ABSTRACT. Stolen identities have become a common occurrence around the world. The lesser-known facts of identity theft touches on the purchasing of stolen identity artefacts such as drivers’ licenses, passports, weapons, and counterfeit currency using Darknet marketplaces. In this paper we will look at, from a technical perspective, how sophisticated underground marketplaces are structured specifically to protect buyer and sellers. We will also dive deeper into some of the artefacts available to purchase on these marketplaces.

ABSTRACT. SCADA and Industrial Control Systems (ICS) are increasingly vulnerable to cybersecurity attacks as the landscape between IT and OT technologies converge and industrial organisations undergo digitalisation and modernisation. Industrial organizations are moving rapidly as part of the convergence and digitalisation to take advantage of IT technologies in their operational technology (OT) environments to become more competitive. In this digital transformation, interconnected systems and data analytics, SCADA, ICS, Industrial Internet of Things (IIOT) and smart sensors and cloud technologies are added into the manufacturing process. Along with the benefits of increased efficiency and shared data come mounting OT security risks to the infrastructure. Little risk mitigation and remediation with limited patching, hard-to-test production environments, and low visibility of assets, analytics and operational data create a higher risk.

Cyberattacks on ICS and SCADA systems can impact the safety, availability, reliability and predictability of workers, operations and the value chain and be catastrophic. Typically, OT teams don’t know security, and IT teams don’t know operational processes. This critical skills gap contributes to security vulnerability. Government regulations continue to grow as cyberattacks increase in frequency and severity, leading to significant operational changes.

In this paper we cover the application of Sherwood Applied Business Security Architecture (SABSA) and IEC-62443 Security for industrial automation and control systems in the Fast-Moving Consumer Goods (FMCG) industry. In particular, we provide a perspective on performing an OT risk-assessment in a FMCG environment and illustrate the associated contextual, conceptual, logical and physical architectures.

ABSTRACT. Information Technology (IT) networks are susceptible to varieties of intrusions. Data communication through industrial networks needs to be protected from unauthorized access. The number of attacks increases rapidly due to the wide range of network operations. Industrial networks provide a connection between servers and control devices, which are located at the plant. The security attacks rises due to the wide usage of internet for accessing and monitoring the plant information. It is essential to preserve data communication in process monitoring and control operations. This proposed work is the novel dynamic key generation algorithm that generates different keys each time during the process of encoding. The security mechanism is developed that enhances the security and protects the information from unauthorized access. This security algorithm is developed and simulated using MATLAB software. This proposed cryptographic algorithm can perform encryption of the infinite number of bytes which provides additional network security. It can be applicable for securing the sensitive process parameters in industrial operations.

ABSTRACT. The type and number of cyber-attacks on data networks have been increasing. As networks grow, the importance of Network Intrusion Detection Systems (NIDS) in monitoring threats has also increased. One of the challenges in NIDS is the high number of alerts the systems generate, and the overwhelming effect that alerts have on security operations. To process alerts efficiently, NIDS can be designed to include Machine Learning (ML) capabilities. In the literature, various NIDS architectures that use ML approaches have been proposed. However, high false alarm rates continue to be a challenge to most NID systems. In this paper, we present a NIDS that uses ensemble ML in order to improve the performance of attack detection and to decrease the rate of false alarms. To achieve this, we combine four ensemble ML classifiers – (Random Forest, AdaBoost, XGBoost and Gradient boosting decision tree) using a soft voting scheme.

ABSTRACT. Energy smart meters have become very popular, advantaging the general public and utility companies via instant energy monitoring, and modelling, respectively. The information available from smart metering could however be used maliciously with the use of non-intrusive load monitoring technology. In this paper, we explore the vectors for attack on the smart metering network, showing physical and logical locations from which data could be stolen; and show how socio-economic, health related, occupancy, and multi-media viewing habits can be estimated to a high accuracy, thus posing a threat to users’ privacy and security.

ABSTRACT. Performance measures commonly used in systems security engineering tend to be static, linear, and have limited utility in addressing challenges to security performance from increasingly complex risk environments, adversary innovation, and disruptive technologies. Leveraging key concepts from resilience science offers an opportunity to advance next-generation systems security engineering to better describe the complexities, dynamism, and non-linearity observed in security performance—particularly in response to these challenges. This article introduces a multilayer network model and modified Continuous Time Markov Chain model that explicitly captures interdependencies in systems security engineering. The results and insights from a multilayer network model of security for a hypothetical nuclear power plant introduce how network-based metrics can incorporate resilience concepts into performance metrics for next generation systems security engineering.

ABSTRACT. There are many use cases for cybersecurity related information available on the Internet. Tasks relating to natural language processing and machine learning require large amounts of structured and labeled data. However, the availability of recent data is limited due to the difficulty in its sanitization, retrieval, and labeling. Data on the Internet is generally diverse and unstructured, and storing this information in a manner that is easily usable for research and development purposes is not an intuitive task. We propose architectural considerations when developing a distributed system consisting of web crawlers, web scrapers, and various post-processing components, as well as possible implementations of these considerations. Our team developed such a system that is capable of applying structure and storing open source intelligence data from the Internet in an easily-searchable software platform called Splunk.

ABSTRACT. Cyberspace is a very dynamic environment whose importance and rapid development have been a catalyst for rapid changes taking place in the way people work, live and think, and is helping to advance our society and civilisation in a new era. The growth, size and complexity of local computer networks brings with it requirements for continuous monitoring of their performance, which is a fundamental prerequisite for their efficiency and also requires that the same effort invested in the development and innovation of technologies for higher efficiency also goes into security assurance. The aim of this paper is to present a method for numerical solution of a cyberattack detection model based on a system of nonlinear differential equations with delay. The behaviour of the model is demonstrated by computer simulation and the Maple system is used for graphical representation of the results.

ABSTRACT. With many of the functionalities of Drones being controlled by highly sophisticated Computers through wired and wireless networks, Cyber security is playing a vital role in ensuring safety and security of these. There are many incidents being reported about the breach of Cyber Security involving Drones thus bringing to focus existing vulnerabilities and threats. The attackers may be remotely launching the attacks. The successful attacks can have high impact leading to serious incidents. In this paper, several case studies are discussed illustrating the Cyber related incidents in Drones. The latest developments in Cyber Security are presented applicable to Drone industry. The Cyber Security best practices, countermeasures, attack detection and mitigations techniques are presented which are specific to UAVs.

ABSTRACT. The study explores the influencing factors that Radio Frequency (RF) Engineers take into consideration when assessing the likelihood of unintentional electromagnetic radiation compromising the security of information technology equipment. A focus group research methodology is adopted, and the results analyzed using a cause-and-effect technique. Two focus groups of RF Engineers identified twenty-six influencing factors they considered when assessing likelihood. Through the cause-and-effect techniques it was possible to categorize the factors in terms of threat, vulnerability, and impact (the three constituents of a qualitative risk calculation). This information can be used by cyber security practitioners with little or no RF experience to provide a better understanding of the significance RF Engineers place on specific factors particularly when assessing vulnerability likelihood.

ABSTRACT. Security aspects of Internet of Things (IoT) focusing on quality of service (QoS) and quality of experience (QoE) are critically appraised. The paper highlights various useful features of viable IoT protocols and ranked these accordingly for qualitative assessments to develop a consensus towards a unified IoT standard. The IoT challenges to industry and academic institutions are addressed with recommendations to adopt a holistic approach developing and engaging graduates with more QoS/QoE related IoT mini-projects for STEM education.