Recently, with the growing number of cyber-attacks and the constant lack of effective and state-of-art defense methods, cyber risks become ubiquitous in enterprise networks, manufacturing plants, and government computer systems. Cyber-insurance has become one of the major ways to mitigate the risks as it can transfer the cyber-risks to insurance companies and improve the security status of the ...

Cyber insurance is a valuable approach to mitigate further the cyber risk and its loss in addition to the deployment of technological cyber defense solutions such as intrusion detection systems and firewalls. An effective cyber insurance policy can reduce the number of successful cyber attacks by incentivizing the adoption of preventative measures and the implementation of best practices of the...

Today’s cyber-attacks towards enterprise networks often un­ dermine and even fail the mission assurance of victim net­ works. Mission cyber resilience (or active cyber defense) is critical to prevent or minimize negative consequences to­ wards missions. Without effective mission impact assess­ ment, mission cyber resilience cannot be really achieved. However, there is an overlooked gap between ...

As part of the smart grid development, more and more technologies are developed and deployed on the power grid to enhance the system reliability. A primary purpose of the smart grid is to significantly increase the capability of computer-based remote control and automation. As a result, the level of connectivity has become much higher, and cyber security also becomes a potential threat to the c...

The past few years have seen significant increase in cyber attacks on the Internet, resulting in degraded confidence and trusts in the use of the Internet and computer systems. The cyber attacks are becoming more sophisticated, spreading quicker, and causing more damage. Attacks originally exploited the weakness of individual protocols and systems, but now start to target the basic infrastructu...

A great security posture inherently requires that cyber operations employ the latest discoveries in emerging security research to keep in step with trends in attack methodologies. The most trenchant cyber security research to date employs actual network data to ensure sensing algorithms and defense methodologies are effective in real-world scenarios. This approach often requires discernments to...

In response to the growing number and variety of cyber threats, the government, military, and industry are widely employing network emulation environments for cyber capability testing and cyber warfare training. These “cyber ranges” have been increasing in size and complexity to model the high-volume network traffic and sophisticated attacks seen on the Internet today. For cyber ranges to opera...

Security of cyber-physical systems (CPS) continues to pose new challenges due the tight integration and operational complexity cyber physical components. To address these challenges, this article presents a domain-aware, optimization-based approach determine an effective defense strategy for CPS in automated fashion—by emulating strategic adversary loop that exploits system vulnerabilities, int...

This article considers the design and analysis of multiple moving target defenses for recognizing isolating attacks on cyber-physical systems. We consider attackers who perform integrity some set sensors actuators in a control system. In such cases, it has been shown that model aware adversary can carefully attack vectors to bypass bad data detection identification filters while causing damage ...