Visible to the public Biblio

Filters: Keyword is vulnerability assessment  [Clear All Filters]
2023-06-09
Haggi, Hamed, Sun, Wei.  2022.  Cyber-Physical Vulnerability Assessment of P2P Energy Exchanges in Active Distribution Networks. 2022 IEEE Kansas Power and Energy Conference (KPEC). :1—5.
Owing to the decreasing costs of distributed energy resources (DERs) as well as decarbonization policies, power systems are undergoing a modernization process. The large deployment of DERs together with internet of things (IoT) devices provide a platform for peer-to-peer (P2P) energy trading in active distribution networks. However, P2P energy trading with IoT devices have driven the grid more vulnerable to cyber-physical threats. To this end, in this paper, a resilience-oriented P2P energy exchange model is developed considering three phase unbalanced distribution systems. In addition, various scenarios for vulnerability assessment of P2P energy exchanges considering adverse prosumers and consumers, who provide false information regarding the price and quantity with the goal of maximum financial benefit and system operation disruption, are considered. Techno-economic survivability analysis against these attacks are investigated on a IEEE 13-node unbalanced distribution test system. Simulation results demonstrate that adverse peers can affect the physical operation of grid, maximize their benefits, and cause financial loss of other agents.
2023-04-28
Hao, Wei, Shen, Chuanbao, Yang, Xing, Wang, Chao.  2022.  Intelligent Penetration and Attack Simulation System Based on Attack Chain. 2022 15th International Symposium on Computational Intelligence and Design (ISCID). :204–207.
Vulnerability assessment is an important process for network security. However, most commonly used vulnerability assessment methods still rely on expert experience or rule-based automated scripts, which are difficult to meet the security requirements of increasingly complex network environment. In recent years, although scientists and engineers have made great progress on artificial intelligence in both theory and practice, it is a challenging to manufacture a mature high-quality intelligent products in the field of network security, especially in penetration testing based vulnerability assessment for enterprises. Therefore, in order to realize the intelligent penetration testing, Vul.AI with its rich experience in cyber attack and defense for many years has designed and developed a set of intelligent penetration and attack simulation system Ai.Scan, which is based on attack chain, knowledge graph and related evaluation algorithms. In this paper, the realization principle, main functions and application scenarios of Ai.Scan are introduced in detail.
ISSN: 2473-3547
2023-02-03
Zhang, Hua, Su, Xueneng.  2022.  Method for Vulnerability Analysis of Communication Link in Electric Cyber Physical System. 2022 4th Asia Energy and Electrical Engineering Symposium (AEEES). :41–46.
This paper conducts simulation analysis on power transmission lines and availability of power communication link based on Latin hypercube sampling. It proposes a new method of vulnerability communication link assessment for electric cyber physical system. Wind power output, transmission line failure and communication link failure of electric cyber physical system are sampled to obtain different operating states of electric cyber physical system. The connectivity of communication links under different operating states of electric cyber physical system is calculated to judge whether the communication nodes of the links are connected with the control master station. According to the connection between the link communication node and the control master station, the switching load and switching load of the electric cyber physical system in different operating states are calculated, and the optimal switching load of the electric cyber physical system in different operating states is obtained. This method can clearly identify the vulnerable link in the electric cyber physical system, so as to monitor the vulnerable link and strengthen the link strength.
2022-12-23
Softić, Jasmin, Vejzović, Zanin.  2022.  Windows 10 Operating System: Vulnerability Assessment and Exploitation. 2022 21st International Symposium INFOTEH-JAHORINA (INFOTEH). :1–5.
The study focused on assessing and testing Windows 10 to identify possible vulnerabilities and their ability to withstand cyber-attacks. CVE data, alongside other vulnerability reports, were instrumental in measuring the operating system's performance. Metasploit and Nmap were essential in penetration and intrusion experiments in a simulated environment. The study applied the following testing procedure: information gathering, scanning and results analysis, vulnerability selection, launch attacks, and gaining access to the operating system. Penetration testing involved eight attacks, two of which were effective against the different Windows 10 versions. Installing the latest version of Windows 10 did not guarantee complete protection against attacks. Further research is essential in assessing the system's vulnerabilities are recommending better solutions.
ISSN: 2767-9470
2022-11-18
Pratama, Jose Armando, Almaarif, Ahmad, Budiono, Avon.  2021.  Vulnerability Analysis of Wireless LAN Networks using ISSAF WLAN Security Assessment Methodology: A Case Study of Restaurant in East Jakarta. 2021 4th International Conference of Computer and Informatics Engineering (IC2IE). :435—440.
Nowadays the use of Wi-Fi has been widely used in public places, such as in restaurants. The use of Wi-Fi in public places has a very large security vulnerability because it is used by a wide variety of visitors. Therefore, this study was conducted to evaluate the security of the WLAN network in restaurants. The methods used are Vulnerability Assessment and Penetration Testing. Penetration Testing is done by conducting several attack tests such as Deauthentication Attack, Evil Twin Attack with Captive Portal, Evil Twin Attack with Sniffing and SSL stripping, and Unauthorized Access.
2022-07-29
Liu, Wei, Zhao, Tao.  2021.  Vulnerability Assessment and Attack Simulation of Power IoT Based on the Attractiveness of Equipment Assets. 2021 IEEE 4th Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC). 4:1246—1250.
With the rapid development of the electric power Internet-of-Things (power IoT) technology and the widespread use of general-purpose software, hardware and network facilities, the power IoT has become more and more open, which makes the traditional power system face new cyber security threats. In order to find the vulnerable device nodes and attack links in the power IoT system, this paper studies a set of attack path calculation methods and vulnerability node discovery algorithms, which can construct a power IoT attack simulation program based on the value of equipment assets and information attributes. What’s more, this paper has carried on the example analysis and verification on the improved IEEE RBTS Bus 2 system. Based on the above research plan, this paper finally developed a set of power IoT attack simulation tool based on distribution electronic stations, which can well find the vulnerable devices in the system.
2022-02-24
Duan, Xuanyu, Ge, Mengmeng, Minh Le, Triet Huynh, Ullah, Faheem, Gao, Shang, Lu, Xuequan, Babar, M. Ali.  2021.  Automated Security Assessment for the Internet of Things. 2021 IEEE 26th Pacific Rim International Symposium on Dependable Computing (PRDC). :47–56.
Internet of Things (IoT) based applications face an increasing number of potential security risks, which need to be systematically assessed and addressed. Expert-based manual assessment of IoT security is a predominant approach, which is usually inefficient. To address this problem, we propose an automated security assessment framework for IoT networks. Our framework first leverages machine learning and natural language processing to analyze vulnerability descriptions for predicting vulnerability metrics. The predicted metrics are then input into a two-layered graphical security model, which consists of an attack graph at the upper layer to present the network connectivity and an attack tree for each node in the network at the bottom layer to depict the vulnerability information. This security model automatically assesses the security of the IoT network by capturing potential attack paths. We evaluate the viability of our approach using a proof-of-concept smart building system model which contains a variety of real-world IoT devices and poten-tial vulnerabilities. Our evaluation of the proposed framework demonstrates its effectiveness in terms of automatically predicting the vulnerability metrics of new vulnerabilities with more than 90% accuracy, on average, and identifying the most vulnerable attack paths within an IoT network. The produced assessment results can serve as a guideline for cybersecurity professionals to take further actions and mitigate risks in a timely manner.
2022-02-22
Farzana, Nusrat, Ayalasomayajula, Avinash, Rahman, Fahim, Farahmandi, Farimah, Tehranipoor, Mark.  2021.  SAIF: Automated Asset Identification for Security Verification at the Register Transfer Level. 2021 IEEE 39th VLSI Test Symposium (VTS). :1–7.
With the increasing complexity, modern system-onchip (SoC) designs are becoming more susceptible to security attacks and require comprehensive security assurance. However, establishing a comprehensive assurance for security often involves knowledge of relevant security assets. Since modern SoCs contain myriad confidential assets, the identification of security assets is not straightforward. The number and types of assets change due to numerous embedded hardware blocks within the SoC and their complex interactions. Some security assets are easily identifiable because of their distinct characteristics and unique definitions, while others remain in the blind-spot during design and verification and can be utilized as potential attack surfaces to violate confidentiality, integrity, and availability of the SoC. Therefore, it is essential to automatically identify security assets in an SoC at pre-silicon design stages to protect them and prevent potential attacks. In this paper, we propose an automated CAD framework called SAF to identify an SoC's security assets at the register transfer level (RTL) through comprehensive vulnerability analysis under different threat models. Moreover, we develop and incorporate metrics with SAF to quantitatively assess multiple vulnerabilities for the identified security assets. We demonstrate the effectiveness of SAF on MSP430 micro-controller and CEP SoC benchmarks. Our experimental results show that SAF can successfully and automatically identify an SoC's most vulnerable underlying security assets for protection.
2021-07-28
Wang, Wenhui, Chen, Liandong, Han, Longxi, Zhou, Zhihong, Xia, Zhengmin, Chen, Xiuzhen.  2020.  Vulnerability Assessment for ICS system Based on Zero-day Attack Graph. 2020 International Conference on Intelligent Computing, Automation and Systems (ICICAS). :1—5.
The numerous attacks on ICS systems have made severe threats to critical infrastructure. Extensive studies have focussed on the risk assessment of discovering vulnerabilities. However, to identify Zero-day vulnerabilities is challenging because they are unknown to defenders. Here we sought to measure ICS system zero-day risk by building an enhanced attack graph for expected attack path exploiting zero-day vulnerability. In this study, we define the security metrics of Zero-day vulnerability for an ICS. Then we created a Zero-day attack graph to guide how to harden the system by measuring attack paths that exploiting zero-day vulnerabilities. Our studies identify the vulnerability assessment method on ICS systems considering Zero-day Vulnerability by zero-day attack graph. Together, our work is essential to ICS systems security. By assessing unknown vulnerability risk to close the imbalance between attackers and defenders.
2021-03-29
Khorev, P. B., Zheltov, M. I..  2020.  Assessing Information Risks When Using Web Applications Using Fuzzy Logic. 2020 V International Conference on Information Technologies in Engineering Education ( Inforino ). :1—4.

The article looks at information risk concepts, how it is assessed, web application vulnerabilities and how to identify them. A prototype web application vulnerability scanner has been developed with a function of information risk assessment based on fuzzy logic. The software developed is used in laboratory sessions on data protection discipline.

2021-01-15
Korshunov, P., Marcel, S..  2019.  Vulnerability assessment and detection of Deepfake videos. 2019 International Conference on Biometrics (ICB). :1—6.
It is becoming increasingly easy to automatically replace a face of one person in a video with the face of another person by using a pre-trained generative adversarial network (GAN). Recent public scandals, e.g., the faces of celebrities being swapped onto pornographic videos, call for automated ways to detect these Deepfake videos. To help developing such methods, in this paper, we present the first publicly available set of Deepfake videos generated from videos of VidTIMIT database. We used open source software based on GANs to create the Deepfakes, and we emphasize that training and blending parameters can significantly impact the quality of the resulted videos. To demonstrate this impact, we generated videos with low and high visual quality (320 videos each) using differently tuned parameter sets. We showed that the state of the art face recognition systems based on VGG and Facenet neural networks are vulnerable to Deepfake videos, with 85.62% and 95.00% false acceptance rates (on high quality versions) respectively, which means methods for detecting Deepfake videos are necessary. By considering several baseline approaches, we found the best performing method based on visual quality metrics, which is often used in presentation attack detection domain, to lead to 8.97% equal error rate on high quality Deep-fakes. Our experiments demonstrate that GAN-generated Deepfake videos are challenging for both face recognition systems and existing detection methods, and the further development of face swapping technology will make it even more so.
2020-09-28
Patel, Keyur.  2019.  A Survey on Vulnerability Assessment Penetration Testing for Secure Communication. 2019 3rd International Conference on Trends in Electronics and Informatics (ICOEI). :320–325.
As the technology is growing rapidly, the development of systems and software are becoming more complex. For this reason, the security of software and web applications become more vulnerable. In the last two decades, the use of internet application and security hacking activities are on top of the glance. The organizations are having the biggest challenge that how to secure their web applications from the rapidly increasing cyber threats because the organization can't compromise the security of their sensitive information. Vulnerability Assessment and Penetration Testing techniques may help organizations to find security loopholes. The weakness can be the asset for the attacker if the organizations are not aware of this. Vulnerability Assessment and Penetration Testing helps an organization to cover the security loopholes and determine their security arrangements are working as per defined policies or not. To cover the tracks and mitigate the threats it is necessary to install security patches. This paper includes the survey on the current vulnerabilities, determination of those vulnerabilities, the methodology used for determination, tools used to determine the vulnerabilities to secure the organizations from cyber threat.
2020-09-18
Zolanvari, Maede, Teixeira, Marcio A., Gupta, Lav, Khan, Khaled M., Jain, Raj.  2019.  Machine Learning-Based Network Vulnerability Analysis of Industrial Internet of Things. IEEE Internet of Things Journal. 6:6822—6834.
It is critical to secure the Industrial Internet of Things (IIoT) devices because of potentially devastating consequences in case of an attack. Machine learning (ML) and big data analytics are the two powerful leverages for analyzing and securing the Internet of Things (IoT) technology. By extension, these techniques can help improve the security of the IIoT systems as well. In this paper, we first present common IIoT protocols and their associated vulnerabilities. Then, we run a cyber-vulnerability assessment and discuss the utilization of ML in countering these susceptibilities. Following that, a literature review of the available intrusion detection solutions using ML models is presented. Finally, we discuss our case study, which includes details of a real-world testbed that we have built to conduct cyber-attacks and to design an intrusion detection system (IDS). We deploy backdoor, command injection, and Structured Query Language (SQL) injection attacks against the system and demonstrate how a ML-based anomaly detection system can perform well in detecting these attacks. We have evaluated the performance through representative metrics to have a fair point of view on the effectiveness of the methods.
2020-08-24
Thirumaran, M., Moshika, A., Padmanaban, R..  2019.  Hybrid Model for Web Application Vulnerability Assessment Using Decision Tree and Bayesian Belief Network. 2019 IEEE International Conference on System, Computation, Automation and Networking (ICSCAN). :1–7.
In the existing situation, most of the business process are running through web applications. This helps the enterprises to grow their business efficiently which creates a good consumer relationship. But the main problem is that they failed to provide a vulnerable free environment. To overcome this issue in web applications, vulnerability assessment should be made periodically. They are many vulnerability assessment methodologies which occur earlier are not much proactive. So, machine learning is needed to provide a combined solution to determine vulnerability occurrence and percentage of vulnerability occurred in logical web pages. We use Decision Tree and Bayesian Belief Network (BBN) as a collective solution to find either vulnerability occur in web applications and the vulnerability occurred percentage on different logical web pages.
2020-08-17
Musa, Tanvirali, Yeo, Kheng Cher, Azam, Sami, Shanmugam, Bharanidharan, Karim, Asif, Boer, Friso De, Nur, Fernaz Narin, Faisal, Fahad.  2019.  Analysis of Complex Networks for Security Issues using Attack Graph. 2019 International Conference on Computer Communication and Informatics (ICCCI). :1–6.
Organizations perform security analysis for assessing network health and safe-guarding their growing networks through Vulnerability Assessments (AKA VA Scans). The output of VA scans is reports on individual hosts and its vulnerabilities, which, are of little use as the origin of the attack can't be located from these. Attack Graphs, generated without an in-depth analysis of the VA reports, are used to fill in these gaps, but only provide cursory information. This study presents an effective model of depicting the devices and the data flow that efficiently identifies the weakest nodes along with the concerned vulnerability's origin.The complexity of the attach graph using MulVal has been greatly reduced using the proposed approach of using the risk and CVSS base score as evaluation criteria. This makes it easier for the user to interpret the attack graphs and thus reduce the time taken needed to identify the attack paths and where the attack originates from.
2020-04-24
Jianfeng, Dai, Jian, Qiu, Jing, Wu, Xuesong, Wang.  2019.  A Vulnerability Assessment Method of Cyber Physical Power System Considering Power-Grid Infrastructures Failure. 2019 IEEE Sustainable Power and Energy Conference (iSPEC). :1492—1496.
In order to protect power grid network, the security assessment techniques which include both cyber side and the physical side should be considered. In this paper, we present a method for evaluating the dynamic vulnerability of cyber-physical power system (CPPS) considering the power grid infrastructures failure. First, according to the functional characteristics of different components, the impact of a single component function failure on CPPS operation is analyzed and quantified, such as information components, communication components and power components; then, the dynamic vulnerability of multiple components synchronization function failure is calculated, and the full probability evaluation formula of CPPS operational dynamic vulnerability is built; Thirdly, from an attacker's perspective to identify the most hazardous component combinations for CPPS multi-node collaborative attack; Finally, a local CPPS model is established based on the IEEE-9 bus system to quantify its operational dynamic vulnerability, and the effectiveness of proposed method is verified.
2020-04-03
Singi, Kapil, Kaulgud, Vikrant, Bose, R.P. Jagadeesh Chandra, Podder, Sanjay.  2019.  CAG: Compliance Adherence and Governance in Software Delivery Using Blockchain. 2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB). :32—39.

The software development life cycle (SDLC) starts with business and functional specifications signed with a client. In addition to this, the specifications also capture policy / procedure / contractual / regulatory / legislation / standard compliances with respect to a given client industry. The SDLC must adhere to service level agreements (SLAs) while being compliant to development activities, processes, tools, frameworks, and reuse of open-source software components. In today's world, global software development happens across geographically distributed (autonomous) teams consuming extraordinary amounts of open source components drawn from a variety of disparate sources. Although this is helping organizations deal with technical and economic challenges, it is also increasing unintended risks, e.g., use of a non-complaint license software might lead to copyright issues and litigations, use of a library with vulnerabilities pose security risks etc. Mitigation of such risks and remedial measures is a challenge due to lack of visibility and transparency of activities across these distributed teams as they mostly operate in silos. We believe a unified model that non-invasively monitors and analyzes the activities of distributed teams will help a long way in building software that adhere to various compliances. In this paper, we propose a decentralized CAG - Compliance Adherence and Governance framework using blockchain technologies. Our framework (i) enables the capturing of required data points based on compliance specifications, (ii) analyzes the events for non-conformant behavior through smart contracts, (iii) provides real-time alerts, and (iv) records and maintains an immutable audit trail of various activities.

2020-03-16
Yadav, Geeta, Paul, Kolin.  2019.  Assessment of SCADA System Vulnerabilities. 2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA). :1737–1744.
SCADA system is an essential component for automated control and monitoring in many of the Critical Infrastructures (CI). Cyber-attacks like Stuxnet, Aurora, Maroochy on SCADA systems give us clear insight about the damage a determined adversary can cause to any country's security, economy, and health-care systems. An in-depth analysis of these attacks can help in developing techniques to detect and prevent attacks. In this paper, we focus on the assessment of SCADA vulnerabilities from the widely used National Vulnerability Database (NVD) until May 2019. We analyzed the vulnerabilities based on severity, frequency, availability, integrity and confidentiality impact, and Common Weaknesses. The number of reported vulnerabilities are increasing yearly. Approximately 89% of the attacks are the network exploits severely impacting availability of these systems. About 19% of the weaknesses are due to buffer errors due to the use of insecure and legacy operating systems. We focus on finding the answer to four key questions that are required for developing new technologies for securing SCADA systems. We believe this is the first study of its kind which looks at correlating SCADA attacks with publicly available vulnerabilities. Our analysis can provide security researchers with useful insights into SCADA critical vulnerabilities and vulnerable components, which need attention. We also propose a domain-specific vulnerability scoring system for SCADA systems considering the interdependency of the various components.
2020-02-17
Yin, Mingyong, Wang, Qixu, Cao, Mingsheng.  2019.  An Attack Vector Evaluation Method for Smart City Security Protection. 2019 International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob). :1–7.

In the network security risk assessment on critical information infrastructure of smart city, to describe attack vectors for predicting possible initial access is a challenging task. In this paper, an attack vector evaluation model based on weakness, path and action is proposed, and the formal representation and quantitative evaluation method are given. This method can support the assessment of attack vectors based on known and unknown weakness through combination of depend conditions. In addition, defense factors are also introduced, an attack vector evaluation model of integrated defense is proposed, and an application example of the model is given. The research work in this paper can provide a reference for the vulnerability assessment of attack vector.

2019-11-19
Nasiruzzaman, A. B. M., Akter, M. N., Mahmud, M. A., Pota, H. R..  2018.  Network Theory Based Power Grid Criticality Assessment. 2018 IEEE International Conference on Power Electronics, Drives and Energy Systems (PEDES). :1-5.

A process of critical transmission lines identification in presented here. The criticality is based on network flow, which is essential for power grid connectivity monitoring as well as vulnerability assessment. The proposed method can be utilized as a supplement of traditional situational awareness tool in the energy management system of the power grid control center. At first, a flow network is obtained from topological as well as functional features of the power grid. Then from the duality property of a linear programming problem, the maximum flow problem is converted to a minimum cut problem. Critical transmission lines are identified as a solution of the dual problem. An overall set of transmission lines are identified from the solution of the network flow problem. Simulation of standard IEEE test cases validates the application of the method in finding critical transmission lines of the power grid.

Sun, Yunhe, Yang, Dongsheng, Meng, Lei, Gao, Xiaoting, Hu, Bo.  2018.  Universal Framework for Vulnerability Assessment of Power Grid Based on Complex Networks. 2018 Chinese Control And Decision Conference (CCDC). :136-141.

Traditionally, power grid vulnerability assessment methods are separated to the study of nodes vulnerability and edges vulnerability, resulting in the evaluation results are not accurate. A framework for vulnerability assessment is still required for power grid. Thus, this paper proposes a universal method for vulnerability assessment of power grid by establishing a complex network model with uniform weight of nodes and edges. The concept of virtual edge is introduced into the distinct weighted complex network model of power system, and the selection function of edge weight and virtual edge weight are constructed based on electrical and physical parameters. In addition, in order to reflect the electrical characteristics of power grids more accurately, a weighted betweenness evaluation index with transmission efficiency is defined. Finally, the method has been demonstrated on the IEEE 39 buses system, and the results prove the effectiveness of the proposed method.

Wang, Bo, Wang, Xunting.  2018.  Vulnerability Assessment Method for Cyber Physical Power System Considering Node Heterogeneity. 2018 IEEE Innovative Smart Grid Technologies - Asia (ISGT Asia). :1109-1113.
In order to make up for the shortcomings of traditional evaluation methods neglecting node difference, a vulnerability assessment method considering node heterogeneity for cyber physical power system (CPPS) is proposed. Based on the entropy of the power flow and complex network theory, we establish heterogeneity evaluation index system for CPPS, which considers the survivability of island survivability and short-term operation of the communication network. For mustration, hierarchical CPPS model and distributed CPPS model are established respectively based on partitioning characteristic and different relationships of power grid and communication network. Simulation results show that distributed system is more robust than hierarchical system of different weighting factor whether under random attack or deliberate attack and a hierarchical system is more sensitive to the weighting factor. The proposed method has a better recognition effect on the equilibrium of the network structure and can assess the vulnerability of CPPS more accurately.
Khaledian, Parviz, Johnson, Brian K., Hemati, Saied.  2018.  Power Grid Security Improvement by Remedial Action Schemes Using Vulnerability Assessment Based on Fault Chains and Power Flow. 2018 IEEE International Conference on Probabilistic Methods Applied to Power Systems (PMAPS). :1-6.

The risk of large-scale blackouts and cascading failures in power grids can be due to vulnerable transmission lines and lack of proper remediation techniques after recognizing the first failure. In this paper, we assess the vulnerability of a system using fault chain theory and a power flow-based method, and calculate the probability of large-scale blackout. Further, we consider a Remedial Action Scheme (RAS) to reduce the vulnerability of the system and to harden the critical components against intentional attacks. To identify the most critical lines more efficiently, a new vulnerability index is presented. The effectiveness of the new index and the impact of the applied RAS is illustrated on the IEEE 14-bus test system.

2019-10-23
Ali, Abdullah Ahmed, Zamri Murah, Mohd.  2018.  Security Assessment of Libyan Government Websites. 2018 Cyber Resilience Conference (CRC). :1-4.

Many governments organizations in Libya have started transferring traditional government services to e-government. These e-services will benefit a wide range of public. However, deployment of e-government bring many new security issues. Attackers would take advantages of vulnerabilities in these e-services and would conduct cyber attacks that would result in data loss, services interruptions, privacy loss, financial loss, and other significant loss. The number of vulnerabilities in e-services have increase due to the complexity of the e-services system, a lack of secure programming practices, miss-configuration of systems and web applications vulnerabilities, or not staying up-to-date with security patches. Unfortunately, there is a lack of study being done to assess the current security level of Libyan government websites. Therefore, this study aims to assess the current security of 16 Libyan government websites using penetration testing framework. In this assessment, no exploits were committed or tried on the websites. In penetration testing framework (pen test), there are four main phases: Reconnaissance, Scanning, Enumeration, Vulnerability Assessment and, SSL encryption evaluation. The aim of a security assessment is to discover vulnerabilities that could be exploited by attackers. We also conducted a Content Analysis phase for all websites. In this phase, we searched for security and privacy policies implementation information on the government websites. The aim is to determine whether the websites are aware of current accepted standard for security and privacy. From our security assessment results of 16 Libyan government websites, we compared the websites based on the number of vulnerabilities found and the level of security policies. We only found 9 websites with high and medium vulnerabilities. Many of these vulnerabilities are due to outdated software and systems, miss-configuration of systems and not applying the latest security patches. These vulnerabilities could be used by cyber hackers to attack the systems and caused damages to the systems. Also, we found 5 websites didn't implement any SSL encryption for data transactions. Lastly, only 2 websites have published security and privacy policies on their websites. This seems to indicate that these websites were not concerned with current standard in security and privacy. Finally, we classify the 16 websites into 4 safety categories: highly unsafe, unsafe, somewhat unsafe and safe. We found only 1 website with a highly unsafe ranking. Based on our finding, we concluded that the security level of the Libyan government websites are adequate, but can be further improved. However, immediate actions need to be taken to mitigate possible cyber attacks by fixing the vulnerabilities and implementing SSL encryption. Also, the websites need to publish their security and privacy policy so the users could trust their websites.

2019-05-08
Mylrea, M., Gourisetti, S. N. G., Larimer, C., Noonan, C..  2018.  Insider Threat Cybersecurity Framework Webtool Methodology: Defending Against Complex Cyber-Physical Threats. 2018 IEEE Security and Privacy Workshops (SPW). :207–216.

This paper demonstrates how the Insider Threat Cybersecurity Framework (ITCF) web tool and methodology help provide a more dynamic, defense-in-depth security posture against insider cyber and cyber-physical threats. ITCF includes over 30 cybersecurity best practices to help organizations identify, protect, detect, respond and recover to sophisticated insider threats and vulnerabilities. The paper tests the efficacy of this approach and helps validate and verify ITCF's capabilities and features through various insider attacks use-cases. Two case-studies were explored to determine how organizations can leverage ITCF to increase their overall security posture against insider attacks. The paper also highlights how ITCF facilitates implementation of the goals outlined in two Presidential Executive Orders to improve the security of classified information and help owners and operators secure critical infrastructure. In realization of these goals, ITCF: provides an easy to use rapid assessment tool to perform an insider threat self-assessment; determines the current insider threat cybersecurity posture; defines investment-based goals to achieve a target state; connects the cybersecurity posture with business processes, functions, and continuity; and finally, helps develop plans to answer critical organizational cybersecurity questions. In this paper, the webtool and its core capabilities are tested by performing an extensive comparative assessment over two different high-profile insider threat incidents.