The Spatial Analysis of the Malicious Uniform Resource Locators (URLs): 2016 Dataset Case Study

Raid W. Amin; Hakki Erhan Sevil; Salih Kocak; Guillermo Francia; Philip Hoover

doi:10.3390/info12010002

The Spatial Analysis of the Malicious Uniform Resource Locators (URLs): 2016 Dataset Case Study

Information ◽

10.3390/info12010002 ◽

2020 ◽

Vol 12 (1) ◽

pp. 2

Author(s):

Raid W. Amin ◽

Hakki Erhan Sevil ◽

Salih Kocak ◽

Guillermo Francia ◽

Philip Hoover

Keyword(s):

Spatial Analysis ◽

Disease Surveillance ◽

Monte Carlo Study ◽

Cyber Attacks ◽

Cyber Attack ◽

Internet Users ◽

Novel Approach ◽

Different Types ◽

Relative Risk Assessment

In this study, we aimed to identify spatial clusters of countries with high rates of cyber attacks directed at other countries. The cyber attack dataset was obtained from Canadian Institute for Cybersecurity, with over 110,000 Uniform Resource Locators (URLs), which were classified into one of 5 categories: benign, phishing, malware, spam, or defacement. The disease surveillance software SaTScanTM was used to perform a spatial analysis of the country of origin for each cyber attack. It allowed the identification of spatial and space-time clusters of locations with unusually high counts or rates of cyber attacks. Number of internet users per country obtained from the 2016 CIA World Factbook was used as the population baseline for computing rates and Poisson analysis in SaTScanTM. The clusters were tested for significance with a Monte Carlo study within SaTScanTM, where any cluster with p < 0.05 was designated as a significant cyber attack cluster. Results using the rate of the different types of malicious URL cyber attacks are presented in this paper. This novel approach of studying cyber attacks from a spatial perspective provides an invaluable relative risk assessment for each type of cyber attack that originated from a particular country.

Download Full-text

A review: towards practical attack taxonomy for industrial control systems

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i2.14.12815 ◽

2018 ◽

Vol 7 (2.14) ◽

pp. 145 ◽

Cited By ~ 1

Author(s):

Qais Saif Qassim ◽

Norziana Jamil ◽

Razali Jidin ◽

Mohd Ezanee Rusli ◽

Md Nabil Ahmad Zawawi ◽

...

Keyword(s):

Control Systems ◽

Supervisory Control ◽

Cyber Attacks ◽

Critical Infrastructures ◽

Cyber Attack ◽

Industrial Control ◽

Industrial Control Systems ◽

Scada System ◽

Water Transportation ◽

Different Types

Supervisory Control and Data Acquisition (SCADA) system is the underlying control system of most national critical infrastructures such as power, energy, water, transportation and telecommunication. In order to understand the potential threats to these infrastructures and the mechanisms to protect them, different types of cyber-attacks applicable to these infrastructures need to be identified. Therefore, there is a significant need to have a comprehensive understanding of various types of cyber-attacks and its classification associated with both Opera-tion Technology (OT) and Information Technology (IT). This paper presents a comprehensive review of existing cyber-attack taxonomies available in the literature and evaluates these taxonomies based on defined criteria.

Download Full-text

Predicting individual differences to cyber attacks: Knowledge, arousal, emotional and trust responses

Cyberpsychology Journal of Psychosocial Research on Cyberspace ◽

10.5817/cp2021-4-9 ◽

2021 ◽

Vol 15 (4) ◽

Author(s):

Aryn Pyke ◽

Ericka Rovira ◽

Savannah Murray ◽

Joseph Pritts ◽

Charlotte L. Carp ◽

...

Keyword(s):

Emotional Responses ◽

Emotional Valence ◽

Cyber Attacks ◽

Cyber Attack ◽

Red Flags ◽

Different Types ◽

Propensity To Trust ◽

High Knowledge ◽

Lead Users ◽

Attack Type

Cyber attacks are increasingly commonplace and cause significant disruption, and therefore, have been a focus of much research. The objective of this research was to understand the factors that might lead users to fail to recognize red flags and succumb to cyber events. We investigated users’ knowledge of cyber attacks, their propensity to trust technology, arousal, emotional valence, and situational trust in response to different types and severity of cyber attacks. Our findings suggest that high-risk attacks elicited more arousal and more negative emotional valence than low-risk attacks. The attack-type manipulation revealed that phishing scenarios yielded distinctive patterns, including weaker affective responses than ransomware and other malware. The authors further examined arousal, emotional valence, and situational trust patterns among the subset of high- knowledge participants who successfully identified all the attacks and compared these responses with those of less knowledgeable peers. Our findings suggest that the more knowledgeable the user, the higher was their general propensity to trust technology, the more sensitive were their emotional responses to the manipulation of risk, and the lower their situational trust when faced with cyber attack scenarios.

Download Full-text

Intrusion Detection on Apache Spark Platform in Big data and Machine Learning Techniques

Journal of University of Shanghai for Science and Technology ◽

10.51201/jusst/21/06427 ◽

2021 ◽

Vol 23 (06) ◽

pp. 1257-1266

Author(s):

Mrs.J. Yamuna Bee ◽

◽

E. Naveena ◽

Reshma Elizabeth Thomas ◽

Arathi Chandran ◽

...

Keyword(s):

Power Systems ◽

Cyber Attacks ◽

Machine Learning Techniques ◽

Frequency Regulation ◽

Cyber Attack ◽

Learning Techniques ◽

Control Scheme ◽

Risk Review ◽

The Impact

With the rising cyber-physical power systems and emerging danger of cyber-attacks, the traditional power services are faced with higher risks of being compromised, as vulnerabilities in cyber communications can be broken to cause material damage. Therefore, adjustment needs to be made in the present control scheme plan methods to moderate the impact of possible attacks on service quality. This paper, focuses on the service of synchronized source-load contribution in main frequency regulation, a weakness study is performed with model the attack intrusion process, and the risk review of the service is made by further model the attack impacts on the service’s bodily things. On that basis, the customary synchronized reserve allotment optimization model is adapted and the allocation scheme is correct according to the cyber-attack impact. The proposed alteration methods are validating through a case study, showing efficiency in defensive alongside the cyber-attack impacts.

Download Full-text

Predicting Cyber-Events by Leveraging Hacker Sentiment

Information ◽

10.3390/info9110280 ◽

2018 ◽

Vol 9 (11) ◽

pp. 280 ◽

Cited By ~ 7

Author(s):

Ashok Deb ◽

Kristina Lerman ◽

Emilio Ferrara

Keyword(s):

Sentiment Analysis ◽

Predictive Power ◽

Cyber Attacks ◽

Cyber Attack ◽

Business Organizations ◽

High Profile ◽

Malicious Activity ◽

Novel Approach ◽

Community Behavior ◽

Attack Data

Recent high-profile cyber-attacks exemplify why organizations need better cyber-defenses. Cyber-threats are hard to accurately predict because attackers usually try to mask their traces. However, they often discuss exploits and techniques on hacking forums. The community behavior of the hackers may provide insights into the groups’ collective malicious activity. We propose a novel approach to predict cyber-events using sentiment analysis. We test our approach using cyber-attack data from two major business organizations. We consider three types of events: malicious software installation, malicious-destination visits, and malicious emails that surmounted the target organizations’ defenses. We construct predictive signals by applying sentiment analysis to hacker forum posts to better understand hacker behavior. We analyze over 400 K posts written between January 2016 and January 2018 on over 100 hacking forums both on the surface and dark web. We find that some forums have significantly more predictive power than others. Sentiment-based models that leverage specific forums can complement state-of-the-art time-series models on forecasting cyber-attacks weeks ahead of the events.

Download Full-text

Authentication strategies in vehicular communications: a taxonomy and framework

EURASIP Journal on Wireless Communications and Networking ◽

10.1186/s13638-021-01968-6 ◽

2021 ◽

Vol 2021 (1) ◽

Author(s):

Mir Ali Rezazadeh Baee ◽

Leonie Simpson ◽

Xavier Boyen ◽

Ernest Foo ◽

Josef Pieprzyk

Keyword(s):

Key Management ◽

Vehicular Networks ◽

Cyber Attacks ◽

Vehicular Communications ◽

Vehicular Communication ◽

Making Choices ◽

Different Types ◽

Authentication Schemes ◽

Cryptographic Techniques

AbstractIn intelligent vehicular networks, vehicles have enhanced sensing capabilities and carry computing and communication platforms to enable new versatile systems known as Vehicular Communication (VC) systems. Vehicles communicate with other vehicles and with nearby fixed equipment to support different applications, including those which increase driver awareness of the surroundings. This should result in improved safety and may optimize traffic. However, VC systems are vulnerable to cyber attacks involving message manipulation. Research aimed at tackling this problem has resulted in the proposal of multiple authentication protocols. Several existing survey papers have attempted to classify some of these protocols based on a limited set of characteristics. However, to date there is no generic framework to support the comparison of these protocols and provide guidance for design and evaluation. Most existing classifications either use computation complexity of cryptographic techniques as a criterion, or they fail to make connections between different important aspects of authentication. This paper provides such a framework, proposing a new taxonomy to enable a consistent means of classifying authentication schemes based upon seven main criteria. The main contribution of this study is a framework to enable protocol designers and investigators to adequately compare and select authentication schemes when deciding on particular protocols to implement in an application. Our framework can be applied in design, making choices appropriate for the intended context in both intra-vehicle and inter-vehicle communications. We demonstrate the application of our framework using two different types of case study: individual analysis and hypothetical design. Additionally, this work makes several related contributions. We present the network model, outline the applications, list the communication patterns and the underlying standards, and discuss the necessity of using cryptography and key management in VC systems. We also review the threats, authentication, and privacy requirements in vehicular networks.

Download Full-text

Analysis Report on Attacks and Defence Modeling Approach to Cyber Security

International Journal of Scientific Research in Science and Technology ◽

10.32628/ijsrst196215 ◽

2019 ◽

pp. 52-60

Author(s):

Bechoo Lal ◽

Chandrahauns R Chavan

Keyword(s):

Cyber Security ◽

Detection System ◽

Forensic Analysis ◽

Cyber Attacks ◽

Sensitive Information ◽

Cyber Warfare ◽

Cyber Attack ◽

Research Issues ◽

Modeling Approach

The researcher stated that critical analysis on attacks and defense modeling approach to cyber security which is one of the significant research issues in the computing environment. The researcher focused on some of the factors such as control the side of damage, perform forensic analysis, executive standard counter measures, perform threat detection and hunting, and gather threat intelligence. These all are the defense parameters which are stated to modeling approach in cyber security. During the research the researcher evaluated the security parameters including password strength, fraud detection system, firewall and others security parameters which are significant with respect to cyber attach and environment. The researcher shown statistical report on industries impacted by cyber-attacks worldwide as of September 2017. The researcher stated that passwords are basic cyber-security tool that people encounter nearly every day to prevent valuable data and highly sensitive information from unauthorized persons. The researcher represented an attack and defense modeling approach with the help of cyber security attributes such as information security, network security, operational security, end-user protection and application security. The researcher also stated that a case study of the 2016 Korean cyber command compromise: the victim of a prospering cyber-attack that allowed access to internal networks. Per usual with massive scale attacks against South Korean entities, the hack was straight off attributed to DPRK. Case study-2: cyber warfare conflict analysis and case studies, to analysis historical cyber warfare incidents from the past to the current and capture relevant information in a very information acquisition section.

Download Full-text

Securing E-Learning Systems

Information Security and Ethics ◽

10.4018/978-1-59904-937-3.ch144 ◽

2008 ◽

pp. 2139-2148

Author(s):

Michelle Ramim ◽

Yair Levy

Keyword(s):

Cyber Attacks ◽

Point Of View ◽

Learning Systems ◽

Learning System ◽

The Internet ◽

Sensitive Information ◽

Cyber Attack ◽

Policies And Procedures ◽

E Learning

The growing use of e-learning systems has been documented by numerous studies (Levy, 2005). Yet in spite of this enormous growth, little attention has been given to the issue of security of e learning systems both in research and in practice. Security of e-learning systems has a unique challenge as these systems are accessed and managed via the Internet by thousands of users over hundreds of networks. However, the Internet can pose security threats such as unauthorized access, hacking/cracking, obtaining sensitive information, and altering data and configuration, as well as enabling academic misconduct incidents (Freeh, 2000; Ramim, 2005; Sridhar & Bhasker, 2003). At the same time, cyber attacks have proliferated significantly in recent years. As a result, proper IT policies and procedures, in particular ones related to security of information systems, have become critical for organizations. This case study was written from the IS consultant’s point of view and addresses the issues related to insider cyber attacks combined with novice IT management knowledge in a small university. After a year of substantial growth to its online learning program, the university in this case study experienced a devastating event that halted all academic activities enabled by the institution’s e-learning system. This case reveals that internal cyber attack as well as lack of proper IT policies and procedures all resulted in multiple instances of damage to the e-learning system. The case provides detailed documentation on the security audit performed as well as stimulation for class discussions on actions to be taken as a result of the insider’s cyber attack. Additionally, this case study attempts to provide a starting point on discussions in the area of security related to e-learning systems. It is hoped that this case study will stimulate discussions among practitioners and researchers related to e-learning systems security, and that it will help prevent such incidents from occurring at other academic institutions.

Download Full-text

Using BDI Agents in Flexible Patterns for Cyber-Attacks over Electrical Power Infrastructures

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.841.97 ◽

2016 ◽

Vol 841 ◽

pp. 97-104 ◽

Cited By ~ 2

Author(s):

Horatiu Moga ◽

Mircea Boscoianu ◽

Delia Ungureanu ◽

Florin Sandu ◽

Ramona Lile

Keyword(s):

Electrical Power ◽

Electric Energy ◽

Cyber Attacks ◽

Cyber Attack ◽

Bdi Agents ◽

Control Engineering ◽

Separate Treatment ◽

Different Types ◽

The Game Theory ◽

A Company

This work aims to assess how the infrastructure of production & transport of the electric energy can be annihilated in a nation-state through a cyber attack, as a particular form of manifestation of cybernetic warfare. In this study we consider that the purpose of the cyber attack is only to remove servers from service, logically or physically. There are several standards that integrate the business side of a company with the level of supervision of industrial infrastructure and with the level of control engineering. These levels are integrated and are using different protocols. To simulate cyber-attacks between the countries with flexible potential escalation there are used BDI (Belief-Desire-Intention) agents which allow to separate treatment of different types of attacks. Inspired by the study of nuclear attacks implemented using the game theory, the flexibility of the BDI paradigm increases research potential of decision trees using this type of agent in other areas of human existence, like modeling human behavior at policy states makers or cyberspace executive users.

Download Full-text

A Dynamic and Combined Phishing Detection Technique

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.e2819.039520 ◽

2020 ◽

Vol 9 (5) ◽

pp. 1421-1425

Keyword(s):

Web Applications ◽

Cyber Attacks ◽

Grocery Shopping ◽

Cyber Attack ◽

True Negative ◽

Positive Ratio ◽

Phishing Attacks ◽

Internet Users ◽

False Positive Ratio ◽

Phishing Detection

With the quick advancement of web applications, internet users are spending more and more time with these applications .They utilize the benefits of the internet in doing all the day-to-day chores from reading newspaper to grocery shopping .This makes them prone to various kinds of cyber-attacks such as phishing , password attack , malwares etc...Phishing is one of the most common cyber-attack which is made by the attackers to take the users’ delicate data . In phishing attack the users are first tempted with attractive offers and are then redirected to illegitimate (phishing) websites which ask for their credentials .In spite of the alert and awareness spread against these types of cyber-attacks , people continue to fall prey and get affected .The attackers have evolved with time and craft the attacks in such a way that the phishing websites and emails may seem real .Many systems and algorithms have been developed to predict phishing attacks .However ,the achievement rate of phishing attacks stays high and it’s detection is prone towards high true negative and false positive ratio. Therefore ,to deal with this conundrum we are putting forward a generalized algorithm for phishing detection with improved accuracy.

Download Full-text

Participatory Mapping in Browns Canyon National Monument, Colorado (USA)

Case Studies in the Environment ◽

10.1525/cse.2017.000661 ◽

2017 ◽

Vol 1 (1) ◽

pp. 1-16

Author(s):

John Harner ◽

Lee Cerveny ◽

Rebecca Gronewold

Keyword(s):

Land Management ◽

Planning Process ◽

Management Plan ◽

Bureau Of Land Management ◽

National Monument ◽

Resource Managers ◽

Different Types ◽

Us Forest Service ◽

Natural Resource Managers

Natural resource managers need up-to-date information about how people interact with public lands and the meanings these places hold for use in planning and decision-making. This case study explains the use of public participatory Geographic Information System (GIS) to generate and analyze spatial patterns of the uses and values people hold for the Browns Canyon National Monument in Colorado. Participants drew on maps and answered questions at both live community meetings and online sessions to develop a series of maps showing detailed responses to different types of resource uses and landscape values. Results can be disaggregated by interaction types, different meaningful values, respondent characteristics, seasonality, or frequency of visit. The study was a test for the Bureau of Land Management and US Forest Service, who jointly manage the monument as they prepare their land management plan. If the information generated is as helpful throughout the entire planning process as initial responses seem, this protocol could become a component of the Bureau’s planning tool kit.

Download Full-text