A Review of Cyber Threats and Defence Approaches in Emergency Management
Abstract
:1. Introduction
1.1. Mitigation
1.2. Preparedness
1.3. Response
1.4. Recovery
2. Overview of Cyber Threats in EM
Technology | Security threat | Impact | Countermeasures |
---|---|---|---|
SMS Messaging | Weak message authentication [21] | Rogue messages transmitted | Adoption of CB [21] |
SMS Flood [21] | Voice network overload, messages lost/delayed/out of order | Adoption of CB [21] | |
Cell Broadcast (CB) | Weak message authentication [21] | Rogue messages transmitted | Encryption [22,23] |
Control channel jamming [24,25] | Loss of availability | Antijamming mechanisms [24,26] | |
Amateur Radio | Fake GSM and other stations [27] | Calls spoofed/intercepted | No known solutions |
Professional Mobile Radio | TETRA authentication key cloning [28] | TETRA authentication process compromised | No known solutions |
Radio location privacy attack [29] | P25 Location privacy breached | No known solutions | |
Physical layer jamming [29] | P25 Denial of service | No known solutions | |
Brute Force Key recovery [30] | P25 authentication process compromised | No known solutions | |
Satellite Communications | Weak satellite phone encryption [31] | Interception of calls | No known solutions |
Satellite Communications | Excessive traffic through satellite link [32] | Loss of availability | Egress filtering at connected networks [32] |
Wireless Communication Networks | Rogue nodes [33,34] | Unauthorised use | Pre-shared keys [33,35] list of approved devices [36], IDS [37], RFID [38], Hardware Security [39] |
Eavesdropping [33] | Breach of confidentiality | IPSec tunnel [33] | |
Poor physical security [40] | Access to crypto credentials/Insider threat | Message-based content verification [41] | |
Availability attacks (DoS, Jellyfish, rayhole, blackhole etc.) [40,42] | Loss of availability | Redundancy, traffic shaping and IDS [43], Oppcomms [44] | |
World Wide Web | Web-based attacks [45,46] | EM websites and web-based information systems affected | Web Security literature [46] |
Social Media | Account hijacking/relay attack [47] | Rogue messages transmitted on behalf of emergency services | Social media management applications |
Intentionally false information provided to emergency services [47] | EM influenced by misleading information | No known technical solutions. Discussion provided in [48] | |
Bot-generated messages [47] | Spam or misleading information sent to EM Social media account | Random Forest Classifier for bot detection [49] |
Technology | Security threat | Impact | Countermeasures |
---|---|---|---|
Satellite-based Sensing | GPS Spoofing [50] | Misleading GPS coordinates used for positioning calculations | Signal analysis [51,52,53] |
On-board computer reconfiguration [54] | Covert activity | No known solutions | |
Jamming | Loss of signal | Multiplexing, Spread-Spectrum, EHF frequencies, directional antenna beams, signal processing etc. [55] | |
Sensor Networks | Compromised node [56,57] | Battery exhaustion, spoofed/altered/replay messages | Detection based on both network and sensor measurements [58], collaborative sensor detection [44,56,57] |
Sybil attack [59] | Multiple fake identities used to collaboratively overcome cryptographic techniques | Collaborative detection [60] | |
Rogue nodes in EM medical body sensor network [61] | Unauthorised use | Light-weight cryptography [62] | |
Denial of service in EM medical body sensor network | Loss of availability | Body sensor network IDS [63] |
Technology | Security threat | Impact | Countermeasures |
---|---|---|---|
EMIS | Attack on satellite sensing | Inaccurate mapping | Satellite sensing countermeasures (Table 2) |
SQL injection and other database attacks [64,65] | Inaccurate database information, breach of data confidentiality | Database protection measures | |
VoIP attacks [66,67] | Eavesdropping, spoofing, masquerading etc. | VoIP security literature [66,68] | |
Weak authentication | Unauthorised use, breach of privacy | Role based Access Control [69], document encryption [70] |
2.1. Communication Media
2.1.1. SMS Text Messaging
2.1.2. Cell Broadcast (CB)
2.1.3. Amateur Radio
2.1.4. Professional Mobile Radio
2.1.5. Satellite Communications
2.1.6. Wireless Communication Networks
2.1.7. World Wide Web (WWW)
2.1.8. Social Media
2.2. Sensing Technologies
2.2.1. Satellite-Based Sensing
2.2.2. Terrestrial Sensor Networks
2.3. Information Systems
2.4. Vehicular Technologies
Technology | Security threat | Impact | Countermeasures |
---|---|---|---|
Manned Vehicles | Malware infection of traffic control systems [111] | Disabled air traffic control, signalling etc. | Web security literature [46] |
Malware infection of on board computers [113] | Hijacked control of locks, brakes and engine | Malware detection [113] | |
GPS Spoofing [50,117] | Artificial traffic jam caused | Signal analysis [51,52,53] | |
Web-based immobilisation hijacked [114] | Cars immobilised remotely and simultaneously | Web security literature [46] | |
Unmanned vehicles | GPS Spoofing [50,117] | Unmanned vehicle redirected [117,118] | Signal analysis [51,52,53] |
Gain-scheduling attack [117] | Control stability affected [117] | No known solutions | |
Fuzzing attack [117] | Random inputs to vehicle’s actuators [117] | No known solutions |
2.4.1. Manned Vehicles
2.4.2. Unmanned Vehicles
3. A Grand Challenge in EM Security
3.1. Prediction and Evaluation of a Cyber Attack’s Impact on EM
4. Conclusions
Platform | Category | Impact | Countermeasures | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Conceptual | Mathematical | Simulation | Prototype/Experim | Communications | Sensing | EMIS | Vehicular | Confidentiality | Integrity | Availability | Authentication | Resilience | Detection | Response | Procedural | |
Adam et al. [70] | x | x | x | x | x | |||||||||||
Al Ameen et al. [102] | x | x | x | x | x | x | ||||||||||
Bakar et al. [35] | x | x | x | x | x | x | x | |||||||||
Belala et al. [126] | x | x | x | x | x | |||||||||||
Bharania [32] | x | x | x | x | x | x | x | x | ||||||||
Bouckaert [33] | x | x | x | x | x | |||||||||||
Casoni and Paganelli [43] | x | x | x | x | x | x | x | x | ||||||||
Chan et al. [25] | x | x | x | x | x | x | x | x | x | |||||||
Chow et al. [101] | x | x | x | x | ||||||||||||
Chu et al. [48] | x | x | x | x | x | |||||||||||
Clark et al. [29] | x | x | x | x | x | |||||||||||
De Cerchio and Riley [111] | x | x | x | x | x | |||||||||||
DHS/FEMA [108] | x | x | x | x | ||||||||||||
Gelenbe et al. [41,44,86,87] | x | x | x | x | x | x | x | x | x | x | x | x | ||||
Haji et al. [36] | x | x | x | x | x | |||||||||||
Hiltz and Gonzalez [48] | x | x | x | |||||||||||||
Jafarnia-Jahromi et al. [51] | x | x | x | x | x | |||||||||||
Jakobson [122] | x | x | x | x | x | x | x | x | ||||||||
Javaid et al. [118] | x | x | x | x | x | |||||||||||
Kim et al. [117] | x | x | x | x | x | |||||||||||
Levin et al. [39] | x | x | x | x | x | x | ||||||||||
Li et al. [62] | x | x | x | x | x | |||||||||||
Liu et al. [26] | x | x | x | x | x | x | x | |||||||||
Malan et al. [61] | x | x | x | x | x | x | ||||||||||
Michalas et al. [80] | x | x | x | x | x | |||||||||||
Mitchell et al. [56,57] | x | x | x | x | x | x | x | |||||||||
Rafique et al. [106] | x | x | x | |||||||||||||
Rao and Rao et al. [55] | x | x | x | x | x | |||||||||||
Storey [112] | x | x | x | |||||||||||||
Tran et al. [38] | x | x | x | x | x | |||||||||||
Walker et al. [18,71] | x | x | x | x | x | x | x | x | x | |||||||
Warner et al. [52] | x | x | x | x | x | |||||||||||
Zeng et al. [53] | x | x | x | x |
References
- Bahrepour, M.; Meratnia, N.; Poel, M.; Taghikhaki, Z.; Havinga, P.J.M. Distributed Event Detection in Wireless Sensor Networks for Disaster Management. In Proceedings of the 2nd International Conference on Intelligent Networking and Collaborative Systems, Thessaloniki, Greece, 24–26 November 2010; pp. 507–512.
- Gelenbe, E.; Wu, F.J. Sensors in Cyber-Physical Emergency Systems. In Proceedings of the IET Conference on Wireless Sensor Systems, London, UK, 18–19 June 2012.
- Filippoupolitis, A.; Hey, L.; Loukas, G.; Gelenbe, E.; Timotheou, S. Emergency Response Simulation Using Wireless Sensor Networks. In Proceedings of the The 1st International Conference on Ambient Media and Systems, Quebec, Canada, 11–14 February 2008.
- Du, C.; Zhu, S. Research on urban public safety emergency management early warning system based on technologies for the Internet of things. Procedia Eng. 2012, 45, 748–754. [Google Scholar] [CrossRef]
- Delle Fave, F.M.; Rogers, A.; Jennings, N.R. ARGUS: A Coordination System to Provide First Responders with Live Aerial Imagery of the Scene of a Disaster (Demonstration). In Proceedings of the 11th International Conference on Autonomous Agents and Multiagent Systems, Valencia, Spain, 4–8 June 2012; Volume 3, pp. 1467–1468.
- Timotheou, S.; Loukas, G. Autonomous Networked Robots for the Establishment of Wireless Communication in Uncertain Emergency Response Scenarios. In Proceedings of ACM Symposium on Applied Computing, Hawaii, USA, 8–12 March 2009; pp. 1171–1175.
- White, C.; Plotnick, L.; Hiltz, S.R.; Turoff, M. An online social network for emergency management. Int. J. Emerg. Manag. 2009, 6, 369–382. [Google Scholar] [CrossRef]
- Yates, D.; Paquette, S. Emergency knowledge management and social media technologies: A case study of the 2010 Haitian earthquake. Int. J. Inf. Manag. 2011, 31, 6–13. [Google Scholar] [CrossRef]
- Dudenhoeffer, D.; Permann, M.; Manic, M. CIMS: A Framework for Infrastructure Interdependency Modeling and Analysis. In Proceedings of the 2006 IEEE Winter Simulation Conference, Monterey, CA, USA, 3–6 December 2006; pp. 478–485.
- Dudenhoeffer, D.D.; Permann, M.R.; Woolsey, S.; Timpany, R.; Miller, C.; McDermott, A.; Manic, M. Interdependency Modeling and Emergency Response. In Proceedings of the 2007 Summer Computer Simulation Conference, San Diego, CA, USA, 15–18 July 2007; SCS: San Diego, CA, USA; pp. 1230–1237.
- Loukas, G.; Gan, D.; Vuong, T. A Taxonomy of Cyber Attack and Defence Mechanisms for Emergency Management Networks. In Proceedings of the Third International Workshop on Pervasive Networks for Emergency Management (IEEE PerNem 2013), San Diego, CA, USA, 18–22 March 2013.
- Crondstedt, M. Prevention, preparedness, response, recovery—An outdated concept? Aust. J. Emerg. Manag. 2002, 17, 10–13. [Google Scholar]
- Gianni, D.; Loukas, G.; Gelenbe, E. A Simulation Framework for the Investigation of Adaptive Behaviours in Largely Populated Building Evacuation Scenarios. In Proceedings of the Seventh International Joint Conference on Autonomous Agents and Multi-Agent Systems (AAMAS 08), Estoril, Portugal, 12–16 May 2008.
- Galea, E.R.; Sharp, G.; Lawrence, P.J.; Holden, R. Approximating the evacuation of the World Trade Center north tower using computer simulation. J. Fire Prot. Eng. 2008, 18, 85–115. [Google Scholar] [CrossRef]
- Apikul, C. ICT for disaster risk reduction in Asia and the Pacific. In ICT for Disaster Risk Reduction, ICTD Case Study 2; Asian and Pacific Training Centre for Information and Communication Technology for Development: Incheon, Korea, 2010; pp. 10–49. [Google Scholar]
- Mankovich, N.; Fitzgerald, B. Managing Security Risks with 80001. In Advancing Safety in Medical Technology Conference and Expo; Association for the Advancement of Medical Instrumentation: Arlington, VA, USA, 2011. [Google Scholar]
- Harries, D.; Yellowlees, P.M. Cyberterrorism: Is the U.S. healthcare system safe? Telemed. e-Health 2012, 19, 1–6. [Google Scholar] [CrossRef] [PubMed]
- Walker, J. Cyber Security Concerns for Emergency Management. In Emergency Management; Eksioglu, B., Ed.; InTech: Rijeka, Croatia, 2012; pp. 39–59. [Google Scholar]
- Falcarin, P.; Collberg, C.; Atallah, M.; Jakubowski, M. Guest editors’ introduction: Software protection. IEEE Softw. 2011, 28, 24–27. [Google Scholar] [CrossRef]
- Madhava, S.S.P.; Jaishankar, K. Cyber Terrorism: Problems, Perspectives and Prescription. In Crimes of the Internet; Schmallager, F., Pittaro, M., Eds.; The ACM Digital Library: New York, NY, USA, 2008; pp. 593–611. [Google Scholar]
- Traynor, P. Characterizing the security implications of third-party emergency alert systems over cellular text messaging services. IEEE Trans. Mob. Comput. 2012, 11, 983–994. [Google Scholar] [CrossRef]
- Fournier, J.-C.; Rose, S. Message Transmission System and Method, and Utilization of the Transmission System to Investigate Services Offered. US Patent 7,130,648, 31 October 2006. [Google Scholar]
- Kristiansson, U.; Osth, K.-J.; Blomqvist, E.; Claassen, G. Method and Apparatus for Transmitting Secure Cell Broadcast Messages in a Cellular Communication Network. WIPO Patent Application WO/2012/108803, 18 June 2012. [Google Scholar]
- Tague, P.; Li, M.; Poovendran, R. Mitigation of control channel jamming under node capture attacks. IEEE Trans. Mob. Comput. 2009, 8, 1221–1234. [Google Scholar] [CrossRef]
- Chan, A.; Liu, X.; Noubir, G.; Thapa, B. Broadcast Control Channel Jamming: Resilience and Identification of Traitors. In Proceedings of the IEEE International Symposium on Information Theory, Istanbul, Turkey, 7–12 July 2007; pp. 2496–2500.
- Liu, S.; Lazos, L.; Krunz, M. Thwarting control-channel jamming attacks from inside jammers. IEEE Trans. Mob. Comput. 2012, 11, 1545–1558. [Google Scholar] [CrossRef]
- Jones, G. Mobile menace: Why SDR poses such a threat. Netw. Secur. 2012, 6, 5–7. [Google Scholar] [CrossRef]
- Park, Y.S.; Kim, C.S.; Ryou, J.C. The Vulnerability Analysis and Improvement of the TETRA Authentication Protocol. In Proceedings of the 12th International Conference on Advanced Communication Technology (ICACT), Gangwon-Do, Korea, 7–10 February 2010; pp. 1469–1473.
- Clark, S.; Metzger, P.; Wasserman, Z.; Xu, K.; Blaze, M.A. Security Weaknesses in the APCO Project 25 Two-Way Radio System; Technical Report MS-CIS-10-34; University of Pennsylvania: Philadelphia, PA, USA, 2010. [Google Scholar]
- Glass, S.; Muthukkumarasamy, V.; Portmann, M.; Robert, M. Insecurity in Public-Safety Communications: APCO Project 25. In Proceedings of the 7th International ICST Conference on Security and Privacy in Communication Networks, SecureComm 2011, London, UK, 7–9 September 2011.
- Driessen, B.; Hund, R; Willems, C.; Paar, C.; Holz, T. Don’t Trust Satellite Phones: A Security Analysis of Two Satphone Standards. In Proceedings of the IEEE Symposium on Security and Privacy (SP), San Diego, CA, USA, 20–23 May 2013; pp. 128–143.
- Bharania, R. Securing Hastily Formed Networks for Disaster Relief and Emergency Response. In Presented at CISCO Live, San Diego, CA, USA, 10–14 June 2012.
- Bouckaert, S.; Bergs, J.; Naudts, D. A Mobile Crisis Management System for Emergency Services: From Concept to Field Test. In Proceedings of the 3rd International Conference on Quality of Service in Heterogeneous Wired/Wireless Networks, Waterloo, Canada, 7–9 August 2006.
- Portmann, M.; Pirzada, A.A. Wireless mesh networks for public safety and crisis management applications. IEEE Internet Comput. 2008, 12, 18–25. [Google Scholar] [CrossRef]
- Bakar, A.; Roslan, I.; Ahmad, A.R.; Abd Manan, J.-L. Ensuring Data Privacy and Security in MANET: Case in Emergency Rescue Mission. In Proceedings of the International Conference on Information and Knowledge Management (ICIKM), Kuala Lumpur, Malaysia, 24–26 July 2012.
- Haji, R.; Hasbi, A.; Ghallali, M.; El Ouahidi, B. Towards an Adaptive QoS-Oriented and Secure Framework for Wireless Sensor Networks in Emergency Situations. In Proceedings of the International Conference on Multimedia Computing and Systems, Tangier, Morocco, 10–12 May 2012; pp. 1007–1011.
- De Oliveira, T.R.; de Oliveira, S.; Macedo, D.F.; Nogueira, J.M. An Adaptive Security Management Model for Emergency Networks. In 7th Latin American Network Operations and Management Symposium (LANOMS), Quito, Ecuador, 10–11 October 2011.
- Tran, T.; Yousaf, F.Z.; Wietfeld, C. RFID-Based Secure Mobile Communication Framework for Emergency Response Management. In Proceedings of the IEEE Wireless Communications and Networking Conference (WCNC), Sydney, Australia, 18–21 April 2010.
- Levin, T.E.; Irvine, C.E.; Benzel, T.V.; Nguyen, T.D.; Clark, P.C.; Bhaskara, G. Idea: Trusted Emergency Management. In Engineering Secure Software and Systems (ESSoS); Springer-Verlag: Berlin, Germany, 2009; pp. 32–36. [Google Scholar]
- Lazos, L.; Krunz, M. Selective jamming/dropping insider attacks in wireless mesh networks. IEEE Netw. 2011, 25, 30–34. [Google Scholar] [CrossRef]
- Gorbil, G.; Gelenbe, E. Resilience and Security of Opportunistic Communications for Emergency Evacuation. In Proceedings of the 7th ACM Workshop on Performance Monitoring and Measurement of Heterogeneous Wireless and Wired Networks (PM2HW2N’12), Paphos, Cyprus, 21–22 October 2012; pp. 115–124.
- Liao, X.; Hao, D.; Sakurai, K. Classification on Attacks in Wireless Ad Hoc Networks: A Game Theoretic View. In Proceedings of 7th International Conference on Networked Computing and Advanced Information Management (NCM), Gyeongju, Korea, 21–23 June 2011.
- Casoni, M.; Paganelli, A. Security Issues in Emergency Networks. In Proceedings of the 7th International Wireless Communications and Mobile Computing Conference (IWCMC), Istanbul, Turkey, 4–8 July 2011; pp. 2145–2150.
- Gelenbe, E.; Gorbil, G.; Wu, F.-J. Emergency Cyber-Physical-Human Systems. In Proceedings of the 21st International Conference on Computer Communications and Networks (ICCCN), Munich, Germany, 30 June–2 August 2012.
- Akhawe, D.; Barth, A.; Lam, P.E.; Mitchell, J.; Song, D. Towards a Formal Foundation of Web Security. In Proceedings of the 23rd IEEE Computer Security Foundations Symposium (CSF), Edinburgh, Scotland, UK, 17–19 July 2010; pp. 290–304.
- Jensen, M.; Gruschka, N.; Herkenhöner, R. A survey of attacks on web services. Comput. Sci.-Res. Dev. 2009, 24, 185–197. [Google Scholar] [CrossRef]
- Mahmood, S. New Privacy Threats for Facebook and Twitter Users. In Proceedings of the Seventh International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), Victoria, Canada, 12–14 November 2012; pp. 164–169.
- Hiltz, S.R.; Gonzalez, J.J. Assessing and Improving the Trustworthiness of Social Media for Emergency Management: A Literature Review. In Proceedings of the Norwegian Information Security Conference (NISK), Bodo, Norway, 19–21 November 2012.
- Chu, Z.; Gianvecchio, S.; Wang, H.; Jajodia, S. Detecting automation of twitter accounts: Are you a human, bot or cyborg? IEEE Trans. Dependable Secur. Comput. 2012, 9, 811–824. [Google Scholar] [CrossRef]
- Tippenhauer, N.O.; Popper, C.; Rasmussen, K.B.; Capkun, S. On the Requirements for Successful GPS Spoofing Attacks. In Proceedings of the 18th ACM Conference on Computer and Communications Security, Chicago, IL, USA, 17–21 October 2011; ISBN: 978-1-4503-0948-6. pp. 75–86.
- Jafarnia-Jahromi, A.; Lin, T.; Broumandan, A.; Nielsen, J.; Lachapelle, G. Detection and Mitigation of Spoofing Attacks on a Vector Based Tracking GPS Receiver, ION ITM 2012, Newport Beach, CA, 30 January–1 February 2012.
- Warner, J.S.; Johnston, R.G. GPS Spoofing Countermeasures. Homel. Secur. J. 2003, LAUR-03-6163, 22–30. [Google Scholar]
- Zeng, Q.; Li, H.; Qian, L. GPS Spoofing Attack on Time Synchronization in Wireless Networks and Detection Scheme Design. In Proceedings of the Military Communications Conference (MILCOM), Orlando, FL, USA, 29 October–1 November 2012.
- Kallberg, J. Designer satellite collisions from covert cyber war. Strateg. Stud. Q. 2012, 124–136. [Google Scholar]
- Rao, G.K.; Rao, R.S.H. Status Study on Sustainability of Satellite Communication Systems Under Hostile Jamming Environment. In Proceedings of 2011 Annual IEEE India Conference (INDICON), Hyderabad, India, 16–18 December 2011; pp. 1–7.
- Mitchell, R.; Chen, I.R. A Hierarchical Performance Model for Intrusion Detection in Cyber-Physical Systems. In Proceedings of the IEEE Wireless Communications and Networking Conference (WCNC), Cancun, Mexico, 28–31 March 2011; pp. 2095–2100.
- Mitchell, R.; Chen, I.R. Survivability Analysis of Mobile Cyber Physical Systems with Voting-Based Intrusion Detection. In Proceedings of the 7th International Wireless Communications and Mobile Computing Conference (IWCMC), Istanbul, Turkey, 4–8 July 2011. ISBN 978-1-4244-9539-9.
- Chen, Y.J.; Shih, J.S.; Cheng, S.T. A Cyber-Physical Integrated Security Framework with Fuzzy Logic Assessment for Cultural Heritages. In Proceeding of the IEEE International Conference on Systems, Man and Cybernetics, Anchorage, AK, USA, 9–12 October 2011; 978-1-4577-0652-3. pp. 1843–1847.
- Pramod, A.V.; Azeem, M.A.; Prakash, M.O. Detecting the sybil attack in wireless sensor network. Int. J. Comput. Technol. 2012, 3, 158–161. [Google Scholar]
- Conti, M.; Di Pietro, R.; Mancini, L.V.; Mei, A. Distributed detection of clone attacks in wireless sensor networks. IEEE Trans. Dependable Secur. Comput. 2011, 8, 685–698. [Google Scholar] [CrossRef]
- Malan, D.; Fulford-Jones, T.; Welsh, M.; Moulton, S. Codeblue: An Ad Hoc Sensor Network Infrastructure for Emergency Medical Care. In Proceedings of the International Workshop on Wearable and Implantable Body Sensor Networks, London, UK, 3–5 April 2004.
- Li, M.; Lou, W.; Ren, K. Data security and privacy in wireless body area networks. IEEE Wirel. Commun. 2010, 17, 51–58. [Google Scholar] [CrossRef]
- Sundararajan, T.V.P.; Shanmugam, A. A novel intrusion detection system for wireless body area network in health care monitoring. J. Comput. Sci. 2010, 6, 1355–1361. [Google Scholar] [CrossRef]
- Kindy, D.A.; Pathan, A.K. A Survey on SQL Injection: Vulnerabilities, Attacks, and Prevention Techniques. In Proceedings of the IEEE International Symposium on Consumer Electronics, Singapore, 14–17 June 2011; pp. 468–471.
- Cecchini, S.; Gan, D. The AMP attacker: A suite of tools for exploiting SQL injection vulnerabilities in web applications. Int. J. Electron. Secur. Digit. Forensics 2013, in press. [Google Scholar]
- Ehlerta, S.; Geneiatakis, D.; Magedanza, T. Survey of network security systems to counter SIP-based denial-of-service attacks. Comput. Secur. 2010, 29, 225–243. [Google Scholar] [CrossRef]
- Rezac, F.; Voznak, M. Security risks in IP telephony. Adv. Electr. Electron. Eng. 2011, 8, 15–23. [Google Scholar]
- Dantu, R.; Fahmy, S.; Schulzrinne, H.; Cangussu, J. Issues and challenges in securing VoIP. Comput. Secur. 2009, 28, 743–753. [Google Scholar] [CrossRef]
- Federal Emergency Management Agency (FEMA). National Emergency Management Information System Concept of Operations; Diane Co.: Washington, DC, USA, 1998.
- Adam, N.; Kozanoglu, A.; Paliwal, A.; Shafiq, B. Secure information sharing in a virtual multi-agency team environment. Electron. Notes Theor. Comput. Sci. 2007, 179, 97–109. [Google Scholar] [CrossRef]
- Walker, J.; Williams, B.J.; Skelton, G.W. Cyber Security for Emergency Management. In IEEE International Conference on Technologies for Homeland Security (HST), Waltham, MA, USA, 8–10 November 2010; pp. 476–480.
- Traynor, P.; Enck, W.; McDaniel, P.; La Porta, T. Exploiting open functionality in SMS-capable cellular networks. J. Comput. Secur. 2008, 16, 393–404. [Google Scholar]
- Traynor, P.; Enck, W.; McDaniel, P.; La Porta, T. Mitigating attacks on open functionality in SMS-capable cellular networks. IEEE/ACM Trans. Netw. 2009, 17, 182–193. [Google Scholar]
- Karaliopoulos, M.; Henrio, P.; Mazzella, M.; de Win, W.; Dieudonne, M.; Andrikopoulos, I.; Mertzanis, I.; Corazza, G.E.; Vanelli-Coralli, A.; Dimitriou, N.; Polydoros, A. Satellite radio interface and radio resource management strategy for the delivery of multicast/broadcast services via an integrated satellite-terrestrial system. IEEE Commun. Mag. 2004, 42, 108–117. [Google Scholar] [CrossRef]
- Vojcic, B.; Matheson, D.; Clark, H. Network of Mobile Networks: Hybrid Terrestrial-Satellite Radio. In Proceedings of the International Workshop on Satellite and Space Communications, Siena, Italy, 9–11 September 2009; pp. 451–455.
- Lee, Y.-M.; Ku, B.-J.; Ahn, D.-S. A Satellite Core Network System for Emergency Management and Disaster Recovery. In Proceedings of the 2010 International Conference on Information and Communication Technology Convergence, Jeju Island, Korea, 17–19 November 2010; pp. 549–552.
- Nelson, C.; Steckler, B.D.; Stamberger, J.A. The Evolution of Hastily Formed Networks for Disaster Response. In Proceedings of Global Humanitarian Technology Conference, IEEE, Seattle, WA, USA, 30 October–1 November 2011.
- Yi, P.; Wu, Y.; Zou, F.; Liu, N. A survey on security in wireless mesh networks. IETE Tech. Rev. 2010, 27, 6–14. [Google Scholar] [CrossRef]
- Wu, B.; Chen, J.; Wu, J.; Cardei, M. A survey of attacks and countermeasures in mobile ad hoc networks. Wirel. Netw. Secur. 2007, 103–135. [Google Scholar]
- Michalas, A.; Bakopoulos, M.; Komninos, N.; Prasad, N.R. Secure and Trusted Communication in Emergency Situations. In Proceedings of the 35th IEEE Sarnoff Symposium (SARNOFF), Newark, NJ, USA, 21–22 May 2012; pp. 228–232.
- Collberg, C.; Thomborson, C. Watermarking, tamper-proofing, and obfuscation-tools for software protection. IEEE Trans. Softw. Eng. 2002, 28, 735–746. [Google Scholar] [CrossRef]
- Gelenbe, E.; Loukas, G. A self-aware approach to denial of service defence. Comput. Netw. 2007, 51, 1299–1314. [Google Scholar] [CrossRef]
- Sakellari, G.; Gelenbe, E. Demonstrating Cognitive Packet Network Resilience to Worm Attacks. In Proceedings of the 17th ACM Conference on Computer and Communications Security, Chicago, IL, USA, 4–8 October 2010; ISBN 978-1-4503-0245-6. pp. 636–638.
- Sterbenz, J.P.G.; Cetinkaya, E.K.; Hameed, M.A.; Jabbar, A.; Qian, S.; Rohrer, J.P. Evaluation of network resilience, survivability, and disruption tolerance: Analysis, topology generation, simulation, and experimentation. Telecommun. Syst. 2011, 1–34. [Google Scholar] [CrossRef]
- Filippoupolitis, A.; Loukas, G.; Timotheou, S.; Dimakis, N.; Gelenbe, E. Emergency Response Systems for Disaster Management in Buildings. In Proceedings of NATO Symposium on C3I for Crisis, Emergency and Consequence Management, Bucharest, Romania, 11–12 May 2009.
- Gorbil, G.; Gelenbe, E. Disruption Tolerant Communications for Large Scale Emergency Evacuation. In Proceedings of the 11th IEEE International Conference on Pervasive Computing and Communication, San Diego, CA, USA, 18–22 March 2013.
- Gorbil, G.; Gelenbe, E. Resilient Emergency Evacuation Using Opportunistic Communications. In Computer and Information Sciences III; Gelenbe, E., Lent, R., Eds.; Springer: Berlin, Germany, 2013; pp. 249–257. [Google Scholar]
- Loukas, G.; Oke, G. Protection against denial of service attacks: A survey. Comput. J. Br. Comput. Soc. 2010, 53, 1020–1037. [Google Scholar] [CrossRef]
- Bunker, D.; Smith, S. Disaster Management and Community Warning Systems: Inter-Organisational Collaboration and ICT Innovation. In Proceedings of the Pacific Asia Conference on Information Systems, Hyderabad, India, 10–12 July 2009.
- Magsino, S.L. Applications of Social Network Analysis for Building Community Disaster Resilience; The National Academies Press: Washington, DC, USA, 2009. [Google Scholar]
- Wojciechowicz, W.; Zych, J.; Hołubowicz, W. Information and communication technology and crisis management. Tech. Sci. 2012, 15, 101–110. [Google Scholar]
- Kreiner, K.; Neubaur, G. Social Media for Crisis Management: Problems and Challenges from an IT-Perspective. In Proceedings of Interdisciplinary Information and Management Talks IDIMT 2012, Jindřichův Hradec, Czech Republic, 12–14 September 2012.
- Roitman, H.; Mamou, J.; Mehta, S.; Satt, A.; Subramaniam, L.V. Harnessing the Crowds for Smart City Sensing. In Proceedings of the 1st International Workshop on Multimodal Crowd Sensing, Maui, Hawaii, USA, 29 October–2 November 2012; pp. 17–18.
- Humphreys, T.E.; Ledvina, B.M.; Psiaki, M.L.; O’Hanlon, B.W.; Kintner, P.M., Jr. Assessing the Spoofing Threat: Development of a Portable GPS Civilian Spoofer. In Proceedings of ION GNSS Conference, Institute of Navigation, Savanna, GA, USA, 16–19 September 2008.
- Lorincz, K.; Malan, D.J.; Fulford-Jones, T.E.F.; Nawoj, A.; Clavel, A.; Shnayder, V.; Mainland, G.; Welsh, M. Sensor networks for emergency response: Challenges and opportunities. IEEE Pervasive Comput. 2004, 3, 16–23. [Google Scholar] [CrossRef]
- Skelton, G.W. Cyber-Physical Security for Wireless Sensor Networks. In Proceedings of the Workshop on Future Directions in Cyber-physical Systems Security, Newark, NJ, USA, 22–24 July 2009.
- Lin, J.; Yu, W.; Yang, X.; Xu, G.; Zhao, W. On False Data Injection Attacks against Distributed Energy Routing in Smart Grid. In Proceedings of the ACM/IEEE Third International Conference on Cyber-Physical Systems, Beijing, China, 17–19 April 2012.
- Kavitha, T.; Sridharan, D. Security vulnerabilities in wireless sensor networks: A survey. J. Inf. Assur. Secur. 2010, 5, 31–44. [Google Scholar]
- Zhou, Y.; Fang, Y.; Zhang, Y. Securing wireless sensor networks: A survey. Commun. Surv. Tutor. IEEE 2008, 10, 6–28. [Google Scholar] [CrossRef]
- Rajamaki, J.; Rathod, P.; Ahlgren, A.; Aho, J.; Takari, M.; Ahlgren, S. Resilience of Cyber-Physical System: A Case Study of Safe School Environment. In Proceedings of the Intelligence and Security Informatics Conference (EISIC), Odense, Denmark, 22–24 August 2012.
- Chow, R.; Uzun, E.; Cardenas, A.A.; Song, Z.; Lee, S. Enhancing Cyber-Physical Security through Data patterns. In Proceedings of the Workshop on Foundations of Dependable and Secure Cyber-Physical Systems, Chicago, IL, USA, 11 April 2011.
- Al Ameen, M.; Liu, J.; Kwak, K. Security and privacy issues in wireless sensor networks for healthcare applications. J. Med. Syst. 2012, 36, 93–101. [Google Scholar] [CrossRef] [PubMed]
- Mejia Bernal, J.F.; Ardito, L.; Falcarin, P.; Rodriguez Rocha, O.; Morisio, M.; Giovannelli, F.; Pistore, F. Emergency situations supported by context-aware and application streaming. Int. J. Ad Hoc Ubiquitous Comput. 2013, 13. in press. [Google Scholar]
- Gao, Y.; Li, C.; Zhao, Y. The Review of Emergency Management Research. In Proceedings of the 2nd IEEE International Conference on Emergency Management and Management Sciences (ICEMMS), Beijing, China, 8–10 August 2011; pp. 732–736.
- Racek, J.; Ministr, J. ICT Support for Emergency Management. In Proceedings of Interdisciplinary Information and Management Talks IDIMT 2012, Jindřichův Hradec, Czech Republic, 12–14 September 2012.
- Rafique, M.Z.; Akabar, M.A.; Farooq, M. Evaluating DoS Attacks Against SIP-Based VoIP Systems. In Proceedings of IEEE GLOBECOM, Honolulu, HI, USA, 30 November–4 December 2009.
- Department of Homeland Security (DHS). Security Weaknesses Increase Risks to Critical Emergency Preparedness and Response Database; OIG-05-43; Office of Information Technology: Washington, DC, USA, 2005.
- Department of Homeland Security/Federal Emergency Management Agency (DHS/FEMA). Privacy Impact Assessment for the National Emergency Management Information System—Individual Assistance (NEMIS-IA) Web-Based and Client-Based Modules; DHS/FEMA/PIA-027; DHS/FEMA: Washington, DC, USA, 2012.
- Buscher, M.; Wood, L.; Perng, S.Y. Privacy, Security, Liberty: Informing the Design of EMIS. In Proceedings of the 10th International ISCRAM Conference, Baden-Baden, Germany, 12–15 May 2013.
- Turk, R.J. Cyber Incidents Involving Control Systems; INL/EXT-05-00671; US-CERT Control Systems Security Center: Idaho Falls, ID, USA, 2005. [Google Scholar]
- De Cerchio, R.; Riley, C. Aircraft Systems Cyber Security. In Proceedings of IEEE 30th Digital Avionics Systems Conference (DASC), Seattle, WA, USA, 16–20 October 2011.
- Storey, D. Securing process control networks. Netw. Secur. 2009, 10, 10–13. [Google Scholar] [CrossRef]
- Koscher, K.; Czeskis, A.; Roesner, F.; Patel, S.; Kohno, T.; Checkoway, S.; McCoy, D.; Kantor, B.; Anderson, D.; Shacham, H.; Savage, S. Experimental Security Analysis of a Modern Automobile. In Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, USA, 16–19 May 2010; pp. 447–462.
- Schoitsch, E. Cyber-Physical Systems—What Can We Learn from Disasters with Respect to Assessment, Evaluation and Certification/Qualification of Systems-of-Systems? In Proceedings of 20th IDIMT Conference, Jindrichuv Hradec, Czech Republic, 12–14 September 2012; pp. 69–81.
- Shachtman, N. Computer Virus Hits U.S. Drone Fleet. Wired 2011. [Google Scholar]
- Cole, C. The Drone War Briefing; Drone Wars UK: Oxford, UK, 2012. [Google Scholar]
- Kim, A.; Wampler, B.; Goppert, J.; Hwang, I.; Aldridge, H. Cyber Attack Vulnerabilities Analysis for Unmanned Aerial Vehicles; The American Institute of Aeronautics and Astronautics: Reston, VA, USA, 2012. [Google Scholar]
- Javaid, A.Y.; Sun, W.; Devabhaktuni, V.K.; Alam, M. Cyber Security Threat Analysis and Modeling of an Unmanned Aerial Vehicle System. In Proceedings of IEEE Conference on Technologies for Homeland Security (HST), Waltham, MA, USA, 13–15 November 2012; pp. 585–590.
- U.S. Government Accountability Office (GAO). Unmanned Aircraft Systems: Measuring Progress and Addressing Potential Privacy Concerns Would Facilitate Integration into the National Aispace System; GAO-12-981, GAO: Washington, DC, USA, 2012.
- Loukas, G.; Timotheou, S.; Gelenbe, E. Robotic Wireless Network Connection of Civilians for Emergency Response Operations. In Proceedings of the 23rd International Symposium on Computer and Information Systems (IEEE ISCIS), Istanbul, Turkey, 27–29 October 2008.
- Kohno, T. Security for Cyber-Physical Systems: Case Studies with Medical Devices, Robots, and Automobiles. In Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks (WISEC), Tucson, AZ, USA, 16–18 April 2012.
- Jakobson, G. Mission Cyber Security Situation Assessment Using Impact Dependency Graphs. In Proceedings of the 14th International Conference on Information Fusion, Chicago, IL, USA, 5–8 July 2011.
- Tadda, G.P.; Salerno, J. Overview of Cyber Situation Awareness. In Cyber Situational Awareness; Jajodia, S., Liu, P., Swarup, V., Wang, C., Eds.; Springer: Berlin, Germany, 2010; Volume 46, pp. 15–35. [Google Scholar]
- Clem, A.; Galwankar, S.; Buck, G. Health implications of cyber-terrorism. Prehospital Disaster Med. 2003, 18, 272–275. [Google Scholar] [CrossRef] [PubMed]
- Halperin, D.; Heydt-Benjamin, T.S.; Clark, S.S.; Defend, B.; Morgan, W.; Fu, K.; Kohno, T.; Maisel, W.H. Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses. In Proceedings of the IEEE Symposium on Security and Privacy, Berkeley/Oakland, CA, USA, 18–22 May 2008; pp. 129–142.
- Belala, T.; Issa, O.; Gregoire, J.-C.; Wong, J. A secure mobile multimedia system to assist emergency response teams. Telemed. e-Health 2008, 14, 560–569. [Google Scholar] [CrossRef] [PubMed]
© 2013 by the authors; licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution license (http://creativecommons.org/licenses/by/3.0/).
Share and Cite
Loukas, G.; Gan, D.; Vuong, T. A Review of Cyber Threats and Defence Approaches in Emergency Management. Future Internet 2013, 5, 205-236. https://doi.org/10.3390/fi5020205
Loukas G, Gan D, Vuong T. A Review of Cyber Threats and Defence Approaches in Emergency Management. Future Internet. 2013; 5(2):205-236. https://doi.org/10.3390/fi5020205
Chicago/Turabian StyleLoukas, George, Diane Gan, and Tuan Vuong. 2013. "A Review of Cyber Threats and Defence Approaches in Emergency Management" Future Internet 5, no. 2: 205-236. https://doi.org/10.3390/fi5020205
APA StyleLoukas, G., Gan, D., & Vuong, T. (2013). A Review of Cyber Threats and Defence Approaches in Emergency Management. Future Internet, 5(2), 205-236. https://doi.org/10.3390/fi5020205