Linked e-resources
Details
Table of Contents
Intro
Cyber Science 2022 Committee
Preface
Sponsors and Partners
Keynote and Industry Panel Speakers
Contents
Contributors
Cyber Threat Intelligence, Ransomware Datasets and Attack Detection
Practical Cyber Threat Intelligence in the UK Energy Sector
1 Introduction
2 Background
2.1 Barriers to CTI Sharing
2.2 Current CTI Sharing in the UK Energy Sector
2.3 Evaluation of Sharing Methods and Platforms
3 Methodology
3.1 Experimental Configuration
3.2 CTI Sharing Models
3.3 Tags and Taxonomies
3.4 Sharing in MISP
4 Verifying Sharing Models
4.1 Source and Subscriber
4.2 Hub and Spoke
4.3 Peer to Peer
4.4 Hybrid
5 Verifying Taxonomies-Events and Tags
6 Discussion
7 Conclusions
7.1 Future Work
References
A Free and Community-Driven Critical Infrastructure Ransomware Dataset
1 Introduction
2 Ransomware Datasets
2.1 Strain-Based Ransomware Datasets
2.2 Detection-Based Ransomware Datasets
2.3 Payment-Based Ransomware Datasets
2.4 The Need for a Critical Infrastructure Ransomware Dataset
3 Critical Infrastructure Ransomware Dataset
3.1 Obtain
3.2 Scrub
3.3 Explore
3.4 Limitations
3.5 Dataset Format, Hosting, and Usage Tracking
4 Requesters and Dataset Use
4.1 Industry
4.2 Government
4.3 Educators
4.4 Students
4.5 Journalists/reporters
5 Incorporating Recommendations to Make the Dataset Community-Driven
5.1 Recommendation 1: Document Modifications (V10.1, August 2020)
5.2 Recommendation 2: MITRE ATT&CK Mapping (V10.1, August 2020)
5.3 Reporting Missing Incidents and the Contributors Tab (V10.4, Oct 2020)
6 Conclusion
6.1 Recommendations that Could not Be Accommodated
References
Criteria for Realistic and Expedient Scenarios for Tabletop Exercises on Cyber Attacks Against Industrial Control Systems in the Petroleum Industry
1 Introduction
2 Background
2.1 Scenario Development
2.2 Characteristics of a Scenario
2.3 Characteristics of a Tabletop Exercise
3 Method
4 Results
4.1 Interview Findings
4.2 List of Criteria
4.3 Example Scenarios
5 Discussion
6 Conclusion
References
CERTs and Maritime Cybersecurity
Exploring the Need for a CERT for the Norwegian Construction Sector
1 Introduction
2 Background
2.1 Challenges Specific to the Construction Sector
2.2 Working Method and Analytical Framework
2.3 Limitations
3 National Frameworks for ICT Security
3.1 Framework for Handling ICT Security Incidents
3.2 Sectoral Response Units
3.3 ICT Security Units (CERT)
3.4 International Collaboration Forums
4 Results from Interviews
4.1 Vulnerabilities
4.2 Incident Management
4.3 Challenges Facing the Industry
4.4 Sector CERT
5 Summary and Conclusions
5.1 The Needs of the Industry
5.2 Organization of an ISAC
References
Cyber Science 2022 Committee
Preface
Sponsors and Partners
Keynote and Industry Panel Speakers
Contents
Contributors
Cyber Threat Intelligence, Ransomware Datasets and Attack Detection
Practical Cyber Threat Intelligence in the UK Energy Sector
1 Introduction
2 Background
2.1 Barriers to CTI Sharing
2.2 Current CTI Sharing in the UK Energy Sector
2.3 Evaluation of Sharing Methods and Platforms
3 Methodology
3.1 Experimental Configuration
3.2 CTI Sharing Models
3.3 Tags and Taxonomies
3.4 Sharing in MISP
4 Verifying Sharing Models
4.1 Source and Subscriber
4.2 Hub and Spoke
4.3 Peer to Peer
4.4 Hybrid
5 Verifying Taxonomies-Events and Tags
6 Discussion
7 Conclusions
7.1 Future Work
References
A Free and Community-Driven Critical Infrastructure Ransomware Dataset
1 Introduction
2 Ransomware Datasets
2.1 Strain-Based Ransomware Datasets
2.2 Detection-Based Ransomware Datasets
2.3 Payment-Based Ransomware Datasets
2.4 The Need for a Critical Infrastructure Ransomware Dataset
3 Critical Infrastructure Ransomware Dataset
3.1 Obtain
3.2 Scrub
3.3 Explore
3.4 Limitations
3.5 Dataset Format, Hosting, and Usage Tracking
4 Requesters and Dataset Use
4.1 Industry
4.2 Government
4.3 Educators
4.4 Students
4.5 Journalists/reporters
5 Incorporating Recommendations to Make the Dataset Community-Driven
5.1 Recommendation 1: Document Modifications (V10.1, August 2020)
5.2 Recommendation 2: MITRE ATT&CK Mapping (V10.1, August 2020)
5.3 Reporting Missing Incidents and the Contributors Tab (V10.4, Oct 2020)
6 Conclusion
6.1 Recommendations that Could not Be Accommodated
References
Criteria for Realistic and Expedient Scenarios for Tabletop Exercises on Cyber Attacks Against Industrial Control Systems in the Petroleum Industry
1 Introduction
2 Background
2.1 Scenario Development
2.2 Characteristics of a Scenario
2.3 Characteristics of a Tabletop Exercise
3 Method
4 Results
4.1 Interview Findings
4.2 List of Criteria
4.3 Example Scenarios
5 Discussion
6 Conclusion
References
CERTs and Maritime Cybersecurity
Exploring the Need for a CERT for the Norwegian Construction Sector
1 Introduction
2 Background
2.1 Challenges Specific to the Construction Sector
2.2 Working Method and Analytical Framework
2.3 Limitations
3 National Frameworks for ICT Security
3.1 Framework for Handling ICT Security Incidents
3.2 Sectoral Response Units
3.3 ICT Security Units (CERT)
3.4 International Collaboration Forums
4 Results from Interviews
4.1 Vulnerabilities
4.2 Incident Management
4.3 Challenges Facing the Industry
4.4 Sector CERT
5 Summary and Conclusions
5.1 The Needs of the Industry
5.2 Organization of an ISAC
References