Article 1
Understanding Cyber Situation Awareness
Cyril Onwubiko
Historically, situation awareness has been applied to mainstream disciplines such as psychology, air traffic control, and aviation. This trend has since changed. Situation awareness has expanded now into the Cyber domain such as social media, vehicular networks (VANET), cybersecurity, CERTs and computer network defense (CND) etc. …
Article 2
A Public-Private-Partnership Model for National Cyber Situational Awareness
Timea Pahi and Florian Skopik
The information age has led to the merger of various infrastructures, from both business and governmental sectors and their functions, such as information technology, communication and transport systems, banking and finance, energy supply and process control systems. …
Article 3
Visual Analytics for Non-Expert Users in Cyber Situation Awareness
Philip Legg
The information age has led to the merger of various infrastructures, from both business and governmental sectors and their functions, such as information technology, communication and transport systems, banking and finance, energy supply and process control systems. …
Article 4
A Study on Situational Awareness Security and Privacy of Wearable Health Monitoring Devices
Xavier Bellekens, Kamila Nieradzinska, Alexandra Bellekens, Preetila Seeam, Andrew Hamilton and Amar Seeam
Situational Awareness provides a user centric approach to security and privacy. The human factor is often recognised as the weakest link in security, therefore situational perception and risk awareness play a leading role in the adoption and implementation of security mechanisms. In this study we assess the understanding of security and privacy of users in possession of wearable devices. …
Article 5
Instant Message Classification in Finnish Cyber Security Themed Free-Form Discussion
Samir Puuska, Matti J. Kortelainen, Viljami Venekoski and Jouko Vankka
Instant messaging enables rapid collaboration between professionals during cyber security incidents. However, monitoring discussion manually becomes challenging as the number of communication channels increases. Failure to identify relevant information from the free-form instant messages may lead to reduced situational awareness. In this paper, the problem was approached by developing a framework for classification of instant message topics of cyber security–themed discussion in Finnish. …
Article 6
Predicting the performance of users as human sensors of security threats in social media
Ryan Heartfield and George Loukas
While the human as a sensor concept has been utilised extensively for the detection of threats to safety and security in physical space, especially in emergency response and crime reporting, the concept is largely unexplored in the area of cyber security. Here, we evaluate the potential of utilising users as human sensors for the detection of cyber threats, specifically on social media. For this, we have conducted an online test and accompanying questionnaire-based survey, which was taken by 4,457 users. …
Article 7
Leveraging Biometrics for Insider Misuse Identification
Abdulrahman Alruban, Nathan Clarke, Fudong Li and Steven Furnell
Insider misuse has become a real threat to many enterprises in the last decade. A major source of such threats originates from those individuals who have inside knowledge about the organization’s resources. Therefore, preventing or responding to such incidents has become a challenging task. Digital forensics has grown into a de-facto standard in the examination of electronic evidence, which provides a basis for investigating incidents. …
Article 8
Attack Simulation based Software Protection Assessment Method with Petri Net
Gaofeng Zhang, Paolo Falcarin, Elena Gómez-Martínez, Shareeful Islam, Christophe Tartary, Bjorn De Sutter and Jérôme d’Annoville
Software protection is an essential aspect of information security to withstand malicious activities on software, and preserving valuable software assets. However, software developers still lack an effective methodology for the assessment of deployed protections, especially in the area of mobile applications. To solve these issues, we present a novel attack simulation based software protection assessment method to evaluate and compare different protection solutions. Our solution relies on Petri Nets to specify and visualize attack models of mobile applications. …
Article 9
Detecting bots using multi-level traffic analysis
Matija Stevanovic and Jens Myrup Pedersen
Botnets, as networks of compromised “zombie” computers, represent one of the most serious security threats on the Internet today. This paper explores how machines compromised with bot malware can be identified at local and enterprise networks in accurate and time-efficient manner. The paper introduces a novel multi-level botnet detection approach that performs network traffic analysis of three protocols widely considered as the main carriers of botnet Command and Control (C&C) and attack traffic, i.e. TCP, UDP and DNS. The proposed method relies on supervised machine learning for identifying patterns of botnet network traffic. …
Article 10
A Review of Significance of Energy-Consumption Anomaly in Malware Detection in Mobile Devices
Jameel Qadri, Thomas M. Chen and Jorge Blasco
Mobile devices, such as smartphones, have become an important part of modern lives. However, as these devices have tremendously become popular they are attracting a range of attacks. Malware is one of the serious threats posed to smartphones by the attackers. Due to the limited resources of mobile devices malware detection on these devices remains a challenge. Malware detection techniques based on energy-consumption anomaly present several advantages to circumvent the resource constraints of mobile devices. …
Article 11
N-gram Opcode Analysis for Android Malware Detection
BooJoong Kang, Suleiman Y. Yerima, Sakir Sezer and Kieran McLaughlin
Android malware has been on the rise in recent years due to the increasing popularity of Android and the proliferation of third party application markets. Emerging Android malware families are increasingly adopting sophisticated detection avoidance techniques and this calls for more effective approaches for Android malware detection. …