Search results for: privacy and security threats

Authors: Maruf Farhan, Abdul Salih, Sikandar Ali Tahir

Abstract:

Protecting patient information's confidentiality is paramount considering the widespread use of Internet of Things (IoT) gadgets in medical settings. This study's subjects are decentralized identifiers (DIDs) and verifiable credentials (VCs) in conjunction with an OAuth-based authorization framework, as they are the key to protecting IoT healthcare devices. DIDs enable autonomous authentication and trust formation between IoT devices and other entities. To authorize users and enforce access controls based on verified claims, VCs offer a secure and adaptable solution. Through the proposed method, medical facilities can improve the privacy and security of their IoT devices while streamlining access control administration. A Smart pill dispenser in a hospital setting is used to illustrate the advantages of this method. The findings demonstrate the value of DIDs, VCs, and OAuth-based delegation in protecting the IoT devices. Improved processes for authorizing and controlling access to IoT devices are possible thanks to the research findings, which also help ensure patient confidentiality in the healthcare sector.

Keywords: Iot, DID, authorization, verifiable credentials

Procedia PDF Downloads 61

Authors: Azene Zenebe

Abstract:

Deep learning is a subset of machine learning which incorporates techniques for the construction of artificial neural networks and found to be useful for modeling complex problems with large dataset. Deep learning requires a very high power computational and longer time for training. By aggregating computing power, high performance computer (HPC) has emerged as an approach to resolving advanced problems and performing data-driven research activities. Cyber threat intelligence (CIT) is actionable information or insight an organization or individual uses to understand the threats that have, will, or are currently targeting the organization. Results of review of literature will be presented along with results of experimental study that compares the performance of tree-based and function-base machine learning including deep learning algorithms using secondary dataset collected from darknet.

Keywords: deep-learning, cyber security, cyber threat modeling, tree-based machine learning, function-based machine learning, data science

Procedia PDF Downloads 137

Authors: Maria Thaemar Tana

Abstract:

The paper examines the policy and practice of Japan’s human security. Specifically, it asks the question: How does Japan’s shift towards a more proactive defence posture affect the place of human security in its foreign policy agenda? Corollary to this, how is Japan sustaining its human security policy? The objective of this research is to understand how Japan, chiefly through the Ministry of Foreign Affairs (MOFA) and JICA (Japan International Cooperation Agency), sustains the concept of human security as a policy framework. In addition, the paper also aims to show how and why Japan continues to include the concept in its overall foreign policy agenda. In light of the recent developments in Japan’s security policy, which essentially result from the changing security environment, human security appears to be gradually losing relevance. The paper, however, argues that despite the strategic challenges Japan faced and is facing, as well as the apparent decline of its economic diplomacy, human security remains to be an area of critical importance for Japanese foreign policy. In fact, as Japan becomes more proactive in its international affairs, the strategic value of human security also increases. Human security was initially envisioned to help Japan compensate for its weaknesses in the areas of traditional security, but as Japan moves closer to a more activist foreign policy, the soft policy of human security complements its hard security policies. Using the framework of neoclassical realism (NCR), the paper recognizes that policy-making is essentially a convergence of incentives and constraints at the international and domestic levels. The theory posits that there is no perfect 'transmission belt' linking material power on the one hand, and actual foreign policy on the other. State behavior is influenced by both international- and domestic-level variables, but while systemic pressures and incentives determine the general direction of foreign policy, they are not strong enough to affect the exact details of state conduct. Internal factors such as leaders’ perceptions, domestic institutions, and domestic norms, serve as intervening variables between the international system and foreign policy. Thus, applied to this study, Japan’s sustained utilization of human security as a foreign policy instrument (dependent variable) is essentially a result of systemic pressures (indirectly) (independent variables) and domestic processes (directly) (intervening variables). Two cases of Japan’s human security practice in two regions are examined in two time periods: Iraq in the Middle East (2001-2010) and South Sudan in Africa (2011-2017). The cases show that despite the different motives behind Japan’s decision to participate in these international peacekeepings ad peace-building operations, human security continues to be incorporated in both rhetoric and practice, thus demonstrating that it was and remains to be an important diplomatic tool. Different variables at the international and domestic levels will be examined to understand how the interaction among them results in changes and continuities in Japan’s human security policy.

Keywords: human security, foreign policy, neoclassical realism, peace-building

Procedia PDF Downloads 116

Authors: Mohammad Reza Boroumand Devlagh

Abstract:

Employment problem, especially university graduates is the most important challenges in the decade ahead. The purpose of this study is the SWOT analysis for employment of graduates of Physical Education and Sport Sciences in Iran. The sample of this research consist of 115 (35.5 + 8.0 years) of physical education and sport sciences faculty members of higher education institutions, major sport managers and graduates of physical education and sport sciences. Library method, interview and questioners were used to collect data. The questionnaires were made in four parts: Strengths, Weaknesses, Opportunities and Threats with Cronbach's alpha coefficient of 0.94. After data collection, means, standard deviation (SD) and percentage were calculated by using SPSS software. Fridman was used for the statical analysis at P < 0.05. The results showed that Employment of graduates of Physical Education and Sport Sciences in Iran Located In the worst position possible (T-W area) in Strategic Position and Action Evaluation Matrix) SPACEM), and there are more weaknesses than strengths (2.02 < 2.5) in internal evaluation and there are more threats than opportunities(2.36 < 2.5) in external evaluation.

Keywords: employment, graduate, physical education and sport sciences, SWOT analysis

Procedia PDF Downloads 522

Authors: Mohsin Reza, Thirunaukarasu Subramaniam, M. Rezaul Islam

Abstract:

In Asia, economic and social well-being issues are rarely addressed. The major characteristics of the migrant workers in Asian countries are seriously exploited, marginalized, and infrequently looked from human rights perspective. This paper explored the opportunities and shortages of economic and social well-being for the migrant workers in Asia. A Qualitative Interpretative Meta-Synthesis (QIMS) was conducted to analyze the contextual socio-economic factors that characterized migrant workers’ economic and social well-being. It is perceived that in most of the recruiting countries, there are lacks of government commitments to the international protocols, conventions and laws that they ratified towards safeguarding migrant workers’ economic and social well-being. Results showed that the migrant workers had lack of job security, poor salary, long working hours, low access to the public services, poor health, poor living and working conditions, lack of legal rights, physical and mental threats. The finding would be important guideline to the governments, policy makers, legal rights practitioners, and human rights organizations.

Keywords: Asia, economic well-being, social well-being, migrant workers, human rights

Procedia PDF Downloads 302

Authors: Michal Stelmach

Abstract:

The aim of this paper is a critical analysis of the security policy in the field of the fight against transnational criminal groups in Central America in XXI century. We are analyzing all taken issues from several perspectives: political, anthropological, sociological and legal which allows me to confront behavior and the attitudes of the political elites against official legislative changes and declared actions, strategies and policies against practice. In the first part of paper we would like to present the genesis and characteristic of transnational gangs, called maras and next we would like to present their activities and roles within chosen sectors of organized crimes. In the second part we will analyze the government’s policy towards transnational criminal groups. The analysis will be concentrated on public safety policy implemented in specific Central American countries as well as regional international cooperation. The main intention of the author is to present the state of the security in Central America in XXI century by emphasizing failures and successes in the fight against transnational criminal organizations. Additionally we want to present and define the challenges currently facing the region now and to show the prediction of the situation’s development within next future and to define the recommendations on the design of public security policies in Central American countries.

Keywords: maras, public security, human rights, Central America

Procedia PDF Downloads 316

Authors: Mannan Ahmad Rasheed, Sawera Kanwal, Mansoor Ahmad Rasheed

Abstract:

The Internet of Things (IoT) has revolutionized the way we collect and process information, making it possible to gather data from a wide range of connected devices and sensors. This has led to the development of IoT-based information processing and computing systems that are capable of handling large amounts of data in real time. This paper provides a comprehensive overview of the current state of IoT-based information processing and computing, as well as the key challenges and gaps that need to be addressed. This paper discusses the potential benefits of IoT-based information processing and computing, such as improved efficiency, enhanced decision-making, and cost savings. Despite the numerous benefits of IoT-based information processing and computing, several challenges need to be addressed to realize the full potential of these systems. These challenges include security and privacy concerns, interoperability issues, scalability and reliability of IoT devices, and the need for standardization and regulation of IoT technologies. Moreover, this paper identifies several gaps in the current research related to IoT-based information processing and computing. One major gap is the lack of a comprehensive framework for designing and implementing IoT-based information processing and computing systems.

Keywords: IoT, computing, information processing, Iot computing

Procedia PDF Downloads 165

Authors: Memar Ayalew Demeke, Solomon Gebreyohans Gebru

Abstract:

In Africa, Regional Economic Communities (RECs) were initially established to tackle the economic challenges of the continent. However, overtime, they expanded their mandate to deal with the security threats of the continent such as terrorism. In fact, the fight against terrorism has been internationalized following the September 9/11 terrorist attack in the U.S.A. Since then, RECs have been giving considerable attention to preventing and combating terrorism in their respective regions. Similarly, IGAD has been involved in preventing and combating terrorism. So far, however, little has been done with regard to what IGAD has performed in fighting terrorism. Therefore, this study was intended to describe and analyze the legal and practical activities carried out by IGAD in its fight against terrorism in the region general and in Somalia in particular. Both descriptive and analytical methods were employed and data were analyzed through qualitative approach. Finally, based on the findings, the study argues that, instead of over-reliance on hard power as a means of fighting terrorism, IGAD should invest more on the political and socio-economic problems of its member states so as to address the root causes.

Keywords: regional economic communities, IGAD, terrorism, treaties, conventions

Procedia PDF Downloads 404

Authors: A. Andreasyan, C. Connors

Abstract:

The Elliptic Curve Digital Signature algorithm-based X509v3 certificates are becoming more popular due to their short public and private key sizes. Moreover, these certificates can be stored in Internet of Things (IoT) devices, with limited resources, using less memory and transmitted in network security protocols, such as Internet Key Exchange (IKE), Transport Layer Security (TLS) and Secure Shell (SSH) with less bandwidth. The proposed method gives another advantage, in that it increases the performance of the above-mentioned protocols in terms of key exchange by saving one scalar multiplication operation.

Keywords: cryptography, elliptic curve digital signature algorithm, key exchange, network security protocol

Procedia PDF Downloads 130

Authors: Amani A. Saad, Ahmed A. El-Farag, El-Sayed A. Helali

Abstract:

Cloud computing is an important and promising field in the recent decade. Cloud computing allows sharing resources, services and information among the people of the whole world. Although the advantages of using clouds are great, but there are many risks in a cloud. The data security is the most important and critical problem of cloud computing. In this research a new security model for cloud computing is proposed for ensuring secure communication system, hiding information from other users and saving the user's times. In this proposed model Blowfish encryption algorithm is used for exchanging information or data, and SHA-2 cryptographic hash algorithm is used for data integrity. For user authentication process a simple user-name and password is used, the password uses SHA-2 for one way encryption. The proposed system shows an improvement of the processing time of uploading and downloading files on the cloud in secure form.

Keywords: cloud computing, data security, SAAS, PAAS, IAAS, Blowfish

Procedia PDF Downloads 337

Authors: James Semmens, James Boyd, Anna Ferrante, Katrina Spilsbury, Sean Randall, Adrian Brown

Abstract:

‘Big data’ is a relatively new concept that describes data so large and complex that it exceeds the storage or computing capacity of most systems to perform timely and accurate analyses. Health services generate large amounts of data from a wide variety of sources such as administrative records, electronic health records, health insurance claims, and even smart phone health applications. Health data is viewed in Australia and internationally as highly sensitive. Strict ethical requirements must be met for the use of health data to support health research. These requirements differ markedly from those imposed on data use from industry or other government sectors and may have the impact of reducing the capacity of health data to be incorporated into the real time demands of the Big Data environment. This ‘big data revolution’ is increasingly supported by national governments, who have invested significant funds into initiatives designed to develop and capitalize on big data and methods for data integration using record linkage. The benefits to health following research using linked administrative data are recognised internationally and by the Australian Government through the National Collaborative Research Infrastructure Strategy Roadmap, which outlined a multi-million dollar investment strategy to develop national record linkage capabilities. This led to the establishment of the Population Health Research Network (PHRN) to coordinate and champion this initiative. The purpose of the PHRN was to establish record linkage units in all Australian states, to support the implementation of secure data delivery and remote access laboratories for researchers, and to develop the Centre for Data Linkage for the linkage of national and cross-jurisdictional data. The Centre for Data Linkage has been established within Curtin University in Western Australia; it provides essential record linkage infrastructure necessary for large-scale, cross-jurisdictional linkage of health related data in Australia and uses a best practice ‘separation principle’ to support data privacy and security. Privacy preserving record linkage technology is also being developed to link records without the use of names to overcome important legal and privacy constraint. This paper will present the findings of the first ‘Proof of Concept’ project selected to demonstrate the effectiveness of increased record linkage capacity in supporting nationally significant health research. This project explored how cross-jurisdictional linkage can inform the nature and extent of cross-border hospital use and hospital-related deaths. The technical challenges associated with national record linkage, and the extent of cross-border population movements, were explored as part of this pioneering research project. Access to person-level data linked across jurisdictions identified geographical hot spots of cross border hospital use and hospital-related deaths in Australia. This has implications for planning of health service delivery and for longitudinal follow-up studies, particularly those involving mobile populations.

Keywords: data integration, data linkage, health planning, health services research

Procedia PDF Downloads 207

Authors: Yuli Paola Cifuentes Sanabria, Lina Paola Beltrán Beltrán, Leonardo Juan Ramírez López

Abstract:

The availability to deploy mobile applications for healthcare is increasing daily thru different mobile app stores. But within these capabilities the number of hacking attacks has also increased, in particular into medical mobile applications. The security vulnerabilities in medical mobile apps can be triggered by errors in code, incorrect logic, poor design, among other parameters. This is usually used by malicious attackers to steal or modify the users’ information. The aim of this research is to analyze the vulnerabilities detected in mobile medical apps according to risk factor standards defined by OWASP in 2014.

Keywords: mHealth apps, OWASP, protocols, security vulnerabilities, risk factors

Procedia PDF Downloads 496

Authors: Mohamed Elkholy, Ahmed Elfatatry

Abstract:

Cloud computing has emerged as a flexible computing paradigm that reshaped the Information Technology map. However, cloud computing brought about a number of security challenges as a result of the physical distribution of computational resources and the limited control that users have over the physical storage. This situation raises many security challenges for data integrity and confidentiality as well as authentication and access control. This work proposes a security mechanism for data integrity that allows a data owner to be aware of any modification that takes place to his data. The data integrity mechanism is integrated with an extended Kerberos authentication that ensures authorized access control. The proposed mechanism protects data confidentiality even if data are stored on an untrusted storage. The proposed mechanism has been evaluated against different types of attacks and proved its efficiency to protect cloud data storage from different malicious attacks.

Keywords: access control, data integrity, data confidentiality, Kerberos authentication, cloud security

Procedia PDF Downloads 316

Authors: Anders Troedsson

Abstract:

For us humans, risk and insecurity are intimately linked to vulnerabilities - where there is vulnerability, there is potentially risk and insecurity. Reducing vulnerability through compensatory measures means decreasing the likelihood of a certain external event be qualified as a risk/threat/assault, and thus also means increasing the individual’s sense of security. The paper suggests that a meaningful way to approach the study of risk/ insecurity is to organize thinking about the vulnerabilities that external phenomena evoke in humans as perceived by them. Such phenomena are, through a set of given vulnerabilities, potentially translated into perceptions of "insecurity." An ontological discussion about salient timespace characteristics of external phenomena as perceived by humans, including such which potentially can be qualified as risk/threat/assault, leads to the positing of two dimensions which are central for describing what in the paper is called the essence of risk/threat/assault. As is argued, such modeling helps analysis steer free of the subjective factor which is intimately connected to human perception and which mediates between phenomena “out there” potentially identified as risk/threat/assault, and their translation into an experience of security or insecurity. A proposed set of universally given vulnerabilities are scrutinized with the help of the two dimensions, resulting in a modeling effort featuring four realms of vulnerabilities which together represent a dynamic whole. This model in turn informs modeling on human security.

Keywords: human vulnerabilities, human security, immediate-inert, material-immaterial, timespace

Procedia PDF Downloads 278

Authors: Ana Luiza Da Gama E Souza

Abstract:

This article aims to discuss the problem of food insecurity in Brazil in what it refers to contamination of food by chemical substances such as herbicides, pesticides, and other contaminants. The issue will be faced by analyzing, on the one hand, the standards that guide the food system in the world and, on the other hand, human rights indicators whose purpose is to provide an effective monitoring of the State's obligations to guarantee food security, analyzing the implications of the former for the success of the latter. The methodology adopted in this article was bibliographic-documentary and consists of three moments of analysis. The first moment consists in the analysis of the reports of the Commission on Human Rights of the Organization of American States to identify the set of progress indicators developed by the Commission. This analysis will involve the new methodology used to evaluate the efficiency in monitoring food security in Brazil the case of using pesticides in the production of food at levels of toxicity not admitted by the inspection bodies. The second moment consists in evaluating the mechanism for monitoring food security in Brazil, which was initially established by the National Food Security Plan (PLANSAN) for 2012-2015 and improved by the II National Food Security Plan for 2016-2019. Those mechanisms were prepared by the Chamber (CAISAN), and have the function to compare the monitoring proposals with the results presented by CAISAN on the Indicators and Results Report of the National Plan for Food and Nutrition Security 2012-2015. The third moment was intended to understand, analyze and evaluate the standardization process of the agri-food system, especially regarding the level of toxicity standards, that is related to food safety monitoring as a guarantee of pesticide-free food. The results show the dependence between private standards of toxicity and the indicators of food safety that leads to inefficiency on monitoring that mechanism in Brazil.

Keywords: standards, indicators, human rights, food security

Procedia PDF Downloads 317

Authors: Seyed Nima Tayarani Bathaie

Abstract:

In this paper, an image-receiving system was designed and implemented through optimization of object detection algorithms using Haar features. This optimized algorithm served as face and eye detection separately. Then, cascading them led to a clear image of the user. Utilization of this feature brought about higher security by preventing fraud. This attribute results from the fact that services will be given to the user on condition that a clear image of his face has already been captured which would exclude the inappropriate person. In order to expedite processing and eliminating unnecessary ones, the input image was compressed, a motion detection function was included in the program, and detection window size was confined.

Keywords: face detection algorithm, Haar features, security of ATM

Procedia PDF Downloads 399

Authors: Rhisan Mae Enriquez-Morales

Abstract:

The primary concern of this study is to answer the question: How does the Philippine government formulate its foreign policy with respect to its territorial claims over areas in the West Philippine Sea after the Scarborough standoff in April 2012? Specifically, the study seeks to provide understanding on the political process in the formulation of foreign policy relating to the Philippine claims in the West Philippine Sea after the 2012 Scarborough Standoff, by looking into the relationship of bureaucracies and how it influences the decision-making process. Secondly, this study aims to determine the long and short term foreign policies of the Philippines with respect to its territorial claims over the West Philippine Sea. Lastly, this study seeks to determine the implication of Philippine foreign policy in settling the West Philippine Sea dispute on the country’s national security. The Bureaucratic Politics Model (BPM) in Foreign Policy Analysis (FPA) is the framework utilized in this study, which focuses primarily on the relationship of bureaucracies in the formulation of foreign policy and how these agencies influence the process of foreign policy formulation. The findings of this study reveal that: first, the Philippines foreign policy in the West Philippine Sea continues to develop to address current developments in the WPS. Second, as the government requires demilitarization there is a shift from traditional to non-traditional security approach. This shift caused inconvenience from the defense sector particularly the Navy thinking that they are being deprived of their traditional roles. Lastly, the Philippine government’s greater emphasis on internal security operation implies the need to reassess its security concerns and look into territorial security.

Keywords: bureaucratic politics model, foreign policy analysis, security, West Philippine sea

Procedia PDF Downloads 370

Authors: Sara Vora (Hoxha)

Abstract:

Defamation, invasion of privacy, and cyberbullying have all increased in tandem with the growth of the internet. European international private law may struggle to deal with such transgressions if they occur in many jurisdictions. The current study examines how effectively the legal system of European international private law addresses abuses of personality rights in cyberspace. The study starts by discussing how established legal frameworks are being threatened by online personality rights abuses. The article then looks into the rules and regulations of European international private law that are in place to handle overseas lawsuits. This article examines the different elements that courts evaluate when deciding which law to use in a particular case, focusing on the concepts of jurisdiction, choice of law, and recognition and execution of foreign judgements. Next, the research analyses the function of the European Union in preventing and punishing online personality rights abuses. Key pieces of law that control the collecting and processing of personal data on the Internet, including the General Data Protection Regulation (GDPR) and the e-Commerce Directive, are discussed. In addition, this article investigates how the ECtHR handles cases involving the infringement of personal freedoms, including privacy and speech. The article finishes with an assessment of how well the legal framework of European international private law protects individuals' right to privacy online. It draws attention to problems with the present legal structure, such as the inability to enforce international judgements, the inconsistency between national laws, and the necessity for stronger measures to safeguard people' rights online. This paper concludes that while European international private law provides a useful framework for dealing with violations of personality rights online, further harmonisation and stronger enforcement mechanisms are necessary to effectively protect individuals' rights in the digital age.

Keywords: European international private law, personality rights, internet, jurisdiction, cross-border disputes, data protection

Procedia PDF Downloads 61

Authors: Mohammad A. Alia

Abstract:

With the rapid evolution of the internet applications, cloud computing becomes one of today’s hottest research areas due to its ability to reduce costs associated with computing. Cloud is, therefore, increasing flexibility and scalability for computing services in the internet. Cloud computing is Internet based computing due to shared resources and information which are dynamically delivered to consumers. As cloud computing share resources via the open network, hence cloud outsourcing is vulnerable to attack. Therefore, this paper will explore data security of cloud computing by implementing chaotic cryptography. The proposal scenario develops a problem transformation technique that enables customers to secretly transform their information. This work proposes the chaotic cryptographic algorithms have been applied to enhance the security of the cloud computing accessibility. However, the proposed scenario is secure, easy and straightforward process. The chaotic encryption and digital signature systems ensure the security of the proposed scenario. Though, the choice of the key size becomes crucial to prevent a brute force attack.

Keywords: chaos, cloud computing, security, cryptography

Procedia PDF Downloads 330

Authors: Anil Ranjitbhai Patel, Clement John Shaji, Peter Liggesmeyer

Abstract:

Safety and security of autonomous vehicles (AVs) is a growing concern, first, due to the increased number of safety-critical functions taken over by automotive embedded systems; second, due to the increased exposure of the software-intensive systems to potential attackers; third, due to dynamic interaction in an uncertain and unknown environment at runtime which results in changed functional and non-functional properties of the system. Frequently occurring environmental uncertainties, random component failures, and compromise security of the AVs might result in hazardous events, sometimes even in an accident, if left undetected. Beyond these technical issues, we argue that the safety and security of AVs against accidental and deliberate faults are poorly understood and rarely implemented. One possible way to overcome this is through a well-known diversity approach. As an effective approach to increase safety and security, diversity has been widely used in the aviation, railway, and aerospace industries. Thus, the paper proposes fault-tolerance by diversity model takes into consideration the mitigation of accidental and deliberate faults by application of structure and variant redundancy. The model can be used to design the AVs with various types of diversity in hardware and software-based multi-version system. The paper evaluates the presented approach by employing an example from adaptive cruise control, followed by discussing the case study with initial findings.

Keywords: autonomous vehicles, diversity, fault-tolerance, adaptive cruise control, safety, security

Procedia PDF Downloads 112

Authors: Ibtissem Talbi

Abstract:

During the last decade, a variety of chaos-based cryptosystems have been investigated. Most of them are based on the structure of Fridrich, which is based on the traditional confusion-diffusion architecture proposed by Shannon. Compared with traditional cryptosystems (DES, 3DES, AES, etc.), the chaos-based cryptosystems are more flexible, more modular and easier to be implemented, which make them suitable for large scale-data encyption, such as images and videos. The heart of any chaos-based cryptosystem is the chaotic generator and so, a part of the efficiency (robustness, speed) of the system depends greatly on it. In this talk, we give an overview of the state of the art of chaos-based block ciphers and we describe some of our schemes already proposed. Also we will focus on the essential characteristics of the digital chaotic generator, The needed performance of a chaos-based block cipher in terms of security level and speed of calculus depends on the considered application. There is a compromise between the security and the speed of the calculation. The security of these block block ciphers will be analyzed.

Keywords: chaos-based cryptosystems, chaotic generator, security analysis, structure of Fridrich

Procedia PDF Downloads 671

Authors: Yousef Farhaoui

Abstract:

An IDS is a tool which is used to improve the level of security.In this paper we present different architectures of IDS. We will also discuss measures that define the effectiveness of IDS and the very recent works of standardization and homogenization of IDS. At the end, we propose a new model of IDS called BiIDS (IDS Based on the two principles of detection).

Keywords: intrusion detection, architectures, characteristic, tools, security

Procedia PDF Downloads 449

Authors: M. Tahir Demirsel, Mustafa Atsan

Abstract:

Many elements of the environment in which businesses operate today leave them faced with unexpected threats and opportunities. One of the major threats is business crisis. The crisis is a state of affairs in a business wherein the executives must take urgent and unprecedented action to try to save the business from failure. In order to survive in the business environment, organizations should be prepared for the potential crises. Technological developments, uncertainty in the market and the intense competition increase the probability of encountering a crisis for organizations. Therefore, by acting proactively to predict crisis, to detect signals of crisis and be prepared for a crisis by taking necessary precautions accordingly, is of great importance for businesses. In this context, the objective of this study is to reveal that how much organizations are proactive and can predict the future crises and investigate whether they are prepared for possible crises or not. The research was conducted on 222 business executives in one of the major industrial zones of Turkey, Konya Organized Industrial Zone (KOS). The findings are analyzed through descriptive statistics and multiple regression analysis. According to the results, it has been observed that organizations cannot predict the crisis signals and are not prepared for potential crises.

Keywords: crisis preparedness, crisis signals, industrial organizations, proactivity

Procedia PDF Downloads 502

Authors: Bahadir Aydin

Abstract:

It is difficult to access accurate knowledge because of mass data. This huge data make environment more and more caotic. Data are main piller of intelligence. The affiliation between intelligence and knowledge is quite significant to understand underlying truths. The data gathered from different sources can be modified, interpreted and classified by using intelligence cycle process. This process is applied in order to progress to wisdom as well as intelligence. Within this process the effect of tacit knowledge is crucial. Knowledge which is classified as explicit and tacit knowledge is the key element for any purpose. Tacit knowledge can be seen as "the tip of the iceberg”. This tacit knowledge accounts for much more than we guess in all intelligence cycle. If the concept of intelligence cycle is scrutinized, it can be seen that it contains risks, threats as well as success. The main purpose of all organizations is to be successful by eliminating risks and threats. Therefore, there is a need to connect or fuse existing information and the processes which can be used to develop it. Thanks to this process the decision-makers can be presented with a clear holistic understanding, as early as possible in the decision making process. Altering from the current traditional reactive approach to a proactive intelligence cycle approach would reduce extensive duplication of work in the organization. Applying new result-oriented cycle and tacit knowledge intelligence can be procured and utilized more effectively and timely.

Keywords: information, intelligence cycle, knowledge, tacit Knowledge

Procedia PDF Downloads 505

Authors: Joanne Sin Wei Yeoh, Quynh Lê, Daniel R. Terry, Rosa Mc Manamey

Abstract:

Food security is a global issue and one of the concerns in Australia, particularly in regional and rural areas. Despite Australia’s current ability to produce enough food to feed more than its current population, evidence has been accumulating over the last decade to demonstrate many Australians struggle to feed themselves, including immigrants from cultural and linguistically diverse (CALD) backgrounds. This study aims to identify the acculturation strategies used by migrants to enhance their approach to food security in Tasmania. The study employed a mixed methods approach that used both questionnaires and semi-structured interviews with migrants living in Tasmania. Descriptive and inferential statistics was used to analyse data collected from questionnaire, whereas, thematic analysis was employed to analyse the interview data. Migrants (n=301) completed the questionnaire with a response rate of 50.2% and 33 follow-up interviews were conducted. We found that majority of the migrants (70.0%) replaced food ingredients and went without the food they could not buy from shops with similar ingredients. Support and advice from friends were effective ways to improve their food access. Additionally, length of stays in Tasmania and region of origin were significantly associated with the ways migrants dealing with food security. The interview results revealed that migrants managed to adapt to the new food culture by using different acculturation strategies, including access food ingredients from other country; adjusting or adapting; home gardening and access to technology. In addition, social and cultural capitals were also treated as vital roles in improving migrants’ food security. To summarize, migrants employed different strategies for food security while acculturating into the new environment. Our findings could become the guidelines for migrants and relevant government or private sectors that address food security.

Keywords: food security, migrants, strategies, inferential statistics

Procedia PDF Downloads 506

Authors: Leandros A. Maglaras, Jianmin Jiang

Abstract:

The protection of the national infrastructures from cyberattacks is one of the main issues for national and international security. The funded European Framework-7 (FP7) research project CockpitCI introduces intelligent intrusion detection, analysis and protection techniques for Critical Infrastructures (CI). The paradox is that CIs massively rely on the newest interconnected and vulnerable Information and Communication Technology (ICT), whilst the control equipment, legacy software/hardware, is typically old. Such a combination of factors may lead to very dangerous situations, exposing systems to a wide variety of attacks. To overcome such threats, the CockpitCI project combines machine learning techniques with ICT technologies to produce advanced intrusion detection, analysis and reaction tools to provide intelligence to field equipment. This will allow the field equipment to perform local decisions in order to self-identify and self-react to abnormal situations introduced by cyberattacks. In this paper, an intrusion detection module capable of detecting malicious network traffic in a Supervisory Control and Data Acquisition (SCADA) system is presented. Malicious data in a SCADA system disrupt its correct functioning and tamper with its normal operation. OCSVM is an intrusion detection mechanism that does not need any labeled data for training or any information about the kind of anomaly is expecting for the detection process. This feature makes it ideal for processing SCADA environment data and automates SCADA performance monitoring. The OCSVM module developed is trained by network traces off line and detects anomalies in the system real time. The module is part of an IDS (intrusion detection system) developed under CockpitCI project and communicates with the other parts of the system by the exchange of IDMEF messages that carry information about the source of the incident, the time and a classification of the alarm.

Keywords: cyber-security, SCADA systems, OCSVM, intrusion detection

Procedia PDF Downloads 527

Authors: Stefano Fantin

Abstract:

The present analysis outcomes from the research undertaken in the course of the European-funded project EUNITY, which targets the gaps in research and development on cybersecurity and privacy between Europe and Japan. Under these auspices, the research presents a study on the policy approach of Japan, the EU and a number of Member States of the Union with regard to the handling and discovery of software vulnerabilities, with the aim of identifying methodological differences and similarities. This research builds upon a functional comparative analysis of both public policies and legal instruments from the identified jurisdictions. The result of this analysis is based on semi-structured interviews with EUNITY partners, as well as by the participation of the researcher to a recent report from the Center for EU Policy Study on software vulnerability. The European Union presents a rather fragmented legal framework on software vulnerabilities. The presence of a number of different legislations at the EU level (including Network and Information Security Directive, Critical Infrastructure Directive, Directive on the Attacks at Information Systems and the Proposal for a Cybersecurity Act) with no clear focus on such a subject makes it difficult for both national governments and end-users (software owners, researchers and private citizens) to gain a clear understanding of the Union’s approach. Additionally, the current data protection reform package (general data protection regulation), seems to create legal uncertainty around security research. To date, at the member states level, a few efforts towards transparent practices have been made, namely by the Netherlands, France, and Latvia. This research will explain what policy approach such countries have taken. Japan has started implementing a coordinated vulnerability disclosure policy in 2004. To date, two amendments can be registered on the framework (2014 and 2017). The framework is furthermore complemented by a series of instruments allowing researchers to disclose responsibly any new discovery. However, the policy has started to lose its efficiency due to a significant increase in reports made to the authority in charge. To conclude, the research conducted reveals two asymmetric policy approaches, time-wise and content-wise. The analysis therein will, therefore, conclude with a series of policy recommendations based on the lessons learned from both regions, towards a common approach to the security of European and Japanese markets, industries and citizens.

Keywords: cybersecurity, vulnerability, European Union, Japan

Procedia PDF Downloads 139

Authors: Veysel Çelik, Aynur Aker, Ebru Güç

Abstract:

Developments in information and communication technologies have increased both the speed of producing information and the speed of accessing new information. Accordingly, the daily lives of individuals have started to change. New concepts such as e-mail, e-government, e-school, e-signature have emerged. For this reason, prospective teachers who will be future teachers or school administrators are expected to have a high awareness of digital data security. The aim of this study is to reveal the effect of the digital storytelling technique on the data security awareness of pre-service teachers of computer and instructional technology education departments. For this purpose, participants were selected based on the principle of volunteering among third-grade students studying at the Computer and Instructional Technologies Department of the Faculty of Education at Siirt University. In the research, the pretest/posttest half experimental research model, one of the experimental research models, was used. In this framework, a 6-week lesson plan on digital data security awareness was prepared in accordance with the digital narration technique. Students in the experimental group formed groups of 3-6 people among themselves. The groups were asked to prepare short videos or animations for digital data security awareness. The completed videos were watched and evaluated together with prospective teachers during the evaluation process, which lasted approximately 2 hours. In the research, both quantitative and qualitative data collection tools were used by using the digital data security awareness scale and the semi-structured interview form consisting of open-ended questions developed by the researchers. According to the data obtained, it was seen that the digital storytelling technique was effective in creating data security awareness and creating permanent behavior changes for computer and instructional technology students.

Keywords: digital storytelling, self-regulation, digital data security, teacher candidates, self-efficacy

Procedia PDF Downloads 112

Authors: Alec Wells, Aminu Bello Usman, Justin McKeown

Abstract:

The growing usage of smart speakers raises many privacy and trust concerns compared to other technologies such as smart phones and computers. In this study, a proxy measure of trust is used to gauge users’ opinions on three different technologies based on an empirical study, and to understand which technology most people are most likely to trust. The collected data were analysed using the Kruskal-Wallis H test to determine the statistical differences between the users’ trust level of the three technologies: smart speaker, computer and smart phone. The findings of the study revealed that despite the wide acceptance, ease of use and reputation of smart speakers, people find it difficult to trust smart speakers with their sensitive information via the Direct Voice Input (DVI) and would prefer to use a keyboard or touchscreen offered by computers and smart phones. Findings from this study can inform future work on users’ trust in technology based on perceived ease of use, reputation, perceived credibility and risk of using technologies via DVI.

Keywords: direct voice input, risk, security, technology, trust

Procedia PDF Downloads 173

Authors: Chien-Wei Hung, Fu-Hau Hsu, Chuan-Sheng Wang, Chia-Hao Lee

Abstract:

Nowadays, the abuse of keyloggers is one of the most widespread approaches to steal sensitive information. In this paper, we propose an On-Screen Prompts Approach to Keyloggers (OSPAK) and its analysis, which is installed in public computers. OSPAK utilizes a canvas to cue users when their keystrokes are going to be logged or ignored by OSPAK. This approach can protect computers against recoding sensitive inputs, which obfuscates keyloggers with letters inserted among users' keystrokes. It adds a canvas below each password field in a webpage and consists of three parts: two background areas, a hit area and a moving foreground object. Letters at different valid time intervals are combined in accordance with their time interval orders, and valid time intervals are interleaved with invalid time intervals. It utilizes animation to visualize valid time intervals and invalid time intervals, which can be integrated in a webpage as a browser extension. We have tested it against a series of known keyloggers and also performed a study with 95 users to evaluate how easily the tool is used. Experimental results made by volunteers show that OSPAK is a simple approach.

Keywords: authentication, computer security, keylogger, privacy, information leakage

Procedia PDF Downloads 102