Security QoS profiling against cyber terrorism in airport network systems

Ugwoke, F. N.; Okafor, K. C.; Chijindu, Vincent C.

doi:10.1109/cyber-abuja.2015.7360516

Cited by 8 publications

(4 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The mapping of the range of cyber-attacks within the civil aviation industry reveals that phishing and network attacks, such as eavesdropping, DoS, Man-in-the-middle and spoofing attacks, predominate [76]. Distributed Denial-of-Service (DDoS) and DoS attacks on network assets at the airport, most notably, Vulnerability Bandwidth Depletion DDoS Attacks (VBDDA), could be mitigated according to Ugwoke et al [77] by the proposed embedded Stateful Packet Inspection (SPI) based on the OpenFlow Application Centric Infrastructure (OACI). The focus was to mitigate attacks on Airport Information Resource Management Systems (AIRMS), an enterprise cloud-based resource management system used in some airports.…”

Section: Mitigation Of Cyber-security Challenges Within the Civil Avi...mentioning

confidence: 99%

Cyber-Security Challenges in Aviation Industry: A Review of Current and Future Trends

Ukwandu¹,

Farah²,

Hindy³

et al. 2022

Information

View full text Add to dashboard Cite

The integration of Information and Communication Technology (ICT) tools into mechanical devices in routine use within the aviation industry has heightened cyber-security concerns. The extent of the inherent vulnerabilities in the software tools that drive these systems escalates as the level of integration increases. Moreover, these concerns are becoming even more acute as the migration within the industry in the deployment of electronic-enabled aircraft and smart airports gathers pace. A review of cyber-security attacks and attack surfaces within the aviation sector over the last 20 years provides a mapping of the trends and insights that are of value in informing on future frameworks to protect the evolution of a key industry. The goal is to identify common threat actors, their motivations, attacks types and map the vulnerabilities within aviation infrastructures most commonly subject to persistent attack campaigns. The analyses will enable an improved understanding of both the current and potential future cyber-security protection provisions for the sector. Evidence is provided that the main threats to the industry arise from Advance Persistent Threat (APT) groups that operate, in collaboration with a particular state actor, to steal intellectual property and intelligence in order to advance their domestic aerospace capabilities as well as monitor, infiltrate and subvert other sovereign nations’ capabilities. A segment of the aviation industry commonly attacked is the Information Technology (IT) infrastructure, the most prominent type of attack being malicious hacking with intent to gain unauthorised access. The analysis of the range of attack surfaces and the existing threat dynamics has been used as a foundation to predict future cyber-attack trends. The insights arising from the review will support the future definition and implementation of proactive measures that protect critical infrastructures against cyber-incidents that damage the confidence of customers in a key service-oriented industry.

show abstract

Section: Mitigation Of Cyber-security Challenges Within the Civil Avi...mentioning

confidence: 99%

Cyber-Security Challenges in Aviation Industry: A Review of Current and Future Trends

Ukwandu¹,

Farah²,

Hindy³

et al. 2022

Information

View full text Add to dashboard Cite

show abstract

“…This usually results in the term referred to as black-holing [13] whereby all traffic sent to the malicious AS is simply discarded. This attack is effective in IP networks, since, once routing information is infected, it is difficult for routers to detect, and recover from the problem.…”

Section: Ddos Prefix Hijacking and Black-holingmentioning

confidence: 99%

“…This type involves three parties namely [13]: the attacker, a victim host, and a set of secondary victims (reflectors). The goal of the attacker is to use the reflectors to overwhelm the victim host with traffic.…”

Section: Ddos Reflection Attacksmentioning

confidence: 99%

“…Responses to such packets are not routed back to the attacker; rather it overwhelms the victim instead. To be effective, these attacks use some form of amplification optimization, (i.e., the amount of data used by the attacker to perform the attack is significantly smaller than the amount of data received by the victim [13]. However, SPI-OACI routers incorporate a useful suppression feature such that whenever an SPI-OACI router/firewall overhears a content packet on a broadcast interface for which it has a current entry with the incoming interface, it caches the content and flushes the entry as anomaly traffic.…”

Section: Ddos Reflection Attacksmentioning

confidence: 99%

See 1 more Smart Citation

Vulnerability Bandwidth Depletion Attack on Distributed Cloud Computing Network: A QoS Perspective

Okafor¹,

Okoye²,

Ononiwu³

2016

IJCA

View full text Add to dashboard Cite

A previous work on Airport Information Resource Management System (AIRMS) established that sophisticated attacks in the form of Denial of Service (DoS), Distributed DoS (DDoS), and related attacks are becoming the most effective schemes used by cyber terrorists on such enterprise systems. Similarly, a novel Smart Green Energy Management Distributed Cloud Computing Network (SGEM-DCCN) was developed as an extension to the work. Interestingly, the DCCN could be shut down by malicious attackers while running its renewable energy management cloud service. Consequently, this work presents a security model designed to improve the security architecture in a mission-critical DCCN running Enterprise Energy

show abstract