2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing

An Investigation on Cyber Security Threats and

Security Models
Kutub Thakur1 , Meikang Qiu2∗ , Keke Gai3 , Md Liakat Ali4

Abstract—Cyber security has been used interchangeably for

information security, where later considers the role of the
human in the security process while former consider this
as an additional dimension and also, focus person has a
potential target. However, such discussion on cyber security
has important implication as it focuses on the ethical part
of the society as a whole. To address the issue of cyber
security, various frameworks and models have been developed.
It also introduces the concepts of cyber security in terms of its
framework, workforces and information related to protecting
personal information in the computer. This paper reviews
these models along with their limitations and review the past
techniques used to mitigate these threats. Furthermore, the Fig. 1: Viewpoints of cyber security issues reviewed in this
report also provides recommendations for future research. paper
Index Terms—Cybersecurity, frameworks, workforces,
threats, techniques

I. I NTRODUCTION or destruction [4]–[6]. In the context of this review cyber

Cyber security has been used interchangeably for infor- security has been defined as the integration of policies, se-
mation security, where later considers the role of the human curity measures, approaches to risk management, protocols,
in the security process while former consider this as an technologies, process and training which can be utilized in
additional dimension and also, focus person has a potential securing the organization and cyber setup along with user
target. However, such discussion on cyber security has an assets [6].
important implication as it focuses on the ethical part of This paper focuses on the issues of cyber security
the society as a whole. There are various definitions of threats and summarizes the existing security models. Fig.
the concept of cyber security with varied aspects such as 1 represents the main viewpoints reviewed in this paper,
secured sharing, confidential and access to information. But which include cyber security workforce, vulnerability scan-
still, the definitions lacks clarity and consensus. ning, email virus filtering, personal information protection,
Moreover, cyber security measured with regards to access, prevention of cybersafety, and firewall services. The sig-
integration of data, security, storage and transfer of data nificance of this paper are assisting both academics and
through electronic or other modes [1], [2]. Cybersecurity professionals gain a holistic view about contemporary cyber
indicates three important factors. The methods of protecting security field. The main contributions of this paper have two
Information Technology (IT), the data itself, the data being aspects:
processed and transmitted together with physical and virtual 1) This paper summarizes crucial issues in cyber security
setup, the level of protection obtained by applying such domains by a literature review.
measures and the professional aspects associated [3]. 2) This paper proposes a number of research directions
We define that the cyber-security as a measure protecting for future explorations in the field.
computer systems, networks, and information from disrup- The remainder of this paper is organized by the following
tion or unauthorized access, use, disclosure, modification orders. Section II reviews and organizes crucial issues in
cyber security. A number of aspects are addressed in this
1 K. Thakur is with Department of Computer Science, Pace University,
section. Next, a discussion about future researches is given
New York, NY 10038, USA, kt68851n@pace.edu.
2 M. Qiu (Corresponding author) is with Department of Computer in Section III. Finally, we present our conclusions in Section
Science, Pace University, New York, NY 10038, USA, mqiu@pace.edu. IV.
3 K. Gai is with Department of Computer Science, Pace University, New
York, NY 10038, USA, kg71231w@pace.edu. II. C RUCIAL I SSUES IN C YBER S ECURITY
4 M. L. Ali is with Department of Computer Science, Pace University,
New York, NY 10038, USA, ma03901n@pace.edu. Cyber security relies upon the care that individuals can
∗ This work is supported by NSF CNS-1457506 and NSF CNS-1359557. take and conclusions they conduct while they organize,

978-1-4673-9300-3/15 $31.00 © 2015 IEEE 307

DOI 10.1109/CSCloud.2015.71
manage and utilize systems and internet [7]. Numerous In the case of identifying thieves, the people who obtain
efforts have been made to find the solution for cyber security unauthorized access to the personal information like social
evaluation challenge and various frameworks have been security, and financial account numbers are considered [18].
constructed. However, the frameworks encounter different Spyware is software that “piggybacks” on programs that are
difficulties though it was working fine initially at the time downloaded and gathers information about online habits and
of development [8]. The restrictions derive from different transmits personal information without the users knowledge.
aspects, such as emerging technologies [9] and facility In addition to the above-discussed problem, a company
limitations. Security issues are often considered a tradeoff may face a number of other consequences if they fail to take
between security requirements and other benefits [10], [11]. actions to protect personal information and user’s computer.
A. Cyber security workforce The consequence indulges such as loss in the access of
campus computer network, confidential information, inte-
The framework of National Initiative for Cybersecurity gration and access to valuable University data, research on
Education (NICE) is an inter-agency attempt by the Na- personal electronic data lawsuits, loss of public trust and
tional Institute of Standards and Technology (NIST). The offer opportunities, pursuit, internal conflict action and or
agency focuses on awareness, cyber security education, employment termination.
awareness, training and professional development. NICE
Came up with the Cybersecurity Workforce Framework.
This framework insists on recognition by the process of C. Studies of email virus filtering
training. Also, accomplishes secure cyber infrastructure as
Several studies have been conducted on the filtering of
defined in the context. Also, the framework has not included
email virus Prior study had addressed various existing spam
the factor new technologies are rapidly emerging that en-
detection methods and finding the useful, precise, and de-
hances the challenges in cyber security threats [12].
pendable spam detection process [19]. The applications that
The scholars also mention that there need to be enough
are currently applied by various anti-spam spam software
cybersecurity standards and procedures, which need to be
are considered to be static, which mean that it is quite easy
frequently reviewed [8]. The researchers further indicate
to elude by tweaking the messages.
the frameworks has not included the aspects of threats that
exploit vulnerable and hence strategies of risk management To perform this, the spammer would evaluate the current
needs to be addressed [13]. Also, the authors recommend anti-spam methods and determine the modes to play around
that cybercrime legislation is not in place to handle the [20]. To combat the spam effectively, it is important to
criminals. Finally, an effective security strategy can be active adopt a new technique. This new approach needs to be
in collaboration with modeling business processes [14]. complete the spammer’s strategies as they are changed
from time to time [21]. It must also able to adapt to the
B. Cyber safety for protecting personal information in com- particular organization that it is protecting for the answer
puter lies in Bayesian mathematics. The study findings indicated
Cyber-safety is a concept that has been used to explain that some of the spam detection method and the numerous
a set of measures, practices, and actions that help in the issues associated with the spam. From various studies, it is
protection of computer and privacy from various attacks understood that we will not be able to stop the spam and
[15], [16]. At any company, there is a Cyber-safety Program will be a limit them effectively using Bayesian method when
policy, PPM 310-22, which establishes that all devices con- compared to other methods.
nected to any company electronic communications network Moreover, prior research also explored various prob-
must meet certain security standards. As required by the lems associated with spam and spam filtering methods,
system, most departments offer annual reports defining their techniques. The different methods determine the incoming
levels of the compliance. Also, various services are in place spam methods are Bayesian analysis, Blacklist/Whitelist,
to assist all faculty, staff and students to meet the cyber- Keyword checking and Mail header analysis [22]. The
safety standards. Specific information about these services different spam filtering techniques adopted Distributed adap-
is provided. tive blacklists, Rule-based filtering, Bayesian classifier, K
The cyber safety threats can be caused due to viruses, nearest neighbors, Support Vector Machine (SVM), Content-
hackers, identifying thieves, spyware [17]. The virus in- based Spam Filtering Techniques - Neural Networks, The
fects the computer through the email attachment and file multi-layer networks, Technique of search engines, Tech-
sharing. One infected computer can cause problems to nique of genetic engineering, Technique of artificial immune
all the computer networks. A people who “trespass” the system. The study findings revealed that many of the filtering
computer from a remote location are considered as Hackers. techniques are based on text categorization methods, and
These people use a computer to send spam or viruses there is no technique can claim to provide an ideal solution
or do other activities that cause computer malfunction. with 0% false positive and 0% false negative. There are a

308
lot of research opportunities to classify multimedia and text
messages.
Kumar et al. [23] indicated that the spam dataset is ex-
amined with the use of TANAGRA data mining tool which
determine the efficient classifier in the classification of email
spam. Firstly, feature selection and feature construction is
conducted to obtain the required characteristics [24]. After
that different classification algorithms would be applied to
Fig. 2: General operation flow of cybersafety prevention
the dataset and a cross-validation would be done on each
classifier. In the end, the best classifier in email spam is
determined on the aspects of precision, error rate and recall.
From the obtained results, fisher filtering and runs filtering that there is two types of intrusion detection system host
feature selection algorithms performs better classification based and network based. In addition proposed solution
for many classifiers. The Rnd tree classification algorithm provides information on how to use programmability of
applied to relevant features after fisher filtering has produced software switches based on the solutions that improve the
more than 99% accuracy for spam detection. This Rnd tree detection accuracy and defeat.
classifier is also tested with test dataset which gives accurate Other research [25] focused on the vulnerability as-
results than other classifiers for this spam dataset. sessment for automatic environments along with the web
D. Studies of firewall services applications and various threats which are detected during
the vulnerability assessment for different networking prod-
Al-Fayyad et al. [25] evaluated the performance of per- ucts. The study has adopted OpenVas tool with exploratory
sonal firewall systems by organizing an arranged walk- research method. The study findings revealed some of the
through to determine the design factors that could violate the methods that can fix vulnerability for removing threats using
usage standards. In the study of personal firewalls usability the function PHP info () and other methods like Trojan helps
on Windows XP platform, four modern firewalls namely in keeping networking systems safe.
Norton 360 V. 2.0.0.242, Trend Micro Internet Security
Ye et al. [28] studied the quantitative vulnerability assess-
Version 16.00.1412, Zone Alarm V. 7.1.248 and ESET
ment model in cyber security for DAS. The evaluation pro-
Nod32 Smart Security. The study results indicated that
cess is distinguished into three sections namely vulnerability
Personal firewalls encounter poor usability that could lead
adjacency matrix formation, attack processes modeling, and
to vulnerabilities in security. The usability problems could
physical consequences analysis. The increasing smart grid
be due to the issue that the data given by the firewalls (could
merits cyber security problems has enhanced because of the
be during the process of installing, configuration or during
higher integration of cyber systems to the physical power
interaction) was not clear or misleading. Various usability
systems. It has been found that DAS is highly exposed to
problems have been noticed because of the reduced clarity
cyber attacks when compared to various control systems in
of alerts.
substations or power plants.
Li [26] evaluated the issues in placing the firewalls in the
However, it has to make sure that each DAS is secure and
topology of networking design and how to frame the routing
economically not favorable and technically not essential.
tables in the process so that a maximized firewall rule set
The theory involves creating ADG models, evaluation of
could be minimal that helps to avoid performance bottleneck
potential physical effects due to cyber-attacks and sug-
and limits the security loopholes. There have been two
gesting vulnerability adjacency matrix to show the con-
significant contributions that the problems are NP-complete,
nection among various weaknesses. Numerous case studies
and that a heuristic solution has been proposed and illustrate
on account of RBTS bus 2 indicate the effectiveness and
the efficiency of algorithms using simulations. The outcome
validation of the proposed vulnerability assessment model.
of the test indicates that the suggested algorithm has limited
the multi-firewall rule set than other algorithms.
F. Prevention of Cybersafety
E. Studies of vulnerability scanning
Sudha Rani et al. [27] analyzed Intrusion Detection There are seven significant cyber-safety actions which
System (IDS) methods to identify an attack of a computer are Running Anti-virus Software, Installing OS/Software
network. In order to prevent vulnerable virtual machines Updates, Preventing Identity Theft, Switch on the Personal
network, intrusion detection system is proposed. In addition, Firewalls, Prevent Adware/Spyware, protection of Pass-
the study has taken potential security risks as well as the words and Backing up Important Files [29]. Fig. 2 represents
security considerations taken into account for implementing a general operation flow of the cybersafety prevention.
a virtual private network [3]. The study findings revealed 1) Install OS/Software updates:

309
• Installing software updates are also known as patches for their responses. The functionality of Firewalls is to
that helps to fix issues of operating system (OS) block your computer which prevents any response calls
(e.g., Mac OS X , Windows Vista, Windows XP,) and from a computer.
software programs such as Microsoft applications. 5) Protecting passwords:
• Many of the latest operating systems are arranged to
• Make sure that not to share your passwords, and make
download updates automatically by default. Once the sure to create new passwords which are hard to guess.
updates have ben downloaded, a confirmation prompt Avoid any dictionary works and establish a password
is displayed for installation. Click yes by with mixed number, alphabets, and punctuation
• Once the updates are complete, make sure to restart
marks.
the computer for the patches to be applied. • Be sure not to use any common passwords or its vari-
2) Running Anti-Virus Software: ations such as abc123, iloveyou1, let me in, qwerty1,
• In order prevent computer virus issues install and then (yourname1), password1 and baseball1.
run the anti-virus software such as Sophos and check • Change passwords periodically.
the last updated date. • When choosing a password:
• Make sure to check periodically if the installed anti- – Mix upper and lower case letters
virus is up to the date which helps to block current – Use a minimum of 8 characters
and future viruses. The anti-virus application removes – Use mnemonics to help you remember a compli-
detected viruses, quarantines it and finally repairs users cated password
system infected files.
• The students of UC Davis, staffs and faculty members
III. D ISCUSSIONS
can download Sophos software for both homes and From the review it was observed that, there are various
work computers for free from the Internet Tools CD, studies conducted on cyber safety especially earlier studies
which you can obtain from the Shields Library’s IT have tried to attempt the problems linked to spam and
Express. spam filtering techniques [19]. In specific, spam dataset is
3) Preventing Identity Theft: analyzed using TANAGRA data mining tool to explore the
efficient classifier for email spam classification [23]. Further
• Don’t give out financial account numbers, Social Secu-
studies also analyzed various existing spam detection meth-
rity numbers, driver’s license numbers or other personal
ods and identified an efficient, accurate, and reliable spam
identity information unless you know exactly who’s
detection method [19].
receiving it. Protect others people’s information as you
The usage of personal firewall systems by performing
would your own.
a cognitive analysis in determining design elements which
• Never send personal or confidential information via
would violate the principles of usability [30]. The issue of
email or instant messages as these can be easily in-
how to arrange the topology of firewalls in a network design
tercepted.
and how the frame the routing tables in execution so that the
• Beware of phishing scams - a form of fraud that uses
max firewall rule set could be limited [26]. Attribute-based
email messages that appear to be from a reputable
solutions can be an option for specific security requirements
business (often a financial institution) in an attempt to
[31].
gain personal or account information. These often do
The usage of Intrusion Detection System (IDS) [32]
not include a personal salutation. Never enter personal
procedure to find a computer network attack [27]. The
information into an online form you accessed via a link
vulnerability assessment in automatic setups together with
in and any email from an unknown email id. Generally
web applications and other threats, such as data validations
authentic businesses do not request personal details
[24], [33]. An innovative quantitative vulnerability assess-
online.
ment model on cyber security for DAS is evaluated [28].
4) Switching on Personal Firewalls: Further the analysis indicated various safety and prevention
• Find under system’s security setting for a default per- functionalities.
sonal firewall and switch it on. Mac OSC and Microsoft
Vista have installed built-in firewalls. After turning on IV. C ONCLUSIONS
the firewall, check it for any open ports which would From the review, it was found that majority of the studies
allow hackers and viruses. have been conducted on the email security, firewalls, and
• Firewalls work as the protection layers between the vulnerabilities. Yet, not many studies from the perspective
internet and computers. of password security. There are general recommendations
• The standard process of hackers would be to send on how to secure the password but not any authenticated
pings(calls) to various computers at random and check protocol to protect the system inherently. Therefore, there

310
is a need for more studies in terms of technics and models [22] S. Delany, M. Buckley, and D. Greene. SMS spam filtering: methods
and data. Expert Systems with Applications, 39(10):9899–9908, 2012.
from this perspective to ensure that passwords are protected. [23] R. Kumar, G. Poonkuzhali, and P. Sudhakar. Comparative study
on email spam classifier using data mining techniques. In The
R EFERENCES International MultiConference of Engineers and Computer Scientists,
[1] J. Blackburn and G. Waters. Optimising Australia’s Response to the volume 1, pages 14–16, Hong Kong, China, 2012.
Cyber Challenge. Kokoda Foundation, 2011. [24] C. Ten, C. Liu, and G. Manimaran. Vulnerability assessment of
[2] L. Bennett. Cyber security strategy. ITNOW, 54(1):10–11, 2012. cybersecurity for scada systems. IEEE Transactions on Power
[3] M. Qiu, L. Zhang, Z. Ming, Z. Chen, X. Qin, and L. Yang. Security- Systems, 23(4):1836–1846, 2008.
aware optimization for ubiquitous computing systems with SEAT [25] B. Alfayyadh, J. Ponting, M. Alzomai, and A. Jøsang. Vulnerabilities
graph approach. J. of Computer and Syst. Sci., 79(5):518–529, 2013. in personal firewalls caused by poor security usability. In IEEE Int’l
[4] M. Gallaher, A. Link, and B. Rowe. Cyber Security: Economic Conf. on Infor. Theor. and Infor. Security, pages 682–688, Beijing,
Strategies and Public Policy Alternatives. Edward Elgar Publishing, China, 2010. IEEE.
2008. [26] J. Li. The research and application of multi-firewall technology in
[5] F. Pasqualetti, F. Dorfler, and F. Bullo. Attack detection and identi- enterprise network security. Int’l J. of Security and Its Applications,
fication in cyber-physical systems. IEEE Transactions on Automatic 9(5):153–162, 2015.
Control, 58(11):2715–2729, 2013. [27] N. Rani, A. Satyanarayana, and P. Bhaskaran. Coastal vulnerability
[6] Y. Yan, Y. Qian, H. Sharif, and D. Tipper. A survey on cyber security assessment studies over india: a review. Natural Hazards, 77(1):405–
for smart grid communications. IEEE Communications Surveys & 428, 2015.
Tutorials, 14(4):998–1010, 2012. [28] X. Ye, J. Zhao, Y. Zhang, and F. Wen. Quantitative vulnerability
[7] A. Tonge, S. Kasture, and S. Chaudhari. Cyber security: challenges assessment of cyber security for distribution automation systems.
for society-literature review. IOSR Journal of Computer Engineering, Energies, 8(6):5266–5286, 2015.
2(12):67–75, 2013. [29] H. Sun, Y. Chen, and Y. Lin. opass: A user authentication protocol
[8] S. Subashini and V. Kavitha. A survey on security issues in resistant to password stealing and password reuse attacks. IEEE
service delivery models of cloud computing. Journal of network Trans. on Info. Forensics and Security, 7(2):651–663, 2012.
and computer applications, 34(1):1–11, 2011. [30] H. Hu, G. Ahn, and K. Kulkarni. Detecting and resolving firewall
[9] K. Gai and S. Li. Towards cloud computing: a literature review on policy anomalies. IEEE Transactions on Dependable and Secure
cloud computing and its development trends. In 2012 Fourth Int’l Computing, 9(3):318–331, 2012.
Conf. on Multimedia Information Networking and Security, pages [31] K. Gai, M. Qiu, B. Thuraisingham, and L. Tao. Proactive attribute-
142–146, Nanjing, China, 2012. based secure data schema for mobile cloud in financial industry. In
[10] M. Qiu, H. Su, M. Chen, Z. Ming, and L. Yang. Balance of security The IEEE International Symposium on Big Data Security on Cloud,
strength and energy for a PMU monitoring system in smart grid. pages 1332–1337, New York, USA, 2015.
IEEE Communications Magazine, 50(5):142–149, 2012. [32] K. Gai, M. Qiu, L. Tao, and Y. Zhu. Intrusion detection techniques
[11] M. Qiu, W. Gao, M. Chen, J. Niu, and L. Zhang. Energy efficient for mobile cloud computing in heterogeneous 5G. Security and
security algorithm for power grid wide area monitoring system. IEEE Communication Networks, pages 1–10, 2015.
Transactions on Smart Grid, 2(4):715–723, 2011. [33] L. Tao, S. Golikov, K. Gai, and M. Qiu. A reusable software
[12] F. Hu, M. Qiu, J. Li, T. Grant, D. Taylor, and S. McCaleb et al. A component for integrated syntax and semantic validation for services
review on cloud computing: Design challenges in architecture and computing. In 9th Int’l IEEE Symposium on Service-Oriented System
security. J. of Computing and Info. Tech., 19(1):25–55, 2011. Engineering, pages 127–132, San Francisco Bay, USA, 2015.
[13] S. Ahmed, M. Elsholkami, A. Elkamel, J. Du, E. Ydstie, and P. Dou-
glas. Financial risk management for new technology integration in
energy planning under uncertainty. Applied Energy, 128:75–81, 2014.
[14] Y. Badr, F. Biennier, and S. Tata. The integration of corporate
security strategies in collaborative business processes. IEEE Trans.
on Services Computing, 4(3):243–254, 2011.
[15] O. Boric-Lubecke, X. Gao, E. Yavari, M. Baboli, A. Singh, and
V. Lubecke. E-healthcare: Remote monitoring, privacy, and security.
In IEEE Int’l MTT-S, pages 1–3, Tampa, FL, USA, 2014.
[16] K. Gai, M. Qiu, L. Chen, and M. Liu. Electronic health record
error prevention approach using ontology in big data. In 17th
IEEE International Conference on High Performance Computing and
Communications, pages 752–757, New York, USA, 2015.
[17] F. Liu, H. Lo, L. Chen, and W. Lee. Comprehensive security
integrated model and ontology within cloud computing. J. of Internet
Technology, 14(6):935–946, 2013.
[18] Yibin Li, Wenyun Dai, Zhong Ming, and Meikang Qiu. Privacy
protection for preventing data over-collection in smart city. IEEE
Transactions on Computers, PP(99):1, 2015.
[19] Z. Duan, P. Chen, F. Sanchez, Y. Dong, M. Stephenson, and J. Barker.
Detecting spam zombies by monitoring outgoing messages. IEEE
Transactions on Dependable and Secure Computing, 9(2):198–210,
2012.
[20] F. Benevenuto, T. Rodrigues, A. Veloso, J. Almeida, M. Gonçalves,
and V. Almeida. Practical detection of spammers and content
promoters in online video sharing systems. IEEE Transactions on
Systems, Man, and Cybernetics, Part B: Cybernetics, 42(3):688–701,
2012.
[21] M. Cha, F. Benevenuto, H. Haddadi, and K. Gummadi. The world
of connections and information flow in twitter. IEEE Transactions
on Systems, Man and Cybernetics, Part A: Systems and Humans,
42(4):991–998, 2012.

311