Cybersecurity Conference Publications, Early 2015
 
SoS Logo

Cybersecurity Conference Publications, Early 2015

The works cited here were presented during the first six weeks of 2015. Also included is the IEEE Standard for substations system cybersecurity.

 

“IEEE Standard Cybersecurity Requirements for Substation Automation, Protection, and Control Systems," IEEE Std C37.240-2014, pp. 1, 38, Jan. 30 2015. doi: 10.1109/IEEESTD.2015.7024885

Cybersecurity measures require that a balance be achieved between technical feasibility and economic feasibility and that this balance addresses the risks expected to be present at a substation. Further, cybersecurity measures must be designed and implemented in such a manner that access and operation to legitimate activities is not impeded, particularly during times of emergency or restoration activity. This standard presents a balance of the above factors.

Keywords: Access controls; Authentication; Computer crime; Computer security; Encryption; IEEE standards; Passwords; Remote access; IEEE C37.240;critical infrastructure protection; cybersecurity; electronic access; encryption; password management; remote access; substations (ID#: 15-4088)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7024885&isnumber=7024884

 

Dark, Melissa, "Thinking about Cybersecurity," Security & Privacy, IEEE, vol. 13, no.1, pp.61, 65, Jan.-Feb. 2015. doi: 10.1109/MSP.2015.17 What is a "security mindset" beyond a healthy dose of paranoia? This article explores advances in neuroscience and the science of learning as a foundation for thinking about whether cybersecurity educators can teach the security mindset, and if so, what that might entail.

Keywords: Computer security; Educational institutions; Neuroscience; Privacy; Uncertainty; cybersecurity; neurocognitive research; science of learning; security; security mindset (ID#: 15-4089)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7031840&isnumber=7031815

 

Geer, Daniel E., "Less Is More: Saving the Internet from Itself," Security & Privacy, IEEE, vol.13, no.1, pp. 80, 80, Jan.-Feb. 2015. doi: 10.1109/MSP.2015.6 Explores the need to protect the content and information gleamed from the Internet while, at the same time, ensure that freedom of access and quality of content remains intact. Claims that there is a choice - do we want to make protection of individual Internet elements the owner's problem for all values of "owner," subject to unpredictable differentiation and a picking of winners and losers by emergent processes that we can perhaps still influence but never again control? Or do we want near monocultures of a few winning platforms whose vastness represents empire and thus requires a level of defense that only a nationstate can provide, if at all? On the former lies the path of so much science fiction, especially if the Singularity is imminent. On the latter lies the path to a state-level control far more invasive than fiat currency and secret standing armies. If neither of these options appeals, now is the time to apply the brakes. Now is the time, individually and collectively, to tamp down risk by tamping down dependence on the Internet. Now is the time to say that target richness is a disease for which the cure is intolerable.

Keywords: Government; Information filters; Information retrieval; Information security; Internet; Philosophical considerations; Social implications of technology; Internet; Internet extension; attacker economics; cybersecurity; security (ID#: 15-4090)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7031818&isnumber=7031815

 

Fonash, Peter; Schneck, Phyllis, "Cybersecurity: From Months to Milliseconds," Computer, vol.48, no.1, pp. 42, 50, Jan. 2015. doi: 10.1109/MC.2015.11 Computer technology is the nexus of our critical infrastructures, yet it remains extremely vulnerable to cyberattacks. A proposed Integrated Adaptive Cyber Defense architecture promises to create a healthy cyber ecosystem by automating many risk decisions and optimizing human oversight of security processes too complex or important for machines alone to solve.

Keywords: Computer crime; Computer hacking; Computer security; Ecosystems; Internet of things; IACD; Integrated Adaptive Cyber Defense; Internet of Things; IoT; cyberattacks; cybersecurity; security (ID#: 15-4091)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7030229&isnumber=7030133

 

Arief, Budi; Adzmi, Mohd Azeem Bin; Gross, Thomas, "Understanding Cybercrime from Its Stakeholders' Perspectives: Part 1--Attackers," Security & Privacy, IEEE, vol.13, no.1, pp.71, 76, Jan.-Feb. 2015. doi: 10.1109/MSP.2015.19 Although cybercrime is rampant, there is no authoritative definition of the term and all that it implies. A comprehensive model and taxonomy of cybercrime, including all of its stakeholders, would contribute to better cybersecurity. Part one of this two-part series explores attackers and their motives in detail.

Keywords: Computer crime; Computers; Cyberspace; National security; Psychology; Training; attackers; cybercrime; cybercrime stakeholders; cybersecurity; security (ID#: 15-4092)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7031833&isnumber=7031815

 

Mazurczyk, Wojciech; Rzeszutko, Elzybieta, "Security--A Perpetual War: Lessons from Nature," IT Professional, vol.17, no. 1, pp.16,22, Jan.-Feb. 2015. doi: 10.1109/MITP.2015.14 For ages, people have sought inspiration in nature. Biomimicry has propelled inventions from Velcro tape to "cat's eyes" retroreflective road markers. At the same time, scientists have been developing biologically inspired techniques, including genetic algorithms and neural and sensor networks. Although a first glance shows no direct connection between the Internet's offensive and defensive techniques and patterns present in nature, closer inspection reveals many analogies between these two worlds. Botnets, distributed denial-of-service attacks, intrusion detection/prevention systems, and others techniques use strategies that closely resemble actions undertaken by certain species in the natural kingdom. The authors analyze these analogies and conclude by suggesting that the security community should turn to nature in search of new offensive and defensive techniques for virtual world security. This article is part of a special issue on IT security.

Keywords: Bioinformatics; Biological system modeling; Computer crime; Computer security; Computer worms; Firewalls (computing);Internet; Intrusion detection; Malware; DDoS attacks; bio-inspired security; bioinformatics; botnets; cybersecurity; honeypots; information technology; intrusion detection; intrusion prevention; security; worms (ID#: 15-4093)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7030143&isnumber=7030137

Note:



Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.