-
Cyber Deception Reactive: TCP Stealth Redirection to On-Demand Honeypots
Authors:
Pedro Beltran Lopez,
Pantaleone Nespoli,
Manuel Gil Perez
Abstract:
Cybersecurity is develo** rapidly, and new methods of defence against attackers are appearing, such as Cyber Deception (CYDEC). CYDEC consists of deceiving the enemy who performs actions without realising that he/she is being deceived. This article proposes designing, implementing, and evaluating a deception mechanism based on the stealthy redirection of TCP communications to an on-demand honey…
▽ More
Cybersecurity is develo** rapidly, and new methods of defence against attackers are appearing, such as Cyber Deception (CYDEC). CYDEC consists of deceiving the enemy who performs actions without realising that he/she is being deceived. This article proposes designing, implementing, and evaluating a deception mechanism based on the stealthy redirection of TCP communications to an on-demand honey server with the same characteristics as the victim asset, i.e., it is a clone. Such a mechanism ensures that the defender fools the attacker, thanks to stealth redirection. In this situation, the attacker will focus on attacking the honey server while enabling the recollection of relevant information to generate threat intelligence. The experiments in different scenarios show how the proposed solution can effectively redirect an attacker to a copied asset on demand, thus protecting the real asset. Finally, the results obtained by evaluating the latency times ensure that the redirection is undetectable by humans and very difficult to detect by a machine.
△ Less
Submitted 20 February, 2024; v1 submitted 14 February, 2024;
originally announced February 2024.
-
SCORPION Cyber Range: Fully Customizable Cyberexercises, Gamification and Learning Analytics to Train Cybersecurity Competencies
Authors:
Pantaleone Nespoli,
Mariano Albaladejo-González,
José Antonio Pastor Valera,
José A. Ruipérez-Valiente,
Joaquin Garcia-Alfaro,
Félix Gómez Mármol
Abstract:
It is undeniable that we are witnessing an unprecedented digital revolution. However, recent years have been characterized by the explosion of cyberattacks, making cybercrime one of the most profitable businesses on the planet. That is why training in cybersecurity is increasingly essential to protect the assets of cyberspace. One of the most vital tools to train cybersecurity competencies is the…
▽ More
It is undeniable that we are witnessing an unprecedented digital revolution. However, recent years have been characterized by the explosion of cyberattacks, making cybercrime one of the most profitable businesses on the planet. That is why training in cybersecurity is increasingly essential to protect the assets of cyberspace. One of the most vital tools to train cybersecurity competencies is the Cyber Range, a virtualized environment that simulates realistic networks. The paper at hand introduces SCORPION, a fully functional and virtualized Cyber Range, which manages the authoring and automated deployment of scenarios. In addition, SCORPION includes several elements to improve student motivation, such as a gamification system with medals, points, or rankings, among other elements. Such a gamification system includes an adaptive learning module that is able to adapt the cyberexercise based on the users' performance. Moreover, SCORPION leverages learning analytics that collects and processes telemetric and biometric user data, including heart rate through a smartwatch, which is available through a dashboard for instructors. Finally, we developed a case study where SCORPION obtained 82.10% in usability and 4.57 out of 5 in usefulness from the viewpoint of a student and an instructor. The positive evaluation results are promising, indicating that SCORPION can become an effective, motivating, and advanced cybersecurity training tool to help fill current gaps in this context.
△ Less
Submitted 20 February, 2024; v1 submitted 23 January, 2024;
originally announced January 2024.
-
Tackling Cyberattacks through AI-based Reactive Systems: A Holistic Review and Future Vision
Authors:
Sergio Bernardez Molina,
Pantaleone Nespoli,
Félix Gómez Mármol
Abstract:
There is no denying that the use of Information Technology (IT) is undergoing exponential growth in today's world. This digital transformation has also given rise to a multitude of security challenges, notably in the realm of cybercrime. In response to these growing threats, public and private sectors have prioritized the strengthening of IT security measures. In light of the growing security conc…
▽ More
There is no denying that the use of Information Technology (IT) is undergoing exponential growth in today's world. This digital transformation has also given rise to a multitude of security challenges, notably in the realm of cybercrime. In response to these growing threats, public and private sectors have prioritized the strengthening of IT security measures. In light of the growing security concern, Artificial Intelligence (AI) has gained prominence within the cybersecurity landscape. This paper presents a comprehensive survey of recent advancements in AI-driven threat response systems. To the best of our knowledge, the most recent survey covering the AI reaction domain was conducted in 2017. Since then, considerable literature has been published, and therefore, it is worth reviewing it. In this comprehensive survey of the state of the art reaction systems, five key features with multiple values have been identified, facilitating a homogeneous comparison between the different works. In addition, through a meticulous methodology of article collection, the 22 most relevant publications in the field have been selected. Then each of these publications has been subjected to a detailed analysis using the features identified, which has allowed for the generation of a comprehensive overview revealing significant relationships between the papers. These relationships are further elaborated in the paper, along with the identification of potential gaps in the literature, which may guide future contributions. A total of seven research challenges have been identified, pointing out these potential gaps and suggesting possible areas of development through concrete proposals.
△ Less
Submitted 29 May, 2024; v1 submitted 11 December, 2023;
originally announced December 2023.
-
Large-Language-Model-Powered Agent-Based Framework for Misinformation and Disinformation Research: Opportunities and Open Challenges
Authors:
Javier Pastor-Galindo,
Pantaleone Nespoli,
José A. Ruipérez-Valiente
Abstract:
This article presents the affordances that Generative Artificial Intelligence can have in misinformation and disinformation contexts, major threats to our digitalized society. We present a research framework to generate customized agent-based social networks for disinformation simulations that would enable understanding and evaluating the phenomena whilst discussing open challenges.
This article presents the affordances that Generative Artificial Intelligence can have in misinformation and disinformation contexts, major threats to our digitalized society. We present a research framework to generate customized agent-based social networks for disinformation simulations that would enable understanding and evaluating the phenomena whilst discussing open challenges.
△ Less
Submitted 29 April, 2024; v1 submitted 11 October, 2023;
originally announced October 2023.
-
Spotting political social bots in Twitter: A use case of the 2019 Spanish general election
Authors:
Javier Pastor-Galindo,
Mattia Zago,
Pantaleone Nespoli,
Sergio López Bernal,
Alberto Huertas Celdrán,
Manuel Gil Pérez,
José A. Ruipérez-Valiente,
Gregorio Martínez Pérez,
Félix Gómez Mármol
Abstract:
While social media has been proved as an exceptionally useful tool to interact with other people and massively and quickly spread helpful information, its great potential has been ill-intentionally leveraged as well to distort political elections and manipulate constituents. In the paper at hand, we analyzed the presence and behavior of social bots on Twitter in the context of the November 2019 Sp…
▽ More
While social media has been proved as an exceptionally useful tool to interact with other people and massively and quickly spread helpful information, its great potential has been ill-intentionally leveraged as well to distort political elections and manipulate constituents. In the paper at hand, we analyzed the presence and behavior of social bots on Twitter in the context of the November 2019 Spanish general election. Throughout our study, we classified involved users as social bots or humans, and examined their interactions from a quantitative (i.e., amount of traffic generated and existing relations) and qualitative (i.e., user's political affinity and sentiment towards the most important parties) perspectives. Results demonstrated that a non-negligible amount of those bots actively participated in the election, supporting each of the five principal political parties.
△ Less
Submitted 12 October, 2020; v1 submitted 2 April, 2020;
originally announced April 2020.
