Stuxnet: What Has Changed?

Denning, Dorothy E.

doi:10.3390/fi4030672

Cited by 68 publications

(25 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…One of the local host which is infected with a modern botnet malware starts scanning his neighbors in order to propagate via network. It uses similar network propagation mechanism as it is employed in Stuxnet worm [129,130]. Malware is looking for hosts with open TCP and UDP ports reserved for Microsoft Remote Procedure Call (RPC).…”

Section: Scenariomentioning

confidence: 99%

An Entropy-Based Network Anomaly Detection Method

Bereziński

Jasiul

Szpyrka

2015

Entropy

157

View full text Add to dashboard Cite

Data mining is an interdisciplinary subfield of computer science involving methods at the intersection of artificial intelligence, machine learning and statistics. One of the data mining tasks is anomaly detection which is the analysis of large quantities of data to identify items, events or observations which do not conform to an expected pattern. Anomaly detection is applicable in a variety of domains, e.g., fraud detection, fault detection, system health monitoring but this article focuses on application of anomaly detection in the field of network intrusion detection.The main goal of the article is to prove that an entropy-based approach is suitable to detect modern botnet-like malware based on anomalous patterns in network. This aim is achieved by realization of the following points: (i) preparation of a concept of original entropy-based network anomaly detection method, (ii) implementation of the method, (iii) preparation of original dataset, (iv) evaluation of the method.

show abstract

Section: Scenariomentioning

confidence: 99%

An Entropy-Based Network Anomaly Detection Method

Bereziński

Jasiul

Szpyrka

2015

Entropy

157

View full text Add to dashboard Cite

show abstract

“…One famous cyber-attack on Iran's power hly modified Stuxnet virus [14]. ch trend is now looking at how mechanisms to protect CI ICT y established PROTECT centre etwork security mechanisms are nhance protection of CIs beyond of firewalls and Intrusion These include strong user Zones (DMZs), system and ystems, and many others [16].…”

Section: On Of Connectivity In Scadamentioning

confidence: 99%

Security-Oriented Cloud Platform for SOA-Based SCADA

Baker

Mackay

Shaheed³

et al. 2015

2015 15th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing

View full text Add to dashboard Cite

During the last 10 years, experts in critical infrastructure security have been increasingly directing their focus and attention to the security of control structures such as Supervisory Control and Data Acquisition (SCADA) systems in the light of the move toward Internet-connected architectures. However, this more open architecture has resulted in an increasing level of risk being faced by these systems, especially as they became offered as services and utilised via Service Oriented Architectures (SOA). For example, the SOA-based SCADA architecture proposed by the AESOP project concentrated on facilitating the integration of SCADA systems with distributed services on the application layer of a cloud network. However, whilst each service specified various security goals, such as authorisation and authentication, the current AESOP model does not attempt to encompass all the necessary security requirements and features of the integrated services. This paper presents a concept for an innovative integrated cloud platform to reinforce the integrity and security of SOA-based SCADA systems that will apply in the context of Critical Infrastructures to identify the core requirements, components and features of these types of system. The paper uses the SmartGrid to highlight the applicability and importance of the proposed platform in a real world scenario. 2015 15th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing 978-1-4799-8006-2/15 $31.00

show abstract

“…Rather, the material realities of computer networks and malicious activities taking place in or through them that manifest as “digital accidents” shape the threat representations in this cluster. New categories of threats were formed in government circles and think‐tanks by linking the prefix “cyber‐” to established and known threats to security, thus creating terms such as cyber‐vandalism, cyber‐crime, cyber‐espionage, cyber‐terror, or cyber‐war (Denning ). “Old” forms of deviant behavior become “new” as they are imbued with a sense of “through the use of a computer” or “related to cyberspace.” The exact origin of these terms is sometimes hard to fathom, and tracking down the provenance for individual terms would be a lengthy undertaking; what seems most relevant in the context of this article is that behind all of these categories is in essence the archetype/stereotype of the “hacker,” individuals with technical superpowers.…”

Section: Cyber‐threat Representations: Creating and Changing “The Resmentioning

confidence: 99%

From Cyber-Bombs to Political Fallout: Threat Representations with an Impact in the Cyber-Security Discourse

Cavelty

2013

Int Stud Rev

137

View full text Add to dashboard Cite

The link between cyberspace and national security is often presented as an unquestionable and uncontested "truth." However, there is nothing natural or given about this link: It had to be forged, argued, and accepted in the (security) political process. This article explores the constitutive effects of different threat representations in the broader cyber-security discourse. In contrast to previous work on the topic, the focus is not solely on discursive practices by "visible" elite actors, but also on how a variety of less visible actors inside and outside of government shape a reservoir of acceptable threat representations that influence everyday practices of cyber-security. Such an approach allows for a more nuanced understanding of the diverse ways in which cyber-security is presented as a national security issue and of the consequences of particular representations.Matters of cyber-(in)-security-though not always under this name-have been an issue in security politics for at least three decades (Dunn Cavelty 2008).1 As a result, the link between national security and cyberspace has become an uncontested, unshakable "truth" with budgetary and political consequences. However, this link is far more diverse as it is often assumed in the literature. The cybersecurity discourse is about more than one threat form: ranging from computer viruses and other malicious software to cyber-crime activity to the categories of cyber-terror and cyber-war. Each subissue is represented and treated differently in the political process and at different points in time. Consequently, cyber-security policies contain an amalgam of countermeasures, tailored to meet different, and at times conflicting security needs.How these heterogeneous political manifestations are linked to different threat representations-ways to depict what counts as a threat or risk-is the focus of this article. Importantly, and in contrast to most of the other research on the subject, this paper therefore focuses on cyber-security comprehensively, 2 rather than looking at discourse in subcategories like cyber-crime, cyber-terrorism, or cyber- . I would like to thank the participants at these events as well as three anonymous reviewers and the editors of this special issue for their valuable comments.2 I understand cyber-security policy to be the set of technologies, processes, and practices designed to protect networks, computers, programs, and data from attack, damage, or unauthorized access, in accordance with the common information security goals: the protection of confidentiality, integrity, and availability of information.

show abstract

Stuxnet: What Has Changed?

Cited by 68 publications

References 2 publications

An Entropy-Based Network Anomaly Detection Method

An Entropy-Based Network Anomaly Detection Method

Security-Oriented Cloud Platform for SOA-Based SCADA

From Cyber-Bombs to Political Fallout: Threat Representations with an Impact in the Cyber-Security Discourse

Contact Info

Product

Resources

About