首页 > 最新文献

European Conference on Cyber Warfare and Security最新文献

英文 中文
Spam Email Detection Using Machine Learning Techniques 使用机器学习技术检测垃圾邮件
Pub Date : 2023-06-19 DOI: 10.34190/eccws.22.1.1208
Ioannis Moutafis, Antonios Andreatos, Petros Stefaneas
This paper focuses on the security of electronic mail, using machine learning algorithms. Spam email is unwanted messages, usually commercial, sent to a large number of recipients. In this work, an algorithm for the detection of spam messages with the aid of machine learning methods is proposed. The algorithm accepts as input text email messages grouped as benevolent (“ham”) and malevolent (spam) and produces a text file in csv format. This file then is used to train a bunch of ten Machine Learning techniques to classify incoming emails into ham or spam. The following Machine Learning techniques have been tested: Support Vector Machines, k-Nearest Neighbour, Naïve Bayes, Neural Networks, Recurrent Neural Networks, Ada Boost, Random Forest, Gradient Boosting, Logistic Regression and Decision Trees. Testing was performed using two popular datasets, as well as a publicly available csv file. Our algorithm is written in Python and produces satisfactory results in terms of accuracy, compared to state-of-the-art implementations. In addition, the proposed system generates three output files: a csv file with the spam email IP addresses (of originating email servers), a map with their geolocation, as well as a csv file with statistics about the countries of origin. These files can be used to update existing organisational filters and blacklists used in other spam filters.
本文主要研究电子邮件的安全性,使用机器学习算法。垃圾邮件是发送给大量收件人的不需要的信息,通常是商业信息。在这项工作中,提出了一种基于机器学习方法的垃圾邮件检测算法。该算法接受分为善意(“火腿”)和恶意(垃圾邮件)的文本电子邮件消息作为输入,并生成csv格式的文本文件。然后,这个文件被用来训练一堆机器学习技术,将传入的电子邮件分类为垃圾邮件或垃圾邮件。以下机器学习技术已经过测试:支持向量机,k近邻,Naïve贝叶斯,神经网络,循环神经网络,Ada Boost,随机森林,梯度增强,逻辑回归和决策树。使用两个流行的数据集以及一个公开可用的csv文件执行测试。我们的算法是用Python编写的,与最先进的实现相比,在准确性方面产生了令人满意的结果。此外,所建议的系统生成三个输出文件:一个包含垃圾邮件IP地址的csv文件,一个包含其地理位置的地图,以及一个包含有关原产国统计信息的csv文件。这些文件可用于更新其他垃圾邮件过滤器中使用的现有组织过滤器和黑名单。
{"title":"Spam Email Detection Using Machine Learning Techniques","authors":"Ioannis Moutafis, Antonios Andreatos, Petros Stefaneas","doi":"10.34190/eccws.22.1.1208","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1208","url":null,"abstract":"This paper focuses on the security of electronic mail, using machine learning algorithms. Spam email is unwanted messages, usually commercial, sent to a large number of recipients. In this work, an algorithm for the detection of spam messages with the aid of machine learning methods is proposed. The algorithm accepts as input text email messages grouped as benevolent (“ham”) and malevolent (spam) and produces a text file in csv format. This file then is used to train a bunch of ten Machine Learning techniques to classify incoming emails into ham or spam. The following Machine Learning techniques have been tested: Support Vector Machines, k-Nearest Neighbour, Naïve Bayes, Neural Networks, Recurrent Neural Networks, Ada Boost, Random Forest, Gradient Boosting, Logistic Regression and Decision Trees. Testing was performed using two popular datasets, as well as a publicly available csv file. Our algorithm is written in Python and produces satisfactory results in terms of accuracy, compared to state-of-the-art implementations. In addition, the proposed system generates three output files: a csv file with the spam email IP addresses (of originating email servers), a map with their geolocation, as well as a csv file with statistics about the countries of origin. These files can be used to update existing organisational filters and blacklists used in other spam filters.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135286921","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Permission-Based Classification of Android Malware Applications Using Random Forest 基于权限的Android恶意软件应用随机森林分类
Pub Date : 2023-06-19 DOI: 10.34190/eccws.22.1.1212
Nikolaos Chrysikos, P. Karampelas, Konstantinos F. Xylogiannopoulos
Android is arguably the most widely used mobile operating system in the world. Due to its widespread use, it has attracted a lot of attention of cybercriminals who attempt to exploit its architecture and outsmart innocent users to install malware applications. The number of such applications is growing every day either by alternating a basic exploitation mechanism or by creating novel mechanisms to exfiltrate users’ data. As a result, there is an increasing need for detection mechanisms that can classify these applications to families based on their characteristics. A significant amount of research has already been devoted to analysing and mitigating this growing problem; however, this situation demands more efficient methods with higher precision. The paper proposes such a framework for analysing and classifying a malicious application to certain families relying on the permissions used. The proposed method involves the pre-processing of the applications to extract their permissions, the tokenization of permissions, the data cleansing and finally the application of the Random Forest Classifier to classify the applications in families. The proposed method is trained and tested with a dataset of 11,159 malicious applications categorized in 33 unique families. The precision, recall and f1-score achieved is 98%. The results of the proposed methodology are promising, since it even works in an unbalanced dataset and in many cases outperform other state-of-the-art approaches.
Android可以说是世界上使用最广泛的移动操作系统。由于它的广泛使用,它吸引了很多网络罪犯的注意,他们试图利用它的架构并智取无辜的用户来安装恶意软件。这类应用程序的数量每天都在增长,要么是通过替换一种基本的利用机制,要么是通过创建新的机制来窃取用户数据。因此,越来越需要检测机制,可以根据这些应用的特征对家庭进行分类。已经有大量的研究致力于分析和减轻这一日益严重的问题;然而,这种情况需要更高效、精度更高的方法。本文提出了这样一个框架,用于根据使用的权限对恶意应用程序进行分析和分类。该方法包括对应用程序进行预处理以提取其权限,对权限进行标记化,对数据进行清理,最后应用随机森林分类器对应用程序进行分类。所提出的方法在33个独特家族的11,159个恶意应用程序的数据集上进行了训练和测试。准确率、查全率和f1分均达到98%。所提出的方法的结果是有希望的,因为它甚至可以在不平衡的数据集中工作,并且在许多情况下优于其他最先进的方法。
{"title":"Permission-Based Classification of Android Malware Applications Using Random Forest","authors":"Nikolaos Chrysikos, P. Karampelas, Konstantinos F. Xylogiannopoulos","doi":"10.34190/eccws.22.1.1212","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1212","url":null,"abstract":"Android is arguably the most widely used mobile operating system in the world. Due to its widespread use, it has attracted a lot of attention of cybercriminals who attempt to exploit its architecture and outsmart innocent users to install malware applications. The number of such applications is growing every day either by alternating a basic exploitation mechanism or by creating novel mechanisms to exfiltrate users’ data. As a result, there is an increasing need for detection mechanisms that can classify these applications to families based on their characteristics. A significant amount of research has already been devoted to analysing and mitigating this growing problem; however, this situation demands more efficient methods with higher precision. The paper proposes such a framework for analysing and classifying a malicious application to certain families relying on the permissions used. The proposed method involves the pre-processing of the applications to extract their permissions, the tokenization of permissions, the data cleansing and finally the application of the Random Forest Classifier to classify the applications in families. The proposed method is trained and tested with a dataset of 11,159 malicious applications categorized in 33 unique families. The precision, recall and f1-score achieved is 98%. The results of the proposed methodology are promising, since it even works in an unbalanced dataset and in many cases outperform other state-of-the-art approaches.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"430 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132201051","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
AI-based quantum-safe cybersecurity automation and orchestration for edge intelligence in future networks 未来网络中基于人工智能的量子安全网络安全自动化和边缘智能编排
Pub Date : 2023-06-19 DOI: 10.34190/eccws.22.1.1211
Aarne Hummelholm
The AIQUSEC (AI-based quantum secure cyber security automation and orchestration in the edge intelligence of future networks) brings measurable advances to the cyber security of access and edge networks and their services, as well as Operational Service Technologies (OT). The research aims for significant cybersecurity scalability, efficiency, and effectiveness of operations through improved and enhanced device and sensor securities, security assurance, quantum security, and Artificial Intelligence (AI) based automation solutions. The new application scenarios of near future, the multiple stakeholders within each scenario, and the higher data volumes raise the need for novel cybersecurity solutions. Recently, OT cybersecurity threat landscape has become wider, due to the increase digitalization of services, the increase in virtualization and slicing of networks, as well as the increase in advanced cyber-attacks. Because of recent advances in computing power, AI in cybersecurity analyzing and validations is now becoming a reality. A significant part of currently used encryption technologies which secures communications and infrastructures might become instantly penetrable when quantum computing becomes available. Enabling quantum-safety migration development is a clear goal to the project. The research develops a state-of-the-art information security verification and validation environment that supports the integration of cyber security systems as a reference model, focusing on architectural choices and network connection from different vertical use cases. With the help of the platform and the reference model, common cybersecurity capabilities and requirements can be built, tested, and validated, as well as their fulfillment. In addition to the environment mentioned above, the results of the research are demonstrated and utilized in critical communication systems, water utilities, industrial environments, in physical access solutions and remote work. The developed platform can also be used for auditing devices, systems, and software’s in the future. The research integrates new quantum-safe artificial intelligence-based, hardware-hardened, and scalable cybersecurity solutions that have been validated in a standardized way. In this research, we also deal with the requirements of the EU sustainable growth program - issues related to the green transition.  
AIQUSEC(未来网络边缘智能中基于人工智能的量子安全网络安全自动化和编排)为接入和边缘网络及其服务以及运营服务技术(OT)的网络安全带来了可衡量的进步。该研究旨在通过改进和增强设备和传感器安全性、安全保障、量子安全和基于人工智能(AI)的自动化解决方案,实现重大的网络安全可扩展性、效率和运营有效性。在不久的将来,新的应用场景、每个场景中的多个利益相关者以及更高的数据量都提高了对新型网络安全解决方案的需求。近年来,由于服务数字化程度的提高、网络虚拟化和切片的增加以及高级网络攻击的增加,OT网络安全威胁格局变得更加广泛。由于最近计算能力的进步,人工智能在网络安全分析和验证方面正在成为现实。当量子计算可用时,目前使用的用于保护通信和基础设施的加密技术的很大一部分可能会立即被破解。实现量子安全迁移开发是该项目的一个明确目标。该研究开发了一个最先进的信息安全验证和验证环境,支持作为参考模型的网络安全系统集成,重点关注来自不同垂直用例的架构选择和网络连接。在平台和参考模型的帮助下,可以构建、测试和验证常见的网络安全功能和需求,并实现它们。除上述环境外,研究结果还在关键通信系统、供水设施、工业环境、物理访问解决方案和远程工作中得到展示和利用。开发的平台还可以用于将来的设备、系统和软件审计。该研究集成了新的基于量子安全的人工智能、硬件强化和可扩展的网络安全解决方案,这些解决方案已以标准化的方式得到验证。在本研究中,我们还处理了欧盟可持续增长计划的要求-与绿色转型相关的问题。
{"title":"AI-based quantum-safe cybersecurity automation and orchestration for edge intelligence in future networks","authors":"Aarne Hummelholm","doi":"10.34190/eccws.22.1.1211","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1211","url":null,"abstract":"The AIQUSEC (AI-based quantum secure cyber security automation and orchestration in the edge intelligence of future networks) brings measurable advances to the cyber security of access and edge networks and their services, as well as Operational Service Technologies (OT). The research aims for significant cybersecurity scalability, efficiency, and effectiveness of operations through improved and enhanced device and sensor securities, security assurance, quantum security, and Artificial Intelligence (AI) based automation solutions. The new application scenarios of near future, the multiple stakeholders within each scenario, and the higher data volumes raise the need for novel cybersecurity solutions. Recently, OT cybersecurity threat landscape has become wider, due to the increase digitalization of services, the increase in virtualization and slicing of networks, as well as the increase in advanced cyber-attacks. Because of recent advances in computing power, AI in cybersecurity analyzing and validations is now becoming a reality. A significant part of currently used encryption technologies which secures communications and infrastructures might become instantly penetrable when quantum computing becomes available. Enabling quantum-safety migration development is a clear goal to the project. The research develops a state-of-the-art information security verification and validation environment that supports the integration of cyber security systems as a reference model, focusing on architectural choices and network connection from different vertical use cases. With the help of the platform and the reference model, common cybersecurity capabilities and requirements can be built, tested, and validated, as well as their fulfillment. In addition to the environment mentioned above, the results of the research are demonstrated and utilized in critical communication systems, water utilities, industrial environments, in physical access solutions and remote work. The developed platform can also be used for auditing devices, systems, and software’s in the future. The research integrates new quantum-safe artificial intelligence-based, hardware-hardened, and scalable cybersecurity solutions that have been validated in a standardized way. In this research, we also deal with the requirements of the EU sustainable growth program - issues related to the green transition. \u0000 ","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"99 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131459745","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
On Benchmarking and Validation in Wargames 关于战争游戏中的基准测试和验证
Pub Date : 2023-06-19 DOI: 10.34190/eccws.22.1.1132
Adam Wilden, Mehwish Nasim, P. Williams, Tim Legrand, Benjamin Turnbull, P. Williams
There are multiple arguments for and against wargames. Many scientists do not recognise the science in wargames. It is suggested that there is not enough literature relating to wargaming, for there to be any large-scale research into wargames. This is primarily because scientists often refuse to publish results, thus creating a vicious cycle where research is not published because there is not enough research being published. This ultimately deters researchers from studying wargaming in any serious fashion. Owing to this limitation, published work on the results, and protocols of wargames are scarce in scholarly research. Wargaming has considerably less academic focus with a fragmented and practical focus on design and benchmarking. This is surprising given the long history of wargaming (dating back to the early 1600’s), when compared to the relatively recent history of other domains such as software engineering. To better understand the current state of research into wargaming in reference to benchmarking and validation, a scoping review (SR) was conducted. The scholarly research into wargaming reveals papers on general modelling, conflict modelling, influence modelling, evaluation of wargames, analytical tools, use of AI in wargame design, evaluation of predictive modelling in wargames, improving command and control through wargaming, and cost-benefit analysis for decision making. The initial analysis of the coverage of wargaming research, together with the limited number of papers found, indicate that there is a distinct lack of academic research into wargaming. Additionally, there is a wide variety of areas that are interested in the wargaming field, however, with no universal method of analysis or benchmarking, this limits the reproducibility of results, and the ability to judge the overall effectiveness of wargaming efforts. Wargame designers need to be able to assess wargame components to validate, compare, and predict the effects on gameplay and for decision-makers to draw conclusions with more confidence.
支持和反对兵棋推演的理由有很多。许多科学家不承认兵棋推演的科学性。有人认为没有足够的关于兵棋的文献,因此没有任何大规模的兵棋研究。这主要是因为科学家经常拒绝发表结果,从而造成了一个恶性循环,即研究没有发表,因为没有足够的研究被发表。这最终阻碍了研究人员以任何严肃的方式研究兵棋。由于这一限制,在学术研究中,关于兵棋推演结果和协议的出版工作很少。wg对学术的关注相对较少,更多的是注重设计和基准测试。考虑到兵棋推演的悠久历史(可以追溯到17世纪早期),与软件工程等其他领域相对较近的历史相比,这是令人惊讶的。为了更好地了解当前兵棋推演在基准测试和验证方面的研究状况,我们进行了一次范围评估(SR)。对兵棋推演的学术研究包括一般建模、冲突建模、影响建模、兵棋推演评估、分析工具、人工智能在兵棋推演设计中的应用、兵棋推演预测模型的评估、通过兵棋推演改进指挥和控制、决策的成本效益分析等。对兵棋推演研究覆盖范围的初步分析,以及所发现的有限论文数量,表明对兵棋推演的学术研究明显缺乏。此外,有很多领域对兵棋推演感兴趣,然而,由于没有通用的分析方法或基准,这限制了结果的可重复性,以及判断兵棋推演工作整体有效性的能力。战争游戏设计师需要能够评估战争游戏组件,以验证、比较和预测对游戏玩法的影响,并让决策者更有信心地得出结论。
{"title":"On Benchmarking and Validation in Wargames","authors":"Adam Wilden, Mehwish Nasim, P. Williams, Tim Legrand, Benjamin Turnbull, P. Williams","doi":"10.34190/eccws.22.1.1132","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1132","url":null,"abstract":"There are multiple arguments for and against wargames. Many scientists do not recognise the science in wargames. It is suggested that there is not enough literature relating to wargaming, for there to be any large-scale research into wargames. This is primarily because scientists often refuse to publish results, thus creating a vicious cycle where research is not published because there is not enough research being published. This ultimately deters researchers from studying wargaming in any serious fashion. Owing to this limitation, published work on the results, and protocols of wargames are scarce in scholarly research. Wargaming has considerably less academic focus with a fragmented and practical focus on design and benchmarking. This is surprising given the long history of wargaming (dating back to the early 1600’s), when compared to the relatively recent history of other domains such as software engineering. To better understand the current state of research into wargaming in reference to benchmarking and validation, a scoping review (SR) was conducted. The scholarly research into wargaming reveals papers on general modelling, conflict modelling, influence modelling, evaluation of wargames, analytical tools, use of AI in wargame design, evaluation of predictive modelling in wargames, improving command and control through wargaming, and cost-benefit analysis for decision making. The initial analysis of the coverage of wargaming research, together with the limited number of papers found, indicate that there is a distinct lack of academic research into wargaming. Additionally, there is a wide variety of areas that are interested in the wargaming field, however, with no universal method of analysis or benchmarking, this limits the reproducibility of results, and the ability to judge the overall effectiveness of wargaming efforts. Wargame designers need to be able to assess wargame components to validate, compare, and predict the effects on gameplay and for decision-makers to draw conclusions with more confidence.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131646317","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Designing a high-fidelity testbed for 5G-based Industrial IoT 5g工业物联网高保真测试平台设计
Pub Date : 2023-06-19 DOI: 10.34190/eccws.22.1.1204
D. Cruz, T. Cruz, Vasco Pereira, P. Simões
With the rise of the Industrial IoT (Internet of Things) and Industry 4.0 paradigms, many control and sensor systems used for IACS (Industrial Automation and Control Systems) have become more complex, due to the increasing number of interconnected field devices, sensors and actuators often being geographically spread across large areas. Supporting these increasingly sophisticated networked scenarios calls for the involvement of telecommunications and utility providers to better support Machine-to-Machine (M2M) communications and infrastructure orchestration, for which 5G technology is considered a perfect match. Nowadays, such 5G networks empower solutions both for consumer and for industrial IoT scenarios, providing the capacity and the means to seamlessly connect a massive number of gadgets and sensors, with diverse data rate requirements, low latency, and low power consumption. Part of this flexibility is also due to the nature of the 5G Service Architecture (SA), which is based on a microservice concept, dividing its core through multiple functions, allowing it to horizontally scale in a flexible way. Furthermore, the 3GPP specifications encompass specific support for verticals by means of slicing and 5G LANs, paving the way for a paradigm shift in terms of the relationship between service, telecom, and operational infrastructure tenants. However, such benefits come at the cost of extra complexity and, consequently, an increased vulnerability surface. This calls for further research focused on improving 5G infrastructure management, service integration and security, which cannot be safely undertaken in production environments, thus motivating the development of suitable 5G testbeds. This research work, which was developed in the scope of the POWER and Smart5Grid P2020 projects, addresses the creation of a high-fidelity environment for 5G-related research, which encompasses a gNodeB and 5G core, together with emulated User Elements (terminal devices) and IoT nodes (in this specific case, Programmable Logic Controllers), constituting a 5G Industrial IoT scenario designed for development and validation of new solutions, security research, or even advanced training purposes. The entire infrastructure is supported via container orchestration technology, providing enhanced scalability and resilience characteristics.
随着工业物联网(IoT)和工业4.0范例的兴起,由于越来越多的互连现场设备,传感器和执行器通常在地理上分布在大片区域,因此用于IACS(工业自动化和控制系统)的许多控制和传感器系统变得更加复杂。支持这些日益复杂的网络场景需要电信和公用事业提供商的参与,以更好地支持机器对机器(M2M)通信和基础设施编排,5G技术被认为是完美的匹配。如今,这种5G网络为消费者和工业物联网场景提供了解决方案,提供了无缝连接大量设备和传感器的能力和手段,具有不同的数据速率要求、低延迟和低功耗。这种灵活性的部分原因还在于5G服务架构(SA)的性质,它基于微服务概念,通过多个功能划分其核心,允许其以灵活的方式横向扩展。此外,3GPP规范包括通过切片和5G局域网对垂直行业的特定支持,为服务、电信和运营基础设施租户之间关系的范式转变铺平了道路。然而,这样的好处是以额外的复杂性为代价的,因此,增加了脆弱性。这要求进一步研究重点放在改善5G基础设施管理、业务集成和安全性方面,这些在生产环境中无法安全地进行,从而推动开发合适的5G测试平台。这项研究工作是在POWER和Smart5Grid P2020项目范围内开展的,旨在为5G相关研究创建高保真环境,其中包括gndeb和5G核心,以及仿真用户元素(终端设备)和物联网节点(在本例中为可编程逻辑控制器),构成5G工业物联网场景,旨在开发和验证新解决方案,安全研究,甚至高级培训目的。整个基础设施由容器编排技术支持,提供增强的可伸缩性和弹性特征。
{"title":"Designing a high-fidelity testbed for 5G-based Industrial IoT","authors":"D. Cruz, T. Cruz, Vasco Pereira, P. Simões","doi":"10.34190/eccws.22.1.1204","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1204","url":null,"abstract":"With the rise of the Industrial IoT (Internet of Things) and Industry 4.0 paradigms, many control and sensor systems used for IACS (Industrial Automation and Control Systems) have become more complex, due to the increasing number of interconnected field devices, sensors and actuators often being geographically spread across large areas. Supporting these increasingly sophisticated networked scenarios calls for the involvement of telecommunications and utility providers to better support Machine-to-Machine (M2M) communications and infrastructure orchestration, for which 5G technology is considered a perfect match. Nowadays, such 5G networks empower solutions both for consumer and for industrial IoT scenarios, providing the capacity and the means to seamlessly connect a massive number of gadgets and sensors, with diverse data rate requirements, low latency, and low power consumption. Part of this flexibility is also due to the nature of the 5G Service Architecture (SA), which is based on a microservice concept, dividing its core through multiple functions, allowing it to horizontally scale in a flexible way. Furthermore, the 3GPP specifications encompass specific support for verticals by means of slicing and 5G LANs, paving the way for a paradigm shift in terms of the relationship between service, telecom, and operational infrastructure tenants. However, such benefits come at the cost of extra complexity and, consequently, an increased vulnerability surface. This calls for further research focused on improving 5G infrastructure management, service integration and security, which cannot be safely undertaken in production environments, thus motivating the development of suitable 5G testbeds. This research work, which was developed in the scope of the POWER and Smart5Grid P2020 projects, addresses the creation of a high-fidelity environment for 5G-related research, which encompasses a gNodeB and 5G core, together with emulated User Elements (terminal devices) and IoT nodes (in this specific case, Programmable Logic Controllers), constituting a 5G Industrial IoT scenario designed for development and validation of new solutions, security research, or even advanced training purposes. The entire infrastructure is supported via container orchestration technology, providing enhanced scalability and resilience characteristics.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131711218","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Cyber Warfare and Cyber Terrorism Threats Targeting Critical Infrastructure: A HCPS-based Threat Modelling Intelligence Framework 针对关键基础设施的网络战和网络恐怖主义威胁:基于hcps的威胁建模情报框架
Pub Date : 2023-06-19 DOI: 10.34190/eccws.22.1.1443
R. Naidoo, Carla Jacobs
Acts of cyber warfare and cyber terrorism (CWCT) that target a nation's critical infrastructure (CI) are quickly becoming a larger threat to national security than conventional kinetic warfare strategies. Adversaries or potential adversaries can target a nation's electrical grids, telecommunications, financial services, transportation, healthcare systems, and other forms of CI. These acts pose a major threat to a nation's CI and consequently exposes citizens to public health, safety, security, and economic development risks. Identifying cyber vulnerabilities and threats can help nations to improve their CI defence strategies. There is a crucial need for research that can aid in understanding the major types of CI threats and by what method they might occur. This paper conducts a systematic literature review to develop an initial threat intelligence framework of CWCT attacks on CI. Drawing from a Human–Cyber–Physical Systems (HCPS) lens, the threat intelligence framework classifies CWCT attacks according to the methods, weapons, vulnerabilities, targets and impact of the CWCT attack. The cyber warfare community can extend the proposed HCPS-based threat intelligence framework to develop more advanced cyber security mitigation strategies, training scenarios and simulations. Large-scale monitoring of CI threats requires in-depth threat intelligence analysis and a collaborative defence strategy. This calls for a higher degree of coordination and orchestration between the military, intelligence agencies, government departments, multinational allies, regulators, and commercial entities. Future research can customize the proposed HCPS-based threat intelligence framework to cater for the unique threats facing specific CI domains.
针对国家关键基础设施(CI)的网络战行为和网络恐怖主义(CWCT)正迅速成为比传统动能战战略更大的国家安全威胁。对手或潜在对手可以瞄准一个国家的电网、电信、金融服务、交通、医疗保健系统和其他形式的CI。这些行为对一个国家的CI构成重大威胁,从而使公民面临公共卫生、安全、安保和经济发展风险。识别网络漏洞和威胁可以帮助各国改善其CI防御战略。迫切需要进行研究,以帮助理解CI威胁的主要类型以及它们可能以何种方式发生。本文通过系统的文献综述,建立了针对CI的CWCT攻击的初始威胁情报框架。威胁情报框架从人-网络-物理系统(HCPS)的角度出发,根据CWCT攻击的方法、武器、漏洞、目标和影响对CWCT攻击进行分类。网络战领域可以扩展提议的基于hcps的威胁情报框架,以开发更先进的网络安全缓解战略、训练场景和模拟。大规模监控CI威胁需要深入的威胁情报分析和协作防御策略。这需要军队、情报机构、政府部门、多国盟友、监管机构和商业实体之间进行更高程度的协调和编排。未来的研究可以定制提出的基于hcps的威胁情报框架,以满足特定CI领域面临的独特威胁。
{"title":"Cyber Warfare and Cyber Terrorism Threats Targeting Critical Infrastructure: A HCPS-based Threat Modelling Intelligence Framework","authors":"R. Naidoo, Carla Jacobs","doi":"10.34190/eccws.22.1.1443","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1443","url":null,"abstract":"Acts of cyber warfare and cyber terrorism (CWCT) that target a nation's critical infrastructure (CI) are quickly becoming a larger threat to national security than conventional kinetic warfare strategies. Adversaries or potential adversaries can target a nation's electrical grids, telecommunications, financial services, transportation, healthcare systems, and other forms of CI. These acts pose a major threat to a nation's CI and consequently exposes citizens to public health, safety, security, and economic development risks. Identifying cyber vulnerabilities and threats can help nations to improve their CI defence strategies. There is a crucial need for research that can aid in understanding the major types of CI threats and by what method they might occur. This paper conducts a systematic literature review to develop an initial threat intelligence framework of CWCT attacks on CI. Drawing from a Human–Cyber–Physical Systems (HCPS) lens, the threat intelligence framework classifies CWCT attacks according to the methods, weapons, vulnerabilities, targets and impact of the CWCT attack. The cyber warfare community can extend the proposed HCPS-based threat intelligence framework to develop more advanced cyber security mitigation strategies, training scenarios and simulations. Large-scale monitoring of CI threats requires in-depth threat intelligence analysis and a collaborative defence strategy. This calls for a higher degree of coordination and orchestration between the military, intelligence agencies, government departments, multinational allies, regulators, and commercial entities. Future research can customize the proposed HCPS-based threat intelligence framework to cater for the unique threats facing specific CI domains.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125227999","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Target Audiences’ Characteristics and Prospective in Countering Information Warfare 打击信息战的目标受众特征与前景
Pub Date : 2023-06-19 DOI: 10.34190/eccws.22.1.1169
Daniel Ionel Andrei Nistor
NATO Defense Education Enhancement Program defines Information Warfare as an operation run to get cognitive assets over the opponents, by controlling one’s own information space while disrupting the opponents’ one. Not new as a process, continuous technological progress has endowed this phenomenon with speed and instruments to fight cyber and cognitive battles, to attack perceptions, trust, polarise and disrupt societies at large. The all present and undergoing kinetic conflict between Russia and Ukraine doubled by an even stronger cognitive and information war since February 2022 has highlighted even more the need to better understand individuals’ behaviour and characteristics when faced with unconventional attacks, irrespective of a passive or active feedback. By identifying and analysing specific public categories, one can establish which are contextual variables that trigger a social reaction, to be able to then design a set of protective or defensive measures. For a full understanding of the way Information Warfare impacts people’s thinking and decision-making process, to see how a resilience plan can be designed, one should investigate not only the information war instruments but also their effects over people at large. Not knowing the voice of the hostile authors, it Is still important to understand the domestic audience and their reaction to it, so that protective actions be taken for resilience and protection, through education. The domestic public’s identity and its dominant characteristics are brought into attention to understand which is the relation between these and the way Information Warfare can be countered through education, with examples from the Russian’s hostile activity. Values, national identity, stereotypes and generalist psychological profiles will be looked at in this paper, to be put in relation to behaviours, attitude change and resistance in front of types of messages, campaigns and types of media-embedded grey zone threats. The present paper is part of a larger PhD research program that focuses on consolidating a society’s security culture through better institutional strategic communication, therefore all the findings will be used to this end.
北约国防教育增强计划将信息战定义为一种通过控制自己的信息空间同时破坏对手的信息空间来获得对手认知资产的行动。作为一个过程,持续的技术进步赋予了这一现象以速度和工具,以进行网络和认知战争,攻击观念,信任,两极分化和破坏整个社会。自2022年2月以来,一场更加激烈的认知战和信息战使俄罗斯和乌克兰之间当前和正在发生的动态冲突加倍,这更加突显出,在面对非常规攻击时,无论被动反馈还是主动反馈,都需要更好地了解个人的行为和特征。通过识别和分析特定的公共类别,人们可以确定哪些是触发社会反应的上下文变量,然后能够设计一套保护或防御措施。为了充分理解信息战影响人们思维和决策过程的方式,为了了解如何设计弹性计划,人们不仅应该调查信息战工具,还应该调查它们对一般人的影响。在不了解敌对作者的声音的情况下,了解国内读者及其对此的反应仍然很重要,以便通过教育采取保护行动,增强复原力和保护作用。国内公众的身份及其主导特征引起了人们的注意,以了解这些与通过教育应对信息战的方式之间的关系,并以俄罗斯的敌对活动为例。本文将研究价值观、民族认同、刻板印象和通才心理概况,并将其与行为、态度变化和抵抗类型的信息、运动和类型的媒体嵌入的灰色地带威胁联系起来。本论文是一个更大的博士研究项目的一部分,该项目侧重于通过更好的机构战略沟通来巩固社会的安全文化,因此所有的研究结果都将用于此目的。
{"title":"Target Audiences’ Characteristics and Prospective in Countering Information Warfare","authors":"Daniel Ionel Andrei Nistor","doi":"10.34190/eccws.22.1.1169","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1169","url":null,"abstract":"NATO Defense Education Enhancement Program defines Information Warfare as an operation run to get cognitive assets over the opponents, by controlling one’s own information space while disrupting the opponents’ one. Not new as a process, continuous technological progress has endowed this phenomenon with speed and instruments to fight cyber and cognitive battles, to attack perceptions, trust, polarise and disrupt societies at large. The all present and undergoing kinetic conflict between Russia and Ukraine doubled by an even stronger cognitive and information war since February 2022 has highlighted even more the need to better understand individuals’ behaviour and characteristics when faced with unconventional attacks, irrespective of a passive or active feedback. By identifying and analysing specific public categories, one can establish which are contextual variables that trigger a social reaction, to be able to then design a set of protective or defensive measures. For a full understanding of the way Information Warfare impacts people’s thinking and decision-making process, to see how a resilience plan can be designed, one should investigate not only the information war instruments but also their effects over people at large. Not knowing the voice of the hostile authors, it Is still important to understand the domestic audience and their reaction to it, so that protective actions be taken for resilience and protection, through education. The domestic public’s identity and its dominant characteristics are brought into attention to understand which is the relation between these and the way Information Warfare can be countered through education, with examples from the Russian’s hostile activity. Values, national identity, stereotypes and generalist psychological profiles will be looked at in this paper, to be put in relation to behaviours, attitude change and resistance in front of types of messages, campaigns and types of media-embedded grey zone threats. The present paper is part of a larger PhD research program that focuses on consolidating a society’s security culture through better institutional strategic communication, therefore all the findings will be used to this end.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121284930","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
On the software architectures for fog-based secure IOT deployments 基于雾的安全物联网部署的软件架构
Pub Date : 2023-06-19 DOI: 10.34190/eccws.22.1.1222
C. Tselikis
In this paper, we examine architectural designs for the support of demanding ad hoc IoT applications, such as industrial and large-scale IoTs. First, we examine the traditional software stack of nodes involved in centralized sensory applications. Then, we propose a highly distributed ad hoc architecture with increased node cooperation. Finally, we propose a secure fog-based hybrid model that offers optimizations with respect to performance and security and which facilitates the development of intelligent localized end-user applications with very strict latency requirements. In the three models that we examine we highlight operations at the routing layer and at the clustering sub-layer.
在本文中,我们研究了支持苛刻的临时物联网应用(如工业和大规模物联网)的架构设计。首先,我们研究了涉及集中式传感器应用的传统软件堆栈。然后,我们提出了一个高度分布式的自组织架构,增加了节点的合作。最后,我们提出了一个安全的基于雾的混合模型,该模型提供了性能和安全性方面的优化,并促进了具有非常严格延迟要求的智能本地化最终用户应用程序的开发。在我们研究的三个模型中,我们重点介绍了路由层和集群子层的操作。
{"title":"On the software architectures for fog-based secure IOT deployments","authors":"C. Tselikis","doi":"10.34190/eccws.22.1.1222","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1222","url":null,"abstract":"In this paper, we examine architectural designs for the support of demanding ad hoc IoT applications, such as industrial and large-scale IoTs. First, we examine the traditional software stack of nodes involved in centralized sensory applications. Then, we propose a highly distributed ad hoc architecture with increased node cooperation. Finally, we propose a secure fog-based hybrid model that offers optimizations with respect to performance and security and which facilitates the development of intelligent localized end-user applications with very strict latency requirements. In the three models that we examine we highlight operations at the routing layer and at the clustering sub-layer.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117190932","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Smart Terminal System of Systems’ Cyber Threat Impact Evaluation 系统网络威胁影响评估智能终端系统
Pub Date : 2023-06-19 DOI: 10.34190/eccws.22.1.1070
Jussi Simola, J. Pöyhönen, M. Lehto
Systems of system-level thinking is required when the purpose is to develop a coherent understanding of the ecosystem where every user and system requirements are divided into specific parts. The smarter project, as a part of the Sea4value program of DIMECC, aims to develop harbor operations, including passenger and cargo transportation, in a way that port processes will improve, emissions will decrease, and overall security will enhance in smart ports. This paper describes cyber-attack impacts against the Smart terminal system of systems in the cyber realm by utilizing the MITRE ATTACK® framework to map the objectives of threat actors. The Smart Terminal system environment includes ICT, ICS networks and components, communication systems, and port service systems. Internal and external threat sources or actors are hard to divide exactly because of the diversity of the threats. Hybrid threats challenge maritime domain awareness globally. The cyber threat impacts on IT and OT environments are connected to each other because of the use of internal and external networks that impact each other by combining vulnerabilities and threats. Well-working port and terminal operations require not only protected operational systems or sensor systems, but human errors must also be minimized. Objectives of threat actors are presented, categorized, and listed. Threat scenarios illustrate that cyber threats and risks are mainly similar in the maritime global-linked port community and basic hinterland trade. The networked supply chain of the business causes evolving and combined threat scenarios. European and international standards, regulations, policies, recommendations, and, e.g., guidelines by the IMO, set new cyber-threat requirements for port and terminal services and facilities. Therefore, overall security must be considered when cyber-security is the development area. Information exchange in an understandable form is essential for maintaining business continuity. Threat information has to be transferred among stakeholders as well as cyber security codes have to be followed in the port operations of partners that are involved, for example, in operational and system-level actions. Digitalization in smart ports and terminals enhances the capacity to handle cargo and passengers more efficiently, but cyber threats evolve.
当目的是开发对生态系统的一致理解时,需要系统级思维系统,其中每个用户和系统需求都被划分为特定的部分。作为DIMECC Sea4value计划的一部分,智能项目旨在发展港口运营,包括客运和货运,以改善港口流程,减少排放,并提高智能港口的整体安全性。本文通过利用MITRE ATTACK®框架来映射威胁行为者的目标,描述了网络攻击对网络领域中系统的智能终端系统的影响。智能终端系统环境包括ICT、ICS网络及组件、通信系统、港口服务系统等。由于威胁的多样性,很难准确划分内部和外部威胁来源或行为者。混合威胁挑战着全球的海洋领域意识。网络威胁对IT和OT环境的影响是相互联系的,因为内部网络和外部网络通过漏洞和威胁的组合相互影响。良好的港口和码头运营不仅需要受保护的操作系统或传感器系统,还必须尽量减少人为错误。威胁行为者的目标被呈现、分类和列出。威胁情景表明,网络威胁和风险在海上与全球相连的港口社区和基础腹地贸易中主要相似。企业的网络供应链导致不断演变和组合的威胁场景。欧洲和国际标准、法规、政策、建议,以及国际海事组织(IMO)的指导方针,为港口和码头服务和设施设定了新的网络威胁要求。因此,以网络安全为发展领域,必须考虑整体安全。以可理解的形式进行信息交换对于保持业务连续性至关重要。威胁信息必须在利益相关者之间传递,并且在涉及的合作伙伴的端口操作中必须遵守网络安全代码,例如在操作和系统级行动中。智能港口和码头的数字化提高了更有效地处理货物和乘客的能力,但网络威胁也在不断发展。
{"title":"Smart Terminal System of Systems’ Cyber Threat Impact Evaluation","authors":"Jussi Simola, J. Pöyhönen, M. Lehto","doi":"10.34190/eccws.22.1.1070","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1070","url":null,"abstract":"Systems of system-level thinking is required when the purpose is to develop a coherent understanding of the ecosystem where every user and system requirements are divided into specific parts. The smarter project, as a part of the Sea4value program of DIMECC, aims to develop harbor operations, including passenger and cargo transportation, in a way that port processes will improve, emissions will decrease, and overall security will enhance in smart ports. This paper describes cyber-attack impacts against the Smart terminal system of systems in the cyber realm by utilizing the MITRE ATTACK® framework to map the objectives of threat actors. The Smart Terminal system environment includes ICT, ICS networks and components, communication systems, and port service systems. Internal and external threat sources or actors are hard to divide exactly because of the diversity of the threats. Hybrid threats challenge maritime domain awareness globally. The cyber threat impacts on IT and OT environments are connected to each other because of the use of internal and external networks that impact each other by combining vulnerabilities and threats. Well-working port and terminal operations require not only protected operational systems or sensor systems, but human errors must also be minimized. Objectives of threat actors are presented, categorized, and listed. Threat scenarios illustrate that cyber threats and risks are mainly similar in the maritime global-linked port community and basic hinterland trade. The networked supply chain of the business causes evolving and combined threat scenarios. European and international standards, regulations, policies, recommendations, and, e.g., guidelines by the IMO, set new cyber-threat requirements for port and terminal services and facilities. Therefore, overall security must be considered when cyber-security is the development area. Information exchange in an understandable form is essential for maintaining business continuity. Threat information has to be transferred among stakeholders as well as cyber security codes have to be followed in the port operations of partners that are involved, for example, in operational and system-level actions. Digitalization in smart ports and terminals enhances the capacity to handle cargo and passengers more efficiently, but cyber threats evolve.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128573211","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
DPIA for Cloud-based Health Organizations in the context of GDPR GDPR背景下基于云的医疗机构的DPIA
Pub Date : 2023-06-19 DOI: 10.34190/eccws.22.1.1144
Dimitra Georgiou, C. Lambrinoudakis
The General Data Protection Regulation is the core instrument of the reformed legal framework for personal data protection in the European Union. The GDPR was put into effect on May 25, 2018, and requires assessing and conducting a Data Protection Impact Assessment for processing operations that are likely to result in a high risk to the rights and freedoms of natural persons, specifically using new technologies and considering the nature, scope, context, and purposes of the processing. Although GDPR does not precisely specify the types of processing activities for which a DPIA would be necessary, through the guidelines that it provides, the organization should conduct a DPIA, if there is large scale processing of health data. An example of this, is a Cloud-based Health Organization. Taking into account this parameter, that Cloud-based Health Organization processes personal data that could impact the freedoms and rights of a data subject under the GDPR and that the GDPR does not specify a DPIA process to follow, instead it allows organizations to use a framework that complements their existing processes, this paper presents the last two steps of a DPIA study for a Cloud-based Health Organization and provides guidelines on how to carry them out effectively. This study is part of a project for the compliance of Cloud-based Health Organizations with the General Data Protection Regulation 2016/679. For fulfilling the objectives of this study, the PIA-CNIL methodology is applied, which is in accordance with the data privacy impact assessment that has been described in ISO/IEC 29134. The main contribution of this work is the development of a guide that is designed to help Cloud-based Health organizations identify, analyze and reduce data protection risks in relation to their processing activities. More analytically, this research presents the risks that could be materialized by the data processing activities carried out by a Cloud-based Health Organization regarding its Processing Activities and could have an impact on the fundamental rights and freedoms of natural persons.
《一般数据保护条例》是欧盟个人数据保护法律框架改革后的核心工具。GDPR于2018年5月25日生效,要求对可能对自然人权利和自由造成高风险的处理操作进行数据保护影响评估,特别是使用新技术并考虑处理的性质、范围、背景和目的。尽管GDPR没有精确规定需要DPIA的处理活动类型,但通过其提供的指导方针,如果存在大规模的健康数据处理,组织应该进行DPIA。这方面的一个例子是基于云的医疗组织。考虑到这一参数,基于云的医疗机构处理的个人数据可能会影响数据主体在GDPR下的自由和权利,并且GDPR没有指定要遵循的DPIA流程,而是允许组织使用补充其现有流程的框架,本文介绍了基于云的医疗机构DPIA研究的最后两个步骤,并提供了如何有效执行这些步骤的指导方针。本研究是基于云的医疗组织遵守《2016/679通用数据保护条例》项目的一部分。为了实现本研究的目标,采用了PIA-CNIL方法,该方法符合ISO/IEC 29134中描述的数据隐私影响评估。这项工作的主要贡献是制定了一份指南,旨在帮助基于云的卫生组织识别、分析和减少与其处理活动有关的数据保护风险。从更深入的分析角度来看,这项研究提出了基于云的卫生组织就其处理活动开展的数据处理活动可能带来的风险,并可能对自然人的基本权利和自由产生影响。
{"title":"DPIA for Cloud-based Health Organizations in the context of GDPR","authors":"Dimitra Georgiou, C. Lambrinoudakis","doi":"10.34190/eccws.22.1.1144","DOIUrl":"https://doi.org/10.34190/eccws.22.1.1144","url":null,"abstract":"The General Data Protection Regulation is the core instrument of the reformed legal framework for personal data protection in the European Union. The GDPR was put into effect on May 25, 2018, and requires assessing and conducting a Data Protection Impact Assessment for processing operations that are likely to result in a high risk to the rights and freedoms of natural persons, specifically using new technologies and considering the nature, scope, context, and purposes of the processing. Although GDPR does not precisely specify the types of processing activities for which a DPIA would be necessary, through the guidelines that it provides, the organization should conduct a DPIA, if there is large scale processing of health data. An example of this, is a Cloud-based Health Organization. Taking into account this parameter, that Cloud-based Health Organization processes personal data that could impact the freedoms and rights of a data subject under the GDPR and that the GDPR does not specify a DPIA process to follow, instead it allows organizations to use a framework that complements their existing processes, this paper presents the last two steps of a DPIA study for a Cloud-based Health Organization and provides guidelines on how to carry them out effectively. This study is part of a project for the compliance of Cloud-based Health Organizations with the General Data Protection Regulation 2016/679. For fulfilling the objectives of this study, the PIA-CNIL methodology is applied, which is in accordance with the data privacy impact assessment that has been described in ISO/IEC 29134. The main contribution of this work is the development of a guide that is designed to help Cloud-based Health organizations identify, analyze and reduce data protection risks in relation to their processing activities. More analytically, this research presents the risks that could be materialized by the data processing activities carried out by a Cloud-based Health Organization regarding its Processing Activities and could have an impact on the fundamental rights and freedoms of natural persons.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"70 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128384712","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
期刊
European Conference on Cyber Warfare and Security
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1