What about a team of employees that have privileged access to machines on the company network that don't require that level of access? In what ways are the employees and members of an organization potential sources of security breaches? Human factors in cyber-security necessitate the need to balance the usability and utility of systems and software with respect to completing work and the policies and limitations placed on them with respect to maintaining security.
Even assuming that perimeter defense tools and techniques, such as firewalls, intrusion detection systems IDS , filters, and network monitoring methods were completely effective, legitimate uses of a network and its services require communication to be allowed past these walls and boundaries. Human behavior, intentional or otherwise, can form a bridge past these defenses and breach security and are a key area of focus in security policy and practice Mitnick and Simon, ; Jones and Colwill, ; Colwill, ; Kraemer et al.
Human cognition and behavior is important to understand, model, and predict across many areas of cyber-security. These include attacker-defender game dynamics e. Human factors has become a topic of great import to the network security community e. Importantly, this is an area ripe for contribution via computational cognitive modeling, and, as we will see in the next section, some important headway has already been made in this direction.
Network simulations with high-fidelity behavioral components are of a great interest for professionals seeking to plug these types of breaches. What often arises is a balance between system and network security and the ease with which human actors can complete tasks and achieve their goals on the same systems and networks. The intentions of humans may be at odds with their effects to security. Systems can be configured to impose security on humans, evident in the prevalence of password policies e.
Such efforts are means to attempt to provide some foundation of security to build upon across an organization. However, when considering the daily work needs and goals of users, there may be frustration that arises from security impositions. Will humans employ workarounds? Do differing opinions on what is important lead toward management policies that may not support the highest security, such as usability and workflow needs that push against limited access defaults?
In effect, nuances and characteristics of the workplace, motivated by human factors, can chip away at even the most well-intentioned preservation of CIA and cyber-security. Collectively, effects influencing security from internal sources are called insider threats. Insider threat can be both intentional and unintentional.
Unintentional insider threat covers instances wherein an administrator perhaps fails to properly configure a server or a well-intentioned user falls victim to a phishing email. Social engineering attacks, while instigated by an external party, can cause employees to inadvertently create insider threat. Intentional insider threat can arise from frustrations or other motivating factors that turn individuals against the organization.
To be best prepared and equipped for cyber-security incidents, an organization must embrace both technical elements of security in design and engineering of systems and networks as well as the cultural and social facets of the humans involved Colwill, Ideally, pursuing proper cyber-security practice integrates security knowledge and awareness in the organizational culture as well as system design and implementation. Regardless of the quality of technical cyber-security solutions, analysis of vulnerabilities often covers organizational issues, such as lack of funding, training, or management support, that undermine security efforts and human factors issues, such as poor testing, insufficient communication, and lack of training.
Another area of importance where high-fidelity behavioral simulations are readily employable is training. Training and education are often recommended as an essential method for combating cyber-security vulnerabilities relating to human behaviors and activities within an organization's network e. Beyond human error in configuration or management of a system, awareness of attacker techniques and methods of gaining access, especially those involving social engineering methods and tricking users, can contribute to fewer incidents.
End-user knowledge and education may come in some form of training. For example, purposefully emulating phishing attacks with crafted messages sent to unwitting employees can be used to raise awareness and guide victims to resources and knowledge Bowen et al. Virtual environments and games can be used to give participants a consequence-free avenue to explore scenarios and situations related to cyber-security and witness the outcome of their decisions, good or bad Cone et al.
There are several ways in which cognitive and behavioral modeling paradigms may be useful in the context of cyber-security. Here we focus on embedded computational process cognitive models and model-tracing techniques. Embedded cognitive models are independent simulations of human cognition and behavior that can interact directly with the task-environment Salvucci, ; Gluck, In the context of cyber-security, these are cognitive models of network users, defenders, and attackers that can interact with the same software that humans interact with.
This may be useful for adding simulated participants in training scenarios, for generating offline predictions in applied tests of network security, or for basic research simulations, especially in the contexts of human-factors and cyber epidemiology. Cognitive modeling is similar to behavioral modeling, and is often employed for similar purposes. For example, a behavioral model of desktop user behavior may be a Markov state-transition probability matrix, stating that that if the user is in the state where they are typing an email, they may transition to a state where they are looking up something on Google with a probability x and a state where they are installing software with a probability y.
A cognitive model may represent the same state-transitions as state-actions a. State transitions may be directly calculated based on state-action utilities, with the major difference being that state-action utilities as well as the states and the actions available in agent memory will change based on agent experiences. Simulations of network users, defenders, and attackers require models that include cognitive processes and generic knowledge, as well as domain-specific facts and procedures.
There is a variety of cognitive architecture software that attempts to provide modelers with fundamental sets of generic cognitive processes and basic knowledge e. Cognitive architectures often overlap in cognitive theory and capabilities. However, different architectures often have different assumptions and implementations of generic cognitive processes, different modeling languages and requirements, and different level of analysis focus in cognitive time-scale. For this reason, some architectures may be preferable to others depending on the purpose of the modeling effort. For example, Soar and ACT-R architectures both include reward-based learning mechanisms and can update the aforementioned state-action utilities based on agent experiences.
However, Soar may be the more appropriate framework for modeling multi-step planning Laird, , whereas ACT-R may be the better choice when precise fact-retrieval times are of importance Anderson, Regardless of the initial cognitive architecture choice, the modeling system can be tuned based on the specific task and population being modeled. There is no limit to such tuning, enabling modelers to add and remove whole modules in their architecture of choice. However, most of the time such tuning takes the form of parameter value adjustments and model development.
Model development is often a form of knowledge engineering—specification of potential goals, inputs, facts, and procedures assumed to be in the mind of the human being modeled. There are many models simulating parts of network user behavior. For example, in independent efforts Fu and Pirolli and Peck and John developed models that make fair predictions as to network user behavior in a web browser based on current goals.
There are models simulating how goals are retrieved e. There are user modeling efforts that have focused on social network use e. Finally, robust models of human cognition, especially in the realm of reward-based motivation e. There are also many efforts for integrating individual models into a comprehensive model that can encompass multi-agent behavior at network-level dynamics Romero and Lebiere, Such models can become an essential component of simulations in cyber, useful for generating realistic traffic and security holes.
Model-based agents can act as simulated humans, switching between applications, clicking links, and downloading and installing software. Attackers and defender models require more domain-specific knowledge. Unfortunately, subject-matter experts in this field are rarely available to the academic groups that do the bulk cognitive model development. For example, Instance-Based Learning theory Gonzalez et al. These modeling efforts involved abstracted scenarios, but still exemplify useful research for understanding and predicting expert behavior.
Moreover, in the case where cognitive models are to be exported as part of decision aid software for real-world cyber-security experts, abstract states and procedures may always be remapped to more specific domain correlates. Regardless of whether the attempt is to model users, defenders, or attackers, tailoring the model to reflect what may be known about the individuals being modeled may be necessary to achieve better precision and use in the simulation. Model tailoring may be done during and prior to model initialization, as well as live, while the model is running, based on incoming data points.
Much of model tailoring takes the form of adjusting model parameters e. This latter form of tailoring is known as model-tracing. The focus of model-tracing is in tuning a cognitive model to real in-task experiences of a specific individual. This technique is employed for maintaining an individual's cognitive state throughout that individual's time within the task-environment. For example, Anderson et al. In the context of cyber-security, model-tracing of network user and defender cognition can aid in predicting potential biases, errors, and negligence; and model-tracing of attacker cognition can aid in predicting probable attack paths.
The following sections discuss model embedding in network simulations, model initialization and dynamic tailoring, the use of modeling in defender-attacker dynamics, and the use of modeling in automation. High fidelity network models are a crucial component to the establishment of effective policy. Since experimentation in production systems is nearly impossible, the need for test environments that can be used to generate reproducible results is apparent.
These environments can be used to evaluate policies in existing networks, prototype new networks, and train staff members in a sand-boxed environment where the consequences of mistakes are minimal. Embedding synthetic users, attackers, and defenders in such environments enables evaluations to be of a higher fidelity and, ultimately, accuracy. There are three major approaches to consider when modeling a network. The first is simple replication.
In this approach we duplicate the existing network or the relevant parts of it with another copy of the environment. This approach, under the constraint of a complete replication all hardware and software is duplicated , yields the best fidelity of modeling, as the test environment is an exact copy of the production environment.
This approach has some obvious draw backs. The first of which is cost. A less obvious but more practical concern is the time costs for using the duplicated environment. Because we are working with a physical copy of the production environment, if there are errors in the modifications being tested, re-provisioning the network may be a physical task. This could involve rebooting physical devices and manually reconfiguring hard ware. Depending on the complexity of the environment such a task could take days.
An alternative method would be to use a purely simulated network. There are many simulators to choose from, including ns-3 Riley and Henderson, , Opnet Chang, , and Qualnet Documentation, , and others Siraj et al. While each simulator has its own merit, ns-3 is the most widely used, because it is open source. Since it has such a large community backing the project, the code base is very actively maintained and is well documented.
Pure simulation does not suffer from the usage time overhead that a fully replicated network would impose, since it's operation is purely software based. However, it lacks the ability to model real payloads and timings that would be normally present in a regular network.
dblp: Network Science and Cybersecurity
In simulation, all payload data is generated from an assumed distribution. These assumptions may not necessarily reflect the real world traffic distributions. As an example, consider moving a mouse pointer over a modern web browser. As the mouse pointer moves toward a link, the browser may pre-fetch parts of the HTML from the next page to optimize the loading speed of the user's next action. This creates traffic bursts that are erratic and may not necessarily conform to a standard distribution. Another issue with pure simulation is that it cannot give insight into the behavior of the software that is part of the production environment.
In pure simulation, only the network traffic is modeled; each application is represented as a source of network messages or packets, or frames depending on the layer the simulated network operates at that require transport. In pure simulation it would not be possible to model the comprise of an operating system by a cyber attack, because there are no operating systems to compromise. Traffic generation in simulation is inadequate, because it cannot model traffic generated by interdependent services.
However, most user-facing network services are the result of several interdependent processes running on networked machines. This figure demonstrates how traffic cascades are created in a typical service network. In this network, documents are served to the World Wide Web by coordinating a response amongst several internal services. While the outside user only interacts with the web server, the web server must contact other services on other machines to complete its task.
- Altri titoli da considerare.
- Xylem Structure and the Ascent of Sap (Springer Series in Wood Science).
- Subjected Teacher?
- Wojciech Mazurczyk homepage.
- Current projects.
Thus a simple document lookup generates several traffic flows within this network. When the user first browses the web page, the first traffic flow connects the firewall to the web server. This is probably static content and would most likely be stored on the web server. Next the user will need to provide credentials and log in. This procedure will require the web server to contact the authentication server. If the user needs to search for a document, the web server will have to contact the database.
Once the document is found, the web server will need to retrieve it from the file server. Even though the user only interacts with the web server, each user action generates multiple flows within the network. In a Hybrid network emulator, both the software and network are modeled. The operating systems OS under test are guests in the virtualized environment provided by the hypervisor host sometimes called the host OS.
The network is abstracted with a network simulator such as ns A key component of this approach is a method for taking the traffic generated by the software running on the virtualized hardware and injecting it into the simulation. As a message exits the virtual network interface of a virtual machine VM that houses the software under test, it is tagged with a VLAN id that uniquely identifies this traffic to the simulator.
The simulator uses this identifier to determine where in the simulated network this traffic should be injected. This tagging operation is critical to the emulation, since a cyber attack on the guest OS means that traffic coming out of the VM might be forged. Thus we can not expect that header information of a message coming out of the virtual interface would reflect the configuration of said interface within the VM host or the guest operating system. One of the biggest challenges to maintaining the fidelity of the emulated network is timing.
The simulated network may require significant computation to determine what to do with a specific message. Wireless links not only require a delivery decision but also radio channel modeling to determine how long a packet will take to arrive and if any corruption of the packet has occurred. The calculation of the fate of an individual message may take more than one second, and for any given second many messages may be in-flight. It will often be the case that computing what occurs in a simulated second will take significantly longer than one second, thus these simulated networks run slower than real time.
New Frontiers in Mining Complex Patterns. Robson Leonardo Ferreira Cordeiro. Querying over Encrypted Data in Smart Grids. Contemporary Complex Systems and Their Dependability. Advances in Information Security Book Come scrivere un'ottima recensione. La recensione deve essere di almeno 50 caratteri.
Il titolo dovrebbe essere di almeno 4 caratteri. Il nome visualizzato deve essere lungo almeno 2 caratteri. Noi di Kobo ci assicuriamo che le recensioni pubblicate non contengano un linguaggio scurrile e sgradevole, spoiler o dati personali dei nostri recensori.
Hai inviato la seguente valutazione e recensione. Appena le avremo esaminate le pubblicheremo sul nostro sito. Altri titoli da considerare. Carrello Sarai trattato da vero VIP! Continua a fare acquisti. Prodotti non disponibili per l'acquisto. Non disponibile per l'acquisto. Continua a fare acquisti Pagamento Continua a fare acquisti.
Unisciti a Kobo e inizia a leggere oggi stesso
Disponibile in Russia Acquista da: Russia per comprare questo prodotto. Aggiungi al carrello Acquista ora Aggiungi alla lista desideri Rimuovi dalla Wishlist. In questa serie eBook Valutazioni e recensioni 0 0 valutazioni con stelle 0 recensioni. Valutazione complessiva Ancora nessuna valutazione 0. Chiudi Segnala una recensione Noi di Kobo ci assicuriamo che le recensioni pubblicate non contengano un linguaggio scurrile e sgradevole, spoiler o dati personali dei nostri recensori.
Vuoi dare un altro sguardo a questa recensione? Hai segnalato con successo questa recensione. Ti ringraziamo per il feedback. Scrivi la tua recensione. Author or co-author of 2 books, over papers, 2 patent applications and over 35 invited talks. Involved in many international and domestic research projects as a principal investigator or as a senior researcher.
A guest editor of many special issues devoted to network security among others: Serving as Technical Program Committee Member of among others: Sec Special Area Team.