izvorni znanstveni rad
This paper aims to explore the cyber deception- based approach and to design a novel conceptual model of hybrid threats which includes deception methods. Security programs primarily focused on prevention- based strategies aimed at stopping attackers from getting into the network. These programs attempt to use hardened perimeters and endpoint defenses by recognizing and blocking malicious activities to detect and stop attackers before they can get in. Most organizations implement such a strategy by fortifying their networks with defense-in-depth through layered prevention controls. Detection controls are usually placed to augment prevention at the perimeter, and not as consistently deployed for in- network threat detection. This architecture leaves detection gaps that are difficult to fill with existing security controls not specifically designed for that role. Rather than using prevention alone, a strategy that attackers have consistently succeeded against, defenders are adopting a more balanced strategy that includes detection and response. Most organizations deploy an intrusion detection system (IDS) or next- generation firewall that picks up known attacks or attempts to pattern match for identification. Other detection tools use monitoring, traffic, or behavioral analysis. These reactive defenses are designed to detect once they are attacked yet often fail. They also have some limitations because they are not designed to catch credential harvesting or attacks based on what appears as authorized access. They are also often seen as complex and prone to false positives, adding to analyst alert fatigue. The security industry has focused recent innovation in finding more accurate ways to recognize malicious activity with technologies such as user and entity behavioral analytics (UEBA), big data, artificial intelligence (AI), and deception. Cyber Deception nowadays provides an opportunity to scare, deter, and retaliate against those that violate organizations' systems. We demonstrate this by designing the novel conceptual model of hybrid threats in hybrid warfare as a combination of multiple conventional and unconventional tools of warfare, which allows responding to security threats. Authors investigate the cyber deception approach for threat detection using deception- based methods along with military education for cybersecurity to achieve it and the role it plays in detecting, identifying, and responding to threats.
cyber attack ; cyber deception ; cyber threats ; hybrid threats model ; resilience
Razvojem virtualizacijskih tehnologija raste kompleksnost IT sustava, dok korisnici istovremeno zahtijevaju brži pristup resursima, napredne integracije i jednostavnost korištenja. Jedno od ključnih rješenja za ove izazove primjena je…
Ovaj rad istražuje i uspoređuje mogućnosti prosljeđivanja grafičkih kartica na Hyper-V i KVM hipervizorima prema virtualnim strojevima, detaljno opisujući metode, postupke i razlike u arhitekturi koje utječu na…
The ever-growing usage and adaptation of HTTP/3 in web traffic leverages Quick UDP Internet Connections (QUIC) as a transport protocol. QUIC is widely recognized for reduced latency, enhanced…
