Aplicación de técnicas matemáticas e ingeniería a la ciberseguridad

DOI: https://doi.org/10.26439/ciis2021.5575
Palabras clave: ingeniería en ciberseguridad, análisis de ciberamenazas, modelado de ciberamenazas, modelado matemático

Resumen

Si bien existen muchos enfoques de la ciberseguridad, es común que esos enfoques sean al menos algo ad hoc o subjetivos. La ciberseguridad necesita un riguroso enfoque matemático y de ingeniería. Esto se puede aplicar para abordar problemas de seguridad, evaluar controles de seguridad e investigar brechas de seguridad. El documento actual mapea el uso de herramientas de ingeniería y matemáticas con fines de ciberseguridad

Descargas

La descarga de datos todavía no está disponible.

Biografía del autor/a

Chuck Easttom, Georgetown University Plano, TX, Estados Unidos de América

Doctor en Ciencias (D.Sc.) en Ciberseguridad, doctor en Nanotecnología, doctor en Ciencias de la Computación y magíster en Ciencias de la Computación Aplicadas, en Educación y en Ingeniería de Sistemas. Miembro sénior del Instituto de Ingenieros Eléctricos y Electrónicos (IEEE) y de la Asociación de Maquinaria de Computación (ACM). Orador distinguido de la ACM y visitante distinguido del IEEE. Profesor contratado (adjunct professor) en la Universidad de Georgetown y la Universidad de Dallas.

Citas

Ahmadian, S., Tang, X., Malki, H. A., & Han, Z. (2019). Modelling cyber attacks on electricity market using mathematical programming with equilibrium constraints. IEEE Access, 7, 27376-27388. https://doi.org/10.1109/ACCESS.2019.2899293

Allodi, L., & Massacci, F. (2013). How CVSS is DOSsing your patching policy (and wasting your money). BlackHat USA.

Beynon-Davies, P. (2016). Information Systems Development: an introduction to information systems engineering. Macmillan International Higher Education.

Bollobás, B. (2013). Graduate Texts in Mathematics: Modern graph theory. Springer Science & Business Media.

Chokkalingam, B., Raja, V., Anburaj, J., Immanual, R., & Dhineshkumar, M. (2017). Investigation of Shrinkage Defect in Castings by Quantitative Ishikawa Diagram. Archives of Foundry Engineering, 17(1), 174-178. https://doi.org/10.1515/afe-2017-0032

Clifton, E. (2020). A Brief Review on the Application of Lanchester’s Models of Combat in Nonhuman Animals. Ecological Psychology, 32(4), 181-191. https://doi.org/10.1080/10407413.2020.1846456

Dongre, S., Mishra, S., Romanowski, C., & Buddhadev, M. (2019). Quantifying the Costs of Data Breaches. In J. Staggs & S. Shenoi (Eds.), Critical Infrastructure Protection XIII (pp. 3-16). Springer, Cham. https://doi.org/10.1007/978-3-030-34647-8_1

Dupont, B. (2019). The ecology of cybercrime. In R. Leukfeldt & T. J. Holt (Eds.), The human factor of cybercrime (pp. 389-407). Routledge.

Easttom, C. (2018). A Systems Approach to Indicators of Compromise Utilizing Graph Theory. 2018 IEEE International Symposium on Technologies for Homeland Security, 1-6. doi.org/10.1109/THS.2018.8574187

Easttom, C. (2019). Incorporating Cybersecurity Engineering within the Discipline of Systems Engineering [Master’s thesis, University of Texas at El Paso]. Open Access Theses & Dissertations. Retrieved from https://scholarworks.utep.edu/open_etd/62/

Easttom, C. (2020). Mathematically Modeling Cyber-Attacks Utilizing Engineering Techniques. 15th International Conference on Cyber Warfare and Security (ICCWS).

Easttom, C. (2021). Mathematically Modeling Victim Selection in Cybercrimes. 16th International Conference on Cyber Warfare and Security (ICCW).

Elsadany, A.A., Matouk, A.E. Dynamical Behaviors of Fractional-Order Lotka–Volterra Predator-Prey Model and its Discretization. J. Appl. Math. Comput. 49, 269–283 (2015). https://doi.org/10.1007/s12190-014-0838-6

Engel, A. (2010). Verification, validation and testing of engineered systems. John Wiley & Sons. Fernald, D. G. (2020, January). US Army Software System Safety Process, Case-Study, and Success Stories. 2020 Annual Reliability and Maintainability Symposium (RAMS), 1-6. https://doi.org/10.1109/RAMS48030.2020.9153623

Feutrill, A., Ranathunga, D., Yarom, Y., & Roughan, M. (2018). The Effect of Common Vulnerability Scoring System Metrics on Vulnerability Exploit Delay. 2018 Sixth International Symposium on Computing and Networking (CANDAR), 1-10. https://doi.org/10.1109/CANDAR.2018.00009

Franklin, B. D., Shebl, N. A., & Barber, N. (2012). Failure Mode and Effects Analysis: too Little for too Much? BMJ Quality Safety, 21(7), 607-611. https://doi.org/10.1136/bmjqs-2011-000723

Frigault, M., Wang, L., Jajodia, S., & Singhal, A. (2017). Measuring the Overall Network Security by Combining CVSS Scores Based on Attack Graphs and Bayesian Networks. In L. Wang, S. Jajodia & A. Singhal (Eds.), Network Security Metrics (pp. 1-23). Springer, Cham. https://doi.org/10.1007/978-3-319-66505-4_1

Gandal, N., Riordan, M. H., & Bublil, S. (2020). A New Approach to Quantifying, Reducing and Insuring Cyber Risk: Preliminary Analysis and Proposal for Further Research. Centre for Economic Policy Research. https://doi.org/10.2139/ssrn.3548380

Jamieson, W. T., & Reis, J. (2018). Global Behaviour for the Classical Nicholson–Bailey Model. Journal of Mathematical Analysis and Applications, 461(1), 492-499. https://doi.org/10.1016/j.jmaa.2017.12.071

Sarif Hassan, Sk., Ahluwalia, D., Maddali, R. K., & Manglik, M. (2018). Computational Dynamics of the Nicholson-Bailey models. The European Physical Journal Plus, 133(9), 349. https://doi.org/10.1140/epjp/i2018-12164-1

Holland, J. N., DeAngelis, D. L., & Bronstein, J. L. (2002). Population Dynamics and Mutualism: Functional Responses of Benefits and Costs. The American Naturalist, 159(3), 231-244. https://doi.org/10.1086/338510

Holm, H., & Afridi, K. K. (2015). An Expert-Based Investigation of the Common Vulnerability Scoring System. Computers & Security, 53, 18-30. https://doi.org/10.1016/j.cose.2015.04.012

Hyeon, C., & Aurelia, S. (2020, October). Enhancement of Efficiency of Military Cloud Computing using Lanchester Model. 2020 Fourth International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC), 960-964. https://doi.org/10.1109/I-SMAC49090.2020.9243515

Khan, R., McLaughlin, K., Laverty, D., & Sezer, S. (2017). STRIDE-Based Threat Modeling for CyberPphysical Systems. 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe), 1-6. https://doi.org/10.1109/ISGTEurope.2017.8260283

Klipp, E., Liebermeister, W., Wierling, C., & Kowald, A. (2016). Systems Biology: a Textbook (2nd ed.). Wiley.

Kress, M. (2020). Lanchester Models for Irregular Warfare. Mathematics, 8(5), 737. https://doi.org/10.3390/math8050737

Liliana, L. (2016). A New Model of Ishikawa Diagram for Quality Assessment. IOP Conference Series: Materials Science and Engineering, 161. https://doi.org/10.1088/1757-899x/161/1/012099

Mazurczyk, W., Drobniak, S., & Moore, S. (2016). Towards a Systematic View on Cybersecurity Ecology. In B. Akhgar & B. Brewster (Eds.), Combatting Cybercrime and Cyberterrorism (pp. 17-37). Springer, Cham. https://doi.org/10.1007/978-3-319-38930-1_2

Naagas, M. A., & Palaoag, T. D. (2018). A Threat-Driven Approach to Modeling a Campus Network Security. Proceedings of the 6th International Conference on Communications and Broadband Networking, 6-12. https://doi.org/10.1145/3193092.3193096

Modarres, M., Kaminskiy, M. P., & Krivtsov, V. (2016). Reliability Engineering and Risk Analysis: a Practical Guide (3rd ed.). CRC press. https://doi.org/10.1201/9781315382425

Momeni, B., Xie, L., & Shou, W. (2017). Lotka-Volterra Pairwise Modeling Fails to Capture Diverse Pairwise Microbial Interactions. ELife, 6. https://doi.org/10.7554/elife.25051

Nguyen, D. H., & Yin, G. (2017). Coexistence and Exclusion of Stochastic Competitive Lotka–Volterra Models. Journal of Differential Equations, 262(3), 1192-1225. https://doi.org/10.1016/j.jde.2016.10.005

Sanfilippo, J., Abegaz, T., Payne, B., & Salimi, A. (2019). STRIDE-Based Threat Modeling for MySQL Databases. Proceedings of the Future Technologies Conference, 368-378. https://doi.org/10.1007/978-3-030-32523-7_25

Singh, U. K., & Joshi, C. (2016). Quantitative Security Risk Evaluation Using CVSS Metrics by Estimation of Frequency and Maturity of Exploit. Proceedings of the World Congress on Engineering and Computer Science, 1, 170-175.

Suo, D., Renda, M. E., & Zhao, J. (2021). Quantifying the Tradeoff Between Cybersecurity and Location Privacy. arXiv. https://arxiv.org/abs/2105.01262

Vaidyanathan, S. (2015). Adaptive Biological Control of Generalized Lotka-Volterra Three-Species Biological System. International Journal of PharmTech Research, 8(4), 622-631. Applying Mathematics and Engineering Techniques to Cyber Security / Easttom van den Hooven, C. (2020). Quantitative Risk Calculation in Cybersecurity: The Value of Quantifying Risk. ISSA Journal, 18(10).

Wang, W., Yang, D., & Luo, Y. (2013). The Laplacian Polynomial and Kirchhoff Index of Graphs Derived from Regular Graphs. Discrete Applied Mathematics, 161(18), 3063-3071. https://doi.org/10.1016/j.dam.2013.06.010

Yaqoob, I., Hashem, I. A. T., Ahmed, A., Kazmi, S. A., & Hong, C. S. (2019). Internet of Things Forensics: Recent Advances, Taxonomy, Requirements, and Open Challenges. Future Generation Computer Systems, 92, 265-275. https://doi.org/10.1016/j.future.2018.09.058

Wasson, C. S. (2015). System Engineering Analysis,Design, and Development: Concepts, Principles, and Practices (2nd ed.). John Wiley & Sons

Publicado
2021-12-22
Cómo citar
Easttom, C. (2021). Aplicación de técnicas matemáticas e ingeniería a la ciberseguridad. Actas Del Congreso Internacional De Ingeniería De Sistemas, 33-48. https://doi.org/10.26439/ciis2021.5575
Número
Actas del Congreso Internacional de Ingeniería de Sistemas 2021: Sociedad digital: retos y opotunidades de una nueva realidad
Sección
Conferencias magistrales

Derechos de autor 2021 Actas del Congreso Internacional de Ingeniería de Sistemas

Creative Commons License
Esta obra está bajo licencia internacional Creative Commons Reconocimiento 4.0.