In this paper, we correlate human characteristics with cyber security behavior intentions. While previous papers have identified correlations between certain human traits and specific cyber security ...behavior intentions, we present a comprehensive study that examines how risk-taking preferences, decision-making styles, demographics, and personality traits influence the security behavior intentions of device securement, password generation, proactive awareness, and updating. To validate and expand the work of Egelman and Peer, we conducted a survey of 369 students, faculty, and staff at a large public university and found that individual differences accounted for 5%–23% of the variance in cyber security behavior intentions. Characteristics such as financial risk-taking, rational decision-making, extraversion, and gender were found to be significant unique predictors of good security behaviors. Our study revealed both validations and contradictions of related work in addition to finding previously unreported correlations. We motivate the importance of studies such as ours by demonstrating how the influence of individual differences on security behavior intentions can be environment-specific. Thus, some security decisions should also depend on the environment.
This paper presents a review of the literature on state estimation (SE) in power systems. While covering works related to SE in transmission systems, the main focus of this paper is distribution ...system SE (DSSE). The critical topics of DSSE, including mathematical problem formulation, application of pseudo-measurements, metering instrument placement, network topology issues, impacts of renewable penetration, and cyber-security are discussed. Both conventional and modern data-driven and probabilistic techniques have been reviewed. This paper can provide researchers and utility engineers with insights into the technical achievements, barriers, and future research directions of DSSE.
Cyber Security Exercises are emerged as useful tool for assessing and improving preparedness of the organizations and nations against cyber threats. Cyber security exercises of different types & ...duration with various objectives are conducted across the globe. These exercises vary from quiz type exercises to full simulated attack based exercises. One such type of exercise is Table Top Exercise (TTX). TTX are discussion based exercises involving decision makers of the participating entities to meet and discuss the response during the hypothetical emergency situations. These exercises primarily focused on to clarify roles and responsibilities, assessment of effectiveness of plans and further improvements in cyber security. In this paper we presented Objective, Design and Execution of Cyber Crisis Table Top eXercise (CCTTx) named "Don't WannaCry" conducted for Indian entities. 5 CCTTx involving decision makers from 65 organizations with the objective to encourage self-realization of true cyber security posture of their own entity were conducted in 2017.Exercises were divided into three segments starting with (i) Self-assessment in which participating organization self-assess their cyber security posture in pre-defined 6 domains, followed by (ii) Exercise Play in which participating entity act as a hypothetical entity and respond to the presented cyber crisis situation and finally (iii) Hotwash session was executed with purpose of inducing self-realization of their true cyber security posture. Exercise take away for participants was self-realization and identification of improvement plan to enhance cyber security posture of their entities against the cyber attacks. These exercises are unique in design, execution and their objective of self-realization by the participating entities. Success of these exercises is evident from the feedback and adoption of exercises for domestic purpose by participating organizations.
Cyber-security incidents show how difficult it is to make optimal strategic decisions in such a complex environment. Given that it is hard for researchers to observe organisations’ decision-making ...processes driving cyber-security strategy, we developed a board game that mimics this real-life environment and shows the challenges of decision-making. We observed cyber-security experts participating in the game. The results showed that decision-makers who performed poorly tended to employ heuristics, leading to fallacious decision approaches (overreaction strategies in place of proactive ones), and were not always aware of their poor performances. We advocate the need for decision support tools that capture this complex dynamic nature.
The term cyber security is often used interchangeably with the term information security. This paper argues that, although there is a substantial overlap between cyber security and information ...security, these two concepts are not totally analogous. Moreover, the paper posits that cyber security goes beyond the boundaries of traditional information security to include not only the protection of information resources, but also that of other assets, including the person him/herself. In information security, reference to the human factor usually relates to the role(s) of humans in the security process. In cyber security this factor has an additional dimension, namely, the humans as potential targets of cyber attacks or even unknowingly participating in a cyber attack. This additional dimension has ethical implications for society as a whole, since the protection of certain vulnerable groups, for example children, could be seen as a societal responsibility.
Theoretical and empirical insight notes that cyber security awareness is a topic of particular interest in cyber security. Humans are the central figures in cyber security and the way to reduce risk ...in cyberspace is to make people more security aware. While there have been numerous studies about various aspects of cyber security awareness, they are both inconsistent and environment-dependent. The main aim of our research is to analyze cyber security awareness in depth, and to try to discover how various factors such as socio-demographics, cyber security perceptions, previous cyber security breaches, IT usage, and knowledge may individually or together impact on cyber security behavior. To prove that we conducted our research on students, as they are the most technologically active part of the society. We discovered that knowledge proved to be the dominant factor for cyber security awareness, and although students are digital natives, they do not feel safe in the cyber environment; they do not behave securely and do not have adequate knowledge to protect themselves in cyberspace.
Information communications technology systems are facing an increasing number of cyber security threats, the majority of which are originated by insiders. As insiders reside behind the ...enterprise-level security defence mechanisms and often have privileged access to the network, detecting and preventing insider threats is a complex and challenging problem. In fact, many schemes and systems have been proposed to address insider threats from different perspectives, such as intent, type of threat, or available audit data source. This survey attempts to line up these works together with only three most common types of insider namely traitor, masquerader, and unintentional perpetrator, while reviewing the countermeasures from a data analytics perspective. Uniquely, this survey takes into account the early stage threats which may lead to a malicious insider rising up. When direct and indirect threats are put on the same page, all the relevant works can be categorised as host, network, or contextual data-based according to audit data source and each work is reviewed for its capability against insider threats, how the information is extracted from the engaged data sources, and what the decision-making algorithm is. The works are also compared and contrasted. Finally, some issues are raised based on the observations from the reviewed works and new research gaps and challenges identified.
The COVID-19 pandemic was a remarkable, unprecedented event which altered the lives of billions of citizens globally resulting in what became commonly referred to as the new-normal in terms of ...societal norms and the way we live and work. Aside from the extraordinary impact on society and business as a whole, the pandemic generated a set of unique cyber-crime related circumstances which also affected society and business. The increased anxiety caused by the pandemic heightened the likelihood of cyber-attacks succeeding corresponding with an increase in the number and range of cyber-attacks.
This paper analyses the COVID-19 pandemic from a cyber-crime perspective and highlights the range of cyber-attacks experienced globally during the pandemic. Cyber-attacks are analysed and considered within the context of key global events to reveal the modus-operandi of cyber-attack campaigns. The analysis shows how following what appeared to be large gaps between the initial outbreak of the pandemic in China and the first COVID-19 related cyber-attack, attacks steadily became much more prevalent to the point that on some days, three or four unique cyber-attacks were being reported. The analysis proceeds to utilise the UK as a case study to demonstrate how cyber-criminals leveraged salient events and governmental announcements to carefully craft and execute cyber-crime campaigns.
This paper proposes the new concept of intelligent electronic devices (IEDs) with built-in distributed intrusion detection systems. The proposed IEDs have the capabilities to monitor and detect ...anomalies and abnormal behaviors of the host system of IED and IEC 61850-based messages, e.g., sampled values and generic object oriented substation event. The proposed IEDs collaborate with neighboring IEDs to make an accurate decision and find the origin of cyber attacks. The commodity embedded system has been used to verify the performance of the proposed intrusion detection system with power system protection functions of IEDs. The results show that the proposed mitigation methods work accurately and efficiently with protection functions, e.g., overcurrent and distance protections, on the embedded board.
In recent years, machine learning algorithms, and more specifically deep learning algorithms, have been widely used in many fields, including cyber security. However, machine learning systems are ...vulnerable to adversarial attacks, and this limits the application of machine learning, especially in non-stationary, adversarial environments, such as the cyber security domain, where actual adversaries (e.g., malware developers) exist. This article comprehensively summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques and illuminates the risks they pose. First, the adversarial attack methods are characterized based on their stage of occurrence, and the attacker’ s goals and capabilities. Then, we categorize the applications of adversarial attack and defense methods in the cyber security domain. Finally, we highlight some characteristics identified in recent research and discuss the impact of recent advancements in other adversarial learning domains on future research directions in the cyber security domain. To the best of our knowledge, this work is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain, map them in a unified taxonomy, and use the taxonomy to highlight future research directions.