Dear PenTest Readers,
In the current issue of PenTest Magazine we would like to focus mainly on the topic of Machine Learning and its impact on cybersecurity. As a continuous evolution of technology generates more threats and vulnerabilities, which are becoming more and more sophisticated, Machine Learning offers an efficient defence due to its adaptability to the unknown circumstances. The authors present you how the ML’s subcategories, such as supervised learning, unsupervised learning, classification, regression, and clustering, are used in the context of Big Data. In the time of an enormous and still growing amount of information, Machine Learning is an essential tool to deal with potential IT threats. However, it has to be emphasized that systems which are dependable on machine learning algorithms can also be vulnerable to hacking in very sophisticated techniques (for instance, altering the learning algorithm).
Moreover, we would like to draw your attention to SCADA systems. In the current issue, we have an interesting piece on how it is used in cyber security of a nuclear power plant. You can also find a practical article about pentesting of SCADA networks.
Furthermore, the issue contains pieces on securing the spectrum across various media, as well as some specific cases of CPU vulnerabilities, a global bank’s penetration testing methodology, and common flaws in session management. Last but not least, we would like to introduce you to our new “Q&A Session With Cybersecurity Expert” section - our first guest is Mr Jigar Thakkar.
Enjoy your reading,
PenTest Magazine’s Editorial Team.
Table of Contents
Artificial Intelligence and Cybersecurity
The Crossroads of Artificial Intelligence, Machine Learning, and Deep Learning
by Chrissa Constantine
Two methods are used to train an algorithm, supervised and unsupervised. The data or inputs accepted by supervised and unsupervised learning are differentiators for each technique. From a supervised perspective, the data provided to the algorithm is labelled and structured. Supervised data is historical data, and predictions must be made to create labels on future data.
Machine Learning In Information Security
by Raghunadha Kotha
Machine learning techniques have been applied in many areas due to their scalability, adaptability, and potential to rapidly adjust to new data sets and unknown challenges. Information security is a fast-paced field demanding a great deal of attention because of remarkable progress in social networks, cloud, IOT, web technologies, online banking, mobile environment, etc. Different machine learning methods have been adopted and deployed in such environments to address different security and non-security problems. We should leverage ML to defend against the bad guys.
Radical Solution To Identify Web Spam Using Machine Learning AI
by Ajay Gowtham
Machine Learning (ML) is a subfield within Artificial Intelligence (AI) that builds algorithms that allow computers to learn to perform tasks from data instead of being explicitly programmed. ML allows computers to learn and progressively perform computer tasks in an efficient manner with the help of data. Data is feed into the computer that allows the machine learning to construct a pattern using an algorithm and predict the future state output accurately, with less programming. This enhances the computer to perform automated tasks and cognitive thinking ability to solve complex problems with ease. The below split makes it easier to understand the sequential process.
Introduction to Cyber Security for Nuclear Power Plant
by Md.Tawhidur Rahman Pial
One way to protect power plants from intruders is to harden the system. Here I don’t just talk about hardening the operating system, but the system as a whole. Writing and applying security policies is one of the major steps of IT-security. The second and perhaps even more important step is to implement these policies. Employee training is crucial since the human element will always be the weakest element. It is much easier to obtain information from a friendly employee that had no conscious understanding of IT-security than trying to find a weak point in a computer system and penetrating it for the wanted information.
Pentesting SCADA Networks
by Anandharaj Velu
The SCADA system makes prompt notifications to an operator that a batch of product is showing a high incidence of errors. This helps the operator to pause the operation and view the SCADA system data through an HMI to determine the cause of the issue. The operator reviews the data and discovers that a particular machine was malfunctioning. With the SCADA system’s ability to notify the operator of an issue, he/she can resolve the problem and prevent further loss of product.
Meltdown and Spectre - Feature Exploits As CPU Vulnerabilities
by Jeremy Walker and Chris Berberich
Spectre (CVE-2017-5753 & CVE-2017-5715), which is a close relative to Meltdown, impacts Intel, AMD, and ARM CPUs by calculating branch prediction and speculative execution, resulting in a data leak from compromised processes. Spectre is perpendicular to Meltdown, which exploits CPUs to allow out-of-order execution of user instructions to read kernel memory. Spectre permits an attacker to bypass additional application(s) to access random portions of its memory, and the exploit occurs with a read through on those applications.
A Tale of Two Worlds: Integrating Automated Mainframe Vulnerability Scanning into a Global Bank’s Penetration Testing Methodology [Case Study]
by Ray Overby
This Case Study focuses on the integration of mainframe vulnerability data into the overall risk assessment reports managed by a bank’s Penetration Testing team. Increasingly, mainframe operations teams at large institutions are looking to shift the responsibility for overseeing mainframe vulnerability management to the penetration testing and risk management teams.
ON THE WIRE:
Securing The Spectrum Across Various Media
by Robert Brooks Authement
A quick Google search will yield incredible amounts of comparative information between wired and wireless technologies, so much so that the waters are immediately muddied by the countless applications to consider when devising a security strategy. There must a way to reduce the signal to noise ratio in discerning the best plan for securing your communications and operations. That is what we aim to do here today, by reducing the noise and focusing on the solid signals emitted by some of the higher likelihood probable technologies you may use specifically in modern deployment for your computer network, communications framework, or broadcast platform.
Common flaws within session management
by Alex Archondakis
Idle timeout is often not set on an application which increases the chance of both a skilled hacker and an opportunist hacker gaining access to a user’s account; this could be through a user leaving their account logged in on a public computing environment, like a library. Session management vulnerabilities mixed together can lead to critical flaws within an application.
Q&A Session With Cybersecurity Expert
with Jigar Thakkar