Snatched secrets: Cybercrime and trade secrets modelling a firms decision to report a theft of trade secrets
اسرار ربوده شده: جرایم سایبری و اسرار تجاری مدل سازی تصمیم یک شرکت برای گزارش سرقت اسرار تجاری-2019
Cybercrime and economic espionage are increasing problems for firms. We build on US FBI policy to frame the interaction between a cybercrime victim firm and a government security agency. We bring together several strands in the literature to model the strategies of the firm, which has suffered a cy- ber breach and theft of trade secrets, and the government security agency, which must investigate and prosecute crimes. We investigate the interactions between these two players, in which the firm has pri- vate information about its cybersecurity investment. This investment level is unknown to the security agency, which must nonetheless decide how to prioritize reported crime. We model this asymmetric in- formation problem within a game theoretic signaling framework derived from Becker’s work in crime and punishment. We suggest that such a framework can inform policy to encourage security investments by firms and more efficient resource utilization by security agencies. We particularly focus on an illustrative stylized example to highlight how our modelling approach can be helpful. In this example we compare two worlds; one where all security breaches become public knowledge and another where only reported breaches become public knowledge. We then formulate two potentially testable Hypotheses and several implications of these Hypotheses. Case studies and a policy analysis further highlight how our framework plays out in reality
Keywords: Cyber security | Cybercrime | Trade secrets | Economic espionage | Cyber breaches
Attack and anomaly detection in IoT sensors in IoT sites using machine learning approaches
حمله و تشخیص ناهنجاری در سنسورهای IoT در سایت های IoT با استفاده از روشهای یادگیری ماشین-2019
Attack and anomaly detection in the Internet of Things (IoT) infrastructure is a rising concern in the domain of IoT. With the increased use of IoT infrastructure in every do- main, threats and attacks in these infrastructures are also growing commensurately. De- nial of Service, Data Type Probing, Malicious Control, Malicious Operation, Scan, Spying and Wrong Setup are such attacks and anomalies which can cause an IoT system failure. In this paper, performances of several machine learning models have been compared to predict attacks and anomalies on the IoT systems accurately. The machine learning (ML) algorithms that have been used here are Logistic Regression (LR), Support Vector Machine (SVM), Decision Tree (DT), Random Forest (RF), and Artificial Neural Network (ANN). The evaluation metrics used in the comparison of performance are accuracy, precision, recall, f1 score, and area under the Receiver Operating Characteristic Curve. The system obtained 99.4% test accuracy for Decision Tree, Random Forest, and ANN. Though these techniques have the same accuracy, other metrics prove that Random Forest performs comparatively better.
Keywords: Internet of Things (IoT) | Machine Learning | Cybersecurity | Anomaly detection
A survey on cybersecurity, data privacy, and policy issues in cyber-physical system deployments in smart cities
مروری بر امنیت سایبری ، حریم خصوصی داده ها و مسائل مربوط به سیاست در استقرار سیستم سایبر فیزیکی در شهرهای هوشمند-2019
Deployments of Cyber Physical Systems (CPSs) in smart cities are poised to significantly improve healthcare, transportation services, utilities, safety, and environmental health. However, these efficiencies and service improvements will come at a price: increased vulnerability and risk. Smart city deployments have already begun to proliferate, as have the upsides, efficiencies, and cost-savings they can facilitate. There are, however, proliferating challenges and costs as well. These challenges include important technical questions, but equally important policy and organizational questions. It is important to understand that these policy and technical implementation hurdles are perhaps equally likely to slow or disable smart city implementation efforts. In this paper, a survey of the theoretical and practical challenges and opportunities are enumerated not only in terms of their technical aspects, but also in terms of policy and governance issues of concern..
Keywords: Smart cities | Cyber security | Government policy making | Cryptography | Security and privacy | Authentication
Friction, snake oil, and weird countries: Cybersecurity systems could deepen global inequality through regional blocking
اصطکاک، روغن مار، و کشورهای عجیب و غریب: سیستم های امنیت سایبری می تواند نابرابری جهانی را از طریق مسدود سازی منطقه ای تقویت کند-2019
In this moment of rising nationalism worldwide, governments, civil society groups, transnational companies, and web users all complain of increasing regional fragmentation online. While prior work in this area has primarily focused on issues of government censorship and regulatory compliance, we use an inductive and qualitative approach to examine targeted blocking by corporate entities of entire regions motivated by concerns about fraud, abuse, and theft. Through participant-observation at relevant events and intensive interviews with experts, we document the quest by professionals tasked with preserving online security to use new machine-learning based techniques to develop a ‘‘fairer’’ system to determine patterns of ‘‘good’’ and ‘‘bad’’ usage. However, we argue that without understanding the systematic social and political conditions that produce differential behaviors online, these systems may continue to embed unequal treatments, and troublingly may further disguise such discrimination behind more complex and less transparent automated assessment. In order to support this claim, we analyze how current forms of regional blocking incentivize users in blocked regions to behave in ways that are commonly flagged as problematic by dominant security and identification systems. To realize truly global, non-Eurocentric cybersecurity techniques would mean incorporating the ecosystems of service utilization developed by marginalized users rather than reasserting norms of an imagined (Western) user that casts aberrations as suspect.
Keywords: Regional blocking | machine learning | classification | inequality | discrimination | security
A cybercrime incident architecture with adaptive response policy
معماری حوادث سایبری با سیاست واکنش تطبیقی-2019
Handling and mitigating the cybercrime incidents (CIs) have attracted significant research attention, over the last years, due to their increasing frequency of occurrence. However, the term cybercrime is often used interchangeably with other technology-linked malicious acts, such as cyberwarfare, and cyberterrorism, leading to misconceptions. In addition, there does not exist a management framework which would classify CIs, qualitatively and quantitatively evaluate their occurrence and promptly align them with appropriate measures and policies. This work introduces a Cybercrime Incident Architecture that enables a comprehensive cybercrime embodiment through feature identification, offence classification mechanisms, threats’ severity labeling and a completely novel Adaptive Response Policy (ARP) that identifies and interconnects the relevant stakeholders with preventive measures and response actions. The proposed architecture consists of four separate complementary components that lead to a manually – and in the future automatically – generated ARP. The idea is to build a holistic framework toward automated cybercrime handling. A criminal case study is selected to validate the introduced framework and highlight its potentiality to evolve into a CI expert system.
Keywords: Cybercrime incident | Offence classification system | Cyber-security | Threat severity | Security and privacy | Investigation techniques | Social engineering attacks | Malware/spyware crime
Deep Learning Clusters in the Cognitive Packet Network
خوشه های یادگیری عمیق در شبکه بسته های شناختی-2019
The Cognitive Packet Network (CPN) bases its routing decisions and flow control on the Random Neural Network (RNN) Reinforcement Learning algorithm; this paper proposes the addition of a Deep Learning (DL) Cluster management structure to the CPN for Quality of Service metrics (Delay Loss and Bandwidth), Cyber Security keys (User, Packet and Node) and Management decisions (QoS, Cyber and CEO). The RNN already models how neurons transmit information using positive and negative impulsive signals whereas the proposed additional Deep Learning structure emulates the way the brain learns and takes decisions; this paper presents a brain model as the combination of both learning algorithms, RNN and DL. The pro- posed model has been simulated under different network sizes and scenarios and it has been validated against the CPN itself without DL clusters. The simulation results are promising; the presented CPN with DL clusters as a mechanism to transmit, learn and make packet routing decisions is a step closer to em- ulate the way the brain transmits information, learns the environment and takes decisions.
Keywords: Random Neural Network | Deep Learning Clusters | Cognitive Packet Network | QoS | Cybersecurity | Routing
Real-time secure communication for Smart City in high-speed Big Data environment
ارتباط امن در زمان واقعی برای شهر هوشمند در محیط داده های بزرگ با سرعت بالا-2018
The recent development in the technology brings the concept of Smart City that is achieved through real-time city related intelligent decisions by analyzing the data harvested from various smart systems in the city using millions of sensors and devices connected over the Internet, termed as Internet of Things (IoT). These devices generate the overwhelming volume of high-speed streaming data, termed as Big Data. However, the generation of city data at a remote location and then transmitting it to central city servers for analysis purpose raises the concerns of security and privacy. On the other hand, providing security to such Big Data streaming requires a high-speed security system that can work in a real-time environment without providing any delay that may slow down the overall performance of the Smart City System. To overthrown these challenges, in this paper, we proposed an efficient and real-time Smart City security system by providing strong intrusion detection at intelligent city building (ICB) and also a security protocol to protect the communication between the remote smart system(RSS)/User and the city analysis building, i.e., ICB. The proposed communication security protocol consists of various phases, i.e., registration phase, session key exchange phase, session key revocation phase, and data transmission phases from RSS to ICB as well as from User to ICB. Vast security analyses are performed to evaluate the credibility of the system. The proposed system is also evaluated on efficiency in terms of computation cost and throughput of overall functions used in the system. The system’s evaluation and the comparative study with existing system show that the prosed system is secure, more efficient, and able to work in a real-time, high-speed Smart City environment.
Keywords: Smart City ، Big Data ، Internet of Things (IoT) ، Communication security ، Cyber security
The impact of China’s 2016 Cyber Security Law on foreign technology firms, and on China’s big data and Smart City dreams
تأثیر قانون امنیت سایبری 2016 چین در مورد شرکت های فن آوری خارجی، و داده های بزرگ چین و رویاهای شهرهای هوشمند-2018
Chinese officials are increasingly turning to a policy known as Informatisation, connecting industry online, to utilise technology to improve efficiency and tackle economic develop mental problems in China. However, various recent laws have made foreign technology firms uneasy about perceptions of Rule of Law in China. Will these new laws, under China’s stated policy of “Network Sovereignty” (“网络主权” “wangluo zhuquan”) affect China’s ability to attract foreign technology firms, talent and importantly technology transfers? Will they slow China’s technology and Smart City drive? This paper focuses on the question of whether interna tional fears of China’s new Cyber Security Law are justified. In Parts I and II, the paper analyses why China needs a cyber security regime. In Parts III and IV it examines the law itself.
Keywords: China ، Big data ، The Internet of Things ، Smart Cities ، Network Sovereignty ، Rule of Law ، Cyber Security Laws
A Bi-objective Hyper-Heuristic Support Vector Machines for Big Data Cyber-Security
یک بردار حمایتی بیش از حد حقیقی بی هدف ماشین آلات برای داده های بزرگ امنیت سایبری -2018
Cyber security in the context of big data is known to be a critical problem and presents a great challenge to the research community. Machine learning algorithms have been suggested as candidates for handling big data security problems. Among these algorithms, support vector machines (SVMs) have achieved remarkable success on various classification problems. However, to establish an effective SVM, the user needs to define the proper SVM configuration in advance, which is a challenging task that requires expert knowledge and a large amount of manual effort for trial and error. In this paper, we formulate the SVM configuration process as a bi-objective optimization problem in which accuracy and model complexity are considered as two conflicting objectives. We propose a novel hyper-heuristic framework for bi-objective optimization that is independent of the problem domain. This is the first time that a hyper-heuristic has been developed for this problem. The proposed hyper-heuristic framework consists of a high-level strategy and low-level heuristics. The high-level strategy uses the search performance to control the selection of which low-level heuristic should be used to generate a new SVM configuration. The low-level heuristics each use different rules to effectively explore the SVM configuration search space. To address bi-objective optimization, the proposed framework adaptively integrates the strengths of decomposition- and Paretobased approaches to approximate the Pareto set of SVM configurations. The effectiveness of the proposed framework has been evaluated on two cyber security problems: Microsoft malware big data classification and anomaly intrusion detection. The obtained results demonstrate that the proposed framework is very effective, if not superior, compared with its counterparts and other algorithms.
INDEX TERMS: Hyper-heuristics, big data, cyber security, optimisation
An Automotive Signal-Layer Security and Trust-Boundary Identification Approach
امنیت لایه سیگنال خودرو و رویکرد شناسایی مرز اعتماد-2017
An important trend in the automotive domain is to adapt established functional safety processes and methods for security engi- neering. Although functional safety and cyber-security engineering have a considerable overlap, the trend of adapting methods from one domain to the other is often challenged by non-domain experts. Just as safety became a critical part of the development in the late 20th century, modern vehicles are now required to become resilient against cyber-attacks. As vehicle providers gear up for this challenge, they can capitalize on experiences from many other domains, but must also face several unique challenges. Such as, that cyber-security engineering will now join reliability and safety as a cornerstone for success in the automotive industry and approaches need to be integrated into the mainly safety oriented development lifecycle of the domain. The recently released SAE J3061 guidebook for cyber-physical vehicle systems focus on designing cyber-security aware systems in close relation to the automotive safety standard ISO 26262.The key contribution of this paper is to analyse a method to identify attack vectors on complex automotive systems via signal interfaces and propose a security classification scheme and protection mechanisms on signal layer. To that aim, the hardware- software interface (HSI), a central development artefact of the ISO 26262 functional safety development process, is used and extended to support the cyber-security engineering process and provide cyber-security countermeasures on signal layer.1877-0509 © 2017 The Authors. Published by Elsevier B.V.Peer-review under responsibility of the Conference Program Chairs.
Keywords: automotive systems | hardware-software interfaces | cyber-security | functional safety