Search results for: cyber and information security

Authors: Terungwa Simon Yange, Agana Moses A.

Abstract:

This paper studied steganography and designed a simplistic approach to a steganographic tool for hiding information in image files with the view of addressing the security challenges with data by hiding data from unauthorized users to improve its security. The Structured Systems Analysis and Design Method (SSADM) was used in this work. The system was developed using Java Development Kit (JDK) 1.7.0_10 and MySQL Server as its backend. The system was tested with some hypothetical health records which proved the possibility of protecting data from unauthorized users by making it secret so that its existence cannot be easily recognized by fraudulent users. It further strengthens the confidentiality of patient records kept by medical practitioners in the health setting. In conclusion, this work was able to produce a user friendly steganography software that is very fast to install and easy to operate to ensure privacy and secrecy of sensitive data. It also produced an exact copy of the original image and the one carrying the secret message when compared with each.

Keywords: steganography, cryptography, encryption, decryption, secrecy

Procedia PDF Downloads 253

Authors: Muzaffer Topgul, Hasan Atac

Abstract:

In case of explaining the migration concept, although it is not a new phenomenon, it is easy to understand that communities have migrated for variety of reasons such as natural disasters, famine, wars, economic problems, and several theories have been put forth to define and find solution for migration within its changing nature. Examining of migration theories denotes that the circumstances under which they appear reflect political, social, and economic conditions of the age they appear. In this day and time, security is considered not only from military perspective but also from economic, political, sociological dimensions. Based on the changing security environment new impacts of migration has occurred; the migration is proceed to be conferred as a type of war, qualified as a transnational crime because of its outcomes and interpreted in a different dimension owing to its effects on the health and education areas. Social security dimension in the context of expanding concept of security; when dealing with the safety of people and social groups with the assumption that national unity and identity are threatened, it sees immigrants as a source of threat. The human security assesses the safety of individuals in terms of survival and quality of life. Changes in the standard of living under the influence of immigrants and possible terrorist acts can be seen as a threat source in this type of security. Economic security of the individuals and the regional changes at the micro level created by the immigrants are covered issues of economic security. Due to the factors such as terrorism and civil war, the increasing numbers of displaced people who have taken refugee status affect the countries, whether it is near or far to the crisis areas, in the new and different dimensions of security day by day. In this study, the term of immigration through the eyes of national and international law will be evaluated, the place of the irregular and illegal immigration in the changing security sphere will be revealed and the effects of the irregular migration to short-term, mid-term and long-term security issues will be assessed through human and social security aspects. In order to analyze the threats for the human security; the parameters such as living conditions of the immigrants, the ratio of the genders, birth rate occasions, the education circumstances of the immigrant children and the effects of the illegal passing on the public order will be evaluated. The outcomes of the problem areas for the human security and the demographic alteration resulting from the human flow of displaced people will be discussed thorough social security extent. The fizzling economic diversity, which has shown up by irregular migration, will be presented within the scope of economic dimension of security.

Keywords: irregular migration, the changing dimensions of security, human security, social security

Procedia PDF Downloads 319

Authors: Aissa Belmeguenai, Oulaya Berrak, Khaled Mansouri

Abstract:

In this work, efficiency implementation and security evaluation of the keystream generator of Achterbahn-128 for images encryption and decryption was introduced. The implementation for this simulated project is written with MATLAB.7.5. First of all, two different original images are used to validate the proposed design. The developed program is used to transform the original images data into digital image file. Finally, the proposed program is implemented to encrypt and decrypt images data. Several tests are done to prove the design performance, including visual tests and security evaluation.

Keywords: Achterbahn-128, keystream generator, stream cipher, image encryption, security analysis

Procedia PDF Downloads 304

Authors: Carlos Gonzalez

Abstract:

This paper describes the use of the Internet as a feature to enhance the security of our software that is going to be distributed/sold to users potentially all over the world. By placing in a secure server some of the features of the secure software, we increase the security of such software. The communication between the protected software and the secure server is done by a double lock algorithm. This paper also includes an analysis of intruders and describes possible responses to detect threats.

Keywords: internet, secure software, threats, cryptography process

Procedia PDF Downloads 314

Authors: Lisdey Espinoza Pedraza

Abstract:

Organised crime in Mexico evolves faster that our capacity to understand and explain it. Organised gangs have become successful entrepreneurs in many ways ad they have somehow mimicked the working ways of the authorities and in many cases, they have successfully infiltrated the governmental spheres. This business model is only possible under a clear scheme of rampant impunity. Impunity, however, is not exclusive to the PRI. Nor the PRI, PAN, or PRD can claim the monopoly of corruption, but what is worse is that none can claim full honesty in their acts either. The current security crisis in Mexico shows a crisis in the Mexican political party system. Corruption today is not only a problem of dishonesty and the correct use of public resources. It is the principal threat to Mexican democracy, governance, and national security.

Keywords: security, war on drugs, drug trafficking, Mexico, Latin America, United States

Procedia PDF Downloads 408

Authors: Dorsa Bakhshandehgeyazdi

Abstract:

This paper examines elective future of security in the Middle East trying to find a way that could take the district from a shaky past to a more secure future. Taking a gander at five situations about the eventual future of world legislative issues, in particular, globalization, fragmentation, conflict of civilizations, majority rule peace and the development of a security group, the paper contends that albeit every situation has its qualities (and in addition shortcomings), it is the situation that predicts the foundation of a security group that joins a more express thought for forming a more secure future for the Middle East.

Keywords: Middle East, Globalization, Fragmentation, Conflict of civilizations, Majority rule peace, Development of a security group

Procedia PDF Downloads 288

Authors: Julia Gurol

Abstract:

Why do we observe a shift towards convergence in EU-China security interests? While contradicting attitudes towards key principles of inter-state and region-to-state relations, including state sovereignty, territorial integrity, and intervention policies have ever since hindered EU-China inter-regional cooperation beyond the economic realm, collaboration in peace and security issues is now becoming a key pillar of European-Chinese relations. In addition, the Belt and Road Initiative as most ambitious Chinese foreign policy project explicitly touches upon several European foreign policy and security preferences. Based on these counterintuitive findings, this paper traces the process of convergence of Sino-European security interests. Drawing on qualitative text analysis of official Chinese and European policy papers and documents from the establishment of diplomatic relations in 1975 until today, it assesses the striking change over time. On this basis, the paper uses theories of neo-functionalism, inter-regionalism, and securitization and borrows from constructivist views in International Relations’ theory, to expound possible motives for the change in Chinese and respectively European preferences in the security realm. The results reveal interesting insights into the decisive factors and motives behind both countries’ foreign policies. The paper concludes with a discussion of further potential and difficulties of EU-China security cooperation.

Keywords: belt and road initiative, China, European Union, foreign policy, neo-functionalism, security

Procedia PDF Downloads 273

Authors: Darshan Lal

Abstract:

The paper describes the concept of Information literacy. It is a critical component of this information age. Information literacy is the vital process in modern changing world. Information Literacy initiatives in India was also discussed. Paper also discussed Information literacy programmes for LIS professionals. Information literacy makes person capable to recognize when information is needed and how to locate, evaluate and use effectively of the needed information.

Keywords: information literacy, information communication technology (ICT), information literacy programmes

Procedia PDF Downloads 353

Authors: Widhi Hanantyo Suryadinata

Abstract:

Efforts undertaken by Indonesia and China to shift the strategies and security of renewable energy on a global stage involve approaches through policy construction related to rare minerals processing or value-adding in Indonesia and manufacturing policies through the New Energy Vehicles (NEVs) policy in China. Both policies encompass several practical regulations and policies that can be utilized for the implementation of Indonesia and China's grand efforts and ideas. Policy development in Indonesia and China can be analyzed using a comparative analysis method, as well as employing a pyramid illustration to identify policy construction phases based on the real conditions of the domestic market and implemented policies. This approach also helps to identify the potential integration of policies needed to enhance the policy development phase of a country within the pyramid. It also emphasizes the significance of integration policy to redefine renewable energy strategy and security on the global stage.

Keywords: global renewable energy security, global energy security, policy development, comparative analysis, shifting of global energy security, Indonesia, China

Procedia PDF Downloads 51

Authors: Yang Yu, Jian Wang, Jiqiang Liu, Lei Han, Xudong He, Shaohua Lv

Abstract:

As the increasing network attacks become more and more complex, network situation assessment based on log analysis cannot meet the requirements to ensure network security because of the low quality of logs and alerts. This paper addresses the lack of consideration of security attributes of hosts and attacks in the network. Identity and effectiveness of Distributed Denial of Service (DDoS) are hard to be proved in risk assessment based on alerts and flow matching. This paper proposes a multi-dimension threat situation assessment method based on network security attributes. First, the paper offers an improved Common Vulnerability Scoring System (CVSS) calculation, which includes confident risk, integrity risk, availability risk and a weighted risk. Second, the paper introduces deterioration rate of properties collected by sensors in hosts and network, which aimed at assessing the time and level of DDoS attacks. Third, the paper introduces distribution of asset value in security attributes considering features of attacks and network, which aimed at assessing and show the whole situation. Experiments demonstrate that the approach reflects effectiveness and level of DDoS attacks, and the result can show the primary threat in network and security requirement of network. Through comparison and analysis, the method reflects more in security requirement and security risk situation than traditional methods based on alert and flow analyzing.

Keywords: DDoS evaluation, improved CVSS, network security attribute, threat situation assessment

Procedia PDF Downloads 200

Authors: Raya Al Khayari, Rasha Al Jassim, Muna Al Balushi, Fatma Al Moqbali, Said El Hajjar

Abstract:

This study utilizes linear regression analysis to investigate the correlation between user account passwords and the probability of civil ID exposure, offering statistical insights into civil ID security. The study employs multiple linear regression (MLR) analysis to further investigate the elements that influence consumers’ views of civil ID security. This aims to increase awareness and improve preventive measures. The results obtained from the MLR analysis provide a thorough comprehension and can guide specific educational and awareness campaigns aimed at promoting improved security procedures. In summary, the study’s results offer significant insights for improving existing security measures and developing more efficient tactics to reduce risks related to civil ID security in Oman. By identifying key factors that impact consumers’ perceptions, organizations can tailor their strategies to address vulnerabilities effectively. Additionally, the findings can inform policymakers on potential regulatory changes to enhance civil ID security in the country.

Keywords: civil-id disclosure, awareness, linear regression, multiple regression

Procedia PDF Downloads 44

Authors: Piret Pernik

Abstract:

Based on strategic, operational, and technical analysis of the ongoing armed conflict in Ukraine, this paper will examine the opportunities and risks of using small commercial drones (dual-use unmanned aerial vehicles, UAV) for military purposes. The paper discusses the opportunities and risks in the information domain, encompassing both cyber and electromagnetic interference and attacks. The paper will draw conclusions on a possible strategic impact to the battlefield outcomes in the modern armed conflicts by the widespread use of dual-use UAVs. This article will contribute to filling the gap in the literature by examining based on empirical data cyberattacks and electromagnetic interference. Today, more than one hundred states and non-state actors possess UAVs ranging from low cost commodity models, widely are dual-use, available and affordable to anyone, to high-cost combat UAVs (UCAV) with lethal kinetic strike capabilities, which can be enhanced with Artificial Intelligence (AI) and Machine Learning (ML). Dual-use UAVs have been used by various actors for intelligence, reconnaissance, surveillance, situational awareness, geolocation, and kinetic targeting. Thus they function as force multipliers enabling kinetic and electronic warfare attacks and provide comparative and asymmetric operational and tactical advances. Some go as far as argue that automated (or semi-automated) systems can change the character of warfare, while others observe that the use of small drones has not changed the balance of power or battlefield outcomes. UAVs give considerable opportunities for commanders, for example, because they can be operated without GPS navigation, makes them less vulnerable and dependent on satellite communications. They can and have been used to conduct cyberattacks, electromagnetic interference, and kinetic attacks. However, they are highly vulnerable to those attacks themselves. So far, strategic studies, literature, and expert commentary have overlooked cybersecurity and electronic interference dimension of the use of dual use UAVs. The studies that link technical analysis of opportunities and risks with strategic battlefield outcomes is missing. It is expected that dual use commercial UAV proliferation in armed and hybrid conflicts will continue and accelerate in the future. Therefore, it is important to understand specific opportunities and risks related to the crowdsourced use of dual-use UAVs, which can have kinetic effects. Technical countermeasures to protect UAVs differ depending on a type of UAV (small, midsize, large, stealth combat), and this paper will offer a unique analysis of small UAVs both from the view of opportunities and risks for commanders and other actors in armed conflict.

Keywords: dual-use technology, cyber attacks, electromagnetic warfare, case studies of cyberattacks in armed conflicts

Procedia PDF Downloads 89

Authors: Ma Yuzhe, Burra Venkata Durga Kumar

Abstract:

The computer is a great invention. As people use computers more and more frequently, the demand for PCs is growing, and the performance of computer hardware is also rising to face more complex processing and operation. However, the operating system, which provides the soul for computers, has stopped developing at a stage. In the face of the high price of UNIX (Uniplexed Information and Computering System), batch after batch of personal computer owners can only give up. Disk Operating System is too simple and difficult to bring innovation into play, which is not a good choice. And MacOS is a special operating system for Apple computers, and it can not be widely used on personal computers. In this environment, Linux, based on the UNIX system, was born. Linux combines the advantages of the operating system and is composed of many microkernels, which is relatively powerful in the core architecture. Linux system supports all Internet protocols, so it has very good network functions. Linux supports multiple users. Each user has no influence on their own files. Linux can also multitask and run different programs independently at the same time. Linux is a completely open source operating system. Users can obtain and modify the source code for free. Because of these advantages of Linux, it has also attracted a large number of users and programmers. The Linux system is also constantly upgraded and improved. It has also issued many different versions, which are suitable for community use and commercial use. Linux system has good security because it relies on a file partition system. However, due to the constant updating of vulnerabilities and hazards, the using security of the operating system also needs to be paid more attention to. This article will focus on the analysis and discussion of Linux security issues.

Keywords: Linux, operating system, system management, security

Procedia PDF Downloads 98

Authors: Vani Chintapally

Abstract:

The expansion of modest and minimized Global Positioning System (GPS) beneficiaries has prompted most Automatic Vehicle Location (AVL) frameworks today depending solely on satellite-based finding frameworks, as GPS is the most stable usage of these. This paper shows the attributes of a proposed framework for following and dissecting open transport in a run of the mill medium-sized city and complexities the qualities of such a framework to those of broadly useful AVL frameworks. Particular properties of the courses broke down by the AVL framework utilized for the examination of open transport in our study incorporate cyclic vehicle courses, the requirement for particular execution reports, and so forth. This paper particularly manages vehicle movement forecasts and the estimation of station landing time, combined with consequently produced reports on timetable conformance and other execution measures. Another side of the watched issue is proficient exchange of information from the vehicles to the control focus. The pervasiveness of GSM bundle information exchange advancements combined with decreased information exchange expenses have brought on today's AVL frameworks to depend predominantly on parcel information exchange administrations from portable administrators as the correspondences channel in the middle of vehicles and the control focus. This methodology brings numerous security issues up in this conceivably touchy application field.

Keywords: automatic vehicle location (AVL), expectation of landing times, AVL security, data administrations, wise transport frameworks (ITS), guide coordinating

Procedia PDF Downloads 369

Authors: R. Chinnaiyaprabhu, S. Bharanidharan, V. Dharsana, Rajalavanya

Abstract:

The concept of the Metaverse represents a potential evolution in the realm of cyberspace. In the early stages of Web 2.0, we observed a proliferation of online pseudonyms or 'nyms,' which increased the prevalence of fake accounts and made it challenging to establish unique online identities for various roles. However, in the era of Web 3.0, particularly in the context of the Metaverse, an individual's digital identity is intrinsically linked to their real-world identity. Consequently, actions taken in the Metaverse can carry significant consequences in the physical world. In light of these considerations, we propose the development of an innovative authentication system known as 'Metasec.' This system is designed to enhance security for digital assets, online identities, avatars, and user accounts within the Metaverse. Notably, Metasec operates as a password less authentication solution, relying on a multifaceted approach to security, encompassing device attestation, facial recognition, and pattern-based security keys.

Keywords: metaverse, multifactor authentication, security, facial recognition, patten password

Procedia PDF Downloads 54

Authors: Constantinos Adamides, Petros Petrikkos

Abstract:

In the era of growing hybrid threats, small states find themselves in need to re-evaluate existing foreign and defense policies. The pressure to establishing or maintain a status of a reliable partner in the community in which they belong to, vis-à-vis their multilateral relations with other organisations and entities, small states may need to shift their policies in the field to accommodate security needs that are not only pertinent to their security, but also to that of the organisations (bloc) in which they interact. Unlike potential shortcomings in a small state’s mainstream security and defence framework where the threat would be limited to the state itself, in more contemporary times with dominating hybrid threats, the small states’ security shortcomings may also become a security problem for the bloc in which these states belong to. An indicative example is small states like Cyprus and Malta, which belong and 'interact' in the European Union. As a result, the nature of hybrid threats can be utilised to hurt bigger states in a bloc by exploiting the small states’ vulnerabilities and security gaps. Inevitably, both the defensive and foreign policy collaborations of small states with bigger states have been and are constantly re-evaluated to tackle and prevent such problems. In essence, the goal of this ‘re-evaluation’ aims to achieve a twofold goal: The first is the small states’ quest to appear as a reliable partner within the bloc, while the second is to avoid being the weakest security link in the bloc’s defence against hybrid threats. Indeed, the hybrid arena is a security area where they can excel in the bloc, despite the potential and expected conventional military deficiencies. This new environment prompts us to think security from the perspective of small states differently and in relation to their role as members or big organisations. The paper focuses on the case of Cyprus following its accession to the European Union and examines how a country that has had a very focused security orientation –not least due to its ongoing security problems– altered its foreign and defence policies within the European Union to ensure compliance with the rest of the bloc, while at the same time maximizing its role as a security player. Specifically, it examines the methods through which the country shifted its policies as well as the challenges and opportunities that emerged from these security shifts.

Keywords: Cyprus, defence, foreign policy, hybrid threats, ontological security, small states

Procedia PDF Downloads 130

Authors: Nipuli Gajanayake

Abstract:

The Russian military role beyond its national frontier has become a debatable hot topic in the international political arena. It’s advanced, and strategic responses in combating regional and international security problems have always been a factor to debate and criticize. Under such critical circumstances, Russia is attentive to play its military role according to the provisions of the Military Doctrine of the Russian Federation. Most importantly, the legal basis of the doctrine has also consisted with the generally recognized principles and norms of international law. Therefore, Russian international military assistances are pledged to accomplish international peace and security. The expansion of Russian military participation in the United Nations Peacekeeping operations, and military- political, and technical cooperation have largely evident the great effort of Russia in maintaining and restoring international peace and security. Moreover, the conflict management diplomacy and the development of dialogue with nation states to confront military risks and threats can also identify as a part of preserving international peace and security. In addition, Russia strives to strengthen the system of collective security with regional and international organizations through the legal framework of the Collective Security Treaty Organization (CSTO). Maintaining cooperative ties with the Commonwealth of Independent States (CIS), the Organization for Security and Cooperation in Europe (OSCE) and the Shanghai Cooperation Organization (SCO) have highlighted the Russian deliberation on maintaining regional peace and security. Nevertheless, the extension of cordial relations with nation states and providing of military assistances during tensions and conflicts on their territories can also underscore as Russians commitments on maintaining international peace and security. Observing and recognizing the disparity between the West portrayed terms like ‘illegal Russian interventions’ and the comprehensive reality behind the ‘Russian military assistances’ are important to understand. However, a lopsided vision or a perspective towards the Russian international military role would not present a clear understanding about its valued and also dedicated hard work on maintaining international peace and security.

Keywords: collective security, diplomacy, international military role of Russia, international peace and security

Procedia PDF Downloads 290

Authors: Ajish Sreedharan

Abstract:

Security in transmission and storage of digital images has its importance in today’s image communications and confidential video conferencing. Due to the increasing use of images in industrial process, it is essential to protect the confidential image data from unauthorized access. Advanced Encryption Standard (AES) is a well known block cipher that has several advantages in data encryption. However, it is not suitable for real-time applications. This paper presents modifications to the Advanced Encryption Standard to reflect a high level security and better image encryption. The modifications are done by adjusting the ShiftRow Transformation and using On Dynamic chaotic S-BOX. In AES the Substitute bytes, Shift row and Mix columns by themselves would provide no security because they do not use the key. In Dynamic chaotic S-BOX Based AES the Substitute bytes provide security because the S-Box is constructed from the key. Experimental results verify and prove that the proposed modification to image cryptosystem is highly secure from the cryptographic viewpoint. The results also prove that with a comparison to original AES encryption algorithm the modified algorithm gives better encryption results in terms of security against statistical attacks.

Keywords: advanced encryption standard (AES), on dynamic chaotic S-BOX, image encryption, security analysis, ShiftRow transformation

Procedia PDF Downloads 427

Authors: Kaltume Kabir Sharrif

Abstract:

Teacher education is the bedrock of educational growth and development of any nation. With development in education all human problems can be overcome. Educational Psychology, on the other hand, is in a strategic position for any programme in teacher education to be successful hence other aspects of societal issues. In other words, no teacher education can be of any help in ensuring transformation and security without adequate study in Educational Psychology. Without adequate knowledge and skills in Educational Psychology the teacher may not function effectively in the course of discharging his duty. It is in view of this, that the paper discusses some aspects of Educational Psychology that are of paramount importance in teacher education for sustainable transformation and security of Nigeria. Some recommendations were offered on the role educational psychology play in resolving security challenges facing the country. These include enriching educational psychology with topics from forensic psychology that will provide the teacher the skills of fighting crime in the school, Behavioural Science Unit should be established in each school to monitor the behavior of students, among others.

Keywords: transformation, security challenges, teacher education, educational psychology

Procedia PDF Downloads 491

Authors: Alireza Pour Ebrahimi, Vahid Abasi

Abstract:

Recently by the extension of internet usage, Research on the intrusion detection system takes a significant importance. Many of improvement systems prevent internal and external network attacks by providing security through firewalls and antivirus. In recently years, intrusion detection systems gradually turn from host-based systems and depend on O.S to the distributed systems which are running on multiple O.S. In this work, by considering the diversity of computer networks whit respect to structure, architecture, resource, services, users and also security goals requirement a fully distributed collaborative intrusion detection system based on peer to peer architecture is suggested. in this platform each partner device (matched device) considered as a peer-to-peer network. All transmitted information to network are visible only for device that use security scanning of a source. Experimental results show that the distributed architecture is significantly upgradeable in respect to centralized approach.

Keywords: network, intrusion detection system, peer to peer, internal and external network

Procedia PDF Downloads 533

Authors: Cavidan Yakupoglu, Kurt Rohloff

Abstract:

In this study, we aim to provide a novel parameter selection model for the BFVrns scheme, which is one of the prominent FHE schemes. Parameter selection in lattice-based FHE schemes is a practical challenges for experts or non-experts. Towards a solution to this problem, we introduce a hybrid principles-based approach that combines theoretical with experimental analyses. To begin, we use regression analysis to examine the parameters on the performance and security. The fact that the FHE parameters induce different behaviors on performance, security and Ciphertext Expansion Factor (CEF) that makes the process of parameter selection more challenging. To address this issue, We use a multi-objective optimization algorithm to select the optimum parameter set for performance, CEF and security at the same time. As a result of this optimization, we get an improved parameter set for better performance at a given security level by ensuring correctness and security against lattice attacks by providing at least 128-bit security. Our result enables average ~ 5x smaller CEF and mostly better performance in comparison to the parameter sets given in [1]. This approach can be considered a semiautomated parameter selection. These studies are conducted using the PALISADE homomorphic encryption library, which is a well-known HE library. The abstract goes here.

Keywords: lattice cryptography, fully homomorphic encryption, parameter selection, LWE, RLWE

Procedia PDF Downloads 137

Authors: Bambang Novianto, Rizal Aditya Herdianto, Raphael Bianco Huwae, Afifah, Alfonso Brolin Sihite, Rudi Lumanto

Abstract:

The mobile banking application is a type of mobile application that is growing rapidly. This is caused by the ease of service and time savings in making transactions. On the other hand, this certainly provides a challenge in security issues. The use of mobile banking can not be separated from cyberattacks that may occur which can result the theft of sensitive information or financial loss. The financial loss and the theft of sensitive information is the most avoided thing because besides harming the user, it can also cause a loss of customer trust in a bank. Cyberattacks that are often carried out against mobile applications are phishing, hacking, theft, misuse of data, etc. Cyberattack can occur when a vulnerability is successfully exploited. OWASP mobile Top 10 has recorded as many as 10 vulnerabilities that are most commonly found in mobile applications. In the others, android permissions also have the potential to cause vulnerabilities. Therefore, an overview of the profile of the mobile banking application becomes an urgency that needs to be known. So that it is expected to be a consideration of the parties involved for improving security. In this study, an experiment has been conducted to capture the profile of the mobile banking applications in Indonesia based on android permission and OWASP mobile top 10 2016. The results show that there are six basic vulnerabilities based on OWASP Mobile Top 10 that are most commonly found in mobile banking applications in Indonesia, i.e. M1:Improper Platform Usage, M2:Insecure Data Storage, M3:Insecure Communication, M5:Insufficient Cryptography, M7:Client Code Quality, and M9:Reverse Engineering. The most permitted android permissions are the internet, status network access, and telephone read status.

Keywords: mobile banking application, OWASP mobile top 10 2016, android permission, sensitive information, financial loss

Procedia PDF Downloads 133

Authors: Jaouadi Ikram, Machhout Mohsen

Abstract:

The development of a quantum key distribution (QKD) system on a field-programmable gate array (FPGA) platform is the subject of this paper. A quantum cryptographic protocol is designed based on the properties of quantum information and the characteristics of FPGAs. The proposed protocol performs key extraction, reconciliation, error correction, and privacy amplification tasks to generate a perfectly secret final key. We modeled the presence of the spy in our system with a strategy to reveal some of the exchanged information without being noticed. Using an FPGA card with a 100 MHz clock frequency, we have demonstrated the evolution of the error rate as well as the amounts of mutual information (between the two interlocutors and that of the spy) passing from one step to another in the key generation process.

Keywords: QKD, BB84, protocol, cryptography, FPGA, key, security, communication

Procedia PDF Downloads 174

Authors: Jyoti Rani, Ashima Anand, Shivendra Shivani

Abstract:

In recent years, physiological signals obtained in telemedicine have been stored independently from patient information. In addition, people have increasingly turned to mobile devices for information on health-related topics. Major authentication and security issues may arise from this storing, degrading the reliability of diagnostics. This study introduces an approach to reversible watermarking, which ensures security by utilizing the electrocardiogram (ECG) signal as a carrier for embedding patient information. In the proposed work, Pan-Tompkins++ is employed to convert the 1D ECG signal into a 2D signal. The frequency subbands of a signal are extracted using RDWT(Redundant discrete wavelet transform), and then one of the subbands is subjected to MSVD (Multiresolution singular valued decomposition for masking. Finally, the encrypted watermark is embedded within the signal. The experimental results show that the watermarked signal obtained is indistinguishable from the original signals, ensuring the preservation of all diagnostic information. In addition, the DnCNN (Denoising convolutional neural network) concept is used to denoise the retrieved watermark for improved accuracy. The proposed ECG signal-based watermarking method is supported by experimental results and evaluations of its effectiveness. The results of the robustness tests demonstrate that the watermark is susceptible to the most prevalent watermarking attacks.

Keywords: ECG, VMD, watermarking, PanTompkins++, RDWT, DnCNN, MSVD, chaotic encryption, attacks

Procedia PDF Downloads 80

Authors: Mohammad Mahdi Namdari, Hosein Torki

Abstract:

Security as an abstract concept, has involved human being from the beginning of creation to the present, and certainly to the future. Accordingly, battles, conflicts, challenges, legal proceedings, crimes and all issues related to human kind are associated with this concept. Today by interviewing people about their life, the security of societies and Social crimes are interviewed too. Along with the security as an infrastructure and vital concept, the economy and related issues e.g. welfare, per capita income, total government revenue, export, import and etc. is considered another infrastructure and vital concept. These two vital concepts (Security and Economic) have linked together complexly and significantly. The present study employs analytical-descriptive research method using documents and Statistics of official sources. Discovery and explanation of this mutual connection are comprising a profound and extensive research; so management, development and reform in system and relationships of the scope of this two concepts are complex and difficult. Tourism and its position in today's economy is one of the main pillars of the economy of the 21st century that maybe associate with the security and social crimes more than other pillars. Like all human activities, economy of societies and partially tourism dependent on security especially in the public and social security. On the other hand, the true economic development (generally) and the growth of the tourism industry (dedicated) are a security generating and supporting for it, because a dynamic economic infrastructure prevents the formation of centers of crime and illegal activities by providing a context for socio-economic development for all segments of society in a fair and humane. This relationship is a formula of the complexity between the two concept of economy and security. Police as a revealed or people-oriented organization in the field of security directly has linked with the economy of a community and is very effective In the face of the tourism industry. The relationship between security and national crime index, and economic indicators especially ones related to tourism is confirming above discussion that is notable. According to understanding processes about security and economic as two key and vital concepts are necessary and significant for sovereignty of governments.

Keywords: economic, police, tourism, social security

Procedia PDF Downloads 312

Authors: Basel Halak, Christian Hall, Syed Abdul Father, Nelson Chow Wai Kit, Ruwaydah Widaad Raymode

Abstract:

The attack surface on computing devices is becoming very sophisticated, driven by the sheer increase of interconnected devices, reaching 50B in 2025, which makes it easier for adversaries to have direct access and perform well-known physical attacks. The impact of increased security vulnerability of electronic systems is exacerbated for devices that are part of the critical infrastructure or those used in military applications, where the likelihood of being targeted is very high. This continuously evolving landscape of security threats calls for a new generation of defense methods that are equally effective and adaptive. This paper proposes an intelligent defense mechanism to protect from physical tampering, it consists of a tamper detection system enhanced with machine learning capabilities, which allows it to recognize normal operating conditions, classify known physical attacks and identify new types of malicious behaviors. A prototype of the proposed system has been implemented, and its functionality has been successfully verified for two types of normal operating conditions and further four forms of physical attacks. In addition, a systematic threat modeling analysis and security validation was carried out, which indicated the proposed solution provides better protection against including information leakage, loss of data, and disruption of operation.

Keywords: anti-tamper, hardware, machine learning, physical security, embedded devices, ioT

Procedia PDF Downloads 142

Authors: Dalia Elsheakh, Hala Elsadek

Abstract:

The objective of this paper is to propose a competitive microwave security system that can be applied with reasonable price at museums in Egypt, considering the priceless elements in 23 Egyptian museums countrywide and the lack of good recent security systems even in big ones. The system main goal is to detect valuable targets to ensure their presence in the pre-defined positions in order to protect them from being stolen. The system is based on real time microwave scanning for the required space volume through transmitting RF waves at consecutive angles and detecting the back scattered waves from required objects to detect their existence at pre-specified locations.

Keywords: microwave security system, object locating system, real time locating system (RTLS), antenna array, array electronic scanning

Procedia PDF Downloads 334

Authors: Benn Van Den Ende

Abstract:

Over the last three decades, there has been an exponential increase in developments in implantable technologies such as the cardiac pacemaker, bionic prosthesis, and implantable chips. The effect of these technologies has been well researched in many areas. However, there is a lack of critical research in security studies. This paper will provide preliminary findings to an ongoing research project which aims to examine how implantable technologies effect the practices of governmentality in the context of security. It will do this by looking at the practices and techniques of governmentality along with different implantable technologies which increase, change or otherwise affect governmental practices. The preliminary research demonstrates that implantable technologies have a profound effect on the practices of governmentality, while also paving the way for further research into a potential ‘new’ form of governmentality in relation to these implantable technologies.

Keywords: critical security studies, governmentality, security theory, political theory, Foucault

Procedia PDF Downloads 174

Authors: D. Pugazhenthi, B. Sree Vidya

Abstract:

Cloud computing is one of the emerging technologies that enables end users to use the services of cloud on ‘pay per usage’ strategy. This technology grows in a fast pace and so is its security threat. One among the various services provided by cloud is storage. In this service, security plays a vital factor for both authenticating legitimate users and protection of information. This paper brings in efficient ways of authenticating users as well as securing information on the cloud. Initial phase proposed in this paper deals with an authentication technique using multi-factor and multi-dimensional authentication system with multi-level security. Unique identification and slow intrusive formulates an advanced reliability on user-behaviour based biometrics than conventional means of password authentication. By biometric systems, the accounts are accessed only by a legitimate user and not by a nonentity. The biometric templates employed here do not include single trait but multiple, viz., iris and finger prints. The coordinating stage of the authentication system functions on Ensemble Support Vector Machine (SVM) and optimization by assembling weights of base SVMs for SVM ensemble after individual SVM of ensemble is trained by the Artificial Fish Swarm Algorithm (AFSA). Thus it helps in generating a user-specific secure cryptographic key of the multimodal biometric template by fusion process. Data security problem is averted and enhanced security architecture is proposed using encryption and decryption system with double key cryptography based on Fuzzy Neural Network (FNN) for data storing and retrieval in cloud computing . The proposing scheme aims to protect the records from hackers by arresting the breaking of cipher text to original text. This improves the authentication performance that the proposed double cryptographic key scheme is capable of providing better user authentication and better security which distinguish between the genuine and fake users. Thus, there are three important modules in this proposed work such as 1) Feature extraction, 2) Multimodal biometric template generation and 3) Cryptographic key generation. The extraction of the feature and texture properties from the respective fingerprint and iris images has been done initially. Finally, with the help of fuzzy neural network and symmetric cryptography algorithm, the technique of double key encryption technique has been developed. As the proposed approach is based on neural networks, it has the advantage of not being decrypted by the hacker even though the data were hacked already. The results prove that authentication process is optimal and stored information is secured.

Keywords: artificial fish swarm algorithm (AFSA), biometric authentication, decryption, encryption, fingerprint, fusion, fuzzy neural network (FNN), iris, multi-modal, support vector machine classification

Procedia PDF Downloads 246

Authors: Stephen Wheat

Abstract:

Institutional mobile application governance and distribution processes are essential to mobile app innovation. The absence of effective processes poses a significant barrier to the development and adoption of mobile apps for use within a research enterprise and also impedes the translational science of applying research apps in clinical and engineering settings. To accelerate mobile app innovation and adoption, Emory University and Emory Healthcare implemented a three-pronged strategy including. I) Mobile app review and distribution policies and processes. II) Mobile app management infrastructure and mobile app foundation components. III) A strategic sourcing strategy based on preferred mobile app development firms. The results have been an increase from five to 56 mobile apps in the pipeline over three years; increased engagement from technology transfer, legal counsel, compliance, and information security; articulation of a coordinated mobile app strategy; and allocation of more institutional resources toward specific mobile technology and mobile application goals.

Keywords: mobile app management, governance, distribution, information security

Procedia PDF Downloads 287