Search
Search results for: information security
-
International Conference on Information Theoretic Security
Conferences -
Computational Intelligence in Security for Information Systems
Conferences -
International Conference on Security of Information and Networks
Conferences -
International Conference on Information Systems Security
Conferences -
Australian Information Warfare and Security Conference
Conferences -
International Symposium on Information Assurance and Security
Conferences -
International Workshop on Security in Information Systems
Conferences -
Asia Conference on Information, Computer and Communications Security (ACM Symposium on Information, Computer and Communications Security)
Conferences -
Immersive Technologies that Aid Additive Manufacturing Processes in CBRN Defence Industry
PublicationTesting unique devices or their counterparts for CBRN (C-chemical, B-biological, R-radiological, N-nuclear) defense relies on additive manufacturing processes. Immersive technologies aid additive manufacturing. Their use not only helps understand the manufacturing processes, but also improves the design and quality of the products. This article aims to propose an approach to testing CBRN reconnaissance hand-held products developed...
-
Workshop on Australasian Information Security, Data Mining and Web Intelligence, and Software Internationalisation
Conferences -
International Workshop on Critical Information Infrastructures Security
Conferences -
International Conference on Information Systems Security and Privacy
Conferences -
Conference on Security in Network Architectures and Information Systems
Conferences -
Joint Working Conference on Secure Information Networks: Communications and Multimedia Security
Conferences -
Security Evaluation of IT Systems Underlying Critical Networked Infrastructures
PublicationCritical infrastructures have become highly dependent on information and communication technology (ICT). The drawback of this situation is that the consequences of disturbances of the underlying ICT networks may be serious as cascading effects can occur. This raises a high demand for security assurance, with a high importance assigned to security evaluations. In this paper we present an experiment-centric approach for the characterisation...
-
Cost assessment of computer security activities
PublicationComprehensive cost-benefit analysis plays a crucial role in the decision-making process when it comes to investments in information security solutions. The cost of breaches needs to be analysed in the context of spending on protection measures. However, no methods exist that facilitate the quick and rough prediction of true expenditures on security protection systems. Rafal Leszczyna of Gdansk University of Technology presents...
-
Agents in Simulation of Cyberattacks to Evaluate Security of Critical Infrastructures
PublicationIn the last years critical infrastructures have become highly dependent on the information technologies and exposed to cyberattacks. Because the effects of the attacks can be detrimental, it is crucial to comprehensively asses the security of the infrastructures' information systems. This chapter describes MAlSim - the simulator of malicious software based on software agents, developed for the needs of a testbed for critical infrastructures...
-
Rafał Leszczyna dr hab. inż.
PeopleDr hab. Rafal Leszczyna is an associate professor at Gdansk University of Technology, Faculty of Management and Economics. He holds the M.Sc. degrees of Computer Science and Business Management. In December, 2006 he earned a Ph.D. in Computer Science, specialisation - Computer Security at the Faculty of Electronics, Telecommunications and Informatics of Gdansk University of Technology. Between 2004 and 2008 he worked in the European...
-
Determining and verifying the safety integrity level with security aspects
PublicationSafety and security aspects consist of two different group of functional requirements for the control and protection systems. It is the reason why the analyses of safety and security shouldnt be integrated directly. The paper proposes extension of the currently used methods of functional safety analyses. It can be done with inclusion of the level of information security assigned to the technical system. The article addresses some...
-
Security Assessment of a Turbo-Gas Power Plant
PublicationCritical infrastructures are exposed to new threats due to the large number of vulnerabilities and architectural weaknesses introduced by the extensive use of information and communication technologies. This paper presents the results of an exhaustive security assessment for a turbo-gas power plant.
-
Integrated functional safety and cyber security analysis
PublicationThe chapter is devoted some important issues of the functional safety analysis, in particular the safety integrity level (SIL) verification of safety functions to be implemented within the distributed control and protection systems with regard to security aspects. A method based on quantitative and qualitative information is proposed for the SIL (IEC 61508, 61511) verification with regard of the evaluation assurance levels (EAL)...
-
A Set of Experience-Based Smart Synergy Security Mechanism in Internet of Vehicles
PublicationIn this article, we introduce a novel security mechanism, the Smart Synergy Security (3S). The mechanism uses the Set of Experience Knowledge Structure (SOEKS) and the synergy of security methods in different domains to provide the global optimal security strategy. The proposed strategy is taking into account the characteristics of information security (i.e. confidentiality, integrity, availability, controllability, and reviewability)...
-
Security ontology construction and integration
PublicationThere are many different levels on which we can examine security. Each one is different from others, all of them are dependent on the context. Hence the need to bear additional knowledge enabling efficient utilization of the knowledge by the computers. Such information can be provided by ontologies. The paper presentsgathered requirements needed to be taken into account when creating an ontology. The method of ontology creation...
-
Jerzy Konorski dr hab. inż.
PeopleJerzy Konorski received his M. Sc. degree in telecommunications from Gdansk University of Technology, Poland, and his Ph. D. degree in computer science from the Polish Academy of Sciences, Warsaw, Poland. In 2007, he defended his D. Sc. thesis at the Faculty of Electronics, Telecommunications and Informatics, Gdansk University of Technology. He has authored over 150 papers, led scientific projects funded by the European Union,...
-
Wybrane problemy ochrony żeglugi (Maritime Security)
Publicationprzedstawiono zagadnienia ochrony żeglugi w aspekcie uwarunkowań związanych z radiokomunikacją morską. Opisano Międzynarodowy Kodeks Ochrony Statków i Urządzeń Portowych - ISPS (International Ship and Port Facility Security Code) i Statkowy System Alarmowania - SSAS (Ship Security Alert System) oraz także scharakteryzowano system AIS (Automated Information System) i System Identyfikacji i Śledzenia Dalekiego Zasięgu - LRIT (Long...
-
User Trust Levels and Their Impact on System Security and Usability
PublicationA multilateral trust between a user and a system is considered. First of all we concentrate on user trust levels associated with the context-oriented CoRBAC model. Consequently, there were computed user profiles on the basis of its implementation in the information processing system “My GUT”. Furthermore, analysis of these profiles and the impact of user trust levels on system security and usability have been discussed.
-
Integrated approach for functional safety and cyber security management in maritime critical infrastructures
PublicationThe work is devoted important issues of the management in maritime critical infrastructure of functional safety analysis, in particular the safety integrity level (SIL) verification of safety functions to be implemented within the distributed control and protection systems with regard to cyber security aspects. A method based on quantitative and qualitative information is proposed for the SIL (IEC 61508, 61511) verification with...
-
Redesign of the Research Platform for Monitoring, Control and Security of Critical Infrastructure Systems
PublicationCritical Infrastructure Systems (CISs) play a key role in modern societies. Their sustainable operation depends heavily on the performance of dedicated structures and algorithms targeting monitoring, control and security aspects. In previous work a Research Platform (RP) for the design and simulation of such systems was presented. This works updates the information on the RP through the description of major hardware and software...
-
Security of Cryptocurrencies: A View on the State-of-the-Art Research and Current Developments
Publication[Context] The goal of security is to protect digital assets, devices, and services from being disrupted, exploited or stolen by unauthorized users. It is also about having reliable information available at the right time. [Motivation] Since the inception in 2009 of the first cryptocurrency, few studies have been undertaken to analyze and review the state-of-the-art research and current developments with respect to the security...
-
Mobile Security: Threats and Best Practices
PublicationCommunicating mobile security threats and best practices has become a central objective due to the ongoing discovery of new vulnerabilities of mobile devices. To cope with this overarching issue, the goal of this paper is to identify and analyze existing threats and best practices in the domain of mobile security. To this extent, we conducted a literature review based on a set of keywords. The obtained results concern recognizable...
-
Simulating Malware with MAlSim
PublicationThis paper describes MAlSim - Mobile Agent Malware Simulator - a mobile agent framework developed to address one of the most important problems related to the simulation of attacks against information systems i.e. the lack of adequate tools for reproducing behaviour of malicious software (malware). The framework can be deployed over the network of an arbitrary information system and it aims at simulating behaviour of each instance...
-
Simulating malware with MAlSim
PublicationThis paper describes MAlSim - Mobile Agent Malware Simulator - a mobile agent framework developed to address one of the most important problems related to the simulation of attacks against information systems, i.e. the lack of adequate tools for reproducing behaviour of malicious software (malware). The framework can be deployed over the network of an arbitrary information system and it aims at simulating behaviour of each instance...
-
Secure access control and information protection mechanisms in radio system for monitoring and acquisition of data from traffic enforcement cameras
PublicationThe study presents the architecture of the Radio System for Monitoring and Acquisition of Data from Traffic Enforcement Cameras (in short: RSMAD), particularly concerning access control and protection of confidential data. RSMAD security structure will be discussed in relation to network security issues. Additionally, the paper presents the results of the work associated with the modelling of potential threats to system security.
-
Information-driven network resilience: Research challenges and perspectives
PublicationInternet designed over 40 years ago was originally focused on host-to-host message delivery in a best-effort manner. However, introduction of new applications over the years have brought about new requirements related with throughput, scalability, mobility, security, connectivity, and availability among others. Additionally, convergence of telecommunications, media, and information technology was responsible for transformation...
-
Safety integrity level verification for safety-related functions with security aspects
PublicationThe article is devoted some important issues of the functional safety analysis, in particular the safetyintegrity level (SIL) verification of safety functions to be implemented within the distributed controland protection systems with regard to cyber security aspects. The procedure for functional safety man-agement includes hazard identification, risk analysis and assessment, specification of overall safetyrequirements and definition...
-
Clustering Context Items into User Trust Levels
PublicationAn innovative trust-based security model for Internet systems is proposed. The TCoRBAC model operates on user profiles built on the history of user with system interaction in conjunction with multi-dimensional context information. There is proposed a method of transforming the high number of possible context value variants into several user trust levels. The transformation implements Hierarchical Agglomerative Clustering strategy....
-
Threat intelligence platform for the energy sector
PublicationIn recent years, critical infrastructures and power systems in particular have been subjected to sophisticated cyberthreats, including targeted attacks and advanced persistent threats. A promising response to this challenging situation is building up enhanced threat intelligence that interlinks information sharing and fine-grained situation awareness. In this paper a framework which integrates all levels of threat intelligence...
-
Janusz Górski prof. dr hab. inż.
People -
Systems engineering approach to functional safety and cyber security of industrial critical installations
PublicationThis chapter addresses the systems engineering approach to integrated functional safety and cybersecurity analysis and management regarding selected references, standards and requirements concerning critical installations and their industrial automation and control system (IACS). The objective is to mitigate the vulnerability of industrial installations that include the information technology (IT) and the operational technology...
-
Systems engineering approach to functional safety and cyber security of industrial critical installations
PublicationThis chapter addresses the systems engineering approach to integrated functional safety and cybersecurity analysis and management regarding selected references, standards and requirements concerning critical installations and their industrial automation and control system (IACS). The objective is to mitigate the vulnerability of industrial installations that include the information technology (IT) and the operational technology...
-
Enhancing Security of Advanced Metering Infrastructure by Introducing Threshold Attendance Protocol
PublicationThe industry pushes towards smart grid systems in order to resolve current limitations of the unidirectional legacy power grid infrastructure. By introducing Advanced Metering Infrastructure (AMI) as an integral part of the smart grid solution, the utility company obtains an invaluable tool to optimize its network, lower the operational costs, and improve quality of service. Unfortunately, introducing two-way communication poses...
-
Situational Awareness Network for the Electric Power System: the Architecture and Testing Metrics
PublicationThe contemporary electric power system is highly dependent on Information and Communication Technologies which results in its exposure to new types of threats, such as Advanced Persistent Threats (APT) or Distributed-Denial-of-Service (DDoS) attacks. The most exposed components are Industrial Control Systems in substations and Distributed Control Systems in power plants. Therefore, it is necessary to ensure the cyber security of...
-
AUTONOMOUS PLATFORM TO PROTECT MARITIME INFRASTRUCTURE FACILITIES
PublicationProblems regarding the security of maritime infrastructure, especially harbours and offshore infrastructure, are currently a very hot topic. Due to these problems, there are some research projects in which the main goal is to decrease the gap and improve the methods of observation in the chosen area, for both in-air and underwater areas. The main goal of the paper is to show a new complex system for improving the security of the...
-
Business continuity management framework for Industry 4.0 companies regarding dependability and security of the ICT and ICS/SCADA system
PublicationThis chapter addresses a business continuity management (BCM) framework for the Industry 4.0 companies including the organizational and technical solutions, regarding the dependability and security of the information and telecommunication technology (ICT), and the industrial control system (ICS) / supervisory control and data acquisition (SCADA) system. These technologies and systems play nowadays important roles in modern advanced...
-
Paweł Lubomski dr inż.
PeoplePaweł Lubomski is the director of the IT Services Centre at the Gdańsk University of Technology. He is responsible for developing and maintaining the central information systems of the university. He is also in charge of the R&D team and works on new approaches to IT systems’ protection. He also acts as the project manager of two big innovative IT projects co-financed by the European Funds. He received a PhD degree in computer...
-
Evaluation of Open Source SIEM for Situation Awareness Platform in the Smart Grid Environment
PublicationThe smart grid as a large-scale system of systems has an exceptionally large surface exposed to cyber-attacks, including highly evolved and sophisticated threats such as Advanced Persistent Threats (APT) or Botnets. When addressing this situation the usual cyber security technologies are prerequisite, but not sufficient. The smart grid requires developing and deploying an extensive ICT infrastructure that supports significantly...
-
ENISA Study: Challenges in Securing Industrial Control Systems
PublicationIn 2011, the European Network and Information Security Agency (ENISA) conducted a study in the domain of Industrial Control Systems (ICS). Its objective was to obtain the current view on the ICS protectionprimarily in Europe but also in the international context. The portrait' included threats, risks, and challenges in the area of ICS protection as well as national, pan European, and international initiatives on ICS security. The...
-
Cybersecurity and Privacy in Standards for Smart Grids – a Comprehensive Survey
PublicationResilient information and communications technologies are a prerequisite for reliable operation of smart grid. In recent years, many standards for the new form of electricity network have been proposed, which results in operators and other smart grid stakeholders having difficulties in finding the documents which can be related to their particular problems. The purpose of this paper is to bring in all smart grid standards that...
-
Horizon Europe proposals - Administrative Part
Open Research DataThe dataset contains data collected during the HE National Contact Point training on Oct. 12, 2022, reg. the administrative part of Horizon Europe grant proposals. The data set includes presentations concerning administrative forms of 2022 proposals and their content, including participant data; information about abstract writing, keyword choice and...
-
Koncepcja platformy wymiany informacji o incydentach cyberbezpieczeństwa dla krajowego systemu elektroenergetycznego
PublicationArtykuł opisuje wybrane zagadnienia związane z cyberbezpieczeństwem w sektorze elektroenergetyki. Jednym z elementów zapewniania bezpieczeństwa sieci elektro-energetycznej jest efektywna wymiana informacji o incydentach bezpieczeństwa. W jej ramach wszystkie zaangażowane podmioty systemu elektroenergetycznego, tj.: elektrownie, operatorzy systemów przesyłowych, operatorzy systemów dystrybucyjnych, dostawcy rozwiązań bezpieczeństwa,...