Search results for: high security
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 21707

Search results for: high security

21347 VCloud: A Security Framework for VANET

Authors: Wiseborn Manfe Danquah, D. Turgay Altilar

Abstract:

Vehicular Ad-hoc Network (VANET) is an integral component of Intelligent Transport Systems (ITS) that has enjoyed a lot of attention from the research community and the automotive industry. This is mainly due to the opportunities and challenges it presents. Vehicular Ad-hoc Network being a class of Mobile Ad-hoc Networks (MANET) has all the security concerns existing in traditional MANET as well as new security and privacy concerns introduced by the unique vehicular communication environment. This paper provides a survey of the possible attacks in vehicular environment, as well as security and privacy concerns in VANET. It also provides an insight into the development of a comprehensive cloud framework to provide a more robust and secured communication among vehicular nodes and road side units. Our proposal, a Metropolitan Based Public Interconnected Vehicular Cloud (MIVC) infrastructure seeks to provide a more reliable and secured vehicular communication network.

Keywords: mobile Ad-hoc networks, vehicular ad hoc network, cloud, ITS, road side units (RSU), metropolitan interconnected vehicular cloud (MIVC)

Procedia PDF Downloads 331
21346 Understanding the Basics of Information Security: An Act of Defense

Authors: Sharon Q. Yang, Robert J. Congleton

Abstract:

Information security is a broad concept that covers any issues and concerns about the proper access and use of information on the Internet, including measures and procedures to protect intellectual property and private data from illegal access and online theft; the act of hacking; and any defensive technologies that contest such cybercrimes. As more research and commercial activities are conducted online, cybercrimes have increased significantly, putting sensitive information at risk. Information security has become critically important for organizations and private citizens alike. Hackers scan for network vulnerabilities on the Internet and steal data whenever they can. Cybercrimes disrupt our daily life, cause financial losses, and instigate fear in the public. Since the start of the pandemic, most data related cybercrimes targets have been either financial or health information from companies and organizations. Libraries also should have a high interest in understanding and adopting information security methods to protect their patron data and copyrighted materials. But according to information security professionals, higher education and cultural organizations, including their libraries, are the least prepared entities for cyberattacks. One recent example is that of Steven’s Institute of Technology in New Jersey in the US, which had its network hacked in 2020, with the hackers demanding a ransom. As a result, the network of the college was down for two months, causing serious financial loss. There are other cases where libraries, colleges, and universities have been targeted for data breaches. In order to build an effective defense, we need to understand the most common types of cybercrimes, including phishing, whaling, social engineering, distributed denial of service (DDoS) attacks, malware and ransomware, and hacker profiles. Our research will focus on each hacking technique and related defense measures; and the social background and reasons/purpose of hacker and hacking. Our research shows that hacking techniques will continue to evolve as new applications, housing information, and data on the Internet continue to be developed. Some cybercrimes can be stopped with effective measures, while others present challenges. It is vital that people understand what they face and the consequences when not prepared.

Keywords: cybercrimes, hacking technologies, higher education, information security, libraries

Procedia PDF Downloads 106
21345 Enhancing Healthcare Data Protection and Security

Authors: Joseph Udofia, Isaac Olufadewa

Abstract:

Everyday, the size of Electronic Health Records data keeps increasing as new patients visit health practitioner and returning patients fulfil their appointments. As these data grow, so is their susceptibility to cyber-attacks from criminals waiting to exploit this data. In the US, the damages for cyberattacks were estimated at $8 billion (2018), $11.5 billion (2019) and $20 billion (2021). These attacks usually involve the exposure of PII. Health data is considered PII, and its exposure carry significant impact. To this end, an enhancement of Health Policy and Standards in relation to data security, especially among patients and their clinical providers, is critical to ensure ethical practices, confidentiality, and trust in the healthcare system. As Clinical accelerators and applications that contain user data are used, it is expedient to have a review and revamp of policies like the Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act (HIPAA), the Fast Healthcare Interoperability Resources (FHIR), all aimed to ensure data protection and security in healthcare. FHIR caters for healthcare data interoperability, FHIR caters to healthcare data interoperability, as data is being shared across different systems from customers to health insurance and care providers. The astronomical cost of implementation has deterred players in the space from ensuring compliance, leading to susceptibility to data exfiltration and data loss on the security accuracy of protected health information (PHI). Though HIPAA hones in on the security accuracy of protected health information (PHI) and PCI DSS on the security of payment card data, they intersect with the shared goal of protecting sensitive information in line with industry standards. With advancements in tech and the emergence of new technology, it is necessary to revamp these policies to address the complexity and ambiguity, cost barrier, and ever-increasing threats in cyberspace. Healthcare data in the wrong hands is a recipe for disaster, and we must enhance its protection and security to protect the mental health of the current and future generations.

Keywords: cloud security, healthcare, cybersecurity, policy and standard

Procedia PDF Downloads 60
21344 Synthesis of CeF3:Sm3+ Nanophosphor for Biological Applications

Authors: Mayuri Gandhi, Nayan Agrawal, Harshita Bhatia

Abstract:

In the present work, cerium fluoride (CeF3) was selected as the host material because of its high density, fast response and high radiation resistance, efficient absorption and energy transfer by host (to activator). For the synthesis of CeF3 nanoparticles doped with Sm3+ ion, co-precipitation route was employed. Thus for optimum results, concentration dependent studies of the fluorescence of Sm3+ was carried out. The photoluminescence gave emissions in both visible as well as the NIR region and therefore it can have its application in solar cells, where it can absorb a large spectrum of energy. CeF3:Sm3+ nanoparticles were carefully incorporated in a suitable polymer matrix in order to demonstrate a variety of applications to improve the performance of the polymer materials and use it to develop high grade optoelectronic devices such as LEDs, security labelling, lasers, displays, biological imaging, etc.

Keywords: bioimaging, cerium fluoride, NIR emission, samarium

Procedia PDF Downloads 387
21343 An Extended Model for Sustainable Food and Nutrition Security in the Agrifood Sector

Authors: Ioannis Manikas

Abstract:

The increased consumer demand for environmentally friendly production and distribution practices and the stricter environmental regulations turned environmental aspects into important criteria in business decision-making. On the other hand, Food and Nutrition Security (FNS) has evolved dramatically during the last decades in theory and practice serving as a reference point for exchanging experiences among all agents involved in programs and projects to fostering policy and strategy development. Global pressures make it more important than ever to gain a better understanding of the contribution that agrifood businesses make to FNS and to examine ways to make them more resilient in an increasingly globalized and uncertain world. This study extends the standard three-dimensional model of sustainability to include two more dimensions: A technological dimension and a policy/political dimension. Apart from the economic, environmental and social dimensions regularly used in sustainability literature, the extended model will accurately represent the measures and policies addressing food and nutrition security.

Keywords: food and nutrition security, sustainability, food safety, resilience

Procedia PDF Downloads 311
21342 Cyber Security and Risk Assessment of the e-Banking Services

Authors: Aisha F. Bushager

Abstract:

Today we are more exposed than ever to cyber threats and attacks at personal, community, organizational, national, and international levels. More aspects of our lives are operating on computer networks simply because we are living in the fifth domain, which is called the Cyberspace. One of the most sensitive areas that are vulnerable to cyber threats and attacks is the Electronic Banking (e-Banking) area, where the banking sector is providing online banking services to its clients. To be able to obtain the clients trust and encourage them to practice e-Banking, also, to maintain the services provided by the banks and ensure safety, cyber security and risks control should be given a high priority in the e-banking area. The aim of the study is to carry out risk assessment on the e-banking services and determine the cyber threats, cyber attacks, and vulnerabilities that are facing the e-banking area specifically in the Kingdom of Bahrain. To collect relevant data, structured interviews were taken place with e-banking experts in different banks. Then, collected data where used as in input to the risk management framework provided by the National Institute of Standards and Technology (NIST), which was the model used in the study to assess the risks associated with e-banking services. The findings of the study showed that the cyber threats are commonly human errors, technical software or hardware failure, and hackers, on the other hand, the most common attacks facing the e-banking sector were phishing, malware attacks, and denial-of-service. The risks associated with the e-banking services were around the moderate level, however, more controls and countermeasures must be applied to maintain the moderate level of risks. The results of the study will help banks discover their vulnerabilities and maintain their online services, in addition, it will enhance the cyber security and contribute to the management and control of risks that are facing the e-banking sector.

Keywords: cyber security, e-banking, risk assessment, threats identification

Procedia PDF Downloads 327
21341 A Scheme Cooperating with Cryptography to Enhance Security in Satellite Communications

Authors: Chieh-Fu Chang, Wan-Hsin Hsieh

Abstract:

We have proposed a novel scheme— iterative word-extension (IWE) to enhance the cliff effect of Reed-Solomon codes regarding the error performance at a specific Eb/N0. The scheme can be readily extended to block codes and the important properties of IWE are further investigated here. In order to select proper block codes specifying the desired cliff Eb/N0, the associated features of IWE are explored. These properties and features grant IWE ability to enhance security regarding the received Eb/N0 in physical layer so that IWE scheme can cooperate with the traditional presentation layer approach — cryptography, to meet the secure requirements in diverse applications. The features and feasibility of IWE scheme in satellite communication are finally discussed.

Keywords: security, IWE, cliff effect, space communications

Procedia PDF Downloads 400
21340 Ensuring Cyber Security Using Kippo Honeypots

Authors: S. Vivekananda Pandian

Abstract:

A major challenging task in this current scenario is protecting your computer and other electronic gadgets against Cyber-attacks. In this current era Cyber warfare becomes a major threat to the entire world which targets a particular organization or a country spreading the Malwares, Breaching the securities, causing major loss to the organization. Several sectors both public and private are computerized such as Energy sectors, Oil refinery sectors, Defense sectors and Aviation sectors are prone to attacks. Several attacks are unknown while accessing the internet. To study the characteristics and Intention of the Attacker Kippo Honeypots are used. Honeypots are the trap set by us which enables them to monitor the malicious activities and detailed study about attackers which leads to strengthening of the security.

Keywords: attackers, security, Kippo Honeypots, virtual machine

Procedia PDF Downloads 404
21339 Power System Cyber Security Risk in the Era of Digital Transformation

Authors: Rafat Rob, Khaled Alotaibi, Dana Nour, Abdullah Albadrani, Abdulmohsen Mulhim

Abstract:

Power systems digitization solutions provides a comprehensive smart, cohesive, interconnected network, extensive connectivity between digital assets, physical power plants, and resources to form digital economies. However, digitization has exposed the classical air gapped power plants to the rapid spread of cyber threats and attacks in the process delaying and forcing many organizations to rethink their cyber security policies and standards before they can augment their operation the new advanced digital devices. Cyber Security requirements for power systems (and industry control systems therein) demand a new approach, unique methodology, and design process that is completely different to Cyber Security measures designed for the IT systems. In practice, Cyber Security strategy, as applied to power systems, tends to be closely aligned to those measures applied for IT system purposes. The differentiator for Cyber Security in terms of power systems are the physical assets and applications used, alongside the ever-growing rate of expansion within the industry controls sector (in comparison to the relatively saturated growth observed for corporate IT systems). These factors increase the magnitude of the cyber security risk within such systems. The introduction of smart devices and sensors along the grid initiate vulnerable entry points to the systems. Every installed Smart Meter is a target; the way these devices communicate with each other may instigate a Denial of Service (DoS) and Distributed Denial of Service (DDoS) attack. Attacking one sensor or meter has the potential to propagate itself throughout the power grid reaching the IT network, where it may manifest itself as a malware infiltration.

Keywords: supply chain, cybersecurity, maturity model, risk, smart grid

Procedia PDF Downloads 89
21338 Dietary Diversification and Nutritional Education: A Strategy to Improve Child Food Security Status in the Rural Mozambique

Authors: Rodriguez Diego, Del Valle Martin, Hargreaves Matias, Riveros Jose Luis

Abstract:

Nutrient deficiencies due to a diet low in quantitative and qualitative terms, are prevalent throughout the developing world, especially in sub-Saharan Africa. Children and women of childbearing age are especially vulnerable. Limited availability, access and intake of animal foods at home and lack of knowledge about their value in the diet and the role they play in health, contribute to poor diet quality. Poor bioavailability of micronutrients in diets based on foods high in fiber and phytates, the low content of some micronutrients in these foods are further factors to consider. Goats are deeply embedded in almost every Sub-Saharan African rural culture, generally kept for their milk, meat, hair or leather. Goats have played an important role in African social life, especially in food security. Goat meat has good properties for human wellbeing, with a special role in lower income households. It has a high-quality protein (20 protein g/100 meat g) including all essential amino acids, good unsaturated/satured fatty acids relationship, and it is an important B-vitamin source with high micronutrients bioavailability. Mozambique has major food security problems, with poor food access and utilization, undiversified diets, chronic poverty and child malnutrition. Our objective was to design a nutritional intervention based on a dietary diversification, nutritional education, cultural beliefs and local resources, aimed to strengthen food security of children at Barrio Broma village (15°43'58.78"S; 32°46'7.27"E) in Chitima, Mozambique. Two surveys were conducted first of socio-productive local databases and then to 100 rural households about livelihoods, food diversity and anthropometric measurements in children under 5 years. Our results indicate that the main economic activity is goat production, based on a native breed with two deliveries per year in the absence of any management. Adult goats weighted 27.2±10.5 kg and raised a height of 63.5±3.8 cm. Data showed high levels of poverty, with a food diversity score of 2.3 (0-12 points), where only 30% of households consume protein and 13% iron, zinc, and B12 vitamin. The main constraints to food security were poor access to water and low income to buy food. Our dietary intervention was based on improving diet quality by increasing the access to dried goat meat, fresh vegetables, and legumes, and its utilization by a nutritional education program. This proposal was based on local culture and living conditions characterized by the absence of electricity power and drinkable water. The drying process proposed would secure the food maintenance under local conditions guaranteeing food safety for a longer period. Additionally, an ancient local drying technique was rescued and used. Moreover, this kind of dietary intervention would be the most efficient way to improve the infant nutrition by delivering macro and micronutrients on time to these vulnerable populations.

Keywords: child malnutrition, dietary diversification, food security, goat meat

Procedia PDF Downloads 282
21337 Countering Terrorism and Defending Human Right after 9/11: The European Perspective

Authors: Anita Blagojević

Abstract:

It is well known that the terrorist attacks on the New York City and Washington, D.C. prompted unprecedented international action to enhance international cooperation in the prevention and suppression of terrorism. In the months (and years) after September 11, the world community focused on two main efforts: first, on efforts to bring those responsible for terrorist attacks to justice, and second, on efforts to prevent future terrorist attacks. In that sense, many governments took advantage of these efforts to strengthen their national security. In that process, however, human rights and civil liberties of certain groups of people were alleged. As a consequence, part of the price paid for protecting national security against terrorist attacks was the threat of infringement on people's fundamental rights and freedoms. The aim of this paper is to analyze the role of the European Union and the Council of Europe in finding the answer to the one of the main security dilemma for the present era: how to find the balance between the protection of national security and guarantee of the people's rights and fundamental freedoms?

Keywords: terrorism, antiterrorism, European Union, Council of Europe, human rights

Procedia PDF Downloads 355
21336 Study on Security and Privacy Issues of Mobile Operating Systems Based on Malware Attacks

Authors: Huang Dennis, Aurelio Aziel, Burra Venkata Durga Kumar

Abstract:

Nowadays, smartphones and mobile operating systems have been popularly widespread in our daily lives. As people use smartphones, they tend to store more private and essential data on their devices, because of this it is very important to develop more secure mobile operating systems and cloud storage to secure the data. However, several factors can cause security risks in mobile operating systems such as malware, malicious app, phishing attacks, ransomware, and more, all of which can cause a big problem for users as they can access the user's private data. Those problems can cause data loss, financial loss, identity theft, and other serious consequences. Other than that, during the pandemic, people will use their mobile devices more and do all sorts of transactions online, which may lead to more victims of online scams and inexperienced users being the target. With the increase in attacks, researchers have been actively working to develop several countermeasures to enhance the security of operating systems. This study aims to provide an overview of the security and privacy issues in mobile operating systems, identifying the potential risk of operating systems, and the possible solutions. By examining these issues, we want to provide an easy understanding to users and researchers to improve knowledge and develop more secure mobile operating systems.

Keywords: mobile operating system, security, privacy, Malware

Procedia PDF Downloads 69
21335 Proposal of a Model Supporting Decision-Making Based on Multi-Objective Optimization Analysis on Information Security Risk Treatment

Authors: Ritsuko Kawasaki (Aiba), Takeshi Hiromatsu

Abstract:

Management is required to understand all information security risks within an organization, and to make decisions on which information security risks should be treated in what level by allocating how much amount of cost. However, such decision-making is not usually easy, because various measures for risk treatment must be selected with the suitable application levels. In addition, some measures may have objectives conflicting with each other. It also makes the selection difficult. Moreover, risks generally have trends and it also should be considered in risk treatment. Therefore, this paper provides the extension of the model proposed in the previous study. The original model supports the selection of measures by applying a combination of weighted average method and goal programming method for multi-objective analysis to find an optimal solution. The extended model includes the notion of weights to the risks, and the larger weight means the priority of the risk.

Keywords: information security risk treatment, selection of risk measures, risk acceptance, multi-objective optimization

Procedia PDF Downloads 436
21334 Labor Welfare and Social Security

Authors: Shoaib Alvi

Abstract:

Mahatma Gandhi was said “Man becomes great exactly in the degree in which he works for the welfare of his fellow-men”. Labor welfare is an important fact of Industrial relations. With the growth of industrialization, mechanization and computerization, labor welfare measures have got the fillip. The author believes that Labor welfare includes provisions of various facilities and amenities in and around the work place for the better life of the workers. Labor welfare is, thus, one of the major determinants of industrial relations. It comprises all human efforts the work place for the better life of the worker. The social and economic aspects of the life of the workers have the direct influence on the social and economic development of the nation. Author thinks that there could be multiple objectives in having, labor welfare programme the concern for improving the lot of the workers, a philosophy of humanitarianism or internal social responsibility, a feeling of concern, and caring by providing some of life's basic amenities, besides the basic pay packet. Such caring is supposed to build a sense of loyalty on the part of the employee towards the organization. The author thinks that Social security is the security that the State furnishes against the risks which an individual of small means cannot today, stand up to by himself even in private combination with his fellows. Social security is one of the pillars on which the structure of a welfare state rests, and it constitutes the hardcore of social policy in most countries. It is through social security measures that the state attempts to maintain every citizen at a certain prescribed level below which no one is allowed to fall. According to author, social assistance is a method according to which benefits are given to the needy persons, fulfilling the prescribed conditions, by the government out of its own resources. Author has analyzed and studied the relationship between the labor welfare social security and also studied various international conventions on provisions of social security by International Authorities like United Nations, International Labor Organization, and European Union etc. Author has also studied and analyzed concept of labor welfare and social security schemes of many countries around the globe ex:- Social security in Australia, Social security in Switzerland, Social Security (United States), Mexican Social Security Institute, Welfare in Germany, Social security schemes of India for labor welfare in both organized sector and unorganized sector. In this Research paper, Author has done the study on the Conceptual framework of the Labour Welfare. According to author, labors are highly perishable, which need constant welfare measures for their upgradation and performance in this field. At last author has studied role of trade unions and labor welfare unions and other institutions working for labor welfare, in this research paper author has also identified problems these Unions and labor welfare bodies’ face and tried to find out solutions for the problems and also analyzed various steps taken by the government of various countries around the globe.

Keywords: labor welfare, internal social responsibility, social security, international conventions

Procedia PDF Downloads 545
21333 Adaptive Auth - Adaptive Authentication Based on User Attributes for Web Application

Authors: Senthuran Manoharan, Rathesan Sivagananalingam

Abstract:

One of the main issues in system security is Authentication. Authentication can be defined as the process of recognizing the user's identity and it is the most important step in the access control process to safeguard data/resources from being accessed by unauthorized users. The static method of authentication cannot ensure the genuineness of the user. Due to this reason, more innovative authentication mechanisms came into play. At first two factor authentication was introduced and later, multi-factor authentication was introduced to enhance the security of the system. It also had some issues and later, adaptive authentication was introduced. In this research paper, the design of an adaptive authentication engine was put forward. The user risk profile was calculated based on the user parameters and then the user was challenged with a suitable authentication method.

Keywords: authentication, adaptive authentication, machine learning, security

Procedia PDF Downloads 214
21332 Integration Multi-Layer Security Modeling with Fuzzy Logic in Service-Oriented Architectures

Authors: Zeinab Ranjbar

Abstract:

Service-oriented architecture in the world today, it is proposed to exchange information and services of interest to those such as IT managers, business managers, designers and system builders scene. The basic architecture of the software used to provide service to all users.the worries of all people (managers, business managers, designers, and system builders scene) effectiveness of this model, how reliable it is in security transactions.To increase the reliability of multi-layer fuzzy logic Architectures used.

Keywords: SOA, service oriented architecture, fuzzy logic, multi layer, SOA security

Procedia PDF Downloads 351
21331 Cooperative Jamming for Implantable Medical Device Security

Authors: Kim Lytle, Tim Talty, Alan Michaels, Jeff Reed

Abstract:

Implantable medical devices (IMDs) are medically necessary devices embedded in the human body that monitor chronic disorders or automatically deliver therapies. Most IMDs have wireless capabilities that allow them to share data with an offboard programming device to help medical providers monitor the patient’s health while giving the patient more insight into their condition. However, serious security concerns have arisen as researchers demonstrated these devices could be hacked to obtain sensitive information or harm the patient. Cooperative jamming can be used to prevent privileged information leaks by maintaining an adequate signal-to-noise ratio at the intended receiver while minimizing signal power elsewhere. This paper uses ray tracing to demonstrate how a low number of friendly nodes abiding by Bluetooth Low Energy (BLE) transmission regulations can enhance IMD communication security in an office environment, which in turn may inform how companies and individuals can protect their proprietary and personal information.

Keywords: implantable biomedical devices, communication system security, array signal processing, ray tracing

Procedia PDF Downloads 80
21330 US-ASEAN Counter Terrorism Cooperation: Maintaining International Security and Avoiding Muslim Stereotypes

Authors: Jordan Daud, Satriya Wibawa, Wahyu Wardhana

Abstract:

The US Global War on Terror has had effect on Southeast Asia as Second Front of Global War on Terror. Since 2001, ASEAN had adopted legal framework to counter the terrorist threat through numerous approach which accommodate various counterterrorism policy of the ten member states. ASEAN have also enhanced multilateral cooperation with US and its allies in Asia Pacific region in addressing terrorist threat, terrorist funding, cyber terrorism and other forms of terrorism. This cooperation is essential to maintain international security and stability and also assure economic development. This work focuses on the US-ASEAN counterterrorism cooperation due to they identified terrorism as a mutual enemy that posed to human security, infrastructure security, and national security. Having in mind that international terrorism usually connected with Muslim community, this paper will also elaborate the concept of Jihad and Islam revivalism in politics to avoid negative image of Islam and Muslim. This paper argues that as region with large Muslim community, Southeast Asia still need to tighten counter terrorism cooperation and also lessening Muslim stereotypes with terrorism through educating public understanding and inter-faith and intra-faith dialogue to create a better world.

Keywords: ASEAN, U.S., counter terrorism, Muslim stereotypes

Procedia PDF Downloads 225
21329 Food Security in Nigeria: An Examination of Food Availability and Accessibility in Nigeria

Authors: Okolo Chimaobi Valentine, Obidigbo Chizoba

Abstract:

As a basic physiology need, the threat to sufficient food production is the threat to human survival. Food security has been an issue that has gained global concern. This paper looks at the food security in Nigeria by assessing the availability of food and accessibility of the available food. The paper employed multiple linear regression technique and graphic trends of growth rates of relevant variables to show the situation of food security in Nigeria. Results of the tests revealed that population growth rate was higher than the growth rate of food availability in Nigeria for the earlier period of the study. Commercial bank credit to the agricultural sector, foreign exchange utilization for food and the Agricultural Credit Guarantee Scheme Fund (ACGSF) contributed significantly to food availability in Nigeria. Food prices grew at a faster rate than the average income level, making it difficult to access sufficient food. It implies that prior to the year 2012; there was insufficient food to feed the Nigerian populace. However, continued credit to the food and agricultural sector will ensure sustained and sufficient production of food in Nigeria. Microfinance banks should make sufficient credit available to the smallholder farmer. The government should further control and subsidize the rising price of food to make it more accessible by the people.

Keywords: food, accessibility, availability, security

Procedia PDF Downloads 344
21328 Filtering Intrusion Detection Alarms Using Ant Clustering Approach

Authors: Ghodhbani Salah, Jemili Farah

Abstract:

With the growth of cyber attacks, information safety has become an important issue all over the world. Many firms rely on security technologies such as intrusion detection systems (IDSs) to manage information technology security risks. IDSs are considered to be the last line of defense to secure a network and play a very important role in detecting large number of attacks. However the main problem with today’s most popular commercial IDSs is generating high volume of alerts and huge number of false positives. This drawback has become the main motivation for many research papers in IDS area. Hence, in this paper we present a data mining technique to assist network administrators to analyze and reduce false positive alarms that are produced by an IDS and increase detection accuracy. Our data mining technique is unsupervised clustering method based on hybrid ANT algorithm. This algorithm discovers clusters of intruders’ behavior without prior knowledge of a possible number of classes, then we apply K-means algorithm to improve the convergence of the ANT clustering. Experimental results on real dataset show that our proposed approach is efficient with high detection rate and low false alarm rate.

Keywords: intrusion detection system, alarm filtering, ANT class, ant clustering, intruders’ behaviors, false alarms

Procedia PDF Downloads 387
21327 Stack Overflow Detection and Prevention on Operating Systems Using Machine Learning and Control-Flow Enforcement Technology

Authors: Cao Jiayu, Lan Ximing, Huang Jingjia, Burra Venkata Durga Kumar

Abstract:

The first virus to attack personal computers was born in early 1986, called C-Brain, written by a pair of Pakistani brothers. In those days, people still used dos systems, manipulating computers with the most basic command lines. In the 21st century today, computer performance has grown geometrically. But computer viruses are also evolving and escalating. We never stop fighting against security problems. Stack overflow is one of the most common security vulnerabilities in operating systems. It may result in serious security issues for an operating system if a program in it has a vulnerability with administrator privileges. Certain viruses change the value of specific memory through a stack overflow, allowing computers to run harmful programs. This study developed a mechanism to detect and respond to time whenever a stack overflow occurs. We demonstrate the effectiveness of standard machine learning algorithms and control flow enforcement techniques in predicting computer OS security using generating suspicious vulnerability functions (SVFS) and associated suspect areas (SAS). The method can minimize the possibility of stack overflow attacks occurring.

Keywords: operating system, security, stack overflow, buffer overflow, machine learning, control-flow enforcement technology

Procedia PDF Downloads 97
21326 Insecurity and Insurgency on Economic Development of Nigeria

Authors: Uche Lucy Onyekwelu, Uche B. Ugwuanyi

Abstract:

Suffice to say that socio-economic disruptions of any form is likely to affect the wellbeing of the citizenry. The upsurge of social disequilibrium caused by the incessant disruptive tendencies exhibited by youths and some others in Nigeria are not helping matters. In Nigeria the social unrest has caused different forms of draw backs in Socio Economic Development. This study has empirically evaluated the impact of insecurity and insurgency on the Economic Development of Nigeria. The paper noted that the different forms of insecurity in Nigeria are namely: Insurgency and Banditry as witnessed in Northern Nigeria; Militancy: Niger Delta area and self-determination groups pursuing various forms of agenda such as Sit –at- Home Syndrome in the South Eastern Nigeria and other secessionist movements. All these have in one way or the other hampered Economic development in Nigeria. Data for this study were collected through primary and secondary sources using questionnaire and some existing documentations. Cost of investment in different aspects of security outfits in Nigeria represents the independent variable while the differentials in the Gross Domestic Product(GDP) and Human Development Index(HDI) are the measures of the dependent variable. Descriptive statistics and Simple Linear Regression analytical tool were employed in the data analysis. The result revealed that Insurgency/Insecurity negatively affect the economic development of the different parts of Nigeria. Following the findings, a model to analyse the effect of insecurity and insurgency was developed, named INSECUREDEVNIG. It implies that the economic development of Nigeria will continue to deteriorate if insurgency and insecurity continue. The study therefore recommends that the government should do all it could to nurture its human capital, adequately fund the state security apparatus and employ individuals of high integrity to manage the various security outfits in Nigeria. The government should also as a matter of urgency train the security personnel in intelligence cum Information and Communications Technology to enable them ensure the effectiveness of implementation of security policies needed to sustain Gross Domestic Product and Human Capital Index of Nigeria.

Keywords: insecurity, insurgency, gross domestic product, human development index, Nigeria

Procedia PDF Downloads 74
21325 Biometric Identification with Latitude and Longitude Fingerprint Verification for Attendance

Authors: Muhammad Fezan Afzal, Imran Khan, Salma Imtiaz

Abstract:

The need for human verification and identification requires from centuries for authentication. Since it is being used in big institutes like financial, government and crime departments, a continued struggle is important to make this system more efficient to prevent security breaches. Therefore, multiple devices are used to authenticate the biometric for each individual. A large number of devices are required to cover a large number of users. As the number of devices increases, cost will automatically increase. Furthermore, it is time-consuming for biometrics due to the devices being insufficient and are not available at every door. In this paper, we propose the framework and algorithm where the mobile of each individual can also perform the biometric authentication of attendance and security. Every mobile has a biometric authentication system that is used in different mobile applications for security purposes. Therefore, each individual can use the biometric system mobile without moving from one place to another. Moreover, by using the biometrics mobile, the cost of biometric systems can be removed that are mostly deployed in different organizations for the attendance of students, employees and for other security purposes.

Keywords: fingerprint, fingerprint authentication, mobile verification, mobile biometric verification, mobile fingerprint sensor

Procedia PDF Downloads 48
21324 Evaluation and Analysis of the Secure E-Voting Authentication Preparation Scheme

Authors: Nidal F. Shilbayeh, Reem A. Al-Saidi, Ahmed H. Alsswey

Abstract:

In this paper, we presented an evaluation and analysis of E-Voting Authentication Preparation Scheme (EV-APS). EV-APS applies some modified security aspects that enhance the security measures and adds a strong wall of protection, confidentiality, non-repudiation and authentication requirements. Some of these modified security aspects are Kerberos authentication protocol, PVID scheme, responder certificate validation, and the converted Ferguson e-cash protocol. Authentication and privacy requirements have been evaluated and proved. Authentication guaranteed only eligible and authorized voters were permitted to vote. Also, the privacy guaranteed that all votes will be kept secret. Evaluation and analysis of some of these security requirements have been given. These modified aspects will help in filtering the counter buffer from unauthorized votes by ensuring that only authorized voters are permitted to vote.

Keywords: e-voting preparation stage, blind signature protocol, Nonce based authentication scheme, Kerberos Authentication Protocol, pseudo voter identity scheme PVID

Procedia PDF Downloads 275
21323 In a Situation of Great Distress: Cross Border Migration and the Quest for Enduring Security in North-East Nigeria

Authors: Nuhu Bitrus Mailabari

Abstract:

Nigeria is a highly multifarious nation trapped between affluence and affliction. On one hand, the state has vast territorial size, economic strength, relative internal cohesion, and good external linkages. On the other, it is bedeviled with enormous challenges. It is common knowledge that the North-East geo-political zone has suffered colossal destruction for the most part of the last ten years due to the activities of the insurgent group Boko Haram. Several factors (political, economic, religious, socio-cultural) have been credited with the heightened insecurity in the region. Without a doubt, the security crisis in the region has rekindled several discussions critical to Nigeria’s security architecture. However, the debate on finding an enduring solution to the devastation in the North East continually neglects the nexus between cross border migration and national security. Using content analysis, this paper debates two main issues that continue to affect security in the North East. One, the cumulative impact of the Economic Community of West African States (ECOWAS) protocol on the free movement of people and goods. Two, the porous nature of Nigeria’s borders. Theoretically, the paper will rely on the systems theory because of its broad focus on structure, linkage, and process. The work concludes in twofold. First, that cross border migration and poor border management processes further worsened the political and socio-economic conditions of a region that is already in a bad state. Secondly, in addition to the existing strategies, Nigeria must develop a holistic approach including new methods of handling cross border movements in solving the security issues.

Keywords: border, cross border, migration, Nigeria, northeast region, security

Procedia PDF Downloads 142
21322 Balancing Act: Political Dynamics of Economic and Climatological Security in the Politics of the Middle East

Authors: Zahra Bakhtiari

Abstract:

Middle East countries confront a multitude of main environmental challenges which are inevitable. The unstable economic and political structure which dominates numerous middle East countries makes it difficult to react effectively to unfavorable climate change impacts. This study applies a qualitative methodology and relies on secondary literature aimed to investigate how countries in the Middle East are balancing economic security and climatic security in terms of budgeting, infrastructure investment, political engagement (domestically through discourses or internationally in terms of participation in international organizations or bargaining, etc.) There has been provided an outline of innovative measures in both economic and environmental fields that are in progress in the Middle East countries and what capacity they have for economic development and environmental adaptation, as well as what has already been performed. The primary outcome is that countries that rely more on infrastructure investment such as negative emissions technologies (NET) through green social capital enterprises and political engagement, especially nationally determined contributions (NDCs) commitments and United Nations Framework Convention on Climate Change (UNFCCC), experience more economic and climatological security balance in the Middle East. Since implementing these measures is not the same in all countries in the region, we see different levels of balance between climate security and economic security. The overall suggestion is that the collaboration of both the bottom-up and top-down approaches helps create strategic environmental strategies which are in line with the economic circumstances of each country and creates the desired balance.

Keywords: climate change, economic growth, sustainability, the Middle East, green economy, renewable energy

Procedia PDF Downloads 61
21321 Implementation of a Virtual Testbed for Secure IoT Firmware Update Using Blockchain

Authors: Tarun Chand, Michael Jurczyk

Abstract:

With the increasing need and popularity of IoT devices and how integrated they are becoming in our daily lives and industries, these devices make for a very lucrative target for malicious actors. And since these devices have such limited resources, the implementation of robust security features is a tradeoff to be made for the actual functionality the device was intended for. This makes them an easy target with high returns. Several frameworks for the secure firmware update of these devices have been recently proposed in the literature. They focus on methods such as blockchains and distributed file systems to secure firmware updates, but do not go into the details of the actual implementation of these frameworks and the lower-level interactions among these methods used. This work integrates some of these security measures into one overall framework and details the actual lower-level implementation of this framework in a virtual dockerized testbed running on AWS.

Keywords: blockchain, Ethereum, Geth, IPFS, secure IoT-firmware update, virtual testbed development

Procedia PDF Downloads 40
21320 Security Analysis of SIMSec Protocol

Authors: Kerem Ok, Cem Cevikbas, Vedat Coskun, Mohammed Alsadi, Busra Ozdenizci

Abstract:

Un-keyed SIM cards do not contain the required security infrastructure to provide end-to-end encryption with Service Providers. Hence, new, emerging, or smart services those require end-to-end encryption between SIM card and a Service Provider is impossible. SIMSec key exchange protocol creates symmetric keys between SIM card and Service Provider. After a successful protocol execution, SIM card and Service Provider creates the symmetric keys and can perform end-to-end data encryption when required. In this paper, our aim is to analyze the SIMSec protocol’s security. According to the results, SIM card and Service Provider can generate keys securely using SIMSec protocol.

Keywords: End-to-end encryption, key exchange, SIM card, smart card

Procedia PDF Downloads 264
21319 e-Learning Security: A Distributed Incident Response Generator

Authors: Bel G Raggad

Abstract:

An e-Learning setting is a distributed computing environment where information resources can be connected to any public network. Public networks are very unsecure which can compromise the reliability of an e-Learning environment. This study is only concerned with the intrusion detection aspect of e-Learning security and how incident responses are planned. The literature reported great advances in intrusion detection system (ids) but neglected to study an important ids weakness: suspected events are detected but an intrusion is not determined because it is not defined in ids databases. We propose an incident response generator (DIRG) that produces incident responses when the working ids system suspects an event that does not correspond to a known intrusion. Data involved in intrusion detection when ample uncertainty is present is often not suitable to formal statistical models including Bayesian. We instead adopt Dempster and Shafer theory to process intrusion data for the unknown event. The DIRG engine transforms data into a belief structure using incident scenarios deduced by the security administrator. Belief values associated with various incident scenarios are then derived and evaluated to choose the most appropriate scenario for which an automatic incident response is generated. This article provides a numerical example demonstrating the working of the DIRG system.

Keywords: decision support system, distributed computing, e-Learning security, incident response, intrusion detection, security risk, statefull inspection

Procedia PDF Downloads 410
21318 Effect of Cloud Computing on Enterprises

Authors: Amir Rashid

Abstract:

Today is the world of innovations where everyone is looking for a change. Organizations are now looking toward virtualization in order to minimize their computing cost. Cloud Computing has also introduced itself by the means of reducing computing cost. It offers different approach to make computing better by improving utilization and reducing infrastructure and administrative costs. Cloud Computing is basically the amalgamation of Utility Computing and SaaS (Software as a Service). Cloud Computing is quite new to organizations as it is still at its deploying stage. Due to this reason, organizations are not confident whether to adopt it or not. This thesis investigates the problem for organization concerning the security and cost issues. Benefits and drawbacks are being highlighted which organizations can have or suffer in order to adopt Cloud Computing. In Conclusion, Cloud Computing is a better option available for small and medium organizations with a comparison to large companies both in terms of data security and cost.

Keywords: cloud computing, security, cost, elasticity, PaaS, IaaS, SaaS

Procedia PDF Downloads 316