Information Systems Security

Space-based systems play an important role in our daily life and business. The trend is likely to rely on the use of space based systems in a growing number of services or applications that can be either safety-of-life critical or business and mission-critical. The security measures implemented in space-based systems may turn out to be insufficient to guarantee the information assurance properties, in particular confidentiality (if required by the data policy), availability and integrity of these services/applications. The various and possible cyber-attacks on space segments, ground stations and its control segments are meanwhile well known and experienced in many cases. This paper will first introduce ESA and its constituency, then address the security specific aspects of its space missions. Threats specific to them from the cyberspace will be introduced, and the possible countermeasures briefly addressed. A categorization of the different types of space missions will then lead to the creation of the different protections profiles to be implemented respectively for the different categories.

[1]  Guofei Gu,et al.  BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection , 2008, USENIX Security Symposium.

[2]  F. Piessens,et al.  Requestrodeo: Client Side Protection against Session Riding , 2006 .

[3]  Edgar R. Weippl,et al.  Advanced social engineering attacks , 2015, J. Inf. Secur. Appl..

[4]  Stefan Savage,et al.  Inferring Internet denial-of-service activity , 2001, TOCS.

[5]  Karel Bartos,et al.  Optimized Invariant Representation of Network Traffic for Detecting Unseen Malware Variants , 2016, USENIX Security Symposium.

[6]  Mitsuaki Akiyama,et al.  Empowering Anti-malware Research in Japan by Sharing the MWS Datasets , 2015, J. Inf. Process..

[7]  Venkatesh Choppella,et al.  A Formal Model of Web Security Showing Malicious Cross Origin Requests and Its Mitigation using CORP , 2017, ICISSP.

[8]  Christopher Krügel,et al.  Anomaly detection of web-based attacks , 2003, CCS '03.

[9]  Michalis Faloutsos,et al.  BLINC: multilevel traffic classification in the dark , 2005, SIGCOMM '05.

[10]  Zhuoqing Morley Mao,et al.  Automated Classification and Analysis of Internet Malware , 2007, RAID.

[11]  Jeffrey Dean,et al.  Distributed Representations of Words and Phrases and their Compositionality , 2013, NIPS.

[12]  Wenke Lee,et al.  Detecting Malware Domains at the Upper DNS Hierarchy , 2011, USENIX Security Symposium.

[13]  Masayuki Murata,et al.  Malicious URL sequence detection using event de-noising convolutional neural network , 2017, 2017 IEEE International Conference on Communications (ICC).

[14]  Venkatesh Choppella,et al.  CORP: A Browser Policy to Mitigate Web Infiltration Attacks , 2014, ICISS.

[15]  Babak Rahbarinia,et al.  Segugio: Efficient Behavior-Based Tracking of Malware-Control Domains in Large ISP Networks , 2015, 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.

[16]  Justin Tung Ma,et al.  Learning to detect malicious URLs , 2011, TIST.

[17]  Huajun Huang,et al.  A SVM-based Technique to Detect Phishing URLs , 2012 .

[18]  Steven C. H. Hoi,et al.  Cost-sensitive online active learning with application to malicious URL detection , 2013, KDD.

[19]  Anshul Arora,et al.  Minimizing Network Traffic Features for Android Mobile Malware Detection , 2017, ICDCN.

[20]  Leyla Bilge,et al.  Disclosure: detecting botnet command and control servers through large-scale NetFlow analysis , 2012, ACSAC '12.

[21]  Christopher Krügel,et al.  Nazca: Detecting Malware Distribution in Large-Scale Networks , 2014, NDSS.

[22]  Roberto Perdisci,et al.  WebWitness: Investigating, Categorizing, and Mitigating Malware Download Paths , 2015, USENIX Security Symposium.

[23]  Heejo Lee,et al.  Detecting Malicious Web Links and Identifying Their Attack Types , 2011, WebApps.

[24]  Roberto Perdisci,et al.  From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware , 2012, USENIX Security Symposium.

[25]  Mamoru Mimura,et al.  A Practical Experiment of the HTTP-Based RAT Detection Method in Proxy Server Logs , 2017, 2017 12th Asia Joint Conference on Information Security (AsiaJCIS).

[26]  Salvatore J. Stolfo,et al.  Anomalous Payload-Based Network Intrusion Detection , 2004, RAID.

[27]  Sarah Richardson,et al.  History on the World Wide Web , 2005 .

[28]  Paul C. van Oorschot,et al.  SOMA: mutual approval for included content in web pages , 2008, CCS.

[29]  Nick Feamster,et al.  Building a Dynamic Reputation System for DNS , 2010, USENIX Security Symposium.

[30]  Drummond Reed,et al.  OpenID 2.0: a platform for user-centric identity management , 2006, DIM '06.

[31]  Haoyu Song,et al.  Toward Advocacy-Free Evaluation of Packet Classification Algorithms , 2011, IEEE Transactions on Computers.

[32]  Jimmy Ba,et al.  Adam: A Method for Stochastic Optimization , 2014, ICLR.

[33]  Mike Shema Cross-Site Scripting , 2010 .

[34]  Ninghui Li,et al.  Using probabilistic generative models for ranking risks of Android apps , 2012, CCS.

[35]  Ninghui Li,et al.  Defeating Cross-Site Request Forgery Attacks with Browser-Enforced Authenticity Protection , 2009, Financial Cryptography.

[36]  Quoc V. Le,et al.  Distributed Representations of Sentences and Documents , 2014, ICML.

[37]  Anirban Mahanti,et al.  Traffic classification using clustering algorithms , 2006, MineNet '06.