1

Multi-Stage Threat Modelling and Security Monitoring in 5GCN

The fifth generation of mobile networks (5G) promises a range of new capabilities including higher data rates and more connected users. To support the new capabilities and use cases the 5G Core Network (5GCN) will be dynamic and reconfigurable in …

Towards Dynamic Threat Modelling in 5G Core Networks Based on MITRE ATT&CK

This article discusses how the gap between early 5G network threat assessments and an adversarial Tactics, Techniques, Procedures (TTPs) knowledge base for future use in the MITRE ATT&CK threat modelling framework can be bridged. We identify …

Cyber-Insurance: Past, Present and Future

Insurance, in general, is a financial contract between the one buying the insurance (also known as the policyholder or insured) and the one providing insurance (known as insurance carrier or insurer). The contract, known as the insurance policy, …

How Secure is Home: Assessing Human Susceptibility to IoT Threats

SECONDO: A Platform for Cybersecurity Investments and Cyber Insurance Decisions

This paper represents the SECONDO framework to assist organizations with decisions related to cybersecurity investments and cyber-insurance. The platform supports cybersecurity and cyber-insurance decisions by implementing and integrating a number of …

Deep Binarized Convolutional Neural Network Inferences over Encrypted Data

Homomorphic encryption provides a way to perform deep learning over encrypted data and permits the user to encrypt the data before uploading, leaving the control of data on the user side. However, operations on encrypted data based on homomorphic …

Optimizing Investments in Cyber Hygiene for Protecting Healthcare Users

Cyber hygiene measures are often recommended for strengthening an organization’s security posture, especially for protecting against social engineering attacks that target the human element. However, the related recommendations are typically the same …

Cut-The-Rope: A Game of Stealthy Intrusion

A major characteristic of Advanced Persistent Threats (APTs) is their stealthiness over a possibly long period, during which the victim system is being penetrated and prepared for the finishing blow. We model an APT as a game played on an attack …

Honeypot Type Selection Games for Smart Grid Networks

In this paper, we define a cyber deception game between the Advanced Metering Infrastructure (AMI) network administrator (henceforth, defender) and attacker. The defender decides to install between a low-interaction honeypot, high-interaction …

CUREX: seCUre and pRivate hEalth data eXchange

The Health sector's increasing dependence on digital information and communication infrastructures renders it vulnerable to privacy and cybersecurity threats, especially as the theft of health data has become lucrative for cyber criminals. CUREX …