Active Cyber Attack Model for Network System's Vulnerability Assessment

Eom, Jung-Ho; Han, Yunghsiang S.; Park, Seon-Ho; Chung, Tai-Myoung

doi:10.1109/iciss.2008.36

Cited by 18 publications

(6 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To properly assess the vulnerabilities, the network requires to face a simulated attack. In other words, a real synthetic attack scenario will occur in the network so that the potential breaches or vulnerabilities and the related defense mechanisms can be identified [ 28 ]. In this investigation of two general attack categories called physical attack and remote access attack, we simulate two attacks from these categories including object emulation attack and Botnet attack.…”

Section: Adversary Modelmentioning

confidence: 99%

Automated IoT Device Identification Based on Full Packet Information Using Real-Time Network Traffic

Yousefnezhad

Malhi

Främling

2021

Sensors

View full text Add to dashboard Cite

In an Internet of Things (IoT) environment, a large volume of potentially confidential data might be leaked from sensors installed everywhere. To ensure the authenticity of such sensitive data, it is important to initially verify the source of data and its identity. Practically, IoT device identification is the primary step toward a secure IoT system. An appropriate device identification approach can counteract malicious activities such as sending false data that trigger irreparable security issues in vital or emergency situations. Recent research indicates that primary identity metrics such as Internet Protocol (IP) or Media Access Control (MAC) addresses are insufficient due to their instability or easy accessibility. Thus, to identify an IoT device, analysis of the header information of packets by the sensors is of imperative consideration. This paper proposes a combination of sensor measurement and statistical feature sets in addition to a header feature set using a classification-based device identification framework. Various machine Learning algorithms have been adopted to identify different combinations of these feature sets to provide enhanced security in IoT devices. The proposed method has been evaluated through normal and under-attack circumstances by collecting real-time data from IoT devices connected in a lab setting to show the system robustness.

show abstract

Section: Adversary Modelmentioning

confidence: 99%

Automated IoT Device Identification Based on Full Packet Information Using Real-Time Network Traffic

Yousefnezhad

Malhi

Främling

2021

Sensors

View full text Add to dashboard Cite

show abstract

“…Network-based cyber attacks can be categorized as DoS attacks, DDoS attacks, sniffing attacks, spoofing attacks, and session-hijacking attacks (Eom, Jung, Han, & Park, 2009 We summarize here what we do know about North Korean cyber infrastructure, organizations, capabilities, and vulnerabilities based on recent research.…”

Section: Types Of Network Attacksmentioning

confidence: 99%

Finding Effective Responses Against Cyber Attacks for Divided Nations

Park¹

2015

View full text Add to dashboard Cite

Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instruction, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. FUNDING NUMBERS AUTHOR(S) Ji Min Park PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES)Naval Postgraduate School Monterey, CA 93943-5000 PERFORMING ORGANIZATION REPORT NUMBER 9. SPONSORING /MONITORING AGENCY NAME(S) AND ADDRESS(ES)N/A SPONSORING / MONITORING AGENCY REPORT NUMBER11. SUPPLEMENTARY NOTES The views expressed in this thesis are those of the author and do not reflect the official policy or position of the Department of Defense or the U.S. Government. IRB Protocol number ____N/A____. 12a. DISTRIBUTION / AVAILABILITY STATEMENTApproved for public release; distribution is unlimited 12b. DISTRIBUTION CODE ABSTRACT (maximum 200 words)There can be hostile relations between nations that are divided politically or ideologically, and there are threats in cyberspace as well as physical space. Although every cyber threat, like a physical threat, has countermeasures, this can be hard because of the complexity of cyberspace and the ethics in cyberspace.This study tries to find effective countermeasures for South Korea in cyberspace against North Korea's continuing cyber attacks in light of the Korean peninsula's situation, a typical example of divided nations in the world. To find good solutions, South and North Korea's cyber capabilities are compared in terms of infrastructure, organization, defensive capabilities, offensive capabilities, and vulnerabilities. Characteristics and features of North Korea's cyber attacks are inferred by analyses of past attacks. Based on these analyses, this study recommends defensive and offensive countermeasures to mitigate these cyber threats and prevent escalation. Each countermeasure is assessed using considerations such as prevention of escalation, efficient use of limited resources, international laws and ethics, and bargaining power in the real world. SUBJECT TERMS ABSTRACTThere can be hostile relations between nations that are divided politically or ideologically, and there are threats in cyberspace as well as physical space.

show abstract

“…Specifically, some studies [21,22] report difficulties in applying a Common Vulnerability Scoring System (CVSS) as an industrial standard (i.e., a de facto standard) for quantifying security vulnerabilities in smart grid environment. Many techniques have been published, including various proposals for resolving the unsuitability of CVSS [23][24][25], but these techniques are limited in terms of their application to smart grid, which are particularly prone to damage (even at a national level) when an attack occurs, owing to the impossibility of extracting objective evaluation indicators from the various standards in each techniques [26][27][28][29][30][31][32][33][34].…”

Section: Introductionmentioning

confidence: 99%

Towards a novel quantification approach based on smart grid network vulnerability score

Lee

Shon

2015

Int. J. Energy Res.

View full text Add to dashboard Cite

SUMMARYSmart grid, known as the system of systems, has progressed with more diverse network systems than existing Internetbased networks. Although some of its internal components contain systems reminiscent of a general Internet environment, most of them have different characteristics in terms of their function and performance. Therefore, it is impractical to apply the same techniques for quantifying security vulnerabilities used in existing Internet environments to smart grid. Such techniques do not reflect the characteristics of smart grid networks. In addition, the existing quantification approaches to security vulnerability typically apply to vulnerabilities known in a target system itself or by generalizing attack paths that can occur in a target system. Therefore, it is difficult for these approaches to reflect the vulnerabilities in an environment such as smart grid, which has various heterogeneous systems and networks. In this paper, we consider various approaches to quantifying security vulnerabilities in smart grid network environments by analyzing the existing quantification approaches to security vulnerabilities, and we propose the smart grid network vulnerability score, a quantification approach to security vulnerability that can comprehensively display security threats by reflecting the characteristics of smart grid network. We verified the effectiveness and applicability of this proposed approach by applying it to the advanced metering infrastructure network, which is sensitive to the issues related to users in a number of smart grid network domains.

show abstract

Active Cyber Attack Model for Network System's Vulnerability Assessment

Cited by 18 publications

References 5 publications

Automated IoT Device Identification Based on Full Packet Information Using Real-Time Network Traffic

Automated IoT Device Identification Based on Full Packet Information Using Real-Time Network Traffic

Finding Effective Responses Against Cyber Attacks for Divided Nations

Towards a novel quantification approach based on smart grid network vulnerability score

Contact Info

Product

Resources

About