Academic literature on the topic 'Cyberprotection'

Modern trends in the development of cyber protection systems are associated with the widespread use of machine learning technologies to detect and prevent cyber threats. At the same time, attackers are looking for ways to evade detection by such systems, using both traditional attack methods and new ones aimed exclusively at countering artificial intelligence - adversarial attacks. Therefore, finding ways to counteract adversarial attacks is an urgent scientific and technical task. Adversarial Machine Learning (AML) is used to study them, which consists in simulating such attacks. The purpose of research is to determine ways to increase the resilience of cyber defense systems operating with the use of machine learning technologies to the impact of attacks based on AML models. The article provides examples of the application of machine learning methods in cyber protection systems. The models of adversarial attacks are described, namely: models of evasion, poisoning, functional extraction, inversion, and models of membership inference attack. Possible scenarios of their implementation are considered. Examples of adversarial attacks on machine learning models for recognizing images and text messages, detecting domain name generation algorithms, HTTP traffic malware, malicious content in e-mails, bypassing antivirus software are analyzed. Studies have shown that even without access to the algorithms of machine learning models, it is possible to bypass the cyber protection system. Therefore, to ensure the security of networks and services by means of cyber protection with artificial intelligence, it is necessary to take into account the need to counter adversarial attacks. For this purpose, it is proposed to: collect and aggregate training data for each machine learning model individually, instead of obtaining them from publicly available sources; optimize the content of event logs, taking into account the possibility of using the information contained in them to create adversarial attacks; to ensure the protection of training data and algorithms of the functioning of models; in the case of deploying cyber protection systems on critical infrastructure objects, use specially developed machine learning models that are not publicly available, which will complicate the possibility of creating a functional extraction attack.

Currently, as a result of new communications technologies, autonomous ships are even closer to our seas than we could think. But, besides un-doubted advantages, it gives rise to uncertainties and challenges in several aspects, which include those related to the fields of cybersecurity and legislation, in relation to international regulations and national laws. The aspects of autonomous shipping are included in the information regulations of Bureau Veritas, and additional specific tags have been created to collect the cybersecurity/cyberprotection aspects of such ships. The objective of this article is to present the current status and the foreseeable evolution of the regulations on autonomous shipping from the point of view of a Classification Society, as well as the current evolution of the methodologies concerning cybersecurity.

The lack of registers of critical infrastructure of the state and their information and telecommunication systemsleads to uncertainty in the amount of resources needed to protect them from possible cyberattacks. Given the limitations of© Dreis Y., Derkach L., Basic set of generalized criteria for assigning objects to the critical infrastructure of state // Ukrainian Scientific Journal ofInformation Security, 2021, vol. 27, issue 1, pp. 13-20.20such resources, an important and relevant scientific and practical task is to determine the completeness and priority of cyberprotection of these objects. The formation of such registers is based on the method of assigning objects to the critical infrastructure of the state, including on the relevant criteria that will determine the affiliation of a particular object to one that iscritical to the state. The analysis of the existing criteria for classifying objects as critical infrastructure of the state shows thatin Ukraine there are a number of other criteria (and which should also be taken into account) involved in the formation ofregisters of important objects for the state, such as "State Register of Potentially Dangerous Objects". Therefore, it is proposed to form a list of such generalized criteria for classifying objects as critical infrastructure of the state in the form of abasic set, which integrates ten features with the possibility of further expansion. This set can be used to determine the priorityof cyber protection of information and telecommunications systems (critical information infrastructure facilities) of criticalinfrastructure facilities of the state.

Introduction. The intensification of cyberrisks due to global hybrid conflicts, the COVID-19 pandemic, and economic imbalances threatens the accounting system as the main generator of economic information, which requires the organization of an effective system of enterprises cybersecurity. It is necessary to understand cyberthreats impact on the functioning of different types of stakeholders for development of the effective cybersecurity.Purpose. The main purpose is to research and improve the classification of accounting information users for the enterprises cybersecurity and minimize the variable cyberrisks that threaten different groups of stakeholders.Methods. General scientific empirical, logical and historical methods of cognition of reality in the process of researching the relevance of variable cyberthreats for different types of stakeholders were used. The research is based on general methods of studying economic processes, facts and phenomena from the standpoint of accounting and enterprises cybersecurity. The information base of the research is historical documents on the classification of stakeholders, scientific works of domestic and foreign scientists about dividing users of accounting information into types, and so on.Results. It is proved that the classical scientific views on the classification of accounting information users are ineffective for the purposes of enterprises cyberprotection, as they do not take into account the activation of relevant for the digital economy of variable cyberthreats. It is proposed to classify accounting information users by the following criteria: the ability to manage the activities of the business entity, the right of access, the likelihood of cyberthreats, the ability to dispose of the access right, access to accounting objects, functional law, information processing, economic activity, age, organizational and legal form, type of communication channels used, frequency of information acts.Discussion. The use of the proposed stakeholders’ classification helps to identify cyberrisks; prevent, avoid and minimize cyberthreats consequences, relevant to each type of accounting information users, which requires further research about enterprises cybersecurity.

La liste des appareils connectés (ou IoT) s’allonge avec le temps, de même que leur vulnérabilité face aux attaques ciblées provenant du réseau ou de l’accès physique, communément appelées attaques Cyber Physique (CPS). Alors que les capteurs visant à détecter les attaques, et les techniques d’obscurcissement existent pour contrecarrer et améliorer la sécurité, il est possible de contourner ces contre-mesures avec des équipements et des méthodologies d’attaque sophistiqués, comme le montre la littérature récente. De plus, la conception des systèmes intégrés est soumise aux contraintes de complexité et évolutivité, ce qui rend difficile l’adjonction d’un mécanisme de détection complexe contre les attaques CPS. Une solution pour améliorer la sécurité est d’utiliser l’Intelligence Artificielle (IA) (au niveau logiciel et matériel) pour surveiller le comportement des données en interne à partir de divers capteurs. L’approche IA permettrait d’analyser le comportement général du système à l’aide des capteurs , afin de détecter toute activité aberrante, et de proposer une réaction appropriée en cas d’attaque. L’intelligence artificielle dans le domaine de la sécurité matérielle n’est pas encore très utilisée en raison du comportement probabiliste. Ce travail vise à établir une preuve de concept visant à montrer l’efficacité de l’IA en matière de sécurité.Une partie de l’étude consiste à comparer et choisir différentes techniques d’apprentissage automatique (Machine Learning ML) et leurs cas d’utilisation dans la sécurité matérielle. Plusieurs études de cas seront considérées pour analyser finement l’intérêt et de l’ IA sur les systèmes intégrés. Les applications seront notamment l’utilisation des PUF (Physically Unclonable Function), la fusion de capteurs, les attaques par canal caché (SCA), la détection de chevaux de Troie, l’intégrité du flux de contrôle, etc
The list of connected devices (or IoT) is growing longer with time and so is the intense vulnerability to security of the devices against targeted attacks originating from network or physical penetration, popularly known as Cyber Physical Security (CPS) attacks. While security sensors and obfuscation techniques exist to counteract and enhance security, it is possible to fool these classical security countermeasures with sophisticated attack equipment and methodologies as shown in recent literature. Additionally, end node embedded systems design is bound by area and is required to be scalable, thus, making it difficult to adjoin complex sensing mechanism against cyberphysical attacks. The solution may lie in Artificial Intelligence (AI) security core (soft or hard) to monitor data behaviour internally from various components. Additionally the AI core can monitor the overall device behaviour, including attached sensors, to detect any outlier activity and provide a smart sensing approach to attacks. AI in hardware security domain is still not widely acceptable due to the probabilistic behaviour of the advanced deep learning techniques, there have been works showing practical implementations for the same. This work is targeted to establish a proof of concept and build trust of AI in security by detailed analysis of different Machine Learning (ML) techniques and their use cases in hardware security followed by a series of case studies to provide practical framework and guidelines to use AI in various embedded security fronts. Applications can be in PUFpredictability assessment, sensor fusion, Side Channel Attacks (SCA), Hardware Trojan detection, Control flow integrity, Adversarial AI, etc