Risk assessment method for network attack surface based on Bayesian attack graph by Yuyang ZHOU, Guang CHENG, Chunsheng GUO

Subjects: Get full text

Qualitative modeling and analysis of attack surface for process multi-variant execution software system by Fukang XING, Zheng ZHANG, Ran SUI, Sheng QU, Xinsheng JI

Subjects: Get full text

Si Substrate Backside—An Emerging Physical Attack Surface for Secure ICs in Flip Chip Packaging by Makoto Nagata, Takuji Miki

Get full text

Designing Attack Surface in Early Childhood Education System Environment using Risk Assessment and Enterprise Architecture Approach by Dadang Setiawan, Dita Oktaria, Sidik Prabowo, Elizabeth Sastrina Indrasari

“…This research addresses the challenge of securing Indonesia’s early childhood education systems by designing a minimized attack surface through the integration of ISO 27005-based risk assessment and the TOGAF enterprise architecture framework. …”
Get full text

Dynamic and heterogeneous Byzantine system in cloud by Yang CHEN, Hongchao HU, Wenyan LIU, Shumin HUO, Hao LIANG

Subjects: Get full text

Anti-ransomware method based on active deception by CHEN Kai, MA Duohe, TANG Zhimin, DAI Jun

Subjects: Get full text

Research on software-defined network and the security defense technology by Tao WANG, Hong-chang CHEN, Guo-zhen CHENG

“…Software-defined network (SDN) separated the traditional control plane from the data plane,formed a centralized controller,opened up the network programming interface,simplified network management,promoted network innovation and optimized network operation.However,SDN's “three-layer two-interface” architecture increased the network attack surface,resulting in many new security issues.The development,characteristics and working principle of SDN were first introduced,and the existing security problems from the application layer,the northbound interface,the control plane,the southbound interface,the data plane were summarized respectively.Secondly,the latest research progress and existing solutions were discussed.Finally,SDN current and future security challenges were summarized,and the future SDN security development direction was looked forward to.…”
Get full text

Optimal strategy selection method for moving target defense based on signaling game by Lyu JIANG, Hengwei ZHANG, Jindong WANG

“…To solve the problem of the optimal strategy selection for moving target defense,the defense strategy was defined formally,the defense principle from the perspective of attack surface shifting and exploration surface enlarging was taken into account.Then,network attack-defense behaviors were analyzed from the sight of dynamic confrontation and bounded information.According to the analysis of attack-defense game types and confrontation process,the moving target defense model based on signaling game was constructed.Meanwhile,the method to quantify strategies was improved and the solution of perfect Bayesian equilibrium was proposed.Furthermore,the optimal defense strategy selection algorithm was designed by the equilibrium analysis.Finally,the simulation demonstrates the effectiveness and feasibility of the proposed optimal strategy and selection method.…”
Get full text

Network intrusion intention analysis model based on Bayesian attack graph by Zhiyong LUO, Xu YANG, Jiahui LIU, Rui XU

“…Aiming at the problem of ignoring the impact of attack cost and intrusion intention on network security in the current network risk assessment model,in order to accurately assess the target network risk,a method of network intrusion intention analysis based on Bayesian attack graph was proposed.Based on the atomic attack probability calculated by vulnerability value,attack cost and attack benefit,the static risk assessment model was established in combination with the quantitative attack graph of Bayesian belief network,and the dynamic update model of intrusion intention was used to realize the dynamic assessment of network risk,which provided the basis for the dynamic defense measures of attack surface.Experiments show that the model is not only effective in evaluating the overall security of the network,but also feasible in predicting attack paths.…”
Get full text

Research on models of network security evaluation and analysis by Wenyan LIU, Shumin HUO, Qing TONG, Miao ZHANG, Chao QI

“…Network security assessment helps to grasp the current and future risks of the network information system clearly,and gives corresponding security suggestions and countermeasures.Model of network security assessment and analysis is an important research direction and content,for which there is no review to give a comprehensive summary or analysis.A review of common network security evaluation and analysis model was given.The model that focus on attack was introduced,such as the attack tree,attack graph and kill chain,then the model that focus on network defense or offensive and defensive interaction was explained,such as attack surface,cyber epidemic model,Petri nets and automation machine,giving introduction to the basic concept,application field,modeling analysis process,advantages and disadvantages of the models.Then,typical examples were given to illustrate the application of the models in network defense technology evaluation and analysis.…”
Get full text

Optimal strategy selection approach of moving target defense based on Markov time game by Jinglei TAN, Hengwei ZHANG, Hongqi ZHANG, Hui JIN, Cheng LEI

“…For the problem that the existed game model was challenging to model the dynamic continuous characteristics of network attack and defense confrontation effectively,a method based on Markov time game was proposed to select the optimal strategy for moving target defense.Based on the analysis of the attack and defense confrontation process of moving targets,the set of moving target attack and defense strategies was constructed.The dynamics of the single-stage moving target defense process was described by time game.The randomness of multi-stage moving target defense state transformation was described by Markov decision process.At the same time,by abstracting the use of resource vulnerability by attack-defense participants as the alternation of the control of the attack surface,the versatility of the game model was effectively guaranteed.On this basis,the existence of equilibrium was analyzed and proved,and the optimal strategy selection algorithm was designed.Finally,the practicality of the constructed model and the effectiveness of the algorithm are verified by an application example.…”
Get full text

Ransomware on cyber-physical systems: Taxonomies, case studies, security gaps, and open challenges by Mourad Benmalek

“…In recent years, ransomware has also started to target critical infrastructure and Cyber-Physical Systems (CPS) such as industrial control systems, smart grids, and healthcare networks. The unique attack surface and safety-critical nature of CPS introduce new challenges in defending against ransomware. …”
Get full text

MHSDN: A Hierarchical Software Defined Network Reliability Framework design by Zhengbin Zhu, Qinrang Liu, Dongpei Liu, ChenYang Ge, Chong Wang

“…Simultaneously, the attack surface measurement of MD is innovatively proposed, further improving the security and usability measurement standards of the MD system. …”
Get full text

A Secure Object Detection Technique for Intelligent Transportation Systems by Jueal Mia, M. Hadi Amini

“…However, due to the distributed nature of federated learning, there is a larger attack surface, making cyber-attack detection and defense challenging. …”
Get full text

Evaluation of Mechanical and Durability Properties of Eco-Friendly Concrete Containing Silica Fume, Waste Glass Powder, and Ground Granulated Blast Furnace Slag by Mahdi Bameri, Soroush Rashidi, Mohammad Mohammadhasani, Mohammad Maghsoudi, Hesam Madani, Fereydoun Rahmani

“…The properties evaluated in this study include compressive, tensile, and flexural strength, magnesium sulfate and sulfuric acid attack, surface resistivity, rapid chloride penetrability test (RCPT), water absorption, depth of penetration of water, and microstructure analysis by scanning electron microscopy (SEM). …”
Get full text

Quantum Key Distribution Applicability to Smart Grid Cybersecurity Systems by Warren Grice, Mohammed Olama, Annabelle Lee, Philip G. Evans

“…Unfortunately, the increased information flow will increase the potential attack surface and introduce new vulnerabilities. While a smarter grid will depend critically on information flow, these benefits will be accrued only if that information can be protected. …”
Get full text

An MLLM-Assisted Web Crawler Approach for Web Application Fuzzing by Wantong Yang, Enze Wang, Zhiwen Gui, Yuan Zhou, Baosheng Wang, Wei Xie

“…Web application fuzzing faces significant challenges in achieving comprehensive test interface (attack surface) coverage, primarily due to the complexity of user interactions and dynamic website architectures. …”
Get full text

Evaluating the Effectiveness of Zero Trust Architecture in Protecting Against Advanced Persistent Threats by Pushpendra Kumar Verma, Bharat Singh, Preety, Shubham Kumar Sharma, Rakesh Prasad Joshi

“…By taking a comprehensive approach to network security, the study evaluates how well Zero Trust Architecture mitigates security risks and shrinks the attack surface. It looks into the difficulties and factors to be taken into account when adopting Zero Trust Architecture, including scalability, user experience, and operational complexity. …”
Get full text

Dual-stack host discovery method based on SSDP and DNS-SD protocol by Fan SHI, Yao ZHONG, Pengfei XUE, Chengxi XU

“…With the exhaustion of the IPv4 addresses, the promotion and deployment of IPv6 has been accelerating.Dual-stack technology allows devices to enable both IPv4 and IPv6 protocols, which means that users are facing more security risks.Although the existing work can realize the identification and measurement of some dual-stack servers, the following problems still exist.Dual-stack host identification requires deep protocol identification of host services, but this method consumes too much scanning resources.Besides, network service providers may provide consistent services on distributed hosts, making it difficult to guarantee the accuracy of dual-stack host identification through service fingerprints.To solve these problems, the LAN service discovery protocol was used to bind host services to IP addresses, and a dual-stack host discovery method based on SSDP and DNS-SD protocols was proposed.In IPv4 network environment, the target host was induced to actively send a request to the constructed IPv6 server through SSDP protocol, and then the IPv6 address was extracted from the server’s log.Or the service list of the target host and its corresponding AAAA record was enumerated through the DNS-SD protocol and the IPv6 address of the target host was obtained, in order to realize the discovery of the dual stack address pairs.With this method, IPv6 addresses was obtained directly from the IPv4 host, which ensured the accuracy of the discovered dual-stack host.At the same time, only request packets for specific protocols were needed during the discovery process, which greatly saved scanning resources.Based on this method, the SSDP hosts and DNS-SD hosts accidentally exposed to the global IPv4 network were measured.A total number of 158k unique IPv6 addresses were collected, of which 55k were dual-stack host address pairs with globally reachable IPv6 addresses.Unlike existing work that focused on dual-stack servers, this method mainly targeted end-users and client devices, and built a unique set of active IPv6 devices and dual-stack host address pairs that have not been explored so far.Through the analysis of the obtained IPv6 address addressing type, it shows that IPv6 address is mainly generated in a random manner, which greatly reduces the possibility of IPv6 hosts being discovered by scanning.In particular, by measuring the ports and services of dual-stack hosts, we found that the security policy differences of dual-stack hosts on different protocol stacks.Especially, IPv6 protocol stack exposes more high-risk services, expanding the attack surface of hosts.The research results also show that the infeasibility of IPv6 address space traversal scanning mitigates the security risks of IPv6, but incorrect network configuration greatly increases the possibility of these high-risk IPv6 hosts being discovered and users should revisit IPv6 security strategy on dual-stack hosts.…”
Get full text

Hybrid dung beetle optimization based dimensionality reduction with deep learning based cybersecurity solution on IoT environment by Amal K. Alkhalifa, Nuha Alruwais, Wahida Mansouri, Munya A. Arasi, Mohammed Alliheedi, Fouad Shoie Alallah, Alaa O. Khadidos, Abdulrhman Alshareef

“…Cybersecurity analysts often refer to this as increasing the attack surface from which hackers can benefit. Implementing the proper security measures is crucial since IoT devices can be vulnerable to cyberattacks and are often built with limited security features. …”
Get full text