CrossTalk. The Journal of Defense Software Engineering. Volume 25, Number 6

DTIC Science & Technology

2012-12-01

Cyber Security Threat Definition Communicable Noncommunicable Based on Risky Behavior Coordinated Trojan horse programs Threats hidden in a...for Cyber Security Threats Cyber Security Threat Communicable Noncommunicable Risky Behaviors Coordinated Type of Intervention (at the System...types of data are breached. Further, educational materials on risky behaviors (e.g., for home Internet users) as well as recommended guide- lines for

INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY

DOE Office of Scientific and Technical Information (OSTI.GOV)

Robert S. Anderson; Mark Schanfein; Trond Bjornard

2011-07-01

Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's abilitymore » to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.« less

75 FR 26171 - Cyber Security Certification Program

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-11

...-sector auditors who will examine those provider's adherence to stringent cyber security practices that... the auditors who will conduct security assessments of communications service providers; (3) establish... whether the auditors should also be private-sector entities. If so, in order to prevent conflicts of...

Cyber Security--Are You Prepared?

ERIC Educational Resources Information Center

Newman, Scott

2007-01-01

During the summer 2002 term, Oklahoma State University-Okmulgee's Information Technologies Division offered a one credit-hour network security course--which barely had adequate student interest to meet the institution's enrollment requirements. Today, OSU-Okmulgee boasts one of the nation's premier cyber security programs. Many prospective…

Mission Assurance Modeling and Simulation: A Cyber Security Roadmap

NASA Technical Reports Server (NTRS)

Gendron, Gerald; Roberts, David; Poole, Donold; Aquino, Anna

2012-01-01

This paper proposes a cyber security modeling and simulation roadmap to enhance mission assurance governance and establish risk reduction processes within constrained budgets. The term mission assurance stems from risk management work by Carnegie Mellon's Software Engineering Institute in the late 19905. By 2010, the Defense Information Systems Agency revised its cyber strategy and established the Program Executive Officer-Mission Assurance. This highlights a shift from simply protecting data to balancing risk and begins a necessary dialogue to establish a cyber security roadmap. The Military Operations Research Society has recommended a cyber community of practice, recognizing there are too few professionals having both cyber and analytic experience. The authors characterize the limited body of knowledge in this symbiotic relationship. This paper identifies operational and research requirements for mission assurance M&S supporting defense and homeland security. M&S techniques are needed for enterprise oversight of cyber investments, test and evaluation, policy, training, and analysis.

Cyber-Informed Engineering

DOE Office of Scientific and Technical Information (OSTI.GOV)

Anderson, Robert S.; Benjamin, Jacob; Wright, Virginia L.

A continuing challenge for engineers who utilize digital systems is to understand the impact of cyber-attacks across the entire product and program lifecycle. This is a challenge due to the evolving nature of cyber threats that may impact the design, development, deployment, and operational phases of all systems. Cyber Informed Engineering is the process by which engineers are made aware of both how to use their engineering knowledge to positively impact the cyber security in the processes by which they architect and design components and the services and security of the components themselves.

Personnel Recovery in Space

DTIC Science & Technology

2016-07-13

adequate security testing , and segment their networks and systems into separate defended enclaves. Finally, cyber defenders should posi- tion themselves...explicitly tied to following security practices, and there should be consequences for security failures that are regularly tested via a continuing testing ...program. Users should be routinely tested and probed, and those who do not perform well should face escalating consequences. For example, cyber

Cyber Security Testing and Training Programs for Industrial Control Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Daniel Noyes

2012-03-01

Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall securitymore » posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.« less

75 FR 33629 - Agency Information Collection Activities: Submission for Review; Information Collection Request...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-06-14

... Infrastructure against Cyber Threats (PREDICT) Program AGENCY: Science and Technology Directorate, DHS. ACTION... Infrastructure Against Cyber Threats (PREDICT) initiative. PREDICT is an initiative to facilitate the... effective threat assessment and increase cyber security capabilities. (4) An estimate of the total number of...

76 FR 72426 - Agency Information Collection Activities: Submission for Review; Information Collection Request...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-11-23

... (DHS), Science and Technology, Protected Repository for the Defense of Infrastructure Against Cyber... the Defense of Infrastructure against Cyber Threats (PREDICT) program, and is a revision of a... operational data for use in cyber security research and development through the establishment of distributed...

Addressing Human Factors Gaps in Cyber Defense

DTIC Science & Technology

2016-09-23

Factors Gaps in Cyber Defense 5a. CONTRACT NUMBER FA8650-14-D-6501-0009 5b. GRANT NUMBER 5c. PROGRAM ELEMENT NUMBER 6. AUTHOR(S) Alex... Cyber security is a high-ranking national priority that is only likely to grow as we become more dependent on cyber systems. From a research perspective...currently available work often focuses solely on technological aspects of cyber , acknowledging the human in passing, if at all. In recent years, the

78 FR 28809 - Reserve Forces Policy Board (RFPB); Notice of Federal Advisory Committee Meeting

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-16

... Assessment and Program Evaluation; the Deputy Commander, U.S. Cyber Command; Dr. Paul Stockton, former...; and the cost to maintain a strong Reserve Component. Additionally, the Deputy Commander, U.S. Cyber Command, will discuss his views on the increased emphasis placed on cyber security and the logical mission...

Cyber Security Considerations for Autonomous Tactical Wheeled Vehicles

DTIC Science & Technology

2016-04-01

extraordinarily significant (Office of the Press Secretary, 2015). The White House added that cybersecurity is a shared responsibility between the...cannot, nor would Americans want it to, provide cybersecurity for every private network. Therefore, the private sector plays a crucial role in our... Cybersecurity Initiative,” that established the procedures the Acquisition community should use to manage future of Acquisition programs. Cyber Security

Cyber Security: Assessing Our Vulnerabilities and Developing an Effective Defense

NASA Astrophysics Data System (ADS)

Spafford, Eugene H.

The number and sophistication of cyberattacks continues to increase, but no national policy is in place to confront them. Critical systems need to be built on secure foundations, rather than the cheapest general-purpose platform. A program that combines education in cyber security, increasing resources for law enforcement, development of reliable systems for critical applications, and expanding research support in multiple areas of security and reliability is essential to combat risks that are far beyond the nuisances of spam email and viruses, and involve widespread espionage, theft, and attacks on essential services.

Ignoring a Revolution in Military Affairs: The Need to Create a Separate Branch of the Armed Forces for Cyber Warfare

DTIC Science & Technology

2017-06-09

those with talent in the computer sciences. Upon graduation from high school, computer -proficient teenagers are selected for an elite cyber force and...Arguably, the Massachusetts Institute of Technology (M.I.T.) is the premiere institution for computer science. M.I.T. graduates make, on average, $83,455...study specific to computer science and provide certification in programs like ethical hacking, cyber security, and programing. As with the other

Security Hardened Cyber Components for Nuclear Power Plants: Phase I SBIR Final Technical Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Franusich, Michael D.

SpiralGen, Inc. built a proof-of-concept toolkit for enhancing the cyber security of nuclear power plants and other critical infrastructure with high-assurance instrumentation and control code. The toolkit is based on technology from the DARPA High-Assurance Cyber Military Systems (HACMS) program, which has focused on applying the science of formal methods to the formidable set of problems involved in securing cyber physical systems. The primary challenges beyond HACMS in developing this toolkit were to make the new technology usable by control system engineers and compatible with the regulatory and commercial constraints of the nuclear power industry. The toolkit, packaged as amore » Simulink add-on, allows a system designer to assemble a high-assurance component from formally specified and proven blocks and generate provably correct control and monitor code for that subsystem.« less

Software Acquisition in the Age of Cyber Warfare

DTIC Science & Technology

2011-05-01

s c h o o l o f S Y S T E M S a n d L O G I S T I C S education service research Software Acquisition in the Age of Cyber Warfare Maj...DATE MAY 2011 2. REPORT TYPE 3. DATES COVERED 00-00-2011 to 00-00-2011 4. TITLE AND SUBTITLE Software Acquisition in the Age of Cyber Warfare 5a...AFIT Cyber 200/300 Courses Cyber Warfare IDE Program 34 Special Emphasis On… Enterprise Integration (Active Directory, PKI) Security

The cyber threat, trophy information and the fortress mentality.

PubMed

Scully, Tim

2011-10-01

'It won't happen to me' is a prevalent mindset among senior executives in the private and public sectors when considering targeted cyber intrusions. This is exacerbated by the long-term adoption of a 'fortress mentality' towards cyber security, and by the attitude of many of our cyber-security professionals, who speak a different language when it comes to communicating cyber-security events to senior executives. The prevailing approaches to cyber security have clearly failed. Almost every week another serious, targeted cyber intrusion is reported, but reported intrusions are only the tip of the iceberg. Why have we got it so wrong? It must be acknowledged that cyber security is no longer the domain of cyber-security experts alone. Many more of us at various levels of leadership must understand, and be more deeply engaged in, the cyber-security challenge if we are to deal with the threat holistically and effectively. Governments cannot combat the cyber threat alone, particularly the so-called advanced persistent threat; they must work closely with industry as trusted partners. Industry will be the 'boots on the ground' in cyber security, but there are challenges to building this relationship, which must be based on sound principles.

Sandia National Laboratories: National Security Missions: International

Science.gov Websites

Transportation Energy Energy Research Global Security WMD Counterterrorism & Response Global Threat Reduction Homeland Defense & Force Protection Homeland Security Cyber & Infrastructure Security Global Business Procurement Technical Assistance Program (PTAP) Current Suppliers iSupplier Account Accounts

Data to DecisionsTerminate, Tolerate, Transfer, or Treat

DTIC Science & Technology

2016-07-25

and patching, a risk-based cyber - security decision model that enables a pre- dictive capability to respond to impending cyber -attacks is needed...States. This sensitive data includes business proprietary information on key programs of record and infrastructure, including government documents at...leverage nationally. The Institute for Defense Analyses (IDA) assisted the DoD CIO in formalizing a proof of concept for cyber initiatives and

Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation

DTIC Science & Technology

2009-10-09

Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation Prepared for The US-China Economic and...the People?s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation 5a. CONTRACT NUMBER 5b. GRANT NUMBER 5c. PROGRAM ELEMENT...Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation 2 US-China Economic and Security Review

Final LDRD Report: Using Linkography of Cyber Attack Patterns to Inform Honeytoken Placement.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mitchell, Robert; Jarocki, John Charles; Fisher, Andrew N

The war to establish cyber supremacy continues, and the literature is crowded with strictly technical cyber security measures. We present the results of a three year LDRD project using Linkography, a methodology new to the field of cyber security, we establish the foundation neces- sary to track and profile the microbehavior of humans attacking cyber systems. We also propose ways to leverage this understanding to influence and deceive these attackers. We studied the sci- ence of linkography, applied it to the cyber security domain, implemented a software package to manage linkographs, generated the preprocessing blocks necessary to ingest raw data,more » produced machine learning models, created ontology refinement algorithms and prototyped a web applica- tion for researchers and practitioners to apply linkography. Machine learning produced some of our key results: We trained and validated multinomial classifiers with a real world data set and predicted the attacker's next category of action with 86 to 98% accuracy; dimension reduction techniques indicated that the linkography-based features were among the most powerful. We also discovered ontology refinement algorithms that advanced the state of the art in linkography in general and cyber security in particular. We conclude that linkography is a viable tool for cyber security; we look forward to expanding our work to other data sources and using our prediction results to enable adversary deception techniques. Acknowledgements Thanks to Phil Bennett, Michael Bernard, Jeffrey Bigg, Marshall Daniels, Tyler Dean, David Dug- gan, Carson Kent, Josh Maine, Marci McBride, Nick Peterson, Katie Rodhouse, Asael Sorenson, Roger Suppona, Scott Watson and David Zage. We acknowledge support for this work by the LDRD Program at Sandia National Laboratories. Sandia National Laboratories is a multi-mission laboratory operated by Sandia Corporation for the United States Department of Energy's National Nuclear Security Administration under Contract DE-AC04-94AL85000. This page intentionally left blank.« less

PLAYGROUND: Preparing Students for the Cyber Battleground

ERIC Educational Resources Information Center

Nielson, Seth James

2017-01-01

Attempting to educate practitioners of computer security can be difficult if for no other reason than the breadth of knowledge required today. The security profession includes widely diverse subfields including cryptography, network architectures, programming, programming languages, design, coding practices, software testing, pattern recognition,…

Securing Cyberspace: Approaches to Developing an Effective Cyber-Security Strategy

DTIC Science & Technology

2011-05-15

attackers, cyber - criminals or even teenage hackers. Protecting cyberspace is a national security priority. President Obama’s National Security...prefers to engage international law enforcement to investigate and catch cyber criminals .40 International cooperation could resolve jurisdictional...sheltered them. Similarly, a state that fails to prosecute cyber - criminals , or who gives safe haven to individuals or groups that conduct cyber-attacks

Sandia National Laboratories: Directed-energy tech receives funding to

Science.gov Websites

Accomplishments Energy Stationary Power Earth Science Transportation Energy Energy Research Global Security WMD & Figures Programs Nuclear Weapons About Nuclear Weapons Safety & Security Weapons Science & Cyber & Infrastructure Security Global Security Remote Sensing & Verification Research Research

78 FR 6807 - Critical Infrastructure Protection and Cyber Security Trade Mission to Saudi Arabia and Kuwait...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-01-31

... Cyber Security Trade Mission to Saudi Arabia and Kuwait, September 28-October 1, 2013 AGENCY... coordinating and sponsoring an executive-led Critical Infrastructure Protection and Cyber Security mission to... on the cyber security, critical infrastructure protection, and emergency management, ports of entry...

Human-Technology Centric In Cyber Security Maintenance For Digital Transformation Era

NASA Astrophysics Data System (ADS)

Ali, Firkhan Ali Bin Hamid; Zalisham Jali, Mohd, Dr

2018-05-01

The development of the digital transformation in the organizations has become more expanding in these present and future years. This is because of the active demand to use the ICT services among all the organizations whether in the government agencies or private sectors. While digital transformation has led manufacturers to incorporate sensors and software analytics into their offerings, the same innovation has also brought pressure to offer clients more accommodating appliance deployment options. So, their needs a well plan to implement the cyber infrastructures and equipment. The cyber security play important role to ensure that the ICT components or infrastructures execute well along the organization’s business successful. This paper will present a study of security management models to guideline the security maintenance on existing cyber infrastructures. In order to perform security model for the currently existing cyber infrastructures, combination of the some security workforces and security process of extracting the security maintenance in cyber infrastructures. In the assessment, the focused on the cyber security maintenance within security models in cyber infrastructures and presented a way for the theoretical and practical analysis based on the selected security management models. Then, the proposed model does evaluation for the analysis which can be used to obtain insights into the configuration and to specify desired and undesired configurations. The implemented cyber security maintenance within security management model in a prototype and evaluated it for practical and theoretical scenarios. Furthermore, a framework model is presented which allows the evaluation of configuration changes in the agile and dynamic cyber infrastructure environments with regard to properties like vulnerabilities or expected availability. In case of a security perspective, this evaluation can be used to monitor the security levels of the configuration over its lifetime and to indicate degradations.

Nuclear Power Plant Cyber Security Discrete Dynamic Event Tree Analysis (LDRD 17-0958) FY17 Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wheeler, Timothy A.; Denman, Matthew R.; Williams, R. A.

Instrumentation and control of nuclear power is transforming from analog to modern digital assets. These control systems perform key safety and security functions. This transformation is occurring in new plant designs as well as in the existing fleet of plants as the operation of those plants is extended to 60 years. This transformation introduces new and unknown issues involving both digital asset induced safety issues and security issues. Traditional nuclear power risk assessment tools and cyber security assessment methods have not been modified or developed to address the unique nature of cyber failure modes and of cyber security threat vulnerabilities.more » iii This Lab-Directed Research and Development project has developed a dynamic cyber-risk in- formed tool to facilitate the analysis of unique cyber failure modes and the time sequencing of cyber faults, both malicious and non-malicious, and impose those cyber exploits and cyber faults onto a nuclear power plant accident sequence simulator code to assess how cyber exploits and cyber faults could interact with a plants digital instrumentation and control (DI&C) system and defeat or circumvent a plants cyber security controls. This was achieved by coupling an existing Sandia National Laboratories nuclear accident dynamic simulator code with a cyber emulytics code to demonstrate real-time simulation of cyber exploits and their impact on automatic DI&C responses. Studying such potential time-sequenced cyber-attacks and their risks (i.e., the associated impact and the associated degree of difficulty to achieve the attack vector) on accident management establishes a technical risk informed framework for developing effective cyber security controls for nuclear power.« less

Cyber security issues in online games

NASA Astrophysics Data System (ADS)

Zhao, Chen

2018-04-01

With the rapid development of the Internet, online gaming has become a way of entertainment for many young people in the modern era. However, in recent years, cyber security issues in online games have emerged in an endless stream, which have also caused great attention of many game operators. Common cyber security problems in the game include information disclosure and cyber-attacks. These problems will directly or indirectly cause economic losses to gamers. Many gaming companies are enhancing the stability and security of their network or gaming systems in order to enhance the gaming user experience. This article has carried out the research of the cyber security issues in online games by introducing the background and some common cyber security threats, and by proposing the latent solution. Finally, it speculates the future research direction of the cyber security issues of online games in the hope of providing feasible solution and useful information for game operators.

75 FR 18819 - Second DRAFT NIST Interagency Report (NISTIR) 7628, Smart Grid Cyber Security Strategy and...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-04-13

...-0143-01] Second DRAFT NIST Interagency Report (NISTIR) 7628, Smart Grid Cyber Security Strategy and... (NIST) seeks comments on the second draft of NISTIR 7628, Smart Grid Cyber Security Strategy and..., vulnerability categories, bottom-up analysis, individual logical interface diagrams, and the cyber security...

Examining Cyber Command Structures

DTIC Science & Technology

2015-03-01

domains, cyber, command and control, USCYBERCOM, combatant command, cyber force PAGES 65 16. PRICE CODE 17. SECURITY 18. SECURITY 19. SECURITY 20...USCYBERCOM, argue for the creation of a stand-alone cyber force.11 They claim that the military’s tradition-oriented and inelastic nature make the

Gamification for Measuring Cyber Security Situational Awareness

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fink, Glenn A.; Best, Daniel M.; Manz, David O.

Cyber defense competitions arising from U.S. service academy exercises, offer a platform for collecting data that can inform research that ranges from characterizing the ideal cyber warrior to describing behaviors during certain challenging cyber defense situations. This knowledge could lead to better preparation of cyber defenders in both military and civilian settings. This paper describes how one regional competition, the PRCCDC, a participant in the national CCDC program, conducted proof of concept experimentation to collect data during the annual competition for later analysis. The intent is to create an ongoing research agenda that expands on this current work and incorporatesmore » augmented cognition and gamification methods for measuring cybersecurity situational awareness under the stress of cyber attack.« less

78 FR 9951 - Excepted Service

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-12

...) Not to exceed 3000 positions that require unique cyber security skills and knowledge to perform cyber..., distributed control systems security, cyber incident response, cyber exercise facilitation and management, cyber vulnerability detection and assessment, network and systems engineering, enterprise architecture...

Final Report for Bio-Inspired Approaches to Moving-Target Defense Strategies

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fink, Glenn A.; Oehmen, Christopher S.

This report records the work and contributions of the NITRD-funded Bio-Inspired Approaches to Moving-Target Defense Strategies project performed by Pacific Northwest National Laboratory under the technical guidance of the National Security Agency’s R6 division. The project has incorporated a number of bio-inspired cyber defensive technologies within an elastic framework provided by the Digital Ants. This project has created the first scalable, real-world prototype of the Digital Ants Framework (DAF)[11] and integrated five technologies into this flexible, decentralized framework: (1) Ant-Based Cyber Defense (ABCD), (2) Behavioral Indicators, (3) Bioinformatic Clas- sification, (4) Moving-Target Reconfiguration, and (5) Ambient Collaboration. The DAF canmore » be used operationally to decentralize many such data intensive applications that normally rely on collection of large amounts of data in a central repository. In this work, we have shown how these component applications may be decentralized and may perform analysis at the edge. Operationally, this will enable analytics to scale far beyond current limitations while not suffering from the bandwidth or computational limitations of centralized analysis. This effort has advanced the R6 Cyber Security research program to secure digital infrastructures by developing a dynamic means to adaptively defend complex cyber systems. We hope that this work will benefit both our client’s efforts in system behavior modeling and cyber security to the overall benefit of the nation.« less

75 FR 10328 - Wolf Creek Nuclear Operating Corporation, Wolf Creek Generating Station; Exemption

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-05

... Plan, Safeguards Contingency Plan, and Cyber Security Plan referred to collectively hereafter as... its security plans. Pursuant to 10 CFR 51.32, ``Finding of no significant impact,'' the Commission has... by designing and implementing comprehensive site security programs. The amendments to 10 CFR 73.55...

Impact of Alleged Russian Cyber Attacks

DTIC Science & Technology

2009-05-01

security. 15. SUBJECT TERMS Cyber Security, Cyber Warfare , Estonia, Georgia, Russian Federation Cyber Strategy, Convention on Cybercrime, NATO Center...Federation ......................................................................................... 33  X.  The Future of Russian Cyber Warfare ................................................................... 39...Issue 15.09); Binoy Kampmark, Cyber Warfare Between Estonia And Russia, (Contemporary Review: Autumn, 2003), p 288-293; Jaak Aaviksoo, Address by the

An Integrated Approach for Physical and Cyber Security Risk Assessment: The U.S. Army Corps of Engineers Common Risk Model for Dams

DTIC Science & Technology

2016-07-01

Common Risk Model for Dams ( CRM -D) Methodology,” for the Director, Cost Assessment and Program Evaluation, Office of Secretary of Defense and the...for Dams ( CRM -D), developed by the U.S. Army Corps of Engineers (USACE) in collaboration with the Institute for Defense Analyses (IDA) and the U.S...and cyber security risks across a portfolio of dams, and informing decisions on how to mitigate those risks. The CRM -D can effectively quantify the

Quantum-Enhanced Cyber Security: Experimental Computation on Quantum-Encrypted Data

DTIC Science & Technology

2017-03-02

AFRL-AFOSR-UK-TR-2017-0020 Quantum-Enhanced Cyber Security: Experimental Computation on Quantum-Encrypted Data Philip Walther UNIVERSITT WIEN Final...REPORT TYPE Final 3. DATES COVERED (From - To) 15 Oct 2015 to 31 Dec 2016 4. TITLE AND SUBTITLE Quantum-Enhanced Cyber Security: Experimental Computation...FORM SF 298 Final Report for FA9550-1-6-1-0004 Quantum-enhanced cyber security: Experimental quantum computation with quantum-encrypted data

Towards Resilient Critical Infrastructures: Application of Type-2 Fuzzy Logic in Embedded Network Security Cyber Sensor

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ondrej Linda; Todd Vollmer; Jim Alves-Foss

2011-08-01

Resiliency and cyber security of modern critical infrastructures is becoming increasingly important with the growing number of threats in the cyber-environment. This paper proposes an extension to a previously developed fuzzy logic based anomaly detection network security cyber sensor via incorporating Type-2 Fuzzy Logic (T2 FL). In general, fuzzy logic provides a framework for system modeling in linguistic form capable of coping with imprecise and vague meanings of words. T2 FL is an extension of Type-1 FL which proved to be successful in modeling and minimizing the effects of various kinds of dynamic uncertainties. In this paper, T2 FL providesmore » a basis for robust anomaly detection and cyber security state awareness. In addition, the proposed algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental cyber-security test-bed.« less

Structural Causes and Cyber Effects: A Response to Our Critics

DTIC Science & Technology

2015-01-01

the incident, saying “North Korea’s attack on [Sony] reaf- firms that cyber threats pose one of the gravest national security dangers to the United...around the world to strengthen cyber - security , promote norms of acceptable state behavior, uphold freedom of expression, and ensure that the Internet... cyber working group that made progress toward “interna- tional cyberspace rules, and measures to boost dialogue and cooperation on cyber security .”15

Empirical analysis of the effects of cyber security incidents.

PubMed

Davis, Ginger; Garcia, Alfredo; Zhang, Weide

2009-09-01

We analyze the time series associated with web traffic for a representative set of online businesses that have suffered widely reported cyber security incidents. Our working hypothesis is that cyber security incidents may prompt (security conscious) online customers to opt out and conduct their business elsewhere or, at the very least, to refrain from accessing online services. For companies relying almost exclusively on online channels, this presents an important business risk. We test for structural changes in these time series that may have been caused by these cyber security incidents. Our results consistently indicate that cyber security incidents do not affect the structure of web traffic for the set of online businesses studied. We discuss various public policy considerations stemming from our analysis.

Final Technical Report. Project Boeing SGS

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bell, Thomas E.

Boeing and its partner, PJM Interconnection, teamed to bring advanced “defense-grade” technologies for cyber security to the US regional power grid through demonstration in PJM’s energy management environment. Under this cooperative project with the Department of Energy, Boeing and PJM have developed and demonstrated a host of technologies specifically tailored to the needs of PJM and the electric sector as a whole. The team has demonstrated to the energy industry a combination of processes, techniques and technologies that have been successfully implemented in the commercial, defense, and intelligence communities to identify, mitigate and continuously monitor the cyber security of criticalmore » systems. Guided by the results of a Cyber Security Risk-Based Assessment completed in Phase I, the Boeing-PJM team has completed multiple iterations through the Phase II Development and Phase III Deployment phases. Multiple cyber security solutions have been completed across a variety of controls including: Application Security, Enhanced Malware Detection, Security Incident and Event Management (SIEM) Optimization, Continuous Vulnerability Monitoring, SCADA Monitoring/Intrusion Detection, Operational Resiliency, Cyber Range simulations and hands on cyber security personnel training. All of the developed and demonstrated solutions are suitable for replication across the electric sector and/or the energy sector as a whole. Benefits identified include; Improved malware and intrusion detection capability on critical SCADA networks including behavioral-based alerts resulting in improved zero-day threat protection; Improved Security Incident and Event Management system resulting in better threat visibility, thus increasing the likelihood of detecting a serious event; Improved malware detection and zero-day threat response capability; Improved ability to systematically evaluate and secure in house and vendor sourced software applications; Improved ability to continuously monitor and maintain secure configuration of network devices resulting in reduced vulnerabilities for potential exploitation; Improved overall cyber security situational awareness through the integration of multiple discrete security technologies into a single cyber security reporting console; Improved ability to maintain the resiliency of critical systems in the face of a targeted cyber attack of other significant event; Improved ability to model complex networks for penetration testing and advanced training of cyber security personnel« less

Cyber Incidents Involving Control Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Robert J. Turk

2005-10-01

The Analysis Function of the US-CERT Control Systems Security Center (CSSC) at the Idaho National Laboratory (INL) has prepared this report to document cyber security incidents for use by the CSSC. The description and analysis of incidents reported herein support three CSSC tasks: establishing a business case; increasing security awareness and private and corporate participation related to enhanced cyber security of control systems; and providing informational material to support model development and prioritize activities for CSSC. The stated mission of CSSC is to reduce vulnerability of critical infrastructure to cyber attack on control systems. As stated in the Incident Managementmore » Tool Requirements (August 2005) ''Vulnerability reduction is promoted by risk analysis that tracks actual risk, emphasizes high risk, determines risk reduction as a function of countermeasures, tracks increase of risk due to external influence, and measures success of the vulnerability reduction program''. Process control and Supervisory Control and Data Acquisition (SCADA) systems, with their reliance on proprietary networks and hardware, have long been considered immune to the network attacks that have wreaked so much havoc on corporate information systems. New research indicates this confidence is misplaced--the move to open standards such as Ethernet, Transmission Control Protocol/Internet Protocol, and Web technologies is allowing hackers to take advantage of the control industry's unawareness. Much of the available information about cyber incidents represents a characterization as opposed to an analysis of events. The lack of good analyses reflects an overall weakness in reporting requirements as well as the fact that to date there have been very few serious cyber attacks on control systems. Most companies prefer not to share cyber attack incident data because of potential financial repercussions. Uniform reporting requirements will do much to make this information available to Department of Homeland Security (DHS) and others who require it. This report summarizes the rise in frequency of cyber attacks, describes the perpetrators, and identifies the means of attack. This type of analysis, when used in conjunction with vulnerability analyses, can be used to support a proactive approach to prevent cyber attacks. CSSC will use this document to evolve a standardized approach to incident reporting and analysis. This document will be updated as needed to record additional event analyses and insights regarding incident reporting. This report represents 120 cyber security incidents documented in a number of sources, including: the British Columbia Institute of Technology (BCIT) Industrial Security Incident Database, the 2003 CSI/FBI Computer Crime and Security Survey, the KEMA, Inc., Database, Lawrence Livermore National Laboratory, the Energy Incident Database, the INL Cyber Incident Database, and other open-source data. The National Memorial Institute for the Prevention of Terrorism (MIPT) database was also interrogated but, interestingly, failed to yield any cyber attack incidents. The results of this evaluation indicate that historical evidence provides insight into control system related incidents or failures; however, that the limited available information provides little support to future risk estimates. The documented case history shows that activity has increased significantly since 1988. The majority of incidents come from the Internet by way of opportunistic viruses, Trojans, and worms, but a surprisingly large number are directed acts of sabotage. A substantial number of confirmed, unconfirmed, and potential events that directly or potentially impact control systems worldwide are also identified. Twelve selected cyber incidents are presented at the end of this report as examples of the documented case studies (see Appendix B).« less

Measuring Human Performance within Computer Security Incident Response Teams

DOE Office of Scientific and Technical Information (OSTI.GOV)

McClain, Jonathan T.; Silva, Austin Ray; Avina, Glory Emmanuel

Human performance has become a pertinen t issue within cyber security. However, this research has been stymied by the limited availability of expert cyber security professionals. This is partly attributable to the ongoing workload faced by cyber security professionals, which is compound ed by the limited number of qualified personnel and turnover of p ersonnel across organizations. Additionally, it is difficult to conduct research, and particularly, openly published research, due to the sensitivity inherent to cyber ope rations at most orga nizations. As an alternative, the current research has focused on data collection during cyb er security training exercises. Thesemore » events draw individuals with a range of knowledge and experience extending from seasoned professionals to recent college gradu ates to college students. The current paper describes research involving data collection at two separate cyber security exercises. This data collection involved multiple measures which included behavioral performance based on human - machine transactions and questionnaire - based assessments of cyber security experience.« less

Cyber / Physical Security Vulnerability Assessment Integration

DOE Office of Scientific and Technical Information (OSTI.GOV)

MacDonald, Douglas G.; Simpkins, Bret E.

Abstract Both physical protection and cyber security domains offer solutions for the discovery of vulnerabilities through the use of various assessment processes and software tools. Each vulnerability assessment (VA) methodology provides the ability to identify and categorize vulnerabilities, and quantifies the risks within their own areas of expertise. Neither approach fully represents the true potential security risk to a site and/or a facility, nor comprehensively assesses the overall security posture. The technical approach to solving this problem was to identify methodologies and processes that blend the physical and cyber security assessments, and develop tools to accurately quantify the unaccounted formore » risk. SMEs from both the physical and the cyber security domains developed the blending methodologies, and cross trained each other on the various aspects of the physical and cyber security assessment processes. A local critical infrastructure entity volunteered to host a proof of concept physical/cyber security assessment, and the lessons learned have been leveraged by this effort. The four potential modes of attack an adversary can use in approaching a target are; Physical Only Attack, Cyber Only Attack, Physical Enabled Cyber Attack, and the Cyber Enabled Physical Attack. The Physical Only and the Cyber Only pathway analysis are two of the most widely analyzed attack modes. The pathway from an off-site location to the desired target location is dissected to ensure adversarial activity can be detected and neutralized by the protection strategy, prior to completion of a predefined task. This methodology typically explores a one way attack from the public space (or common area) inward towards the target. The Physical Enabled Cyber Attack and the Cyber Enabled Physical Attack are much more intricate. Both scenarios involve beginning in one domain to affect change in the other, then backing outward to take advantage of the reduced system effectiveness, before penetrating further into the defenses. The proper identification and assessment of the overlapping areas (and interaction between these areas) in the VA process is necessary to accurately assess the true risk.« less

Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users.

PubMed

Veksler, Vladislav D; Buchler, Norbou; Hoffman, Blaine E; Cassenti, Daniel N; Sample, Char; Sugrim, Shridat

2018-01-01

Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision likelihood distributions, (b) human factors of cyber tools to address human system integration challenges, estimation of defender cognitive states, and opportunities for automation, (c) dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene, and (d) training effectiveness research and training scenarios to address human cyber-security performance, maturation of cyber-security skill sets, and effective decision-making. Models may be initially constructed at the group-level based on mean tendencies of each subject's subgroup, based on known statistics such as specific skill proficiencies, demographic characteristics, and cultural factors. For more precise and accurate predictions, cognitive models may be fine-tuned to each individual attacker, defender, or user profile, and updated over time (based on recorded behavior) via techniques such as model tracing and dynamic parameter fitting.

Building organisational cyber resilience: A strategic knowledge-based view of cyber security management.

PubMed

Ferdinand, Jason

The concept of cyber resilience has emerged in recent years in response to the recognition that cyber security is more than just risk management. Cyber resilience is the goal of organisations, institutions and governments across the world and yet the emerging literature is somewhat fragmented due to the lack of a common approach to the subject. This limits the possibility of effective collaboration across public, private and governmental actors in their efforts to build and maintain cyber resilience. In response to this limitation, and to calls for a more strategically focused approach, this paper offers a knowledge-based view of cyber security management that explains how an organisation can build, assess, and maintain cyber resilience.

Recommended Practice: Creating Cyber Forensics Plans for Control Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Eric Cornelius; Mark Fabro

Cyber forensics has been in the popular mainstream for some time, and has matured into an information-technology capability that is very common among modern information security programs. The goal of cyber forensics is to support the elements of troubleshooting, monitoring, recovery, and the protection of sensitive data. Moreover, in the event of a crime being committed, cyber forensics is also the approach to collecting, analyzing, and archiving data as evidence in a court of law. Although scalable to many information technology domains, especially modern corporate architectures, cyber forensics can be challenging when being applied to non-traditional environments, which are notmore » comprised of current information technologies or are designed with technologies that do not provide adequate data storage or audit capabilities. In addition, further complexity is introduced if the environments are designed using proprietary solutions and protocols, thus limiting the ease of which modern forensic methods can be utilized. The legacy nature and somewhat diverse or disparate component aspects of control systems environments can often prohibit the smooth translation of modern forensics analysis into the control systems domain. Compounded by a wide variety of proprietary technologies and protocols, as well as critical system technologies with no capability to store significant amounts of event information, the task of creating a ubiquitous and unified strategy for technical cyber forensics on a control systems device or computing resource is far from trivial. To date, no direction regarding cyber forensics as it relates to control systems has been produced other than what might be privately available from commercial vendors. Current materials have been designed to support event recreation (event-based), and although important, these requirements do not always satisfy the needs associated with incident response or forensics that are driven by cyber incidents. To address these issues and to accommodate for the diversity in both system and architecture types, a framework based in recommended practices to address forensics in the control systems domain is required. This framework must be fully flexible to allow for deployment into any control systems environment regardless of technologies used. Moreover, the framework and practices must provide for direction on the integration of modern network security technologies with traditionally closed systems, the result being a true defense-in-depth strategy for control systems architectures. This document takes the traditional concepts of cyber forensics and forensics engineering and provides direction regarding augmentation for control systems operational environments. The goal is to provide guidance to the reader with specifics relating to the complexity of cyber forensics for control systems, guidance to allow organizations to create a self-sustaining cyber forensics program, and guidance to support the maintenance and evolution of such programs. As the current control systems cyber security community of interest is without any specific direction on how to proceed with forensics in control systems environments, this information product is intended to be a first step.« less

77 FR 14955 - DoD Information Assurance Scholarship Program (IASP)

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-14

... IA and information technology (IT) management, technical, digital and multimedia forensics, cyber..., digital and multimedia forensics, electrical engineering, electronics engineering, information security...

Proceedings Second Annual Cyber Security and Information Infrastructure Research Workshop

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sheldon, Frederick T; Krings, Axel; Yoo, Seong-Moo

2006-01-01

The workshop theme is Cyber Security: Beyond the Maginot Line Recently the FBI reported that computer crime has skyrocketed costing over $67 billion in 2005 alone and affecting 2.8M+ businesses and organizations. Attack sophistication is unprecedented along with availability of open source concomitant tools. Private, academic, and public sectors invest significant resources in cyber security. Industry primarily performs cyber security research as an investment in future products and services. While the public sector also funds cyber security R&D, the majority of this activity focuses on the specific mission(s) of the funding agency. Thus, broad areas of cyber security remain neglectedmore » or underdeveloped. Consequently, this workshop endeavors to explore issues involving cyber security and related technologies toward strengthening such areas and enabling the development of new tools and methods for securing our information infrastructure critical assets. We aim to assemble new ideas and proposals about robust models on which we can build the architecture of a secure cyberspace including but not limited to: * Knowledge discovery and management * Critical infrastructure protection * De-obfuscating tools for the validation and verification of tamper-proofed software * Computer network defense technologies * Scalable information assurance strategies * Assessment-driven design for trust * Security metrics and testing methodologies * Validation of security and survivability properties * Threat assessment and risk analysis * Early accurate detection of the insider threat * Security hardened sensor networks and ubiquitous computing environments * Mobile software authentication protocols * A new "model" of the threat to replace the "Maginot Line" model and more . . .« less

Metaphors for cyber security.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Moore, Judy Hennessey; Parrott, Lori K.; Karas, Thomas H.

2008-08-01

This report is based upon a workshop, called 'CyberFest', held at Sandia National Laboratories on May 27-30, 2008. Participants in the workshop came from organizations both outside and inside Sandia. The premise of the workshop was that thinking about cyber security from a metaphorical perspective could lead to a deeper understanding of current approaches to cyber defense and perhaps to some creative new approaches. A wide range of metaphors was considered, including those relating to: military and other types of conflict, biological, health care, markets, three-dimensional space, and physical asset protection. These in turn led to consideration of a varietymore » of possible approaches for improving cyber security in the future. From the proposed approaches, three were formulated for further discussion. These approaches were labeled 'Heterogeneity' (drawing primarily on the metaphor of biological diversity), 'Motivating Secure Behavior' (taking a market perspective on the adoption of cyber security measures) and 'Cyber Wellness' (exploring analogies with efforts to improve individual and public health).« less

Key issues and technical route of cyber physical distribution system

NASA Astrophysics Data System (ADS)

Zheng, P. X.; Chen, B.; Zheng, L. J.; Zhang, G. L.; Fan, Y. L.; Pei, T.

2017-01-01

Relying on the National High Technology Research and Development Program, this paper introduced the key issues in Cyber Physical Distribution System (CPDS), mainly includes: composite modelling method and interaction mechanism, system planning method, security defence technology, distributed control theory. Then on this basis, the corresponding technical route is proposed, and a more detailed research framework along with main schemes to be adopted is also presented.

78 FR 39712 - Critical Infrastructure Protection and Cyber Security Trade Mission to Saudi Arabia and Kuwait...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-02

... DEPARTMENT OF COMMERCE International Trade Administration Critical Infrastructure Protection and Cyber Security Trade Mission to Saudi Arabia and Kuwait Clarification and Amendment AGENCY... cyber-security firms and trade organizations which have not already submitted an application are...

Interdependent Risk and Cyber Security: An Analysis of Security Investment and Cyber Insurance

ERIC Educational Resources Information Center

Shim, Woohyun

2010-01-01

An increasing number of firms rely on highly interconnected information networks. In such environments, defense against cyber attacks is complicated by residual risks caused by the interdependence of information security decisions of firms. IT security is affected not only by a firm's own management strategies but also by those of others. This…

10 CFR 52.79 - Contents of applications; technical information in final safety analysis report.

Code of Federal Regulations, 2012 CFR

2012-01-01

... B to 10 CFR part 73. (iii) A cyber security plan in accordance with the criteria set forth in § 73..., training and qualification plan, and cyber security plan; and (v) Each applicant who prepares a physical security plan, a safeguards contingency plan, a training and qualification plan, or a cyber security plan...

10 CFR 52.79 - Contents of applications; technical information in final safety analysis report.

Code of Federal Regulations, 2013 CFR

2013-01-01

... B to 10 CFR part 73. (iii) A cyber security plan in accordance with the criteria set forth in § 73..., training and qualification plan, and cyber security plan; and (v) Each applicant who prepares a physical security plan, a safeguards contingency plan, a training and qualification plan, or a cyber security plan...

10 CFR 52.79 - Contents of applications; technical information in final safety analysis report.

Code of Federal Regulations, 2011 CFR

2011-01-01

...) A cyber security plan in accordance with the criteria set forth in § 73.54 of this chapter; (iv) A... cyber security plan; and (v) Each applicant who prepares a physical security plan, a safeguards contingency plan, a training and qualification plan, or a cyber security plan, shall protect the plans and...

10 CFR 52.79 - Contents of applications; technical information in final safety analysis report.

Code of Federal Regulations, 2014 CFR

2014-01-01

... B to 10 CFR part 73. (iii) A cyber security plan in accordance with the criteria set forth in § 73..., training and qualification plan, and cyber security plan; and (v) Each applicant who prepares a physical security plan, a safeguards contingency plan, a training and qualification plan, or a cyber security plan...

Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users

PubMed Central

Veksler, Vladislav D.; Buchler, Norbou; Hoffman, Blaine E.; Cassenti, Daniel N.; Sample, Char; Sugrim, Shridat

2018-01-01

Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision likelihood distributions, (b) human factors of cyber tools to address human system integration challenges, estimation of defender cognitive states, and opportunities for automation, (c) dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene, and (d) training effectiveness research and training scenarios to address human cyber-security performance, maturation of cyber-security skill sets, and effective decision-making. Models may be initially constructed at the group-level based on mean tendencies of each subject's subgroup, based on known statistics such as specific skill proficiencies, demographic characteristics, and cultural factors. For more precise and accurate predictions, cognitive models may be fine-tuned to each individual attacker, defender, or user profile, and updated over time (based on recorded behavior) via techniques such as model tracing and dynamic parameter fitting. PMID:29867661

Network Intrusion Detection and Visualization using Aggregations in a Cyber Security Data Warehouse

DOE Office of Scientific and Technical Information (OSTI.GOV)

Czejdo, Bogdan; Ferragut, Erik M; Goodall, John R

2012-01-01

The challenge of achieving situational understanding is a limiting factor in effective, timely, and adaptive cyber-security analysis. Anomaly detection fills a critical role in network assessment and trend analysis, both of which underlie the establishment of comprehensive situational understanding. To that end, we propose a cyber security data warehouse implemented as a hierarchical graph of aggregations that captures anomalies at multiple scales. Each node of our pro-posed graph is a summarization table of cyber event aggregations, and the edges are aggregation operators. The cyber security data warehouse enables domain experts to quickly traverse a multi-scale aggregation space systematically. We describemore » the architecture of a test bed system and a summary of results on the IEEE VAST 2012 Cyber Forensics data.« less

The Defender's Role in Cyber Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

The embodiment of this work is a table top game to explore cyber security and network defense concepts and cost. The game structure is such that it provides players an immersive environment to play a given role in cyber security to investigate the result of infrastructure and response decisions.

Quantifying and measuring cyber resiliency

NASA Astrophysics Data System (ADS)

Cybenko, George

2016-05-01

Cyber resliency has become an increasingly attractive research and operational concept in cyber security. While several metrics have been proposed for quantifying cyber resiliency, a considerable gap remains between those metrics and operationally measurable and meaningful concepts that can be empirically determined in a scientific manner. This paper describes a concrete notion of cyber resiliency that can be tailored to meet specific needs of organizations that seek to introduce resiliency into their assessment of their cyber security posture.

77 FR 55864 - Applications and Amendments to Facility Operating Licenses and Combined Licenses Involving...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-11

.... ML111940200), which approved the RBS Cyber Security Plan and associated implementation milestone schedule. The Cyber Security Plan Implementation Schedule contained in the licensee's letter dated April 4, 2011... consequences of an accident previously evaluated? Response: No. The proposed change to the Cyber Security Plan...

IT Security Support for the Spaceport Command Control System Development

NASA Technical Reports Server (NTRS)

Varise, Brian

2014-01-01

My job title is IT Security support for the Spaceport Command & Control System Development. As a cyber-security analyst it is my job to ensure NASA's information stays safe from cyber threats, such as, viruses, malware and denial-of-service attacks by establishing and enforcing system access controls. Security is very important in the world of technology and it is used everywhere from personal computers to giant networks ran by Government agencies worldwide. Without constant monitoring analysis, businesses, public organizations and government agencies are vulnerable to potential harmful infiltration of their computer information system. It is my responsibility to ensure authorized access by examining improper access, reporting violations, revoke access, monitor information request by new programming and recommend improvements. My department oversees the Launch Control System and networks. An audit will be conducted for the LCS based on compliance with the Federal Information Security Management Act (FISMA) and The National Institute of Standards and Technology (NIST). I recently finished analyzing the SANS top 20 critical controls to give cost effective recommendations on various software and hardware products for compliance. Upon my completion of this internship, I will have successfully completed my duties as well as gain knowledge that will be helpful to my career in the future as a Cyber Security Analyst.

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

DOEpatents

Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

2015-07-28

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

Application of the JDL data fusion process model for cyber security

NASA Astrophysics Data System (ADS)

Giacobe, Nicklaus A.

2010-04-01

A number of cyber security technologies have proposed the use of data fusion to enhance the defensive capabilities of the network and aid in the development of situational awareness for the security analyst. While there have been advances in fusion technologies and the application of fusion in intrusion detection systems (IDSs), in particular, additional progress can be made by gaining a better understanding of a variety of data fusion processes and applying them to the cyber security application domain. This research explores the underlying processes identified in the Joint Directors of Laboratories (JDL) data fusion process model and further describes them in a cyber security context.

7 Key Challenges for Visualization in Cyber Network Defense

DOE Office of Scientific and Technical Information (OSTI.GOV)

Best, Daniel M.; Endert, Alexander; Kidwell, Dan

In this paper we present seven challenges, informed by two user studies, to be considered when developing a visualization for cyber security purposes. Cyber security visualizations must go beyond isolated solutions and “pretty picture” visualizations in order to make impact to users. We provide an example prototype that addresses the challenges with a description of how they are met. Our aim is to assist in increasing utility and adoption rates for visualization capabilities in cyber security.

75 FR 51490 - Notice; Applications and Amendments to Facility Operating Licenses Involving Proposed No...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-08-20

...). The proposed amendment would approve the cyber security plan and implementation schedule, and revise... maintain in effect all provisions of the NRC-approved cyber security plan. Basis for proposed no... [facility operating license] to implement and maintain a Cyber Security Plan as part of Energy Northwest's...

76 FR 20377 - Applications and Amendments to Facility Operating Licenses Involving Proposed No Significant...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-12

... amendment requests approval of the Exelon Cyber Security Plan, provides an Implementation Schedule, and adds... require Exelon to fully implement and maintain in effect all provisions of the approved Cyber Security..., Revision 6, ``Cyber Security Plan for Nuclear Power Reactors.'' Basis for proposed no significant hazards...

Cyber Security Applications: Freeware & Shareware

ERIC Educational Resources Information Center

Rogers, Gary; Ashford, Tina

2015-01-01

This paper will discuss some assignments using freeware/shareware instructors can find on the Web to use to provide students with hands-on experience in this arena. Also, the college, Palm Beach State College, via a grant with the U.S. Department of Labor, has recently purchased a unique cyber security device that simulates cyber security attacks…

75 FR 68831 - Notice; Applications and Amendments to Facility Operating Licenses Involving Proposed No...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-09

...-safeguards information (SUNSI). The amendments would approve the proposed Cyber Security Plan and... Commission-approved Cyber Security Plan as required by 10 CFR 73.54. Basis for proposed no significant... Facility Operating License (FOL) to implement and maintain a Cyber Security Plan as part of the facility's...

Cyber-Physical System Security of a Power Grid: State-of-the-Art

DOE PAGES

Sun, Chih -Che; Liu, Chen -Ching; Xie, Jing

2016-07-14

Here, as part of the smart grid development, more and more technologies are developed and deployed on the power grid to enhance the system reliability. A primary purpose of the smart grid is to significantly increase the capability of computer-based remote control and automation. As a result, the level of connectivity has become much higher, and cyber security also becomes a potential threat to the cyber-physical systems (CPSs). In this paper, a survey of the state-of-the-art is conducted on the cyber security of the power grid concerning issues of: the structure of CPSs in a smart grid; cyber vulnerability assessment;more » cyber protection systems; and testbeds of a CPS. At Washington State University (WSU), the Smart City Testbed (SCT) has been developed to provide a platform to test, analyze and validate defense mechanisms against potential cyber intrusions. A test case is provided in this paper to demonstrate how a testbed helps the study of cyber security and the anomaly detection system (ADS) for substations.« less

Cyber-Physical System Security of a Power Grid: State-of-the-Art

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sun, Chih -Che; Liu, Chen -Ching; Xie, Jing

Here, as part of the smart grid development, more and more technologies are developed and deployed on the power grid to enhance the system reliability. A primary purpose of the smart grid is to significantly increase the capability of computer-based remote control and automation. As a result, the level of connectivity has become much higher, and cyber security also becomes a potential threat to the cyber-physical systems (CPSs). In this paper, a survey of the state-of-the-art is conducted on the cyber security of the power grid concerning issues of: the structure of CPSs in a smart grid; cyber vulnerability assessment;more » cyber protection systems; and testbeds of a CPS. At Washington State University (WSU), the Smart City Testbed (SCT) has been developed to provide a platform to test, analyze and validate defense mechanisms against potential cyber intrusions. A test case is provided in this paper to demonstrate how a testbed helps the study of cyber security and the anomaly detection system (ADS) for substations.« less

78 FR 53736 - Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-08-30

...: Title, Associated Form and OMB Number: Defense Industrial Base Cyber Security/Information Assurance (DIB... program administration and management purposes. Affected Public: Business or other for-Profit; Not-for...

Secure it now or secure it later: the benefits of addressing cyber-security from the outset

NASA Astrophysics Data System (ADS)

Olama, Mohammed M.; Nutaro, James

2013-05-01

The majority of funding for research and development (R&D) in cyber-security is focused on the end of the software lifecycle where systems have been deployed or are nearing deployment. Recruiting of cyber-security personnel is similarly focused on end-of-life expertise. By emphasizing cyber-security at these late stages, security problems are found and corrected when it is most expensive to do so, thus increasing the cost of owning and operating complex software systems. Worse, expenditures on expensive security measures often mean less money for innovative developments. These unwanted increases in cost and potential slowing of innovation are unavoidable consequences of an approach to security that finds and remediate faults after software has been implemented. We argue that software security can be improved and the total cost of a software system can be substantially reduced by an appropriate allocation of resources to the early stages of a software project. By adopting a similar allocation of R&D funds to the early stages of the software lifecycle, we propose that the costs of cyber-security can be better controlled and, consequently, the positive effects of this R&D on industry will be much more pronounced.

Cyber warfare: Armageddon in a Teacup?

DTIC Science & Technology

2009-12-11

Security concerns over the growing capability of Cyber Warfare are in the forefront of national policy and security discussions. In order to enable a...realistic discussion of the topic this thesis seeks to analyze demonstrated Cyber Warfare capability and its ability to achieve strategic political...objectives. This study examines Cyber Warfare conducted against Estonia in 2007, Georgia in 2008, and Israel in 2008. In all three cases Cyber Warfare did

Cyber Security Audit and Attack Detection Toolkit

DOE Office of Scientific and Technical Information (OSTI.GOV)

Peterson, Dale

2012-05-31

This goal of this project was to develop cyber security audit and attack detection tools for industrial control systems (ICS). Digital Bond developed and released a tool named Bandolier that audits ICS components commonly used in the energy sector against an optimal security configuration. The Portaledge Project developed a capability for the PI Historian, the most widely used Historian in the energy sector, to aggregate security events and detect cyber attacks.

Measuring the Effectiveness of Visual Analytics and Data Fusion Techniques on Situation Awareness in Cyber-Security

ERIC Educational Resources Information Center

Giacobe, Nicklaus A.

2013-01-01

Cyber-security involves the monitoring a complex network of inter-related computers to prevent, identify and remediate from undesired actions. This work is performed in organizations by human analysts. These analysts monitor cyber-security sensors to develop and maintain situation awareness (SA) of both normal and abnormal activities that occur on…

Cyber resilience: a review of critical national infrastructure and cyber security protection measures applied in the UK and USA.

PubMed

Harrop, Wayne; Matteson, Ashley

This paper presents cyber resilience as key strand of national security. It establishes the importance of critical national infrastructure protection and the growing vicarious nature of remote, well-planned, and well executed cyber attacks on critical infrastructures. Examples of well-known historical cyber attacks are presented, and the emergence of 'internet of things' as a cyber vulnerability issue yet to be tackled is explored. The paper identifies key steps being undertaken by those responsible for detecting, deterring, and disrupting cyber attacks on critical national infrastructure in the United Kingdom and the USA.

Design of Hack-Resistant Diabetes Devices and Disclosure of Their Cyber Safety.

PubMed

Sackner-Bernstein, Jonathan

2017-03-01

The focus of the medical device industry and regulatory bodies on cyber security parallels that in other industries, primarily on risk assessment and user education as well as the recognition and response to infiltration. However, transparency of the safety of marketed devices is lacking and developers are not embracing optimal design practices with new devices. Achieving cyber safe diabetes devices: To improve understanding of cyber safety by clinicians and patients, and inform decision making on use practices of medical devices requires disclosure by device manufacturers of the results of their cyber security testing. Furthermore, developers should immediately shift their design processes to deliver better cyber safety, exemplified by use of state of the art encryption, secure operating systems, and memory protections from malware.

Cyber security best practices for the nuclear industry

DOE Office of Scientific and Technical Information (OSTI.GOV)

Badr, I.

2012-07-01

When deploying software based systems, such as, digital instrumentation and controls for the nuclear industry, it is vital to include cyber security assessment as part of architecture and development process. When integrating and delivering software-intensive systems for the nuclear industry, engineering teams should make use of a secure, requirements driven, software development life cycle, ensuring security compliance and optimum return on investment. Reliability protections, data loss prevention, and privacy enforcement provide a strong case for installing strict cyber security policies. (authors)

Competitive Cyber-Insurance and Internet Security

NASA Astrophysics Data System (ADS)

Shetty, Nikhil; Schwartz, Galina; Felegyhazi, Mark; Walrand, Jean

This paper investigates how competitive cyber-insurers affect network security and welfare of the networked society. In our model, a user's probability to incur damage (from being attacked) depends on both his security and the network security, with the latter taken by individual users as given. First, we consider cyberinsurers who cannot observe (and thus, affect) individual user security. This asymmetric information causes moral hazard. Then, for most parameters, no equilibrium exists: the insurance market is missing. Even if an equilibrium exists, the insurance contract covers only a minor fraction of the damage; network security worsens relative to the no-insurance equilibrium. Second, we consider insurers with perfect information about their users' security. Here, user security is perfectly enforceable (zero cost); each insurance contract stipulates the required user security. The unique equilibrium contract covers the entire user damage. Still, for most parameters, network security worsens relative to the no-insurance equilibrium. Although cyber-insurance improves user welfare, in general, competitive cyber-insurers fail to improve network security.

TCIA Secure Cyber Critical Infrastructure Modernization.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Keliiaa, Curtis M.

The Sandia National Laboratories (Sandia Labs) tribal cyber infrastructure assurance initiative was developed in response to growing national cybersecurity concerns in the the sixteen Department of Homeland Security (DHS) defined critical infrastructure sectors1. Technical assistance is provided for the secure modernization of critical infrastructure and key resources from a cyber-ecosystem perspective with an emphasis on enhanced security, resilience, and protection. Our purpose is to address national critical infrastructure challenges as a shared responsibility.

Realizing Scientific Methods for Cyber Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Carroll, Thomas E.; Manz, David O.; Edgar, Thomas W.

There is little doubt among cyber security researchers about the lack of scientic rigor that underlies much of the liter-ature. The issues are manifold and are well documented. Further complicating the problem is insufficient scientic methods to address these issues. Cyber security melds man and machine: we inherit the challenges of computer science, sociology, psychology, and many other elds and create new ones where these elds interface. In this paper we detail a partial list of challenges imposed by rigorous science and survey how other sciences have tackled them, in the hope of applying a similar approach to cyber securitymore » science. This paper is by no means comprehensive: its purpose is to foster discussion in the community on how we can improve rigor in cyber security science.« less

A preliminary cyber-physical security assessment of the Robot Operating System (ROS)

NASA Astrophysics Data System (ADS)

McClean, Jarrod; Stull, Christopher; Farrar, Charles; Mascareñas, David

2013-05-01

Over the course of the last few years, the Robot Operating System (ROS) has become a highly popular software framework for robotics research. ROS has a very active developer community and is widely used for robotics research in both academia and government labs. The prevalence and modularity of ROS cause many people to ask the question: "What prevents ROS from being used in commercial or government applications?" One of the main problems that is preventing this increased use of ROS in these applications is the question of characterizing its security (or lack thereof). In the summer of 2012, a crowd sourced cyber-physical security contest was launched at the cyber security conference DEF CON 20 to begin the process of characterizing the security of ROS. A small-scale, car-like robot was configured as a cyber-physical security "honeypot" running ROS. DEFFCON-20 attendees were invited to find exploits and vulnerabilities in the robot while network traffic was collected. The results of this experiment provided some interesting insights and opened up many security questions pertaining to deployed robotic systems. The Federal Aviation Administration is tasked with opening up the civil airspace to commercial drones by September 2015 and driverless cars are already legal for research purposes in a number of states. Given the integration of these robotic devices into our daily lives, the authors pose the following question: "What security exploits can a motivated person with little-to-no experience in cyber security execute, given the wide availability of free cyber security penetration testing tools such as Metasploit?" This research focuses on applying common, low-cost, low-overhead, cyber-attacks on a robot featuring ROS. This work documents the effectiveness of those attacks.

Cyber Operations: The New Balance

DTIC Science & Technology

2009-01-01

compelling evidence to suggest that enlight - enment, rather than retrenchment, is the path for cyber New Balance. The economic calamity of the Great...www.guardian.co.uk/ technology /2008/ oct/02/interviews.internet>. 16 Langevin, 11. 17 James Lewis, “Cyber Security Recommen- dations for the Next...Administration,” testimony before House Subcommittee on Emerging Threats, Cyber Security, and Science and Technology , Washington, DC, September 16

The cyber security threat stops in the boardroom.

PubMed

Scully, Tim

The attitude that 'it won't happen to me' still prevails in the boardrooms of industry when senior executives consider the threat of targeted cyber intrusions. Not much has changed in the commercial world of cyber security over the past few years; hackers are not being challenged to find new ways to steal companies' intellectual property and confidential information. The consequences of even major security breaches seem not to be felt by the leaders of victim companies. Why is this so? Surely IT security practitioners are seeking new ways to detect and prevent targeted intrusions into companies' networks? Are the consequences of targeted intrusions so insignificant that the captains of industry tolerate them? Or do only others feel the pain of their failure? This paper initially explores the failure of cyber security in industry and contends that, while industry leaders should not be alone in accepting responsibility for this failure, they must take the initiative to make life harder for cyber threat actors. They cannot wait for government leadership on policy, strategy or coordination. The paper then suggests some measures that a CEO can adopt to build a new corporate approach to cyber security.

Security Informatics Research Challenges for Mitigating Cyber Friendly Fire

DOE Office of Scientific and Technical Information (OSTI.GOV)

Carroll, Thomas E.; Greitzer, Frank L.; Roberts, Adam D.

This paper addresses cognitive implications and research needs surrounding the problem of cyber friendly re (FF). We dene cyber FF as intentional o*ensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintentionally harms the mission e*ectiveness of friendly or neutral forces. We describe examples of cyber FF and discuss how it ts within a general conceptual framework for cyber security failures. Because it involves human failure, cyber FF may be considered to belong to a sub-class of cyber security failures characterized as unintentional insider threats. Cyber FF is closelymore » related to combat friendly re in that maintaining situation awareness (SA) is paramount to avoiding unintended consequences. Cyber SA concerns knowledge of a system's topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system and its nodes, the nature of the activities or work performed, and the available defensive and o*ensive countermeasures that may be applied to thwart network attacks. We describe a test bed designed to support empirical research on factors a*ecting cyber FF. Finally, we discuss mitigation strategies to combat cyber FF, including both training concepts and suggestions for decision aids and visualization approaches.« less

Design of Hack-Resistant Diabetes Devices and Disclosure of Their Cyber Safety

PubMed Central

Sackner-Bernstein, Jonathan

2017-01-01

Background: The focus of the medical device industry and regulatory bodies on cyber security parallels that in other industries, primarily on risk assessment and user education as well as the recognition and response to infiltration. However, transparency of the safety of marketed devices is lacking and developers are not embracing optimal design practices with new devices. Achieving cyber safe diabetes devices: To improve understanding of cyber safety by clinicians and patients, and inform decision making on use practices of medical devices requires disclosure by device manufacturers of the results of their cyber security testing. Furthermore, developers should immediately shift their design processes to deliver better cyber safety, exemplified by use of state of the art encryption, secure operating systems, and memory protections from malware. PMID:27837161

Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment

PubMed Central

Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

2013-01-01

Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments. PMID:25685516

Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment.

PubMed

Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

2014-07-01

Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation's electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments.

Cyber Threat Assessment of Uplink and Commanding System for Mission Operation

NASA Technical Reports Server (NTRS)

Ko, Adans Y.; Tan, Kymie M. C.; Cilloniz-Bicchi, Ferner; Faris, Grant

2014-01-01

Most of today's Mission Operations Systems (MOS) rely on Ground Data System (GDS) segment to mitigate cyber security risks. Unfortunately, IT security design is done separately from the design of GDS' mission operational capabilities. This incoherent practice leaves many security vulnerabilities in the system without any notice. This paper describes a new way to system engineering MOS, to include cyber threat risk assessments throughout the MOS development cycle, without this, it is impossible to design a dependable and reliable MOS to meet today's rapid changing cyber threat environment.

Weathering the Cyber Storm: The Military’s Resiliency to Cyber Attacks in Future Warfare

DTIC Science & Technology

2012-06-01

observation. While the ability to collect intelligence is important, it falls under a different rubric than warfare itself. 20 Another term worth...the use of antivirus programs, firewalls, and security policies. These measures also fall under the rubric of information assurance, or “measures that...specifying how it is to be accomplished.” of genetic diversity. 13 A complaint after Operation Iraqi Freedom (OIF) was that soldiers had to

A Case Study on the Development and Implementation of Cyber Capabilities in the United States

ERIC Educational Resources Information Center

Walton, Marquetta

2016-01-01

The effectiveness of U.S. cyber-capabilities can have a serious effect on the cyber-security stance of the US and significantly impact how well U.S. critical infrastructures are protected. The problem is that the state of the U.S. cyber-security could be negatively impacted by the dependency that the US displays in its use of defensive…

A Security Strategy for Cyber Threats on Neighbor Discovery in 6Lowpan Networks

DTIC Science & Technology

2017-12-01

NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA THESIS Approved for public release. Distribution is unlimited. A SECURITY...STRATEGY FOR CYBER THREATS ON NEIGHBOR DISCOVERY IN 6LOWPAN NETWORKS by Cheng Hai Ang December 2017 Thesis Advisor: Preetha Thulasiraman...REPORT TYPE AND DATES COVERED Master’s thesis 4. TITLE AND SUBTITLE A SECURITY STRATEGY FOR CYBER THREATS ON NEIGHBOR DISCOVERY IN 6LOWPAN

Comparative Analysis of Curricula for Bachelor's Degree in Cyber Security in the USA and Ukraine

ERIC Educational Resources Information Center

Bystrova, Bogdana

2017-01-01

At the present stage of science and technology development the need to strengthen cyber security in every developed country and transform it into one of the most important sectors of society is growing. The peculiarities of the professional training of cyber security bachelors in the U.S. higher education system have been defined. The relevance of…

Literature Review on Modeling Cyber Networks and Evaluating Cyber Risks.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kelic, Andjelka; Campbell, Philip L

The National Infrastructure Simulations and Analysis Center (NISAC) conducted a literature review on modeling cyber networks and evaluating cyber risks. The literature review explores where modeling is used in the cyber regime and ways that consequence and risk are evaluated. The relevant literature clusters in three different spaces: network security, cyber-physical, and mission assurance. In all approaches, some form of modeling is utilized at varying levels of detail, while the ability to understand consequence varies, as do interpretations of risk. This document summarizes the different literature viewpoints and explores their applicability to securing enterprise networks.

Breaking the cyber-security dilemma: aligning security needs and removing vulnerabilities.

PubMed

Dunn Cavelty, Myriam

2014-09-01

Current approaches to cyber-security are not working. Rather than producing more security, we seem to be facing less and less. The reason for this is a multi-dimensional and multi-faceted security dilemma that extends beyond the state and its interaction with other states. It will be shown how the focus on the state and "its" security crowds out consideration for the security of the individual citizen, with detrimental effects on the security of the whole system. The threat arising from cyberspace to (national) security is presented as possible disruption to a specific way of life, one building on information technologies and critical functions of infrastructures, with relatively little consideration for humans directly. This non-focus on people makes it easier for state actors to militarize cyber-security and (re-)assert their power in cyberspace, thereby overriding the different security needs of human beings in that space. Paradoxically, the use of cyberspace as a tool for national security, both in the dimension of war fighting and the dimension of mass-surveillance, has detrimental effects on the level of cyber-security globally. A solution out of this dilemma is a cyber-security policy that is decidedly anti-vulnerability and at the same time based on strong considerations for privacy and data protection. Such a security would have to be informed by an ethics of the infosphere that is based on the dignity of information related to human beings.

Unlocking User-Centered Design Methods for Building Cyber Security Visualizations

DTIC Science & Technology

2015-10-03

a final, deployed tool. Goodall et al. interviewed analysts to derive requirements for a network security tool [14], while Stoll et al. explain the...4673-7599-3/15/$31.00 c©2015 IEEE 2015 IEEE SYMPOSIUM ON VISUALIZATION FOR CYBER SECURITY (VIZSEC) [14] J. R. Goodall , A. A. Ozok, W. G. Lutters, P...Visualization for Cyber Security, pages 91–98. IEEE, 2005. [19] A. Komlodi, P. Rheingans, U. Ayachit, J. Goodall , and A. Joshi. A user- centered look at

Proactive Self Defense in Cyberspace

DTIC Science & Technology

2009-02-17

other security measures. A second theme is the continued expansion of cyber crime. Profit is the motivation for these cyber criminals and many of these...lawbreakers are very successful unfortunately. In fact, experts in the computer and network security fields see that in the future, the cyber criminals “will

Cyber-Physical System Security of Smart Grids

DOE Office of Scientific and Technical Information (OSTI.GOV)

Dagle, Jeffery E.

2012-01-31

Abstract—This panel presentation will provide perspectives of cyber-physical system security of smart grids. As smart grid technologies are deployed, the interconnected nature of these systems is becoming more prevalent and more complex, and the cyber component of this cyber-physical system is increasing in importance. Studying system behavior in the face of failures (e.g., cyber attacks) allows a characterization of the systems’ response to failure scenarios, loss of communications, and other changes in system environment (such as the need for emergent updates and rapid reconfiguration). The impact of such failures on the availability of the system can be assessed and mitigationmore » strategies considered. Scenarios associated with confidentiality, integrity, and availability are considered. The cyber security implications associated with the American Recovery and Reinvestment Act of 2009 in the United States are discussed.« less

Cyber secure systems approach for NPP digital control systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

McCreary, T. J.; Hsu, A.

2006-07-01

Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant andmore » distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from an intruder attempting to disrupt network communications by entering the system from an attached utility network or utilizing a modem connected to a control system PC that is in turn connected to a publicly accessible phone; 2)Threat from a user connecting an unauthorized computer to the control network; 3)Threat from a security attack when an unauthorized user gains access to a PC connected to the plant network;. 4)Threat from internal disruption (by plant staff, whether, malicious or otherwise) by unauthorized usage of files or file handling media that opens the system to security threat (as typified in current situation in most control rooms). The plant I and C system cyber security design and the plant specific procedures should adequately demonstrate protection from the four pertinent classes of cyber security attacks. The combination of these features should demonstrate that the system is not vulnerable to any analyzed cyber security attacks either from internal sources or through network connections. The authors will provide configurations that will demonstrate the Cyber Security Zone. (authors)« less

Travels With Lynn: September 2010

Science.gov Websites

Cyber Security At the Security Defense Allaince Top Story Lynn Details New U.S. Strategy On New Warfare Landstuhl Regional Medical Center Lynn Continues NATO Meetings in Belgium Lynn Attends Cyber Presentation Against ISIL Terrorists Operation Atlantic Resolve Sexual Assault Prevention Asia-Pacific Rebalance Cyber

76 FR 4123 - Homeland Security Advisory Council

Federal Register 2010, 2011, 2012, 2013, 2014

2011-01-24

.... The closed portions of the meeting will address threats to our homeland security, results of a cyber... designed to keep our country safe. A briefing on the Cyber Storm III Exercise will include lessons learned and vulnerabilities of cyber assets, as well as potential methods to improve a Federal response to a...

International Cyber Incident Repository System: Information Sharing on a Global Scale

DOE Office of Scientific and Technical Information (OSTI.GOV)

Joyce, Amanda L.; Evans, PhD, Nathaniel; Tanzman, Edward A.

According to the 2016 Internet Security Threat Report, the largest number of cyber attacks were recorded last year (2015), reaching a total of 430 million incidents throughout the world. As the number of cyber incidents increases, the need for information and intelligence sharing increases, as well. This fairly large increase in cyber incidents is driving the need for an international cyber incident data reporting system. The goal of the cyber incident reporting system is to make available shared and collected information about cyber events among participating international parties. In its 2014 report, Insurance Industry Working Session Readout Report-Insurance for CyberRelatedmore » Critical Infrastructure Loss: Key Issues, on the outcomes of a working session on cyber insurance, the U.S. Department of Homeland Security observed that “many participants cited the need for a secure method through which organizations could pool and share cyber incident information” and noted that one underwriter emphasized the importance of internationally harmonized data taxonomies. This cyber incident data reporting system could benefit all nations that take part in reporting incidents to provide a more common operating picture. In addition, this reporting system could allow for trending and anticipated attacks and could potentially benefit participating members by enabling them to get in front of potential attacks. The purpose of this paper is to identify options for consideration for such a system in fostering cooperative cyber defense.« less

Cyber-Physical Attack-Resilient Wide-Area Monitoring, Protection, and Control for the Power Grid

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ashok, Aditya; Govindarasu, Manimaran; Wang, Jianhui

Cyber security and resiliency of Wide-Area Monitoring, Protection and Control (WAMPAC) applications is critically important to ensure secure, reliable, and economic operation of the bulk power system. WAMPAC relies heavily on the security of measurements and control commands transmitted over wide-area communication networks for real-time operational, protection, and control functions. Also, the current “N-1 security criteria” for grid operation is inadequate to address malicious cyber events and therefore it is important to fundamentally redesign WAMPAC and to enhance Energy Management System (EMS) applications to make them attack-resilient. In this paper, we propose an end-to-end defense-in-depth architecture for attack-resilient WAMPAC thatmore » addresses resilience at both the infrastructure layer and the application layers. Also, we propose an attack-resilient cyber-physical security framework that encompasses the entire security life cycle including risk assessment, attack prevention, attack detection, attack mitigation, and attack resilience. The overarching objective of this paper is to provide a broad scope that comprehensively describes most of the major research issues and potential solutions in the context of cyber-physical security of WAMPAC for the power grid.« less

Cyber-Threat Assessment for the Air Traffic Management System: A Network Controls Approach

NASA Technical Reports Server (NTRS)

Roy, Sandip; Sridhar, Banavar

2016-01-01

Air transportation networks are being disrupted with increasing frequency by failures in their cyber- (computing, communication, control) systems. Whether these cyber- failures arise due to deliberate attacks or incidental errors, they can have far-reaching impact on the performance of the air traffic control and management systems. For instance, a computer failure in the Washington DC Air Route Traffic Control Center (ZDC) on August 15, 2015, caused nearly complete closure of the Centers airspace for several hours. This closure had a propagative impact across the United States National Airspace System, causing changed congestion patterns and requiring placement of a suite of traffic management initiatives to address the capacity reduction and congestion. A snapshot of traffic on that day clearly shows the closure of the ZDC airspace and the resulting congestion at its boundary, which required augmented traffic management at multiple locations. Cyber- events also have important ramifications for private stakeholders, particularly the airlines. During the last few months, computer-system issues have caused several airlines fleets to be grounded for significant periods of time: these include United Airlines (twice), LOT Polish Airlines, and American Airlines. Delays and regional stoppages due to cyber- events are even more common, and may have myriad causes (e.g., failure of the Department of Homeland Security systems needed for security check of passengers, see [3]). The growing frequency of cyber- disruptions in the air transportation system reflects a much broader trend in the modern society: cyber- failures and threats are becoming increasingly pervasive, varied, and impactful. In consequence, an intense effort is underway to develop secure and resilient cyber- systems that can protect against, detect, and remove threats, see e.g. and its many citations. The outcomes of this wide effort on cyber- security are applicable to the air transportation infrastructure, and indeed security solutions are being implemented in the current system. While these security solutions are important, they only provide a piecemeal solution. Particular computers or communication channels are protected from particular attacks, without a holistic view of the air transportation infrastructure. On the other hand, the above-listed incidents highlight that a holistic approach is needed, for several reasons. First, the air transportation infrastructure is a large scale cyber-physical system with multiple stakeholders and diverse legacy assets. It is impractical to protect every cyber- asset from known and unknown disruptions, and instead a strategic view of security is needed. Second, disruptions to the cyber- system can incur complex propagative impacts across the air transportation network, including its physical and human assets. Also, these implications of cyber- events are exacerbated or modulated by other disruptions and operational specifics, e.g. severe weather, operator fatigue or error, etc. These characteristics motivate a holistic and strategic perspective on protecting the air transportation infrastructure from cyber- events. The analysis of cyber- threats to the air traffic system is also inextricably tied to the integration of new autonomy into the airspace. The replacement of human operators with cyber functions leaves the network open to new cyber threats, which must be modeled and managed. Paradoxically, the mitigation of cyber events in the airspace will also likely require additional autonomy, given the fast time scale and myriad pathways of cyber-attacks which must be managed. The assessment of new vulnerabilities upon integration of new autonomy is also a key motivation for a holistic perspective on cyber threats.

Mitigating Cyber Security Risk in Satellite Ground Systems

DTIC Science & Technology

2015-04-01

because cyber security in government remains shrouded in secrecy. However, using the Defense Operational Test and Evaluation Office’s (DOT& E ) FY14...report on cybersecurity one grasps the seriousness of the problem. DOT& E reported only 85% of networks in DoD were compliant with the cyber...security regulations discussed later in this paper. Not until compliance is near 100% could DOT& E conceive with confidence that DoD networks were safe

78 FR 63964 - Request for Comments on Draft NIST Interagency Report (NISTIR) 7628 Rev. 1, Guidelines for Smart...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-10-25

... Grid Cyber Security AGENCY: National Institute of Standards and Technology (NIST), Department of... and Technology (NIST) seeks comments on draft NISTIR 7628 Rev. 1, Guidelines for Smart Grid Cyber... (formerly the Cyber Security Working Group) of the Smart Grid Interoperability Panel. The document has been...

75 FR 65618 - Commission Information Collection Activities (FERC-725B); Comment Request; Extension

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-26

... requirements to safeguard critical cyber assets.\\4\\ These standards help protect the nation's Bulk-Power System against potential disruptions from cyber attacks.\\5\\ \\3\\ CIP-002-1, CIP-003-1, CIP-004-1, CIP-005-1, CIP... Cyber Asset Identification. Security Management Controls. Personnel and Training. Electronic Security...

Software Quality and Security in Teachers' and Students' Codes When Learning a New Programming Language

ERIC Educational Resources Information Center

Boutnaru, Shlomi; Hershkovitz, Arnon

2015-01-01

In recent years, schools (as well as universities) have added cyber security to their computer science curricula. This topic is still new for most of the current teachers, who would normally have a standard computer science background. Therefore the teachers are trained and then teaching their students what they have just learned. In order to…

13 CFR 107.50 - Definition of terms.

Code of Federal Regulations, 2014 CFR

2014-01-01

..., electric transmission systems, storage systems, and cyber security. (2) Installation and/or inspection... distribution systems, electric transmission systems, or grid cyber security. (3) Auditing or consulting...

13 CFR 107.50 - Definition of terms.

Code of Federal Regulations, 2013 CFR

2013-01-01

..., electric transmission systems, storage systems, and cyber security. (2) Installation and/or inspection... distribution systems, electric transmission systems, or grid cyber security. (3) Auditing or consulting...

75 FR 1830 - Final Regulatory Guide: Issuance, Availability

Federal Register 2010, 2011, 2012, 2013, 2014

2010-01-13

... review of applications for permits and licenses. RG 5.71, ``Cyber Security Programs for Nuclear... NUCLEAR REGULATORY COMMISSION [NRC-2010-0009] Final Regulatory Guide: Issuance, Availability AGENCY: Nuclear Regulatory Commission. ACTION: Notice of Issuance and Availability of Regulatory Guide...

Cyber Forensics and Security as an ABET-CAC Accreditable Program

ERIC Educational Resources Information Center

Wood, David F.; Kohun, Frederick G.; Ali, Azad; Paullet, Karen; Davis, Gary A.

2010-01-01

This paper frames the recent ABET accreditation model with respect to the balance between IS programs and innovation. With the current relaxation of the content of the information systems requirement by ABET, it is possible to include innovation into the accreditation umbrella. To this extent this paper provides a curricular model that provides…

A Cyber Security Self-Assessment Method for Nuclear Power Plants

DOE Office of Scientific and Technical Information (OSTI.GOV)

Glantz, Clifford S.; Coles, Garill A.; Bass, Robert B.

2004-11-01

A cyber security self-assessment method (the Method) has been developed by Pacific Northwest National Laboratory. The development of the Method was sponsored and directed by the U.S. Nuclear Regulatory Commission. Members of the Nuclear Energy Institute Cyber Security Task Force also played a substantial role in developing the Method. The Method's structured approach guides nuclear power plants in scrutinizing their digital systems, assessing the potential consequences to the plant of a cyber exploitation, identifying vulnerabilities, estimating cyber security risks, and adopting cost-effective protective measures. The focus of the Method is on critical digital assets. A critical digital asset is amore » digital device or system that plays a role in the operation, maintenance, or proper functioning of a critical system (i.e., a plant system that can impact safety, security, or emergency preparedness). A critical digital asset may have a direct or indirect connection to a critical system. Direct connections include both wired and wireless communication pathways. Indirect connections include sneaker-net pathways by which software or data are manually transferred from one digital device to another. An indirect connection also may involve the use of instructions or data stored on a critical digital asset to make adjustments to a critical system. The cyber security self-assessment begins with the formation of an assessment team, and is followed by a six-stage process.« less

Ramifications of DARPA’s Programming Computation on Encrypted Data Program

DTIC Science & Technology

2014-01-01

use quasi-cryptographic channels to move the information—e.g., Tor for moving data and some digital currency to pay for data services. the Decision...October 14, 2013: http://www.cybersecurity.ru/ crypto /173218.html Damgård, Ivan, and Tomas Toft, “Trading Sugar Beet Quotas—Secure Multiparty...will Double in 5 Years”], CyberSecurity.ru, 2013. As of June 4, 2013: http://www.cybersecurity.ru/ crypto /173218.html People’s Liberty Army Daily, “广州

Cyber Terrorism: A Study of the Extent of Coverage in Computer Security Textbooks

ERIC Educational Resources Information Center

Prichard, Janet J.; MacDonald, Laurie E.

2004-01-01

On September 11th, 2001 the United States experienced the largest terrorist attack in its history. This event caused many government agencies to review their security practices and procedures. It also has raised awareness of other avenues that terrorists might pursue to achieve their goals, including cyber terrorism. Cyber terrorism can be…

76 FR 81517 - Submission for Review and Comment: “The Menlo Report: Ethical Principles Guiding Information and...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-28

...'' (``Menlo Report'') for the Department of Homeland Security (DHS), Science and Technology, Cyber Security Division (CSD), Protected Repository for the Defense of Infrastructure Against Cyber Threats (PREDICT... be found at: http://www.cyber.st.dhs.gov/wp-content/uploads/2011/12/MenloPrinciplesCORE-20110915-r560...

Fuzzy Logic Based Anomaly Detection for Embedded Network Security Cyber Sensor

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ondrej Linda; Todd Vollmer; Jason Wright

Resiliency and security in critical infrastructure control systems in the modern world of cyber terrorism constitute a relevant concern. Developing a network security system specifically tailored to the requirements of such critical assets is of a primary importance. This paper proposes a novel learning algorithm for anomaly based network security cyber sensor together with its hardware implementation. The presented learning algorithm constructs a fuzzy logic rule based model of normal network behavior. Individual fuzzy rules are extracted directly from the stream of incoming packets using an online clustering algorithm. This learning algorithm was specifically developed to comply with the constrainedmore » computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental test-bed mimicking the environment of a critical infrastructure control system.« less

Selection of the Best Security Controls for Rapid Development of Enterprise-Level Cyber Security

DTIC Science & Technology

2017-03-01

time, money , and people, which in most cases are very restricted. To rapidly build up “the first line of defense,” enterprises should select the most...any other development effort, cyber capability development requires resources of time, money , and people, which in most cases are very restricted...that provide the most security per unit of time, money , or human capital investment. A. CYBER: THE FIFTH DOMAIN OF WARFARE Leon E. Panetta, the U.S

Evaluation of a Cyber Security System for Hospital Network.

PubMed

Faysel, Mohammad A

2015-01-01

Most of the cyber security systems use simulated data in evaluating their detection capabilities. The proposed cyber security system utilizes real hospital network connections. It uses a probabilistic data mining algorithm to detect anomalous events and takes appropriate response in real-time. On an evaluation using real-world hospital network data consisting of incoming network connections collected for a 24-hour period, the proposed system detected 15 unusual connections which were undetected by a commercial intrusion prevention system for the same network connections. Evaluation of the proposed system shows a potential to secure protected patient health information on a hospital network.

Cyber Attacks and Terrorism: A Twenty-First Century Conundrum.

PubMed

Albahar, Marwan

2017-01-05

In the recent years, an alarming rise in the incidence of cyber attacks has made cyber security a major concern for nations across the globe. Given the current volatile socio-political environment and the massive increase in the incidence of terrorism, it is imperative that government agencies rapidly realize the possibility of cyber space exploitation by terrorist organizations and state players to disrupt the normal way of life. The threat level of cyber terrorism has never been as high as it is today, and this has created a lot of insecurity and fear. This study has focused on different aspects of cyber attacks and explored the reasons behind their increasing popularity among the terrorist organizations and state players. This study proposes an empirical model that can be used to estimate the risk levels associated with different types of cyber attacks and thereby provide a road map to conceptualize and formulate highly effective counter measures and cyber security policies.

Cyber Warfare: China’s Strategy to Dominate in Cyber Space

DTIC Science & Technology

2011-06-10

CYBER WARFARE : CHINA‘S STRATEGY TO DOMINATE IN CYBER SPACE A thesis presented to the Faculty of the U.S. Army Command and...warfare supports the use of cyber warfare in future conflict. The IW militia unit organization provides each Chinese military region commander with...China, Strategy, Cyber Warfare , Cyber Space, Information Warfare, Electronic Warfare 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT 18

6 CFR 29.8 - Disclosure of Protected Critical Infrastructure Information.

Code of Federal Regulations, 2012 CFR

2012-01-01

... authorized by the Secretary, Under Secretary for Preparedness, Assistant Secretary for Cyber Security and... approval of the Secretary, the Under Secretary for Preparedness, Assistant Secretary for Cyber Security and...

6 CFR 29.8 - Disclosure of Protected Critical Infrastructure Information.

Code of Federal Regulations, 2011 CFR

2011-01-01

... authorized by the Secretary, Under Secretary for Preparedness, Assistant Secretary for Cyber Security and... approval of the Secretary, the Under Secretary for Preparedness, Assistant Secretary for Cyber Security and...

6 CFR 29.8 - Disclosure of Protected Critical Infrastructure Information.

Code of Federal Regulations, 2013 CFR

2013-01-01

... authorized by the Secretary, Under Secretary for Preparedness, Assistant Secretary for Cyber Security and... approval of the Secretary, the Under Secretary for Preparedness, Assistant Secretary for Cyber Security and...

6 CFR 29.8 - Disclosure of Protected Critical Infrastructure Information.

Code of Federal Regulations, 2010 CFR

2010-01-01

... authorized by the Secretary, Under Secretary for Preparedness, Assistant Secretary for Cyber Security and... approval of the Secretary, the Under Secretary for Preparedness, Assistant Secretary for Cyber Security and...

6 CFR 29.8 - Disclosure of Protected Critical Infrastructure Information.

Code of Federal Regulations, 2014 CFR

2014-01-01

... authorized by the Secretary, Under Secretary for Preparedness, Assistant Secretary for Cyber Security and... approval of the Secretary, the Under Secretary for Preparedness, Assistant Secretary for Cyber Security and...

Security and Privacy in Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fink, Glenn A.; Edgar, Thomas W.; Rice, Theora R.

As you have seen from the previous chapters, cyber-physical systems (CPS) are broadly used across technology and industrial domains. While these systems enable process optimization and efficiency and allow previously impossible functionality, security and privacy are key concerns for their design, development, and operation. CPS have been key components utilized in some of the highest publicized security breaches over the last decade. In this chapter, we will look over the CPS described in the previous chapters from a security perspective. In this chapter, we explain classical information and physical security fundamentals in the context of CPS and contextualize them acrossmore » application domains. We give examples where the interplay of functionality and diverse communication can introduce unexpected vulnerabilities and produce larger impacts. We will discuss how CPS security and privacy is inherently different from that of pure cyber or physical systems and what may be done to secure these systems, considering their emergent cyber-physical properties. Finally, we will discuss security and privacy implications of merging infrastructural and personal CPS. Our hope is to impart the knowledge of what CPS security and privacy are, why they are important, and explain existing processes and challenges.« less

SURVIVABILITY THROUGH OPTIMIZING RESILIENT MECHANISMS (STORM)

DTIC Science & Technology

2017-04-01

STATEMENT Approved for Public Release; Distribution Unlimited. PA# 88ABW-2017-0894 Date Cleared: 07 Mar 2017 13. SUPPLEMENTARY NOTES 14. ABSTRACT Game ...quantitatively about cyber-attacks. Game theory is the branch of applied mathematics that formalizes strategic interaction among intelligent rational agents...mechanism based on game theory. This work has applied game theory to numerous cyber security problems: cloud security, cyber threat information sharing

Computer-aided Human Centric Cyber Situation Awareness

DTIC Science & Technology

2016-03-20

in Video, IJCAI: International Joint Conf. on Artificial Intelligence . 16-JUL-11, . : , Kun Sun, Sushil Jajodia, Jason Li, Yi Cheng, Wei Tang...Cyber-Security Conference, June 2015. 2. V.S. Subrahmanian, Invited Speaker, Summer School on Business Intelligence and Big Data Analysis, Capri, Italy... Cybersecurity Conference, Yuval Ne’eman Workshop for Science, Technology and Security, Tel Aviv University, the Israeli National Cyber Bureau, Prime

INL@Work Cyber Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chaffin, May

May Chaffin is one of many Idaho National Laboratory researchers who are helping secure the nation's critical infrastructure from cyber attacks.Lots more content like this is available at INL's facebook page http://www.facebook.com/idahonationallaboratory.

Cyber attack analysis on cyber-physical systems: Detectability, severity, and attenuation strategy

NASA Astrophysics Data System (ADS)

Kwon, Cheolhyeon

Security of Cyber-Physical Systems (CPS) against malicious cyber attacks is an important yet challenging problem. Since most cyber attacks happen in erratic ways, it is usually intractable to describe and diagnose them systematically. Motivated by such difficulties, this thesis presents a set of theories and algorithms for a cyber-secure architecture of the CPS within the control theoretic perspective. Here, instead of identifying a specific cyber attack model, we are focused on analyzing the system's response during cyber attacks. Firstly, we investigate the detectability of the cyber attacks from the system's behavior under cyber attacks. Specifically, we conduct a study on the vulnerabilities in the CPS's monitoring system against the stealthy cyber attack that is carefully designed to avoid being detected by its detection scheme. After classifying three kinds of cyber attacks according to the attacker's ability to compromise the system, we derive the necessary and sufficient conditions under which such stealthy cyber attacks can be designed to cause the unbounded estimation error while not being detected. Then, the analytical design method of the optimal stealthy cyber attack that maximizes the estimation error is developed. The proposed stealthy cyber attack analysis is demonstrated with illustrative examples on Air Traffic Control (ATC) system and Unmanned Aerial Vehicle (UAV) navigation system applications. Secondly, in an attempt to study the CPSs' vulnerabilities in more detail, we further discuss a methodology to identify potential cyber threats inherent in the given CPSs and quantify the attack severity accordingly. We then develop an analytical algorithm to test the behavior of the CPS under various cyber attack combinations. Compared to a numerical approach, the analytical algorithm enables the prediction of the most effective cyber attack combinations without computing the severity of all possible attack combinations, thereby greatly reducing the computational cost. The proposed algorithm is validated through a linearized longitudinal motion of a UAV example. Finally, we propose an attack attenuation strategy via the controller design for CPSs that are robust to various types of cyber attacks. While the previous studies have investigated a secure control by assuming a specific attack strategy, in this research we propose a hybrid robust control scheme that contains multiple sub-controllers, each matched to a specific type of cyber attacks. Then the system can be adapted to various cyber attacks (including those that are not assumed for sub-controller design) by switching its sub-controllers to achieve the best performance. Then, a method for designing a secure switching logic to counter all possible cyber attacks is proposed and it verifies mathematically the system's performance and stability as well. The performance of the proposed control scheme is demonstrated by an example with the hybrid H2 - H-infinity controller applied to a UAV example.

Cyber-Terrorism and Cyber-Crime: There Is a Difference

DTIC Science & Technology

The terms cyber -terrorism and cyber -crime have many varying definitions depending on who is defining them. For example, individuals with expertise in...considerations and, when investigating a cyber -attack, procedural considerations. By examining the strengths and weaknesses of several definitions offered by...national security, law enforcement, industry, law, and scholars, this research constructs a list of parameters to consider when formulating definitions for cyber -terrorism and cyber -crime.

Towards the cyber security paradigm of ehealth: Resilience and design aspects

NASA Astrophysics Data System (ADS)

Rajamäki, Jyri; Pirinen, Rauno

2017-06-01

Digital technologies have significantly changed the role of healthcare clients in seeking and receiving medical help, as well as brought up more cooperative policy issues in healthcare cross-border services. Citizens continue to take a more co-creative role in decisions about their own healthcare, and new technologies can enable and facilitate this emergent trend. In this study, healthcare services have been intended as a critical societal sector and therefore healthcare systems are focused on as critical infrastructures that ought to be protected from all types of fears, including cyber security threats and attacks. Despite continual progress in the systemic risk management of cyber domain, it is clear that anticipation and prevention of all possible types of attack and malfunction are not achievable for current or future cyber infrastructures. This study focuses on the investigation of a cyber security paradigm, adaptive systems and sense of resilience in a healthcare critical information infrastructure.

Cyber Security and American Cyber Competitiveness Act of 2011

THOMAS, 112th Congress

Sen. Reid, Harry [D-NV

2011-01-25

Senate - 01/25/2011 Read twice and referred to the Committee on Homeland Security and Governmental Affairs. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

For the Common Defense of Cyberspace: Implications of a US Cyber Militia on Department of Defense Cyber Operations

DTIC Science & Technology

2015-06-12

the Common Defense of Cyberspace: Implications of a US Cyber Militia on Department of Defense Cyber Operations 5a. CONTRACT NUMBER 5b. GRANT ...20130423/ NEWS/304230016/Navy-wants-1-000-more-cyber-warriors. 33 Edward Cardon , “Army Cyber Capabilities” (Lecture, Advanced Operations Course...Finally, once a cyber security professional is trained, many argue, to include the head of Army’s Cyber Command, Lieutenant General Edward Cardon

75 FR 69709 - Office of New Reactors; Notice of Availability of the Final Staff Guidance; Standard Review Plan...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-15

... the Final Staff Guidance; Standard Review Plan, Section 13.6.6, Revision 0 on Cyber Security Plan... Reports for Nuclear Power Plants,'' Section 13.6.6, Revision 0 on ``Cyber Security Plan'' (Agencywide.... Disposition: On May 13, 2010, the NRC staff issued the proposed Revision 0 on SRP Section 13.6.6 on ``Cyber...

Situational Awareness as a Measure of Performance in Cyber Security Collaborative Work

DOE Office of Scientific and Technical Information (OSTI.GOV)

Malviya, Ashish; Fink, Glenn A.; Sego, Landon H.

Cyber defense competitions arising from U.S. service academy exercises, offer a platform for collecting data that can inform research that ranges from characterizing the ideal cyber warrior to describing behaviors during certain challenging cyber defense situations. This knowledge in turn could lead to better preparation of cyber defenders in both military and civilian settings. We conducted proof of concept experimentation to collect data during the Pacific-rim Regional Collegiate Cyber Defense Competition (PRCCDC) and analyzed it to study the behavior of cyber defenders. We propose that situational awareness predicts performance of cyber security professionals, and in this paper we focus onmore » our collection and analysis of competition data to determine whether it supports our hypothesis. In addition to normal cyber data, we collected situational awareness and workload data and compared it against the performance of cyber defenders as indicated by their competition score. We conclude that there is a weak correlation between our measure of situational awareness and performance that we hope to exploit in further studies.« less

Using a Prediction Model to Manage Cyber Security Threats.

PubMed

Jaganathan, Venkatesh; Cherurveettil, Priyesh; Muthu Sivashanmugam, Premapriya

2015-01-01

Cyber-attacks are an important issue faced by all organizations. Securing information systems is critical. Organizations should be able to understand the ecosystem and predict attacks. Predicting attacks quantitatively should be part of risk management. The cost impact due to worms, viruses, or other malicious software is significant. This paper proposes a mathematical model to predict the impact of an attack based on significant factors that influence cyber security. This model also considers the environmental information required. It is generalized and can be customized to the needs of the individual organization.

Using a Prediction Model to Manage Cyber Security Threats

PubMed Central

Muthu Sivashanmugam, Premapriya

2015-01-01

Cyber-attacks are an important issue faced by all organizations. Securing information systems is critical. Organizations should be able to understand the ecosystem and predict attacks. Predicting attacks quantitatively should be part of risk management. The cost impact due to worms, viruses, or other malicious software is significant. This paper proposes a mathematical model to predict the impact of an attack based on significant factors that influence cyber security. This model also considers the environmental information required. It is generalized and can be customized to the needs of the individual organization. PMID:26065024

A Survey on Cyber Security awareness among college students in Tamil Nadu

NASA Astrophysics Data System (ADS)

Senthilkumar, K.; Easwaramoorthy, Sathishkumar

2017-11-01

The aim of the study is to analyse the awareness of cyber security on college students in Tamil Nadu by focusing various security threats in the internet. In recent years cybercrime is an enormous challenge in all areas including national security, public safety and personal privacy. To prevent from a victim of cybercrime everyone must know about their own security and safety measures to protect by themselves. A well-structured questionnaire survey method will be applied to analyse the college student’s awareness in the area of cyber security. This survey will be going to conducted in major cities of Tamil Nadu by focusing various security threats like email, virus, phishing, fake advertisement, popup windows and other attacks in the internet. This survey examines the college students’ awareness and the level of awareness about the security issues and some suggestions are set forth to overcome these issues.

76 FR 78215 - Possession, Use, and Transfer of Select Agents and Toxins; Biennial Review; Proposed Rule

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-16

... agents and toxins list; whether minimum standards for personnel reliability, physical and cyber security... toxins list; (3) whether minimum standards for personnel reliability, physical and cyber security should...

CIOs Uncensored: Security Smarts.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Johnson, Gerald R.

2008-02-25

This commentary for the CIOs Uncensored section of InformationWeek will discuss PNNL’s “defense in depth” approach to cyber security. It will cover external and internal safeguards, as well as the all-important role of employees in the cyber security equation. For employees are your greatest vulnerability – and your last line of defense.

Seeking Balance in Cyber Education

DTIC Science & Technology

2015-02-01

properties that can be applied to computer systems, networks, and software. For example, in our Introduction to Cyber Security Course, given to...Below is the submittal schedule for the areas of emphasis we are looking for: Data Mining in Metrics? Jul/ JAug 2015 Issue Submission Deadline: Feb...Phone Arena. PhoneArena.com, 12 Nov. 2013. Web. 08 Aug. 2014. 8. Various. “SI110: Introduction to Cyber Security, Technical Foundations.” SI110

Cyber indicators of compromise: a domain ontology for security information and event management

DTIC Science & Technology

2017-03-01

COMPROMISE: A DOMAIN ONTOLOGY FOR SECURITY INFORMATION AND EVENT MANAGEMENT by Marsha D. Rowell March 2017 Thesis Co-Advisors: J. D...to automate this work is Security Information and Event Management (SIEM). In short, SIEM technology works by aggregating log information , and then...Distribution is unlimited. CYBER INDICATORS OF COMPROMISE: A DOMAIN ONTOLOGY FOR SECURITY INFORMATION AND EVENT MANAGEMENT Marsha D. Rowell

Cyber Hygiene for Control System Security

DOE PAGES

Oliver, David

2015-10-08

There are many resources from government and private industry available to assist organizations in reducing their attack surface and enhancing their security posture. Furthermore, standards are being written and improved upon to make the practice of securing a network more manageable. And while the specifics of network security are complex, most system vulnerabilities can be mitigated using fairly simple cyber hygiene techniques like those offered above.

High Fidelity Simulations of Large-Scale Wireless Networks (Plus-Up)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Onunkwo, Uzoma

Sandia has built a strong reputation in scalable network simulation and emulation for cyber security studies to protect our nation’s critical information infrastructures. Georgia Tech has preeminent reputation in academia for excellence in scalable discrete event simulations, with strong emphasis on simulating cyber networks. Many of the experts in this field, such as Dr. Richard Fujimoto, Dr. George Riley, and Dr. Chris Carothers, have strong affiliations with Georgia Tech. The collaborative relationship that we intend to immediately pursue is in high fidelity simulations of practical large-scale wireless networks using ns-3 simulator via Dr. George Riley. This project will have mutualmore » benefits in bolstering both institutions’ expertise and reputation in the field of scalable simulation for cyber-security studies. This project promises to address high fidelity simulations of large-scale wireless networks. This proposed collaboration is directly in line with Georgia Tech’s goals for developing and expanding the Communications Systems Center, the Georgia Tech Broadband Institute, and Georgia Tech Information Security Center along with its yearly Emerging Cyber Threats Report. At Sandia, this work benefits the defense systems and assessment area with promise for large-scale assessment of cyber security needs and vulnerabilities of our nation’s critical cyber infrastructures exposed to wireless communications.« less

High Assurance Control of Cyber-Physical Systems with Application to Unmanned Aircraft Systems

NASA Astrophysics Data System (ADS)

Kwon, Cheolhyeon

With recent progress in the networked embedded control technology, cyber attacks have become one of the major threats to Cyber-Physical Systems (CPSs) due to their close integration of physical processes, computational resources, and communication capabilities. While CPSs have various applications in both military and civilian uses, their on-board automation and communication afford significant advantages over a system without such abilities, but these benefits come at the cost of possible vulnerability to cyber attacks. Traditionally, most cyber security studies in CPSs are mainly based on the computer security perspective, focusing on issues such as the trustworthiness of data flow, without rigorously considering the system's physical processes such as real-time dynamic behaviors. While computer security components are key elements in the hardware/software layer, these methods alone are not sufficient for diagnosing the healthiness of the CPSs' physical behavior. In seeking to address this problem, this research work proposes a control theoretic perspective approach which can accurately represent the interactions between the physical behavior and the logical behavior (computing resources) of the CPS. Then a controls domain aspect is explored extending beyond just the logical process of the CPS to include the underlying physical behavior. This approach will allow the CPS whose physical operations are robust/resilient to the damage caused by cyber attacks, successfully complementing the existing CPS security architecture. It is important to note that traditional fault-tolerant/robust control methods could not be directly applicable to achieve resiliency against malicious cyber attacks which can be designed sophisticatedly to spoof the security/safety monitoring system (note this is different from common faults). Thus, security issues at this layer require different risk management to detect cyber attacks and mitigate their impact within the context of a unified physical and logical process model of the CPS. Specifically, three main tasks are discussed in this presentation: (i) we first investigate diverse granularity of the interactions inside the CPS and propose feasible cyber attack models to characterize the compromised behavior of the CPS with various measures, from its severity to detectability; (ii) based on this risk information, our approach to securing the CPS addresses both monitoring of and high assurance control design against cyber attacks by developing on-line safety assessment and mitigation algorithms; and (iii) by extending the developed theories and methods from a single CPS to multiple CPSs, we examine the security and safety of multi-CPS network that are strongly dependent on the network topology, cooperation protocols between individual CPSs, etc. The effectiveness of the analytical findings is demonstrated and validated with illustrative examples, especially unmanned aircraft system (UAS) applications.

77 FR 70483 - Request for Comments (RFC)-Federal Cybersecurity Research and Development Strategic Plan

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-26

... received by December 19, 2012. SUMMARY: This Request For Comments (RFC) is issued by the Cyber Security and... plan was developed under the leadership of the Cyber Security and Information Assurance Research and...

78 FR 59013 - President's Council of Advisors on Science and Technology

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-25

... Cyber-security report. DATES: The public conference call will be held on Monday, October 7, 2013, from 4.... to 4:30 p.m. (ET) During the conference call, PCAST will discuss its Cyber-security report...

77 FR 13135 - Agency Information Collection Activities: Submission for Review; Information Collection Request...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-05

... (DHS), Science and Technology, Protected Repository for the Defense of Infrastructure Against Cyber Threats (PREDICT) Program AGENCY: Science and Technology Directorate, DHS. ACTION: 30-Day notice and request for comment. SUMMARY: The Department of Homeland Security (DHS), Science & Technology (S&T...

Smart Grid Demonstration Project

DOE Office of Scientific and Technical Information (OSTI.GOV)

Miller, Craig; Carroll, Paul; Bell, Abigail

The National Rural Electric Cooperative Association (NRECA) organized the NRECA-U.S. Department of Energy (DOE) Smart Grid Demonstration Project (DE-OE0000222) to install and study a broad range of advanced smart grid technologies in a demonstration that spanned 23 electric cooperatives in 12 states. More than 205,444 pieces of electronic equipment and more than 100,000 minor items (bracket, labels, mounting hardware, fiber optic cable, etc.) were installed to upgrade and enhance the efficiency, reliability, and resiliency of the power networks at the participating co-ops. The objective of this project was to build a path for other electric utilities, and particularly electrical cooperatives,more » to adopt emerging smart grid technology when it can improve utility operations, thus advancing the co-ops’ familiarity and comfort with such technology. Specifically, the project executed multiple subprojects employing a range of emerging smart grid technologies to test their cost-effectiveness and, where the technology demonstrated value, provided case studies that will enable other electric utilities—particularly electric cooperatives— to use these technologies. NRECA structured the project according to the following three areas: Demonstration of smart grid technology; Advancement of standards to enable the interoperability of components; and Improvement of grid cyber security. We termed these three areas Technology Deployment Study, Interoperability, and Cyber Security. Although the deployment of technology and studying the demonstration projects at coops accounted for the largest portion of the project budget by far, we see our accomplishments in each of the areas as critical to advancing the smart grid. All project deliverables have been published. Technology Deployment Study: The deliverable was a set of 11 single-topic technical reports in areas related to the listed technologies. Each of these reports has already been submitted to DOE, distributed to co-ops, and posted for universal access at www.nreca.coop/smartgrid. This research is available for widespread distribution to both cooperative members and non-members. These reports are listed in Table 1.2. Interoperability: The deliverable in this area was the advancement of the MultiSpeak™ interoperability standard from version 4.0 to version 5.0, and improvement in the MultiSpeak™ documentation to include more than 100 use cases. This deliverable substantially expanded the scope and usability of MultiSpeak, ™ the most widely deployed utility interoperability standard, now in use by more than 900 utilities. MultiSpeak™ documentation can be accessed only at www.multispeak.org. Cyber Security: NRECA’s starting point was to develop cyber security tools that incorporated succinct guidance on best practices. The deliverables were: cyber security extensions to MultiSpeak,™ which allow more security message exchanges; a Guide to Developing a Cyber Security and Risk Mitigation Plan; a Cyber Security Risk Mitigation Checklist; a Cyber Security Plan Template that co-ops can use to create their own cyber security plans; and Security Questions for Smart Grid Vendors.« less

Cross-Layer Damage Assessment for Cyber Situational Awareness

NASA Astrophysics Data System (ADS)

Liu, Peng; Jia, Xiaoqi; Zhang, Shengzhi; Xiong, Xi; Jhi, Yoon-Chan; Bai, Kun; Li, Jason

Damage assessment plays a very important role in securing enterprise networks and systems. Gaining good awareness about the effects and impact of cyber attack actions would enable security officers to make the right cyber defense decisions and take the right cyber defense actions. A good number of damage assessment techniques have been proposed in the literature, but they typically focus on a single abstraction level (of the software system in concern). As a result, existing damage assessment techniques and tools are still very limited in satisfying the needs of comprehensive damage assessment which should not result in any “blind spots”.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Troy Hiltbrand; Daniel Jones

As we look at the cyber security ecosystem, are we planning to fight the battle as we did yesterday, with firewalls and intrusion detection systems (IDS), or are we sensing a change in how security is evolving and planning accordingly? With the technology enablement and possible financial benefits of cloud computing, the traditional tools for establishing and maintaining our cyber security ecosystems are being dramatically altered.

Department of Homeland Security

MedlinePlus

... Release Joint Technical Alerts on Malicious North Korean Cyber Activity Today, DHS and FBI released a pair ... María Provide Feedback to DHS Protect Myself from Cyber Attacks Report Cyber Incidents Prepare My Family for ...

Federal Plan for Cyber Security and Information Assurance Research and Development

DTIC Science & Technology

2006-04-01

Security Systems 103 varieties of the BB84 scheme have been developed, and other forms of quantum key distribution have been proposed. Rapid progress has led... key . Capability Gaps Existing quantum cryptographic protocols may also have weaknesses. Although BB84 is generally regarded as secure , researchers...complement agency-specific prioritization and R&D planning efforts in cyber security and information assurance. The Plan also describes the key Federal

On Cyber Warfare Command and Control Systems

DTIC Science & Technology

2004-06-01

longer adequate to rely solely on the now traditional defense-in-depth strategy. We must recognize that we are engaged in a form of warfare, cyber warfare , and... warfare . This causes security devices to be used ineffectively and responses to be untimely. Cyber warfare then becomes a one-sided battle where the... cyber warfare strategy and tactics requires a cyber warfare command and control system. Responses to cyber attacks do not require offensive measures

DOE Office of Scientific and Technical Information (OSTI.GOV)

Stewart, John; Halbgewachs, Ron; Chavez, Adrian

The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relatingmore » to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or tunnels , to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock utilities into proprietary and closed systems.« less

Cyber Risk Management for Critical Infrastructure: A Risk Analysis Model and Three Case Studies.

PubMed

Paté-Cornell, M-Elisabeth; Kuypers, Marshall; Smith, Matthew; Keller, Philip

2018-02-01

Managing cyber security in an organization involves allocating the protection budget across a spectrum of possible options. This requires assessing the benefits and the costs of these options. The risk analyses presented here are statistical when relevant data are available, and system-based for high-consequence events that have not happened yet. This article presents, first, a general probabilistic risk analysis framework for cyber security in an organization to be specified. It then describes three examples of forward-looking analyses motivated by recent cyber attacks. The first one is the statistical analysis of an actual database, extended at the upper end of the loss distribution by a Bayesian analysis of possible, high-consequence attack scenarios that may happen in the future. The second is a systems analysis of cyber risks for a smart, connected electric grid, showing that there is an optimal level of connectivity. The third is an analysis of sequential decisions to upgrade the software of an existing cyber security system or to adopt a new one to stay ahead of adversaries trying to find their way in. The results are distributions of losses to cyber attacks, with and without some considered countermeasures in support of risk management decisions based both on past data and anticipated incidents. © 2017 Society for Risk Analysis.

Development and Demonstration of a Security Core Component

DOE Office of Scientific and Technical Information (OSTI.GOV)

Turke, Andy

In recent years, the convergence of a number of trends has resulted in Cyber Security becoming a much greater concern for electric utilities. A short list of these trends includes: · Industrial Control Systems (ICSs) have evolved from depending on proprietary hardware and operating software toward using standard off-the-shelf hardware and operating software. This has meant that these ICSs can no longer depend on “security through obscurity. · Similarly, these same systems have evolved toward using standard communications protocols, further reducing their ability to rely upon obscurity. · The rise of the Internet and the accompanying demand for more datamore » about virtually everything has resulted in formerly isolated ICSs becoming at least partially accessible via Internet-connected networks. · “Cyber crime” has become commonplace, whether it be for industrial espionage, reconnaissance for a possible cyber attack, theft, or because some individual or group “has something to prove.” Electric utility system operators are experts at running the power grid. The reality is, especially at small and mid-sized utilities, these SCADA operators will by default be “on the front line” if and when a cyber attack occurs against their systems. These people are not computer software, networking, or cyber security experts, so they are ill-equipped to deal with a cyber security incident. Cyber Security Manager (CSM) was conceived, designed, and built so that it can be configured to know what a utility’s SCADA/EMS/DMS system looks like under normal conditions. To do this, CSM monitors log messages from any device that uses the syslog standard. It can also monitor a variety of statistics from the computers that make up the SCADA/EMS/DMS: outputs from host-based security tools, intrusion detection systems, SCADA alarms, and real-time SCADA values – even results from a SIEM (Security Information and Event Management) system. When the system deviates from “normal,” CSM can alert the operator in language that they understand that an incident may be occurring, provide actionable intelligence, and informing them what actions to take. These alarms may be viewed on CSM’s built-in user interface, sent to a SCADA alarm list, or communicated via email, phone, pager, or SMS message. In recognition of the fact that “real world” training for cyber security events is impractical, CSM has a built-in Operator Training Simulator capability. This can be used stand alone to create simulated event scenarios for training purposes. It may also be used in conjunction with the recipient’s SCADA/EMS/DMS Operator Training Simulator. In addition to providing cyber security situational awareness for electric utility operators, CSM also provides tools for analysts and support personnel; in fact, the majority of user interface displays are designed for use in analyzing current and past security events. CSM keeps security-related information in long-term storage, as well as writing any decisions it makes to a (syslog) log for use forensic or other post-event analysis.« less

Automatic Response to Intrusion

DTIC Science & Technology

2002-10-01

Computing Corporation Sidewinder Firewall [18] SRI EMERALD Basic Security Module (BSM) and EMERALD File Transfer Protocol (FTP) Monitors...the same event TCP Wrappers [24] Internet Security Systems RealSecure [31] SRI EMERALD IDIP monitor NAI Labs Generic Software Wrappers Prototype...included EMERALD , NetRadar, NAI Labs UNIX wrappers, ARGuE, MPOG, NetRadar, CyberCop Server, Gauntlet, RealSecure, and the Cyber Command System

Risk assessment for physical and cyber attacks on critical infrastructures.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Smith, Bryan J.; Sholander, Peter E.; Phelan, James M.

2005-08-01

Assessing the risk of malevolent attacks against large-scale critical infrastructures requires modifications to existing methodologies. Existing risk assessment methodologies consider physical security and cyber security separately. As such, they do not accurately model attacks that involve defeating both physical protection and cyber protection elements (e.g., hackers turning off alarm systems prior to forced entry). This paper presents a risk assessment methodology that accounts for both physical and cyber security. It also preserves the traditional security paradigm of detect, delay and respond, while accounting for the possibility that a facility may be able to recover from or mitigate the results ofmore » a successful attack before serious consequences occur. The methodology provides a means for ranking those assets most at risk from malevolent attacks. Because the methodology is automated the analyst can also play 'what if with mitigation measures to gain a better understanding of how to best expend resources towards securing the facilities. It is simple enough to be applied to large infrastructure facilities without developing highly complicated models. Finally, it is applicable to facilities with extensive security as well as those that are less well-protected.« less

Cyber Defense Management

DTIC Science & Technology

2016-09-01

manage cyber security is often a verymanual and labor intensive process. When a crisis hits, DoD responses range from highly automatedand instrumented...DSB Task Force Report on Cyber Defense Management September 2016 (U) This page intentionally blank REPORT OF THE DEFENSE SCIENCE BOARD STUDY ON Cyber ...DEFENSE FOR ACQUISITION, TECHNOLOGY & LOGISTICS SUBJECT: Final Report of the Defense Science Board (DSB) Task Force on Cyber Defense Management I am

What good cyber resilience looks like.

PubMed

Hult, Fredrik; Sivanesan, Giri

In January 2012, the World Economic Forum made cyber attacks its fourth top global risk. In the 2013 risk report, cyber attacks were noted to be an even higher risk in absolute terms. The reliance of critical infrastructure on cyber working has never been higher; the frequency, intensity, impact and sophistication of attacks is growing. This trend looks likely to continue. It can be argued that it is no longer a question whether an organisation will be successfully hacked, but how long it will take to detect. In the ever-changing cyber environment, traditional protection techniques and reliance on preventive controls are not enough. A more agile approach is required to give assurance of a sufficiently secure digital society. Are we faced with a paradigm shift or a storm in a digital teacup? This paper offers an introduction to why cyber is important, a wider taxonomy on the topic and some historical context on how the discipline of cyber security has evolved, and an interpretation on what this means in the new normal of today.

Introducing cyber.

PubMed

Hult, Fredrik; Sivanesan, Giri

In January 2012, the World Economic Forum made cyber attacks its fourth top global risk. In the 2013 risk report, cyber attacks were noted to be an even higher risk in absolute terms. The reliance of critical infrastructure on cyber working has never been higher; the frequency, intensity, impact and sophistication of attacks is growing. This trend looks likely to continue. It can be argued that it is no longer a question whether an organisation will be successfully hacked, but how long it will take to detect. In the ever-changing cyber environment, traditional protection techniques and reliance on preventive controls are not enough. A more agile approach is required to give assurance of a sufficiently secure digital society. Are we faced with a paradigm shift or a storm in a digital teacup? This paper offers an introduction to why cyber is important, a wider taxonomy on the topic and some historical context on how the discipline of cyber security has evolved, and an interpretation on what this means in the new normal of today.

Global Shipping Game

DTIC Science & Technology

2011-01-28

discussed the importance of cyber security in relation to global shipping and trade. The concept of e-SLOCs emerged from the analysis of player...discussed the importance of cyber security in relation to global shipping and trade. The concept of e-SLOCs emerged from the analysis of their discussion

Enhancing infrastructure resilience through business continuity planning.

PubMed

Fisher, Ronald; Norman, Michael; Klett, Mary

2017-01-01

Critical infrastructure is crucial to the functionality and wellbeing of the world around us. It is a complex network that works together to create an efficient society. The core components of critical infrastructure are dependent on one another to function at their full potential. Organisations face unprecedented environmental risks such as increased reliance on information technology and telecommunications, increased infrastructure interdependencies and globalisation. Successful organisations should integrate the components of cyber-physical and infrastructure interdependencies into a holistic risk framework. Physical security plans, cyber security plans and business continuity plans can help mitigate environmental risks. Cyber security plans are becoming the most crucial to have, yet are the least commonly found in organisations. As the reliance on cyber continues to grow, it is imperative that organisations update their business continuity and emergency preparedness activities to include this.

A game-theoretic method for cross-layer stochastic resilient control design in CPS

NASA Astrophysics Data System (ADS)

Shen, Jiajun; Feng, Dongqin

2018-03-01

In this paper, the cross-layer security problem of cyber-physical system (CPS) is investigated from the game-theoretic perspective. Physical dynamics of plant is captured by stochastic differential game with cyber-physical influence being considered. The sufficient and necessary condition for the existence of state-feedback equilibrium strategies is given. The attack-defence cyber interactions are formulated by a Stackelberg game intertwined with stochastic differential game in physical layer. The condition such that the Stackelberg equilibrium being unique and the corresponding analytical solutions are both provided. An algorithm is proposed for obtaining hierarchical security strategy by solving coupled games, which ensures the operational normalcy and cyber security of CPS subject to uncertain disturbance and unexpected cyberattacks. Simulation results are given to show the effectiveness and performance of the proposed algorithm.

Command and Control of the Department of Defense in Cyberspace

DTIC Science & Technology

2011-03-24

superiority are also unclassified and constantly probed by intruders and cyber criminals .5 To secure and defend our nation from cyber attacks and conduct...USCYBERCOM to use both offensive and defensive cyber weapons and the tools necessary to hunt down cyber criminals based on rule of law and the legal

What is the current state of the science of Cyber defense?

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hurd, Alan J.

My overall sense of the cyber defense field is one of an adolescent discipline currently bogged down in a cloud of issues, the most iconic of which is the great diversity of approaches that are being aggregated to form a coherent field. Because my own expertise is complex systems and materials physics research, I have limited direct experience in cyber security sciences except as a user of secure networks and computing resources. However, in producing this report, I have found with certainty that there exists no calculus for cyber risk assessment, mitigation, and response, although some hopeful precepts toward thismore » end are emerging.« less

Cyber security with radio frequency interferences mitigation study for satellite systems

NASA Astrophysics Data System (ADS)

Wang, Gang; Wei, Sixiao; Chen, Genshe; Tian, Xin; Shen, Dan; Pham, Khanh; Nguyen, Tien M.; Blasch, Erik

2016-05-01

Satellite systems including the Global Navigation Satellite System (GNSS) and the satellite communications (SATCOM) system provide great convenience and utility to human life including emergency response, wide area efficient communications, and effective transportation. Elements of satellite systems incorporate technologies such as navigation with the global positioning system (GPS), satellite digital video broadcasting, and information transmission with a very small aperture terminal (VSAT), etc. The satellite systems importance is growing in prominence with end users' requirement for globally high data rate transmissions; the cost reduction of launching satellites; development of smaller sized satellites including cubesat, nanosat, picosat, and femtosat; and integrating internet services with satellite networks. However, with the promising benefits, challenges remain to fully develop secure and robust satellite systems with pervasive computing and communications. In this paper, we investigate both cyber security and radio frequency (RF) interferences mitigation for satellite systems, and demonstrate that they are not isolated. The action space for both cyber security and RF interferences are firstly summarized for satellite systems, based on which the mitigation schemes for both cyber security and RF interferences are given. A multi-layered satellite systems structure is provided with cross-layer design considering multi-path routing and channel coding, to provide great security and diversity gains for secure and robust satellite systems.

77 FR 38306 - GFIRST Conference Stakeholder Evaluation

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-27

...), National Cyber Security Division (NCSD), United States Computer Emergency Readiness Team (US-CERT) will...- CERT, [email protected] . SUPPLEMENTARY INFORMATION: GFIRST is DHS's premier cyber conference and continually seeks to enhance collaborative efforts among cyber constituencies, partners, and stakeholders. The...

DOE Office of Scientific and Technical Information (OSTI.GOV)

MacDonald, Douglas G.; Clements, Samuel L.; Patrick, Scott W.

Securing high value and critical assets is one of the biggest challenges facing this nation and others around the world. In modern integrated systems, there are four potential modes of attack available to an adversary: • physical only attack, • cyber only attack, • physical-enabled cyber attack, • cyber-enabled physical attack. Blended attacks involve an adversary working in one domain to reduce system effectiveness in another domain. This enables the attacker to penetrate further into the overall layered defenses. Existing vulnerability assessment (VA) processes and software tools which predict facility vulnerabilities typically evaluate the physical and cyber domains separately. Vulnerabilitiesmore » which result from the integration of cyber-physical control systems are not well characterized and are often overlooked by existing assessment approaches. In this paper, we modified modification of the timely detection methodology, used for decades in physical security VAs, to include cyber components. The Physical and Cyber Risk Analysis Tool (PACRAT) prototype illustrates an integrated vulnerability assessment that includes cyber-physical interdependencies. Information about facility layout, network topology, and emplaced safeguards is used to evaluate how well suited a facility is to detect, delay, and respond to attacks, to identify the pathways most vulnerable to attack, and to evaluate how often safeguards are compromised for a given threat or adversary type. We have tested the PACRAT prototype on critical infrastructure facilities and the results are promising. Future work includes extending the model to prescribe the recommended security improvements via an automated cost-benefit analysis.« less

At the Crossroads of Cyber Warfare: Signposts for the Royal Australian Air Force

DTIC Science & Technology

2011-06-01

At the Crossroads of Cyber Warfare : Signposts for the Royal Australian Air Force by Craig Stallard, Squadron leader, Royal...in the conduct of cyber warfare . The 2009 Defence White Paper provided some clarity by indentifying cyber warfare as critical to the maintenance...of national security, but left open the most important issue: should cyber warfare be a joint engagement or a service oriented fight? The RAAF

Defense Science Board Task Force Report on Cyber Defense Management

DTIC Science & Technology

2016-09-01

manage cyber security is often a verymanual and labor intensive process. When a crisis hits, DoD responses range from highly automatedand instrumented...DSB Task Force Report on Cyber Defense Management September 2016 (U) This page intentionally blank REPORT OF THE DEFENSE SCIENCE BOARD STUDY ON Cyber ...DEFENSE FOR ACQUISITION, TECHNOLOGY & LOGISTICS SUBJECT: Final Report of the Defense Science Board (DSB) Task Force on Cyber Defense Management I am

Closing the Cyber Gap: Integrating Cross-Government Cyber Capabilities to Support the DHS Cyber Security Mission

DTIC Science & Technology

2014-12-01

Federal Bureau of Investigation (FBI), The FBI: A Centennial History, 1908–2008, 2nd ed. (Washington, DC: U.S. Government Printing Office, 2008), http...www.fbi.gov/about-us/history/a- centennial -history. 240 “This Day in History, July 26, 1908, FBI Founded.” 56...liberties would be secure into the future.255 The requirement that all operations be 250 Ibid.. 251 Ibid. 252 Ibid. 253 FBI, The FBI: A Centennial

Awaiting Cyber 9/11

DTIC Science & Technology

2013-01-01

tremendously dangerous and sophisticated virus that successfully attacked a SCADA system is now available for free on the Internet, where one can find...security for the public and private sectors. To develop this capability, the Nation needs to undergo a paradigm shift on how it views the cyber... for communications and trade were extraordinarily important for the security and prosperity of Britain. Today, the security and prosperity of the

Survey of cyber security issues in smart grids

NASA Astrophysics Data System (ADS)

Chen, Thomas M.

2010-04-01

The future smart grid will enable cost savings and lower energy use by means of smart appliances and smart meters which support dynamic load management and real-time monitoring of energy use and distribution. The introduction of two-way communications and control into power grid introduces security and privacy concerns. This talk will survey the security and privacy issues in smart grids using the NIST reference model, and relate these issues to cyber security in the Internet.

Assessment of current cybersecurity practices in the public domain : cyber indications and warnings domain.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hamlet, Jason R.; Keliiaa, Curtis M.

This report assesses current public domain cyber security practices with respect to cyber indications and warnings. It describes cybersecurity industry and government activities, including cybersecurity tools, methods, practices, and international and government-wide initiatives known to be impacting current practice. Of particular note are the U.S. Government's Trusted Internet Connection (TIC) and 'Einstein' programs, which are serving to consolidate the Government's internet access points and to provide some capability to monitor and mitigate cyber attacks. Next, this report catalogs activities undertaken by various industry and government entities. In addition, it assesses the benchmarks of HPC capability and other HPC attributes thatmore » may lend themselves to assist in the solution of this problem. This report draws few conclusions, as it is intended to assess current practice in preparation for future work, however, no explicit references to HPC usage for the purpose of analyzing cyber infrastructure in near-real-time were found in the current practice. This report and a related SAND2010-4766 National Cyber Defense High Performance Computing and Analysis: Concepts, Planning and Roadmap report are intended to provoke discussion throughout a broad audience about developing a cohesive HPC centric solution to wide-area cybersecurity problems.« less

77 FR 73669 - Response to Comments Received for the “The Menlo Report: Ethical Principles Guiding Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-12-11

... Technology Research'' (``The Menlo Report'') for the Department of Homeland Security (DHS), Science and Technology, Cyber Security Division (CSD), Protected Repository for the Defense of Infrastructure Against Cyber Threats (PREDICT) Project AGENCY: Science and Technology Directorate, DHS. ACTION: Response...

32 CFR 236.2 - Definitions.

Code of Federal Regulations, 2012 CFR

2012-07-01

... DEPARTMENT OF DEFENSE (DOD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE... defense information. (e) Cyber incident means actions taken through the use of computer networks that... residing therein. (f) Cyber intrusion damage assessment means a managed, coordinated process to determine...

32 CFR 236.2 - Definitions.

Code of Federal Regulations, 2013 CFR

2013-07-01

... DEPARTMENT OF DEFENSE (DOD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE... defense information. (e) Cyber incident means actions taken through the use of computer networks that... residing therein. (f) Cyber intrusion damage assessment means a managed, coordinated process to determine...

77 FR 72673 - Critical Infrastructure Protection and Resilience Month, 2012

Federal Register 2010, 2011, 2012, 2013, 2014

2012-12-05

.... Cyber incidents can have devastating consequences on both physical and virtual infrastructure, which is... work within existing authorities to fortify our country against cyber risks, comprehensive legislation remains essential to improving infrastructure security, enhancing cyber information sharing between...

77 FR 12320 - Information Collection Request: GFIRST Conference Stakeholder Evaluation

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-29

... Communications (CS&C), National Cyber Security Division (NCSD), United States Computer Emergency Readiness Team... personal information provided. SUPPLEMENTARY INFORMATION: The purpose of DHS's premier cyber conference is to continually seek to enhance collaborative efforts between cyber constituencies, partners and...

Risk Scan: A Review of Risk Assessment Capability and Maturity within the Canadian Safety and Security Program

DTIC Science & Technology

2014-06-01

SCADA / ICS Cyber Test Lab initiated in 2013 Psychosocial – academic research exists,; opportunity for sharing and developing impact assessment...ecosystems and species at risk), accidents / system failure (rail; pipelines ; ferries CSSP strategy for the North Focus on regional l(and local) problem...Guidance; business planning; environmental scan; proposal evaluation; and performance measurement Program Risk Management – Guidelines for project

Index of cyber integrity

NASA Astrophysics Data System (ADS)

Anderson, Gustave

2014-05-01

Unfortunately, there is no metric, nor set of metrics, that are both general enough to encompass all possible types of applications yet specific enough to capture the application and attack specific details. As a result we are left with ad-hoc methods for generating evaluations of the security of our systems. Current state of the art methods for evaluating the security of systems include penetration testing and cyber evaluation tests. For these evaluations, security professionals simulate an attack from malicious outsiders and malicious insiders. These evaluations are very productive and are able to discover potential vulnerabilities resulting from improper system configuration, hardware and software flaws, or operational weaknesses. We therefore propose the index of cyber integrity (ICI), which is modeled after the index of biological integrity (IBI) to provide a holistic measure of the health of a system under test in a cyber-environment. The ICI provides a broad base measure through a collection of application and system specific metrics. In this paper, following the example of the IBI, we demonstrate how a multi-metric index may be used as a holistic measure of the health of a system under test in a cyber-environment.

Data fusion in cyber security: first order entity extraction from common cyber data

NASA Astrophysics Data System (ADS)

Giacobe, Nicklaus A.

2012-06-01

The Joint Directors of Labs Data Fusion Process Model (JDL Model) provides a framework for how to handle sensor data to develop higher levels of inference in a complex environment. Beginning from a call to leverage data fusion techniques in intrusion detection, there have been a number of advances in the use of data fusion algorithms in this subdomain of cyber security. While it is tempting to jump directly to situation-level or threat-level refinement (levels 2 and 3) for more exciting inferences, a proper fusion process starts with lower levels of fusion in order to provide a basis for the higher fusion levels. The process begins with first order entity extraction, or the identification of important entities represented in the sensor data stream. Current cyber security operational tools and their associated data are explored for potential exploitation, identifying the first order entities that exist in the data and the properties of these entities that are described by the data. Cyber events that are represented in the data stream are added to the first order entities as their properties. This work explores typical cyber security data and the inferences that can be made at the lower fusion levels (0 and 1) with simple metrics. Depending on the types of events that are expected by the analyst, these relatively simple metrics can provide insight on their own, or could be used in fusion algorithms as a basis for higher levels of inference.

Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ondrej Linda; Todd Vollmer; Milos Manic

The planned large scale deployment of smart grid network devices will generate a large amount of information exchanged over various types of communication networks. The implementation of these critical systems will require appropriate cyber-security measures. A network anomaly detection solution is considered in this work. In common network architectures multiple communications streams are simultaneously present, making it difficult to build an anomaly detection solution for the entire system. In addition, common anomaly detection algorithms require specification of a sensitivity threshold, which inevitably leads to a tradeoff between false positives and false negatives rates. In order to alleviate these issues, thismore » paper proposes a novel anomaly detection architecture. The designed system applies the previously developed network security cyber-sensor method to individual selected communication streams allowing for learning accurate normal network behavior models. Furthermore, the developed system dynamically adjusts the sensitivity threshold of each anomaly detection algorithm based on domain knowledge about the specific network system. It is proposed to model this domain knowledge using Interval Type-2 Fuzzy Logic rules, which linguistically describe the relationship between various features of the network communication and the possibility of a cyber attack. The proposed method was tested on experimental smart grid system demonstrating enhanced cyber-security.« less

Susceptibility of SCADA systems and the energy sector

NASA Astrophysics Data System (ADS)

Goike, Lindsay

The research in this paper focused on analyzing SCADA systems in the energy sector for susceptibility to cyber attacks, in furtherance of providing suggestions to mitigate current and future cyber attacks. The research will be addressing the questions: how are SCADA systems susceptible to cyber attacks, and what are the suggested ways to mitigate both current and future cyber attacks. The five main categories of security vulnerabilities facing current SCADA systems were found to be: connectivity to the Internet, failure to plan, interdependency of sectors, numerous different types of threats, and outdated software. Some of the recommendations mentioned to mitigate current and future risks were: virtual private networks, risk assessments, increased physical security, updating of software, and firewalls.

A Hierarchical Security Architecture for Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Quanyan Zhu; Tamer Basar

2011-08-01

Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

Cyber Security Assessment Report: Adventium Labs

DOE Office of Scientific and Technical Information (OSTI.GOV)

None

2007-12-31

Major control system components often have life spans of 15-20 years. Many systems in our Nation's critical infrastructure were installed before the Internet became a reality and security was a concern. Consequently, control systems are generally insecure. Security is now being included in the development of new control system devices; however, legacy control systems remain vulnerable. Most efforts to secure control systems are aimed at protecting network borers, but if an intruder gets inside the network these systems are vulnerable to a cyber attack.

Inside the Wire: American Security and Cyber Warfare

DTIC Science & Technology

2017-03-01

Baumbauer, Derek E. "Ghost in the Network." University Of Pennsylvania Law Review 162, no. 5(April 2014): 1011-91. Daniali, Ghorban. "E- Money Laundering ...Challenges, Shared Opportunities." Strategic Studies Quarterly 6, no. 1(Spring 2012): 3-8. Cser, Orsolya. "The Role and Security of Money From the...34 Journal of National Security Law & Policy 7, no. 1(February 2014): 115-38. Cser, Orsolya. "The Role and Security of Money From the Aspect of Cyber

Cyber War: The Next Frontier for NATO

DTIC Science & Technology

2015-03-01

cyber-attacks as a way to advance their agenda. Common examples of cyber- attacks include computer viruses, worms , malware, and distributed denial of...take advantage of security holes and cause damage to computer systems, steal financial data, or acquire sensitive secrets. As technology becomes

32 CFR 236.2 - Definitions.

Code of Federal Regulations, 2014 CFR

2014-07-01

... DEPARTMENT OF DEFENSE (DoD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE... information. (e) Cyber incident means actions taken through the use of computer networks that result in an...) Cyber intrusion damage assessment means a managed, coordinated process to determine the effect on...

78 FR 53736 - Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-08-30

...: Title, Associated Form and OMB Number: Defense Industrial Base Cyber Security/Information Assurance (DIB CS/IA) Cyber Incident Reporting; OMB Control Number 0704-0489. Type of Request: Reinstatement without.... The requested information supports the collaborative cyber threat information sharing and incident...

Cyber Security Research Frameworks For Coevolutionary Network Defense

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rush, George D.; Tauritz, Daniel Remy

Several architectures have been created for developing and testing systems used in network security, but most are meant to provide a platform for running cyber security experiments as opposed to automating experiment processes. In the first paper, we propose a framework termed Distributed Cyber Security Automation Framework for Experiments (DCAFE) that enables experiment automation and control in a distributed environment. Predictive analysis of adversaries is another thorny issue in cyber security. Game theory can be used to mathematically analyze adversary models, but its scalability limitations restrict its use. Computational game theory allows us to scale classical game theory to larger,more » more complex systems. In the second paper, we propose a framework termed Coevolutionary Agent-based Network Defense Lightweight Event System (CANDLES) that can coevolve attacker and defender agent strategies and capabilities and evaluate potential solutions with a custom network defense simulation. The third paper is a continuation of the CANDLES project in which we rewrote key parts of the framework. Attackers and defenders have been redesigned to evolve pure strategy, and a new network security simulation is devised which specifies network architecture and adds a temporal aspect. We also add a hill climber algorithm to evaluate the search space and justify the use of a coevolutionary algorithm.« less

Individual differences in cyber security behaviors: an examination of who is sharing passwords.

PubMed

Whitty, Monica; Doodson, James; Creese, Sadie; Hodges, Duncan

2015-01-01

In spite of the number of public advice campaigns, researchers have found that individuals still engage in risky password practices. There is a dearth of research available on individual differences in cyber security behaviors. This study focused on the risky practice of sharing passwords. As predicted, we found that individuals who scored high on a lack of perseverance were more likely to share passwords. Contrary to our hypotheses, we found younger [corrected] people and individuals who score high on self-monitoring were more likely to share passwords. We speculate on the reasons behind these findings, and examine how they might be considered in future cyber security educational campaigns.

Individual Differences in Cyber Security Behaviors: An Examination of Who Is Sharing Passwords

PubMed Central

Doodson, James; Creese, Sadie; Hodges, Duncan

2015-01-01

Abstract In spite of the number of public advice campaigns, researchers have found that individuals still engage in risky password practices. There is a dearth of research available on individual differences in cyber security behaviors. This study focused on the risky practice of sharing passwords. As predicted, we found that individuals who scored high on a lack of perseverance were more likely to share passwords. Contrary to our hypotheses, we found older people and individuals who score high on self-monitoring were more likely to share passwords. We speculate on the reasons behind these findings, and examine how they might be considered in future cyber security educational campaigns. PMID:25517697

The Need for Cyber-Informed Engineering Expertise for Nuclear Research Reactors

DOE Office of Scientific and Technical Information (OSTI.GOV)

Anderson, Robert Stephen

Engineering disciplines may not currently understand or fully embrace cyber security aspects as they apply towards analysis, design, operation, and maintenance of nuclear research reactors. Research reactors include a wide range of diverse co-located facilities and designs necessary to meet specific operational research objectives. Because of the nature of research reactors (reduced thermal energy and fission product inventory), hazards and risks may not have received the same scrutiny as normally associated with power reactors. Similarly, security may not have been emphasized either. However, the lack of sound cybersecurity defenses may lead to both safety and security impacts. Risk management methodologiesmore » may not contain the foundational assumptions required to address the intelligent adversary’s capabilities in malevolent cyber attacks. Although most research reactors are old and may not have the same digital footprint as newer facilities, any digital instrument and control function must be considered as a potential attack platform that can lead to sabotage or theft of nuclear material, especially for some research reactors that store highly enriched uranium. This paper will provide a discussion about the need for cyber-informed engineering practices that include the entire engineering lifecycle. Cyber-informed engineering as referenced in this paper is the inclusion of cybersecurity aspects into the engineering process. A discussion will consider several attributes of this process evaluating the long-term goal of developing additional cyber safety basis analysis and trust principles. With a culture of free information sharing exchanges, and potentially a lack of security expertise, new risk analysis and design methodologies need to be developed to address this rapidly evolving (cyber) threatscape.« less

On a simulation study of cyber attacks on vehicle-to-infrastructure communication (V2I) in Intelligent Transportation System (ITS)

NASA Astrophysics Data System (ADS)

Ekedebe, Nnanna; Yu, Wei; Song, Houbing; Lu, Chao

2015-05-01

An intelligent transportation system (ITS) is one typical cyber-physical system (CPS) that aims to provide efficient, effective, reliable, and safe driving experiences with minimal congestion and effective traffic flow management. In order to achieve these goals, various ITS technologies need to work synergistically. Nonetheless, ITS's reliance on wireless connectivity makes it vulnerable to cyber threats. Thus, it is critical to understand the impact of cyber threats on ITS. In this paper, using real-world transportation dataset, we evaluated the consequences of cyber threats - attacks against service availability by jamming the communication channel of ITS. In this way, we can have a better understanding of the importance of ensuring adequate security respecting safety and life-critical ITS applications before full and expensive real-world deployments. Our experimental data shows that cyber threats against service availability could adversely affect traffic efficiency and safety performances evidenced by exacerbated travel time, fuel consumed, and other evaluated performance metrics as the communication network is compromised. Finally, we discuss a framework to make ITS secure and more resilient against cyber threats.

Cyber Deterrence and Stability

DOE Office of Scientific and Technical Information (OSTI.GOV)

Goychayev, Rustam; Carr, Geoffrey A.; Weise, Rachel A.

Throughout the 20th and early 21st centuries, deterrence and arms control have been cornerstones of strategic stability between the superpowers. However, the weaponization of the cyber realm by State actors and the multipolar nature of cyber conflict now undermines that stability. Strategic stability is the state in which nations believe that if they act aggressively to undermine U.S. national interests and the post-World War II liberal democratic order, the consequences will outweigh the benefits. The sense of lawlessness and lack of consequences in the cyber realm embolden States to be more aggressive in taking actions that undermine stability. Accordingly, thismore » paper examines 1) the role of deterrence and arms control in securing cyber stability, and 2) the limitations and challenges associated with these traditional national security paradigms as applied to this emerging threat domain. This paper demonstrates that many 20th-century deterrence and arms control concepts are not particularly applicable in the cyber realm. However, they are not entirely irrelevant. The United States can distill lessons learned from this rich deterrence and arms control experience to develop and deploy a strategy to advance cyber stability.« less

77 FR 33206 - Combined Notice of Filings #1

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-05

... Reliability Standard CIP- 006--Cyber Security--Physical Security of Critical Cyber Assets. Filed Date: 5/23/12... Company, LLC. Description: Certificate of Concurrence to be effective 7/12/2012. Filed Date: 5/24/12.... Comments Due: 5 p.m. ET 6/14/12. Docket Numbers: ER12-1845-000. Applicants: AEP Texas North Company...

76 FR 48908 - Biweekly Notice; Applications and Amendments to Facility Operating Licenses Involving No...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-09

.... Therefore, pursuant to 10 CFR 51.22(b), no environmental impact statement or environmental assessment need... provisions of the NRC-approved Cyber Security Plan. The proposed change is consistent with Nuclear Energy...-approved Cyber Security Plan. The proposed change is consistent with Nuclear Energy Institute (NEI) 08-09...

Institutional Foundations for Cyber Security: Current Responses and New Challenges

DTIC Science & Technology

2010-09-01

endowed with regional authority, they remain restricted in their capacity to respond to cyber criminals . National CERTs occupy a first-line responder role...economiccrime/ cybercrime/Documents/CountryProfiles/default_en.asp Federal Bureau of Investigation. (2006). Netting cyber criminals . Retrieved on February

77 FR 60607 - National Cybersecurity Awareness Month, 2012

Federal Register 2010, 2011, 2012, 2013, 2014

2012-10-04

... released the Blueprint for a Secure Cyber Future--a strategic plan to protect government, the private sector, and the public against cyber threats today and tomorrow. As we continue to improve our... infrastructure, facilitating greater cyber information sharing between government and the private sector, and...

DOE Office of Scientific and Technical Information (OSTI.GOV)

Happenny, Sean F.

The United States’ power infrastructure is aging, underfunded, and vulnerable to cyber attack. Emerging smart grid technologies may take some of the burden off of existing systems and make the grid as a whole more efficient, reliable, and secure. The Pacific Northwest National Laboratory (PNNL) is funding research into several aspects of smart grid technology and grid security, creating a software simulation tool that will allow researchers to test power distribution networks utilizing different smart grid technologies to determine how the grid and these technologies react under different circumstances. Demonstrating security in embedded systems is another research area PNNL ismore » tackling. Many of the systems controlling the U.S. critical infrastructure, such as the power grid, lack integrated security and the networks protecting them are becoming easier to breach. Providing a virtual power substation network to each student team at the National Collegiate Cyber Defense Competition, thereby supporting the education of future cyber security professionals, is another way PNNL is helping to strengthen the security of the nation’s power infrastructure.« less

An assessment of the cyber security legislation and its impact on the United States electrical sector

NASA Astrophysics Data System (ADS)

Born, Joshua

The purpose of this research was to examine the cyber-security posture for the United States' electrical grid, which comprises a major component of critical infrastructure for the country. The United States electrical sector is so vast, that the Department of Homeland Security (DHS) estimates, it contains more than 6,413 power plants (this includes 3,273 traditional electric utilities and 1,738 nonutility power producers) with approximately 1,075 gigawatts of energy produced on a daily basis. A targeted cyber-security attack against the electric grid would likely have catastrophic results and could even serve as a precursor to a physical attack against the United States. A recent report by the consulting firm Black and Veatch found that one of the top five greatest concerns for United States electric utilities is the risk that cybersecurity poses to their industry and yet, only one-third state they are currently prepared to meet the increasingly likely threat. The report goes on to state, "only 32% of electric utilities surveyed had integrated security systems with the proper segmentation, monitoring and redundancies needed for cyber threat protection. Another 48 % said they did not" Recent estimates indicate that a large-scale cyber-attack against this sector could cost the United States economy as much as a trillion dollars within a weeks' time. Legislative efforts in the past have primarily been focused on creating mandates that encourage public and private partnership, which have been not been adopted as quickly as desired. With 85 % of all electric utilities being privately owned, it is key that the public and private sector partner in order to mitigate risks and respond as a cohesive unit in the event of a major attack. Keywords: Cybersecurity, Professor Riddell, cyber security, energy, intelligence, outlook, electrical, compliance, legislation, partnerships, critical infrastructure.

Crisis-management and the Security in the Internet

NASA Astrophysics Data System (ADS)

Harada, Izumi

This paper discusses about the crisis-management and the security in the Internet. The crime that not is so far occurs during widespread to the society of the Internet, and a big social trouble. Moreover, the problem of a new security such as a cyber war and cyber terrorism appeared, too. It is necessary to recognize such a situation, and to do both correspondences corresponding to the environmental transformation by government and the people.

39 CFR 501.11 - Reporting Postage Evidencing System security weaknesses.

Code of Federal Regulations, 2014 CFR

2014-07-01

... any repeatable deviation from normal Postage Evidencing System performance. (3) Cyber attacks that... misappropriating assets or sensitive information, corrupting data, or causing operational disruption. Cyber attacks... causing denial-of-service attacks on Web sites. Cyber attacks may be carried out by third parties or...

39 CFR 501.11 - Reporting Postage Evidencing System security weaknesses.

Code of Federal Regulations, 2013 CFR

2013-07-01

... any repeatable deviation from normal Postage Evidencing System performance. (3) Cyber attacks that... misappropriating assets or sensitive information, corrupting data, or causing operational disruption. Cyber attacks... causing denial-of-service attacks on Web sites. Cyber attacks may be carried out by third parties or...

39 CFR 501.11 - Reporting Postage Evidencing System security weaknesses.

Code of Federal Regulations, 2012 CFR

2012-07-01

... any repeatable deviation from normal Postage Evidencing System performance. (3) Cyber attacks that... misappropriating assets or sensitive information, corrupting data, or causing operational disruption. Cyber attacks... causing denial-of-service attacks on Web sites. Cyber attacks may be carried out by third parties or...

3 CFR 8910 - Proclamation 8910 of November 30, 2012. Critical Infrastructure Protection and Resilience Month...

Code of Federal Regulations, 2013 CFR

2013-01-01

... also its vulnerabilities to emerging threats. Cyber incidents can have devastating consequences on both... against cyber risks, comprehensive legislation remains essential to improving infrastructure security, enhancing cyber information sharing between government and the private sector, and protecting the privacy...

Uncertainty and Risk Management in Cyber Situational Awareness

NASA Astrophysics Data System (ADS)

Li, Jason; Ou, Xinming; Rajagopalan, Raj

Handling cyber threats unavoidably needs to deal with both uncertain and imprecise information. What we can observe as potential malicious activities can seldom give us 100% confidence on important questions we care about, e.g. what machines are compromised and what damage has been incurred. In security planning, we need information on how likely a vulnerability can lead to a successful compromise to better balance security and functionality, performance, and ease of use. These information are at best qualitative and are often vague and imprecise. In cyber situational awareness, we have to rely on such imperfect information to detect real attacks and to prevent an attack from happening through appropriate risk management. This chapter surveys existing technologies in handling uncertainty and risk management in cyber situational awareness.

CyberPetri at CDX 2016: Real-time Network Situation Awareness

DOE Office of Scientific and Technical Information (OSTI.GOV)

Arendt, Dustin L.; Best, Daniel M.; Burtner, Edwin R.

CyberPetri is a novel visualization technique that provides a flexible map of the network based on available characteristics, such as IP address, operating system, or service. Previous work introduced CyberPetri as a visualization feature in Ocelot, a network defense tool that helped security analysts understand and respond to an active defense scenario. In this paper we present a case study in which we use the CyberPetri visualization technique to support real-time situation awareness during the 2016 Cyber Defense Exercise.

Collegiate Cyber Defense Competition Effort

DTIC Science & Technology

2018-03-01

Energy – an electrical utility company. • 2016 : ODIN Security – a small aerospace and defense contracting firm Approved for Public Release...to secure supervisory control and data acquisition (SCADA) networks. Approved for Public Release; Distribution Unlimited 7 During the 2016 NCCDC...COLLEGIATE CYBER DEFENSE COMPETITION EFFORT UNIVERSITY OF TEXAS AT SAN ANTONIO MARCH 2018 FINAL TECHNICAL REPORT APPROVED FOR PUBLIC RELEASE

75 FR 29588 - Office of New Reactors: Proposed NUREG-0800; Standard Review Plan Section 13.6.6, Draft Revision...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-26

... NUCLEAR REGULATORY COMMISSION [NRC-2010-0184] Office of New Reactors: Proposed NUREG-0800; Standard Review Plan Section 13.6.6, Draft Revision 0 on Cyber Security Plan AGENCY: Nuclear Regulatory... Plants,'' on a proposed Standard Review Plan (SRP) Section 13.6.6 on ``Cyber Security Plan'' (Agencywide...

The Cyber Security Crisis

ScienceCinema

Spafford, Eugene

2018-05-11

Despite considerable activity and attention, the overall state of information security continues to get worse. Attacks are increasing, fraud and theft are rising, and losses may exceed $100 billion per year worldwide. Many factors contribute to this, including misplaced incentives for industry, a lack of attention by government, ineffective law enforcement, and an uninformed image of who the perpetrators really are. As a result, many of the intended attempts at solutions are of limited (if any) overall effectiveness. This presentation will illustrate some key aspects of the cyber security problem and its magnitude, as well as provide some insight into causes and enabling factors. The talk will conclude with some observations on how the computing community can help improve the situation, as well as some suggestions for 'cyber self-defense.'

76 FR 19333 - Commission Information Collection Activities (FERC-725B); Comment Request; Submitted for OMB Review

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-07

... the Bulk-Power System to comply with specific requirements to safeguard critical cyber assets.\\2\\ These standards help protect the nation's Bulk-Power System against potential disruptions from cyber... recordkeeping requirements. Specifically, CIP- 008-1 requires responsible entities to report cyber security...

Centralized Cryptographic Key Management and Critical Risk Assessment - CRADA Final Report For CRADA Number NFE-11-03562

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, R. K.; Peters, Scott

The Department of Energy Office of Electricity Delivery and Energy Reliability (DOE-OE) Cyber Security for Energy Delivery Systems (CSEDS) industry led program (DE-FOA-0000359) entitled "Innovation for Increasing Cyber Security for Energy Delivery Systems (12CSEDS)," awarded a contract to Sypris Electronics LLC to develop a Cryptographic Key Management System for the smart grid (Scalable Key Management Solutions for Critical Infrastructure Protection). Oak Ridge National Laboratory (ORNL) and Sypris Electronics, LLC as a result of that award entered into a CRADA (NFE-11-03562) between ORNL and Sypris Electronics, LLC. ORNL provided its Cyber Security Econometrics System (CSES) as a tool to be modifiedmore » and used as a metric to address risks and vulnerabilities in the management of cryptographic keys within the Advanced Metering Infrastructure (AMI) domain of the electric sector. ORNL concentrated our analysis on the AMI domain of which the National Electric Sector Cyber security Organization Resource (NESCOR) Working Group 1 (WG1) has documented 29 failure scenarios. The computational infrastructure of this metric involves system stakeholders, security requirements, system components and security threats. To compute this metric, we estimated the stakes that each stakeholder associates with each security requirement, as well as stochastic matrices that represent the probability of a threat to cause a component failure and the probability of a component failure to cause a security requirement violation. We applied this model to estimate the security of the AMI, by leveraging the recently established National Institute of Standards and Technology Interagency Report (NISTIR) 7628 guidelines for smart grid security and the International Electrotechnical Commission (IEC) 63351, Part 9 to identify the life cycle for cryptographic key management, resulting in a vector that assigned to each stakeholder an estimate of their average loss in terms of dollars per day of system operation. To further address probabilities of threats, information security analysis can be performed using game theory implemented in dynamic Agent Based Game Theoretic (ABGT) simulations. Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. The strategy for the game was developed by analyzing five electric sector representative failure scenarios contained in the AMI functional domain from NESCOR WG1. From these five selected scenarios, we characterized them into three specific threat categories affecting confidentiality, integrity and availability (CIA). The analysis using our ABGT simulation demonstrated how to model the AMI functional domain using a set of rationalized game theoretic rules decomposed from the failure scenarios in terms of how those scenarios might impact the AMI network with respect to CIA.« less

Cryptographic Key Management and Critical Risk Assessment

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K

The Department of Energy Office of Electricity Delivery and Energy Reliability (DOE-OE) CyberSecurity for Energy Delivery Systems (CSEDS) industry led program (DE-FOA-0000359) entitled "Innovation for Increasing CyberSecurity for Energy Delivery Systems (12CSEDS)," awarded a contract to Sypris Electronics LLC to develop a Cryptographic Key Management System for the smart grid (Scalable Key Management Solutions for Critical Infrastructure Protection). Oak Ridge National Laboratory (ORNL) and Sypris Electronics, LLC as a result of that award entered into a CRADA (NFE-11-03562) between ORNL and Sypris Electronics, LLC. ORNL provided its Cyber Security Econometrics System (CSES) as a tool to be modified and usedmore » as a metric to address risks and vulnerabilities in the management of cryptographic keys within the Advanced Metering Infrastructure (AMI) domain of the electric sector. ORNL concentrated our analysis on the AMI domain of which the National Electric Sector Cyber security Organization Resource (NESCOR) Working Group 1 (WG1) has documented 29 failure scenarios. The computational infrastructure of this metric involves system stakeholders, security requirements, system components and security threats. To compute this metric, we estimated the stakes that each stakeholder associates with each security requirement, as well as stochastic matrices that represent the probability of a threat to cause a component failure and the probability of a component failure to cause a security requirement violation. We applied this model to estimate the security of the AMI, by leveraging the recently established National Institute of Standards and Technology Interagency Report (NISTIR) 7628 guidelines for smart grid security and the International Electrotechnical Commission (IEC) 63351, Part 9 to identify the life cycle for cryptographic key management, resulting in a vector that assigned to each stakeholder an estimate of their average loss in terms of dollars per day of system operation. To further address probabilities of threats, information security analysis can be performed using game theory implemented in dynamic Agent Based Game Theoretic (ABGT) simulations. Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. The strategy for the game was developed by analyzing five electric sector representative failure scenarios contained in the AMI functional domain from NESCOR WG1. From these five selected scenarios, we characterized them into three specific threat categories affecting confidentiality, integrity and availability (CIA). The analysis using our ABGT simulation demonstrated how to model the AMI functional domain using a set of rationalized game theoretic rules decomposed from the failure scenarios in terms of how those scenarios might impact the AMI network with respect to CIA.« less

Programmable Logic Controllers for Research on the Cyber Security of Industrial Power Plants

DTIC Science & Technology

2017-02-12

group . 15. SUBJECT TERMS Industrial control systems, cyber security 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF a. REPORT b. ABSTRACT c. THIS...currently valid OMB control number. PLEASE DO NOT RETURN YOUR FORM TO THE ABOVE ADDRESS. 1. REPORT DATE (00-MM-YYYY) ,2. REPORT TYPE 3. DATES COVERED...From- To) 12/02/2017 Final 15 August 2015 - 12 February 2017 4. TITLE AND SUBTITLE Sa. CONTRACT NUMBER Programmable Logic Controllers for Research

Combining Traditional Cyber Security Audit Data with Psychosocial Data: Towards Predictive Modeling for Insider Threat Mitigation

DOE Office of Scientific and Technical Information (OSTI.GOV)

Greitzer, Frank L.; Frincke, Deborah A.

2010-09-01

The purpose of this chapter is to motivate the combination of traditional cyber security audit data with psychosocial data, so as to move from an insider threat detection stance to one that enables prediction of potential insider presence. Two distinctive aspects of the approach are the objective of predicting or anticipating potential risks and the use of organizational data in addition to cyber data to support the analysis. The chapter describes the challenges of this endeavor and progress in defining a usable set of predictive indicators, developing a framework for integrating the analysis of organizational and cyber security data tomore » yield predictions about possible insider exploits, and developing the knowledge base and reasoning capability of the system. We also outline the types of errors that one expects in a predictive system versus a detection system and discuss how those errors can affect the usefulness of the results.« less

32 CFR 236.1 - Purpose.

Code of Federal Regulations, 2013 CFR

2013-07-01

... DEFENSE (DOD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE (CS/IA) ACTIVITIES § 236.1 Purpose. Cyber threats to DIB unclassified information systems represent an unacceptable...

32 CFR 236.1 - Purpose.

Code of Federal Regulations, 2012 CFR

2012-07-01

... DEFENSE (DOD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE (CS/IA) ACTIVITIES § 236.1 Purpose. Cyber threats to DIB unclassified information systems represent an unacceptable...

Cyber Security: A Road Map for Turkey

DTIC Science & Technology

2012-03-19

Cyber warfare is a form of information warfare, sometimes seen as analogous to conventional warfare, among a range of potential actors, including...nation states, non-state groups, and a complex hybrid of conflict involving both state and non-state actors. Cyber warfare is a tool of national power...An entire nation s ability to operate and fight in the information age is vital toward survival. Nowadays, cyber warfare is mostly focused on

Multinational Experiment 7. Outcome 3 - Cyber Domain Objective 3.4: Cyber Situational Awareness Standard Operating Procedure

DTIC Science & Technology

2012-12-01

and activity coordination (for example, SOC management ). 10. In Reference D the information sharing framework represents a hub & node model in... management , vulnerabilities, critical assets, threats, impacts on operations etc. UNCLASSIFIED UNCLASSIFIED 6 PART 3 - CYBER SITUATIONAL AWARENESS...limit the effect of cyber incidents. 23. Tasks of the SOC include: • System maintenance and management including applying the directed security

Impact modeling and prediction of attacks on cyber targets

NASA Astrophysics Data System (ADS)

Khalili, Aram; Michalk, Brian; Alford, Lee; Henney, Chris; Gilbert, Logan

2010-04-01

In most organizations, IT (information technology) infrastructure exists to support the organization's mission. The threat of cyber attacks poses risks to this mission. Current network security research focuses on the threat of cyber attacks to the organization's IT infrastructure; however, the risks to the overall mission are rarely analyzed or formalized. This connection of IT infrastructure to the organization's mission is often neglected or carried out ad-hoc. Our work bridges this gap and introduces analyses and formalisms to help organizations understand the mission risks they face from cyber attacks. Modeling an organization's mission vulnerability to cyber attacks requires a description of the IT infrastructure (network model), the organization mission (business model), and how the mission relies on IT resources (correlation model). With this information, proper analysis can show which cyber resources are of tactical importance in a cyber attack, i.e., controlling them enables a large range of cyber attacks. Such analysis also reveals which IT resources contribute most to the organization's mission, i.e., lack of control over them gravely affects the mission. These results can then be used to formulate IT security strategies and explore their trade-offs, which leads to better incident response. This paper presents our methodology for encoding IT infrastructure, organization mission and correlations, our analysis framework, as well as initial experimental results and conclusions.

Main control computer security model of closed network systems protection against cyber attacks

NASA Astrophysics Data System (ADS)

Seymen, Bilal

2014-06-01

The model that brings the data input/output under control in closed network systems, that maintains the system securely, and that controls the flow of information through the Main Control Computer which also brings the network traffic under control against cyber-attacks. The network, which can be controlled single-handedly thanks to the system designed to enable the network users to make data entry into the system or to extract data from the system securely, intends to minimize the security gaps. Moreover, data input/output record can be kept by means of the user account assigned for each user, and it is also possible to carry out retroactive tracking, if requested. Because the measures that need to be taken for each computer on the network regarding cyber security, do require high cost; it has been intended to provide a cost-effective working environment with this model, only if the Main Control Computer has the updated hardware.

Use of CYBER 203 and CYBER 205 computers for three-dimensional transonic flow calculations

NASA Technical Reports Server (NTRS)

Melson, N. D.; Keller, J. D.

1983-01-01

Experiences are discussed for modifying two three-dimensional transonic flow computer programs (FLO 22 and FLO 27) for use on the CDC CYBER 203 computer system. Both programs were originally written for use on serial machines. Several methods were attempted to optimize the execution of the two programs on the vector machine: leaving the program in a scalar form (i.e., serial computation) with compiler software used to optimize and vectorize the program, vectorizing parts of the existing algorithm in the program, and incorporating a vectorizable algorithm (ZEBRA I or ZEBRA II) in the program. Comparison runs of the programs were made on CDC CYBER 175. CYBER 203, and two pipe CDC CYBER 205 computer systems.

32 CFR 236.1 - Purpose.

Code of Federal Regulations, 2014 CFR

2014-07-01

... DEFENSE (DoD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE (CS/IA) ACTIVITIES § 236.1 Purpose. Cyber threats to DIB unclassified information systems represent an unacceptable...

32 CFR 236.3 - Policy.

Code of Federal Regulations, 2012 CFR

2012-07-01

... DEFENSE (DOD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE (CS/IA... systems. (b) Increase the Government and DIB situational awareness of the extent and severity of cyber...

32 CFR 236.3 - Policy.

Code of Federal Regulations, 2013 CFR

2013-07-01

... DEFENSE (DOD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE (CS/IA... systems. (b) Increase the Government and DIB situational awareness of the extent and severity of cyber...

21st Century Cyber Security: Legal Authorities and Requirements

DTIC Science & Technology

2012-03-22

Cyber warfare has risen to the level of strategic effect. Exigent threats in cyberspace are a critical U.S. strategic vulnerability for which U.S...operations cross many sections of United States Code. But, they have not yielded a genuine whole-of-government approach. This SRP argues that cyber warfare has

The game-theoretic national interstate economic model : an integrated framework to quantify the economic impacts of cyber-terrorist behavior.

DOT National Transportation Integrated Search

2014-12-01

This study suggests an integrated framework to quantify cyber attack impacts on the U.S. airport security system. A cyber attack by terrorists on the U.S. involves complex : strategic behavior by the terrorists because they could plan to invade an ai...

3 CFR 8875 - Proclamation 8875 of October 1, 2012. National Cybersecurity Awareness Month, 2012

Code of Federal Regulations, 2013 CFR

2013-01-01

... November 2011, we released the Blueprint for a Secure Cyber Future—a strategic plan to protect government, the private sector, and the public against cyber threats today and tomorrow. As we continue to improve... our critical infrastructure, facilitating greater cyber information sharing between government and the...

77 FR 59627 - Homeland Security Advisory Council

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-28

... purpose of reviewing and deliberating on recommendations by the HSAC's Cyber Skills Task Force. DATES: The.... The HSAC will meet to review and deliberate on the Cyber Skills Task Force report of findings and... details and the Cyber Skills Task Force report will be provided to interested members of the public at the...

Constructing a Cyber Preparedness Framework (CPF): The Lockheed Martin Case Study

ERIC Educational Resources Information Center

Beyer, Dawn M.

2014-01-01

The protection of sensitive data and technologies is critical in preserving United States (U.S.) national security and minimizing economic losses. However, during a cyber attack, the operational capability to constrain the exfiltrations of sensitive data and technologies may not be available. A cyber preparedness methodology (CPM) can improve…

Developing the Cyber Defenders of Tomorrow with Regional Collegiate Cyber Defense Competitions (CCDC)

ERIC Educational Resources Information Center

Carlin, Anna; Manson, Daniel P.; Zhu, Jake

2010-01-01

With the projected higher demand for Network Systems Analysts and increasing computer crime, network security specialists are an organization's first line of defense. The principle function of this paper is to provide the evolution of Collegiate Cyber Defense Competitions (CCDC), event planning required, soliciting sponsors, recruiting personnel…

32 CFR 236.3 - Policy.

Code of Federal Regulations, 2014 CFR

2014-07-01

... DEFENSE (DoD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE (CS/IA... systems. (b) Increase the Government and DIB situational awareness of the extent and severity of cyber...

Cyber Security Threats to Safety-Critical, Space-Based Infrastructures

NASA Astrophysics Data System (ADS)

Johnson, C. W.; Atencia Yepez, A.

2012-01-01

Space-based systems play an important role within national critical infrastructures. They are being integrated into advanced air-traffic management applications, rail signalling systems, energy distribution software etc. Unfortunately, the end users of communications, location sensing and timing applications often fail to understand that these infrastructures are vulnerable to a wide range of security threats. The following pages focus on concerns associated with potential cyber-attacks. These are important because future attacks may invalidate many of the safety assumptions that support the provision of critical space-based services. These safety assumptions are based on standard forms of hazard analysis that ignore cyber-security considerations This is a significant limitation when, for instance, security attacks can simultaneously exploit multiple vulnerabilities in a manner that would never occur without a deliberate enemy seeking to damage space based systems and ground infrastructures. We address this concern through the development of a combined safety and security risk assessment methodology. The aim is to identify attack scenarios that justify the allocation of additional design resources so that safety barriers can be strengthened to increase our resilience against security threats.

A Probabilistic Framework for Quantifying Mixed Uncertainties in Cyber Attacker Payoffs

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chatterjee, Samrat; Tipireddy, Ramakrishna; Oster, Matthew R.

Quantification and propagation of uncertainties in cyber attacker payoffs is a key aspect within multiplayer, stochastic security games. These payoffs may represent penalties or rewards associated with player actions and are subject to various sources of uncertainty, including: (1) cyber-system state, (2) attacker type, (3) choice of player actions, and (4) cyber-system state transitions over time. Past research has primarily focused on representing defender beliefs about attacker payoffs as point utility estimates. More recently, within the physical security domain, attacker payoff uncertainties have been represented as Uniform and Gaussian probability distributions, and mathematical intervals. For cyber-systems, probability distributions may helpmore » address statistical (aleatory) uncertainties where the defender may assume inherent variability or randomness in the factors contributing to the attacker payoffs. However, systematic (epistemic) uncertainties may exist, where the defender may not have sufficient knowledge or there is insufficient information about the attacker’s payoff generation mechanism. Such epistemic uncertainties are more suitably represented as generalizations of probability boxes. This paper explores the mathematical treatment of such mixed payoff uncertainties. A conditional probabilistic reasoning approach is adopted to organize the dependencies between a cyber-system’s state, attacker type, player actions, and state transitions. This also enables the application of probabilistic theories to propagate various uncertainties in the attacker payoffs. An example implementation of this probabilistic framework and resulting attacker payoff distributions are discussed. A goal of this paper is also to highlight this uncertainty quantification problem space to the cyber security research community and encourage further advancements in this area.« less

The Cyber Security Crisis

DOE Office of Scientific and Technical Information (OSTI.GOV)

Spafford, Eugene

2006-05-10

Despite considerable activity and attention, the overall state of information security continues to get worse. Attacks are increasing, fraud and theft are rising, and losses may exceed $100 billion per year worldwide. Many factors contribute to this, including misplaced incentives for industry, a lack of attention by government, ineffective law enforcement, and an uninformed image of who the perpetrators really are. As a result, many of the intended attempts at solutions are of limited (if any) overall effectiveness. This presentation will illustrate some key aspects of the cyber security problem and its magnitude, as well as provide some insight intomore » causes and enabling factors. The talk will conclude with some observations on how the computing community can help improve the situation, as well as some suggestions for 'cyber self-defense.'« less

Cyber Security for Lighting Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

None

Fact sheet discusses cyber threats unique to lighting control systems in buildings and helps facility managers identify the types of lighting control systems that could introduce cybersecurity risks. Download the fact sheet.

The European cooperative approach to securing critical information infrastructure.

PubMed

Purser, Steve

2011-10-01

This paper provides an overview of the EU approach to securing critical information infrastructure, as defined in the Action Plan contained in the Commission Communication of March 2009, entitled 'Protecting Europe from large-scale cyber-attacks and disruptions: enhancing preparedness, security and resilience' and further elaborated by the Communication of May 2011 on critical Information infrastructure protection 'Achievements and next steps: towards global cyber-security'. After explaining the need for pan-European cooperation in this area, the CIIP Action Plan is explained in detail. Finally, the current state of progress is summarised together with the proposed next steps.

76 FR 57026 - Air Force Scientific Advisory Board Notice of Meeting

Federal Register 2010, 2011, 2012, 2013, 2014

2011-09-15

... and Technology plan emphasizing next generation energy, autonomy, sustainment, cyber, and ISR... secure cyber ops; acquisition challenges amid new era of defense policy and lessons learned from...

SecureCPS: Defending a nanosatellite cyber-physical system

NASA Astrophysics Data System (ADS)

Forbes, Lance; Vu, Huy; Udrea, Bogdan; Hagar, Hamilton; Koutsoukos, Xenofon D.; Yampolskiy, Mark

2014-06-01

Recent inexpensive nanosatellite designs employ maneuvering thrusters, much as large satellites have done for decades. However, because a maneuvering nanosatellite can threaten HVAs on-­orbit, it must provide a level of security typically reserved for HVAs. Securing nanosatellites with maneuvering capability is challenging due to extreme cost, size, and power constraints. While still in the design process, our low-­cost SecureCPS architecture promises to dramatically improve security, to include preempting unknown binaries and detecting abnormal behavior. SecureCPS also applies to a broad class of cyber-­physical systems (CPS), such as aircraft, cars, and trains. This paper focuses on Embry-­Riddle's ARAPAIMA nanosatellite architecture, where we assume any off-­the-­shelf component could be compromised by a supply chain attack.1 Based on these assumptions, we have used Vanderbilt's Cyber Physical -­ Attack Description Language (CP-­ADL) to represent realistic attacks, analyze how these attacks propagate in the ARAPAIMA architecture, and how to defeat them using the combination of a low-­cost Root of Trust (RoT) Module, Global InfoTek's Advanced Malware Analysis System (GAMAS), and Anomaly Detection by Machine Learning (ADML).2 Our most recent efforts focus on refining and validating the design of SecureCPS.

Business continuity strategies for cyber defence: battling time and information overload.

PubMed

Streufert, John

2010-11-01

Can the same numbers and letters which are the life blood of modern business and government computer systems be harnessed to protect computers from attack against known information security risks? For the past seven years, Foreign Service officers and technicians of the US Government have sought to maintain diplomatic operations in the face of rising cyber attacks and test the hypothesis that an ounce of prevention is worth a pound of cure. As eight out of ten attacks leverage known computer security vulnerabilities or configuration setting weaknesses, a pound of cure would seem to be easy to come by. Yet modern security tools present an unusually consequential threat to business continuity - too much rather than too little information on cyber problems is presented, harking back to a phenomenon cited by social scientists in the 1960s called 'information overload'. Experience indicates that the longer the most serious cyber problems go untreated, the wider the attack surface adversaries can find. One technique used at the Department of State, called 'risk scoring', resulted in an 89 per cent overall reduction in measured risk over 12 months for the Department of State's servers and personal computers. Later refinements of risk scoring enabled technicians to correct unique security threats with unprecedented speed. This paper explores how the use of metrics, special care in presenting information to technicians and executives alike, as well as tactical use of organisational incentives can result in stronger cyber defences protecting modern organisations.

Cyber Vulnerabilities Within Critical Infrastructure: The Flaws of Industrial Control Systems in the Oil and Gas Industry

NASA Astrophysics Data System (ADS)

Alpi, Danielle Marie

The 16 sectors of critical infrastructure in the US are susceptible to cyber-attacks. Potential attacks come from internal and external threats. These attacks target the industrial control systems (ICS) of companies within critical infrastructure. Weakness in the energy sector's ICS, specifically the oil and gas industry, can result in economic and ecological disaster. The purpose of this study was to establish means for oil companies to identify and stop cyber-attacks specifically APT threats. This research reviewed current cyber vulnerabilities and ways in which a cyber-attack may be deterred. This research found that there are insecure devices within ICS that are not regularly updated. Therefore, security issues have amassed. Safety procedures and training thereof are often neglected. Jurisdiction is unclear in regard to critical infrastructure. The recommendations this research offers are further examination of information sharing methods, development of analytic platforms, and better methods for the implementation of defense-in-depth security measures.

Maritime Cyber Security University Research

DTIC Science & Technology

2016-05-01

traffic so vital to the global economy . The vulnerabilities associated with reliance on digital systems in the maritime environment must be continuously...Abstract (MAXIMUM 200 WORDS) Modern maritime systems are highly complex digital systems to ensure the safety and efficient operation of the shipping...integrity of the entrances to our " digital ports" and work to develop practical cyber security solutions to protect the nation’s maritime

Maritime Cyber Security University Research: Phase 1

DTIC Science & Technology

2016-05-01

the global economy . The vulnerabilities associated with reliance on digital systems in the maritime environment must be continuously examined. System...Report: Modern maritime systems are highly complex digital systems to ensure the safety and efficient operation of the shipping traffic so vital to...entrances to our " digital ports" and work to develop practical cyber security solutions to protect the nation’s maritime infrastructure. 17. Key

2017 Cybersecurity Workshop: Cross Cutting Panel - Video Text Version |

Science.gov Websites

we can bring to the table is really - we describe high value networks. So some people might talk that when they fund projects in ERE that they are informed with cyber security, that there's some scope think we should have Mark actually come out and do that discussion. When we talk about cyber security to

Cyber Culture and Personnel Security: Report 2 - Ethnographic Analysis of Second Life

DTIC Science & Technology

2011-07-01

respondents reported experiencing highly stressful events during their early childhood , albeit to varying degrees. These events included divorce ...adjudication, and continuous evaluation phases. Moreover, personnel’s activities in the cyber world may negatively affect their judgment, day-to-day...described below: Behaviors That Can be Used to Negatively Influence Personnel A core concern for personnel security is that individuals might become

Nuclear Lessons for Cyber Security

DTIC Science & Technology

2011-01-01

major kinetic violence. In the physical world, governments have a near monopoly on large - scale use of force, the defender has an intimate knowledge of...with this transformative technology. Until now, the issue of cyber security has largely been the domain of computer experts and specialists. When the...with increasing economic returns to scale and political practices that make jurisdictional control difficult. Attacks from the informational realm

Influence Operations and the Internet: A 21st Century Issue. Legal, Doctrinal and Policy Challenges in the Cyber World

DTIC Science & Technology

2010-02-17

create a single set of cyberlaws and procedures internationally in order to insure that there is no safe harbor for cyber criminals .”55 PUTTING IT ALL...TOGETHER – OPERATIONAL EXAMPLES Cyber criminals would include state and non-state actors threatening our security. Assuming all of the previous

Joint Interagency Coordination Group - Cyber: Empowering the Combatant Commanders against the no-borders threat

DTIC Science & Technology

2009-05-04

inconvenience and denial of Internet service, CNAs pose a threat to national security, if the right computer is hacked , to every day operations, if baking...expert J3: Current Operations Rep Private Sector/Civilian: cyber/CNA SME J5 Future Operations Rep Private Sector/Civilian: cyber/CND SME Table 2

Cyber crimes.

PubMed

Nuzback, Kara

2014-07-01

Since it began offering cyber liability coverage in December 2011, the Texas Medical Liability Trust has received more than 150 cyber liability claims, most of which involved breaches of electronic protected health information. TMLT's cyber liability insurance will protect practices financially should a breach occur. The insurance covers a breach notification to customers and business partners, expenses for legal counsel, information security and forensic data services, public relations support, call center and website support, credit monitoring, and identity theft restoration services.

Department of Defense Information Network (DODIN): A Study of Current Cyber Threats and Best Practices for Network Security

DTIC Science & Technology

2016-06-10

DODIN) is being threatened by state actors, non-state actors, and continuous hacking and cyber-attacks. These threats against the network come in a...variety of forms; physical attacks from radio jamming, logical cyber threats from hacking , or a combination of both physical and logical attacks. Each...year the number of hacking attacks is increasing. Corporations like Symantec publish annual reports on cyber threats and provide tips for best

Integrated situational awareness for cyber attack detection, analysis, and mitigation

NASA Astrophysics Data System (ADS)

Cheng, Yi; Sagduyu, Yalin; Deng, Julia; Li, Jason; Liu, Peng

2012-06-01

Real-time cyberspace situational awareness is critical for securing and protecting today's enterprise networks from various cyber threats. When a security incident occurs, network administrators and security analysts need to know what exactly has happened in the network, why it happened, and what actions or countermeasures should be taken to quickly mitigate the potential impacts. In this paper, we propose an integrated cyberspace situational awareness system for efficient cyber attack detection, analysis and mitigation in large-scale enterprise networks. Essentially, a cyberspace common operational picture will be developed, which is a multi-layer graphical model and can efficiently capture and represent the statuses, relationships, and interdependencies of various entities and elements within and among different levels of a network. Once shared among authorized users, this cyberspace common operational picture can provide an integrated view of the logical, physical, and cyber domains, and a unique visualization of disparate data sets to support decision makers. In addition, advanced analyses, such as Bayesian Network analysis, will be explored to address the information uncertainty, dynamic and complex cyber attack detection, and optimal impact mitigation issues. All the developed technologies will be further integrated into an automatic software toolkit to achieve near real-time cyberspace situational awareness and impact mitigation in large-scale computer networks.

Anatomy of a Security Operations Center

NASA Technical Reports Server (NTRS)

Wang, John

2010-01-01

Many agencies and corporations are either contemplating or in the process of building a cyber Security Operations Center (SOC). Those Agencies that have established SOCs are most likely working on major revisions or enhancements to existing capabilities. As principle developers of the NASA SOC; this Presenters' goals are to provide the GFIRST community with examples of some of the key building blocks of an Agency scale cyber Security Operations Center. This presentation viII include the inputs and outputs, the facilities or shell, as well as the internal components and the processes necessary to maintain the SOC's subsistence - in other words, the anatomy of a SOC. Details to be presented include the SOC architecture and its key components: Tier 1 Call Center, data entry, and incident triage; Tier 2 monitoring, incident handling and tracking; Tier 3 computer forensics, malware analysis, and reverse engineering; Incident Management System; Threat Management System; SOC Portal; Log Aggregation and Security Incident Management (SIM) systems; flow monitoring; IDS; etc. Specific processes and methodologies discussed include Incident States and associated Work Elements; the Incident Management Workflow Process; Cyber Threat Risk Assessment methodology; and Incident Taxonomy. The Evolution of the Cyber Security Operations Center viII be discussed; starting from reactive, to proactive, and finally to proactive. Finally, the resources necessary to establish an Agency scale SOC as well as the lessons learned in the process of standing up a SOC viII be presented.

Infotech. Cyber security. Health care learns to share scares and solutions.

PubMed

Colias, Mike

2004-05-01

Health care information technology leaders and others are coming together to share scary experiences and develop best practices to guard against crippling computer viruses, scheming hackers and other cyber threats.

Taxonomies of Cyber Adversaries and Attacks: A Survey of Incidents and Approaches

DOE Office of Scientific and Technical Information (OSTI.GOV)

Meyers, C A; Powers, S S; Faissol, D M

In this paper we construct taxonomies of cyber adversaries and methods of attack, drawing from a survey of the literature in the area of cyber crime. We begin by addressing the scope of cyber crime, noting its prevalence and effects on the US economy. We then survey the literature on cyber adversaries, presenting a taxonomy of the different types of adversaries and their corresponding methods, motivations, maliciousness, and skill levels. Subsequently we survey the literature on cyber attacks, giving a taxonomy of the different classes of attacks, subtypes, and threat descriptions. The goal of this paper is to inform futuremore » studies of cyber security on the shape and characteristics of the risk space and its associated adversaries.« less

Using agility to combat cyber attacks.

PubMed

Anderson, Kerry

2017-06-01

Some incident response practitioners feel that they have been locked in a battle with cyber criminals since the popular adoption of the internet. Initially, organisations made great inroads in preventing and containing cyber attacks. In the last few years, however, cyber criminals have become adept at eluding defence security technologies and rapidly modifying their exploit strategies for financial or political gains. Similar to changes in military combat tactics, cyber criminals utilise distributed attack cells, real-time communications, and rapidly mutating exploits to minimise the potential for detection. Cyber criminals have changed their attack paradigm. This paper describes a new incident response paradigm aimed at combating the new model of cyber attacks with an emphasis on agility to increase the organisation's ability to respond rapidly to these new challenges.

Using Discrete Event Simulation to Model Attacker Interactions with Cyber and Physical Security Systems

DOE PAGES

Perkins, Casey; Muller, George

2015-10-08

The number of connections between physical and cyber security systems is rapidly increasing due to centralized control from automated and remotely connected means. As the number of interfaces between systems continues to grow, the interactions and interdependencies between them cannot be ignored. Historically, physical and cyber vulnerability assessments have been performed independently. This independent evaluation omits important aspects of the integrated system, where the impacts resulting from malicious or opportunistic attacks are not easily known or understood. Here, we describe a discrete event simulation model that uses information about integrated physical and cyber security systems, attacker characteristics and simple responsemore » rules to identify key safeguards that limit an attacker's likelihood of success. Key features of the proposed model include comprehensive data generation to support a variety of sophisticated analyses, and full parameterization of safeguard performance characteristics and attacker behaviours to evaluate a range of scenarios. Lastly, we also describe the core data requirements and the network of networks that serves as the underlying simulation structure.« less

Using Discrete Event Simulation to Model Attacker Interactions with Cyber and Physical Security Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Perkins, Casey; Muller, George

The number of connections between physical and cyber security systems is rapidly increasing due to centralized control from automated and remotely connected means. As the number of interfaces between systems continues to grow, the interactions and interdependencies between them cannot be ignored. Historically, physical and cyber vulnerability assessments have been performed independently. This independent evaluation omits important aspects of the integrated system, where the impacts resulting from malicious or opportunistic attacks are not easily known or understood. Here, we describe a discrete event simulation model that uses information about integrated physical and cyber security systems, attacker characteristics and simple responsemore » rules to identify key safeguards that limit an attacker's likelihood of success. Key features of the proposed model include comprehensive data generation to support a variety of sophisticated analyses, and full parameterization of safeguard performance characteristics and attacker behaviours to evaluate a range of scenarios. Lastly, we also describe the core data requirements and the network of networks that serves as the underlying simulation structure.« less

Cyber Friendly Fire: Research Challenges for Security Informatics

DOE Office of Scientific and Technical Information (OSTI.GOV)

Greitzer, Frank L.; Carroll, Thomas E.; Roberts, Adam D.

This paper addresses cognitive implications and research needs surrounding the problem of cyber friendly fire (FF). We define cyber FF as intentional offensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintention-ally harms the mission effectiveness of friendly or neutral forces. Just as with combat friendly fire, maintaining situation awareness (SA) is paramount to avoiding cyber FF incidents. Cyber SA concerns knowledge of a system’s topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components thatmore » comprise the system and its nodes, the nature of the activities or work performed, and the available defensive and offensive countermeasures that may be applied to thwart network attacks. Mitigation strategies to combat cyber FF— including both training concepts and suggestions for decision aids and visualization approaches—are discussed.« less

Expanding the Department of Defense’s Role in Cyber Civil Support

DTIC Science & Technology

2011-06-17

vulnerability of this very crucial domain. They include the Y2K problem, the Estonia cyber-attacks in 2007, and the role of cyber in the Russian-Georgia...cyber security vulnerabilities associated with critical infrastructure. The Year 2000 Challenge The Year 2000 ( Y2K ) problem was the result of...and microprocessors failed to make the correct transition from 1999 to 2000.19 One of the most critical concerns with Y2K was the potential cascading

76 FR 67472 - Order of Succession for the Office of the Chief Information Officer

Federal Register 2010, 2011, 2012, 2013, 2014

2011-11-01

...: Juanita Galbreath, Deputy Chief Information Officer for Cyber Security and Privacy, Office of the Chief...) Deputy Chief Information Officer, for IT Operations; (3) Deputy Chief Information Officer, for Cyber...

78 FR 66603 - Critical Infrastructure Security and Resilience Month, 2013

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-05

... shore up our defenses against physical and cyber incidents. In tandem with my Executive Order on... hazards including terrorism and natural disasters, as well as cyber attacks. We must ensure that the...

ATIP Report: Cyber Security Research in China

DTIC Science & Technology

2015-06-05

vulnerabilities. ATIP Document ID: 150605AR CYBER SECURITY RESEARCH IN CHINA 17 Le GUAN et al. at SKLOIS of IIE, CAS proposed a solution named “ Mimosa ...that protects RSA private keys against the above software-based and physical memory attacks. When the Mimosa service is in idle, private keys are...encrypted and reside in memory as ciphertext. During the cryptographic computing, Mimosa uses hardware transactional memory (HTM) to ensure that (a

Overview of the CERT Resilience Management Model (CERT-RMM)

DTIC Science & Technology

2014-01-23

Management Model (CERT®-RMM) Jim Cebula Technical Manager - Cyber Risk Management , CERT® Division Jim Cebula is the Technical Manager of the...Cyber Risk Management team in the Cyber Security Solutions Directorate of the CERT Division at the Software Engineering Institute (SEI), a unit of...Carnegie Mellon University. Cebula’s current activities include risk management methods along with assessment and management of operational

R&D100 Finalist: Neuromorphic Cyber Microscope

DOE Office of Scientific and Technical Information (OSTI.GOV)

Follett, David; Naegle, John; Suppona, Roger

The Neuromorphic Cyber Microscope provides security analysts with unprecedented visibility of their network, computer and storage assets. This processor is the world's first practical implementation of neuromorphic technology to a major computer science mission. Working with Lewis Rhodes Labs, engineers at Sandia National Laboratories have created a device that is orders of magnitude faster at analyzing data to identify cyber-attacks.

Cyber threats to health information systems: A systematic review.

PubMed

Luna, Raul; Rhine, Emily; Myhra, Matthew; Sullivan, Ross; Kruse, Clemens Scott

2016-01-01

Recent legislation empowering providers to embrace the electronic exchange of health information leaves the healthcare industry increasingly vulnerable to cybercrime. The objective of this systematic review is to identify the biggest threats to healthcare via cybercrime. The rationale behind this systematic review is to provide a framework for future research by identifying themes and trends of cybercrime in the healthcare industry. The authors conducted a systematic search through the CINAHL, Academic Search Complete, PubMed, and ScienceDirect databases to gather literature relative to cyber threats in healthcare. All authors reviewed the articles collected and excluded literature that did not focus on the objective. Researchers selected and examined 19 articles for common themes. The most prevalent cyber-criminal activity in healthcare is identity theft through data breach. Other concepts identified are internal threats, external threats, cyber-squatting, and cyberterrorism. The industry has now come to rely heavily on digital technologies, which increase risks such as denial of service and data breaches. Current healthcare cyber-security systems do not rival the capabilities of cyber criminals. Security of information is a costly resource and therefore many HCOs may hesitate to invest what is required to protect sensitive information.

Cyber Threat and Vulnerability Analysis of the U.S. Electric Sector

DOE Office of Scientific and Technical Information (OSTI.GOV)

Glenn, Colleen; Sterbentz, Dane; Wright, Aaron

With utilities in the U.S. and around the world increasingly moving toward smart grid technology and other upgrades with inherent cyber vulnerabilities, correlative threats from malicious cyber attacks on the North American electric grid continue to grow in frequency and sophistication. The potential for malicious actors to access and adversely affect physical electricity assets of U.S. electricity generation, transmission, or distribution systems via cyber means is a primary concern for utilities contributing to the bulk electric system. This paper seeks to illustrate the current cyber-physical landscape of the U.S. electric sector in the context of its vulnerabilities to cyber attacks,more » the likelihood of cyber attacks, and the impacts cyber events and threat actors can achieve on the power grid. In addition, this paper highlights utility perspectives, perceived challenges, and requests for assistance in addressing cyber threats to the electric sector. There have been no reported targeted cyber attacks carried out against utilities in the U.S. that have resulted in permanent or long term damage to power system operations thus far, yet electric utilities throughout the U.S. have seen a steady rise in cyber and physical security related events that continue to raise concern. Asset owners and operators understand that the effects of a coordinated cyber and physical attack on a utility’s operations would threaten electric system reliability–and potentially result in large scale power outages. Utilities are routinely faced with new challenges for dealing with these cyber threats to the grid and consequently maintain a set of best practices to keep systems secure and up to date. Among the greatest challenges is a lack of knowledge or strategy to mitigate new risks that emerge as a result of an exponential rise in complexity of modern control systems. This paper compiles an open-source analysis of cyber threats and risks to the electric grid, utility best practices for prevention and response to cyber threats, and utility suggestions about how the federal government can aid utilities in combating and mitigating risks.« less

CYBER-205 Devectorizer

NASA Technical Reports Server (NTRS)

Lakeotes, Christopher D.

1990-01-01

DEVECT (CYBER-205 Devectorizer) is CYBER-205 FORTRAN source-language-preprocessor computer program reducing vector statements to standard FORTRAN. In addition, DEVECT has many other standard and optional features simplifying conversion of vector-processor programs for CYBER 200 to other computers. Written in FORTRAN IV.

A macro-economic framework for evaluation of cyber security risks related to protection of intellectual property.

PubMed

Andrijcic, Eva; Horowitz, Barry

2006-08-01

The article is based on the premise that, from a macro-economic viewpoint, cyber attacks with long-lasting effects are the most economically significant, and as a result require more attention than attacks with short-lasting effects that have historically been more represented in literature. In particular, the article deals with evaluation of cyber security risks related to one type of attack with long-lasting effects, namely, theft of intellectual property (IP) by foreign perpetrators. An International Consequence Analysis Framework is presented to determine (1) the potential macro-economic consequences of cyber attacks that result in stolen IP from companies in the United States, and (2) the likely sources of such attacks. The framework presented focuses on IP theft that enables foreign companies to make economic gains that would have otherwise benefited the U.S. economy. Initial results are presented.

Designing and Operating Through Compromise: Architectural Analysis of CKMS for the Advanced Metering Infrastructure

DOE Office of Scientific and Technical Information (OSTI.GOV)

Duren, Mike; Aldridge, Hal; Abercrombie, Robert K

2013-01-01

Compromises attributable to the Advanced Persistent Threat (APT) highlight the necessity for constant vigilance. The APT provides a new perspective on security metrics (e.g., statistics based cyber security) and quantitative risk assessments. We consider design principals and models/tools that provide high assurance for energy delivery systems (EDS) operations regardless of the state of compromise. Cryptographic keys must be securely exchanged, then held and protected on either end of a communications link. This is challenging for a utility with numerous substations that must secure the intelligent electronic devices (IEDs) that may comprise complex control system of systems. For example, distribution andmore » management of keys among the millions of intelligent meters within the Advanced Metering Infrastructure (AMI) is being implemented as part of the National Smart Grid initiative. Without a means for a secure cryptographic key management system (CKMS) no cryptographic solution can be widely deployed to protect the EDS infrastructure from cyber-attack. We consider 1) how security modeling is applied to key management and cyber security concerns on a continuous basis from design through operation, 2) how trusted models and key management architectures greatly impact failure scenarios, and 3) how hardware-enabled trust is a critical element to detecting, surviving, and recovering from attack.« less

Process Security in Chemical Engineering Education

ERIC Educational Resources Information Center

Piluso, Cristina; Uygun, Korkut; Huang, Yinlun; Lou, Helen H.

2005-01-01

The threats of terrorism have greatly alerted the chemical process industries to assure plant security at all levels: infrastructure-improvement-focused physical security, information-protection-focused cyber security, and design-and-operation-improvement-focused process security. While developing effective plant security methods and technologies…

Measuring and Inferring the State of the User via the Microsoft Kinect with Application to Cyber Security Research

DTIC Science & Technology

2018-01-16

ARL-TN-0864 ● JAN 2018 US Army Research Laboratory Measuring and Inferring the State of the User via the Microsoft Kinect with...Application to Cyber Security Research by Christopher J Garneau Approved for public release; distribution is unlimited...this report when it is no longer needed. Do not return it to the originator. ARL-TN-0864● JAN 2018 US Army Research Laboratory

Russia’s Proposal for a European Security Treaty: Motives and Implications

DTIC Science & Technology

2010-09-01

their relations in the spirit of friendship and cooperation in conformity with international law.”17 The preamble states that the parties would be...ways. For example, thirty-five years ago, few could imagine that cyber security would become a significant trans-national threat. The bottom line is...supply cutoffs, cyber attacks, and export bans, which have significantly affected European neighbors. Furthermore, Moscow itself violates Article 1 of

Cyberculture and Personnel Security: Report 1 - Orientation, Concerns, and Needs

DTIC Science & Technology

2011-05-01

criteria for Internet addiction. Cyber Psychology and Behavior, 4, 377-383. Bender, B. (2010). Pentagon workers tied to child porn . Retrieved July 30...C. (2007). Virtual child porn riles law enforcement. Retrieved July 29, 2010, from http://abcnews.go.com/TheLaw/story?id=3159871 Frontline. (2009...counterintelligence efforts that must be discussed in a secure forum (Chabinsky, 2009). Some of the cyber crimes tackled by the FBI include child

Security analysis of cyber-physical system

NASA Astrophysics Data System (ADS)

Li, Bo; Zhang, Lichen

2017-05-01

In recent years, Cyber-Physical System (CPS) has become an important research direction of academic circles and scientific and technological circles at home and abroad, is considered to be following the third wave of world information technology after the computer, the Internet. PS is a multi-dimensional, heterogeneous, deep integration of open systems, Involving the computer, communication, control and other disciplines of knowledge. As the various disciplines in the research theory and methods are significantly different, so the application of CPS has brought great challenges. This paper introduces the definition and characteristics of CPS, analyzes the current situation of CPS, analyzes the security threats faced by CPS, and gives the security solution for security threats. It also discusses CPS-specific security technology, to promote the healthy development of CPS in information security.

75 FR 59278 - Homeland Security Advisory Council

Federal Register 2010, 2011, 2012, 2013, 2014

2010-09-27

... information among TSA and federal and local law enforcement agencies concerning transportation infrastructure... about the potential capabilities and vulnerabilities identified in a cyber exercise and discuss... Operational Improvements. Lessons Learned from the cyber exercise. Basis for Closure: In accordance with...

Secure estimation, control and optimization of uncertain cyber-physical systems with applications to power networks

NASA Astrophysics Data System (ADS)

Taha, Ahmad Fayez

Transportation networks, wearable devices, energy systems, and the book you are reading now are all ubiquitous cyber-physical systems (CPS). These inherently uncertain systems combine physical phenomena with communication, data processing, control and optimization. Many CPSs are controlled and monitored by real-time control systems that use communication networks to transmit and receive data from systems modeled by physical processes. Existing studies have addressed a breadth of challenges related to the design of CPSs. However, there is a lack of studies on uncertain CPSs subject to dynamic unknown inputs and cyber-attacks---an artifact of the insertion of communication networks and the growing complexity of CPSs. The objective of this dissertation is to create secure, computational foundations for uncertain CPSs by establishing a framework to control, estimate and optimize the operation of these systems. With major emphasis on power networks, the dissertation deals with the design of secure computational methods for uncertain CPSs, focusing on three crucial issues---(1) cyber-security and risk-mitigation, (2) network-induced time-delays and perturbations and (3) the encompassed extreme time-scales. The dissertation consists of four parts. In the first part, we investigate dynamic state estimation (DSE) methods and rigorously examine the strengths and weaknesses of the proposed routines under dynamic attack-vectors and unknown inputs. In the second part, and utilizing high-frequency measurements in smart grids and the developed DSE methods in the first part, we present a risk mitigation strategy that minimizes the encountered threat levels, while ensuring the continual observability of the system through available, safe measurements. The developed methods in the first two parts rely on the assumption that the uncertain CPS is not experiencing time-delays, an assumption that might fail under certain conditions. To overcome this challenge, networked unknown input observers---observers/estimators for uncertain CPSs---are designed such that the effect of time-delays and cyber-induced perturbations are minimized, enabling secure DSE and risk mitigation in the first two parts. The final part deals with the extreme time-scales encompassed in CPSs, generally, and smart grids, specifically. Operational decisions for long time-scales can adversely affect the security of CPSs for faster time-scales. We present a model that jointly describes steady-state operation and transient stability by combining convex optimal power flow with semidefinite programming formulations of an optimal control problem. This approach can be jointly utilized with the aforementioned parts of the dissertation work, considering time-delays and DSE. The research contributions of this dissertation furnish CPS stakeholders with insights on the design and operation of uncertain CPSs, whilst guaranteeing the system's real-time safety. Finally, although many of the results of this dissertation are tailored to power systems, the results are general enough to be applied for a variety of uncertain CPSs.

Air Force IT System Security Compliance with Law and Policy

DTIC Science & Technology

2016-04-01

production /1/saf_cio_a6/publication/afpd33-2/afpd33-2.pdf 21 AFI33-210, Air Force Certification and Accreditation Program (AFCAP), October 2014: http...cyber systems for support and operation. Today’s system certification and compliancy tracking methods are very costly, time intensive, unrealistic...and often lag behind operational and test requirements. However, with changes to policy and implementation requirements, the IT system certification

Towards a Standard for Highly Secure SCADA Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Carlson, R.

1998-09-25

The critical energy inkstructures include gas, OL and electric power. These Mrastructures are complex and interdependent nmvorks that are vital to the national secwiy and social well being of our nation. Many electric power systems depend upon gas and oil, while fossil energy delive~ systems depend upon elecnic power. The control mechanisms for these Mrastructures are often referred to as SCADA (Supmivry CkmdandDaU Ac@itz&z) systems. SCADA systems provide remote monitoring and centralized control for a distributed tmnsportation infmsmucture in order to facilitate delivery of a commodi~. AIthough many of the SCADA concepts developed in this paper can be applied tomore » automotive mmsponation systems, we will use transportation to refer to the movement of electrici~, gas, and oil. \\ Recently, there have been seveml reports suggesting that the widespread and increasing use of SCADA for control of energy systems provides an increasing opportuni~ for an advers~ to cause serious darnage to the energy inbstmcturei~. This damage could arise through cyber infiltration of the SCADA networks, by physically tampering with the control networks, or through a combination of both means. SCADA system threats decompose into cyber and physical threats. One solution to the SCADA security problem is to design a standard for a highly secure KA.DA system that is both cyber, and physdly secure. Not all-physical threats are possible to guard again% but of those threats that are, high security SCADA provides confidence that the system will continue to operate in their presence. One of the most important problems in SCADA securi~ is the relationship between the cyber and physical vulnerabilities. Cyber intrusion increases physical Vulnerabilities, while in the dual problem physical tampering increases cyber vulnerabilit.ies. There is potential for feedback and the precise dynamics need to be understood. As a first step towards a stan~ the goal of this paper is to facilitate a discussion of the requirements analysis for a highly secure SCADA system. The fi-arnework for the discussion consists of the identification of SCADA security investment areas coupled with the tradeoffs that will force compromises in the solution. For example, computational and bandwidth requirements of a security standard could force the replacement of entire SCADA systems. The requirements for a real-time response in a cascading electric power failure could pose limitations on authentication and encryption mechanisms. The shortest path to the development of a high securi~ SC.ADA standard will be achieved by leveraging existing standards efforts and ensuring that security is being properly addressed in those standards. The Utility Communications Architecture 2.o (UC@, for real-time utili~ decision control, represents one such standard. The development of a SCADA secwiy specification is a complex task that will benefit from a systems engineering approach.« less

Protecting ICS Systems Within the Energy Sector from Cyber Attacks

NASA Astrophysics Data System (ADS)

Barnes, Shaquille

Advance persistent threat (APT) groups are continuing to attack the energy sector through cyberspace, which poses a risk to our society, national security, and economy. Industrial control systems (ICSs) are not designed to handle cyber-attacks, which is why asset owners need to implement the correct proactive and reactive measures to mitigate the risk to their ICS environments. The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) responded to 290 incidents for fiscal year 2016, where 59 of those incidents came from the Energy Sector. APT groups know how vulnerable energy sector ICS systems are and the destruction they can cause when they go offline such as loss of production, loss of life, and economic impact. Defending against APT groups requires more than just passive controls such as firewalls and antivirus solutions. Asset owners should implement a combination of best practices and active defense in their environment to defend against APT groups. Cyber-attacks against critical infrastructure will become more complex and harder to detect and respond to with traditional security controls. The purpose of this paper was to provide asset owners with the correct security controls and methodologies to help defend against APT groups.

Cyber security risk assessment for SCADA and DCS networks.

PubMed

Ralston, P A S; Graham, J H; Hieb, J L

2007-10-01

The growing dependence of critical infrastructures and industrial automation on interconnected physical and cyber-based control systems has resulted in a growing and previously unforeseen cyber security threat to supervisory control and data acquisition (SCADA) and distributed control systems (DCSs). It is critical that engineers and managers understand these issues and know how to locate the information they need. This paper provides a broad overview of cyber security and risk assessment for SCADA and DCS, introduces the main industry organizations and government groups working in this area, and gives a comprehensive review of the literature to date. Major concepts related to the risk assessment methods are introduced with references cited for more detail. Included are risk assessment methods such as HHM, IIM, and RFRM which have been applied successfully to SCADA systems with many interdependencies and have highlighted the need for quantifiable metrics. Presented in broad terms is probability risk analysis (PRA) which includes methods such as FTA, ETA, and FEMA. The paper concludes with a general discussion of two recent methods (one based on compromise graphs and one on augmented vulnerability trees) that quantitatively determine the probability of an attack, the impact of the attack, and the reduction in risk associated with a particular countermeasure.

3 CFR 9047 - Proclamation 9047 of October 31, 2013. Critical Infrastructure Security and Resilience Month, 2013

Code of Federal Regulations, 2014 CFR

2014-01-01

... defenses against physical and cyber incidents. In tandem with my Executive Order on cybersecurity, this... natural disasters, as well as cyber attacks. We must ensure that the Federal Government works with all...

The Rise of China: Redefining War in the 21st Century

DTIC Science & Technology

2012-03-22

Hegemony, Africa, Cold War, Cyber Attack, Deficit 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT 18. NUMBER OF PAGES 19a. NAME OF...FORMAT: Strategy Research Project DATE: 22 March 2012 WORD COUNT: 5,825 PAGES: 30 KEY TERMS: Debt, Security, Hegemony, Africa, Cold War, Cyber ...significantly increasing economic aid. But it’s hard to buy affection; such ‘ friendship ’ does not stand the test of difficult times.”42 The United

MNE7 Access to the Global Commons Outcome 3 Cyber Domain. Objective 3.5 Cyber Situational Awareness. Concept of Employment for Cyber Situational Awareness Within the Global Commons Version 1.0

DTIC Science & Technology

2013-02-25

such as authentication , protocols, and ‘signature’ management exist but the imposition of such techniques must be balan 15p the legal requirements...gulation, mation face onflicting pressures to keep this data secure and yet allow access by authorised users. in the sharing network should be

Three tenets for secure cyber-physical system design and assessment

NASA Astrophysics Data System (ADS)

Hughes, Jeff; Cybenko, George

2014-06-01

This paper presents a threat-driven quantitative mathematical framework for secure cyber-physical system design and assessment. Called The Three Tenets, this originally empirical approach has been used by the US Air Force Research Laboratory (AFRL) for secure system research and development. The Tenets were first documented in 2005 as a teachable methodology. The Tenets are motivated by a system threat model that itself consists of three elements which must exist for successful attacks to occur: - system susceptibility; - threat accessibility and; - threat capability. The Three Tenets arise naturally by countering each threat element individually. Specifically, the tenets are: Tenet 1: Focus on What's Critical - systems should include only essential functions (to reduce susceptibility); Tenet 2: Move Key Assets Out-of-Band - make mission essential elements and security controls difficult for attackers to reach logically and physically (to reduce accessibility); Tenet 3: Detect, React, Adapt - confound the attacker by implementing sensing system elements with dynamic response technologies (to counteract the attackers' capabilities). As a design methodology, the Tenets mitigate reverse engineering and subsequent attacks on complex systems. Quantified by a Bayesian analysis and further justified by analytic properties of attack graph models, the Tenets suggest concrete cyber security metrics for system assessment.

Protecting drinking water utilities from cyberthreats

DOE PAGES

Clark, Robert M.; Panguluri, Srinivas; Nelson, Trent D.; ...

2017-02-01

Cyber-security challenges have the potential for becoming one of the defining issues of our time. Cyber-attacks have become an ever-increasing threat and the United States (US) Federal Bureau of Investigation (FBI) now ranks cyber-crime as one of its most important law enforcement activities. In addition to the general problems associated with cyber-crime, critical infrastructure (CI) related to energy production, manufacturing, water supply and other systems have come under attack. For example, drinking water utilities are increasingly incorporating computer technology into their routine operations and are therefore increasingly vulnerable to cyber- threats. Systems control and data acquisition (SCADA) systems used tomore » manage automated physical processes essential to water treatment and distribution systems have become standard in medium to large drinking water utilities and in many small water systems. However, even with the application of standard information technology cybersecurity best practices these types of systems have proven to be vulnerable to cyber-attacks. In 2015, the US Department of Homeland Security (DHS) responded to 25 cybersecurity incidents in the Water Sector and to 46 incidents in the Energy Sector. Comparatively, between 2014 and 2015, the reported number of Water Sector incidents actually increased by 78.6% (from 14 to 25). The DHS is in a collaborative partnership with the US Environmental Protection Agency to ensure cybersecurity in the Water Sector. As a result of this partnership a number of guidance documents and techniques have been developed to counter cyber-attacks and minimize cyber vulnerability. These approaches are documented along with a summary of common vulnerabilities. However, a new approach which has great promise in protecting drinking water systems against hacking and cyber-attacks, based on the concept of unidirectional gateways, is presented and discussed.« less

Protecting drinking water utilities from cyberthreats

DOE Office of Scientific and Technical Information (OSTI.GOV)

Clark, Robert M.; Panguluri, Srinivas; Nelson, Trent D.

Cyber-security challenges have the potential for becoming one of the defining issues of our time. Cyber-attacks have become an ever-increasing threat and the United States (US) Federal Bureau of Investigation (FBI) now ranks cyber-crime as one of its most important law enforcement activities. In addition to the general problems associated with cyber-crime, critical infrastructure (CI) related to energy production, manufacturing, water supply and other systems have come under attack. For example, drinking water utilities are increasingly incorporating computer technology into their routine operations and are therefore increasingly vulnerable to cyber- threats. Systems control and data acquisition (SCADA) systems used tomore » manage automated physical processes essential to water treatment and distribution systems have become standard in medium to large drinking water utilities and in many small water systems. However, even with the application of standard information technology cybersecurity best practices these types of systems have proven to be vulnerable to cyber-attacks. In 2015, the US Department of Homeland Security (DHS) responded to 25 cybersecurity incidents in the Water Sector and to 46 incidents in the Energy Sector. Comparatively, between 2014 and 2015, the reported number of Water Sector incidents actually increased by 78.6% (from 14 to 25). The DHS is in a collaborative partnership with the US Environmental Protection Agency to ensure cybersecurity in the Water Sector. As a result of this partnership a number of guidance documents and techniques have been developed to counter cyber-attacks and minimize cyber vulnerability. These approaches are documented along with a summary of common vulnerabilities. However, a new approach which has great promise in protecting drinking water systems against hacking and cyber-attacks, based on the concept of unidirectional gateways, is presented and discussed.« less

Towards an integrated defense system for cyber security situation awareness experiment

NASA Astrophysics Data System (ADS)

Zhang, Hanlin; Wei, Sixiao; Ge, Linqiang; Shen, Dan; Yu, Wei; Blasch, Erik P.; Pham, Khanh D.; Chen, Genshe

2015-05-01

In this paper, an implemented defense system is demonstrated to carry out cyber security situation awareness. The developed system consists of distributed passive and active network sensors designed to effectively capture suspicious information associated with cyber threats, effective detection schemes to accurately distinguish attacks, and network actors to rapidly mitigate attacks. Based on the collected data from network sensors, image-based and signals-based detection schemes are implemented to detect attacks. To further mitigate attacks, deployed dynamic firewalls on hosts dynamically update detection information reported from the detection schemes and block attacks. The experimental results show the effectiveness of the proposed system. A future plan to design an effective defense system is also discussed based on system theory.

75 FR 13258 - Announcing a Meeting of the Information Security and Privacy Advisory Board

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-19

.../index.html/ . Agenda: --Cloud Computing Implementations --Health IT --OpenID --Pending Cyber Security... will be available for the public and media. --OpenID --Cloud Computing Implementations --Security...

Cyber threat model for tactical radio networks

NASA Astrophysics Data System (ADS)

Kurdziel, Michael T.

2014-05-01

The shift to a full information-centric paradigm in the battlefield has allowed ConOps to be developed that are only possible using modern network communications systems. Securing these Tactical Networks without impacting their capabilities has been a challenge. Tactical networks with fixed infrastructure have similar vulnerabilities to their commercial counterparts (although they need to be secure against adversaries with greater capabilities, resources and motivation). However, networks with mobile infrastructure components and Mobile Ad hoc Networks (MANets) have additional unique vulnerabilities that must be considered. It is useful to examine Tactical Network based ConOps and use them to construct a threat model and baseline cyber security requirements for Tactical Networks with fixed infrastructure, mobile infrastructure and/or ad hoc modes of operation. This paper will present an introduction to threat model assessment. A definition and detailed discussion of a Tactical Network threat model is also presented. Finally, the model is used to derive baseline requirements that can be used to design or evaluate a cyber security solution that can be scaled and adapted to the needs of specific deployments.

Network systems security analysis

NASA Astrophysics Data System (ADS)

Yilmaz, Ä.°smail

2015-05-01

Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

Sandia National Laboratories: National Security Missions: Global Security

Science.gov Websites

Involvement News News Releases Media Contacts & Resources Lab News Image Gallery Publications Annual Library Events Careers View All Jobs Students & Postdocs Internships & Co-ops Fellowships Security Image Cyber and Infrastructure Security Advanced analyses and technologies for securing the

DOE Office of Scientific and Technical Information (OSTI.GOV)

Onyeji, Ijeoma; Bazilian, Morgan; Bronk, Chris

Both the number and security implications of sophisticated cyber attacks on companies providing critical energy infrastructures are increasing. As power networks and, to a certain extent, oil and gas infrastructure both upstream and downstream, are becoming increasingly integrated with information communication technology systems, they are growing more susceptible to cyber attacks.

Resurrecting Letters of Marque and Reprisal to Address Modern Threats

DTIC Science & Technology

2013-03-01

history 4 and economics. Unfortunately, bringing maritime pirates and cyber criminals to justice has proven difficult under current norms of... cyber criminals have cost companies and consumers hundreds of millions of dollars and valuable intellectual property.79 The National Security Strategy

Providing security for automated process control systems at hydropower engineering facilities

NASA Astrophysics Data System (ADS)

Vasiliev, Y. S.; Zegzhda, P. D.; Zegzhda, D. P.

2016-12-01

This article suggests the concept of a cyberphysical system to manage computer security of automated process control systems at hydropower engineering facilities. According to the authors, this system consists of a set of information processing tools and computer-controlled physical devices. Examples of cyber attacks on power engineering facilities are provided, and a strategy of improving cybersecurity of hydropower engineering systems is suggested. The architecture of the multilevel protection of the automated process control system (APCS) of power engineering facilities is given, including security systems, control systems, access control, encryption, secure virtual private network of subsystems for monitoring and analysis of security events. The distinctive aspect of the approach is consideration of interrelations and cyber threats, arising when SCADA is integrated with the unified enterprise information system.

Achieving Cyber Resilience, Reducing Cybercrime and Increasing Cyber Defense Capabilities: Where Should the U.S. Department of Defense Concentrate Today to Prevent Cyberattacks of Significant Consequence

DTIC Science & Technology

2016-04-24

the Cybersecurity in the United States – Brief Overview 13 2.1. Data Breaches in the United States 14 2.2. Security and...Capacity to Defend 15 2.2.1. Cybersecurity Capabilities in the United States 18 2.3. Internationalization of Cybersecurity ...The Department of Homeland Security (DHS) Org Chart 43 2.2.1.2 National Cybersecurity and Communications Integration Center (NCCIC) Org

Tactical Cyber: Building a Strategy for Cyber Support to Corps and Below

DTIC Science & Technology

2017-01-01

freedom of maneuver.2 And the proliferation of social media , unmanned systems, and other informa- tion and communication technologies among adversaries and...effects through cyber operations 2.1.1. Deny/degrade/disrupt enemy communication that uses the “local Internet” and social media for C2 and propaganda...policy challenges to help make communities throughout the world safer and more secure, healthier and more prosperous. RAND is nonprofit, nonpartisan

CyberTerrorism: Cyber Prevention vs Cyber Recovery

DTIC Science & Technology

2007-12-01

appropriate available security measures (i.e. appropriate level of spy ware, IDS, and antivirus protection software installed) are unaffected by worm attacks...a worm is a form of a virus designed to copy itself by utilizing e-mail or other software applications. The main goal of using this technique is...to permeate the network or portions of the Internet with malicious code that will affect the performance of certain software applications or will

DOE Office of Scientific and Technical Information (OSTI.GOV)

Laughlin, Gary L.

The International, Homeland, and Nuclear Security (IHNS) Program Management Unit (PMU) oversees a broad portfolio of Sandia’s programs in areas ranging from global nuclear security to critical asset protection. We use science and technology, innovative research, and global engagement to counter threats, reduce dangers, and respond to disasters. The PMU draws on the skills of scientists and engineers from across Sandia. Our programs focus on protecting US government installations, safeguarding nuclear weapons and materials, facilitating nonproliferation activities, securing infrastructures, countering chemical and biological dangers, and reducing the risk of terrorist threats. We conduct research in risk and threat analysis, monitoringmore » and detection, decontamination and recovery, and situational awareness. We develop technologies for verifying arms control agreements, neutralizing dangerous materials, detecting intruders, and strengthening resiliency. Our programs use Sandia’s High-Performance Computing resources for predictive modeling and simulation of interdependent systems, for modeling dynamic threats and forecasting adaptive behavior, and for enabling decision support and processing large cyber data streams. In this report, we highlight four advanced computation projects that illustrate the breadth of the IHNS mission space.« less

77 FR 51817 - National Maritime Security Advisory Committee; Meeting

Federal Register 2010, 2011, 2012, 2013, 2014

2012-08-27

... the information sharing efforts of the Coast Guard and DHS. (2) Cyber-Security. The Committee will... DEPARTMENT OF HOMELAND SECURITY Coast Guard [USCG-2012-0797] National Maritime Security Advisory...: The National Maritime Security Advisory Committee (NMSAC) will meet on September 11-12, 2012 in the...

An Improved Tarpit for Network Deception

DTIC Science & Technology

2016-03-25

World” program was, to one who is ready to join the cyber security workforce. Thirdly, I thank my mom and dad for their constant love , support, and...arrow in a part-whole relationship . In the diagram GreaseMonkey contains the three packet handler classes. The numbers next to the PriorityQueue and...arrow from Greasy to the config_parser module represents a usage relationship , where Greasy uses functions from config_parser to parse the configuration

Science of Cyber-Security

DTIC Science & Technology

2010-11-01

that a program is bug free. Also, and this is an important issue in getting people 29 to use them, static checkers tend to have false positives...enormous variety of non-standard dialects took a huge amount of work to get what they describe as full version-specific bug compatibility.) Model...coincident detection by T-cells. In- cidentally, this is why it is enough to get rid of T-cells that bind self-peptides without similarly culling B-cells

Evaluation of a complementary cyber education program for a pathophysiology class.

PubMed

Yoo, Ji-Soo; Ryue, Sook-Hee; Lee, Jung Eun; Ahn, Jeong-Ah

2009-12-01

The goal of this study was to develop and evaluate a complementary cyber education program for a required pathophysiology class for nursing students. The cyber education program comprised electronic bulletin boards, correspondence material storage, an announcement section, a report submission section, reference sites, and statistics on learning rates. Twelve online lectures complemented five lectures in the classroom. To evaluate the course's educational effectiveness, we performed an online objective questionnaire and an open questionnaire survey anonymously, and compared the complementary cyber education program with traditional classroom education. The complementary cyber education program effected significant improvements in scores for importance with regard to major, clarity of goals and education plans for courses, professor readiness, preciseness and description of lectures, amount and efficiency of assignments, and fairness in appraisal standards compared with the traditional classroom education group. This study indicates that a complementary cyber education program provides nursing students with the flexibility of time and space, the newest information through updated lectures, efficient motivational aids through intimacy between the lecturer and students, and concrete and meaningful tasks. The complementary cyber education course also increased student effort toward studying and student satisfaction with the class.

Securing Cyber Acquisitions

DTIC Science & Technology

2015-02-01

networking provides 24-hour access to data and information between friends and strangers alike. Technology also has played a significant role in the world’s...economic environment, many or- ganizations look at cyber budgets as areas to cut back. And many top-level managers and members of the acquisition

TECHcitement: Advances in Technological Education, 2006

ERIC Educational Resources Information Center

American Association of Community Colleges (NJ1), 2006

2006-01-01

This publication includes 13 articles: (1) ATE [Advanced Technological Education] Attuned to Global Competition; (2) Materials Science Center Supplies Information on Often-Overlooked Field; (3) CSEC [Cyber Security Education Consortium] Builds Corps of Cyber Technicians; (4) KCTCS [Kentucky Community and Technical College System] Is U.S. Partner…

Computer Security-Risks, Threats, and Safeguards.

ERIC Educational Resources Information Center

Ekhaml, Leticia

2001-01-01

Describes a variety of Internet threats to computers and networks used in schools. Discusses electronic trashing; clearing hard drives; cyber spying on Web sites visited; protection against cyber spying, including disposable email accounts; password sniffers; privacy policies; email snooping; email attachments that carry viruses; and hoaxes. (LRW)

Investigating the Relationship between Need for Cognition and Skill in Ethical Hackers

DOE Office of Scientific and Technical Information (OSTI.GOV)

Le Blanc, Katya; Freeman, Sarah

As technology gets more complex and increasingly connected, there is an increasing concern with cyber security. There is also a growing demand for cyber security professionals. Unfortunately there currently are not enough skilled professionals to meet that demand. In order to prepare the next generation of cyber security professionals to meet this demand, we need to understand what characteristics make skilled cyber security professionals. For this work, we focus on professionals who take an offensive approach to cyber security, so called ethical hackers. These hackers utilize many of the same skills that the adversaries that we defend against would use,more » with the goal of identifying vulnerabilities and address them before they are exploited by adversaries. A commonly held belief among ethical hackers is that hackers must possess exceptional curiosity and problem solving skills in order to be successful. Curiosity is has been studied extensively in psychology, but there is no consensus on what it is and how to measure it. Further, many existing inventories for assessing curiosity are targeted at measuring curiosity in children. Although there isn’t an accepted standard to assess curiosity in adults, a related construct, called Need for Cognition (may capture what is meant when people speak of curiosity. The Need for Cognition scale also captures the tendency toward preferring complex problems (which correlates with good problem solving skills), which may provide insight into what make skilled hackers. In addition to the Need for Cognition, we used a structured interview to assess hacker skill. Hackers rated their own skill on a scale from one to ten on a predefined list of hacker skills. They were then asked to rate a peer who they felt was most skilled in each of the skills. They were asked to rate two peers for each skill, one that they worked with directly and one person that was the most skilled in the field (these could be known by reputation only). The hypothesis is that hackers have a higher than average (i.e., compared to non-hackers) Need for cognition and that Need for Cognition will be positively correlated with self-reported and peer reported skill. We interviewed 20 cyber security researchers who specialize in offensive approaches. Based on the responses to the hacker skill inventory, we generated a self-reported skill score for each participant. We also developed a peer-rating for each participant based on the number of times each individual that was interviewed was named as the most skilled in a particular area. The results indicate that the sample of ethical hackers has a high Need for Cognition and that Need for cognition was related to both self-reported skill and peer-reported skill. The results are discussed in the context of training and recruitment of cyber security professionals.« less

49 CFR 1520.5 - Sensitive security information.

Code of Federal Regulations, 2014 CFR

2014-10-01

..., including threats against cyber infrastructure. (8) Security measures. Specific details of aviation...) Critical aviation, maritime, or rail infrastructure asset information. Any list identifying systems or...

49 CFR 1520.5 - Sensitive security information.

Code of Federal Regulations, 2012 CFR

2012-10-01

..., including threats against cyber infrastructure. (8) Security measures. Specific details of aviation...) Critical aviation, maritime, or rail infrastructure asset information. Any list identifying systems or...

49 CFR 1520.5 - Sensitive security information.

Code of Federal Regulations, 2011 CFR

2011-10-01

..., including threats against cyber infrastructure. (8) Security measures. Specific details of aviation...) Critical aviation, maritime, or rail infrastructure asset information. Any list identifying systems or...

49 CFR 1520.5 - Sensitive security information.

Code of Federal Regulations, 2013 CFR

2013-10-01

..., including threats against cyber infrastructure. (8) Security measures. Specific details of aviation...) Critical aviation, maritime, or rail infrastructure asset information. Any list identifying systems or...

Risk Assessment of Power System considering the CPS of Transformers

NASA Astrophysics Data System (ADS)

Zhou, Long; Peng, Zewu; Liu, Xindong; Li, Canbing; Chen, Can

2018-02-01

This paper constructs a risk assessment framework of power system for device-level information security, analyzes the typical protection configuration of power transformers, and takes transformer gas protection and differential protection as examples to put forward a method that analyzes the cyber security in electric power system, which targets transformer protection parameters. We estimate the risk of power system accounting for the cyber security of transformer through utilizing Monte Carlo method and two indexes, which are the loss of load probability and the expected demand not supplied. The proposed approach is tested with IEEE 9 bus system and IEEE 118 bus system.

Sandia National Laboratories: National Security Missions: Defense Systems

Science.gov Websites

Accomplishments Energy Stationary Power Earth Science Transportation Energy Energy Research Global Security WMD Cyber & Infrastructure Security Global Security Remote Sensing & Verification Research Research Robotics R&D 100 Awards Laboratory Directed Research & Development Technology Deployment Centers

77 FR 14525 - Statement of Organization, Functions, and Delegations of Authority

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-12

... maintains the CDC Computer Security Incident Response Team; (4) performs cyber security incident reporting... systems planning and support; internal security and emergency preparedness; and management analysis and... security; education, training, and workforce development in information and IT disciplines; development and...

Vulnerability of water supply systems to cyber-physical attacks

NASA Astrophysics Data System (ADS)

Galelli, Stefano; Taormina, Riccardo; Tippenhauer, Nils; Salomons, Elad; Ostfeld, Avi

2016-04-01

The adoption of smart meters, distributed sensor networks and industrial control systems has largely improved the level of service provided by modern water supply systems. Yet, the progressive computerization exposes these critical infrastructures to cyber-physical attacks, which are generally aimed at stealing critical information (cyber-espionage) or causing service disruption (denial-of-service). Recent statistics show that water and power utilities are undergoing frequent attacks - such as the December power outage in Ukraine - , attracting the interest of operators and security agencies. Taking the security of Water Distribution Networks (WDNs) as domain of study, our work seeks to characterize the vulnerability of WDNs to cyber-physical attacks, so as to conceive adequate defense mechanisms. We extend the functionality of EPANET, which models hydraulic and water quality processes in pressurized pipe networks, to include a cyber layer vulnerable to repeated attacks. Simulation results on a medium-scale network show that several hydraulic actuators (valves and pumps, for example) can be easily attacked, causing both service disruption - i.e., water spillage and loss of pressure - and structural damages - e.g., pipes burst. Our work highlights the need for adequate countermeasures, such as attacks detection and reactive control systems.

Governance and Risk Management of Network and Information Security: The Role of Public Private Partnerships in Managing the Existing and Emerging Risks

NASA Astrophysics Data System (ADS)

Navare, Jyoti; Gemikonakli, Orhan

Globalisation and new technology has opened the gates to more security risks. As the strategic importance of communication networks and information increased, threats to the security and safety of communication infrastructures, as well as information stored in and/or transmitted increased significantly. The development of the self replicating programmes has become a nightmare for Internet users. Leading companies, strategic organisations were not immune to attacks; they were also "hacked" and overtaken by intruders. Incidents of recent years have also shown that national/regional crisis may also trigger cyber attacks at large scale. Experts forecast that cyber wars are likely to take the stage as tension mounts between developed societies. New risks such as cyber-attacks, network terrorism and disintegration of traditional infrastructures has somewhat blurred the boundaries of operation and control. This paper seeks to consider the risk management and governance and looking more specifically at implications for emerging economies.

Cyber-Surveillance: A Case Study in Policy and Development

ERIC Educational Resources Information Center

Kim, Richard S. Y.

2010-01-01

The dissertation examines the historical development of surveillance, electronic surveillance, and cyber-surveillance from colonial times in the United States to the present. It presents the surveillance laws, technologies and policies as a balance between national security and privacy. To examine more recent developments, the dissertation…

ViNEL: A Virtual Networking Lab for Cyber Defense Education

ERIC Educational Resources Information Center

Reinicke, Bryan; Baker, Elizabeth; Toothman, Callie

2018-01-01

Professors teaching cyber security classes often face challenges when developing workshops for their students: How does one quickly and efficiently configure and deploy an operating system for a temporary learning/testing environment? Faculty teaching these classes spend countless hours installing, configuring and deploying multiple system…

Security Analysis of Smart Grid Cyber Physical Infrastructures Using Modeling and Game Theoretic Simulation

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Sheldon, Frederick T.

Cyber physical computing infrastructures typically consist of a number of sites are interconnected. Its operation critically depends both on cyber components and physical components. Both types of components are subject to attacks of different kinds and frequencies, which must be accounted for the initial provisioning and subsequent operation of the infrastructure via information security analysis. Information security analysis can be performed using game theory implemented in dynamic Agent Based Game Theoretic (ABGT) simulations. Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, andmore » information assets. We concentrated our analysis on the electric sector failure scenarios and impact analyses by the NESCOR Working Group Study, From the Section 5 electric sector representative failure scenarios; we extracted the four generic failure scenarios and grouped them into three specific threat categories (confidentiality, integrity, and availability) to the system. These specific failure scenarios serve as a demonstration of our simulation. The analysis using our ABGT simulation demonstrates how to model the electric sector functional domain using a set of rationalized game theoretic rules decomposed from the failure scenarios in terms of how those scenarios might impact the cyber physical infrastructure network with respect to CIA.« less

Porous TiO₂-Based Gas Sensors for Cyber Chemical Systems to Provide Security and Medical Diagnosis.

PubMed

Galstyan, Vardan

2017-12-19

Gas sensors play an important role in our life, providing control and security of technical processes, environment, transportation and healthcare. Consequently, the development of high performance gas sensor devices is the subject of intense research. TiO₂, with its excellent physical and chemical properties, is a very attractive material for the fabrication of chemical sensors. Meanwhile, the emerging technologies are focused on the fabrication of more flexible and smart systems for precise monitoring and diagnosis in real-time. The proposed cyber chemical systems in this paper are based on the integration of cyber elements with the chemical sensor devices. These systems may have a crucial effect on the environmental and industrial safety, control of carriage of dangerous goods and medicine. This review highlights the recent developments on fabrication of porous TiO₂-based chemical gas sensors for their application in cyber chemical system showing the convenience and feasibility of such a model to provide the security and to perform the diagnostics. The most of reports have demonstrated that the fabrication of doped, mixed and composite structures based on porous TiO₂ may drastically improve its sensing performance. In addition, each component has its unique effect on the sensing properties of material.

Porous TiO2-Based Gas Sensors for Cyber Chemical Systems to Provide Security and Medical Diagnosis

PubMed Central

2017-01-01

Gas sensors play an important role in our life, providing control and security of technical processes, environment, transportation and healthcare. Consequently, the development of high performance gas sensor devices is the subject of intense research. TiO2, with its excellent physical and chemical properties, is a very attractive material for the fabrication of chemical sensors. Meanwhile, the emerging technologies are focused on the fabrication of more flexible and smart systems for precise monitoring and diagnosis in real-time. The proposed cyber chemical systems in this paper are based on the integration of cyber elements with the chemical sensor devices. These systems may have a crucial effect on the environmental and industrial safety, control of carriage of dangerous goods and medicine. This review highlights the recent developments on fabrication of porous TiO2-based chemical gas sensors for their application in cyber chemical system showing the convenience and feasibility of such a model to provide the security and to perform the diagnostics. The most of reports have demonstrated that the fabrication of doped, mixed and composite structures based on porous TiO2 may drastically improve its sensing performance. In addition, each component has its unique effect on the sensing properties of material. PMID:29257076

PeerShield: determining control and resilience criticality of collaborative cyber assets in networks

NASA Astrophysics Data System (ADS)

Cam, Hasan

2012-06-01

As attackers get more coordinated and advanced in cyber attacks, cyber assets are required to have much more resilience, control effectiveness, and collaboration in networks. Such a requirement makes it essential to take a comprehensive and objective approach for measuring the individual and relative performances of cyber security assets in network nodes. To this end, this paper presents four techniques as to how the relative importance of cyber assets can be measured more comprehensively and objectively by considering together the main variables of risk assessment (e.g., threats, vulnerabilities), multiple attributes (e.g., resilience, control, and influence), network connectivity and controllability among collaborative cyber assets in networks. In the first technique, a Bayesian network is used to include the random variables for control, recovery, and resilience attributes of nodes, in addition to the random variables of threats, vulnerabilities, and risk. The second technique shows how graph matching and coloring can be utilized to form collaborative pairs of nodes to shield together against threats and vulnerabilities. The third technique ranks the security assets of nodes by incorporating multiple weights and thresholds of attributes into a decision-making algorithm. In the fourth technique, the hierarchically well-separated tree is enhanced to first identify critical nodes of a network with respect to their attributes and network connectivity, and then selecting some nodes as driver nodes for network controllability.

Towards a Cyber Defense Framework for SCADA Systems Based on Power Consumption Monitoring

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hernandez Jimenez, Jarilyn M; Chen, Qian; Nichols, Jeff A.

Supervisory control and data acquisition (SCADA) is an industrial automation system that remotely monitor, and control critical infrastructures. SCADA systems are major targets for espionage and sabotage attackers. According to the 2015 Dell security annual threat report, the number of cyber-attacks against SCADA systems has doubled in the past year. Cyber-attacks (i.e., buffer overflow, rootkits and code injection) could cause serious financial losses and physical infrastructure damages. Moreover, some specific cyber-attacks against SCADA systems could become a threat to human life. Current commercial off-the-shelf security solutions are insufficient in protecting SCADA systems against sophisticated cyber-attacks. In 2014 a report bymore » Mandiant stated that only 69% of organizations learned about their breaches from third entities, meaning that these companies lack of their own detection system. Furthermore, these breaches are not detected in real-time or fast enough to prevent further damages. The average time between compromise and detection (for those intrusions that were detected) was 205 days. To address this challenge, we propose an Intrusion Detection System (IDS) that detects SCADA-specific cyber-attacks by analyzing the power consumption of a SCADA device. Specifically, to validate the proposed approach, we chose to monitor in real-time the power usage of a a Programmable Logic Controller (PLC). To this end, we configured the hardware of the tetsbed by installing the required sensors to monitor and collect its power consumption. After that two SCADA-specific cyber-attacks were simulated and TracerDAQ Pro was used to collect the power consumption of the PLC under normal and anomalous scenarios. Results showed that is possible to distinguish between the regular power usage of the PLC and when the PLC was under specific cyber-attacks.« less

How is cyber threat evolving and what do organisations need to consider?

PubMed

Borrett, Martin; Carter, Roger; Wespi, Andreas

Organisations and members of the public are becoming accustomed to the increasing velocity, frequency and variety of cyber-attacks that they have been facing over the last few years. In response to this challenge, it is important to explore what can be done to offer commercial and private users a reliable and functioning environment. This paper discusses how cyber threats might evolve in the future and seeks to explore these threats more fully. Attention is paid to the changing nature of cyber-attackers and their motivations and what this means for organisations. Finally, useful and actionable steps are provided, which practitioners can use to understand how they can start to address the future challenges of cyber security.

Some attributes of a language for property-based testing.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Neagoe, Vicentiu; Bishop, Matt

Property-based testing is a testing technique that evaluates executions of a program. The method checks that specifications, called properties, hold throughout the execution of the program. TASpec is a language used to specify these properties. This paper compares some attributes of the language with the specification patterns used for model-checking languages, and then presents some descriptions of properties that can be used to detect common security flaws in programs. This report describes the results of a one year research project at the University of California, Davis, which was funded by a University Collaboration LDRD entitled ''Property-based Testing for Cyber Securitymore » Assurance''.« less

Cyber ACTS/SAASS: A Second Year of Command and Staff College for the Future Leaders of Our Cyber Forces

DTIC Science & Technology

2009-01-01

objectives. The Air Force is struggling to determine the best way of developing offensive and defensive capabilities for cyber warfare . Our warfighting...education (IDE) cyber warfare program at the Air Force Institute of Technology (AFIT), located at Wright-Patterson AFB, Ohio. I propose that the Air...Force create a two-year professional military education (PME) path consisting of ACSC followed by AFIT’s cyber warfare program, paralleling the current path of ACSC followed by SAASS.

76 FR 7187 - Priorities for Addressing Risks to the Reliability of the Bulk-Power System; Reliability...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-09

... emerging challenges facing the power grid? b. Do the CIP standards assure cyber security, including... Smart Grid applications have non-cyber reliability implications that need to be addressed? d. What steps... (NERC). Ronald L. Litzinger, President, Southern California Edison Company. Stephen J. Wright...

Cyber and the American Way of War

DTIC Science & Technology

2015-04-13

perfect fit in the American way of war, cyber’s uniqueness will challenge the current American way of war. To operate effectively in war that includes...Counter Terrorism Reference Center. 36 Danzig, Richard J. Surviving on a Diet of Poisoned Fruit: Reducing the National Security Risks of America’s

Strengthening US DoD Cyber Security with the Vulnerability Market

DTIC Science & Technology

2013-06-01

is with their constant assurance that I find strength. I would also like to acknowledge my cyber- colleagues, Maj Ronald “Rusty” Clark, Maj Vanessa ...Michel J.G. van Eeten, Delft University of Technology; Michael Levi, Cardiff University; Tyler Moore, Southern Methodist University; and Stefan Savage

Impact of the ConRed program on different cyberbulling roles.

PubMed

Del Rey, Rosario; Casas, José A; Ortega, Rosario

2016-01-01

This article presents results from an evaluation of the ConRed cyberbullying intervention program. The program's impacts were separately determined for the different roles within cyberbullying that students can take, i.e., cyber-victims, cyber-bullies, cyber-bully/victims, and bystanders. The ConRed program is a theory-driven program designed to prevent cyberbullying and improve cyberbullying coping skills. It involves students, teachers, and families. During a 3-month period, external experts conducted eight training sessions with students, two with teachers and one with families. ConRed was evaluated through a quasi-experimental design, in which students from three secondary schools were separated into experimental and control groups. The sample comprised 875 students, aged between 11 and 19 years. More students (n = 586) were allocated to the experimental groups at the specific insistence of the management of all schools; the remainder (n = 289) formed the control. Repeated measures MANOVA showed that cyber victims, cyber aggressors and cyberbully/victims reduced their involvement in cyberbullying. Moreover, cyber-victims and bystanders adjusted their perceptions about their control of personal information on the Internet, and cyber aggressors and bystanders reduced their Internet dependence. The ConRed program had stronger effects on male participants, especially in heightening their affective empathy. © 2015 Wiley Periodicals, Inc.

Teaching RFID Information Systems Security

ERIC Educational Resources Information Center

Thompson, Dale R.; Di, Jia; Daugherty, Michael K.

2014-01-01

The future cyber security workforce needs radio frequency identification (RFID) information systems security (INFOSEC) and threat modeling educational materials. A complete RFID security course with new learning materials and teaching strategies is presented here. A new RFID Reference Model is used in the course to organize discussion of RFID,…

A Dynamic Three-Dimensional Network Visualization Program for Integration into CyberCIEGE and Other Network Visualization Scenarios

DTIC Science & Technology

2007-06-01

information flow involved in network attacks. This kind of information can be invaluable in learning how to best setup and defend computer networks...administrators, and those interested in learning about securing networks a way to conceptualize this complex system of computing. NTAV3D will provide a three...teaching with visual and other components can make learning more effective” (Baxley et al, 2006). A hyperbox (Alpern and Carter, 1991) is

The synergy needed for business resilience.

PubMed

Kachgal, Julie A

2015-01-01

This paper discusses best practices on where to strategically connect risk management, business continuity, disaster recovery, crisis management, crisis communications, physical security, cyber security and emergency planning within the organisation.

Cyberspace security system

DOEpatents

Abercrombie, Robert K; Sheldon, Frederick T; Ferragut, Erik M

2014-06-24

A system evaluates reliability, performance and/or safety by automatically assessing the targeted system's requirements. A cost metric quantifies the impact of failures as a function of failure cost per unit of time. The metrics or measurements may render real-time (or near real-time) outcomes by initiating active response against one or more high ranked threats. The system may support or may be executed in many domains including physical domains, cyber security domains, cyber-physical domains, infrastructure domains, etc. or any other domains that are subject to a threat or a loss.

Probabilistic Characterization of Adversary Behavior in Cyber Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Meyers, C A; Powers, S S; Faissol, D M

2009-10-08

The objective of this SMS effort is to provide a probabilistic characterization of adversary behavior in cyber security. This includes both quantitative (data analysis) and qualitative (literature review) components. A set of real LLNL email data was obtained for this study, consisting of several years worth of unfiltered traffic sent to a selection of addresses at ciac.org. The email data was subjected to three interrelated analyses: a textual study of the header data and subject matter, an examination of threats present in message attachments, and a characterization of the maliciousness of embedded URLs.

The Evolution of Preemptive Strikes in Israeli Operational Planning and Future Implications for the Cyber Domain

DTIC Science & Technology

2013-05-23

2012), 35. 36Irving Lachow, “Cyber Terrorism: Menace of Myth?” in Franklin D. Kramer, Stuart H. Starr, and Larry Wentz, eds., Cyberpower and National...cyber power.” In Franklin D. Kramer, Stuart H. Starr, and Larry Wentz, eds., Cyberpower and National Security (Washington, D.C.: Potomac Books Inc...2009), 272. 188Ibid., 273. 189Martin C. Libicki, “Military Cyberpower,” In Franklin D. Kramer, Stuart H. Starr, and Larry Wentz, eds., Cyberpower and

Good Things in Small Packages: Micro Worlds and Cyber Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

David I Gertman

2013-11-01

Cyber events, as perpetrated by terrorists and nation states, have become commonplace as evidenced in national and international news media. Cyber attacks affect day-to-day activities of end users through exploitation of social networks, businesses such as banking and stock exchanges, and government entities including Departments of Defense. They are becoming more frequent and sophisticated. Currently, efforts are directed to understanding the methods employed by attackers and towards dissecting the planning and activities of the perpetrator, including review of psychosocial factors.

Let Slip the Dogs of (CYBER) War: Progressing Towards a Warfighting U.S. Cyber Command

DTIC Science & Technology

2013-04-01

Accelerating Cyberweapon Reseach ,” Washington Post , 18 March 2012. 20 Federal Bureau of Investigation, “What we Investigate - Cyber Crime,” http...on- uk-police-s-anti-terror-hotline (accessed 2 January 2013). 18 Jen Lin-Liu, “Huawei-Cisco Tests China’s Respect for Property Rights,” IEEE... designated as critical infrastructure (CI).19 Securing this CI will be a challenge: most is privately vice publicly owned, and there is limited incentive

Cybersecurity Lanes in the Road for the Department of Homeland Security

DTIC Science & Technology

2016-06-01

20of%20Responsibility%20in%20the%20US%20Government- Joeli%20Field.pdf. 54 Ibid., 120. 55 “Preventing 9/11 in the Cyber World,” Information Management ...their emergency communications capabilities.”113 NCCIC is a “24x7 cyber situational awareness, incident response, and management center.”114 They share... Cyber World.” Information Management 47, no. 3 (May, 2013): 18. http://libproxy.nps.edu/login?url=http://search.proquest.com/docview/ 1430501590

49 CFR 15.5 - Sensitive security information.

Code of Federal Regulations, 2014 CFR

2014-10-01

... sources and methods used to gather or develop threat information, including threats against cyber infrastructure. (8) Security measures. Specific details of aviation or maritime transportation security measures... infrastructure asset information. Any list identifying systems or assets, whether physical or virtual, so vital...

49 CFR 15.5 - Sensitive security information.

Code of Federal Regulations, 2011 CFR

2011-10-01

... sources and methods used to gather or develop threat information, including threats against cyber infrastructure. (8) Security measures. Specific details of aviation or maritime transportation security measures... infrastructure asset information. Any list identifying systems or assets, whether physical or virtual, so vital...

49 CFR 15.5 - Sensitive security information.

Code of Federal Regulations, 2013 CFR

2013-10-01

... sources and methods used to gather or develop threat information, including threats against cyber infrastructure. (8) Security measures. Specific details of aviation or maritime transportation security measures... infrastructure asset information. Any list identifying systems or assets, whether physical or virtual, so vital...

49 CFR 15.5 - Sensitive security information.

Code of Federal Regulations, 2012 CFR

2012-10-01

... sources and methods used to gather or develop threat information, including threats against cyber infrastructure. (8) Security measures. Specific details of aviation or maritime transportation security measures... infrastructure asset information. Any list identifying systems or assets, whether physical or virtual, so vital...

Toward a theoretical framework for trustworthy cyber sensing

NASA Astrophysics Data System (ADS)

Xu, Shouhuai

2010-04-01

Cyberspace is an indispensable part of the economy and society, but has been "polluted" with many compromised computers that can be abused to launch further attacks against the others. Since it is likely that there always are compromised computers, it is important to be aware of the (dynamic) cyber security-related situation, which is however challenging because cyberspace is an extremely large-scale complex system. Our project aims to investigate a theoretical framework for trustworthy cyber sensing. With the perspective of treating cyberspace as a large-scale complex system, the core question we aim to address is: What would be a competent theoretical (mathematical and algorithmic) framework for designing, analyzing, deploying, managing, and adapting cyber sensor systems so as to provide trustworthy information or input to the higher layer of cyber situation-awareness management, even in the presence of sophisticated malicious attacks against the cyber sensor systems?

Cyber security: a critical examination of information sharing versus data sensitivity issues for organisations at risk of cyber attack.

PubMed

Mallinder, Jason; Drabwell, Peter

Cyber threats are growing and evolving at an unprecedented rate.Consequently, it is becoming vitally important that organisations share information internally and externally before, during and after incidents they encounter so that lessons can be learned, good practice identified and new cyber resilience capabilities developed. Many organisations are reluctant to share such information for fear of divulging sensitive information or because it may be vague or incomplete. This provides organisations with a complex dilemma: how to share information as openly as possibly about cyber incidents, while protecting their confidentiality and focusing on service recovery from such incidents. This paper explores the dilemma of information sharing versus sensitivity and provides a practical overview of considerations every business continuity plan should address to plan effectively for information sharing in the event of a cyber incident.

Three Essays on Information Security Policies

ERIC Educational Resources Information Center

Yang, Yubao

2011-01-01

Information security breaches pose a significant and increasing threat to national security and economic well-being. In the Symantec Internet Security Threat Report (2003), companies surveyed experienced an average of about 30 attacks per week. Anecdotal evidence suggests that losses from cyber-attacks can run into millions of dollars. The CSI-FBI…

32 CFR 240.3 - Definitions.

Code of Federal Regulations, 2014 CFR

2014-07-01

... designated by the Department of Homeland Security and the NSA as a national center of excellence. IA. For the purpose of this part, the term “IA” includes computer security, network security, cybersecurity, cyber... the Department of Homeland Security and the NSA as a national center of excellence. CAE-R. An...

32 CFR 240.3 - Definitions.

Code of Federal Regulations, 2013 CFR

2013-07-01

... designated by the Department of Homeland Security and the NSA as a national center of excellence. IA. For the purpose of this part, the term “IA” includes computer security, network security, cybersecurity, cyber... the Department of Homeland Security and the NSA as a national center of excellence. CAE-R. An...

32 CFR 240.3 - Definitions.

Code of Federal Regulations, 2012 CFR

2012-07-01

... designated by the Department of Homeland Security and the NSA as a national center of excellence. IA. For the purpose of this part, the term “IA” includes computer security, network security, cybersecurity, cyber... the Department of Homeland Security and the NSA as a national center of excellence. CAE-R. An...

Exploring Factors That Affect Adoption of Computer Security Practices among College Students

ERIC Educational Resources Information Center

Alqarni, Amani

2017-01-01

Cyber-attacks threaten the security of computer users' information, networks, machines, and privacy. Studies of computer security education, awareness, and training among ordinary computer users, college students, non-IT-oriented user groups, and non-technically trained citizens are limited. Most research has focused on computer security standards…

Survey of Cyber Crime in Big Data

NASA Astrophysics Data System (ADS)

Rajeswari, C.; Soni, Krishna; Tandon, Rajat

2017-11-01

Big data is like performing computation operations and database operations for large amounts of data, automatically from the data possessor’s business. Since a critical strategic offer of big data access to information from numerous and various areas, security and protection will assume an imperative part in big data research and innovation. The limits of standard IT security practices are notable, with the goal that they can utilize programming sending to utilize programming designers to incorporate pernicious programming in a genuine and developing risk in applications and working frameworks, which are troublesome. The impact gets speedier than big data. In this way, one central issue is that security and protection innovation are sufficient to share controlled affirmation for countless direct get to. For powerful utilization of extensive information, it should be approved to get to the information of that space or whatever other area from a space. For a long time, dependable framework improvement has arranged a rich arrangement of demonstrated ideas of demonstrated security to bargain to a great extent with the decided adversaries, however this procedure has been to a great extent underestimated as “needless excess” and sellers In this discourse, essential talks will be examined for substantial information to exploit this develop security and protection innovation, while the rest of the exploration difficulties will be investigated.

Quantifying Mixed Uncertainties in Cyber Attacker Payoffs

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chatterjee, Samrat; Halappanavar, Mahantesh; Tipireddy, Ramakrishna

Representation and propagation of uncertainty in cyber attacker payoffs is a key aspect of security games. Past research has primarily focused on representing the defender’s beliefs about attacker payoffs as point utility estimates. More recently, within the physical security domain, attacker payoff uncertainties have been represented as Uniform and Gaussian probability distributions, and intervals. Within cyber-settings, continuous probability distributions may still be appropriate for addressing statistical (aleatory) uncertainties where the defender may assume that the attacker’s payoffs differ over time. However, systematic (epistemic) uncertainties may exist, where the defender may not have sufficient knowledge or there is insufficient information aboutmore » the attacker’s payoff generation mechanism. Such epistemic uncertainties are more suitably represented as probability boxes with intervals. In this study, we explore the mathematical treatment of such mixed payoff uncertainties.« less

On a simulation study for reliable and secured smart grid communications

NASA Astrophysics Data System (ADS)

Mallapuram, Sriharsha; Moulema, Paul; Yu, Wei

2015-05-01

Demand response is one of key smart grid applications that aims to reduce power generation at peak hours and maintain a balance between supply and demand. With the support of communication networks, energy consumers can become active actors in the energy management process by adjusting or rescheduling their electricity usage during peak hours based on utilities pricing incentives. Nonetheless, the integration of communication networks expose the smart grid to cyber-attacks. In this paper, we developed a smart grid simulation test-bed and designed evaluation scenarios. By leveraging the capabilities of Matlab and ns-3 simulation tools, we conducted a simulation study to evaluate the impact of cyber-attacks on demand response application. Our data shows that cyber-attacks could seriously disrupt smart grid operations, thus confirming the need of secure and resilient communication networks for supporting smart grid operations.

Towards a Research Agenda for Cyber Friendly Fire

DOE Office of Scientific and Technical Information (OSTI.GOV)

Greitzer, Frank L.; Clements, Samuel L.; Carroll, Thomas E.

Historical assessments of combat fratricide reveal principal contributing factors in the effects of stress, degradation of skills due to continuous operations or sleep deprivation, poor situation awareness, and lack of training and discipline in offensive/defense response selection. While these problems are typically addressed in R&D focusing on traditional ground-based combat, there is also an emerging need for improving situation awareness and decision making on defensive/offensive response options in the cyber defense arena, where a mistaken response to an actual or perceived cyber attack could lead to destruction or compromise of friendly cyber assets. The purpose of this report is tomore » examine cognitive factors that may affect cyber situation awareness and describe possible research needs to reduce the likelihood and effects of "friendly cyber fire" on cyber defenses, information infrastructures, and data. The approach is to examine concepts and methods that have been described in research applied to the more traditional problem of mitigating the occurrence of combat identification and fratricide. Application domains of interest include cyber security defense against external or internal (insider) threats.« less

Chinese National Strategy of Total War

DTIC Science & Technology

2008-06-01

Cyber Warfare Michael J. Good, BA Major, USA June 2008 APPROVED FOR PUBLIC RELEASE; DISTRIBUTION IS...who allowed me into the Cyber Warfare , my fellow students in the Cyber Warfare IDE program who have been great friends and mentors, and my fellow...Hackers and Other Cyber Criminals .............................................................................41 PLA Cyber Warfare

Parents and Educators [Tip Card

ERIC Educational Resources Information Center

US Department of Homeland Security, 2011

2011-01-01

Stop.Think.Connect. is a national public awareness campaign aimed at increasing the understanding of cyber threats and empowering the American public to be safer and more secure online. The Campaign's main objective is to help individuals become more aware of growing cyber threats and arm them with the tools to protect themselves, their families,…

NATO’s Preparedness for Cyberwar

DTIC Science & Technology

2016-09-01

ARTS IN SECURITY STUDIES EUROPE AND EURASIA from the NAVAL POSTGRADUATE SCHOOL September 2016 Approved by: David Yost, Ph.D...CYBER CASE STUDIES : CYBER ATTACKS AGAINST NATO ALLIES AND PARTNERS .................................................................................33...to thank Dr. Wade Huntley for first stimulating my interest in the academic study of NATO’s cyberwarfare capabilities and readiness. In addition, I

2011 Year in Review

Science.gov Websites

Pressures Demise of Bin Laden Battling al-Qaida Libya Cyber & Space Defense 10th Anniversary of 9/11 A ensuring national security in cyber and space defense. And on the financial front, the department, along reached a near-crisis point, and defense budget growth prospects were sharply limited. Defense Secretaries

Grades 9-12 Student Tip Card

ERIC Educational Resources Information Center

US Department of Homeland Security, 2005

2005-01-01

Stop.Think.Connect. is a national public awareness campaign aimed at increasing the understanding of cyber threats and empowering the American public to be safer and more secure online. The Campaign's main objective is to help individuals become more aware of growing cyber threats and arm them with the tools to protect themselves, their families,…

Sandia National Laboratories: Hydrogen Risk Assessment Models toolkit now

Science.gov Websites

Energy Stationary Power Earth Science Transportation Energy Energy Research Global Security WMD Cyber & Infrastructure Security Global Security Remote Sensing & Verification Research Research Robotics R&D 100 Awards Laboratory Directed Research & Development Technology Deployment Centers

Sandia National Laboratories: 100 Resilient Cities: Sandia Challenge:

Science.gov Websites

Accomplishments Energy Stationary Power Earth Science Transportation Energy Energy Research Global Security WMD Cyber & Infrastructure Security Global Security Remote Sensing & Verification Research Research Robotics R&D 100 Awards Laboratory Directed Research & Development Technology Deployment Centers

77 FR 56662 - Homeland Security Science and Technology Advisory Committee (HSSTAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-13

... as new developments in systems engineering, cyber-security, knowledge management and how best to... Management; Notice of Federal Advisory Committee Meeting. SUMMARY: The Homeland Security Science and... the Under Secretary on policies, management processes, and organizational constructs as needed. Agenda...

76 FR 41274 - Committee Name: Homeland Security Science and Technology Advisory Committee (HSSTAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-13

..., cyber-security, knowledge management and how best to leverage related technologies funded by other... Science and Technology Advisory Committee (HSSTAC) ACTION: Committee Management; Notice of Federal... Committee Management Secretariat, General Services Administration. Name of Committee: Homeland Security...

78 FR 66949 - Homeland Security Science and Technology Advisory Committee (HSSTAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-07

... Technology, such as new developments in systems engineering, cyber-security, knowledge management and how... Management; Notice of Federal Advisory Committee Meeting. SUMMARY: The Homeland Security Science and... also advises the Under Secretary on policies, management processes, and organizational constructs as...

Assessing the Security of Connected Diabetes Devices.

PubMed

Out, Dirk-Jan; Tettero, Olaf

2017-03-01

This article discusses the assessment of the (cyber)security of wirelessly connected diabetes devices under the DTSEC standard. We discuss the relation between diabetes devices and hackers, provide an overview of the DTSEC standard, and describe the process of security assessment of diabetes devices.

76 FR 81477 - Announcing an Open Meeting of the Information Security and Privacy Advisory Board

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-28

... sessions will be open to the public. The ISPAB was established by the Computer Security Act of 1987 (Pub. L... Secure Mobile Devices, --Panel Discussion on cyber R&D Strategy, and --Update of NIST Computer Security... of the Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and...

Information security : is your information safe?

DOT National Transportation Integrated Search

1999-01-01

This article characterizes the problem of cyber-terrorism, outlines the Federal government's response to several security-related concerns, and describes the Volpe Center's critical support to this response. The possibility of catastrophic terrorist ...

Self-Development for Cyber Warriors

DTIC Science & Technology

2011-11-10

Aggressive self-development is a critical task for the cyber warfare professional. No matter the quality, formal training and education programs age...Books and Science Fiction); Technology and Cyber-Related Magazines and Blogs; Specific Cyber Warfare Journal and Magazine Articles; Key Documents on...the strengths and weaknesses of the major donor career fields to the cyber workforce, and a Self-Assessment of Cyber Domain Expertise for readers who wish to assess their own cyber warfare expertise.

Cybersecurity and Optimization in Smart “Autonomous” Buildings

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mylrea, Michael E.; Gourisetti, Sri Nikhil Gup

Significant resources have been invested in making buildings “smart” by digitizing, networking and automating key systems and operations. Smart autonomous buildings create new energy efficiency, economic and environmental opportunities. But as buildings become increasingly networked to the Internet, they can also become more vulnerable to various cyber threats. Automated and Internet-connected buildings systems, equipment, controls, and sensors can significantly increase cyber and physical vulnerabilities that threaten the confidentiality, integrity, and availability of critical systems in organizations. Securing smart autonomous buildings presents a national security and economic challenge to the nation. Ignoring this challenge threatens business continuity and the availability ofmore » critical infrastructures that are enabled by smart buildings. In this chapter, the authors address challenges and explore new opportunities in securing smart buildings that are enhanced by machine learning, cognitive sensing, artificial intelligence (AI) and smart-energy technologies. The chapter begins by identifying cyber-threats and challenges to smart autonomous buildings. Then it provides recommendations on how AI enabled solutions can help smart buildings and facilities better protect, detect and respond to cyber-physical threats and vulnerabilities. Next, the chapter will provide case studies that examine how combining AI with innovative smart-energy technologies can increase both cybersecurity and energy efficiency savings in buildings. The chapter will conclude by proposing recommendations for future cybersecurity and energy optimization research for examining AI enabled smart-energy technology.« less

The Struggle Between Liberties and Authorities in the Information Age.

PubMed

Taddeo, Mariarosaria

2015-10-01

The "struggle between liberties and authorities", as described by Mill, refers to the tension between individual rights and the rules restricting them that are imposed by public authorities exerting their power over civil society. In this paper I argue that contemporary information societies are experiencing a new form of such a struggle, which now involves liberties and authorities in the cyber-sphere and, more specifically, refers to the tension between cyber-security measures and individual liberties. Ethicists, political philosophers and political scientists have long debated how to strike an ethically sound balance between security measures and individual rights. I argue that such a balance can only be reached once individual rights are clearly defined, and that such a definition cannot prescind from an analysis of individual well-being in the information age. Hence, I propose an analysis of individual well-being which rests on the capability approach, and I then identify a set of rights that individuals should claim for themselves. Finally, I consider a criterion for balancing the proposed set of individual rights with cyber-security measures in the information age.

Network and computing infrastructure for scientific applications in Georgia

NASA Astrophysics Data System (ADS)

Kvatadze, R.; Modebadze, Z.

2016-09-01

Status of network and computing infrastructure and available services for research and education community of Georgia are presented. Research and Educational Networking Association - GRENA provides the following network services: Internet connectivity, network services, cyber security, technical support, etc. Computing resources used by the research teams are located at GRENA and at major state universities. GE-01-GRENA site is included in European Grid infrastructure. Paper also contains information about programs of Learning Center and research and development projects in which GRENA is participating.

FLOWER IPv4/IPv6 Network Flow Summarization software

DOE Office of Scientific and Technical Information (OSTI.GOV)

Nickless, Bill; Curtis, Darren; Christy, Jason

FLOWER was written as a refactoring/reimplementation of the existing Flo software used by the Cooperative Protection Program (CPP) to provide network flow summaries for analysis by the Operational Analysis Center (OAC) and other US Department of Energy cyber security elements. FLOWER is designed and tested to operate at 10 gigabits/second, nearly 10 times faster than competing solutions. FLOWER output is optimized for importation into SQL databases for categorization and analysis. FLOWER is written in C++ using current best software engineering practices.

Cyber Security for the Spaceport Command and Control System: Vulnerability Management and Compliance Analysis

NASA Technical Reports Server (NTRS)

Gunawan, Ryan A.

2016-01-01

With the rapid development of the Internet, the number of malicious threats to organizations is continually increasing. In June of 2015, the United States Office of Personnel Management (OPM) had a data breach resulting in the compromise of millions of government employee records. The National Aeronautics and Space Administration (NASA) is not exempt from these attacks. Cyber security is becoming a critical facet to the discussion of moving forward with projects. The Spaceport Command and Control System (SCCS) project at the Kennedy Space Center (KSC) aims to develop the launch control system for the next generation launch vehicle in the coming decades. There are many ways to increase the security of the network it uses, from vulnerability management to ensuring operating system images are compliant with securely configured baselines recommended by the United States Government.

77 FR 65048 - Privacy Act; System of Records: Personal Property Claims, State-27

Federal Register 2010, 2011, 2012, 2013, 2014

2012-10-24

... cyber security awareness training which covers the procedures for handling Sensitive but Unclassified... Property Claims. SECURITY CLASSIFICATION: Unclassified. SYSTEM LOCATION: Department of State, SA-3, Suite... which can include information such as names, birthdates, social security numbers (SSNs), employee IDs...

Assessing the Security of Connected Diabetes Devices

PubMed Central

Out, Dirk-Jan; Tettero, Olaf

2017-01-01

This article discusses the assessment of the (cyber)security of wirelessly connected diabetes devices under the DTSEC standard. We discuss the relation between diabetes devices and hackers, provide an overview of the DTSEC standard, and describe the process of security assessment of diabetes devices. PMID:28264190

PLAYGROUND: preparing students for the cyber battleground

NASA Astrophysics Data System (ADS)

Nielson, Seth James

2016-12-01

Attempting to educate practitioners of computer security can be difficult if for no other reason than the breadth of knowledge required today. The security profession includes widely diverse subfields including cryptography, network architectures, programming, programming languages, design, coding practices, software testing, pattern recognition, economic analysis, and even human psychology. While an individual may choose to specialize in one of these more narrow elements, there is a pressing need for practitioners that have a solid understanding of the unifying principles of the whole. We created the Playground network simulation tool and used it in the instruction of a network security course to graduate students. This tool was created for three specific purposes. First, it provides simulation sufficiently powerful to permit rigorous study of desired principles while simultaneously reducing or eliminating unnecessary and distracting complexities. Second, it permitted the students to rapidly prototype a suite of security protocols and mechanisms. Finally, with equal rapidity, the students were able to develop attacks against the protocols that they themselves had created. Based on our own observations and student reviews, we believe that these three features combine to create a powerful pedagogical tool that provides students with a significant amount of breadth and intense emotional connection to computer security in a single semester.

Effective Management of Information Security and Privacy

ERIC Educational Resources Information Center

Anderson, Alicia

2006-01-01

No university seems immune to cyber attacks. For many universities, such events have served as wake-up calls to develop a comprehensive information security and privacy strategy. This is no simple task, however. It involves balancing a culture of openness with a need for security and privacy. Security and privacy are not the same, and the…

US-CERT Control System Center Input/Output (I/O) Conceputal Design

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

2005-02-01

This document was prepared for the US-CERT Control Systems Center of the National Cyber Security Division (NCSD) of the Department of Homeland Security (DHS). DHS has been tasked under the Homeland Security Act of 2002 to coordinate the overall national effort to enhance the protection of the national critical infrastructure. Homeland Security Presidential Directive HSPD-7 directs the federal departments to identify and prioritize critical infrastructure and protect it from terrorist attack. The US-CERT National Strategy for Control Systems Security was prepared by the NCSD to address the control system security component addressed in the National Strategy to Secure Cyberspace andmore » the National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. The US-CERT National Strategy for Control Systems Security identified five high-level strategic goals for improving cyber security of control systems; the I/O upgrade described in this document supports these goals. The vulnerability assessment Test Bed, located in the Information Operations Research Center (IORC) facility at Idaho National Laboratory (INL), consists of a cyber test facility integrated with multiple test beds that simulate the nation's critical infrastructure. The fundamental mission of the Test Bed is to provide industry owner/operators, system vendors, and multi-agency partners of the INL National Security Division a platform for vulnerability assessments of control systems. The Input/Output (I/O) upgrade to the Test Bed (see Work Package 3.1 of the FY-05 Annual Work Plan) will provide for the expansion of assessment capabilities within the IORC facility. It will also provide capabilities to connect test beds within the Test Range and other Laboratory resources. This will allow real time I/O data input and communication channels for full replications of control systems (Process Control Systems [PCS], Supervisory Control and Data Acquisition Systems [SCADA], and components). This will be accomplished through the design and implementation of a modular infrastructure of control system, communications, networking, computing and associated equipment, and measurement/control devices. The architecture upgrade will provide a flexible patching system providing a quick ''plug and play''configuration through various communication paths to gain access to live I/O running over specific protocols. This will allow for in-depth assessments of control systems in a true-to-life environment. The full I/O upgrade will be completed through a two-phased approach. Phase I, funded by DHS, expands the capabilities of the Test Bed by developing an operational control system in two functional areas, the Science & Technology Applications Research (STAR) Facility and the expansion of various portions of the Test Bed. Phase II (see Appendix A), funded by other programs, will complete the full I/O upgrade to the facility.« less

Cyber threats within civil aviation

NASA Astrophysics Data System (ADS)

Heitner, Kerri A.

Existing security policies in civil aviation do not adequately protect against evolving cyber threats. Cybersecurity has been recognized as a top priority among some aviation industry leaders. Heightened concerns regarding cyber threats and vulnerabilities surround components utilized in compliance with the Federal Aviation Administration's (FAA) Next Generation Air Transportation (NextGen) implementation. Automated Dependent Surveillance-B (ADS-B) and Electronic Flight Bags (EFB) have both been exploited through the research of experienced computer security professionals. Civil aviation is essential to international infrastructure and if its critical assets were compromised, it could pose a great risk to public safety and financial infrastructure. The purpose of this research was to raise awareness of aircraft system vulnerabilities in order to provoke change among current national and international cybersecurity policies, procedures and standards. Although the education of cyber threats is increasing in the aviation industry, there is not enough urgency when creating cybersecurity policies. This project intended to answer the following questions: What are the cyber threats to ADS-B of an aircraft in-flight? What are the cyber threats to EFB? What is the aviation industry's response to the issue of cybersecurity and in-flight safety? ADS-B remains unencrypted while the FAA's mandate to implement this system is rapidly approaching. The cyber threat of both portable and non-portable EFB's have received increased publicity, however, airlines are not responding quick enough (if at all) to create policies for the use of these devices. Collectively, the aviation industry is not being proactive enough to protect its aircraft or airport network systems. That is not to say there are not leaders in cybersecurity advancement. These proactive organizations must set the standard for the future to better protect society and it's most reliable form of transportation.

QuEST for malware type-classification

NASA Astrophysics Data System (ADS)

Vaughan, Sandra L.; Mills, Robert F.; Grimaila, Michael R.; Peterson, Gilbert L.; Oxley, Mark E.; Dube, Thomas E.; Rogers, Steven K.

2015-05-01

Current cyber-related security and safety risks are unprecedented, due in no small part to information overload and skilled cyber-analyst shortages. Advances in decision support and Situation Awareness (SA) tools are required to support analysts in risk mitigation. Inspired by human intelligence, research in Artificial Intelligence (AI) and Computational Intelligence (CI) have provided successful engineering solutions in complex domains including cyber. Current AI approaches aggregate large volumes of data to infer the general from the particular, i.e. inductive reasoning (pattern-matching) and generally cannot infer answers not previously programmed. Whereas humans, rarely able to reason over large volumes of data, have successfully reached the top of the food chain by inferring situations from partial or even partially incorrect information, i.e. abductive reasoning (pattern-completion); generating a hypothetical explanation of observations. In order to achieve an engineering advantage in computational decision support and SA we leverage recent research in human consciousness, the role consciousness plays in decision making, modeling the units of subjective experience which generate consciousness, qualia. This paper introduces a novel computational implementation of a Cognitive Modeling Architecture (CMA) which incorporates concepts of consciousness. We apply our model to the malware type-classification task. The underlying methodology and theories are generalizable to many domains.

INL Control System Situational Awareness Technology Annual Report 2012

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gordon Rueff; Bryce Wheeler; Todd Vollmer

The overall goal of this project is to develop an interoperable set of tools to provide a comprehensive, consistent implementation of cyber security and overall situational awareness of control and sensor network implementations. The operation and interoperability of these tools will fill voids in current technological offerings and address issues that remain an impediment to the security of control systems. This report provides an FY 2012 update on the Sophia, Mesh Mapper, Intelligent Cyber Sensor, and Data Fusion projects with respect to the year-two tasks and annual reporting requirements of the INL Control System Situational Awareness Technology report (July 2010).

Academic Information Security Researchers: Hackers or Specialists?

PubMed

Dadkhah, Mehdi; Lagzian, Mohammad; Borchardt, Glenn

2018-04-01

In this opinion piece, we present a synopsis of our findings from the last 2 years concerning cyber-attacks on web-based academia. We also present some of problems that we have faced and try to resolve any misunderstandings about our work. We are academic information security specialists, not hackers. Finally, we present a brief overview of our methods for detecting cyber fraud in an attempt to present general guidelines for researchers who would like to continue our work. We believe that our work is necessary for protecting the integrity of scholarly publishing against emerging cybercrime.

Medical cyber-physical systems: A survey.

PubMed

Dey, Nilanjan; Ashour, Amira S; Shi, Fuqian; Fong, Simon James; Tavares, João Manuel R S

2018-03-10

Medical cyber-physical systems (MCPS) are healthcare critical integration of a network of medical devices. These systems are progressively used in hospitals to achieve a continuous high-quality healthcare. The MCPS design faces numerous challenges, including inoperability, security/privacy, and high assurance in the system software. In the current work, the infrastructure of the cyber-physical systems (CPS) are reviewed and discussed. This article enriched the researches of the networked Medical Device (MD) systems to increase the efficiency and safety of the healthcare. It also can assist the specialists of medical device to overcome crucial issues related to medical devices, and the challenges facing the design of the medical device's network. The concept of the social networking and its security along with the concept of the wireless sensor networks (WSNs) are addressed. Afterward, the CPS systems and platforms have been established, where more focus was directed toward CPS-based healthcare. The big data framework of CPSs is also included.

Social Sentiment Sensor in Twitter for Predicting Cyber-Attacks Using ℓ1 Regularization

PubMed Central

Sanchez-Perez, Gabriel; Toscano-Medina, Karina; Martinez-Hernandez, Victor; Olivares-Mercado, Jesus; Sanchez, Victor

2018-01-01

In recent years, online social media information has been the subject of study in several data science fields due to its impact on users as a communication and expression channel. Data gathered from online platforms such as Twitter has the potential to facilitate research over social phenomena based on sentiment analysis, which usually employs Natural Language Processing and Machine Learning techniques to interpret sentimental tendencies related to users’ opinions and make predictions about real events. Cyber-attacks are not isolated from opinion subjectivity on online social networks. Various security attacks are performed by hacker activists motivated by reactions from polemic social events. In this paper, a methodology for tracking social data that can trigger cyber-attacks is developed. Our main contribution lies in the monthly prediction of tweets with content related to security attacks and the incidents detected based on ℓ1 regularization. PMID:29710833

Complex Failure Forewarning System - DHS Conference Proceedings

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Hively, Lee M; Prowell, Stacy J

2011-01-01

As the critical infrastructures of the United States have become more and more dependent on public and private networks, the potential for widespread national impact resulting from disruption or failure of these networks has also increased. Securing the nation s critical infrastructures requires protecting not only their physical systems but, just as important, the cyber portions of the systems on which they rely. A failure is inclusive of random events, design flaws, and instabilities caused by cyber (and/or physical) attack. One such domain, aging bridges, is used to explain the Complex Structure Failure Forewarning System. We discuss the workings ofmore » such a system in the context of the necessary sensors, command and control and data collection as well as the cyber security efforts that would support this system. Their application and the implications of this computing architecture are also discussed, with respect to our nation s aging infrastructure.« less

Forewarning of Failure in Complex Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Hively, Lee M; Prowell, Stacy J

2011-01-01

As the critical infrastructures of the United States have become more and more dependent on public and private networks, the potential for widespread national impact resulting from disruption or failure of these networks has also increased. Securing the nation s critical infrastructures requires protecting not only their physical systems but, just as important, the cyber portions of the systems on which they rely. A failure is inclusive of random events, design flaws, and instabilities caused by cyber (and/or physical) attack. One such domain is failure in critical equipment. A second is aging bridges. We discuss the workings of such amore » system in the context of the necessary sensors, command and control and data collection as well as the cyber security efforts that would support this system. Their application and the implications of this computing architecture are also discussed, with respect to our nation s aging infrastructure.« less

Social Sentiment Sensor in Twitter for Predicting Cyber-Attacks Using ℓ₁ Regularization.

PubMed

Hernandez-Suarez, Aldo; Sanchez-Perez, Gabriel; Toscano-Medina, Karina; Martinez-Hernandez, Victor; Perez-Meana, Hector; Olivares-Mercado, Jesus; Sanchez, Victor

2018-04-29

In recent years, online social media information has been the subject of study in several data science fields due to its impact on users as a communication and expression channel. Data gathered from online platforms such as Twitter has the potential to facilitate research over social phenomena based on sentiment analysis, which usually employs Natural Language Processing and Machine Learning techniques to interpret sentimental tendencies related to users’ opinions and make predictions about real events. Cyber-attacks are not isolated from opinion subjectivity on online social networks. Various security attacks are performed by hacker activists motivated by reactions from polemic social events. In this paper, a methodology for tracking social data that can trigger cyber-attacks is developed. Our main contribution lies in the monthly prediction of tweets with content related to security attacks and the incidents detected based on ℓ 1 regularization.

Situational Awareness of Network System Roles (SANSR)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Huffer, Kelly M; Reed, Joel W

In a large enterprise it is difficult for cyber security analysts to know what services and roles every machine on the network is performing (e.g., file server, domain name server, email server). Using network flow data, already collected by most enterprises, we developed a proof-of-concept tool that discovers the roles of a system using both clustering and categorization techniques. The tool's role information would allow cyber analysts to detect consequential changes in the network, initiate incident response plans, and optimize their security posture. The results of this proof-of-concept tool proved to be quite accurate on three real data sets. Wemore » will present the algorithms used in the tool, describe the results of preliminary testing, provide visualizations of the results, and discuss areas for future work. Without this kind of situational awareness, cyber analysts cannot quickly diagnose an attack or prioritize remedial actions.« less

Cybersecurity: Authoritative Reports and Resources, by Topic

DTIC Science & Technology

2014-02-19

the Department of Defense’s cyber and information assurance budget for FY2012 and future years defense spending. The objectives of this review...Vivian S . Chu 1 For information on legislation and hearings in the 112th-123th Congresses, and ...identified.” America’s Cyber Future : Security and Prosperity in the Information Age Center for a New American

High-Assurance Spiral

DTIC Science & Technology

2017-11-01

Public Release; Distribution Unlimited. PA# 88ABW-2017-5388 Date Cleared: 30 OCT 2017 13. SUPPLEMENTARY NOTES 14. ABSTRACT Cyber- physical systems... physical processes that interact in intricate manners. This makes verification of the software complex and unwieldy. In this report, an approach towards...resulting implementations. 15. SUBJECT TERMS Cyber- physical systems, Formal guarantees, Code generation 16. SECURITY CLASSIFICATION OF: 17

Cyber Exercise Playbook

DTIC Science & Technology

2014-11-01

unclassified tools and techniques that can be shared with PNs, to include social engineering, spear phishing , fake web sites, physical access attempts, and...and instead rely on commercial services such as Yahoo or Google . Some nations have quite advanced cyber security practices, but may take vastly...unauthorized access to data/systems Inject external network scanning, email phishing , malicious website access, social engineering Sample

78 FR 11631 - Reserve Forces Policy Board (RFPB); Notice of Federal Advisory Committee Meeting

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-19

... meeting will consist of remarks from the Commander of U.S. Southern Command, the Commander of U.S. Cyber.... Commander, USCYBERCOM, has been invited to discuss his views on the increased emphasis placed on cyber security and the logical mission fit for Reserve Component members. Meeting Accessibility: Pursuant to 5 U...

Cyberspace Superiority: Dominating the Digital Frontier

DTIC Science & Technology

2014-01-01

2009/07/137_48261.html. 9 Lolita Baldor, “White House among targets of cyber attack: Other targets included NSA, Homeland Security and State...attackers appeared not to get the results for 10 Lolita Baldor, "White House among targets of cyber...Communications Commission (KCC) order service providers to deny access to 30,000 13 Lolita Baldor, "US

75 FR 881 - Meeting of Advisory Committee on International Communications and Information Policy

Federal Register 2010, 2011, 2012, 2013, 2014

2010-01-06

... development issues, international spectrum requirements and harmonization, cyber-security, and data protection... will discuss key issues of importance to U.S. communications policy interests including future... Bureau of Diplomatic Security to enhance the Department's security by tracking visitor traffic and to...

DOE Office of Scientific and Technical Information (OSTI.GOV)

McKinnon, Archibald D.; Thompson, Seth R.; Doroshchuk, Ruslan A.

mart grid technologies are transforming the electric power grid into a grid with bi-directional flows of both power and information. Operating millions of new smart meters and smart appliances will significantly impact electric distribution systems resulting in greater efficiency. However, the scale of the grid and the new types of information transmitted will potentially introduce several security risks that cannot be addressed by traditional, centralized security techniques. We propose a new bio-inspired cyber security approach. Social insects, such as ants and bees, have developed complex-adaptive systems that emerge from the collective application of simple, light-weight behaviors. The Digital Ants frameworkmore » is a bio-inspired framework that uses mobile light-weight agents. Sensors within the framework use digital pheromones to communicate with each other and to alert each other of possible cyber security issues. All communication and coordination is both localized and decentralized thereby allowing the framework to scale across the large numbers of devices that will exist in the smart grid. Furthermore, the sensors are light-weight and therefore suitable for implementation on devices with limited computational resources. This paper will provide a brief overview of the Digital Ants framework and then present results from test bed-based demonstrations that show that Digital Ants can identify a cyber attack scenario against smart meter deployments.« less

78 FR 46997 - Agency Information Collection Activities: Submission for Review; Information Collection Request...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-08-02

... (DHS), Science and Technology, CyberForensics Electronic Technology Clearinghouse (CyberFETCH) Program... public to comment on data collection forms for the CyberForensics Electronic Technology Clearinghouse... for providing a collaborative environment for cyber forensics practitioners from law enforcement...

Interval forecasting of cyber-attacks on industrial control systems

NASA Astrophysics Data System (ADS)

Ivanyo, Y. M.; Krakovsky, Y. M.; Luzgin, A. N.

2018-03-01

At present, cyber-security issues of industrial control systems occupy one of the key niches in a state system of planning and management Functional disruption of these systems via cyber-attacks may lead to emergencies related to loss of life, environmental disasters, major financial and economic damage, or disrupted activities of cities and settlements. There is then an urgent need to develop protection methods against cyber-attacks. This paper studied the results of cyber-attack interval forecasting with a pre-set intensity level of cyber-attacks. Interval forecasting is the forecasting of one interval from two predetermined ones in which a future value of the indicator will be obtained. For this, probability estimates of these events were used. For interval forecasting, a probabilistic neural network with a dynamic updating value of the smoothing parameter was used. A dividing bound of these intervals was determined by a calculation method based on statistical characteristics of the indicator. The number of cyber-attacks per hour that were received through a honeypot from March to September 2013 for the group ‘zeppo-norcal’ was selected as the indicator.

75 FR 63867 - DTE Energy; Enrico Fermi Atomic Power Plant Unit 1, Exemption From Certain Security Requirements

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-18

... procedures, physical security plan, guard training and qualification plan, or cyber security plan for the... Power Plant Unit 1, Exemption From Certain Security Requirements 1.0 Background DTE Energy (DTE) is the... atmospheric pressure. In November 1972, the Power Reactor Development Company (PRDC), the licensee at that...

Superstorm Sandy: Implications For Designing A PostCyber Attack Power Restoration System

DTIC Science & Technology

2016-03-31

for such progress. Phillip Allison, “ Cloak and Secure Your Critical Infrastructure, ICS and SCADA Systems: Building Security into Your Industrial...TechSvcs/Multi-stateFleetResponseWorkshopReport-02-21-13.pdf. Allison, Phillip. “ Cloak and Secure Your Critical Infrastructure, ICS and SCADA Systems

Under Secretary of Defense for Policy > Home

Science.gov Websites

Weapons of Mass Destruction Cyber Policy Space Policy ASD for International Security Affairs ASD for collapse content Assistant Secretary of Defense Robert Karem ASD for International Security Affairs Randall Assistant Secretary of Defense Katie Wheelbarger PDASD for International Security Affairs David Helvey PDASD

DOE Office of Scientific and Technical Information (OSTI.GOV)

Billings, Jay J.; Bonior, Jason D.; Evans, Philip G.

Securely transferring timing information in the electrical grid is a critical component of securing the nation's infrastructure from cyber attacks. One solution to this problem is to use quantum information to securely transfer the timing information across sites. This software provides such an infrastructure using a standard Java webserver that pulls the quantum information from associated hardware.

75 FR 23755 - Combined Notice of Filings #1

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-04

... securities filings: Docket Numbers: ES10-35-000. Applicants: American Transmission Company LLC, ATC... Reliability Corporation for Approval of Interpretation to Reliability Standard CIP- 001--Cyber Security... Corporation for Approval of Interpretation to Reliability Standard [[Page 23756

75 FR 9622 - Southern Nuclear Operating Company, Inc.; Vogtle Electric Generating Plant, Units 1 and 2; Exemption

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-03

... requirements similar to those previously imposed by Commission orders issued after the terrorist attacks of... Security Plan, Training and Qualification Plan, Safeguards Contingency Plan, and Cyber Security Plan...

CyberMedVPS: visual programming for development of simulators.

PubMed

Morais, Aline M; Machado, Liliane S

2011-01-01

Computer applications based on Virtual Reality (VR) has been outstanding in training and teaching in the medical filed due to their ability to simulate realistic in which users can practice skills and decision making in different situations. But was realized in these frameworks a hard interaction of non-programmers users. Based on this problematic will be shown the CyberMedVPS, a graphical module which implement Visual Programming concepts to solve an interaction trouble. Frameworks to develop such simulators are available but their use demands knowledge of programming. Based on this problematic will be shown the CyberMedVPS, a graphical module for the CyberMed framework, which implements Visual Programming concepts to allow the development of simulators by non-programmers professionals of the medical field.

An analytic approach to cyber adversarial dynamics

NASA Astrophysics Data System (ADS)

Sweeney, Patrick; Cybenko, George

2012-06-01

To date, cyber security investment by both the government and commercial sectors has been largely driven by the myopic best response of players to the actions of their adversaries and their perception of the adversarial environment. However, current work in applying traditional game theory to cyber operations typically assumes that games exist with prescribed moves, strategies, and payos. This paper presents an analytic approach to characterizing the more realistic cyber adversarial metagame that we believe is being played. Examples show that understanding the dynamic metagame provides opportunities to exploit an adversary's anticipated attack strategy. A dynamic version of a graph-based attack-defend game is introduced, and a simulation shows how an optimal strategy can be selected for success in the dynamic environment.

A Probabilistic Risk Mitigation Model for Cyber-Attacks to PMU Networks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mousavian, Seyedamirabbas; Valenzuela, Jorge; Wang, Jianhui

The power grid is becoming more dependent on information and communication technologies. Complex networks of advanced sensors such as phasor measurement units (PMUs) are used to collect real time data to improve the observability of the power system. Recent studies have shown that the power grid has significant cyber vulnerabilities which could increase when PMUs are used extensively. Therefore, recognizing and responding to vulnerabilities are critical to the security of the power grid. This paper proposes a risk mitigation model for optimal response to cyber-attacks to PMU networks. We model the optimal response action as a mixed integer linear programmingmore » (MILP) problem to prevent propagation of the cyber-attacks and maintain the observability of the power system.« less

Cyber Situation Awareness through Instance-Based Learning: Modeling the Security Analyst in a Cyber-Attack Scenario

DTIC Science & Technology

2012-01-01

Chocolate Avenue Hershey PA 17033 Tel: 717-533-8845 Fax: 717-533-8661 E-mail: cust@igi-global.com Web site: http://www.igi-global.com Copyright © 2011...Lawrence Erlbaum Associates. Anderson, J. R., & Lebiere, C. (2003). The New- ell test for a theory of mind. The Behavioral and Brain Sciences, 26(5

A Cyber Situational Awareness Model for Network Administrators

DTIC Science & Technology

2017-03-01

environments, the Internet of Things, artificial intelligence , and so on. As users’ data requirements grow more complex, they demand information...security of systems of interest. Further, artificial intelligence is a powerful concept in information technology. Therefore, new research should...look into how to use artificial intelligence to develop CSA. Human interaction with cyber systems is not making networks and their components safer

Power Projection in the Digital Age: The Only Winning Move is to Play

DTIC Science & Technology

2017-12-21

and compromise or corrupt sensitive information. Without a corresponding cybersecurity focus to complement our developing physical capabilities...industry, and academia to participate in a series of cyber- security roundtables. These experts included heads of cybersecurity firms, Chief...cyber-degraded environments. These cybersecurity roundtables are now biannual events, designed to continuously expand the Command’s perspective and

Department of Homeland Security Cyber Resilience Review (Case Study)

DTIC Science & Technology

2014-01-23

operational stress and c-Ues. TheCRRseek:stoelidtthecurrentstateof cyber seruritymanagementpracticesfromkeyc.yber .securitypersonnel...Institutionalization in the CRR Processes  are   acculturated ,   defined,   measured,   and   governed   Maturity indictor levels (MIL) are used in...processes that •  produce consistent results over time •  are retained during times of stress Level 0-Incomplete Level 1-Performed Level 2

CYBER DETERRENCE

DTIC Science & Technology

2016-02-11

directed.36 Protected systems operating on secure networks will weigh into the adversaries calculus of risk and cost of their actions versus this... calculus deterring them from attack. Our extended defense with forts and lookouts searching outside the perimeter providing current intelligence of any...Last accessed 30 January 2016). 51 Phil Stewart , U.S. Defense Chief says pre-emptive action possible over cyber threat, Oct 11, 2012, http

Propagating Mixed Uncertainties in Cyber Attacker Payoffs: Exploration of Two-Phase Monte Carlo Sampling and Probability Bounds Analysis

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chatterjee, Samrat; Tipireddy, Ramakrishna; Oster, Matthew R.

Securing cyber-systems on a continual basis against a multitude of adverse events is a challenging undertaking. Game-theoretic approaches, that model actions of strategic decision-makers, are increasingly being applied to address cybersecurity resource allocation challenges. Such game-based models account for multiple player actions and represent cyber attacker payoffs mostly as point utility estimates. Since a cyber-attacker’s payoff generation mechanism is largely unknown, appropriate representation and propagation of uncertainty is a critical task. In this paper we expand on prior work and focus on operationalizing the probabilistic uncertainty quantification framework, for a notional cyber system, through: 1) representation of uncertain attacker andmore » system-related modeling variables as probability distributions and mathematical intervals, and 2) exploration of uncertainty propagation techniques including two-phase Monte Carlo sampling and probability bounds analysis.« less

Using cyber vulnerability testing techniques to expose undocumented security vulnerabilities in DCS and SCADA equipment

DOE Office of Scientific and Technical Information (OSTI.GOV)

Pollet, J.

2006-07-01

This session starts by providing an overview of typical DCS (Distributed Control Systems) and SCADA (Supervisory Control and Data Acquisition) architectures, and exposes cyber security vulnerabilities that vendors never admit, but are found through a comprehensive cyber testing process. A complete assessment process involves testing all of the layers and components of a SCADA or DCS environment, from the perimeter firewall all the way down to the end devices controlling the process, including what to look for when conducting a vulnerability assessment of real-time control systems. The following systems are discussed: 1. Perimeter (isolation from corporate IT or other non-criticalmore » networks) 2. Remote Access (third Party access into SCADA or DCS networks) 3. Network Architecture (switch, router, firewalls, access controls, network design) 4. Network Traffic Analysis (what is running on the network) 5. Host Operating Systems Hardening 6. Applications (how they communicate with other applications and end devices) 7. End Device Testing (PLCs, RTUs, DCS Controllers, Smart Transmitters) a. System Discovery b. Functional Discovery c. Attack Methodology i. DoS Tests (at what point does the device fail) ii. Malformed Packet Tests (packets that can cause equipment failure) iii. Session Hijacking (do anything that the operator can do) iv. Packet Injection (code and inject your own SCADA commands) v. Protocol Exploitation (Protocol Reverse Engineering / Fuzzing) This paper will provide information compiled from over five years of conducting cyber security testing on control systems hardware, software, and systems. (authors)« less

A Survey on Security and Privacy in Emerging Sensor Networks: From Viewpoint of Close-Loop.

PubMed

Zhang, Lifu; Zhang, Heng

2016-03-26

Nowadays, as the next generation sensor networks, Cyber-Physical Systems (CPSs) refer to the complex networked systems that have both physical subsystems and cyber components, and the information flow between different subsystems and components is across a communication network, which forms a closed-loop. New generation sensor networks are found in a growing number of applications and have received increasing attention from many inter-disciplines. Opportunities and challenges in the design, analysis, verification and validation of sensor networks co-exists, among which security and privacy are two important ingredients. This paper presents a survey on some recent results in the security and privacy aspects of emerging sensor networks from the viewpoint of the closed-loop. This paper also discusses several future research directions under these two umbrellas.

IEC 61850: Technology Standards and Cyber-Security Threats

DOE Office of Scientific and Technical Information (OSTI.GOV)

Youssef, Tarek A; El Hariri, mohamed; Bugay, Nicole

Substations constitute a fundamental part in providing reliable electricity to consumers. For a substation to maintain electricity reliability and its own real-time operability, communication between its components is inevitable. Before the emergence of IEC 61850, inter-substation communication was established via expensive copper wires with limited capabilities. IEC 61850 is the standard set by the International Electrotechnical Commission (IEC) Technical Committee Number 57 Working Group 10 and IEEE for Ethernet (IEEE 802.3)-based communication in electrical substations. Like many power grid systems standards, IEC 61850 was set without extensive consideration for critical security measures. This paper discusses IEC 61850 technology standards andmore » applications thoroughly and points out major security vulnerabilities it introduces in the context of current cyber-physical smart grid systems.« less

Coming Soon: More Cyber Careers?

Science.gov Websites

exploring the possibility of creating a cyber career field for Army civilians," Lt. Gen. Edward C Programs and Posture," April 14. Establishing a cyber career management field for civilians may be working to implement a cyber career management field for enlisted personnel that will encompass accessions

75 FR 2187 - Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2010-01-14

... Review: New collection. Title: Authorized Cyber Assistant Host Application. Form: Not yet assigned. Description: The form is used by a business to apply to become an Authorized Cyber Assistant Host. Information... become a Cyber Assistant Host. Cyber Assistant is a software program that assists in the preparation of...

Development of a CRAY 1 version of the SINDA program. [thermo-structural analyzer program

NASA Technical Reports Server (NTRS)

Juba, S. M.; Fogerson, P. E.

1982-01-01

The SINDA thermal analyzer program was transferred from the UNIVAC 1110 computer to a CYBER And then to a CRAY 1. Significant changes to the code of the program were required in order to execute efficiently on the CYBER and CRAY. The program was tested on the CRAY using a thermal math model of the shuttle which was too large to run on either the UNIVAC or CYBER. An effort was then begun to further modify the code of SINDA in order to make effective use of the vector capabilities of the CRAY.

Disruptive Ideas for Power Grid Security and Resilience With DER

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ibrahim, Erfan

This presentation by Erfan Ibrahim was prepared for NREL's 2017 Cybersecurity and Reslience Workshop on distributed energy resource (DER) best practices. The presentation provides an overview of NREL's Cyber-Physical Systems Security and Resilience R&D Center, the Center's approach to cybersecurity, and disruptive ideas for power grid security and resilience with DER.

Improving the redistribution of the security lessons in healthcare: An evaluation of the Generic Security Template.

PubMed

He, Ying; Johnson, Chris

2015-11-01

The recurrence of past security breaches in healthcare showed that lessons had not been effectively learned across different healthcare organisations. Recent studies have identified the need to improve learning from incidents and to share security knowledge to prevent future attacks. Generic Security Templates (GSTs) have been proposed to facilitate this knowledge transfer. The objective of this paper is to evaluate whether potential users in healthcare organisations can exploit the GST technique to share lessons learned from security incidents. We conducted a series of case studies to evaluate GSTs. In particular, we used a GST for a security incident in the US Veterans' Affairs Administration to explore whether security lessons could be applied in a very different Chinese healthcare organisation. The results showed that Chinese security professional accepted the use of GSTs and that cyber security lessons could be transferred to a Chinese healthcare organisation using this approach. The users also identified the weaknesses and strengths of GSTs, providing suggestions for future improvements. Generic Security Templates can be used to redistribute lessons learned from security incidents. Sharing cyber security lessons helps organisations consider their own practices and assess whether applicable security standards address concerns raised in previous breaches in other countries. The experience gained from this study provides the basis for future work in conducting similar studies in other healthcare organisations. Copyright © 2015 Elsevier Ireland Ltd. All rights reserved.

77 FR 49029 - Excepted Service

Federal Register 2010, 2011, 2012, 2013, 2014

2012-08-15

... the Special DD120075 6/1/2012 Assistant Assistant(Cyber Secretary of Policy). Defense, Global... for Legislation. Department of Homeland Security. Office of the Chief Special Assistant.. DM120131 6/1... Security, Issues. Democracy and Human Rights. Department of Transportation.... Secretary Special Assistant...

78 FR 45255 - Homeland Security Science and Technology Advisory Committee (HSSTAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-26

..., cyber-security, knowledge management and how best to leverage related technologies funded by other... duties. This determination follows consultation with the Committee Management Secretariat, General..., management processes, and organizational constructs as needed. Upon request, the committee provides...

SPYING FOR THE RIGHT REASONS: CONTESTED NORMS IN CYBERSPACE

DTIC Science & Technology

2017-04-06

the organizational built up of the German Cyber Command. iii Abstract When former National Security Agency contractor Edward Snowden...Introduction In June 2013, former National Security Agency (NSA) contractor Edward Snowden revealed that the United States was spying on 122

Finding Malicious Cyber Discussions in Social Media

DTIC Science & Technology

2016-02-02

the author and are not necessarily endorsed by the United States Government. media discussions). This process is labor intensive and some- times...Twitter tweets [Twit- ter, 2016] provides some useful evidence that a vulnerability listed in the National Vulnerability Database (NVD) [NIST, 2017] base ...sifiers, we used a keyword- based approach that had been developed by security analysts to detect cyber discussions. This approach searches for 200

Cyber-Defense Return on Investment for NAVFAC Energy Technologies

DTIC Science & Technology

2017-12-01

Stakeholder input is important to properly develop a tool that reflects the legitimate concerns of those who routinely design , operate, and use control ...cybersecurity results with no control system network connectivity at all. Both are extreme scenarios, unless electrical engineers can design a...support of a Department of Defense (DOD) effort to improve cyber- security in relation to DOD installation control systems. Space and Naval Warfare

Integrated Cyber Defenses: Towards Cyber Defense Doctrine

DTIC Science & Technology

2007-12-01

National Security Affairs Department) Professor Dorothy Denning (Defense Analysis Department) To select NPS Instructors for teaching me how to...asymmetric battlefield advantage to get inside adversary decision cycles to shorten the “kill chain.” As a force multiplier, NCW continues to...the] number of [network] events is increasing.6 Therefore, the DoD and each U.S. military service faces the daunting challenge of determining how

Federating Cyber and Physical Models for Event-Driven Situational Awareness

DOE Office of Scientific and Technical Information (OSTI.GOV)

Stephan, Eric G.; Pawlowski, Ronald A.; Sridhar, Siddharth

The purpose of this paper is to describe a novel method to improve electric power system monitoring and control software application interoperability. This method employs the concept of federation, which is defined as the use of existing models that represent aspects of a system in specific domains (such as physical and cyber security domains) and building interface to link all of domain models.

On Glitchkriege: Strategy in the Cyber-Age

DTIC Science & Technology

2013-06-01

ON GLITCHKRIEGE: Strategy in the Cyber-Age BY LIEUTENANT-COLONEL WILLIAM DUPUY FRENCH AIR FORCE A THESIS PRESENTED TO THE...3 ABOUT THE AUTHOR Lieutenant-Colonel William Dupuy entered the French Air Force Academy in 1995 as an engineering officer and graduated in...Lieutenant-Colonel William Dupuy owns an engineering degree from the French Air Force Academy, a master’s degree from the Information Security Training

Improvements of cyberspace and effects to the battlefield

NASA Astrophysics Data System (ADS)

Gedıklı, Münir

2014-06-01

Wars previously being executed at land and sea have also become applicable in air and space due to the advancements of aircraft and satellite systems. Rapid improvements in information technologies have triggered the concept of cyberspace which is considered as the fifth dimension of war. While transferring information quickly from physical area to electronic/digital area, cyberspace has caused to emerge a lot of threats and methods like cyber-attack, cyber-crime, cyber war which are spreading too rapidly. Individuals, institutions and establishments have begun to take their own cyber security precautions to cope with these threats. This study gives information about the concepts and advances on cyberspace in order to raise comprehensive awareness. The study also focuses on the effects of these improvements in the battlefield, and analyzes them.

Threats and risks to information security: a practical analysis of free access wireless networks

NASA Astrophysics Data System (ADS)

Quirumbay, Daniel I.; Coronel, Iván. A.; Bayas, Marcia M.; Rovira, Ronald H.; Gromaszek, Konrad; Tleshova, Akmaral; Kozbekova, Ainur

2017-08-01

Nowadays, there is an ever-growing need to investigate, consult and communicate through the internet. This need leads to the intensification of free access to the web in strategic and functional points for the benefit of the community. However, this open access is also related to the increase of information insecurity. The existing works on computer security primarily focus on the development of techniques to reduce cyber-attacks. However, these approaches do not address the sector of inexperienced users who have difficulty understanding browser settings. Two methods can solve this problem: first the development of friendly browsers with intuitive setups for new users and on the other hand, by implementing awareness programs on essential security without deepening on technical information. This article addresses an analysis of the vulnerabilities of wireless equipment that provides internet service in the open access zones and the potential risks that could be found when using these means.

76 FR 4928 - National Advisory Council

Federal Register 2010, 2011, 2012, 2013, 2014

2011-01-27

... individuals with disabilities and other special needs, infrastructure protection, cyber security..., Emergency Response, Health Scientist, Standard Settings, Infrastructure Protection, Communications...

A comprehensive Network Security Risk Model for process control networks.

PubMed

Henry, Matthew H; Haimes, Yacov Y

2009-02-01

The risk of cyber attacks on process control networks (PCN) is receiving significant attention due to the potentially catastrophic extent to which PCN failures can damage the infrastructures and commodity flows that they support. Risk management addresses the coupled problems of (1) reducing the likelihood that cyber attacks would succeed in disrupting PCN operation and (2) reducing the severity of consequences in the event of PCN failure or manipulation. The Network Security Risk Model (NSRM) developed in this article provides a means of evaluating the efficacy of candidate risk management policies by modeling the baseline risk and assessing expectations of risk after the implementation of candidate measures. Where existing risk models fall short of providing adequate insight into the efficacy of candidate risk management policies due to shortcomings in their structure or formulation, the NSRM provides model structure and an associated modeling methodology that captures the relevant dynamics of cyber attacks on PCN for risk analysis. This article develops the NSRM in detail in the context of an illustrative example.

Perspectives on Cybersecurity Information Sharing among Multiple Stakeholders Using a Decision-Theoretic Approach.

PubMed

He, Meilin; Devine, Laura; Zhuang, Jun

2018-02-01

The government, private sectors, and others users of the Internet are increasingly faced with the risk of cyber incidents. Damage to computer systems and theft of sensitive data caused by cyber attacks have the potential to result in lasting harm to entities under attack, or to society as a whole. The effects of cyber attacks are not always obvious, and detecting them is not a simple proposition. As the U.S. federal government believes that information sharing on cybersecurity issues among organizations is essential to safety, security, and resilience, the importance of trusted information exchange has been emphasized to support public and private decision making by encouraging the creation of the Information Sharing and Analysis Center (ISAC). Through a decision-theoretic approach, this article provides new perspectives on ISAC, and the advent of the new Information Sharing and Analysis Organizations (ISAOs), which are intended to provide similar benefits to organizations that cannot fit easily into the ISAC structure. To help understand the processes of information sharing against cyber threats, this article illustrates 15 representative information sharing structures between ISAC, government, and other participating entities, and provide discussions on the strategic interactions between different stakeholders. This article also identifies the costs of information sharing and information security borne by different parties in this public-private partnership both before and after cyber attacks, as well as the two main benefits. This article provides perspectives on the mechanism of information sharing and some detailed cost-benefit analysis. © 2017 Society for Risk Analysis.

A Survey on Security and Privacy in Emerging Sensor Networks: From Viewpoint of Close-Loop

PubMed Central

Zhang, Lifu; Zhang, Heng

2016-01-01

Nowadays, as the next generation sensor networks, Cyber-Physical Systems (CPSs) refer to the complex networked systems that have both physical subsystems and cyber components, and the information flow between different subsystems and components is across a communication network, which forms a closed-loop. New generation sensor networks are found in a growing number of applications and have received increasing attention from many inter-disciplines. Opportunities and challenges in the design, analysis, verification and validation of sensor networks co-exists, among which security and privacy are two important ingredients. This paper presents a survey on some recent results in the security and privacy aspects of emerging sensor networks from the viewpoint of the closed-loop. This paper also discusses several future research directions under these two umbrellas. PMID:27023559

Security Information and Event Management Tools and Insider Threat Detection

DTIC Science & Technology

2013-09-01

Orebaugh, A., Scholl , M., & Stine, K. (2011, September). Information security continuous monitoring (ISCM) for federal information systems and...E., Conway, T., Keverline, S., Williams , M., Capelli, D., Willke, B., & Moore, A. (2008, January). Insider threat study: illicit cyber activity in

DETERMINING ELECTRONIC AND CYBER ATTACK RISK LEVEL FOR UNMANNED AIRCRAFT IN A CONTESTED ENVIRONMENT

DTIC Science & Technology

2016-08-01

AIR COMMAND AND STAFF COLLEGE AIR UNIVERSITY DETERMINING ELECTRONIC AND CYBER ATTACK RISK LEVEL FOR UNMANNED AIRCRAFT IN A CONTESTED ENVIRONMENT...iii ABSTRACT During operations in a contested air environment, adversary electronic warfare (EW) and cyber-attack capability will pose a high...10 Russian Federation Electronic Warfare Systems ...................................................12 Chinese Cyber Warfare Program

Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hadley, Mark D.; Clements, Samuel L.

2009-01-01

Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets aremore » considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.« less

Economic Analysis of Cyber Security

DTIC Science & Technology

2006-07-01

vulnerability databases and track the number of incidents reported by U.S. organizations. Many of these are private organizations, such as the security...VULNERABILITY AND ATTACK ESTIMATES Numerous organizations compile vulnerability databases and patch information, and track the number of reported incidents... database / security focus Databases of vulnerabilities identifying the software versions that are susceptible, including information on the method of

The Case for Inclusion of Competitive Teams in Security Education

ERIC Educational Resources Information Center

Serapiglia, Anthony

2016-01-01

Through industry news as well as contemporary reporting, the topic of computer security has become omnipresent in our daily lives. Whether the news is about corporate data breaches, international cyber espionage, or personal data compromises and identity theft--EVERYONE has had to deal with digital security in some way. Because of this, one of the…

Student Reports of Bullying and Cyber-Bullying: Results from the 2007 School Crime Supplement to the National Crime Victimization Survey. Web Tables. NCES 2011-316

ERIC Educational Resources Information Center

DeVoe, Jill; Murphy, Christina

2011-01-01

These Web Tables use data from the 2007 School Crime Supplement (SCS) to the National Crime Victimization Survey (NCVS) to show the relationship between bullying and cyber-bullying victimization and other variables of interest such as the reported presence of gangs, guns, drugs, and alcohol at school; select school security measures; student…

A Video Game for Cyber Security Training and Awareness

DTIC Science & Technology

2006-01-01

potentially mundane. Video games have been proposed as an engaging training vehicle (Prenski, 2001). Here we describe a video game-like tool called Cyber- CIEGE...formation assurance, and information assurance technolo- gists with little background in video games . Early focus was on establishing a language that... video games or adventure games appear more inclined to explorethe game, sometimes proceeding beyond the simple aware- ness scenarios into more

Service Through Cyberspace Science: 262nd Network Warfare Squadron

Science.gov Websites

. The 252nd Group was recently reorganized as a Cyber Operations Group, making it one of the first Air Activity Cyber security is one of the top priorities of the U.S. armed forces today. It takes a special group of people with a special set of skills to ensure American cyberspace remains defended at all times

Cyber Federalism: Defining Cybers Jurisdictional Boundaries

DTIC Science & Technology

2017-12-01

American people .”301 Based on lessons learned from other homeland security missions, multi-government incident management works best when the federal...Jefferson, who believed that the states should maintain power or else Americans risked reliving the tyranny they fled in Europe.10 On the other...states, are reserved to the states respectively, or to the people ,” did not provide adequate protection for state sovereignty.23 However, Yates failed to

Preparing for the Cyber Battleground of the Future

DTIC Science & Technology

2015-12-01

market . 23. Cade Metz, “Mavericks Invent Future Internet Where Cisco Is Meaningless,” Wired, 16 April 2012, http://www.wired.com/2012/04/nicira/; and...growing due to the cyberspace domain’s exponential nature, the trajectory of market forces in the civilian world, and the strategic integration by...consumers also seem to not yet be dissuaded by security concerns. Market -Driven Cyber Dependency These characteristics and conditions present a paradox

DOE Office of Scientific and Technical Information (OSTI.GOV)

Okhravi, Hamed; Sheldon, Frederick T.; Haines, Joshua

Data diodes provide protection of critical cyber assets by the means of physically enforcing traffic direction on the network. In order to deploy data diodes effectively, it is imperative to understand the protection they provide, the protection they do not provide, their limitations, and their place in the larger security infrastructure. In this work, we study data diodes, their functionalities and limitations. We then propose two critical infrastructure systems that can benefit from the additional protection offered by data diodes: process control networks and net-centric cyber decision support systems. We review the security requirements of these systems, describe the architectures,more » and study the trade-offs. Finally, the architectures are evaluated against different attack patterns.« less

Information Measures of Degree Distributions with an Application to Labeled Graphs

DOE Office of Scientific and Technical Information (OSTI.GOV)

Joslyn, Cliff A.; Purvine, Emilie AH

2016-01-11

The problem of describing the distribution of labels over a set of objects is relevant to many domains. For example: cyber security, social media, and protein interactions all care about the manner in which labels are distributed among different objects. In this paper we present three interacting statistical measures on label distributions, inspired by entropy and information theory. Labeled graphs are discussed as a specific case of labels distributed over a set of edges. We describe a use case in cyber security using a labeled directed multi-graph of IPFLOW. Finally we show how these measures respond when labels are updatedmore » in certain ways.« less

Shopping For Danger: E-commerce techniques applied to collaboration in cyber security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bruce, Joseph R.; Fink, Glenn A.

Collaboration among cyber security analysts is essential to a successful protection strategy on the Internet today, but it is uncommonly practiced or encouraged in operating environments. Barriers to productive collaboration often include data sensitivity, time and effort to communicate, institutional policy, and protection of domain knowledge. We propose an ambient collaboration framework, Vulcan, designed to remove the barriers of time and effort and mitigate the others. Vulcan automated data collection, collaborative filtering, and asynchronous dissemination, eliminating the effort implied by explicit collaboration among peers. We instrumented two analytic applications and performed a mock analysis session to build a dataset andmore » test the output of the system.« less

Improving Control System Cyber-State Awareness using Known Secure Sensor Measurements

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ondrej Linda; Milos Manic; Miles McQueen

Abstract—This paper presents design and simulation of a low cost and low false alarm rate method for improved cyber-state awareness of critical control systems - the Known Secure Sensor Measurements (KSSM) method. The KSSM concept relies on physical measurements to detect malicious falsification of the control systems state. The KSSM method can be incrementally integrated with already installed control systems for enhanced resilience. This paper reviews the previously developed theoretical KSSM concept and then describes a simulation of the KSSM system. A simulated control system network is integrated with the KSSM components. The effectiveness of detection of various intrusion scenariosmore » is demonstrated on several control system network topologies.« less

78 FR 32476 - Advisory Committee on Reactor Safeguards (ACRS); Meeting of the ACRS Subcommittee on Digital I&C...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-30

..., June 4, 2013--1:00 p.m. Until 5:00 p.m. The Subcommittee will review and discuss all cyber security... Flint North building, 11555 Rockville Pike, Rockville, MD. After registering with security, please...

Smartphone and mobile phone security for the clinician.

PubMed

Barber, Harry

2016-08-02

Smartphones are near ubiquitous and widely used by doctors in discussing patients. In all communication doctors should take steps to protect confidentiality, yet there is a paucity of available information on how clinicians can bolster cyber security and minimize risk when using their mobile phone.

75 FR 70342 - Privacy Act; System of Records: Equal Employment Opportunity Records

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-17

... users are given cyber security awareness training which covers the procedures for handling Sensitive but.... State-09 SYSTEM NAME: Equal Employment Opportunity Records. SECURITY CLASSIFICATION: Unclassified... apply to the Equal Employment Opportunity Records, State-09. DISCLOSURE TO CONSUMER REPORTING AGENCIES...

Sandia National Laboratories: Malware Technical Exchange Meeting (MTEM)

Science.gov Websites

Cyber & Infrastructure Security Global Security Remote Sensing & Verification Research Research Against Malware Detection of Malware Malware Research Malware in Mobile Devices Malware Attack Trends Malware Malware Research Malware in Mobile Devices Malware Attack Trends Success Stories of COTS Products

An Ontology for Identifying Cyber Intrusion Induced Faults in Process Control Systems

NASA Astrophysics Data System (ADS)

Hieb, Jeffrey; Graham, James; Guan, Jian

This paper presents an ontological framework that permits formal representations of process control systems, including elements of the process being controlled and the control system itself. A fault diagnosis algorithm based on the ontological model is also presented. The algorithm can identify traditional process elements as well as control system elements (e.g., IP network and SCADA protocol) as fault sources. When these elements are identified as a likely fault source, the possibility exists that the process fault is induced by a cyber intrusion. A laboratory-scale distillation column is used to illustrate the model and the algorithm. Coupled with a well-defined statistical process model, this fault diagnosis approach provides cyber security enhanced fault diagnosis information to plant operators and can help identify that a cyber attack is underway before a major process failure is experienced.

IT-Adventures: A Program to Spark IT Interest in High School Students Using Inquiry-Based Learning with Cyber Defense, Game Design, and Robotics

ERIC Educational Resources Information Center

Rursch, Julie A.; Luse, Andy; Jacobson, Doug

2010-01-01

The IT-Adventures program is dedicated to increasing interest in and awareness of information technology among high school students using inquiry-based learning focused on three content areas: cyber defense, game design programming, and robotics. The program combines secondary, post-secondary, and industry partnerships in educational programming,…

Consequence Prioritization Process for Potential High Consequence Events (HCE)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Freeman, Sarah G.

2016-10-31

This document describes the process for Consequence Prioritization, the first phase of the Consequence-Driven Cyber-Informed Engineering (CCE) framework. The primary goal of Consequence Prioritization is to identify potential disruptive events that would significantly inhibit an organization’s ability to provide the critical services and functions deemed fundamental to their business mission. These disruptive events, defined as High Consequence Events (HCE), include both events that have occurred or could be realized through an attack of critical infrastructure owner assets. While other efforts have been initiated to identify and mitigate disruptive events at the national security level, such as Presidential Policy Directive 41more » (PPD-41), this process is intended to be used by individual organizations to evaluate events that fall below the threshold for a national security. Described another way, Consequence Prioritization considers threats greater than those addressable by standard cyber-hygiene and includes the consideration of events that go beyond a traditional continuity of operations (COOP) perspective. Finally, Consequence Prioritization is most successful when organizations adopt a multi-disciplinary approach, engaging both cyber security and engineering expertise, as in-depth engineering perspectives are required to recognize and characterize and mitigate HCEs. Figure 1 provides a high-level overview of the prioritization process.« less

Development and Validation of the Air Force Cyber Intruder Alert Testbed (CIAT)

DTIC Science & Technology

2016-07-27

Validation of the Air Force Cyber Intruder Alert Testbed (CIAT) 5a. CONTRACT NUMBER FA8650-16-C-6722 5b. GRANT NUMBER 5c. PROGRAM ELEMENT NUMBER...network analysts. Therefore, a new cyber STE focused on network analysts called the Air Force Cyber Intruder Alert Testbed (CIAT) was developed. This...Prescribed by ANSI Std. Z39-18 Development and Validation of the Air Force Cyber Intruder Alert Testbed (CIAT) Gregory Funke, Gregory Dye, Brett Borghetti

Computer program documentation: CYBER to Univac binary conversion user's guide

NASA Technical Reports Server (NTRS)

Martin, E. W.

1980-01-01

A user's guide for a computer program which will convert SINDA temperature history data from CDC (Cyber) binary format to UNIVAC 1100 binary format is presented. The various options available, the required input, the optional output, file assignments, and the restrictions of the program are discussed.

The Human Side of Cyber Conflict: Organizing, Training, and Equipping the Air Force Cyber Workforce

DTIC Science & Technology

2016-06-01

Breakdown of the 17D community as of 31 March 2014. (Reproduced from 17D Officer Assignment Team, Cyberspace Operations “Spread the Word” briefing, 9– 11 ...surety 3D0X4 Computer systems programs 3D1X1 Client systems 3D1X2 Cyber transport 3D1X3 Radio frequency transport 3D1X4 Spectrum operations 3D1X5 Radar...Computer systems programs 3D1X1 Client systems 3D1X2 Cyber transport systems 3D1X3 Radio frequency transmissionsystems FORCE DEVELOPMENT │ 123 Table 8

Teacher Social Capital and Student Achievement: Impact of a Cyber-Enabled Teacher Professional Development Program

ERIC Educational Resources Information Center

Liu, Wei

2012-01-01

This is an evaluative research study of a NSF-funded, DRK-12 cyber-enabled teacher professional development program in elementary engineering education. The finding shows the significant impact of the program on students' science and engineering knowledge in the second year of the program's implementation. However, student learning gain…

78 FR 33995 - Nuclear Proliferation Assessment in Licensing Process for Enrichment or Reprocessing Facilities

Federal Register 2010, 2011, 2012, 2013, 2014

2013-06-06

... designed to minimize proliferation risks world-wide, including the Nuclear Non- Proliferation Treaty, the U... and licensees ensure that they comply with requirements designed to minimize proliferation risks... NRC's regulations on physical security, information security, material control and accounting, cyber...

77 FR 1942 - Homeland Security Science and Technology Advisory Committee (HSSTAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-12

... developments in systems engineering, cyber- security, knowledge management and how best to leverage related... contribution to a diverse range of science and technology topic areas (including chemical, biological, and... technology capabilities and needs, and the latest thinking in systems engineering), and their depth of...

Relationship between Corporate Governance and Information Security Governance Effectiveness in United States Corporations

ERIC Educational Resources Information Center

Davis, Robert E.

2017-01-01

Cyber attackers targeting large corporations achieved a high perimeter penetration success rate during 2013, resulting in many corporations incurring financial losses. Corporate information technology leaders have a fiduciary responsibility to implement information security domain processes that effectually address the challenges for preventing…

Education and the Degree of Data Security

ERIC Educational Resources Information Center

Spears, Phillip Dewitt

2013-01-01

New technology development has researchers inundated with a plethora of data security issues linked to cyber attacks and hackers' ability to transmogrify their techniques. The present research focused on the information technology managing officers' (ITMOs') level of education, size of organization, organization's industry, and effect they have on…

Cyber-Security Curricula for Basic Users

DTIC Science & Technology

2013-09-01

like cyberbullying , digital cheating, and safety and security concerns‖ [7]. The need to teach security principles to this age demographic is at an...addresses the following topics: Cyberbullying , Inappropriate content, 25 Predators, Revealing too much Information, Spyware, spam, and scams. Each...emerging technology, surfing the web, video gaming, the dark side – cyberbullying . Each topic is covered by providing facts for the teacher to present

Romania and the New Cold War Security Challenges

DTIC Science & Technology

2017-06-09

social media with deep economic repercussions. The continuous changes in the Eastern Europe have a great influence on the Romanian security...environment, raising many challenges for the decision makers. This study tried to decipher this security paradigm, unfolding the Russian economic , political...and military unrest, magnified by the modern era domains such as informational, cyber and social media with deep economic repercussions. The

Smart Power Infrastructure Demonstration for Energy Reliability and Security (SPIDERS)

DTIC Science & Technology

2012-05-01

protect, and secure the United States and its interests. • AOF is the United States, Alaska, Canada, Mexico, Bahamas, Puerto Rico , and the U.S. Virgin...Criteria (UFC) for Smart Microgrid Cyber design guides for Industrial Control Systems (ICS) Residual systems Operations and Maintenance Operator...Training Sustainment Commercial Transition Cooperation with NIST for microgrid security standards Working with industry associations and

Information Assurance and Cyber Defence (Assurance de l’information et cyberdefense)

DTIC Science & Technology

2010-11-01

project is that knowledge exchange in a timely fashion is highly significant. Authentication and Authorisation of Users and Services in Federated...Detection, Protection and Countermeasures; • Security Models and Architectures; • Security Policies, Evaluation, Authorisation and Access Control; and...Evaluation, Authorisation and Access Control • Network and Information Security Awareness The topics for the symposium had been established

Social Media - DoD’s Greatest Information Sharing Tool or Weakest Security Link?

DTIC Science & Technology

2010-04-15

porn . ―This makes us our own worst threat‖, writes one DoD network security specialist. ―There are a variety of reasons for this and most are tied to...great „toy‟ to talk to your friends and play video games. DHS Secretary Napolitano discussed the need to hire 1,000 cyber security experts over the

Real time test bed development for power system operation, control and cyber security

NASA Astrophysics Data System (ADS)

Reddi, Ram Mohan

The operation and control of the power system in an efficient way is important in order to keep the system secure, reliable and economical. With advancements in smart grid, several new algorithms have been developed for improved operation and control. These algorithms need to be extensively tested and validated in real time before applying to the real electric power grid. This work focuses on the development of a real time test bed for testing and validating power system control algorithms, hardware devices and cyber security vulnerability. The test bed developed utilizes several hardware components including relays, phasor measurement units, phasor data concentrator, programmable logic controllers and several software tools. Current work also integrates historian for power system monitoring and data archiving. Finally, two different power system test cases are simulated to demonstrate the applications of developed test bed. The developed test bed can also be used for power system education.

Addressing security issues related to virtual institute distributed activities

NASA Astrophysics Data System (ADS)

Stytz, Martin R.; Banks, Sheila B.

2008-03-01

One issue confounding the development and experimentation of distributed modeling and simulation environments is the inability of the project team to identify and collaborate with resources, both human and technical, from outside the United States. This limitation is especially significant within the human behavior representation area where areas such as cultural effects research and joint command team behavior modeling require the participation of various cultural and national representatives. To address this limitation, as well as other human behavior representation research issues, NATO Research and Technology Organization initiated a project to develop a NATO virtual institute that enables more effective and more collaborative research into human behavior representation. However, in building and operating a virtual institute one of the chief concerns must be the cyber security of the institute. Because the institute "exists" in cyberspace, all of its activities are susceptible to cyberattacks, subterfuge, denial of service and all of the vulnerabilities that networked computers must face. In our opinion, for the concept of virtual institutes to be successful and useful, their operations and services must be protected from the threats in the cyber environment. A key to developing the required protection is the development and promulgation of standards for cyber security. In this paper, we discuss the types of cyber standards that are required, how new internet technologies can be exploited and can benefit the promulgation, development, maintenance, and robustness of the standards. This paper is organized as follows. Section One introduces the concept of the virtual institutes, the expected benefits, and the motivation for our research and for research in this area. Section Two presents background material and a discussion of topics related to VIs, uman behavior and cultural modeling, and network-centric warfare. Section Three contains a discussion of the security challenges that face the virtual institute and the characteristics of the standards that must be employed. Section Four contains our proposal for documentation of the cybersecurity standards. Section Five contains the conclusion and suggestions for further work.

Electronic Warfare for Cyber Warriors

DTIC Science & Technology

2008-06-01

This research paper provides complete course content for the AFIT EENG 509, Electronic Warfare class. It is intended as a replacement for the existing course and designed for Intermediate Developmental Education (IDE) students in the Cyber Warfare degree program. This course provides relevant academic courseware and study material to give cyber warriors an academic and operational perspective on electronic warfare and its integration in the cyber domain.

Cyber-Herding and Cyber Activism: Countering Qutbists on the Internet

DTIC Science & Technology

2007-12-01

13 f. Phase 6, Concentrate Web Sites ..........14 g. Phase 7, Develop Darknet ................16 B. CYBER ACTIVISM...continues in Phase 3 with the introduction of web sites owned by the cyber herding program and later on with the introduction of Darknets . The...own doppelganger.) Create several content-rich Darknet environments—a private virtual network where users connect only to people they trust8—that