Skip to main content
SpringerLink
Log in
Book cover

Advances in Cybersecurity Management pp 221–243Cite as

Managing Cybersecurity Events Using Service-Level Agreements (SLAs) by Profiling the People Who Attack

  • 2029 Accesses

Abstract

Security frameworks are used to determine the approach to managing a network that may be under attack. The DREAD model from Microsoft, for example, promotes a strategy that is defined according to the impact of the attack on Damage, Reproducibility, Exploitability, Affected users, and Discoverability (DREAD). Each DREAD metric is scored, and the subsequent priorities are used to influence a reaction to the attack. In the event that an identified attack is being carried out by a security auditor, otherwise known as a white hat hacker whose intention is not malicious, the attack may not contribute significant Damage when considered according to DREAD yet may be consuming resources and causing challenges for the network service provider in terms of their ability to fulfil all customer service-level agreements (SLAs). This is therefore an operational event that needs to be responded to when managing the network load yet not necessarily from a cybersecurity perspective—it could, however, be managed from perspective of either performance or security. As an element of a Fault, Configuration, Accounting, Performance and Security (FCAPS) management approach, a response to such an event may involve reacting to a potential performance compromise occurring for security reasons. The network operator or service provider does not need to know the reason why the network is heavily loaded and only needs to ensure sufficient resources to fulfil all SLAs. However, it is recognised that there is an opportunity to pre-emptively identify that the network may become loaded in portions due to the tendencies of people operating within the network, specifically from a cybersecurity perspective and in relation to their intentions. This is in recognition of the fact that people who attack networks have a propensity towards commonalities in their personal characteristics and that these factors can be the drivers behind their attacking of a network. In addition to categorising attackers according to their intention (i.e., black hat and malicious, grey hat and not malicious but may violate laws, or white hat and friendly), a further degree of categorisation is proposed in terms of those who: (1) have some personal pressure which is influencing their desire to carry out malevolent actions online, (2) are naturally highly intelligent and inquisitive, and (3) those who are mentally ill. In this chapter, an approach is proposed to manage the network by profiling the characteristics of users residing across it according to their propensity to carry out a cyber-attack. Furthermore, it is suggested to use this information to pre-empt their activity such that the SLAs for all customers will continue to be achieved throughout the SLA lifetime. This process will be facilitated through the way in which the SLAs are defined and the information collected during the service setup procedure.

Keywords

  • Cyberattacker profiles
  • Cybercrime
  • Data management engine
  • Fault
  • Configuration
  • Accounting
  • Performance and Security (FCAPS)
  • Service Level Agreement (SLA)
  • SLA recommender engine

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   54.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   99.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Girs, S., Sentilles, S., Abbaspour Asadollah, A., Ashjael, M., & Mubeen, S. (2020). A systematic literature study on definition and modelling of service-level agreements for cloud services in IoT. IEEE Access, 8, 134498–134513. https://doi.org/10.1109/ACCESS.2020.3011483.

    CrossRef  Google Scholar 

  2. Ali Zainelabden, A., Ibrahim, A., Kliazovich, D., & Bouvry, P. (2016). Service level agreement assurance between cloud services providers and cloud customers. In 16th IEEE/ACM International Symposium on Cluster, Cloud, and Grid Computing (pp. 588–591). https://doi.org/10.1109/CCGrid.2016.56

  3. Anithakumari, S., & Chandrasekaran, K. (2015). Monitoring and management of service level agreements in cloud computing. In International Conference on Cloud and Autonomic Computing (pp. 204–207). https://doi.org/10.1109/ICCAC.2015.28

  4. The Guardian. (2012, October). Gary McKinnon timeline: Events leading up to extradition decision. Online. Retrieved January 27, 2021, from https://www.theguardian.com/world/2012/oct/16/gary-mckinnon-timeline-extradition

  5. BBC. (2001, July). Teen hacker escapes jail sentence. Online. Retrieved January 27, 2021, from http://news.bbc.co.uk/1/hi/wales/1424937.stm

  6. Peoples, C., Moore, A., & Zoualfaghari, M. (2020, August). A review of the opportunity to connect elderly citizens to the internet of things (IoT) and gaps in the service level agreement (SLA) provisioning process. EAI Endorsed Transactions on Cloud Systems. https://doi.org/10.4108/eai.22-5-2020.165993

  7. Centre for Public Health. (2015). The mental health needs of gang-affiliated young people. Public Health England. Retrieved January 27, 2021, from https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/771130/The_mental_health_needs_of_gang-affiliated_young_people_v3_23_01_1.pdf

  8. Microsoft. (2010, July). Chapter 3—Threat modelling. Online. Retrieved January 27, 2021, from https://docs.microsoft.com/en-us/previous-versions/msp-n-p/ff648644(v=pandp.10)?redirectedfrom=MSDN#c03618429_011

  9. OWASP. (n.d.). Introduction, the OWASP testing project. Online. Retrieved January 27, 2021, from https://owasp.org/www-project-web-security-testing-guide/stable/2-Introduction/README.html#The-OWASP-Testing-Project

  10. National Cyber Security Centre. Small business guide: Cyber security. Online. Retrieved January 27, 2021, from https://www.ncsc.gov.uk/collection/small-business-guide

  11. Office for National Statistics. (2020, August). Internet access—Households and individuals, Great Britain: 2020. Online. Retrieved January 27, 2021, from https://www.ons.gov.uk/peoplepopulationandcommunity/householdcharacteristics/homeinternetandsocialmediausage/bulletins/internetaccesshouseholdsandindividuals/2020

  12. National Institute of Standards and Technology. (n.d.). Cybersecurity framework. Online. Retrieved January 27, 2021, from nist.gov/cyberframework

  13. Ghosh, I. (2019, November). This is the crippling cost of cybercrime on corporations. World Economic Forum. Retrieved January 27, 2021, from https://www.weforum.org/agenda/2019/11/cost-cybercrime-cybersecurity/

  14. Microsoft. (2018, June). Threat modelling for drivers. Retrieved January 27, 2021, from https://docs.microsoft.com/en-us/windows-hardware/drivers/driversecurity/threat-modeling-for-drivers#:~:text=To%20prioritize%20the%20threats%20to,High%20scores%20indicate %20serious%20threats

    Google Scholar 

  15. Common Weakness Enumeration Homepage. Retrieved January 27, 2021, from https://cwe.mitre.org/

  16. Microsoft. What are the Microsoft SLA practices? Online. Retrieved January 27, 2021, from https://www.microsoft.com/en-us/securityengineering/sdl/practices#practice1

  17. Schneier, B. (2016). The security mindset. IEEE Computer, 49, 7–8. https://doi.org/10.1109/MC.2016.38.

    CrossRef  Google Scholar 

  18. Blankenship, L. (2020, May). The hacker manifesto. Wikisource, edited. Retrieved January 27, 2021, from https://en.wikisource.org/wiki/The_Hacker_Manifesto

  19. Patil, S., Jangra, A., Bhale, M., et al. (2017). Ethical hacking: The need for cyber security. In IEEE International Conference on Power, Control, Signals and Instrumentation Engineering (pp. 1602–1606). https://doi.org/10.1109/ICPCSI.2017.8391982

  20. McAlaney, J., Kimpton, E., & Thackray, H. (2019). Fifty shades of grey hat: A socio-psychological analysis of conversations on hacking forums. In Annual CyberPsychology, CyberTherapy & Social Networking Conference.

    Google Scholar 

  21. Shakarian, J., Gunn, A. T., & Shakarian, P. (2016). Exploring malicious hacker forums. Cyber Deception, 259–282. https://doi.org/10.1007/978-3-319-32699-3_11.

  22. Bratus, S. (2007). Hacker curriculum: How hackers learn networking. IEEE Distributed Systems Online, 8(10). https://doi.org/10.1109/MDSO.2007.58.

  23. Patil, S., Jangra, A., Bhale, M., Raina, A., & Kulkarni, P. (2017). Ethical hacking: The need for cyber security. In IEEE Int. Conf. on Power, Control, Signals and Instrumentation Engineering. https://doi.org/10.1109/ICPCSI.2017.8391982

  24. Himanen, P. (2010). The hacker ethic. Random House. ISBN: 1407064290, 9781407064291.

    Google Scholar 

  25. Hackers, Crackers and Thieves. (n.d.). Jonathan Joseph James. Online. Retrieved January 27, 2021, from https://www.hackerscrackersandthieves.com/jonathan-joseph-james/

  26. Driscoll, K. (2016). Social media’s dial-up ancestor: The bulletin board system. IEEE Spectrum. Retrieved January 22, 2021, from https://spectrum.ieee.org/tech-history/cyberspace/social-medias-dialup-ancestor-the-bulletin-board-system

  27. Sterling, B. (1992). The hacker crackdown, law and disorder on the electronic frontier. Bantam Books.

    Google Scholar 

  28. Phrack, Inc.. (n.d.). The history of the legion of doom (Vol. 18, Iss. 31). Online. Retrieved January 27, 2021, from http://phrack.org/issues/31/5.html

  29. The Federal Bureau of Investigation. (2019). ‘Iceman’ computer hacker receives 13-year prison sentence. Online. Retrieved 27, January 2021, from https://archives.fbi.gov/archives/pittsburgh/press-releases/2010/pt021210b.htm

  30. Suddath, C. (2009). Master Hacker Albert Gonzalez. TIME. Retrieved January 27, 2021, from http://content.time.com/time/business/article/0,8599,1917345,00.html

  31. The United States Department of Justice. (2017). Russian cyber-criminal sentenced to 14 years in prison for role in organized cybercrime ring responsible for $50 million in online identity theft and $9 million Bank fraud conspiracy. Online. Retrieved January 27, 2021, from https://www.justice.gov/opa/pr/russian-cyber-criminal-sentenced-14-years-prison-role-organized-cybercrime-ring-responsible

  32. BBC. (2016). US Bank Hackers get Long Jail Term. Online. Retrieved January 27, 2021, from https://www.bbc.co.uk/news/technology-36101078

  33. Meisner, J. (2018). ‘Lizard squad’ hacker-for-hire cries in court as he’s sentenced to three months in prison. Chicago Tribute. Retrieved January 27, 2021, from https://www.chicagotribune.com/news/breaking/ct-met-hacker-zachary-buchta-sentenced-20180327-story.html.

    Google Scholar 

  34. Hersher, R. (2015). Meet Mafiaboy, The ‘Bratty Kid’ who Took Down the Internet. npr. Retrieved January 27, 2021, from https://www.npr.org/sections/alltechconsidered/2015/02/07/384567322/meet-mafiaboy-the-bratty-kid-who-took-down-the-internet

  35. The Guardian. (2001, July). Welsh teen hacker sentenced. Online. Retrieved January 27, 2021, from https://www.theguardian.com/technology/2001/jul/06/security.internetcrime

  36. Frontline. (n.d.). Interview: anonymous. Online. Retrieved January 27, 2021, from https://www.pbs.org/wgbh/pages/frontline/shows/hackers/interviews/anon.html

  37. IMDb.com (n.d.). Adrian Lamo Biography. Online. Retrieved January 27, 2021, from https://www.imdb.com/name/nm2238804/bio

  38. Doherty, S. (2016). ‘I was lucky’: UK’s ‘youngest hacker’ 10 years on. Metro. Retrieved January 27, 2021, from https://metro.co.uk/2016/11/05/i-was-lucky-uks-youngest-hacker-10-years-on-6216170/

  39. Kushner, D. (2011). The autistic hacker. IEEE Spectrum. Retrieved January 27, 2021, from https://spectrum.ieee.org/telecom/internet/the-autistic-hacker

  40. IMDb.com. (n.d.). Kevin Mitnick biography. Online. Retrieved January 27, 2021, from https://www.imdb.com/name/nm1137342/bio?ref_=nm_ov_bio_sm

  41. MitnickSecurity Homepage. Retrieved January 27, 2021, from https://www.mitnicksecurity.com/about-kevin-mitnick-mitnick-security

  42. Federal Bureau of Investigation. (2018). Morris worm 30 years since the first major attack on the Internet. Online. Retrieved January 27, 2021, from https://www.fbi.gov/news/stories/morris-worm-30-years-since-first-major-attack-on-internet-110218

  43. Jecan, V. (2011). Hacking Hollywood: Discussing Hackers’ reactions to three popular films. Journal of Media Research, 2(10), 95–114.

    Google Scholar 

  44. NNDB. (n.d.). Kevin Poulsen. Online. Retrieved January 27, 2021, from https://www.nndb.com/people/453/000022387/

  45. The United States Attorney’s Office Western District of Washington. (2012). Russian hacker arrested in Cyprus for 2008 cyber attack on Amazon.com . Online. Retrieved January 27, 2021, from https://www.justice.gov/archive/usao/waw/press/2012/July/zubakha.html

  46. European Parliament and Council of the European Union. (2018). General data protection regulation. COM/2012/010 (COD).

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Ulster University, Newtownabbey, UK

    Cathryn Peoples, Joseph Rafferty & Adrian Moore

  2. BT Technology, BT Group, London, UK

    Mohammad Zoualfaghari

Authors
  1. Cathryn Peoples
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Joseph Rafferty
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Adrian Moore
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mohammad Zoualfaghari
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Cathryn Peoples .

Editor information

Editors and Affiliations

  1. University of Detroit Mercy, Detroit, MI, USA

    Kevin Daimi

  2. Ulster University, Newtownabbey, UK

    Dr. Cathryn Peoples

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Peoples, C., Rafferty, J., Moore, A., Zoualfaghari, M. (2021). Managing Cybersecurity Events Using Service-Level Agreements (SLAs) by Profiling the People Who Attack. In: Daimi, K., Peoples, C. (eds) Advances in Cybersecurity Management. Springer, Cham. https://doi.org/10.1007/978-3-030-71381-2_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-71381-2_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-71380-5

  • Online ISBN: 978-3-030-71381-2

  • eBook Packages: Computer ScienceComputer Science (R0)

search

Navigation