01453nas a2200133   4500000000100000008004100001260000900042100002000051700001800071245004400089856007600133520109600209022001401305       2014                            d  c20141 aKelce S. Wilson1 aMuge Ayse Kiy00aSome Fundamental Cybersecurity Concepts  uhttps://ieeexplore.ieee.org/abstract/document/6737236/keywords#keywords3 aThe results of successful hacking attacks against commercially available cybersecurity protection tools that had been touted as secure are distilled into a set of concepts that are applicable to many protection planning scenarios. The concepts, which explain why trust in those systems was misplaced, provides a framework for both analyzing known exploits and also evaluating proposed protection systems for predicting likely potential vulnerabilities. The concepts are: 1) differentiating security threats into distinct classes; 2) a five layer model of computing systems; 3) a payload versus protection paradigm; and 4) the nine Ds of cybersecurity, which present practical defensive tactics in an easily remembered scheme. An eavesdropping risk, inherent in many smartphones and notebook computers, is described to motivate improved practices and demonstrate real-world application of the concepts to predicting new vulnerabilities. Additionally, the use of the nine Ds is demonstrated as analysis tool that permits ranking of the expected effectiveness of some potential countermeasures.  a2169-3536