Biblio

Cyber security is reliant on the actions of both machine and human and remains a domain of importance and continual evolution. While the study of human behavior has grown, less attention has been paid to the adversarial operator. Cyber environments consist of complex and dynamic situations where decisions are made with incomplete information. In such scenarios people form strategies based on simplified models of the world and are often efficient and effective, yet may result in judgement or decision-making bias. In this paper, we examine an initial list of biases affecting adversarial cyber actors. We use subject matter experts to derive examples and demonstrate these biases likely exist, and play a role in how attackers operate.

Buffer overflow (BOF) vulnerability is one of the most dangerous security vulnerability which can be exploited by unwanted users. This vulnerability can be detected by both static and dynamic analysis techniques. For dynamic analysis, execution of the program is required in which the behavior of the program according to specifications is checked while in static analysis the source code is analyzed for security vulnerabilities without execution of code. Despite the fact that many open source and commercial security analysis tools employ static and dynamic methods but there is still a margin for improvement in BOF vulnerability detection capability of these tools. We propose an enhancement in Cppcheck tool for statically detecting BOF vulnerability using data flow analysis in C programs. We have used the Juliet Test Suite to test our approach. We selected two best tools cited in the literature for BOF detection (i.e. Frama-C and Splint) to compare the performance and accuracy of our approach. From the experiments, our proposed approach generated Youden Index of 0.45, Frama-C has only 0.1 Youden's score and Splint generated Youden score of -0.47. These results show that our technique performs better as compared to both Frama-C and Splint static analysis tools.

The Industrial Internet of Things (IIoT) also referred as Cyber Physical Systems (CPS) as critical elements, expected to play a key role in Industry 4.0 and always been vulnerable to cyber-attacks and vulnerabilities. Terrorists use cyber vulnerability as weapons for mass destruction. The dark web's strong transparency and hard-to-track systems offer a safe haven for criminal activity. On the dark web (DW), there is a wide variety of illicit material that is posted regularly. For supervised training, large-scale web pages are used in traditional DW categorization. However, new study is being hampered by the impossibility of gathering sufficiently illicit DW material and the time spent manually tagging web pages. We suggest a system for accurately classifying criminal activity on the DW in this article. Rather than depending on the vast DW training package, we used authorized regulatory to various types of illicit activity for training Machine Learning (ML) classifiers and get appreciable categorization results. Espionage, Sabotage, Electrical power grid, Propaganda and Economic disruption are the cyber warfare motivations and We choose appropriate data from the open source links for supervised Learning and run a categorization experiment on the illicit material obtained from the actual DW. The results shows that in the experimental setting, using TF-IDF function extraction and a AdaBoost classifier, we were able to achieve an accuracy of 0.942. Our method enables the researchers and System authoritarian agency to verify if their DW corpus includes such illicit activity depending on the applicable rules of the illicit categories they are interested in, allowing them to identify and track possible illicit websites in real time. Because broad training set and expert-supplied seed keywords are not required, this categorization approach offers another option for defining illicit activities on the DW.

Experimentation focused on assessing the value of complex visualisation approaches when compared with alternative methods for data analysis is challenging. The interaction between participant prior knowledge and experience, a diverse range of experimental or real-world data sets and a dynamic interaction with the display system presents challenges when seeking timely, affordable and statistically relevant experimentation results. This paper outlines a hybrid approach proposed for experimentation with complex interactive data analysis tools, specifically for computer network traffic analysis. The approach involves a structured survey completed after free engagement with the software platform by expert participants. The survey captures objective and subjective data points relating to the experience with the goal of making an assessment of software performance which is supported by statistically significant experimental results. This work is particularly applicable to field of network analysis for cyber security and also military cyber operations and intelligence data analysis.

Mutual assured destruction is a Cold War era principle of deterrence through causing your enemy to fear that you can destroy them to at least the same extent that they can destroy you. It is based on the threat of retaliation and requires systems that can either be triggered after an enemy attack is launched and before the destructive capability is destroyed or systems that can survive an initial attack and be launched in response. During the Cold War, the weapons of mutual assured destructions were nuclear. However, with the incredible reliance on computers for everything from power generation control to banking to agriculture logistics, a cyber attack mutual assured destruction scenario is plausible. This paper presents this concept and considers the deterrent need, to prevent such a crippling attack from ever being launched, from a system of systems perspective.

The advent of the cyber domain has introduced a new dimension into warfare and complicated existing strategic concepts, provoking divergent responses within different national contexts and strategic cultures. Although current theories regarding cyber deterrence remain relatively nascent, a comparison of U.S. and Chinese strategic thinking highlights notable asymmetries between their respective approaches. While U.S. debates on cyber deterrence have primarily focused on the deterrence of cyber threats, Chinese theorists have also emphasized the potential importance of cyber capabilities to enhance strategic deterrence. Whereas the U.S. government has maintained a consistent declaratory policy for response, Beijing has yet to progress toward transparency regarding its cyber strategy or capabilities. However, certain PLA strategists, informed by a conceptualization of deterrence as integrated with warfighting, have advocated for the actualization of deterrence through engaging in cyber attacks. Regardless of whether these major cyber powers' evolving strategic thinking on cyber deterrence will prove logically consistent or feasibly operational, their respective perspectives will certainly shape their attempts to achieve cyber deterrence. Ultimately, cyber deterrence may continue to be "what states make of it," given conditions of "cyber anarchy" and prevailing uncertainties regarding cyber conflict. Looking forward, future strategic stability in Sino-U.S. cyber interactions will require mitigation of the misperceptions and heightened risks of escalation that could be exacerbated by these divergent strategic approaches.

Persisting to ignore the consequences of Cyber Warfare will bring severe concerns to all people. Hackers and governments alike should understand the barriers of which their methods take them. Governments use Cyber Warfare to give them a tactical advantage over other countries, defend themselves from their enemies or to inflict damage upon their adversaries. Hackers use Cyber Warfare to gain personal information, commit crimes, or to reveal sensitive and beneficial intelligence. Although both methods can provide ethical uses, the equivalent can be said at the other end of the spectrum. Knowing and comprehending these devices will not only strengthen the ability to detect these attacks and combat against them but will also provide means to divulge despotic government plans, as the outcome of Cyber Warfare can be worse than the outcome of conventional warfare. The paper discussed the concept of ethics and reasons that led to use information technology in military war, the effects of using cyber war on civilians, the legality of the cyber war and ways of controlling the use of information technology that may be used against civilians. This research uses a survey methodology to overlook the awareness of Arab citizens towards the idea of cyber war, provide findings and evidences of ethics behind the offensive cyber warfare. Detailed strategies and approaches should be developed in this aspect. The author recommended urging the scientific and technological research centers to improve the security and develop defending systems to prevent the use of technology in military war against civilians.