Search results

The authors argue that the current studies about malicious insiders confuse the fact that malicious attacks belong to two different categories, namely, those that launch instrumental attacks and expressive attacks. The authors collect malicious insider data from publicly available sources and use text-mining techniques to analyze the association between malicious insiders’ characteristics and the different types of attack.

The authors investigated the relationship between personality characteristics and different types of malicious attacks. For the personality characteristics, the authors use the same method as Liang et al. (2016), which extracted these characteristics based on a keyword-characteristic dictionary. For different types of malicious attacks, two raters rated each case based on criteria modified from criminology research to determine the degree of expressiveness and instrumentality.

The results show that malicious insiders who are manipulative or seeking personal gain tend to carry out instrumental attacks. Malicious insiders who are arrogant tend to conduct expressive attacks.

This study uses third party articles to identify the personality characteristics of known malicious insiders. As such, not all personality characteristics may have been reported. Data availability was an issue.

Understanding if different personality characteristics lead different types of attacks can help managers identify employees who exhibit them and mitigate an attack before it occurs.

Malicious insider attacks can have devastating results on businesses and employees. Help to identify potential malicious insiders before they act, may prevent undue harm.

This study used 132 cases of none malicious insiders to examine their attack objectives. No other study that the authors know of used that many cases.

Malicious attacks extremely traumatize knowledge networks due to increasing interdependence among knowledge elements. Therefore, exposing the damage of malicious attacks to knowledge networks has important theoretical and practical significance. Despite the insights being offered by the growing research stream, few studies discuss the diverse responses of knowledge networks’ robustness to different target-attacks, and the authors lack sufficient knowledge of which forms of malicious attacks constitute greater disaster when knowledge networks evolve to different stages. Given the irreversible consequences of malicious attacks on knowledge networks, this paper aims to examine the impacts of different malicious attacks on the robustness of knowledge networks.

On the basic of dividing malicious attacks into six forms, the authors incorporate two important aspects of robustness of knowledge networks – structure and function – in a research framework, and use maximal connected sub-graphs and network efficiency, respectively, to measure structural and functional robustness. Furthermore, the authors conceptualize knowledge as a multi-dimensional structure to reflect the heterogeneous nature of knowledge elements, and design the fundamental rules of simulation. NetLogo is used to simulate the features of knowledge networks and their changes of robustness as they face different malicious attacks.

First, knowledge networks gradually form more associative integrated structures with evolutionary progress. Second, various properties of knowledge elements play diverse roles in mitigating damage from malicious attacks. Recalculated-degree-based attacks cause greater damage than degree-based attacks, and structure of knowledge networks has higher resilience against ability than function. Third, structural robustness is mainly affected by the potential combinatorial value of high-degree knowledge elements, and the combinatorial potential of high-out-degree knowledge elements. Forth, the number of high in-degree knowledge elements with heterogeneous contents, and the inverted U-sharp effect contributed by high out-degree knowledge elements are the main influencers of functional robustness.

The authors use the frontier method to expose the detriments of malicious attacks both to structural and functional robustness in each evolutionary stage, and the authors reveal the relationship and effects of knowledge-based connections and knowledge combinatorial opportunities that contribute to maintaining them. Furthermore, the authors identify latent critical factors that may improve the structural and functional robustness of knowledge networks.

First, from the dynamic evolutionary perspective, the authors systematically examine structural and functional robustness to reveal the roles of the properties of knowledge element, and knowledge associations to maintain the robustness of knowledge networks. Second, the authors compare the damage of six forms of malicious attacks to identify the reasons for increased robustness vulnerability. Third, the authors construct the stock, power, expertise knowledge structure to overcome the difficulty of knowledge conceptualization. The results respond to multiple calls from different studies and extend the literature in multiple research domains.

The purpose of this study is to extensively explore the vehicular network paradigm, challenges faced by them and provide a reasonable solution for securing these vulnerable networks. Vehicle-to-everything (V2X) communication has brought the long-anticipated goal of safe, convenient and sustainable transportation closer to reality. The connected vehicle (CV) paradigm is critical to the intelligent transportation systems vision. It imagines a society free of a troublesome transportation system burdened by gridlock, fatal accidents and a polluted environment. The authors cannot overstate the importance of CVs in solving long-standing mobility issues and making travel safer and more convenient. It is high time to explore vehicular networks in detail to suggest solutions to the challenges encountered by these highly dynamic networks.

This paper compiles research on various V2X topics, from a comprehensive overview of V2X networks to their unique characteristics and challenges. In doing so, the authors identify multiple issues encountered by V2X communication networks due to their open communication nature and high mobility, especially from a security perspective. Thus, this paper proposes a trust-based model to secure vehicular networks. The proposed approach uses the communicating nodes’ behavior to establish trustworthy relationships. The proposed model only allows trusted nodes to communicate among themselves while isolating malicious nodes to achieve secure communication.

Despite the benefits offered by V2X networks, they have associated challenges. As the number of CVs on the roads increase, so does the attack surface. Connected cars provide numerous safety-critical applications that, if compromised, can result in fatal consequences. While cryptographic mechanisms effectively prevent external attacks, various studies propose trust-based models to complement cryptographic solutions for dealing with internal attacks. While numerous trust-based models have been proposed, there is room for improvement in malicious node detection and complexity. Optimizing the number of nodes considered in trust calculation can reduce the complexity of state-of-the-art solutions. The theoretical analysis of the proposed model exhibits an improvement in trust calculation, better malicious node detection and fewer computations.

The proposed model is the first to add another dimension to trust calculation by incorporating opinions about recommender nodes. The added dimension improves the trust calculation resulting in better performance in thwarting attacks and enhancing security while also reducing the trust calculation complexity.

In the recent era, banking infrastructure constructs various remotely handled platforms for users. However, the security risk toward the banking sector has also elevated, as it is visible from the rising number of reported attacks against these security systems. Intelligence shows that cyberattacks of the crawlers are increasing. Malicious crawlers can crawl the Web pages, crack the passwords and reap the private data of the users. Besides, intrusion detection systems in a dynamic environment provide more false positives. The purpose of this research paper is to propose an efficient methodology to sense the attacks for creating low levels of false positives.

In this research, the authors have developed an efficient approach for malicious crawler detection and correlated the security alerts. The behavioral features of the crawlers are examined for the recognition of the malicious crawlers, and a novel methodology is proposed to improvise the bank user portal security. The authors have compared various machine learning strategies including Bayesian network, support sector machine (SVM) and decision tree.

This proposed work stretches in various aspects. Initially, the outcomes are stated for the mixture of different kinds of log files. Then, distinct sites of various log files are selected for the construction of the acceptable data sets. Session identification, attribute extraction, session labeling and classification were held. Moreover, this approach clustered the meta-alerts into higher level meta-alerts for fusing multistages of attacks and the various types of attacks.

This methodology used incremental clustering techniques and analyzed the probability of existing topologies in SVM classifiers for more deterministic classification. It also enhanced the taxonomy for various domains.

This paper aims to propose and evaluate an intrusion sensitivity (IS)-based approach regarding the detection of pollution attacks in collaborative intrusion detection networks (CIDNs) based on the observation that each intrusion detection system may have different levels of sensitivity in detecting specific types of intrusions.

In this work, the authors first introduce their adopted CIDN framework and a newly designed aggregation component, which aims to collect feedback, aggregate alarms and identify important alarms. The authors then describe the details of trust computation and alarm aggregation.

The evaluation on the simulated pollution attacks indicates that the proposed approach is more effective in detecting malicious nodes and reducing the negative impact on alarm aggregation as compared to similar approaches.

More efforts can be made in improving the mapping of the satisfaction level, enhancing the allocation, evaluation and update of IS and evaluating the trust models in a large-scale network.

This work investigates the effect of the proposed IS-based approach in defending against pollution attacks. The results would be of interest for security specialists in deciding whether to implement such a mechanism for enhancing CIDNs.

The experimental results demonstrate that the proposed approach is more effective in decreasing the trust values of malicious nodes and reducing the impact of pollution attacks on the accuracy of alarm aggregation as compare to similar approaches.

In vehicular ad hoc networks (VANETs), the information transmitted is broadcast in a free access environment. Therefore, VANETs are vulnerable against attacks that can directly perturb the performance of the networks and then provoke big fall of capability. Black hole attack is an example such attack, where the attacker node pretends that having the shortest path to the destination node and then drops the packets. This paper aims to present a new method to detect the black hole attack in real-time in a VANET network.

This method is based on capability indicators that are widely used in industrial production processes. If the different capability indicators are greater than 1.33 and the stability ratio (S_r) is greater than 75%, the network is stable and the vehicles are communicating in an environment without the black hole attack. When the malicious nodes representing the black hole attacks are activated one by one, the fall of capability becomes more visible and the network is unstable, out of control and unmanaged, due to the presence of the attacks. The simulations were conducted using NS-3 for the network simulation and simulation of urban mobility for generating the mobility model.

The proposed mechanism does not impose significant overheads or extensive modifications in the standard Institute of Electrical and Electronics Engineers 802.11p or in the routing protocols. In addition, it can be implemented at any receiving node which allows identifying malicious nodes in real-time. The simulation results demonstrated the effectiveness of proposed scheme to detect the impact of the attack very early, especially with the use of the short-term capability indicators (Cp, Cpk and Cpm) of each performance metrics (throughput and packet loss ratio), which are more efficient at detecting quickly and very early the small deviations over a very short time. This study also calculated another indicator of network stability which is S_r, which allows to make a final decision if the network is under control and that the vehicles are communicating in an environment without the black hole attack.

According to the best of the authors’ knowledge, the method, using capability indicators for detecting the black hole attack in VANETs, has not been presented previously in the literature.

As the number of available services increases on the web, it becomes greatly vital in service-oriented computing to discover a trustworthy service for a service composition so as to best-fit business requirements. However, some dishonest service providers may advertise more than what they can offer and cause a great loss to users. In the last few years, trust and reputation management over web service selection mechanism becomes an emerging way of dealing with security deficiencies which are inherent in web services environment. The purpose of this paper is to review the security threats carefully and expect that the results serve as a reference guide for designing the robust trust and reputation management mechanisms.

Based on the published literature, the paper reviews and categorizes the most critical and important security threats that apply to trust and reputation models.

A detailed review and a dedicated taxonomy table are derived. As emphasized earlier, they could serve as the most important guideline for design of trust and reputation mechanisms.

The papers work contributes to: first, understand in details what kind of security threats may cause damage to trust and reputation management mechanisms for web services selection; and second, categorize these complex security threats and then assist in planning the defense mechanisms.

Railways are a well-known example of complex critical infrastructure, incorporating socio-technical systems with humans such as drivers, signallers, maintainers and passengers at the core. The technological evolution including interconnectedness and new ways of interaction lead to new security and safety risks that can be realised, both in terms of human error, and malicious and non-malicious behaviour. This study aims to identify the human factors (HF) and cyber-security risks relating to the role of signallers on the railways and explores strategies for the improvement of “Digital Resilience” – for the concept of a resilient railway.

Overall, 26 interviews were conducted with 21 participants from industry and academia.

The results showed that due to increased automation, both cyber-related threats and human error can impact signallers’ day-to-day operations – directly or indirectly (e.g. workload and safety-critical communications) – which could disrupt the railway services and potentially lead to safety-related catastrophic consequences. This study identifies cyber-related problems, including external threats; engineers not considering the human element in designs when specifying security controls; lack of security awareness among the rail industry; training gaps; organisational issues; and many unknown “unknowns”.

The authors discuss socio-technical principles through a hexagonal socio-technical framework and training needs analysis to mitigate against cyber-security issues and identify the predictive training needs of the signallers. This is supported by a systematic approach which considers both, safety and security factors, rather than waiting to learn from a cyber-attack retrospectively.

Security is one of the major challenges in the design and implementation of protocols for mobile ad hoc networks (MANETs). In such systems, the cooperation between nodes is one of the important principles being followed in the current research works to formulate various security protocols. Many existing works assume that mobile nodes will follow prescribed protocols without deviation. However, this is not always the case, because these networks are subjected to a variety of malicious attacks. Since there are various models of attack, trust routing scheme can guarantee security and trust of the network. The purpose of this paper is to propose a novel trusted routing model for mitigating attacks in MANETs.

The proposed model incorporates the concept of trust into the MANETs and applies grey relational analysis theory combined with fuzzy sets to calculate a node’s trust level based on observations from neighbour nodes’ trust level, these trust levels are then used in the routing decision-making process.

In order to prove the applicability of the proposed solution, extensive experiments were conducted to evaluate the efficiency of the proposed model, aiming at improving the network interaction quality, malicious node mitigation and enhancements of the system’s security.

The proposed solution in this paper is a new approach combining the fundamental basics of fuzzy sets with the grey theory, where establishment of trust relationships among participating nodes is critical in order to enable collaborative optimisation of system metrics. Experimental results indicate that the proposed method is useful for reducing the effects of malicious nodes and for the enhancements of system’s security.

This paper presents a state‐of‐the‐art review of the Web privacy and anonymity enhancing security mechanisms, tools, applications and services, with respect to their architecture, operational principles and vulnerabilities. Furthermore, to facilitate a detailed comparative analysis, the appropriate parameters have been selected and grouped in classes of comparison criteria, in the form of an integrated comparison framework. The main concern during the design of this framework was to cover the confronted security threats, applied technological issues and users' demands satisfaction. GNUnet's Anonymity Protocol (GAP), Freedom, Hordes, Crowds, Onion Routing, Platform for Privacy Preferences (P3P), TRUSTe, Lucent Personalized Web Assistant (LPWA), and Anonymizer have been reviewed and compared. The comparative review has clearly highlighted that the pros and cons of each system do not coincide, mainly due to the fact that each one exhibits different design goals and thus adopts dissimilar techniques for protecting privacy and anonymity.