• PDF / 1,009,684 Bytes
• 25 Pages / 595.276 x 790.866 pts Page_size
• 100 Downloads / 186 Views

DOWNLOAD

REPORT

(0123456789().,-volV)(0123456789(). ,- volV)

Battling against cyberattacks: towards pre-standardization of countermeasures Pantaleone Nespoli1

•

Fe´lix Go´mez Ma´rmol1 • Jorge Maestre Vidal2

Received: 18 May 2020 / Revised: 2 October 2020 / Accepted: 15 October 2020 Ó Springer Science+Business Media, LLC, part of Springer Nature 2020

Abstract Cyberattacks targeting ICT systems are becoming every day more sophisticated and disruptive. Such malevolent actions are performed by ill-motivated entities (governments, states, administrations, etc.), often featuring almost unlimited resources, but also by skilled individuals due to the accessibility of the attacks source code. In this alarming scenario, the selection of the optimal set of countermeasures to fire against those attacks represents a primary necessity. While significant effort has been made toward the standardization of the representation of security-related knowledge such as vulnerabilities, weaknesses, and attacks, the intelligence surrounding the countermeasures field received considerably less attention. The paper at hand aims at contributing to the reaction ecosystem by proposing a standard representation of the countermeasure instances. With such a proposition, we address one of the critical challenges found in the literature, that is, the absence of a commonly-shared definition of remediations. To demonstrate the feasibility of our approach, we present several scenarios where some relevant countermeasures are efficiently enforced, resulting in mitigating the ongoing cyberthreat. Then, the advantages and disadvantages of our proposal are extensively discussed, opening the debate for novel and effective contributions in this research line. Keywords Countermeasure selection  Cyberattack countermeasures  Countermeasure standardization  Intrusion reaction systems  Reaction intelligence sharing

1 Introduction Nowadays, modern ICT systems play a fundamental role in our society. Humans leverage the hyper-connection generated by network infrastructures, being able to reach other individuals, wide knowledge, but also to take advantage of the offered services at astonishing speed [20]. Additionally, the great advance of information technology has been relevant also for the industry, witnessing increasing incomes & Pantaleone Nespoli [email protected] Fe´lix Go´mez Ma´rmol [email protected] Jorge Maestre Vidal [email protected] 1

Department of Information and Communications Engineering, University of Murcia, 30100 Murcia, Spain

2

Digital Labs, Indra, Av. de Bruselas, 35, Alcobendas, 28108 Madrid, Spain

thanks to the constant tech development [8]. To this extent, the rise of disruptive technologies (e.g., Blockchain) and paradigms [e.g., Internet of Things (IoT)] has opened the path to great contributions [41], but also poses several challenges [50]. Nevertheless, such strong technology dependence may entail negative consequences. In the era of modern ICT systems, companies and individuals face a continuously rising number of cyberattacks from ill-moti

Recommend Documents

Classical Countermeasures Against Differential Fault Analysis

207 87 512KB

Analysis of Countermeasures Against Access Driven Cache Attacks on AES

160 38 229KB

Countermeasures

193 15 47MB

Sweden: Battling for Values

142 27 3MB

Countermeasures

177 56 21MB

Simulation of Cyberattacks in ITS-G5 Systems

162 104 29MB

On Robustness and Countermeasures of Reliable Server Pooling Systems Against Denial of Service Attacks

176 16 30MB

Spoofing Countermeasures

147 12 47MB

Biodiversity Loss and Countermeasures

183 62 38MB

Basic research on countermeasures against barium sulfate aggregation using a gastric phantom

170 34 1012KB

Time-varying effects of cyberattacks on firm value

175 80 774KB

Desertification: Causes and Countermeasures

181 70 38MB