Cyber Security Incident Handling, Warning and Response System for the
European Critical Information Infrastructures (CyberSANE)
- URL: http://arxiv.org/abs/2003.05720v1
- Date: Wed, 11 Mar 2020 15:25:40 GMT
- Title: Cyber Security Incident Handling, Warning and Response System for the
European Critical Information Infrastructures (CyberSANE)
- Authors: Spyridon Papastergiou, Haralambos Mouratidis, Eleni-Maria Kalogeraki
- Abstract summary: This paper aims to enhance the security and resilience of Critical Information Infrastructures (CIIs) by providing a dynamic collaborative, warning and response system (CyberSANE system)
The proposed solution provides a first of a kind approach for handling cyber security incidents in the digital environments with highly interconnected, complex and diverse nature.
- Score: 0.29005223064604074
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: This paper aims to enhance the security and resilience of Critical
Information Infrastructures (CIIs) by providing a dynamic collaborative,
warning and response system (CyberSANE system) supporting and guiding security
officers and operators (e.g. Incident Response professionals) to recognize,
identify, dynamically analyse, forecast, treat and respond to their threats and
risks and handle their daily cyber incidents. The proposed solution provides a
first of a kind approach for handling cyber security incidents in the digital
environments with highly interconnected, complex and diverse nature.
Related papers
- A Systematic Review of Security Communication Strategies: Guidelines and Open Challenges [47.205801464292485]
We identify user difficulties including information overload, technical comprehension, and balancing security awareness with comfort.
Our findings reveal consistent communication paradoxes: users require technical details for credibility yet struggle with jargon and need risk awareness without experiencing anxiety.
This work contributes to more effective security communication practices that enable users to recognize and respond to cybersecurity threats appropriately.
arXiv Detail & Related papers (2025-04-02T20:18:38Z) - Towards Trustworthy GUI Agents: A Survey [64.6445117343499]
This survey examines the trustworthiness of GUI agents in five critical dimensions.
We identify major challenges such as vulnerability to adversarial attacks, cascading failure modes in sequential decision-making.
As GUI agents become more widespread, establishing robust safety standards and responsible development practices is essential.
arXiv Detail & Related papers (2025-03-30T13:26:00Z) - Comprehensive Digital Forensics and Risk Mitigation Strategy for Modern Enterprises [0.0]
This study outlines an approach to cybersecurity, including proactive threat anticipation, forensic investigations, and compliance with regulations like CCPA.
Key threats such as social engineering, insider risks, phishing, and ransomware are examined, along with mitigation strategies leveraging AI and machine learning.
The findings emphasize the importance of continuous monitoring, policy enforcement, and adaptive security measures to protect sensitive data.
arXiv Detail & Related papers (2025-02-26T23:18:49Z) - Open Problems in Machine Unlearning for AI Safety [61.43515658834902]
Machine unlearning -- the ability to selectively forget or suppress specific types of knowledge -- has shown promise for privacy and data removal tasks.
In this paper, we identify key limitations that prevent unlearning from serving as a comprehensive solution for AI safety.
arXiv Detail & Related papers (2025-01-09T03:59:10Z) - ACTISM: Threat-informed Dynamic Security Modelling for Automotive Systems [7.3347982474177185]
ACTISM (Automotive Consequence-Driven and Threat-Informed Security Modelling) is an integrated security modelling framework.
It enhances the resilience of automotive systems by dynamically updating their cybersecurity posture.
We demonstrate the effectiveness of ACTISM by applying it to a real-world example of the Tesla Electric Vehicle's In-Vehicle Infotainment system.
We report the results of a practitioners' survey on the usefulness of ACTISM and its future directions.
arXiv Detail & Related papers (2024-11-30T09:58:48Z) - Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
We propose Authenticated Cyclic Redundancy Integrity Check (ACRIC)
ACRIC preserves backward compatibility without requiring additional hardware and is protocol agnostic.
We show that ACRIC offers robust security with minimal transmission overhead ( 1 ms)
arXiv Detail & Related papers (2024-11-21T18:26:05Z) - Security in IS and social engineering -- an overview and state of the art [0.6345523830122166]
The digitization of all processes and the opening to IoT devices has fostered the emergence of a new formof crime, i.e. cybercrime.
The maliciousness of such attacks lies in the fact that they turn users into facilitators of cyber-attacks, to the point of being perceived as the weak link'' of cybersecurity.
Knowing how to anticipate, identifying weak signals and outliers, detect early and react quickly to computer crime are therefore priority issues requiring a prevention and cooperation approach.
arXiv Detail & Related papers (2024-06-17T13:25:27Z) - The MESA Security Model 2.0: A Dynamic Framework for Mitigating Stealth Data Exfiltration [0.0]
Stealth Data Exfiltration is a significant cyber threat characterized by covert infiltration, extended undetectability, and unauthorized dissemination of confidential data.
Our findings reveal that conventional defense-in-depth strategies often fall short in combating these sophisticated threats.
As we navigate this complex landscape, it is crucial to anticipate potential threats and continually update our defenses.
arXiv Detail & Related papers (2024-05-17T16:14:45Z) - Critical Infrastructure Protection: Generative AI, Challenges, and Opportunities [3.447031974719732]
Critical National Infrastructure (CNI) encompasses a nation's essential assets that are fundamental to the operation of society and the economy.
Growing cybersecurity threats targeting these infrastructures can potentially interfere with operations and seriously risk national security and public safety.
We examine the intricate issues raised by cybersecurity risks to vital infrastructure, highlighting these systems' vulnerability to different types of cyberattacks.
arXiv Detail & Related papers (2024-05-08T08:08:50Z) - We need to aim at the top: Factors associated with cybersecurity awareness of cyber and information security decision-makers [0.0]
We study cybersecurity awareness of cyber and information security decision-makers.
Our findings indicate that awareness of well-known threats and solutions seems to be quite low for individuals in decision-making roles.
arXiv Detail & Related papers (2024-04-06T20:32:19Z) - Municipal cyber risk modeling using cryptographic computing to inform cyber policymaking [0.5872014229110214]
Using data from 83 municipalities, we build data-driven cyber risk models and cyber security benchmarks for municipalities.
We produce benchmarks of the security posture in a sector, the frequency of cyber incidents, forecasted annual losses for organizations based on their defensive posture.
These newly derived risk measures highlight the need for continuous measured improvement of cybersecurity readiness.
arXiv Detail & Related papers (2024-02-01T20:45:20Z) - Leveraging Traceability to Integrate Safety Analysis Artifacts into the
Software Development Process [51.42800587382228]
Safety assurance cases (SACs) can be challenging to maintain during system evolution.
We propose a solution that leverages software traceability to connect relevant system artifacts to safety analysis models.
We elicit design rationales for system changes to help safety stakeholders analyze the impact of system changes on safety.
arXiv Detail & Related papers (2023-07-14T16:03:27Z) - ThreatKG: An AI-Powered System for Automated Open-Source Cyber Threat Intelligence Gathering and Management [65.0114141380651]
ThreatKG is an automated system for OSCTI gathering and management.
It efficiently collects a large number of OSCTI reports from multiple sources.
It uses specialized AI-based techniques to extract high-quality knowledge about various threat entities.
arXiv Detail & Related papers (2022-12-20T16:13:59Z) - A System for Automated Open-Source Threat Intelligence Gathering and
Management [53.65687495231605]
SecurityKG is a system for automated OSCTI gathering and management.
It uses a combination of AI and NLP techniques to extract high-fidelity knowledge about threat behaviors.
arXiv Detail & Related papers (2021-01-19T18:31:35Z) - A System for Efficiently Hunting for Cyber Threats in Computer Systems
Using Threat Intelligence [78.23170229258162]
We build ThreatRaptor, a system that facilitates cyber threat hunting in computer systems using OSCTI.
ThreatRaptor provides (1) an unsupervised, light-weight, and accurate NLP pipeline that extracts structured threat behaviors from unstructured OSCTI text, (2) a concise and expressive domain-specific query language, TBQL, to hunt for malicious system activities, and (3) a query synthesis mechanism that automatically synthesizes a TBQL query from the extracted threat behaviors.
arXiv Detail & Related papers (2021-01-17T19:44:09Z) - Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance.
We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems.
We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
arXiv Detail & Related papers (2020-10-19T13:09:31Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.