Search results for: information security competencies
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 13223

Search results for: information security competencies

12833 Entrepreneur Competencies: An Exploratory Study Applied to Educational Social Enterprise in South East Asia

Authors: D. Songpol, K. Taweesak, T. Sookyuen

Abstract:

A social enterprise is an organization that operates commercial business as a source of income with the aim of addressing social and environmental issues. Though it is clear that this kind of organization will benefit society and environment but in practice, it is found that most of social enterprises’ goals cannot be achieved. The most success factors of social enterprises usually rely on individual characteristics of entrepreneurs, especially in educational business. This study aims to find out the magnitude of influence from the components of entrepreneur competencies to social enterprises in education. There are developmental models of research demonstrating that knowledge, skills and attributes affect the success of social enterprises in term of sustainability, social opportunities and innovation leadership. The 5-scale questionnaire was used to collect data from the social entrepreneurs in education who operates in the South East Asian region of 135 samples and then processed by the methods of structural equation models. The results show that the competency of entrepreneurs in attributes has the greatest impact on the success of social enterprises while the skills and knowledge have respectively impact on the social enterprises’ success as well. The reason why attributes of entrepreneurs have the greatest impact on social enterprise success is because, social enterprise is an organization that does not motivate or provide attractive financial incentives to the entrepreneur. Entrepreneurs, who succeed in developing their organizations, therefore need attribute factor higher than normal entrepreneurs, especially those in education sector that have somewhat few human resources to operate their businesses. More importantly, attribute’s traits such as entrepreneurial passion, self-efficacy, entrepreneurial identity and, innovativeness and perseverance will significantly affect the ideology and tolerance of the entrepreneurs once facing the problem in doing business. In conclusion, the education social enterprise would be successful depending on the performance of the entrepreneurs which derives from higher attributes competency.

Keywords: education, entrepreneur competencies, social enterprise, South East Asia

Procedia PDF Downloads 156
12832 A Practice of Zero Trust Architecture in Financial Transactions

Authors: Liwen Wang, Yuting Chen, Tong Wu, Shaolei Hu

Abstract:

In order to enhance the security of critical financial infrastructure, this study carries out a transformation of the architecture of a financial trading terminal to a zero trust architecture (ZTA), constructs an active defense system for cybersecurity, improves the security level of trading services in the Internet environment, enhances the ability to prevent network attacks and unknown risks, and reduces the industry and security risks brought about by cybersecurity risks. This study introduces the SDP technology of ZTA, adapts and applies it to a financial trading terminal to achieve security optimization and fine-grained business grading control. The upgraded architecture of the trading terminal moves security protection forward to the user access layer, replaces VPN to optimize remote access, and significantly improves the security protection capability of Internet transactions. The study achieves 1. deep integration with the access control architecture of the transaction system; 2. no impact on the performance of terminals and gateways, and no perception of application system upgrades; 3. customized checklist and policy configuration; 4. introduction of industry-leading security technology such as single-packet authorization (SPA) and secondary authentication. This study carries out a successful application of ZTA in the field of financial trading and provides transformation ideas for other similar systems while improving the security level of financial transaction services in the Internet environment.

Keywords: zero trust, trading terminal, architecture, network security, cybersecurity

Procedia PDF Downloads 166
12831 A Survey on Countermeasures of Cache-Timing Attack on AES Systems

Authors: Settana M. Abdulh, Naila A. Sadalla, Yaseen H. Taha, Howaida Elshoush

Abstract:

Side channel attacks are based on side channel information, which is information that is leaked from encryption systems. This includes timing information, power consumption as well as electromagnetic or even sound leaking which can exploited by an attacker. Implementing side channel attacks are possible if and only if an attacker has access to a cryptosystem. In this case, the attacker can exploit bad implementation in software or hardware which is not controlled by encryption implementer. Thus, he/she will represent a real threat to the security system. Several countermeasures have been proposed to eliminate side channel information vulnerability.Cache timing attack is a special type of side channel attack. Here, timing information is collected and analyzed by an attacker to guess sensitive information such as encryption key or plaintext. This paper reviews the technique applied in this attack and surveys the countermeasures against it, evaluating the feasibility and usability of each. Based on this evaluation, finally we pose several recommendations about using these countermeasures.

Keywords: AES algorithm, side channel attack, cache timing attack, cache timing countermeasure

Procedia PDF Downloads 299
12830 Nuclear Safety and Security in France in the 1970s: A Turning Point for the Media

Authors: Jandot Aurélia

Abstract:

In France, in the main media, the concern about nuclear safety and security has not really appeared before the beginning of the 1970s. The gradual changes in its perception are studied here through the arguments given in the main French news magazines, linked with several parameters. As this represents a considerable amount of copies and thus of information, are selected here the main articles as well as the main “mental images” aiming to persuade the readers and which have led the public awareness to evolve. Indeed, in the 1970s, in France, these evolutions were not made in one day. Indeed, over the period, many articles were still in favor of nuclear power plants and promoted the technological advances that were made in this field. They had to be taken into account. But, gradually, grew up arguments and mental images discrediting the perception of nuclear technology. Among these were the environmental impacts of this industry, as the question of pollution progressively appeared. So, between 1970 and 1979, the language has changed, as the perceptible objectives of the communication, allowing to discern the deepest intentions of the editorial staffs of the French news magazines. This is all these changes that are emphasized here, over a period when the safety and security concern linked to the nuclear technology, to there a field for specialists, has become progressively a social issue seemingly open to all.

Keywords: environmental impacts, media discourse, nuclear security, public awareness

Procedia PDF Downloads 283
12829 Development of a Data Security Model Using Steganography

Authors: Terungwa Simon Yange, Agana Moses A.

Abstract:

This paper studied steganography and designed a simplistic approach to a steganographic tool for hiding information in image files with the view of addressing the security challenges with data by hiding data from unauthorized users to improve its security. The Structured Systems Analysis and Design Method (SSADM) was used in this work. The system was developed using Java Development Kit (JDK) 1.7.0_10 and MySQL Server as its backend. The system was tested with some hypothetical health records which proved the possibility of protecting data from unauthorized users by making it secret so that its existence cannot be easily recognized by fraudulent users. It further strengthens the confidentiality of patient records kept by medical practitioners in the health setting. In conclusion, this work was able to produce a user friendly steganography software that is very fast to install and easy to operate to ensure privacy and secrecy of sensitive data. It also produced an exact copy of the original image and the one carrying the secret message when compared with each.

Keywords: steganography, cryptography, encryption, decryption, secrecy

Procedia PDF Downloads 265
12828 Effects of Irregular Migration from Different Aspects of Security

Authors: Muzaffer Topgul, Hasan Atac

Abstract:

In case of explaining the migration concept, although it is not a new phenomenon, it is easy to understand that communities have migrated for variety of reasons such as natural disasters, famine, wars, economic problems, and several theories have been put forth to define and find solution for migration within its changing nature. Examining of migration theories denotes that the circumstances under which they appear reflect political, social, and economic conditions of the age they appear. In this day and time, security is considered not only from military perspective but also from economic, political, sociological dimensions. Based on the changing security environment new impacts of migration has occurred; the migration is proceed to be conferred as a type of war, qualified as a transnational crime because of its outcomes and interpreted in a different dimension owing to its effects on the health and education areas. Social security dimension in the context of expanding concept of security; when dealing with the safety of people and social groups with the assumption that national unity and identity are threatened, it sees immigrants as a source of threat. The human security assesses the safety of individuals in terms of survival and quality of life. Changes in the standard of living under the influence of immigrants and possible terrorist acts can be seen as a threat source in this type of security. Economic security of the individuals and the regional changes at the micro level created by the immigrants are covered issues of economic security. Due to the factors such as terrorism and civil war, the increasing numbers of displaced people who have taken refugee status affect the countries, whether it is near or far to the crisis areas, in the new and different dimensions of security day by day. In this study, the term of immigration through the eyes of national and international law will be evaluated, the place of the irregular and illegal immigration in the changing security sphere will be revealed and the effects of the irregular migration to short-term, mid-term and long-term security issues will be assessed through human and social security aspects. In order to analyze the threats for the human security; the parameters such as living conditions of the immigrants, the ratio of the genders, birth rate occasions, the education circumstances of the immigrant children and the effects of the illegal passing on the public order will be evaluated. The outcomes of the problem areas for the human security and the demographic alteration resulting from the human flow of displaced people will be discussed thorough social security extent. The fizzling economic diversity, which has shown up by irregular migration, will be presented within the scope of economic dimension of security.

Keywords: irregular migration, the changing dimensions of security, human security, social security

Procedia PDF Downloads 336
12827 Security Analysis and Implementation of Achterbahn-128 for Images Encryption

Authors: Aissa Belmeguenai, Oulaya Berrak, Khaled Mansouri

Abstract:

In this work, efficiency implementation and security evaluation of the keystream generator of Achterbahn-128 for images encryption and decryption was introduced. The implementation for this simulated project is written with MATLAB.7.5. First of all, two different original images are used to validate the proposed design. The developed program is used to transform the original images data into digital image file. Finally, the proposed program is implemented to encrypt and decrypt images data. Several tests are done to prove the design performance, including visual tests and security evaluation.

Keywords: Achterbahn-128, keystream generator, stream cipher, image encryption, security analysis

Procedia PDF Downloads 314
12826 Improving Security by Using Secure Servers Communicating via Internet with Standalone Secure Software

Authors: Carlos Gonzalez

Abstract:

This paper describes the use of the Internet as a feature to enhance the security of our software that is going to be distributed/sold to users potentially all over the world. By placing in a secure server some of the features of the secure software, we increase the security of such software. The communication between the protected software and the secure server is done by a double lock algorithm. This paper also includes an analysis of intruders and describes possible responses to detect threats.

Keywords: internet, secure software, threats, cryptography process

Procedia PDF Downloads 333
12825 Contemporary Mexican Shadow Politics: The War on Drugs and the Issue of Security

Authors: Lisdey Espinoza Pedraza

Abstract:

Organised crime in Mexico evolves faster that our capacity to understand and explain it. Organised gangs have become successful entrepreneurs in many ways ad they have somehow mimicked the working ways of the authorities and in many cases, they have successfully infiltrated the governmental spheres. This business model is only possible under a clear scheme of rampant impunity. Impunity, however, is not exclusive to the PRI. Nor the PRI, PAN, or PRD can claim the monopoly of corruption, but what is worse is that none can claim full honesty in their acts either. The current security crisis in Mexico shows a crisis in the Mexican political party system. Corruption today is not only a problem of dishonesty and the correct use of public resources. It is the principal threat to Mexican democracy, governance, and national security.

Keywords: security, war on drugs, drug trafficking, Mexico, Latin America, United States

Procedia PDF Downloads 417
12824 Alternative Futures for the Middle East

Authors: Dorsa Bakhshandehgeyazdi

Abstract:

This paper examines elective future of security in the Middle East trying to find a way that could take the district from a shaky past to a more secure future. Taking a gander at five situations about the eventual future of world legislative issues, in particular, globalization, fragmentation, conflict of civilizations, majority rule peace and the development of a security group, the paper contends that albeit every situation has its qualities (and in addition shortcomings), it is the situation that predicts the foundation of a security group that joins a more express thought for forming a more secure future for the Middle East.

Keywords: Middle East, Globalization, Fragmentation, Conflict of civilizations, Majority rule peace, Development of a security group

Procedia PDF Downloads 294
12823 Assessing EU-China Security Interests from Contradiction to Convergence

Authors: Julia Gurol

Abstract:

Why do we observe a shift towards convergence in EU-China security interests? While contradicting attitudes towards key principles of inter-state and region-to-state relations, including state sovereignty, territorial integrity, and intervention policies have ever since hindered EU-China inter-regional cooperation beyond the economic realm, collaboration in peace and security issues is now becoming a key pillar of European-Chinese relations. In addition, the Belt and Road Initiative as most ambitious Chinese foreign policy project explicitly touches upon several European foreign policy and security preferences. Based on these counterintuitive findings, this paper traces the process of convergence of Sino-European security interests. Drawing on qualitative text analysis of official Chinese and European policy papers and documents from the establishment of diplomatic relations in 1975 until today, it assesses the striking change over time. On this basis, the paper uses theories of neo-functionalism, inter-regionalism, and securitization and borrows from constructivist views in International Relations’ theory, to expound possible motives for the change in Chinese and respectively European preferences in the security realm. The results reveal interesting insights into the decisive factors and motives behind both countries’ foreign policies. The paper concludes with a discussion of further potential and difficulties of EU-China security cooperation.

Keywords: belt and road initiative, China, European Union, foreign policy, neo-functionalism, security

Procedia PDF Downloads 285
12822 Information Literacy Initiatives in India in Present Era Age

Authors: Darshan Lal

Abstract:

The paper describes the concept of Information literacy. It is a critical component of this information age. Information literacy is the vital process in modern changing world. Information Literacy initiatives in India was also discussed. Paper also discussed Information literacy programmes for LIS professionals. Information literacy makes person capable to recognize when information is needed and how to locate, evaluate and use effectively of the needed information.

Keywords: information literacy, information communication technology (ICT), information literacy programmes

Procedia PDF Downloads 371
12821 Shifting of Global Energy Security: A Comparative Analysis of Indonesia and China’s Renewable Energy Policies

Authors: Widhi Hanantyo Suryadinata

Abstract:

Efforts undertaken by Indonesia and China to shift the strategies and security of renewable energy on a global stage involve approaches through policy construction related to rare minerals processing or value-adding in Indonesia and manufacturing policies through the New Energy Vehicles (NEVs) policy in China. Both policies encompass several practical regulations and policies that can be utilized for the implementation of Indonesia and China's grand efforts and ideas. Policy development in Indonesia and China can be analyzed using a comparative analysis method, as well as employing a pyramid illustration to identify policy construction phases based on the real conditions of the domestic market and implemented policies. This approach also helps to identify the potential integration of policies needed to enhance the policy development phase of a country within the pyramid. It also emphasizes the significance of integration policy to redefine renewable energy strategy and security on the global stage.

Keywords: global renewable energy security, global energy security, policy development, comparative analysis, shifting of global energy security, Indonesia, China

Procedia PDF Downloads 69
12820 Multi-Dimension Threat Situation Assessment Based on Network Security Attributes

Authors: Yang Yu, Jian Wang, Jiqiang Liu, Lei Han, Xudong He, Shaohua Lv

Abstract:

As the increasing network attacks become more and more complex, network situation assessment based on log analysis cannot meet the requirements to ensure network security because of the low quality of logs and alerts. This paper addresses the lack of consideration of security attributes of hosts and attacks in the network. Identity and effectiveness of Distributed Denial of Service (DDoS) are hard to be proved in risk assessment based on alerts and flow matching. This paper proposes a multi-dimension threat situation assessment method based on network security attributes. First, the paper offers an improved Common Vulnerability Scoring System (CVSS) calculation, which includes confident risk, integrity risk, availability risk and a weighted risk. Second, the paper introduces deterioration rate of properties collected by sensors in hosts and network, which aimed at assessing the time and level of DDoS attacks. Third, the paper introduces distribution of asset value in security attributes considering features of attacks and network, which aimed at assessing and show the whole situation. Experiments demonstrate that the approach reflects effectiveness and level of DDoS attacks, and the result can show the primary threat in network and security requirement of network. Through comparison and analysis, the method reflects more in security requirement and security risk situation than traditional methods based on alert and flow analyzing.

Keywords: DDoS evaluation, improved CVSS, network security attribute, threat situation assessment

Procedia PDF Downloads 209
12819 A Study of User Awareness and Attitudes Towards Civil-ID Authentication in Oman’s Electronic Services

Authors: Raya Al Khayari, Rasha Al Jassim, Muna Al Balushi, Fatma Al Moqbali, Said El Hajjar

Abstract:

This study utilizes linear regression analysis to investigate the correlation between user account passwords and the probability of civil ID exposure, offering statistical insights into civil ID security. The study employs multiple linear regression (MLR) analysis to further investigate the elements that influence consumers’ views of civil ID security. This aims to increase awareness and improve preventive measures. The results obtained from the MLR analysis provide a thorough comprehension and can guide specific educational and awareness campaigns aimed at promoting improved security procedures. In summary, the study’s results offer significant insights for improving existing security measures and developing more efficient tactics to reduce risks related to civil ID security in Oman. By identifying key factors that impact consumers’ perceptions, organizations can tailor their strategies to address vulnerabilities effectively. Additionally, the findings can inform policymakers on potential regulatory changes to enhance civil ID security in the country.

Keywords: civil-id disclosure, awareness, linear regression, multiple regression

Procedia PDF Downloads 57
12818 Linux Security Management: Research and Discussion on Problems Caused by Different Aspects

Authors: Ma Yuzhe, Burra Venkata Durga Kumar

Abstract:

The computer is a great invention. As people use computers more and more frequently, the demand for PCs is growing, and the performance of computer hardware is also rising to face more complex processing and operation. However, the operating system, which provides the soul for computers, has stopped developing at a stage. In the face of the high price of UNIX (Uniplexed Information and Computering System), batch after batch of personal computer owners can only give up. Disk Operating System is too simple and difficult to bring innovation into play, which is not a good choice. And MacOS is a special operating system for Apple computers, and it can not be widely used on personal computers. In this environment, Linux, based on the UNIX system, was born. Linux combines the advantages of the operating system and is composed of many microkernels, which is relatively powerful in the core architecture. Linux system supports all Internet protocols, so it has very good network functions. Linux supports multiple users. Each user has no influence on their own files. Linux can also multitask and run different programs independently at the same time. Linux is a completely open source operating system. Users can obtain and modify the source code for free. Because of these advantages of Linux, it has also attracted a large number of users and programmers. The Linux system is also constantly upgraded and improved. It has also issued many different versions, which are suitable for community use and commercial use. Linux system has good security because it relies on a file partition system. However, due to the constant updating of vulnerabilities and hazards, the using security of the operating system also needs to be paid more attention to. This article will focus on the analysis and discussion of Linux security issues.

Keywords: Linux, operating system, system management, security

Procedia PDF Downloads 108
12817 Enhancing Metaverse Security: A Multi-Factor Authentication Scheme

Authors: R. Chinnaiyaprabhu, S. Bharanidharan, V. Dharsana, Rajalavanya

Abstract:

The concept of the Metaverse represents a potential evolution in the realm of cyberspace. In the early stages of Web 2.0, we observed a proliferation of online pseudonyms or 'nyms,' which increased the prevalence of fake accounts and made it challenging to establish unique online identities for various roles. However, in the era of Web 3.0, particularly in the context of the Metaverse, an individual's digital identity is intrinsically linked to their real-world identity. Consequently, actions taken in the Metaverse can carry significant consequences in the physical world. In light of these considerations, we propose the development of an innovative authentication system known as 'Metasec.' This system is designed to enhance security for digital assets, online identities, avatars, and user accounts within the Metaverse. Notably, Metasec operates as a password less authentication solution, relying on a multifaceted approach to security, encompassing device attestation, facial recognition, and pattern-based security keys.

Keywords: metaverse, multifactor authentication, security, facial recognition, patten password

Procedia PDF Downloads 67
12816 Rethinking the Role of Small States in the Hybrid Era: Shifts in the Cypriot Foreign and Defence Policies, 2004-2019

Authors: Constantinos Adamides, Petros Petrikkos

Abstract:

In the era of growing hybrid threats, small states find themselves in need to re-evaluate existing foreign and defense policies. The pressure to establishing or maintain a status of a reliable partner in the community in which they belong to, vis-à-vis their multilateral relations with other organisations and entities, small states may need to shift their policies in the field to accommodate security needs that are not only pertinent to their security, but also to that of the organisations (bloc) in which they interact. Unlike potential shortcomings in a small state’s mainstream security and defence framework where the threat would be limited to the state itself, in more contemporary times with dominating hybrid threats, the small states’ security shortcomings may also become a security problem for the bloc in which these states belong to. An indicative example is small states like Cyprus and Malta, which belong and 'interact' in the European Union. As a result, the nature of hybrid threats can be utilised to hurt bigger states in a bloc by exploiting the small states’ vulnerabilities and security gaps. Inevitably, both the defensive and foreign policy collaborations of small states with bigger states have been and are constantly re-evaluated to tackle and prevent such problems. In essence, the goal of this ‘re-evaluation’ aims to achieve a twofold goal: The first is the small states’ quest to appear as a reliable partner within the bloc, while the second is to avoid being the weakest security link in the bloc’s defence against hybrid threats. Indeed, the hybrid arena is a security area where they can excel in the bloc, despite the potential and expected conventional military deficiencies. This new environment prompts us to think security from the perspective of small states differently and in relation to their role as members or big organisations. The paper focuses on the case of Cyprus following its accession to the European Union and examines how a country that has had a very focused security orientation –not least due to its ongoing security problems– altered its foreign and defence policies within the European Union to ensure compliance with the rest of the bloc, while at the same time maximizing its role as a security player. Specifically, it examines the methods through which the country shifted its policies as well as the challenges and opportunities that emerged from these security shifts.

Keywords: Cyprus, defence, foreign policy, hybrid threats, ontological security, small states

Procedia PDF Downloads 136
12815 Impacts of Applying Automated Vehicle Location Systems to Public Bus Transport Management

Authors: Vani Chintapally

Abstract:

The expansion of modest and minimized Global Positioning System (GPS) beneficiaries has prompted most Automatic Vehicle Location (AVL) frameworks today depending solely on satellite-based finding frameworks, as GPS is the most stable usage of these. This paper shows the attributes of a proposed framework for following and dissecting open transport in a run of the mill medium-sized city and complexities the qualities of such a framework to those of broadly useful AVL frameworks. Particular properties of the courses broke down by the AVL framework utilized for the examination of open transport in our study incorporate cyclic vehicle courses, the requirement for particular execution reports, and so forth. This paper particularly manages vehicle movement forecasts and the estimation of station landing time, combined with consequently produced reports on timetable conformance and other execution measures. Another side of the watched issue is proficient exchange of information from the vehicles to the control focus. The pervasiveness of GSM bundle information exchange advancements combined with decreased information exchange expenses have brought on today's AVL frameworks to depend predominantly on parcel information exchange administrations from portable administrators as the correspondences channel in the middle of vehicles and the control focus. This methodology brings numerous security issues up in this conceivably touchy application field.

Keywords: automatic vehicle location (AVL), expectation of landing times, AVL security, data administrations, wise transport frameworks (ITS), guide coordinating

Procedia PDF Downloads 383
12814 Military Role of Russia beyond Its National Boundary

Authors: Nipuli Gajanayake

Abstract:

The Russian military role beyond its national frontier has become a debatable hot topic in the international political arena. It’s advanced, and strategic responses in combating regional and international security problems have always been a factor to debate and criticize. Under such critical circumstances, Russia is attentive to play its military role according to the provisions of the Military Doctrine of the Russian Federation. Most importantly, the legal basis of the doctrine has also consisted with the generally recognized principles and norms of international law. Therefore, Russian international military assistances are pledged to accomplish international peace and security. The expansion of Russian military participation in the United Nations Peacekeeping operations, and military- political, and technical cooperation have largely evident the great effort of Russia in maintaining and restoring international peace and security. Moreover, the conflict management diplomacy and the development of dialogue with nation states to confront military risks and threats can also identify as a part of preserving international peace and security. In addition, Russia strives to strengthen the system of collective security with regional and international organizations through the legal framework of the Collective Security Treaty Organization (CSTO). Maintaining cooperative ties with the Commonwealth of Independent States (CIS), the Organization for Security and Cooperation in Europe (OSCE) and the Shanghai Cooperation Organization (SCO) have highlighted the Russian deliberation on maintaining regional peace and security. Nevertheless, the extension of cordial relations with nation states and providing of military assistances during tensions and conflicts on their territories can also underscore as Russians commitments on maintaining international peace and security. Observing and recognizing the disparity between the West portrayed terms like ‘illegal Russian interventions’ and the comprehensive reality behind the ‘Russian military assistances’ are important to understand. However, a lopsided vision or a perspective towards the Russian international military role would not present a clear understanding about its valued and also dedicated hard work on maintaining international peace and security.

Keywords: collective security, diplomacy, international military role of Russia, international peace and security

Procedia PDF Downloads 301
12813 On Dynamic Chaotic S-BOX Based Advanced Encryption Standard Algorithm for Image Encryption

Authors: Ajish Sreedharan

Abstract:

Security in transmission and storage of digital images has its importance in today’s image communications and confidential video conferencing. Due to the increasing use of images in industrial process, it is essential to protect the confidential image data from unauthorized access. Advanced Encryption Standard (AES) is a well known block cipher that has several advantages in data encryption. However, it is not suitable for real-time applications. This paper presents modifications to the Advanced Encryption Standard to reflect a high level security and better image encryption. The modifications are done by adjusting the ShiftRow Transformation and using On Dynamic chaotic S-BOX. In AES the Substitute bytes, Shift row and Mix columns by themselves would provide no security because they do not use the key. In Dynamic chaotic S-BOX Based AES the Substitute bytes provide security because the S-Box is constructed from the key. Experimental results verify and prove that the proposed modification to image cryptosystem is highly secure from the cryptographic viewpoint. The results also prove that with a comparison to original AES encryption algorithm the modified algorithm gives better encryption results in terms of security against statistical attacks.

Keywords: advanced encryption standard (AES), on dynamic chaotic S-BOX, image encryption, security analysis, ShiftRow transformation

Procedia PDF Downloads 437
12812 The Need for Educational Psychology in Teacher Education for Sustainable Transformation and Security in Nigeria

Authors: Kaltume Kabir Sharrif

Abstract:

Teacher education is the bedrock of educational growth and development of any nation. With development in education all human problems can be overcome. Educational Psychology, on the other hand, is in a strategic position for any programme in teacher education to be successful hence other aspects of societal issues. In other words, no teacher education can be of any help in ensuring transformation and security without adequate study in Educational Psychology. Without adequate knowledge and skills in Educational Psychology the teacher may not function effectively in the course of discharging his duty. It is in view of this, that the paper discusses some aspects of Educational Psychology that are of paramount importance in teacher education for sustainable transformation and security of Nigeria. Some recommendations were offered on the role educational psychology play in resolving security challenges facing the country. These include enriching educational psychology with topics from forensic psychology that will provide the teacher the skills of fighting crime in the school, Behavioural Science Unit should be established in each school to monitor the behavior of students, among others.

Keywords: transformation, security challenges, teacher education, educational psychology

Procedia PDF Downloads 506
12811 Smart Grids Cyber Security Issues and Challenges

Authors: Imen Aouini, Lamia Ben Azzouz

Abstract:

The energy need is growing rapidly due to the population growth and the large new usage of power. Several works put considerable efforts to make the electricity grid more intelligent to reduce essentially energy consumption and provide efficiency and reliability of power systems. The Smart Grid is a complex architecture that covers critical devices and systems vulnerable to significant attacks. Hence, security is a crucial factor for the success and the wide deployment of Smart Grids. In this paper, we present security issues of the Smart Grid architecture and we highlight open issues that will make the Smart Grid security a challenging research area in the future.

Keywords: smart grids, smart meters, home area network, neighbor area network

Procedia PDF Downloads 424
12810 Intrusion Detection System Based on Peer to Peer

Authors: Alireza Pour Ebrahimi, Vahid Abasi

Abstract:

Recently by the extension of internet usage, Research on the intrusion detection system takes a significant importance. Many of improvement systems prevent internal and external network attacks by providing security through firewalls and antivirus. In recently years, intrusion detection systems gradually turn from host-based systems and depend on O.S to the distributed systems which are running on multiple O.S. In this work, by considering the diversity of computer networks whit respect to structure, architecture, resource, services, users and also security goals requirement a fully distributed collaborative intrusion detection system based on peer to peer architecture is suggested. in this platform each partner device (matched device) considered as a peer-to-peer network. All transmitted information to network are visible only for device that use security scanning of a source. Experimental results show that the distributed architecture is significantly upgradeable in respect to centralized approach.

Keywords: network, intrusion detection system, peer to peer, internal and external network

Procedia PDF Downloads 547
12809 Parameter Selection for Computationally Efficient Use of the Bfvrns Fully Homomorphic Encryption Scheme

Authors: Cavidan Yakupoglu, Kurt Rohloff

Abstract:

In this study, we aim to provide a novel parameter selection model for the BFVrns scheme, which is one of the prominent FHE schemes. Parameter selection in lattice-based FHE schemes is a practical challenges for experts or non-experts. Towards a solution to this problem, we introduce a hybrid principles-based approach that combines theoretical with experimental analyses. To begin, we use regression analysis to examine the parameters on the performance and security. The fact that the FHE parameters induce different behaviors on performance, security and Ciphertext Expansion Factor (CEF) that makes the process of parameter selection more challenging. To address this issue, We use a multi-objective optimization algorithm to select the optimum parameter set for performance, CEF and security at the same time. As a result of this optimization, we get an improved parameter set for better performance at a given security level by ensuring correctness and security against lattice attacks by providing at least 128-bit security. Our result enables average ~ 5x smaller CEF and mostly better performance in comparison to the parameter sets given in [1]. This approach can be considered a semiautomated parameter selection. These studies are conducted using the PALISADE homomorphic encryption library, which is a well-known HE library. The abstract goes here.

Keywords: lattice cryptography, fully homomorphic encryption, parameter selection, LWE, RLWE

Procedia PDF Downloads 154
12808 Security Report Profiling for Mobile Banking Applications in Indonesia Based on OWASP Mobile Top 10-2016

Authors: Bambang Novianto, Rizal Aditya Herdianto, Raphael Bianco Huwae, Afifah, Alfonso Brolin Sihite, Rudi Lumanto

Abstract:

The mobile banking application is a type of mobile application that is growing rapidly. This is caused by the ease of service and time savings in making transactions. On the other hand, this certainly provides a challenge in security issues. The use of mobile banking can not be separated from cyberattacks that may occur which can result the theft of sensitive information or financial loss. The financial loss and the theft of sensitive information is the most avoided thing because besides harming the user, it can also cause a loss of customer trust in a bank. Cyberattacks that are often carried out against mobile applications are phishing, hacking, theft, misuse of data, etc. Cyberattack can occur when a vulnerability is successfully exploited. OWASP mobile Top 10 has recorded as many as 10 vulnerabilities that are most commonly found in mobile applications. In the others, android permissions also have the potential to cause vulnerabilities. Therefore, an overview of the profile of the mobile banking application becomes an urgency that needs to be known. So that it is expected to be a consideration of the parties involved for improving security. In this study, an experiment has been conducted to capture the profile of the mobile banking applications in Indonesia based on android permission and OWASP mobile top 10 2016. The results show that there are six basic vulnerabilities based on OWASP Mobile Top 10 that are most commonly found in mobile banking applications in Indonesia, i.e. M1:Improper Platform Usage, M2:Insecure Data Storage, M3:Insecure Communication, M5:Insufficient Cryptography, M7:Client Code Quality, and M9:Reverse Engineering. The most permitted android permissions are the internet, status network access, and telephone read status.

Keywords: mobile banking application, OWASP mobile top 10 2016, android permission, sensitive information, financial loss

Procedia PDF Downloads 141
12807 Denoising Convolutional Neural Network Assisted Electrocardiogram Signal Watermarking for Secure Transmission in E-Healthcare Applications

Authors: Jyoti Rani, Ashima Anand, Shivendra Shivani

Abstract:

In recent years, physiological signals obtained in telemedicine have been stored independently from patient information. In addition, people have increasingly turned to mobile devices for information on health-related topics. Major authentication and security issues may arise from this storing, degrading the reliability of diagnostics. This study introduces an approach to reversible watermarking, which ensures security by utilizing the electrocardiogram (ECG) signal as a carrier for embedding patient information. In the proposed work, Pan-Tompkins++ is employed to convert the 1D ECG signal into a 2D signal. The frequency subbands of a signal are extracted using RDWT(Redundant discrete wavelet transform), and then one of the subbands is subjected to MSVD (Multiresolution singular valued decomposition for masking. Finally, the encrypted watermark is embedded within the signal. The experimental results show that the watermarked signal obtained is indistinguishable from the original signals, ensuring the preservation of all diagnostic information. In addition, the DnCNN (Denoising convolutional neural network) concept is used to denoise the retrieved watermark for improved accuracy. The proposed ECG signal-based watermarking method is supported by experimental results and evaluations of its effectiveness. The results of the robustness tests demonstrate that the watermark is susceptible to the most prevalent watermarking attacks.

Keywords: ECG, VMD, watermarking, PanTompkins++, RDWT, DnCNN, MSVD, chaotic encryption, attacks

Procedia PDF Downloads 101
12806 FPGA Implementation of the BB84 Protocol

Authors: Jaouadi Ikram, Machhout Mohsen

Abstract:

The development of a quantum key distribution (QKD) system on a field-programmable gate array (FPGA) platform is the subject of this paper. A quantum cryptographic protocol is designed based on the properties of quantum information and the characteristics of FPGAs. The proposed protocol performs key extraction, reconciliation, error correction, and privacy amplification tasks to generate a perfectly secret final key. We modeled the presence of the spy in our system with a strategy to reveal some of the exchanged information without being noticed. Using an FPGA card with a 100 MHz clock frequency, we have demonstrated the evolution of the error rate as well as the amounts of mutual information (between the two interlocutors and that of the spy) passing from one step to another in the key generation process.

Keywords: QKD, BB84, protocol, cryptography, FPGA, key, security, communication

Procedia PDF Downloads 183
12805 An Investigation on Interactions between Social Security with Police Operation and Economics in the Field of Tourism

Authors: Mohammad Mahdi Namdari, Hosein Torki

Abstract:

Security as an abstract concept, has involved human being from the beginning of creation to the present, and certainly to the future. Accordingly, battles, conflicts, challenges, legal proceedings, crimes and all issues related to human kind are associated with this concept. Today by interviewing people about their life, the security of societies and Social crimes are interviewed too. Along with the security as an infrastructure and vital concept, the economy and related issues e.g. welfare, per capita income, total government revenue, export, import and etc. is considered another infrastructure and vital concept. These two vital concepts (Security and Economic) have linked together complexly and significantly. The present study employs analytical-descriptive research method using documents and Statistics of official sources. Discovery and explanation of this mutual connection are comprising a profound and extensive research; so management, development and reform in system and relationships of the scope of this two concepts are complex and difficult. Tourism and its position in today's economy is one of the main pillars of the economy of the 21st century that maybe associate with the security and social crimes more than other pillars. Like all human activities, economy of societies and partially tourism dependent on security especially in the public and social security. On the other hand, the true economic development (generally) and the growth of the tourism industry (dedicated) are a security generating and supporting for it, because a dynamic economic infrastructure prevents the formation of centers of crime and illegal activities by providing a context for socio-economic development for all segments of society in a fair and humane. This relationship is a formula of the complexity between the two concept of economy and security. Police as a revealed or people-oriented organization in the field of security directly has linked with the economy of a community and is very effective In the face of the tourism industry. The relationship between security and national crime index, and economic indicators especially ones related to tourism is confirming above discussion that is notable. According to understanding processes about security and economic as two key and vital concepts are necessary and significant for sovereignty of governments.

Keywords: economic, police, tourism, social security

Procedia PDF Downloads 321
12804 On the Use of Machine Learning for Tamper Detection

Authors: Basel Halak, Christian Hall, Syed Abdul Father, Nelson Chow Wai Kit, Ruwaydah Widaad Raymode

Abstract:

The attack surface on computing devices is becoming very sophisticated, driven by the sheer increase of interconnected devices, reaching 50B in 2025, which makes it easier for adversaries to have direct access and perform well-known physical attacks. The impact of increased security vulnerability of electronic systems is exacerbated for devices that are part of the critical infrastructure or those used in military applications, where the likelihood of being targeted is very high. This continuously evolving landscape of security threats calls for a new generation of defense methods that are equally effective and adaptive. This paper proposes an intelligent defense mechanism to protect from physical tampering, it consists of a tamper detection system enhanced with machine learning capabilities, which allows it to recognize normal operating conditions, classify known physical attacks and identify new types of malicious behaviors. A prototype of the proposed system has been implemented, and its functionality has been successfully verified for two types of normal operating conditions and further four forms of physical attacks. In addition, a systematic threat modeling analysis and security validation was carried out, which indicated the proposed solution provides better protection against including information leakage, loss of data, and disruption of operation.

Keywords: anti-tamper, hardware, machine learning, physical security, embedded devices, ioT

Procedia PDF Downloads 153