21 research outputs found

    Προηγμένες λύσεις κυβερνοασφάλειας για κρίσιμες υποδομές και εφαρμογές: έξυπνο δίκτυο και κυβερνοασφάλεια

    No full text
    The rapid digitization of critical infrastructure, coupled with the increasing sophistication of cyber threats, has elevated the importance of robust cybersecurity measures. This dissertation explores the multifaceted realm of cyber defense within the context of critical infrastructure, focusing specifically on the interplay between advanced cyber security solutions, smart grid technology, and the emerging field of cyber insurance. The research begins by dissecting the vulnerabilities inherent in smart grid systems, which form the backbone of modern energy distribution networks. Through a comprehensive analysis of cyber threats targeting smart grids, the study identifies potential attack vectors and assesses the implications of successful breaches on the reliability and resilience of critical energy infrastructure. Subsequently, a range of advanced cyber security solutions is evaluated, encompassing cutting-edge technologies such as artificial intelligence, machine learning, and blockchain, in order to fortify the defenses of smart grid ecosystems. In parallel, the dissertation delves into the evolving landscape of cyber insurance as a risk management strategy for critical infrastructure. Investigating the intricacies of underwriting policies and the quantification of cyber risks, the research elucidates the role of cyber insurance in incentivizing proactive cyber hygiene and fostering a culture of resilience among infrastructure stakeholders. The study also explores the challenges associated with the integration of cyber insurance into existing risk management frameworks and proposes strategies to optimize its efficacy. Furthermore, the dissertation offers a synthesized perspective by examining the synergies between advanced cyber security solutions and cyber insurance. It investigates how a holistic approach, combining technological fortification and financial risk mitigation, can elevate the overall cybersecurity posture of critical infrastructure. Case studies and real-world examples illustrate the practical implementation of these integrated strategies, providing valuable insights for industry practitioners and policymakers alike. In conclusion, this dissertation contributes to the academic discourse on cybersecurity for critical infrastructure by offering a comprehensive examination of advanced solutions tailored to the unique challenges posed by smart grid ecosystems. By exploring the symbiotic relationship between technological fortifications and financial risk mitigation through cyber insurance, this research provides a roadmap for enhancing the cyber resilience of critical infrastructure in the face of evolving cyber threats.Η ταχεία ψηφιοποίηση των κρίσιμων υποδομών, σε συνδυασμό με την αυξανόμενη πολυπλοκότητα των απειλών στον κυβερνοχώρο, έχει αυξήσει τη σημασία των ισχυρών μέτρων κυβερνοασφάλειας. Η παρούσα διατριβή διερευνά το πολύπλευρο πεδίο της κυβερνοάμυνας στο πλαίσιο των κρίσιμων υποδομών, εστιάζοντας συγκεκριμένα στην αλληλεπίδραση μεταξύ προηγμένων λύσεων κυβερνοασφάλειας, της τεχνολογίας έξυπνων δικτύων και του αναδυόμενου τομέα της κυβερνοασφάλισης. Η έρευνα ξεκινά με την ανάλυση των τρωτών σημείων που ενυπάρχουν στα συστήματα έξυπνων δικτύων, τα οποία αποτελούν τη ραχοκοκαλιά των σύγχρονων δικτύων διανομής ενέργειας. Μέσω μιας ολοκλη-ρωμένης ανάλυσης των απειλών στον κυβερνοχώρο που στοχεύουν τα έξυπνα δίκτυα, η μελέτη εντοπίζει πιθανούς φορείς επίθεσης και αξιολογεί τις επιπτώσεις των επιτυχημένων παραβιάσεων στην αξιοπιστία και την ανθεκτικότητα των κρίσιμων ενεργειακών υποδομών. Στη συνέχεια, αξιολογείται μια σειρά προηγμένων λύσεων κυβερνοασφάλειας, που περιλαμβάνουν τεχνολογίες αιχμής, όπως η τεχνητή νοημοσύνη, η μηχανική μάθηση και η blockchain, προκειμένου να ενισχυθεί η άμυνα των οικοσυστημάτων έξυπνων δικτύων. Παράλληλα, η διατριβή εμβαθύνει στο εξελισσόμενο τοπίο της ασφάλισης στον κυβερνοχώρο ως στρατηγική διαχείρισης κινδύνων για τις κρίσιμες υποδομές. Διερευνώντας τις περιπλοκές των πολιτικών ανάληψης κινδύνων και την ποσοτικοποίηση των κινδύνων στον κυβερνοχώρο, η έρευνα διευκρινίζει τον ρόλο της ασφάλισης στον κυβερνοχώρο ως κίνητρο για την προληπτική υγιεινή στον κυβερνοχώρο και την προώθηση μιας κουλτούρας ανθεκτικότητας μεταξύ των ενδιαφερομένων για τις υποδομές. Η μελέτη διερευνά επίσης τις προκλήσεις που συνδέονται με την ενσωμάτωση της ασφάλισης στον κυβερνοχώρο στα υφιστάμενα πλαίσια διαχείρισης κινδύνων και προτείνει στρατηγικές για τη βελτιστοποίηση της αποτελεσματικότητάς της. Επιπλέον, η διατριβή προσφέρει μια συνθετική προοπτική εξετάζοντας τις συνέργειες μεταξύ των προηγμένων λύσεων ασφάλειας στον κυβερνοχώρο και της ασφάλισης στον κυβερνοχώρο. Διερευνά τον τρόπο με τον οποίο μια ολιστική προσέγγιση, που συνδυάζει την τεχνολογική ενίσχυση και τον μετριασμό των οικονομικών κινδύνων, μπορεί να ανυψώσει τη συνολική στάση της κυβερνοασφάλειας των υποδομών ζωτικής σημασίας. Μελέτες περιπτώσεων και παραδείγματα από τον πραγματικό κόσμο απεικονίζουν την πρακτική εφαρμογή αυτών των ολοκληρωμένων στρατηγικών, παρέχοντας πολύτιμες γνώσεις τόσο για τους επαγγελματίες του κλάδου όσο και για τους υπεύθυνους χάραξης πολιτικής. Εν κατακλείδι, η παρούσα διατριβή συμβάλλει στην ακαδημαϊκή συζήτηση για την κυβερνοασφάλεια των υποδομών ζωτικής σημασίας προσφέροντας μια ολοκληρωμένη εξέταση των προηγμένων λύσεων προσαρμοσμένων στις μοναδικές προκλήσεις που θέτουν τα οικοσυστήματα έξυπνων δικτύων. Με τη διερεύνηση της συμβιωτικής σχέσης μεταξύ των τεχνολογικών οχυρώσεων και του μετριασμού του οικονομικού κινδύνου μέσω της ασφάλισης στον κυβερνοχώρο, η παρούσα έρευνα παρέχει έναν οδικό χάρτη για την ενίσχυση της ανθεκτικότητας των υποδομών ζωτικής σημασίας στον κυβερνοχώρο ενόψει των εξελισσόμενων απειλών στον κυβερνοχώρο

    Acculturation Chinese Symbol on Madura Batik Motif

    No full text
    Page Header Logo Asian Social Science User Username Password Remember me Journal Content Search Search Scope Browse By Issue By Author By Title Other Journals Font Size Make font size smaller Make font size default Make font size larger Information For Readers For Authors For Librarians Current Issue Atom logo RSS2 logo RSS1 logo Home About Login Register Search Current Archives Announcements Recruitment Editorial Team Submissions Index Contact Other Journals Publisher Home > Vol 12, No 4 (2016) > Karsono Acculturation Chinese Symbol on Madura Batik Motif Ong Mia Farao Karsono, Lintu Tulistyantoro Abstract This study has two chief purposes. Firstly, to introduce the Madurese Batik from Indonesia which has not yet been widely studied, and secondly, to show the acculturation of the Chinese culture in the motif of Madurese Batik. Research method employed in this study was descriptive qualitative, because our topic involves cultural and humanity sciences. The writers interview batik makers from the towns of Pamekasan, Tanjung Bumi, Sumenep, and Sampang, as research informants. We take two batik makers as representatives of each town. The four towns are selected because those towns are the centers of batik in Madura. To crosscheck the information obtained from the batik makers, also interview two collectors of Madurese batik who have good knowledge of Madurese batik. The data from the interviews and the photographic documentation of Madurese batiks are sorted and then analyzed by relating them to the theories about Madurese culture, acculturation process, and Chinese culture. The discussions and conclusions of the analyses correspond with the hypotheses proposed at the beginning of the study, which states that there are acculturations of the symbols on Madurese Batik motifs, which can be seen in the paintings of phoenix, butterfly, fish, bamboo trees on the batik, and that the acculturation process occurs naturally without conscious knowledge of the Madurese

    Pyramides en moskeeën: Architectuur in Egypte

    No full text
    Ons verhaal kan gezien worden als aanvulling op deze tentoonstelling over religieuze farao nische bouwkunst enerzijds en islamitische architectuur in Cairo anderzijds. Het bijzondere van het land Egypte is, dat twee totaal verschillende culturen naast elkaar staan, terwijl ze elkaar niet of nauwelijks beinvloed hebben. Hiernaast stellen we de problemen van overbevolking en huisvesting in de miljoenenstad Cairo. Ze steken schril af tegen de eeuwig rustende faraonische beschaving en de levende islamitische cultuur.ArchitectureArchitectur

    P2ISE: Preserving Project Integrity in CI/CD Based on Secure Elements

    No full text
    During the past decade, software development has evolved from a rigid, linear process to a highly automated and flexible one, thanks to the emergence of continuous integration and delivery environments. Nowadays, more and more development teams rely on such environments to build their complex projects, as the advantages they offer are numerous. On the security side however, most environments seem to focus on the authentication part, neglecting other critical aspects such as the integrity of the source code and the compiled binaries. To ensure the soundness of a software project, its source code must be secured from malicious modifications. Yet, no method can accurately verify that the integrity of the project’s source code has not been breached. This paper presents P2ISE, a novel integrity preserving tool that provides strong security assertions for developers against attackers. At the heart of P2ISE lies the TPM trusted computing technology which is leveraged to ensure integrity preservation. We have implemented the P2ISE and quantitatively assessed its performance and efficiency

    A Qualitative Analysis of Illicit Arms Trafficking on Darknet Marketplaces

    No full text
    During the last decade, the dark web has become the playground for criminal and underground activities, such as marketplaces of drugs and guns, as well as illegal content sharing. The dark web is one of the top crime environments presented in EUROPOL's Internet Organised Crime Threat Assessment 2021. This paper provides a qualitative study on the darknet marketplaces of illegal arms trafficking. For this purpose, we implemented a crawler based on the ACHE Python library to collect hidden web pages (onion services) on the Tor network. We gathered data from ten marketplaces recommended by dark web search engines - Ahmia, Deep Search, and Onion Land Search. We provide a first report of the overall landscape of illicit arms trafficking, discussing the range of weapons such as military drones, explosives, and other related products, together with the payment and shipping methods provided by the vendors. The findings verify previous reports from reputable institutions (United Nations and RAND Europe). Most of these illicit marketplaces are easily accessible to the average user; they are well-organized with a large variety of firearms and also provide extensive customer support

    P4G2Go: A Privacy-Preserving Scheme for Roaming Energy Consumers of the Smart Grid-to-Go

    No full text
    Due to its flexibility in terms of charging and billing, the smart grid is an enabler of many innovative energy consumption scenarios. One such example is when a landlord rents their property for a specific period to tenants. Then the electricity bill could be redirected from the landlord’s utility to the tenant’s utility. This novel scenario of the smart grid ecosystem, defined in this paper as Grid-to-Go (G2Go), promotes a green economy and can drive rent reductions. However, it also creates critical privacy issues, since utilities may be able to track the tenant’s activities. This paper presents P4G2Go, a novel privacy-preserving scheme that provides strong security and privacy assertions for roaming consumers against honest but curious entities of the smart grid. At the heart of P4G2Go lies the Idemix cryptographic protocol suite, which utilizes anonymous credentials and provides unlinkability of the consumer activities. Our scheme is complemented by the MASKER protocol, used to protect the consumption readings, and the FIDO2 protocol for strong and passwordless authentication. We have implemented the main components of P4G2Go, to quantitatively assess its performance. Finally, we reason about its security and privacy properties, proving that P4G2Go achieves to fulfill the relevant objectives

    ICITPM: Integrity Validation of Software in Iterative Continuous Integration Through the Use of Trusted Platform Module (TPM)

    No full text
    Software development has passed from being rigid and not very flexible, to be automated with constant changes. This happens due to the creation of continuous integration and delivery environments. Nevertheless, developers often rely on such environments due to the large number of amenities they offer. They focus on authentication only, without taking into consideration other aspects of security such as the integrity of the source code and of the compiled binaries. The source code of a software project must not be maliciously modified. Notwithstanding, there is no safe method to verify that its integrity has not been violated. Trusted computing technology, in particular, the Trusted Platform Module (TPM) can be used to implement that secure method

    GTM: Game Theoretic Methodology for optimal cybersecurity defending strategies and investments

    No full text
    Investments on cybersecurity are essential for organizations to protect operational activities, develop trust relationships with clients, and maintain financial stability. A cybersecurity breach can lead to financial losses as well as to damage the reputation of an organization. Protecting an organization from cyber attacks demands considerable investments; however, it is known that organisations unequally divide their budget between cybersecurity and other technological needs. Organizations must consider cybersecurity measures, including but not limited to security controls, in their cybersecurity investment plans. Nevertheless, designing an effective cybersecurity investment plan to optimally distribute the cybersecurity budget is a primary concern. This paper presents GTM, a methodology depicted as a tool dedicated to providing optimal cybersecurity defense strategies and investment plans. GTM utilizes attack graphs to predict all possible cyber attacks, game theory to simulate the cyber attacks and 0-1 Knapsack to optimally allocate the budget. The output of GTM is an optimal cybersecurity strategy that includes security controls to protect the organisation against potential cyber attacks and enhance its cyber defenses. Furthermore, GTM’s effectiveness is evaluated against three use cases and compared against different attacker types under various scenarios

    Cyber-Insurance: Past, Present and Future

    No full text
    Insurance, in general, is a financial contract between the one buying the insurance (also known as the policyholder or insured) and the one providing insurance (known as insurance carrier or insurer). The contract, known as the insurance policy, typically states that the policyholder will pay a regular insurance premium in exchange for a financial compensation, also known as indemnification, in the event of a loss defined in the insurance policy. Insurance is used to manage risks by transferring them to the insurer, and cyber-insurance in particular deals with cyber risks covering direct and indirect damages caused by cyberattacks. The cyber-insurance market is still growing and has been receiving broader interest from research communities and government bodies over the years. This paper provides an overview of cyber-insurance, novel models proposed throughout the years and future challenges to be addressed for cyber-insurance to become a key component of an organisation’s and household’s cyber risk management approach
    corecore