Issue Downloads
Emerging Cybersecurity Capability Gaps in the Industrial Internet of Things: Overview and Research Agenda
- Louise Axon,
- Katherine Fletcher,
- Arianna Schuler Scott,
- Marcel Stolz,
- Robert Hannigan,
- Ali El Kaafarani,
- Michael Goldsmith,
- Sadie Creese
Internet of Things (IoT)-enabled devices are becoming integrated into a significant and increasing proportion of critical infrastructures, changing the cybersecurity-risk landscape. Risk is being introduced to industry sectors such as transport, energy, ...
Randomized Moving Target Approach for MAC-Layer Spoofing Detection and Prevention in IoT Systems
MAC-layer spoofing, also known as identity spoofing, is recognized as a serious problem in many practical wireless systems. IoT systems are particularly vulnerable to this type of attack as IoT devices (due to their various limitations) are often ...
Field Note on IoT Security: Novel JIT Security for Large-Scale Heterogeneous IoT Deployments
This article provides an overview of specific security considerations for multi-modal Internet-of-Things(IoT) use-case deployment. With the year-over-year exponential increase in smartdevice deployments, threat vectors continue to fall into a concise list ...
Analyzing the Direct and Transitive Impact of Vulnerabilities onto Different Artifact Repositories
In modern-day software development, a vast amount of public software libraries enable the reuse of existing implementations for reoccurring tasks and common problems. While this practice does yield significant benefits in productivity, it also puts an ...
Are We Skillful or Just Lucky? Interpreting the Possible Histories of Vulnerability Disclosures
Coordinated Vulnerability Disclosure (CVD) stands as a consensus response to the persistent fact of vulnerable software, yet few performance indicators have been proposed to measure its efficacy at the broadest scales. In this article, we seek to fill ...
Vulnerability Exposure Driven Intelligence in Smart, Circular Cities
In this article, we study the vulnerability management dimension in smart city initiatives. As many cities across the globe invest a considerable amount of effort, resources and budget to modernise their infrastructure by deploying a series of ...
Strategies for Practical Hybrid Attack Graph Generation and Analysis
As an analytical tool in cyber-security, an attack graph (AG) is capable of discovering multi-stage attack vectors on target computer networks. Cyber-physical systems (CPSs) comprise a special type of network that not only contains computing devices but ...
Vulnerability Forecasting: Theory and Practice
It is possible to forecast the volume of CVEs released within a time frame with a given prediction interval. For example, the number of CVEs published between now and a year from now can be forecast within 8% of the actual value. Different predictive ...
Risk-aware Fine-grained Access Control in Cyber-physical Contexts
Access to resources by users may need to be granted only upon certain conditions and contexts, perhaps particularly in cyber-physical settings. Unfortunately, creating and modifying context-sensitive access control solutions in dynamic environments ...
Threat Intelligence Quality Dimensions for Research and Practice
As the adoption and diversity of threat intelligence solutions continue to grow, questions about their effectiveness, particularly in regards to the quality of the data they provide, remain unanswered. Several studies have highlighted data quality issues ...
