Risks and Security of Internet and Systems

The management of cultural heritage information is an important aspect of human society since it enables us to document and understand our past and learn from it. Recent developments in ICT have significantly boosted research and development activities aimed at the creation and management of cultural heritage resources. As a result, information systems play an increasingly important role on storing and managing cultural heritage information and allowing preservation of the information in a digital way. To support such effort, a number of cultural heritage conceptual models have been developed and presented in the literature. However, such models they focus on the heritage entities and information, but fail to include issues such as privacy and trust. Our research has shown that these are important issues to consider in order to have a complete cultural heritage model. This paper presents the first work in the literature to include privacy and trust as part of a cultural heritage conceptual model. We demonstrate the applicability of our work using a real world case study from the Iron Age settlement of Castrolandin in Spain.

Access Control is one of the essential and traditional security weapons of data protection. In open and complex environments such as the Internet or cloud computing, the decision to grant access to a resource must ensure a secure management with a specific attention to privacy and data protection regulations. In recent years, many access control models and languages were proposed. Despite increasing legislative pressure, few of these propositions take care of privacy requirements in their specifications. In this paper we propose to enforce privacy compliance in access control policies. Based on a semantic modeling approach, specifically formal ontology, we will try to incorporate data protection legislation requirements in policies specification and implementation. This aims to abstract the complexity of legal requirements expression and to facilitate their automation and enforcement at execution level. Indeed, at run time, the interoperability of diverse information and the reference to the text law are addressed in a novel manner.

The problem of disclosing private anonymous data has become increasingly serious particularly with the possibility of carrying out deanonymisation attacks on publishing data. The related work available in the literature is inadequate in terms of the number of techniques analysed, and is limited to certain contexts such as Online Social Networks. We survey a large number of state-of-the-art techniques of deanonymisation achieved in various methods and on different types of data. Our aim is to build a comprehensive understanding about the problem. For this survey, we propose a framework to guide a thorough analysis and classifications. We are interested in classifying deanonymisation approaches based on type and source of auxiliary information and on the structure of target datasets. Moreover, potential attacks, threats and some suggested assistive techniques are identified. This can inform the research in gaining an understanding of the deanonymisation problem and assist in the advancement of privacy protection.

Trust is a crucial factor for the information sharing continuance on the Internet, such as on social networks and e-commerce websites. Various studies show that many users do not trust the websites with respect to the use of their private data. Similarly, they find it unfair that their data is used to generate revenue by online service without their knowledge or without their earning from this.

In this paper, we take as main assumptions that the control of their private data as well as caring about user interests would restore their trust. Based on an empirical model, we conducted a study of user trust by offering them the possibility to adhere to a new model of privacy policy. Conventional privacy policies confront the user with a dilemma of either fully accepting all the terms and losing control of their data, or rejecting the content of the policy and not being allowed access to the service. The privacy policy presented in this paper allows users to manage access and use of their data, and also to be rewarded.

The results indicate that caring about user interests is the main factor influencing trust. Private data Control, which is greatly influenced by the management of their data by users, also has a considerable effect on trust. Results also show that users are more willing to get control over their data rather than to be rewarded for disclosing them, when they really understand how these data will be used.

Policy-based protocols such as Multi-Protocol Label Switching (MPLS) and Border Gateway Protocol (BGP) are deployed by service providers to increase the efficiency of their networks; particularly the MPLS protocol where traffic engineering is required for the guarantee of Quality of Service (QoS) that is crucial for real-time dependant systems such as financial services, government and public safety, critical infrastructures and smart grids. Network operators are cautious about revealing information of their network; mainly for security reasons. Whereas, sophisticated adversaries are known for launching reconnaissance attacks years in advance of more malicious attacks. Whilst, research in this area was limited to the BGP, this paper aims to analyse the ability to reveal MPLS policy states with limited knowledge using Bayesian Belief Network (BBN).

Automatic response in an intrusion detection process is a difficult problem. Indeed activating an inappropriate countermeasure for a given attack can have deleterious effects on the system which must be protected. In some cases the countermeasure can be more harmful than the attack it is targeted against. Moreover, given an attack against a specific system, the best countermeasure to apply depends on the context in which the system is operating. For example in the case of an automotive system, the fact that the vehicle is operating downtown or on a freeway changes the impact an attack may have on the system. This paper introduces a novel approach which uses an argumentative logic framework to reason and select the most appropriate countermeasure given an attack and its context.

The paper suggests an approach to countermeasure selection that is based on the application of quantitative risk metrics. The approach incorporates several techniques. These techniques differ for the static and dynamic modes of operation of the security analysis and countermeasure selection component. The techniques consider available input data on the network security state. The approach is based on the application of open standards for unified specification of security data, application of attack graphs and service dependency graphs to calculate different security metrics, and takes into account events and information from security information and events management (SIEM) systems.

Achieving the quantitative risk assessment has long been an elusive problem in information security, where the subjective and qualitative assessments dominate. This paper discusses the appropriateness of statistical and quantitative methods for information security risk management. Through case studies, we discuss different types of risks in terms of quantitative risk assessment, grappling with how to obtain distributions of both probability and consequence for the risks. N.N. Taleb’s concepts of the Black Swan and the Four Quadrants provides the foundation for our approach and classification. We apply these concepts to determine where it is appropriate to apply quantitative methods, and where we should exert caution in our predictions. Our primary contribution is a treatise on different types of risk calculations, and a classification of information security threats within the Four Quadrants.

Assessing the vulnerability of an enterprise’s infrastructure is an important step in judging the security of its network and the trustworthiness and quality of the information that flows through it. Currently, low-level infrastructure vulnerability is often judged in an ad hoc manner, based on the criteria and experience of the assessors. While methodological approaches to assessing an organisation’s vulnerability exist, they are often targeted at higher-level threats, and can fail to accurately represent risk. Our aim in this paper therefore, is to explore a novel, structured approach to assessing low-level infrastructure vulnerability. We do this by placing the emphasis on a controls-based evaluation over a vulnerability-based evaluation. This work aims to investigate a framework for the pragmatic approach that organisations currently use for assessing low-level vulnerability. Instead of attempting to find vulnerabilities in infrastructure, we instead assume the network is insecure, and measure its vulnerability based on the controls that have (and have not) been put in place. We consider different control schemes for addressing vulnerability, and show how one of them, namely the Council on Cyber Security’s Top 20 Critical Security Controls, can be applied.

Nowadays, security represents the new attention of current world. It is the key issue for assuring the quality of software development. Since, security is one of the non-functional requirements; it is recurrently ignored in the requirements phase. And within limited financial statement, security managers have to patch up the increasing number of WeBhouse vulnerabilities. It is possible to reduce software development cost and time to identify user security requirement in the early stage of the software development process.

To develop a secure system, security managers need to assess vulnerabilities in order to prioritize them. In this paper, we discuss security in the WEB ETL processes taking into account business needs and vulnerabilities assessments. To this end, our work evaluates vulnerabilities according to two metrics: severity impact and remediation cost. We adopt the Common Vulnerability Scoring System (CVSS) to quantify the severity impact and extend the Cosmic used for security measuring purposes to estimate the effort needed for remediation.

Cloud forensics introduce processes for resolving incidents occurring in cloud computing environments. However, designing cloud services capable to assist a cloud investigation process is of vital importance and recent research efforts concentrate on these directions. In addition, digital forensics methods cannot support a cloud investigation since cloud environments introduce many differences compared to traditional IT environments. This paper moves current research one step further by identifying the major concepts, actors and their relationships that participating in a cloud forensics process through the introduction of a new meta-model. The paper presents a running example as well for better understanding the suggested concepts.

A cryptographic hash is defined as a transformation of variable length-message into a fixed length value. The application of cryptographic hash is increasing day by day. In modern cryptography, it is now defined as “Swiss Army Knife of Cryptography” because of usage in the verify process of integrity for files or messages, verification of the password, file/data identifier, pseudo-random generation and key derivation. The cryptographic hash consists of a compression function, where compression function can be built by scratch or blockcipher. The blockcipher based hash is suitable for constrained device \(\left( \text {WSN device}\right) \) encryption because of direct hardware implementation of the blockcipher. The blockcipher hash can be categorized into \(\left( n, n\right) \) and \(\left( n, 2n\right) \) \(\left[ \left( \text {block-length, key-length}\right) \right] \). A class of \({\left( n, n\right) }\) is more suitable than the \(\left( n, 2n\right) \) because of less power and memory utilization. There are some familiar schemes of \({\left( n, n\right) }\) blockcipher hash such as MDC-2, MDC-4, MJH, Bart-12, MSR, where some schemes provide higher security bound and some are good for efficiency. The schemes of MDC-2, MDC-4, Bart, MSR need multiple key scheduling but the MJH needs single key scheduling. The proof technique of early mentioned schemes are based on the ideal cipher model \(\left( \text {ICM}\right) \), except the Bart and MJH. These two follows a model of the finite field multiplicative operation.

In this paper, we proposed a scheme of \({\left( n, n\right) }\) blockcipher hash that satisfies a single key scheduling \(\left( \text {KS}=1\right) \). The collision and preimage resistance of our scheme is bounded by \({O\left( 2^n\right) }\) and \({O\left( 2^{2n}\right) }\). Our scheme follows three calls of blockcipher under the Davies Meyer \(\left( \text {DM}\right) \) mode. At first, we use the \(\text {ICM}\) proof technique. Later, we provide the weak cipher model \(\left( \text {WCM}\right) \) proof technique, which is more rigorous than the ICM.

The security of Supervisory Control and Data Acquistition systems (SCADA) has become these last years, a major worldwide concern. Indeed, several incidents and cyber-attacks stressed the emergency to make more efforts to secure these systems which manage important economical infrastructures. The increasing use of wireless sensors also brings their security vulnerabilities. Therefore, several communication protocols were developed to meet real time and security requirements needed by this kind of systems. WirelessHART is the first approved international standard for industrial wireless devices. It implements several mechanisms to ensure hop-by-hop and end-to-end security. However, despite these mechanisms, it remains possible for an attacker to conduct an attack against such wireless networks. In this paper, we give the first description of a Sybil attack specially tailored to target WirelessHART based SCADA systems. This attack can lead to harmful consequences such as disturbing the infrastructure functioning, interrupting it or more again causing its destruction (overheating of a nuclear reactor).

The sophistication and efficiency of current attacks makes the detection and mitigation process a very difficult task for security analysts. Research in information security has always focused on the effects of a given attack over a particular target and the methodologies to evaluate and select countermeasures accordingly. Multiple attack scenarios are hardly considered concurrently to assess the risk and propose security solutions. This paper proposes a geometrical model that represents the volume of attacks and countermeasures based on a three-dimensional coordinate system (i.e. user, channel, and resource). The CARVER methodology is used to give an appropriate weight to each entity composing the axes in the coordinate system. These weights represent the criticality of the different system entities. As a result, volumes are related to risks, making it possible to determine the magnitude and coverage of each attack and countermeasure within a given system.

Browsers enable the user to surf over the Internet and access web sites that may include social media, email service, etc. However, such an activity incorporates various web threats (e.g. tracking, malicious content, etc.) that may imperil the user’s data and any sensitive information involved. Therefore, web browsers offer pre-installed security controls to protect users from these threats. Third-party browser software (i.e. add-ons) is also available that enhances these pre-installed security controls, or substitutes them. In this paper, we examine the available security controls that exist in modern browsers to reveal any gaps in the offered security protection. We also study the available security and privacy add-ons and observe whether the above mentioned gaps (i.e. when a security control is unavailable) are covered or need to be revisited.

As the use of mobile devices spreads dramatically, hackers have started making use of mobile botnets to steal user information or perform other malicious attacks. To address this problem, in this paper we propose a mobile botnet detection system, called MBotCS. MBotCS can detect mobile device traffic indicative of the presence of a mobile botnet based on prior training using machine learning techniques. Our approach has been evaluated using real mobile device traffic captured from Android mobile devices, running normal apps and mobile botnets. In the evaluation, we investigated the use of 5 machine learning classifier algorithms and a group of machine learning box algorithms with different validation schemes. We have also evaluated the effect of our approach with respect to its effect on the overall performance and battery consumption of mobile devices.

A Distributed Denial of Service (DDoS) attacks are used by malicious nodes in order to flood a victim node with large data flows. When the victim is a communication node, these attacks aim to damage network performances by reducing its resources such as bandwidth (bandwidth depletion attack), computing power (processor depletion attack) and energy (energy depletion attack). Due to their proper characteristics (wireless and dynamic topologies, low battery life, etc.), Mobile Ad hoc NETworks (MANETs) are more vulnerable than other networks and their damages can quickly became very serious. Moreover, for such networks, the energy depletion attack is obviously the most common because it makes nodes unable to process legitimate requests and traffic. It follows that for MANETs, for which such attack can be completely disabling, it is better to prevent this type of attack rather than reacting after its occurrence. The aim of this paper fits into the previous strategy: it proposes as a first part, a security mechanism preventing energy depletion attack which ties up the residual energy of a victim MANET node making it unable to process legitimate requests and consequently the needed service. The environment on which the proposition is made uses the delegation concept and extends a recently proposed reputation based clustering MANET environment organizing the network into clusters with elected cluster heads (CHs) and detecting and isolating malicious nodes.The second part of this paper concerns the formal specification of the proposed mechanism based on a certain number of constraints and its verification using adequate algorithms.