Figure 3 - uploaded by Marco Barros Lourenco
Content may be subject to copyright.
Source publication
2018 was a year that has brought significant changes in the cyberthreat landscape. Those changes had as source discrete developments in motives and tactics of the most important threat agent groups, namely cyber-criminals and state-sponsored actors. Monetization motives have contributed to the appearance of crypto-miners in the top 15 threats. Stat...
Similar publications
Citations
... In 2019, the FBI's Internet Crime Complaint Center (IC3) recorded more than $3.5 B in individual, and companies losses related to cybercrime [4]. Moreover, the 2020 report on botnets from the European Union Agency for Cybersecurity (ENISA) [5] counted that 7.7 million IoT devices are connected every day to the Internet, increasing the attack surface for malware infections [6], [7]. Besides, it informed on an increase on botnet controlling servers of 71.5% concerning The associate editor coordinating the review of this manuscript and approving it for publication was Kuo-Ching Ying . ...
... In our previous work [14], we used thirteen features to characterize TCP flows, but in this work we have dismissed two of them: the average and the variance of the packets' velocity transmission (mVel and vVel). We removed them because their information was already represented by the average and variance of the interval time between consecutive packets (mTime and vTime), as shown in (5). Table 1 shows the remaining eleven features we selected to model network traffic. ...
Botnets are one of the online threats with the most significant presence, causing billionaire losses to global economies. Nowadays, the increasing number of devices connected to the Internet makes it necessary to analyze extensive network traffic data. In this work, we focus on increasing the performance of botnet traffic classification by selecting those features that further increase the detection rate. For this purpose, we use two feature selection techniques, i.e., Information Gain and Gini Importance, which led to three pre-selected subsets of five, six and seven features. Then, we evaluate the three feature subsets and three models, i.e., Decision Tree, Random Forest and k-Nearest Neighbors. To test the performance of the three feature vectors and the three models, we generate two datasets based on the CTU-13 dataset, namely QB-CTU13 and EQB-CTU13. Finally, we measure the performance as the macro averaged F1 score over the computational time required to classify a sample. The results show that the highest performance is achieved by Decision Trees using a five feature set, which obtained a mean F1 score of 85% classifying each sample in an average time of 0.78 microseconds.
Academic, legal and practitioner responses to cyber threats have been predominantly reactive, punitive, and deterrence‐based, with limited attention given to the motives underlying computer criminals' behaviors. This paper reasons that new and better theoretical perspectives are needed to explain computer criminals' motives. Following a review of the computer crime behavioral literature, a summary review of core philosophies and theories used to explain generalized crime and criminal motives is provided. A framework is proposed suggesting that criminological theories have evolved along two categorical dimensions: determinism‐indeterminism, and individualism‐collectivism. The paper then reasons that future computer crime research will benefit by considering indeterminist‐collectivist (constructivist) theories. Two such theories, social construction of technology, and actor‐network theory, are proposed in the discussion section, along with some cybercrime examples. The paper invites a deeper consideration of the origins and motivations of computer‐based criminality as a means of building stronger theory and ultimately advancing more proactive and effective solutions.
In recent years, scholarly work on cybersecurity in smart health has gained substantial attention from both practitioners and scholars. This is primarily due to the rapid growth in the field of information, communications and technology, protocols, an important aspect of smart health communication infrastructure. The smart health communication infrastructure is solely developed to provide data communication for specific networks such as wireless body area network (WBAN) which is developed for the health sector. The modern healthcare service delivery eliminates the need for real-time inspection of elderly and attention-need patients; that is, medical experts can monitor such people from a remote location through e-health communication infrastructure. The developed communication infrastructure is used by e-health organizations to store, process or transfer patient’s data which has high priority and requires confidentiality. The infrastructure used by e-health organizations must restrict unauthorized access to patient data against any intruder. e-health organizations are a major target for hackers as they hold a huge amount of private data as a source of wealth of information. The proposed security solutions for e-health organizations require specific policy developments and propose solutions for specific security layers. The smart, scalable and adaptable solutions are proposed by researchers to overcome several security challenges in e-health organizations. Some of the proposed solutions provide open use and sharing of critical e-health data without compromising patients’ rights to privacy and confidentiality. The deployment of these solutions faces several problems since hackers targeting network layer of these models. Development of new attack methodologies and technological enhancements strengthens hackers to attack with different motivations and compromise e-health organizations’ private data. For this reason, a new security framework is necessary for e-health organizations’ communication infrastructure. The privacy of the patient’s health data must be carefully addressed while developing a new framework. In order to maximize the healthcare quality and minimize the e-health cost, the ultimate goal of this chapter is to expose the limitations in the current e-health organization cybersecurity solutions and provide a new security framework to highlight existing gaps in communication infrastructure of e-health organizations. The comparison of cryptographic attacks against encryption algorithms to secure communication infrastructure, latest zero-day attacks in e-health sector, network layer attacks to e-health organizations and e-health threat intelligence will be investigated within the scope of this chapter. The e-health threat intelligence will be the main contribution of this chapter since threat intelligence provides insight about the possible threat and ensures that e-health organization can defend against zero-day vulnerabilities and protect the patient and other staff personal identification information.
Engineering managers are responsible for the secure operation of critical infrastructure systems and need tools and methods to identify and mitigate potential insider threats such as physical damage to equipment, information leakage, malware, and identify theft. This research examines the benefit of development and analysis of the NATO Human View to aid engineering managers with this responsibility. In an illustrative case study, the NATO Human View is used to analyze electrical grid personnel; the results demonstrate that the NATO Human View can be used to enable engineering managers to make investment decisions that can mitigate security threats.
