Understanding Adversary Behavior via XAI: Leveraging Sequence Clustering To Extract Threat Intelligence

Understanding the behavior of cyber adversaries provides threat intelligence to security practitioners, and improves the cyber readiness of an organization. With the rapidly evolving threat landscape, data-driven solutions are becoming essential for automatically extracting behavioral patterns from data that are otherwise too time-consuming to...

Quantifying cybercriminal bitcoin abuse

Cybercrime is negatively impacting everybody. In recent years cybercriminal activity has directly affected individuals, companies, governments and critical infrastructure. It has led to significant financial damage, impeded critical infrastructure and harmed human lives. Defending against cybercrime is difficult, as persistent actors perpetually...

Employing Deep Ensemble Learning for Improving the Security of Computer Networks against Adversarial Attacks

In the past few years, Convolutional Neural Networks (CNN) have demonstrated promising performance in various real-world cybersecurity applications, such as network and multimedia security. However, the underlying fragility of CNN structures poses major security problems, making them inappropriate for use in security-oriented applications,...

Policy guidelines to facilitate collective action towards quantum-safety: Recommended policy guidelines to aid and facilitate collective action in migration towards quantum-safe public key infrastructure systems

As the development of quantum computers advances, actors relying on public key infrastructures (PKI) for secure information exchange are becoming aware of the disruptive implications. Currently, governments and businesses employ PKI for many core processes that may become insecure or unavailable when quantum computers break the cryptographic...

SoK: Explainable Machine Learning for Computer Security Applications

Explainable Artificial Intelligence (XAI) aims to improve the transparency of machine learning (ML) pipelines. We systematize the increasingly growing (but fragmented) microcosm of studies that develop and utilize XAI methods for defensive and offensive cybersecurity tasks. We identify 3 cybersecurity stakeholders, i.e., model users, designers,...

Pushing boundaries: An empirical view on the digital sovereignty of six governments in the midst of geopolitical tensions

In just a few years, the issue of “digital sovereignty” has emerged as an important security issue for governments across the globe, reflecting a growing unease about the security risks associated with government services that depend on foreign service providers for digital infrastructure and traffic routing. This work investigates to which...

Red Light/Green Light: A Lightweight Algorithm for, Possibly, Fraudulent Online Behavior Change Detection

Telecommunications services have become a constant in people’s lives. This has inspired fraudsters to carry out malicious activities causing economic losses to people and companies. Early detection of signs that suggest the possible occurrence of malicious activity would allow analysts to act in time and avoid unintended consequences. Modeling...

Adaptive Governance for a Resilient Digital Society

Governments are confronted with all kinds of changes in their digital environment, such as pandemics, fake news, and security breaches. These changes come with many uncertainties and are hard to predict, whereas decisions need to be made quickly to avoid a negative impact. Adaptive governance embraces uncertainty and complexity by enabling...

Statistical Analysis in Cyberspace: Data veracity, completeness, and clustering

This thesis presents several methodological and statistical solutions to problems encountered in cyber security. We investigated the effects of compromised data veracity in state estimators and fraud detection systems, a model to impute missing data in attributes of linked observations, and an unsupervised approach to detect infected machines in...

Supporting human-centered design in psychologically distant problem domains: The design for cybersecurity cards

Increasingly digital products and services make cybersecurity a crucial issue for designers. However, human-centered designers struggle to consider it in their work, partially a consequence of the high psychological distance between designers and cybersecurity. In this work, we build on the Design for Cybersecurity (DfC) Cards, an...

Information availability and data breaches: Data breach notification laws and their effects

In response to evolving cybersecurity challenges, global spending on information security has grown steadily, and could eventually reach a level that is inefficient and unaffordable. A better understanding of new socio-technical-economic complexities around information security is urgently needed, which requires both reconsideration of...

A Basic Set of Mental Models for Understanding and Dealing with the CyberSecurity Challenges of Today

For most people, cybersecurity is a difficult notion to grasp. Traditionally, cybersecurity has been considered a technical challenge, and still many specialists understand it as information security, with the notions of confidentiality, integrity, and availability as its foundation. Although many have searched for different and broader...

A Responsible Internet to Increase Trust in the Digital World

Policy makers in regions such as Europe are increasingly concerned about the trustworthiness and sovereignty of the foundations of their digital economy, because it often depends on systems operated or manufactured elsewhere. To help curb this problem, we propose the novel notion of a responsible Internet, which provides higher degrees of...

Cybersecurity of Critical Infrastructure

This chapter provides a political and philosophical analysis of the values at stake in ensuring cybersecurity for critical infrastructures. It presents a review of the boundaries of cybersecurity in national security, with a focus on the ethics of surveillance for protecting critical infrastructures and the use of AI. A bibliographic analysis...

Grasping cybersecurity: A set of essential mental models

For most people, cybersecurity is a hard to grasp notion. Traditionally, cybersecurity has been considered as a technical challenge and still many specialists view it equivalent with information security, with the notions of confidentiality, integrity and availability as starting points of thinking. And although others searched for a broader...

A Review of Value-Conflicts in Cybersecurity: An assessment based on quantitative and qualitative literature analysis

Cybersecurity is of capital importance in a world where economic and social processes increasingly rely on digital technology. Although the primary ethical motivation of cybersecurity is prevention of informational or physical harm, its enforcement can also entail conflicts with other moral values. This contribution provides an outline of value...