Cyber situational awareness has been proven to be of value in forming a comprehensive understanding of threats and vulnerabilities within organisations, as the degree of exposure is governed by the prevailing levels of cyber-hygiene and established processes. A more accurate assessment of the security provision informs on the most vulnerable environments that necessitate more diligent management. The rapid proliferation in the automation of cyber-attacks is reducing the gap between information and operational technologies and the need to review the current levels of robustness against new sophisticated cyber-attacks, trends, technologies and mitigation countermeasures has become pressing. A deeper characterisation is also the basis with which to predict future vulnerabilities in turn guiding the most appropriate deployment technologies. Thus, refreshing established practices and the scope of the training to support the decision making of users and operators. The foundation of the training provision is the use of Cyber-Ranges (CRs) and Test-Beds (TBs), platforms/tools that help inculcate a deeper understanding of the evolution of an attack and the methodology to deploy the most impactful countermeasures to arrest breaches. In this paper, an evaluation of documented CRs and TBs platforms is evaluated. CRs and TBs are segmented by type, technology, threat scenarios, applications and the scope of attainable training. To enrich the analysis of documented CRs and TBs research and cap the study, a taxonomy is developed to provide a broader comprehension of the future of CRs and TBs. The taxonomy elaborates on the CRs/TBs dimensions, as well as, highlighting a diminishing differentiation between application areas.
The paper presents a classification of cyber attacks within the context of the state of the art in the maritime industry. A systematic categorization of vessel components has been conducted, complemented by an analysis of key services delivered within ports. The vulnerabilities of the Global Navigation Satellite System (GNSS) have been given particular consideration since it is a critical subcategory of many maritime infrastructures and, consequently, a target for cyber attacks. Recent research confirms that the dramatic proliferation of cyber crimes is fueled by increased levels of integration of new enabling technologies, such as IoT and Big Data. The trend to greater systems integration is, however, compelling, yielding significant business value by facilitating the operation of autonomous vessels, greater exploitation of smart ports, a reduction in the level of manpower and a marked improvement in fuel consumption and efficiency of services. Finally, practical challenges and future research trends have been highlighted.
Abstract:The Public Key Infrastructure (PKI) is crumbling, partially due to the lack of a strong understanding of how encryption actually works, but also due to weaknesses in its implementation. This paper outlines an Internet storage technique using secret sharing methods which could be used to overcome the problems inherent with PKI, while supporting new types of architectures incorporating such things as automated failover and break-glass data recovery. The paper outlines a novel architecture: SECRET, which supports a robust cloud-based infrastructure with in-built privacy and failover. In order to understand the performance overhead of SECRET, the paper outlines a range of experiments that investigate the overhead of this and other secret share methods.
The integration of Information and Communication Technology (ICT) tools into mechanical devices in routine use within the aviation industry has heightened cyber-security concerns. The extent of the inherent vulnerabilities in the software tools that drive these systems escalates as the level of integration increases. Moreover, these concerns are becoming even more acute as the migration within the industry in the deployment of electronic-enabled aircraft and smart airports gathers pace. A review of cyber-security attacks and attack surfaces within the aviation sector over the last 20 years provides a mapping of the trends and insights that are of value in informing on future frameworks to protect the evolution of a key industry. The goal is to identify common threat actors, their motivations, attacks types and map the vulnerabilities within aviation infrastructures most commonly subject to persistent attack campaigns. The analyses will enable an improved understanding of both the current and potential future cyber-security protection provisions for the sector. Evidence is provided that the main threats to the industry arise from Advance Persistent Threat (APT) groups that operate, in collaboration with a particular state actor, to steal intellectual property and intelligence in order to advance their domestic aerospace capabilities as well as monitor, infiltrate and subvert other sovereign nations’ capabilities. A segment of the aviation industry commonly attacked is the Information Technology (IT) infrastructure, the most prominent type of attack being malicious hacking with intent to gain unauthorised access. The analysis of the range of attack surfaces and the existing threat dynamics has been used as a foundation to predict future cyber-attack trends. The insights arising from the review will support the future definition and implementation of proactive measures that protect critical infrastructures against cyber-incidents that damage the confidence of customers in a key service-oriented industry.
In recent times, as a result of COVID-19 pandemic, higher institutions in Nigeria have been shutdown and the leadership of Academic Staff Union of University (ASUU) said that Nigerian universities cannot afford to mount Online learning platforms let alone conduct such learning system in Nigeria due to lack of infrastructure, capacity and skill sets in the face of COVID-19 pandemic. In the light of this, this research undertook an online survey using University of Nigeria, Nsukka (UNN) as a case study to know which type of online learning system ASUU leadership is talking about -Asynchronous or Synchronous? How did ASUU come about their facts? Did ASUU base their assertion on facts, if YES, what are the benchmarks? Therefore, this research project is focused on providing benchmarks to assess if a Nigerian University has what it takes to run a synchronous Online Learning. It includes Infrastructure needed (Hardware, Software, Network connectivity), Skill sets from staff (Computer literacy level). In a bid to do this, an online survey was administered to the staff of Centre for Distance and Elearning of UNN and out of the 40 members of that section of the University, we had 32 respondents. The survey seeks to find whether UNN has the requisite infrastructure and the skill sets to mount synchronous online learning. The results of the study reveal that the infrastructure domain of the questionnaire consist of 13 questions. Therefore, the maximum scores that a respondent can have is 13. From Table II below, only 3 (9.4%) respondents scored 13. This shows that the rating for excellence is quite low among the population sampled, hence we conclude that University of Nigeria, Nsukka does not have the infrastructure to mount synchronous online learning. The Skills sets domain of the questionnaire consist of 18 questions. Therefore, the maximum scores that a respondent can have is 18. From Table I below, only 8 (25%) respondents scored 18. This shows that the rating for excellence is quite low among the population sampled as they were not even up to 50%. This shows that University of Nigeria, Nsukka does not have the skill sets required to mount synchronous online learning.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
334 Leonard St
Brooklyn, NY 11211
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.