Biblio

With the advent of the Internet era, all walks of life in our country have undergone earth-shaking changes, especially the drone and geographic information industries, which have developed rapidly under the impetus of the Internet of Things era. However, with the continuous development of science and technology, the network structure has become more and more complex, and the types of network attacks have varied. UAV information security and geographic information data have appeared security risks on the network. These hidden dangers have contributed to the progress of the drone and geographic information industry. And development has caused a great negative impact. In this regard, this article will conduct research on the network security of UAV systems and geographic information data, which can effectively assess the network security risks of UAV systems, and propose several solutions to potential safety hazards to reduce UAV networks. Security risks and losses provide a reference for UAV system data security.

Currently, risk assessment of industrial control systems is static and performed manually. With the increased convergence of operational technology and information technology, risk assessment has to incorporate a combined safety and security analysis along with their interdependency. This paper investigates the data inputs required for safety and security assessments, also if the collection and utilisation of such data can be automated. A particular focus is put on integrated assessment methods which have the potential for automation. In case the overall process to identify potential hazards and threats and analyze what could happen if they occur can be automated, manual efforts and cost of operation can be reduced, thus also increasing the overall performance of risk assessment.

Cyber physical system (CPS) Critical infrastructures (CIs) like the power and energy systems are increasingly becoming vulnerable to cyber attacks. Mitigating cyber risks in CIs is one of the key objectives of the design and maintenance of these systems. These CPS CIs commonly use legacy devices for remote monitoring and control where complete upgrades are uneconomical and infeasible. Therefore, risk assessment plays an important role in systematically enumerating and selectively securing vulnerable or high-risk assets through optimal investments in the cybersecurity of the CPS CIs. In this paper, we propose a CPS CI security framework and software tool, CySec Game, to be used by the CI industry and academic researchers to assess cyber risks and to optimally allocate cybersecurity investments to mitigate the risks. This framework uses attack tree, attack-defense tree, and game theory algorithms to identify high-risk targets and suggest optimal investments to mitigate the identified risks. We evaluate the efficacy of the framework using the tool by implementing a smart grid case study that shows accurate analysis and feasible implementation of the framework and the tool in this CPS CI environment.

Information security construction is a social issue, and the most urgent task is to do an excellent job in information risk assessment. The bayesian neural network currently plays a vital role in enterprise information security risk assessment, which overcomes the subjective defects of traditional assessment results and operates efficiently. The risk quantification method based on fuzzy theory and Bayesian regularization BP neural network mainly uses fuzzy theory to process the original data and uses the processed data as the input value of the neural network, which can effectively reduce the ambiguity of language description. At the same time, special neural network training is carried out for the confusion that the neural network is easy to fall into the optimal local problem. Finally, the risk is verified and quantified through experimental simulation. This paper mainly discusses the problem of enterprise information security risk assessment based on a Bayesian neural network, hoping to provide strong technical support for enterprises and organizations to carry out risk rectification plans. Therefore, the above method provides a new information security risk assessment idea.

Traditional risk assessment process based on knowledge of threat occurrence probability against every system’s asset. One should consider asset placement, applied security measures on asset and network levels, adversary capabilities and so on: all of that has significant influence on probability value. We can measure threat probability by modelling complex attack process. Such process requires creating an attack tree, which consist of elementary attacks against different assets and relations between elementary attacks and impact on influenced assets. However, different attack path may lead to targeted impact – so task of finding optimal attack chain on a given system topology emerges. In this paper method for complex attack graph creation presented, allowing automatic building various attack scenarios for a given system. Assuming that exploits of particular vulnerabilities represent by independent events, we can compute the overall success probability of a complex attack as the product of the success probabilities of exploiting individual vulnerabilities. This assumption makes it possible to use algorithms for finding the shortest paths on a directed graph to find the optimal chain of attacks for a given adversary’s target.

The world’s most important industrial economy is particularly vulnerable to both external and internal threats, such as the one uncovered in Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS). Upon those systems, the success criteria for security are quite dynamic. Security flaws in these automated SCADA systems have already been discovered by infiltrating the entire network in addition to reducing production line hazards. The objective of our review article is to show various potential future research voids that recent studies have, as well as how many methods are available to concentrate on specific aspects of risk assessment of manufactured systems. The state-of-the-art methods in cyber security risk assessment of SCADA systems are reviewed and compared in this research. Multiple contemporary risk assessment approaches developed for or deployed in the settings of a SCADA system are considered and examined in detail. We outline the approaches’ main points before analyzing them in terms of risk assessment, conventional analytical procedures, and research challenges. The paper also examines possible risk regions or locations where breaches in such automated SCADA systems can emerge, as well as solutions as to how to safeguard and eliminate the hazards when they arise during production manufacturing.

Common Vulnerability Scoring System (CVSS) is intended to capture the key characteristics of a vulnerability and correspondingly produce a numerical score to indicate the severity. Important efforts are conducted for building a CVSS stochastic model in order to provide a high-level risk assessment to better support cybersecurity decision-making. However, these efforts consider nothing regarding HPC (High-Performance Computing) networks using a Science Demilitary Zone (DMZ) architecture that has special design principles to facilitate data transition, analysis, and store through in a broadband backbone. In this paper, an HPCvul (CVSS-based vulnerability and risk assessment) approach is proposed for HPC networks in order to provide an understanding of the ongoing awareness of the HPC security situation under a dynamic cybersecurity environment. For such a purpose, HPCvul advocates the standardization of the collected security-related data from the network to achieve data portability. HPCvul adopts an attack graph to model the likelihood of successful exploitation of a vulnerability. It is able to merge multiple attack graphs from different HPC subnets to yield a full picture of a large HPC network. Substantial results are presented in this work to demonstrate HPCvul design and its performance.

In view of the problems that the existing power grid risk assessment mainly depends on the data fusion of decision-making level, which has strong subjectivity and less effective information, this paper proposes a risk assessment method of microgrid system based on random matrix theory. Firstly, the time series data of multiple sensors are constructed into a high-dimensional matrix according to the different parameter types and nodes; Then, based on random matrix theory and sliding time window processing, the average spectral radius sequence is calculated to characterize the state of microgrid system. Finally, an example is given to verify the effectiveness of the method.

The most vital requirement for the electric power system as a critical infrastructure is its security of supply. In course of the transition of the electric energy system, however, the security provided by the N-1 principle increasingly reaches its limits. The IT/OT convergence changes the threat structure significantly. New risk factors, that can lead to major blackouts, are added to the existing ones. The problem, however, the cost of security optimizations are not always in proportion to their value. Not every component is equally critical to the energy system, so the question arises, "How secure does my system need to be?". To adress the security-by-design principle, this contribution introduces a Security Metric (SecMet) that can be applied to Smart Grid architectures and its components and deliver an indicator for the "Securitisation Need" based on an individual risk assessment.

Effective information security risk management is essential for survival of any business that is dependent on IT. In this paper we present an efficient and effective solution to find best parameters for managing cyber risks using artificial intelligence. Genetic algorithm is use as it can provide our required optimization and intelligence. Results show that GA is professional in finding the best parameters and minimizing the risk.

Information Technology (IT) governance crosses the organization practices, culture, and policy that support IT management in controlling five key functions, which are strategic alignment, performance management, resource management, value delivery, and risk management. The line of sight is extended from the corporate strategy to the risk management, and risk controls are assessed against operational goals. Thus, the risk management model is concerned with ensuring that the corporate risks are sufficiently controlled and managed. Many organizations rely on IT services to facilitate and sustain their operations, which mandate the existence of a risk management model in their IT governance. This paper examines prior research based on IT governance by using a risk management framework. It also proposes a new method for calculating and classifying IT-related risks. Additionally, we assessed our technique with one of the critical IT services that proves the reliability and accuracy of the implemented model.

This article discusses a threat and vulnerability analysis model that allows you to fully analyze the requirements related to information security in an organization and document the results of the analysis. The use of this method allows avoiding and preventing unnecessary costs for security measures arising from subjective risk assessment, planning and implementing protection at all stages of the information systems lifecycle, minimizing the time spent by an information security specialist during information system risk assessment procedures by automating this process and reducing the level of errors and professional skills of information security experts. In the initial sections, the common methods of risk analysis and risk assessment software are analyzed and conclusions are drawn based on the results of comparative analysis, calculations are carried out in accordance with the proposed model.

Vendor cybersecurity risk assessment is of critical importance to smart city infrastructure and sustainability of the autonomous mobility ecosystem. Lack of engagement in cybersecurity policies and process implementation by the tier companies providing hardware or services to OEMs within this ecosystem poses a significant risk to not only the individual companies but to the ecosystem overall. The proposed quantitative method of estimating cybersecurity risk allows vendors to have visibility to the financial risk associated with potential threats and to consequently allocate adequate resources to cybersecurity. It facilitates faster implementation of defense measures and provides a useful tool in the vendor selection process. The paper focuses on cybersecurity risk assessment as a critical part of the overall company mission to create a sustainable structure for maintaining cybersecurity health. Compound cybersecurity risk and impact on company operations as outputs of this quantitative analysis present a unique opportunity to strategically plan and make informed decisions towards acquiring a reputable position in a sustainable ecosystem. This method provides attack trees and assigns a risk factor to each vendor thus offering a competitive advantage and an insight into the supply chain risk map. This is an innovative way to look at vendor cybersecurity posture. Through a selection of unique industry specific parameters and a modular approach, this risk assessment model can be employed as a tool to navigate the supply base and prevent significant financial cost. It generates synergies within the connected vehicle ecosystem leading to a safe and sustainable economy.

This paper continues analysis of approaches of IT risk assessment and management in modern IT management frameworks. Building on systematicity principles and the review of concepts of risk and methods of risk analysis in the frameworks, we discuss applicability of the methods for business decision-making in the real world and propose ways to their improvement.

In order to ensure the security of information assets and standardize the risk assessment and inspection workflow of information assets. This paper has designed and developed a risk assessment system for information and communication equipment with simple operation, offline assessment, and diversified external interfaces. The process of risk assessment can be realized, which effectively improves the efficiency of risk assessment.

With over 80% of goods transportation in volume carried by sea, ports are key infrastructures within the logistics value chain. To address the challenges of the globalized and competitive economy, ports are digitizing at a fast pace, evolving into smart ports. Consequently, the cyber-resilience of ports is essential to prevent possible disruptions to the economic supply chain. Over the last few years, there has been a significant increase in the number of disclosed cyber-attacks on ports. In this paper, we present the capabilities of a high-end hybrid cyber range for port cyber risks awareness and training. By describing a specific port use-case and the first results achieved, we draw perspectives for the use of cyber ranges for the training of port actors in cyber crisis management.

The rise of supply chain finance has provided effective assistance to SMEs with financing difficulties. This study mainly explores the financial risk evaluation of supply chain under the leadership of 3PL. According to the risk identification, 27 comprehensive rating indicators were established, and then the model under the BP neural network was constructed through empirical data. The actual verification results show that the model performs very well in risk assessment which helps 3PL companies to better evaluate the business risks of supply chain finance, so as to take more effective risk management measures.

In the recent years, sustainability has becoming an important topic in agro-food supply chain. Moreover, these supply chains are more vulnerable due to different interrelated risks from man-made and natural disasters. However, most of the previous studies consider less about interrelation in assessing sustainability risks. The purpose of this research is to develop a framework to assess supply chain sustainability risks by rnking environmental risks, economic risks, social risks and operational risks. To solve this problem, the proposed methodology is an integrated rough decision- making and trial evaluation laboratory (DEMA℡) method that consider the interrelationship between different risks and the group preference diversity. In order to evaluate the applicability of the proposed method, a real-world case study of Tunisian agro-food company is presented. The results show that the most important risks are corruption, inflation and uncertainty in supply and demand.

This paper establishes a novel approach to supply chain risk management (SCRM), through establishing a risk assessment framework addressing the importance of SCRM and supply chain visibility (SCV). Through a quantitative assessment and empirical evidence, the paper also discusses the specific risks within the manufacturing industry. Based on survey data collected and a case study from Asia, the paper finds that supplier delays and poor product quality can be considered as prevailing risks relevant to the manufacturing industry. However, as supply chain risks are inter-related, one must increase supply chain visibility to fully consider risk causes that ultimately lead to the risk effects. The framework established can be applied to different industries with the view to inform organisations on prevailing risks and prompt motivate improvement in supply chain visibility, thereby, modify risk management strategies. Through suggesting possible risk sources, organisations can adopt proactive risk mitigation strategies so as to more efficiently manage their exposure.

Supply chain security threats pose new challenges to security risk modeling techniques for complex ICT systems such as the IoT. With established techniques drawn from attack trees and reliability analysis providing needed points of reference, graph-based analysis can provide a framework for considering the role of suppliers in such systems. We present such a framework here while highlighting the need for a component-centered model. Given resource limitations when applying this model to existing systems, we study various classes of uncertainties in model development, including structural uncertainties and uncertainties in the magnitude of estimated event probabilities. Using case studies, we find that structural uncertainties constitute a greater challenge to model utility and as such should receive particular attention. Best practices in the face of these uncertainties are proposed.

The contemporary struggle that rests upon security risk assessment of Information Systems is its feasibility in the presence of an indeterminate environment when information is insufficient, conflicting, generic or ambiguous. But as pointed out by the security experts, most of the traditional approaches to risk assessment of information systems security are no longer practicable as they fail to deliver viable support on handling uncertainty. Therefore, to address this issue, we have anticipated a comprehensive risk assessment model based on Bayesian Belief Network (BBN) and Fuzzy Inference Scheme (FIS) process to function in an indeterminate environment. The proposed model is demonstrated and further comparisons are made on the test results to validate the reliability of the proposed model.

Cyber-attacks toward cyber-physical systems are one of the main concerns of smart grid's operators. However, many of these cyber-attacks, are toward unmanned substations where the cyber-attackers needs to be close enough to substation to malfunction protection and control systems in substations, using Electromagnetic signals. Therefore, in this paper, a new threat detection algorithm is proposed to prevent possible cyber-attacks toward unmanned substations. Using surveillance camera's streams and based on You Only Look Once (YOLO) V3, suspicious objects in the image are detected. Then, using Intersection over Union (IOU) and Generalized Intersection Over Union (GIOU), threat distance is estimated. Finally, the estimated threats are categorized into three categories using color codes red, orange and green. The deep network used for detection consists of 106 convolutional layers and three output prediction with different resolutions for different distances. The pre-trained network is transferred from Darknet-53 weights trained on 80 classes.

In a Smart City, new technologies such as big data analytics, data fusion and artificial intelligence will increase awareness by measuring many phenomena and storing a huge amount of data. 5G will allow communication of these data among different infrastructures instantaneously. In a Smart City, security aspects are going to be a major concern. Some drawbacks, such as vulnerabilities of a highly integrated system and information overload, must be considered. To overcome these downsides, an innovative predictive model for Smart City security risk assessment has been developed. Risk metrics and indicators are defined by considering data coming from a wide range of sensors. An innovative ``what if'' algorithm is introduced to identify critical infrastructures functional relationship. Therefore, it is possible to evaluate the effects of an incident that involves one infrastructure over the others.

Well-known approaches to risk analysis suggest considering the level of an information system risk as one frame in a film. This means that we only can perform a risk assessment for the current point in time. This article explores the idea of risk assessment in a future period, as a prediction of what we will see in the film later. In other words, the article presents an approach to predicting a potential future risk and suggests the idea of relying on forecasting the likelihood of an attack on information system assets. To establish the risk level at a selected time interval in the future, one has to perform a mathematical decomposition. To do this, we need to select the required information system parameters for the predictions and their statistical data for risk assessment. This method can be used to ensure more detailed budget planning when ensuring the protection of the information system. It can be also applied in case of a change of the information protection configuration to satisfy the accepted level of risk associated with projected threats and vulnerabilities.

Software development and deployment are generally fast-pacing practices, yet to date there is still a significant amount of legacy software running in various critical industries with years or even decades of lifespans. As the source code of some legacy software became unavailable, it is difficult for maintainers to actively patch the vulnerabilities, leaving the outdated binaries appealing targets of advanced security attacks. One of the most powerful attacks today is code reuse, a technique that can circumvent most existing system-level security facilities. While there have been various countermeasures against code reuse, applying them to sourceless software appears to be exceptionally challenging. Fine-grained code randomization is considered to be an effective strategy to impede modern code-reuse attacks. To apply it to legacy software, a technique called binary rewriting is employed to directly reconstruct binaries without symbol or relocation information. However, we found that current rewriting-based randomization techniques, regardless of their designs and implementations, share a common security defect such that the randomized binaries may remain vulnerable in certain cases. Indeed, our finding does not invalidate fine-grained code randomization as a meaningful defense against code reuse attacks, for it significantly raises the bar for exploits to be successful. Nevertheless, it is critical for the maintainers of legacy software systems to be aware of this problem and obtain a quantitative assessment of the risks in adopting a potentially incomprehensive defense. In this paper, we conducted a systematic investigation into the effectiveness of randomization techniques designed for hardening outdated binaries. We studied various state-of-the-art, fine-grained randomization tools, confirming that all of them can leave a certain part of the retrofitted binary code still reusable. To quantify the risks, we proposed a set of concrete criteria to classify gadgets immune to rewriting-based randomization and investigated their availability and capability.