Televisions have become "smart" with the addition of computers into their designs. Smart TVs represent a recent risk to the digital cybersecurity ecosystem. Higher-end smart TV models generally sell for more than $1000. Some smart TV's sell for more than $10000. Research has shown that these relatively expensive devices have little to no effective protection against malware leaving them at risk of total loss. This situation creates the need for an apparatus that could conceivably provide a reasonable level of protection from malware at a marginal cost relative to the cost of a high-end Smart TV. This paper presents several concepts for such an apparatus and postulates a recommended approach to secure users against malware attacks on Smart TVs.
{"title":"Design and Development of Smart TV Protector","authors":"D. Privitera, H. Shahriar","doi":"10.1109/NCS.2018.00012","DOIUrl":"https://doi.org/10.1109/NCS.2018.00012","url":null,"abstract":"Televisions have become \"smart\" with the addition of computers into their designs. Smart TVs represent a recent risk to the digital cybersecurity ecosystem. Higher-end smart TV models generally sell for more than $1000. Some smart TV's sell for more than $10000. Research has shown that these relatively expensive devices have little to no effective protection against malware leaving them at risk of total loss. This situation creates the need for an apparatus that could conceivably provide a reasonable level of protection from malware at a marginal cost relative to the cost of a high-end Smart TV. This paper presents several concepts for such an apparatus and postulates a recommended approach to secure users against malware attacks on Smart TVs.","PeriodicalId":283240,"journal":{"name":"2018 National Cyber Summit (NCS)","volume":"166 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121034349","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A. Applebaum, Shawn Johnson, Michael Limiero, Michael Smith
Cyber analysts tend to respond to anomalous events manually, often using subjective judgment that can lead to responses that are less than optimal. Additionally, analysts tend to report on events and share cyber knowledge in unstructured, textual formats, which not only require more time to parse – thus taking more time to respond – but also lead to multiple conclusions from the same input. To remedy this, we have proposed a framework designed to provide an analyst with a set of timely and accurate courses of action in response to events, in some cases automating those responses. As part of this framework, we have created a playbook specification format that allows analysts to specify the right course of action to take in response to events, given certain risk conditions and mission context. In addition to providing the specification format, we have also created an initial ontology to help analysts build their playbook contents and have laid out a notional architecture that can operationalize these playbooks. Our playbook format can help standardize how analysts should respond to events, thus decreasing the time to response and enabling analysts to share key knowledge in a common format. Ultimately, this should increase the efficacy of security operations center personnel.
{"title":"Playbook Oriented Cyber Response","authors":"A. Applebaum, Shawn Johnson, Michael Limiero, Michael Smith","doi":"10.1109/NCS.2018.00007","DOIUrl":"https://doi.org/10.1109/NCS.2018.00007","url":null,"abstract":"Cyber analysts tend to respond to anomalous events manually, often using subjective judgment that can lead to responses that are less than optimal. Additionally, analysts tend to report on events and share cyber knowledge in unstructured, textual formats, which not only require more time to parse – thus taking more time to respond – but also lead to multiple conclusions from the same input. To remedy this, we have proposed a framework designed to provide an analyst with a set of timely and accurate courses of action in response to events, in some cases automating those responses. As part of this framework, we have created a playbook specification format that allows analysts to specify the right course of action to take in response to events, given certain risk conditions and mission context. In addition to providing the specification format, we have also created an initial ontology to help analysts build their playbook contents and have laid out a notional architecture that can operationalize these playbooks. Our playbook format can help standardize how analysts should respond to events, thus decreasing the time to response and enabling analysts to share key knowledge in a common format. Ultimately, this should increase the efficacy of security operations center personnel.","PeriodicalId":283240,"journal":{"name":"2018 National Cyber Summit (NCS)","volume":"145 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123485569","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Running window entropy is a useful tool for malware analysis, network anomaly detection, and other cybersecurity topics. An optimized version of this algorithm would allow for inspection of more data in less time, thereby reducing wasted time and costs for an organization. This research presents a novel, non-trivial optimization of the running window entropy algorithm that, on average, requires less than 2% of the time of the original algorithm used in prior research. This savings can equate to days and months of computation time for average scenarios when applied to prior research.
{"title":"An Optimized Running Window Entropy Algorithm","authors":"K. Jones, Yong Wang","doi":"10.1109/NCS.2018.00016","DOIUrl":"https://doi.org/10.1109/NCS.2018.00016","url":null,"abstract":"Running window entropy is a useful tool for malware analysis, network anomaly detection, and other cybersecurity topics. An optimized version of this algorithm would allow for inspection of more data in less time, thereby reducing wasted time and costs for an organization. This research presents a novel, non-trivial optimization of the running window entropy algorithm that, on average, requires less than 2% of the time of the original algorithm used in prior research. This savings can equate to days and months of computation time for average scenarios when applied to prior research.","PeriodicalId":283240,"journal":{"name":"2018 National Cyber Summit (NCS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129475508","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Allocating cyber-security analysts to incoming cyber alerts is an important task in any organization employing cyber-defense mechanisms. Alerts are typically generated when intrusion detection software on computer systems (e.g., servers, routers) detect abnormal or suspicious activity. Based on the respective significance level of the alerts, some are assigned to cyber-security analysts for further investigation. Due to the wide range of potential attacks coupled with high degrees of attack sophistication, identifying what constitutes a true attack is a challenging problem, especially for organizations performing critical operations (e.g., military bases, financial institutions, etc.) that are constantly being subjected to cyber attacks every day. In this paper, we develop a game-theoretical framework that assigns cyber-security analysts to cyber alerts to minimize the overall risk faced by an organization. Our approach considers a series of games between the attacker and the defender in which a state is maintained between sub-games. The state captures the availability of analysts as well as an attack budget metric that enables us to model the level of risk an attacker is willing to undertake. Through dynamic programming and Q-maximin value iteration-based algorithms, we identify optimal allocation strategies that take into account the current availability of analysts, the risk faced by the attacker, the incoming alerts, and the future outlook of the system. We assess the effectiveness of our allocation strategies by comparing them to other sensible heuristics (e.g., random, greedy and myopic). Our results show that our approach outperforms these other strategies in minimizing risk.
{"title":"Allocating Security Analysts to Cyber Alerts Using Markov Games","authors":"Noah Dunstatter, Mina Guirguis, A. Tahsini","doi":"10.1109/NCS.2018.00008","DOIUrl":"https://doi.org/10.1109/NCS.2018.00008","url":null,"abstract":"Allocating cyber-security analysts to incoming cyber alerts is an important task in any organization employing cyber-defense mechanisms. Alerts are typically generated when intrusion detection software on computer systems (e.g., servers, routers) detect abnormal or suspicious activity. Based on the respective significance level of the alerts, some are assigned to cyber-security analysts for further investigation. Due to the wide range of potential attacks coupled with high degrees of attack sophistication, identifying what constitutes a true attack is a challenging problem, especially for organizations performing critical operations (e.g., military bases, financial institutions, etc.) that are constantly being subjected to cyber attacks every day. In this paper, we develop a game-theoretical framework that assigns cyber-security analysts to cyber alerts to minimize the overall risk faced by an organization. Our approach considers a series of games between the attacker and the defender in which a state is maintained between sub-games. The state captures the availability of analysts as well as an attack budget metric that enables us to model the level of risk an attacker is willing to undertake. Through dynamic programming and Q-maximin value iteration-based algorithms, we identify optimal allocation strategies that take into account the current availability of analysts, the risk faced by the attacker, the incoming alerts, and the future outlook of the system. We assess the effectiveness of our allocation strategies by comparing them to other sensible heuristics (e.g., random, greedy and myopic). Our results show that our approach outperforms these other strategies in minimizing risk.","PeriodicalId":283240,"journal":{"name":"2018 National Cyber Summit (NCS)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126773446","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Information risk is an increasing concern for researchers and practitioners. By utilizing Technology Threat Avoidance and Social Comparison Theory, we examine the role of perceived risk, perceived risk controllability and self-efficacy secure intention. Findings indicate that users optimistically biased in their risk perceptions and controllability compared with their social counterparts.
{"title":"Impact of Perceived Risk, Perceived Controllability, and Security Self-Efficacy on Secure Intention from Social Comparison Theory Perspective","authors":"D. Kim, B. Phillps, Young U. Ryu","doi":"10.1109/NCS.2018.00014","DOIUrl":"https://doi.org/10.1109/NCS.2018.00014","url":null,"abstract":"Information risk is an increasing concern for researchers and practitioners. By utilizing Technology Threat Avoidance and Social Comparison Theory, we examine the role of perceived risk, perceived risk controllability and self-efficacy secure intention. Findings indicate that users optimistically biased in their risk perceptions and controllability compared with their social counterparts.","PeriodicalId":283240,"journal":{"name":"2018 National Cyber Summit (NCS)","volume":"106 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125485704","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Message from General Chairs","authors":"","doi":"10.1109/ncs.2018.00005","DOIUrl":"https://doi.org/10.1109/ncs.2018.00005","url":null,"abstract":"","PeriodicalId":283240,"journal":{"name":"2018 National Cyber Summit (NCS)","volume":"70 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114672615","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Cybersecurity is of increasing importance due to the rise in reliance on digital equipment and programs to manage our daily lives, including the transmission and storage of personal information. Research studies establish that an effective security awareness program is one of the most important steps towards increasing cybersecurity. In this study we set out to understand the current level of security awareness among college and high school students and develop a module that will help raise their awareness. The main features of our module are interactivity and the presentation of shocking consequences of careless cyber habits of common Internet/technology users. We designed a survey that includes pre and post-tests to fulfill the goals of our project and administered it to students on our campus and at local high schools. Our survey results indicate that the module has been effective on both bodies of students with most impact on non-Computer Science majors. Results also indicate that there is no significant difference in awareness levels for male versus female students.
{"title":"Online Cybersecurity Awareness Modules for College and High School Students","authors":"Y. Peker, Lydia Ray, S. D. Silva","doi":"10.1109/NCS.2018.00009","DOIUrl":"https://doi.org/10.1109/NCS.2018.00009","url":null,"abstract":"Cybersecurity is of increasing importance due to the rise in reliance on digital equipment and programs to manage our daily lives, including the transmission and storage of personal information. Research studies establish that an effective security awareness program is one of the most important steps towards increasing cybersecurity. In this study we set out to understand the current level of security awareness among college and high school students and develop a module that will help raise their awareness. The main features of our module are interactivity and the presentation of shocking consequences of careless cyber habits of common Internet/technology users. We designed a survey that includes pre and post-tests to fulfill the goals of our project and administered it to students on our campus and at local high schools. Our survey results indicate that the module has been effective on both bodies of students with most impact on non-Computer Science majors. Results also indicate that there is no significant difference in awareness levels for male versus female students.","PeriodicalId":283240,"journal":{"name":"2018 National Cyber Summit (NCS)","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127724665","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: