Early warning systems for cyber defence

Cybercriminals ramp up their efforts with sophisticated techniques while defenders gradually update their typical security measures. Attackers often have a long-term interest in their targets. Due to a number of factors such as scale, architecture and nonproductive traffic however it makes difficult to detect them using typical intrusion detection techniques. Cyber early warning systems (CEWS) aim at alerting such attempts in their nascent stages using preliminary indicators. Design and implementation of such systems involves numerous research challenges such as generic set of indicators, intelligence gathering, uncertainty reasoning and information fusion. This paper discusses such challenges and presents the reader with compelling motivation. A carefully deployed empirical analysis using a real world attack scenario and a real network traffic capture is also presented.

Content and methodology of predoctoral Geriatric Dentistry teaching in Europe

Objectives: To explore the content and methodology of predoctoral Geriatric Dentistry teaching amongst European dental schools.
Methods: The study was conducted by the European College of Gerodontology (ECG) Education Committee. Αn electronic questionnaire has been developed with close and open-ended items, including information on the prevalence and institutional anchorage of Gerodontology programs, the educators, the content and the methodology of teaching. An electronic mail, including a hyperlink to the questionnaire, was sent to 216 dental schools in 39 European countries (Winter/ Spring 2016). The Deans were asked to either answer themselves, or forward the link to faculty members with knowledge on Gerodontology teaching at their respective schools. Repeated reminders or telephone calls were used for non-respondents and personal networks were exploited to identify potential contact persons.
Results: Until August 2016, 121 dental schools from 29 countries responded to the survey (response rate 56%, EU response rate: 60%). Gerodontology was included in the predoctoral curricula of 86% of the respondents and was compulsory in 68%. The course was mainly offered in senior students and was interdisciplinary in 30% of the schools, delivered mainly by dentists (79%), physicians (21%), psychologists (10%), and nurses (5%). It was conducted as an independent lecture series in 40% of the schools and a course director was assigned in 44% of the respondents. When embedded in other disciplines, these were mainly Prosthodontics (31%). The content included a large number of items, such as epidemiology of oral health, medical problems in old age, prosthodontic management, xerostomia, and caries risk assessment. Lectures were the most common teaching format (69%), followed by small group seminars (27%). The most common types of educational material used were scientific articles (48%), printed textbooks (44%), lecture notes (40%) and e-learning material (21%). Clinical training was offered by 64% of the respondents, within the dental school clinics (49%) and/or in outreach locations (40%).
Conclusion: Amongst the respondent European dental schools (66%) there is an increasing number that teach Gerodontology at a pre-doctoral level with significant variations in content and methodology. Official guidelines and the dissemination of the ECG pre-doctoral curriculum guidelines might help to increase the prevalence and improve the status of Gerodontology teaching in Europe.

STPA-SafeSec: Safety and Security Analysis for Cyber-Physical Systems

Cyber-physical systems tightly integrate physical processes and information and communication technologies. As today’s critical infrastructures, e.g., the power grid or water distribution networks, are complex cyber-physical systems, ensuring their safety and security becomes of paramount importance. Traditional safety analysis methods, such as HAZOP, are ill-suited to assess these systems. Furthermore, cybersecurity vulnerabilities are often not considered critical, because their effects on the physical processes are not fully understood. In this work, we present STPA-SafeSec, a novel analysis methodology for both safety and security. Its results show the dependencies between cybersecurity vulnerabilities and system safety. Using this information, the most effective mitigation strategies to ensure safety and security of the system can be readily identified. We apply STPA-SafeSec to a use case in the power grid domain, and highlight its benefits.

Effective network security monitoring: from attribution to target-centric monitoring

Network security monitoring remains a challenge. As global networks scale up, in terms of traffic, volume and speed, effective attribution of cyber attacks is increasingly difficult. The problem is compounded by a combination of other factors, including the architecture of the Internet, multi-stage attacks and increasing volumes of nonproductive traffic. This paper proposes to shift the focus of security monitoring from the source to the target. Simply put, resources devoted to detection and attribution should be redeployed to efficiently monitor for targeting and prevention of attacks. The effort of detection should aim to determine whether a node is under attack, and if so, effectively prevent the attack. This paper contributes by systematically reviewing the structural, operational and legal reasons underlying this argument, and presents empirical evidence to support a shift away from attribution to favour of a target-centric monitoring approach. A carefully deployed set of experiments are presented and a detailed analysis of the results is achieved.