Jassim Happa scite author profile

Collaborative Mixed-Reality (CMR) applications are gaining interest in a wide range of areas including games, social interaction, design and health-care. To date, the vast majority of published work has focused on display technology advancements, software, collaboration architectures and applications. However, the potential security concerns that affect collaborative platforms have received limited research attention. In this position paper, we investigate the challenges posed by cyber-security threats to CMR systems. We focus on how typical network architectures facilitating CMR and how their vulnerabilities can be exploited by attackers, and discuss the degree of potential social, monetary impacts, psychological and other harms that may result from such exploits. The main purpose of this paper is to provoke a discussion on CMR security concerns. We highlight insights from a cyber-security threat modelling perspective and also propose potential directions for research and development toward better mitigation strategies. We present a simple, systematic approach to understanding a CMR attack surface through an abstraction-based reasoning framework to identify potential attack vectors. Using this framework, security analysts, engineers, designers and users alike (stakeholders) can identify potential Indicators of Exposures (IoE) and Indicators of Compromise (IoC). Our framework allows stakeholders to reduce their CMR attack surface as well understand how Intrusion Detection System (IDS) approaches can be adopted for CMR systems. To demonstrate the validity to our framework, we illustrate several CMR attack surfaces through a set of use-cases. Finally, we also present a discussion on future directions this line of research should take.

show abstract

Capturing Tacit Knowledge in Security Operation Centers

Cho

Happa

Creese

2020

IEEE Access

View full text Add to dashboard Cite

The use of tacit knowledge has previously been shown to help expedite problem-solving procedures in the setting of medical emergency responses, as individuals can use past experiences in present and future challenges. However, there is a lack of understanding in its application in IT and socio-technical management. This paper examines the thought processes observed in Security Operational Centre (SOC) analysts facing threat events to lay the groundwork for tacit knowledge management in SOCs. Based on Sternberg's fieldwork in tacit knowledge, we conducted semi-structured interviews with ten analysts to explore the key artefacts and individual traits that aid their approach to communication, and to examine the thought processes under hypothetical incident handling scenarios. The results highlight a unanimous pursuit of Root Cause Analysis (RCA) upon the outbreak of an incident and stages of decision-making when escalating to third party support providers. Using Business Process Modelling and Notation (BPMN), we show the procedural elements of tacit knowledge from several scenarios. The results also suggest that simulation environments and physical proximity with analysts and vendors can facilitate the transfer of tacit knowledge more effectively in SOCs.

show abstract

Hearing attacks in network data: An effectiveness study

Axon

Happa

Goldsmith

et al. 2019

Computers & Security

View full text Add to dashboard Cite

Sonification, in which data is represented as sound, can be used to turn network attacks and network-security information into audio signals. This could complement the range of security-monitoring tools currently used in Security Operations Centres (SOCs). Prior work in sonification for network monitoring has not assessed the effectiveness of the technique for enabling users to monitor network-security information. To this end, we aim to investigate the viability of using sonified network datasets to enable humans to detect (recognise the presence of some) and identify (understand the type of) network attacks. In this paper we report the results of a user study in which we assessed the utility of a network-traffic sonification system for representing network attacks. Our results show that by listening to the sonified network data, participants could detect attacks accurately and efficiently, including combinations of attacks, and identify the types of attacks. Musical experience had no significant effect on the ability of participants to use the sonification, and participants could detect attacks without training, yet improved performance through training. The results support the potential of sonification for use in network-security monitoring tasks.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Jassim Happa

Illuminating the past: state of the art

Cyber Security Threats and Challenges in Collaborative Mixed-Reality

Capturing Tacit Knowledge in Security Operation Centers

Hearing attacks in network data: An effectiveness study

Contact Info

Product

Resources

About