The new EP Library Catalogue allows you to search the EP collection for:
- Journals, books and articles in paper or electronic format
- EPRS and Policy Department publications
Abstract: The European Union (EU)'s cybersecurity policy has, over the past two decades, undergone dramatic changes that have positioned it not only at the forefront of the EU's security policy landscape but also as one of the most influential policies across the EU policy spectrum. Over the years, the EU has become particularly aware of its increasing reliance on digital infrastructure and services, namely, how sectors such as transport, trade, finance, health, energy and education rely on accessing secure information and communication technology infrastructure. This dependency has been understood as highlighting the EU's vulnerability to the exponential growth in cyberthreats online. Having developed mainly in a reactive fashion to these perceived vulnerabilities, the EU's cybersecurity strategy was officially introduced in 2013 as an umbrella for a set of pre-existing, albeit scattered, initiatives. Since then, it has transitioned from a set of foundational measures to a mature, comprehensive and strategic policy focused on resilience, co-operation and technological advancement. It is composed of four main sub-policy areas: cybercrime and law enforcement; critical information infrastructure protection; cyber-defence; and cyber-diplomacy. Although distinct in their focus, these areas all work together towards the protection of the EU's digital infrastructure and residents.
Abstract: This special issue explores the relationship between digital trade and security, empha-sizing the geopolitical implications for the global economy in the digital age. The rapid growth of digital trade has introduced significant challenges and opportunities, neces-sitating robust data governance to balance national security interests with the free flow of goods, services, and data across borders. The papers explore the different models of data governance championed by the US, China, and the EU, highlighting the complexities of cross-border data flows and their impact on international relations. Through detailed analyses of various international agreements and frameworks, this special issue provides a comprehensive overview of the current landscape of digital trade and its security implications, with a particular focus on China’s evolving approach to data governance and its global influence.
Abstract: This article is devoted to the assessment of the country’s sustainable cyberspace strategy by comparing the cyber security strategies of those countries that are economically developed and use advanced information and communication technologies. Based on the components of the National Cyber Security Index, a calculation was made for 10 countries, which made it possible to monitor the effectiveness of their cyber strategies and identify their shortcomings. The calculation is made for the years 2018 and 2021. During this period, no significant critical changes form abnormal indicators, but it is possible to reflect a particular trend. Application of the PROMETHEE method (I and II) and the formation of net flows, determination of importance and comparison of alternatives allowed to carry out an in-depth analysis of various aspects of cyber security, such as protection measures, response to cyber threats and general resistance to cyber-attacks. It is determined that Belgium and Lithuania are the most resistant to threats from cyber-attacks and in the fight against money laundering among the countries considered, as they are rapidly developing and implementing new measures. Their indicators increased by 0.1 values in 2021 compared to 2018. According to the calculations, Great Britain is the most conservative in implementing certain strategies, and its indicators remained at the level of 0-0.2 according to various criteria for the years studied. Most countries improve their indicators by a total of 0.2 values, which reflects their development. Ukraine tends to decrease some indicators by 0.1 value; some are at the same level. The regulatory framework’s introduction rate in the cyber security field increases. It shows that Ukraine has many rapidly changing risks, but is trying to achieve flexibility in responding to them. The research findings identify each country’s cybersecurity strengths and weaknesses, as well as potential risks and vulnerabilities. Thanks to this analysis, recommendations are made for developing and implementing effective cyber security strategies, both at the national and international levels. The study contributes to the understanding of the complexity of modern cyber threats. It emphasizes the need for continuous improvement and adaptation of protection measures to ensure the stability and security of financial and information systems in a global digital environment.
Abstract: The increasing use of Industrial Internet of Things (IIoT) devices has heightened concerns about cybersecurity threats, particularly botnet attacks. Traditional internet communication methods have consistently faced these challenges, leading to substantial economic losses for numerous manufacturing enterprises. As machine-to-machine communications grow, these attacks are becoming more prevalent. This research addresses the critical need for an AI-powered network intrusion detection system. We conducted an extensive literature review and implemented over 25 advanced Machine Learning (ML) algorithms, including various modifications, to detect botnet attacks on seven IoT devices. The primary objective was to develop robust and accurate models for identifying security threats and allow for a comprehensive performance benchmark for all these models utilizing the same dataset. Our findings revealed that certain models achieved near-perfect performance in detecting botnet attacks, while others were less effective. Our contributions include identifying high-performing ML models for botnet detection and demonstrating their applicability across various IoT devices. Future research should focus on validating these models with new datasets and exploring how the type and function of IoT devices influence detection performance and response time.
Abstract: Advanced Persistent Threats (APTs) are sophisticated, targeted cyberattacks designed to gain unauthorized access to systems and remain undetected for extended periods. To evade detection, APT cyberattacks deceive defense layers with breaches and exploits, thereby complicating exposure by traditional anomaly detection-based security methods. The challenge of detecting APTs with machine learning is compounded by the rarity of relevant datasets and the significant imbalance in the data, which makes the detection process highly burdensome. We present AE-APT, a deep learning-based tool for APT detection that features a family of AutoEncoder methods ranging from a basic one to a Transformer-based one. We evaluated our tool on a suite of provenance trace databases produced by the DARPA Transparent Computing program, where APT-like attacks constitute as little as 0.004% of the data. The datasets span multiple operating systems, including Android, Linux, BSD, and Windows, and cover two attack scenarios. The outcomes showed that AE-APT has significantly higher detection rates compared to its competitors, indicating superior performance in detecting and ranking anomalies.
Abstract: With the increasing complexity of cyber threats and the expanding scope of cyberspace, there exist progressively more challenges in cyber threat detection. It is proven that most previous threat detection models may become inadequate due to the escalation of hacker attacks. However, recent research has shown that some of these problems can be effectively addressed by Large Language Models (LLMs) directly or indirectly. Nowadays, a growing number of security researchers are adopting LLMs for analyzing various cyber threats. According to the investigation, we found that while there are numerous emerging reviews on the utilization of LLMs in some fields of cyber security, there is currently a lack of a comprehensive review on the application of LLMs in the threat detection stage. Through retrieving and collating existing works in recent years, we examined various threat detection and monitoring tasks for which LLMs may be well-suited, including cyber threat intelligence, phishing email detection, threat prediction, logs analysis, and so on. Additionally, the review explored the specific stages of different detection tasks in which LLMs are involved, evaluating the points at which LLMs are optimized. For instance, LLMs have been found to enhance the interpretability of log analysis in real-time anomaly event discovery. Additionally, we discussed some tasks where LLMs may not be suitable and explored future directions and challenges in this field. By providing a detailed status update and comprehensive insights, this review aims to assist security researchers in leveraging LLMs to enhance existing detection frameworks or develop domain-specific LLMs.
Abstract: Based on textual analysis and a comparison of cybersecurity risk disclosures of firms that were hacked to others that were not, we propose a novel firm-level measure of cybersecurity risk for all U.S.-listed firms. We then examine whether cybersecurity risk is priced in the cross-section of stock returns. Portfolios of firms with high exposure to cybersecurity risk outperform other firms. Yet, high-exposure firms perform poorly in periods of high cybersecurity risk. Reassuringly, the measure is higher in information-technology industries, correlates with characteristics linked to firms hit by cyberattacks, and predicts future cyberattacks. Authors have furnished an Internet Appendix, which is available on the Oxford University Press Web site next to the link to the final published paper online
Abstract: The cybersecurity of critical infrastructures is an essential topic within national and international security as 16 critical infrastructure sectors touch various aspects of American society. Because the failure to provide adequate cybersecurity controls within the critical infrastructure sectors renders the country open to an attack that could have a debilitating effect on security, national public health, safety, and economic security, this matter is so vital that there is the Presidential Policy Directive (PPD) 21 Critical Infrastructure Security and Resilience advances a national policy to strengthen and maintain secure, functioning and resilient critical infrastructure. An organization identified as the Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security (DHS) has the mission to be the risk advisor for the United States (US). Other organizations, such as the National Security Agency (NSA), have approved a specific Knowledge Unit (KU) to address cybersecurity for critical infrastructures associated with doctoral-level granting programs. To address this challenge, it is necessary to identify threats better and defend against them while mitigating risks to an acceptable level. Only then can a nation build a more secure and resilient infrastructure for the future while defending against present-day bad actors as cyberwarfare, cyber espionage, and cybersecurity attacks are the modern-day threats that need to be addressed in planning, designing, implementation, and maintenance. Therefore, the researchers developed a case study reviewing threats against different sectors defined in the PPD.
Abstract: As technology has evolved, cities have become increasingly smart. Smart mobility is a crucial element in smart cities, and autonomous vehicles are an essential part of smart mobility. However, vulnerabilities in autonomous vehicles can be damaging to quality of life and human safety. For this reason, many security researchers have studied attacks and defenses for autonomous vehicles. However, there has not been systematic research on attacks and defenses for autonomous vehicles. In this survey, we analyzed previously conducted attack and defense studies described in 151 papers from 2008 to 2019 for a systematic and comprehensive investigation of autonomous vehicles. We classified autonomous attacks into the three categories of autonomous control system, autonomous driving systems components, and vehicle-to-everything communications. Defense against such attacks was classified into security architecture, intrusion detection, and anomaly detection. Due to the development of big data and communication technologies, techniques for detecting abnormalities using artificial intelligence and machine learning are gradually being developed. Lastly, we provide implications based on our systemic survey that future research on autonomous attacks and defenses is strongly combined with artificial intelligence and major component of smart cities.
Abstract: Despite promises by European Union (EU) policymakers to “fundamentally change” cybersecurity certification, they have recently created a regime that is strikingly similar to already existing certification arrangements. How can we explain this puzzle? Through a process-tracing analysis based on 41 documents and 18 interviews, this article traces the development of the EU cybersecurity certification regime over the past two decades. It deconstructs certification into standardisation, accreditation, certification, and evaluation; analyses how each regime component changed over time; and discusses to what extent causal mechanisms that are derived from classic theories of EU integration explain the limited nature of policy change. The observed dynamics uncover a “Europeanization on Demand” model that allows national authorities to completely control the extent of integration. This study challenges the dichotomous understanding portrayed by EU integration literature, of mutually exclusive dynamics of market or core state powers integration, highlighting intriguing political dynamics in EU cybersecurity policymaking.
Abstract: There have already been several studies focusing on cybersecurity and international trade but the intersection between the two is multifaceted and can be approached from several viewpoints. This article focuses on cybersecurity and international trade from the specific perspective of technological neutrality. Although technological neutrality is recognized with different degrees of intensity both under World Trade Organization Covered Agreements and free trade agreements in a diverse range of fields (such as trade in services, technical barriers to trade, or intellectual property), its status in international trade law is unclear. In this uncertain context, it is argued here, technological neutrality has the potential of expanding the scope of trade obligations unpredictably. As a result, in the face of pressing cybersecurity concerns, technology-related trade measures risk to constantly violate trade obligations, making the trade-cybersecurity relationship even more complicated. The possibility to clarify the status of technological neutrality and the scope of technology-neutral provisions is chief among the solutions proposed in this article. Additionally, this article suggests for States either to be compensated when a trade-restrictive cybersecurity measure affects them, or to consider adopting a waiver in the field of technology, similar to what has been carried out in other areas.
If you are unable to access the article you need, please contact us and we will get it for you as soon as possible.
| Data Protection Notice | Cookie Policy & Inventory |
 |
 |
 |
Journals on all devices |
Books, articles, EPRS publications & more |
Newspapers on all devices |