This paper presents the development of a Supervisory Control and Data Acquisition (SCADA) system testbed used for cybersecurity research. The testbed consists of a water storage tank's control system, which is a stage in the process of water treatment and distribution. Sophisticated cyber-attacks were conducted against … [Read more...] about SCADA System Testbed for Cybersecurity Research Using Machine Learning Approach
Security
Man-on-the-Side Attacks (MotS) in SCADA Networks
Peter Maynard and Kieran McLaughlin describe a new class of packet injection attacks called Man-on-the-Side Attacks (MotS), previously only seen where state actors have "compromised" a number of telecommunication companies. MotS injection attacks have not been widely investigated in scientific literature, despite … [Read more...] about Man-on-the-Side Attacks (MotS) in SCADA Networks
The Future of Network Security Is In The Cloud
Digital business transformation inverts network and security service design patterns, shifting the focal point to the identity of the user and/or device — not the data center. Security and risk management leaders need a converged cloud-delivered secure access service edge to address this shift. Key F … [Read more...] about The Future of Network Security Is In The Cloud
Guide to Computer Network Security Free On Springer
Guide to Computer Network Security (Fourth Edition) by Joseph Migga Kizza is free on Springer! Link: https://link.springer.com or fifth edition on https://www.amazon.com. Description This definitive text/reference on computer network and information security presents a comprehensive guide to the repertoire of … [Read more...] about Guide to Computer Network Security Free On Springer
Layer 2 Security Controls
Secure Shell Protocol (SSH): SSH to secure incoming/outgoing Telnet connections; support of SSHv1 and v2 Secure Sockets Layer (SSL): SSL to encrypt HTTP connections; advanced security for browser-based configuration via web interface IEEE 802.1X: IEEE 802.1X access control on all ports; RADIUS for authentication, … [Read more...] about Layer 2 Security Controls
Introduction to Operational Technology Security (OTSEC)
How To Secure Linux, Nginx, MariaDB, PHP (LEMP stack) on Debian
Information Security Online Courses for Beginners and Professionals
How To Prepare for Certified Information Systems Security Professional (CISSP) Exam
Online Courses CISSP Complete Video Course by Sari Greene CISSP Complete Video Course by Sari Greene contains 24 hours of training with content divided into 9 lessons with 94 video sub-lessons. The videos consist of live trainer discussions, screencasts, animations, and live demos. The video lessons in this course … [Read more...] about How To Prepare for Certified Information Systems Security Professional (CISSP) Exam
Layer 3 Security Controls
Intrusion Prevention: Monitoring and blocking of login attempts and port scans IP Spoofing: Source IP address check on all interfaces: only IP addresses belonging to the defined IP networks are allowed Access control lists (ACLs): Filtering of IP or MAC addresses and preset protocols for configuration access and … [Read more...] about Layer 3 Security Controls