) postići otpornost sustava u kibernetičkom prostoru tj. kibernetičku otpornost (eng. Cyber Resilience). Svrha složenoga sustava je izvršavanje misije (zadaće, poslanja) kao skupa sposobnosti i sklonosti s obzirom na unutarnje i vanjs...