Biblio
Filters: Author is McDermott, Christopher D. [Clear All Filters]
.
2019. Dimensions of ‘Socio’ Vulnerabilities of Advanced Persistent Threats. 2019 International Conference on Software, Telecommunications and Computer Networks (SoftCOM). :1–5.
Advanced Persistent Threats (APT) are highly targeted and sophisticated multi-stage attacks, utilizing zero day or near zero-day malware. Directed at internetworked computer users in the workplace, their growth and prevalence can be attributed to both socio (human) and technical (system weaknesses and inadequate cyber defenses) vulnerabilities. While many APT attacks incorporate a blend of socio-technical vulnerabilities, academic research and reported incidents largely depict the user as the prominent contributing factor that can weaken the layers of technical security in an organization. In this paper, our objective is to explore multiple dimensions of socio factors (non-technical vulnerabilities) that contribute to the success of APT attacks in organizations. Expert interviews were conducted with senior managers, working in government and private organizations in the United Arab Emirates (UAE) over a period of four years (2014 to 2017). Contrary to common belief that socio factors derive predominately from user behavior, our study revealed two new dimensions of socio vulnerabilities, namely the role of organizational management, and environmental factors which also contribute to the success of APT attacks. We show that the three dimensions postulated in this study can assist Managers and IT personnel in organizations to implement an appropriate mix of socio-technical countermeasures for APT threats.
.
2019. Towards a Conversational Agent for Threat Detection in the Internet of Things. 2019 International Conference on Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA). :1–8.
A conversational agent to detect anomalous traffic in consumer IoT networks is presented. The agent accepts two inputs in the form of user speech received by Amazon Alexa enabled devices, and classified IDS logs stored in a DynamoDB Table. Aural analysis is used to query the database of network traffic, and respond accordingly. In doing so, this paper presents a solution to the problem of making consumers situationally aware when their IoT devices are infected, and anomalous traffic has been detected. The proposed conversational agent addresses the issue of how to present network information to non-technical users, for better comprehension, and improves awareness of threats derived from the mirai botnet malware.