Search results for "Cybersecurity"
showing 10 items of 43 documents
Preventing Execution of Unauthorized Native-Code Software
2017
The business world is exhibiting a growing dependency on computer systems, their operations and the databases they contain. Unfortunately, it also suffers from an ever growing recurrence of malicious software attacks. Malicious attack vectors are diverse and the computer-security industry is producing an abundance of behavioral-pattern detections to combat the phenomenon. This paper proposes an alternative approach, based on the implementation of an attested, and thus trusted, thin-hypervisor. Secondary level address translation tables, governed and fully controlled by the hypervisor, are configured in order to assure that only pre-whitelisted instructions can be executed in the system. Thi…
On Attacking Future 5G Networks with Adversarial Examples : Survey
2022
The introduction of 5G technology along with the exponential growth in connected devices is expected to cause a challenge for the efficient and reliable network resource allocation. Network providers are now required to dynamically create and deploy multiple services which function under various requirements in different vertical sectors while operating on top of the same physical infrastructure. The recent progress in artificial intelligence and machine learning is theorized to be a potential answer to the arising resource allocation challenges. It is therefore expected that future generation mobile networks will heavily depend on its artificial intelligence components which may result in …
National cyber threat prevention mechanism as a part of the E-EWS
2020
The research will find out feature-based functionalities concerning the national cybersecurity system HAVARO and how the system is possible to implement to the EU level early warning system. The research based on interviews, official materials concerning the HAVARO information sharing system, scientific literature and other official published documents. The European level decision-makers have recognized that lack of cooperation between EU member countries effects to completely public safety atmosphere. The only problem does not consist of separate operational functions and procedures between national Cyber situation centers. One main problem is that the European Union does not have a common…
How cyber breeds crime and criminals
2014
Understanding how cyber breeds novel crime and new criminals is a contribution to criminological models with significant applied value. It is highly important for law enforcement and particularly pivotal for preventive intervention. In this paper we propose a human rights-based crime definition, present explanatory models for cybercrime, and outline future arenas and drivers to suggest to the stakeholder community prevention focuses and priorities. The presented work ultimately aims towards supporting two crime preventive design initiatives, one targeted at accounting for and narrowing the cybercriminal space of means, opportunities, and motives; the other aiming at augmenting early and pro…
Towards Practical Cybersecurity Mapping of STRIDE and CWE — a Multi-perspective Approach
2021
Software vulnerabilities are identified during their whole life-cycle; some vulnerabilities may be caused by flaws on the design while other appear due to advances on the technologies around the systems. Frameworks such as OWASP are well- known and are used for testing a systems security before or after implementation, and such testing is carried out against the existing system. Threat modeling however focuses on the early stages of the system design when it is feasible and easy to fix security-related flaws and prevent possible damage caused by them. For example, STRIDE is one very popular threat modeling framework. A STRIDE threat modelling specialist deals with abstract categorizations o…
Smart Terminal System of Systems’ Cyber Threat Impact Evaluation
2023
Systems of system-level thinking is required when the purpose is to develop a coherent understanding of the ecosystem where every user and system requirements are divided into specific parts. The smarter project, as a part of the Sea4value program of DIMECC, aims to develop harbor operations, including passenger and cargo transportation, in a way that port processes will improve, emissions will decrease, and overall security will enhance in smart ports. This paper describes cyber-attack impacts against the Smart terminal system of systems in the cyber realm by utilizing the MITRE ATTACK® framework to map the objectives of threat actors. The Smart Terminal system environment includes ICT, IC…
Cybersecurity risk assessment subjects in information flows
2022
A modern society includes several critical infrastructures in which digitalization can have positive impacts on the levels of autonomy and efficiency in the use of infrastructure systems. Maritime transportation is an example of an infrastructure that currently needs development in the digitalization of its operations and processes. At the same time, maritime processes represent a large-scale cyber environment, thus trustable information distribution between system elements of the processes is needed. Since 2020, the Sea4Value / Fairway (S4VF) research program in Finland has been working to develop maritime digitalization which can lead to autonomy processes in the future. The first stage o…
Assessment of Cybersecurity Risks: Maritime Automated Piloting Process
2022
A modern society is a combination of several critical infrastructures, of which international and national maritime transportation systems are essential parts. Digitalization makes it possible to increase levels of autonomy in maritime systems. It also means fully existing cyberenvironments in maritime processes. In cyberenvironments, it is crucial there is trustable information communication between system elements of the process, alongside the usability, reliability, and integrity of systems data in the operating environment. In order to develop maritime autonomy in Finland the Sea4Value / Fairway (S4VF) research program has been developed. At the first stage of the program, the main goal…
Organizational Learning from Cybersecurity Performance: Effects on Cybersecurity Investment Decisions
2023
AbstractIS literature has identified various economic, performance, and environmental factors affecting cybersecurity investment decisions. However, economic modeling approaches dominate, and research on cybersecurity performance as an antecedent to investments has taken a backseat. Neglecting the role of performance indicators ignores real-world concerns driving actual cybersecurity investment decision-making. We investigate two critical aspects of cybersecurity performance: breach costs and breach identification source, as antecedents to cybersecurity investment decisions. We use organizational learning to theorize how performance feedback from these two aspects of cybersecurity breaches …
Il Perimetro di sicurezza nazionale cibernetica
2023
Il presente contributo intende approfondire la disciplina del Perimetro di sicurezza cibernetica istituito dal Decreto-legge 21 settembre 2019 , n. 105. Segnatamente, il lavoro intende approfondire l’architettura di tale sistema attraverso un’analisi del quadro organizzativo, con particolare riferimento alla distribuzione di competenze (e obblighi) dei diversi attori pubblici e privati coinvolti.