Search results for: security theory

Authors: Sri Lakshmi Kanniah, Mohd Naz’ri Mahrin

Abstract:

More and more businesses and services are depending on software to run their daily operations and business services. At the same time, cyber-attacks are becoming more covert and sophisticated, posing threats to software. Vulnerabilities exist in the software due to the lack of security practices during the phases of software development. Implementation of secure software development practices can improve the resistance to attacks. Many methods, models and standards for secure software development have been developed. However, despite the efforts, they still come up against difficulties in their deployment and the processes are not institutionalized. There is a set of factors that influence the successful deployment of secure software development processes. In this study, the methodology and results from a systematic literature review of factors influencing the implementation of secure software development practices is described. A total of 44 primary studies were analysed as a result of the systematic review. As a result of the study, a list of twenty factors has been identified. Some of factors that affect implementation of secure software development practices are: Involvement of the security expert, integration between security and development team, developer’s skill and expertise, development time and communication between stakeholders. The factors were further classified into four categories which are institutional context, people and action, project content and system development process. The results obtained show that it is important to take into account organizational, technical and people issues in order to implement secure software development initiatives.

Keywords: secure software development, software development, software security, systematic literature review

Procedia PDF Downloads 366

Authors: Gabriel Dolabella, Henrique Rangel, Stella Araújo, Carlos Bolonha, Igor de Lazari

Abstract:

Public security is a common subject on the Brazilian political agenda. The seventh largest economy in the world has high crime and insecurity rates. Specialists try to explain this social picture based on poverty, inequality or public policies addressed to drug trafficking. This excerpt approaches State measures to handle that picture. Therefore, the public security - law enforcement institutions - is at the core of this paper, particularly the relationship among federal and state law enforcement agencies, mainly ruled by a system of urgency. The problems are informal changes on law enforcement management and public opinion collaboration to these changes. Whenever there were huge international events, Brazilian armed forces occupied streets to assure law enforcement - ensuring the order. This logic, considered in the long time, could impact the federal structure of the country. The post-madisonian theorists verify that urgency is often associated to delegation of powers, which is true for Brazilian law enforcement, but here there is a different delegation: States continuously delegate law enforcement powers to the federal government throughout the use of Armed Forces. Therefore, the hypothesis is: Brazil is under a political process of federalization of public security. The political framework addressed here can be explained by the disrespect of legal constraints and the failure of rule of law theoretical models. The methodology of analysis is based on general criteria. Temporally, this study investigates events from 2003, when discussions about the disarmament statute begun. Geographically, this study is limited to Brazilian borders. Materially, the analysis result from the observation of legal resources and political resources (pronouncements of government officials). The main parameters are based on post-madisonianism and federalization of public security can be assessed through credibility and popularity that allow evaluation of this political process of constitutional change. The objective is to demonstrate how the Military Forces are used in public security, not as a random fact or an isolated political event, in order to understand the political motivations and effects that stem from that use from an institutional perspective.

Keywords: public security, governability, rule of law, federalism

Procedia PDF Downloads 672

Authors: Anne Gibbons

Abstract:

Both inside and outside of academia, people have sought to understand the “sense of place” of various regions, many times over and for many different reasons. The concept of regional identity is highly complex and surrounded by considerable contention. There are multiple bodies of research on regional identity theory in many different disciplines and even across sub-disciplinary classifications. Each discipline takes a slightly different angle or perspective on regional identity, resulting in a fragmented body of work on this topic overall. There is a need to consolidate this body of increasingly fragmented theory through interdisciplinary integration. For the purpose of this study, the province of Saskatchewan will serve as an exemplar for exploring regional identity in a concrete context. Saskatchewan can be thought of as a ‘functional region,’ with clear boundaries and clear residency, from which regional identity can be studied. This thesis shares the outcomes of a qualitative study grounded in a series of group interviews with askatchewan residents, from which it is concluded that the use of interdisciplinary theory is an appropriate approach to the study of regional identity. Regional identity cannot be compartmentalized; it is a web of characteristics, attributes, and feelings that are inextricably linked. The thesis thus concludes by offering lessons learned about how we might better understand regional identity, as illuminated through both interdisciplinary theory and the lived experiences and imaginations of people living in the region of Saskatchewan.

Keywords: interdisciplinary, regional identity, Saskatchewan, tourism studies

Procedia PDF Downloads 523

Authors: Pontus Backstrom

Abstract:

In the educational literature on peer effects, attention has been brought to the fact that the mechanisms creating peer effects are still to a large extent hidden in obscurity. The hypothesis in this study is that the Frame Factor Theory can be used to explain these mechanisms. At heart of the theory is the concept of “time needed” for students to learn a certain curricula unit. The relations between class-aggregated time needed and the actual time available, steers and hinders the actions possible for the teacher. Further, the theory predicts that the timing and pacing of the teachers’ instruction is governed by a “criterion steering group” (CSG), namely the pupils in the 10th-25th percentile of the aptitude distribution in class. The class composition hereby set the possibilities and limitations for instruction, creating peer effects on individual outcomes. To test if the theory can be applied to the issue of peer effects, the study employs multilevel structural equation modelling (M-SEM) on Swedish TIMSS 2015-data (Trends in International Mathematics and Science Study; students N=4090, teachers N=200). Using confirmatory factor analysis (CFA) in the SEM-framework in MPLUS, latent variables are specified according to the theory, such as “limitations of instruction” from TIMSS survey items. The results indicate a good model fit to data of the measurement model. Research is still in progress, but preliminary results from initial M-SEM-models verify a strong relation between the mean level of the CSG and the latent variable of limitations on instruction, a variable which in turn have a great impact on individual students’ test results. Further analysis is required, but so far the analysis indicates a confirmation of the predictions derived from the frame factor theory and reveals that one of the important mechanisms creating peer effects in student outcomes is the effect the class composition has upon the teachers’ instruction in class.

Keywords: compositional effects, frame factor theory, peer effects, structural equation modelling

Procedia PDF Downloads 128

Authors: Rawaa El Ayoubi

Abstract:

Many researchers, academics and practitioners have developed leadership theories during the 20th century. This substantial effort has built more leadership theories, generating considerable organisational research on leadership models in contemporary literature. This paper explores the stages and drivers of leadership theory evolution based on the researcher’s personal conclusions and review of leadership theories. The purpose of this paper is to create a Leadership Process Model (LPM) that can provide guidance in dealing with the key challenges within the organisation. This integrative model of organisational leadership is based on inner meaning, leader values and vision. It further addresses the relationships between leadership theory, practice and development, exploring why challenges exist within the field of leadership theory and how these challenges can be mitigated.

Keywords: leadership challenges, leadership process model, leadership |theories, organisational leadership, paradigm development

Procedia PDF Downloads 70

Authors: Terungwa Simon Yange, Agana Moses A.

Abstract:

This paper studied steganography and designed a simplistic approach to a steganographic tool for hiding information in image files with the view of addressing the security challenges with data by hiding data from unauthorized users to improve its security. The Structured Systems Analysis and Design Method (SSADM) was used in this work. The system was developed using Java Development Kit (JDK) 1.7.0_10 and MySQL Server as its backend. The system was tested with some hypothetical health records which proved the possibility of protecting data from unauthorized users by making it secret so that its existence cannot be easily recognized by fraudulent users. It further strengthens the confidentiality of patient records kept by medical practitioners in the health setting. In conclusion, this work was able to produce a user friendly steganography software that is very fast to install and easy to operate to ensure privacy and secrecy of sensitive data. It also produced an exact copy of the original image and the one carrying the secret message when compared with each.

Keywords: steganography, cryptography, encryption, decryption, secrecy

Procedia PDF Downloads 258

Authors: Stephen L. Roberts

Abstract:

This article offers a critical analysis of the rise of syndromic surveillance systems for the advanced detection of pandemic threats within contemporary global health security frameworks. The article traces the iterative evolution and ascendancy of three such novel syndromic surveillance systems for the strengthening of health security initiatives over the past two decades: 1) The Program for Monitoring Emerging Diseases (ProMED-mail); 2) The Global Public Health Intelligence Network (GPHIN); and 3) HealthMap. This article demonstrates how each newly introduced syndromic surveillance system has become increasingly oriented towards the integration of digital algorithms into core surveillance capacities to continually harness and forecast upon infinitely generating sets of digital, open-source data, potentially indicative of forthcoming pandemic threats. This article argues that the increased centrality of the algorithm within these next-generation syndromic surveillance systems produces a new and distinct form of infectious disease surveillance for the governing of emergent pathogenic contingencies. Conceptually, the article also shows how the rise of this algorithmic mode of infectious disease surveillance produces divergences in the governmental rationalities of global health security, leading to the rise of an algorithmic governmentality within contemporary contexts of Big Data and these surveillance systems. Empirically, this article demonstrates how this new form of algorithmic infectious disease surveillance has been rapidly integrated into diplomatic, legal, and political frameworks to strengthen the practice of global health security – producing subtle, yet distinct shifts in the outbreak notification and reporting transparency of states, increasingly scrutinized by the algorithmic gaze of syndromic surveillance.

Keywords: algorithms, global health, pandemic, surveillance

Procedia PDF Downloads 179

Authors: Abdullah Al. Morshed, Mohammad Nahid Mia

Abstract:

Introduction: Food security refers to the availability of food and a person’s access to it. It is a complex sustainable development issue, which is closely related to under-nutrition. Food security, in turn, can widely affect the living standard, and is rooted in poverty and leads to poor health, low productivity, low income, food shortage, and hunger. The study's aim was to identify the most vulnerable women who are in insecure positions. Method: 17,842 married women were selected for analysis from the Bangladesh Demographic and Health Survey 2011. Food security defined as dichotomous variables of skipped meals and eaten less food at least once in the last year. The outcome variables were cross-tabulated with women's socio-demographic characteristics and chi2 test was applied to see the significance. Logistic regression models were applied to identify the most vulnerable groups in terms of food security. Result: Only 18.5% of women said that they ever had to skip meals in the last year. 45.7% women from low socioeconomic status had skip meal for at least once whereas only 3.6% were from women with highest socioeconomic status. Women meal skipping was ranged from 1.4% to 34.2% by their educational status. 22% of women were eaten less food during the last year. The rate was higher among the poorest (51.6%), illiterate (39.9%) and household have no electricity connection (38.1) in compared with richest (4.4%), higher educated (2.0%), and household has electricity connection (14.0%). The logistic regression analysis indicated that household socioeconomic status, and women education show strong gradients to skip meals. Poorest have had higher odds (20.9) than richest and illiterate women had 7.7 higher odds than higher educated. In terms of religion, Christianity was 2.3 times more likely to skip their meals than Islam. On the other hand, a similar trend was observed in our other outcome variable eat less food. Conclusion: In this study we able to identify women with lower economics status and women with no education were mostly suffered group from starvation.

Keywords: food security, hunger, under-nutrition, women

Procedia PDF Downloads 369

Authors: Ekrem Aksoy, Nihat Adar, Selçuk Canbek

Abstract:

Ambient Computing or Ambient Intelligence (AmI) is emerging area in computer science aiming to create intelligently connected environments and Internet of Things. In this paper, we propose communication middleware architecture for AmI. This middleware architecture addresses problems of communication, networking, and abstraction of applications, although there are other aspects (e.g. HCI and Security) within general AmI framework. Within this middleware architecture, any application developer might address HCI and Security issues with extensibility features of this platform.

Keywords: AmI, ambient computing, middleware, distributed-systems, software-defined networking

Procedia PDF Downloads 279

Authors: Mohamed Sarrab, Hadj Bourdoucen

Abstract:

Mobile applications are verified to check the correctness or evaluated to check the performance with respect to specific security properties such as availability, integrity, and confidentiality. Where they are made available to the end users of the mobile application is achievable only to a limited degree using software engineering static verification techniques. The more sensitive the information, such as credit card data, personal medical information or personal emails being processed by mobile application, the more important it is to ensure the confidentiality of this information. Monitoring non-trusted mobile application during execution in an environment where sensitive information is present is difficult and unnerving. The paper addresses the issue of monitoring and controlling the flow of confidential information during non-trusted mobile application execution. The approach concentrates on providing a dynamic and usable information security solution by interacting with the mobile users during the run-time of mobile application in response to information flow events.

Keywords: mobile application, run-time verification, usable security, direct information flow

Procedia PDF Downloads 374

Authors: Tabiti S. Tabiti, A. M. Jinadu, Daramola Japheth

Abstract:

Urban insecurity is among the challenges militating against sustainable urban governance; in the first place it distorts the peace of urban areas making them unsafe. On the other hand it hinders the effective performance of urban functions. Urban security challenges manifest in different forms such as, street violence, theft and robbery, accidents of different types kidnapping, killings etc.. Efforts to address urban security challenges in Nigeria have been concentrated in legislative, law enforcement and the use of community vigilante groups. However in this study, the place of physical planning strategy through effective neighbourhood renewal as practiced in Mokola is presented as an effective complementary approach for addressing urban insecurity. On this backdrop, the paper recommends the need for gradual rehabilitation of urban slum neighborhoods by the state government in collaboration with World Bank and other development financiers. The local governments should be made autonomy in Nigeria so as to make them more responsible to the people. Other recommendations suggested in the paper include creating enabling environment that will promote economic empowerment and public enlightment on personal and community sanitation. It is certain that if these recommendations are adopted the challenge of urban insecurity will reduce significantly in Nigerian cities.

Keywords: neighbourhood renewal, pilot project, slum upgrading, urban security

Procedia PDF Downloads 432

Authors: Karima Maazouz, Habib Benlahmer, Naceur Achtaich

Abstract:

The realization of mobile payments will make possible new and unforeseen ways of convenience and m-commerce. Mobile payment today benefit from technology and trends. NFC technology is creating a new era of contactless mobile payment. the “M-check” is a mobile payment system provides a new way facilitating transaction with high valued payment and enable new m-commerce. The objective of the paper is to propose a new solution for m-payment. The proposed combination of m-check system and NFC offers acceptable security for payment mobile, client’s satisfaction, and simplifies the process payment between clients and merchants.

Keywords: M-payment, NFC, M-check, M-commerce, security

Procedia PDF Downloads 589

Authors: Ruth Donkoh, Wing On Lee, Solomon A. Boateng, Portia Oware Twerefoo, Josephine Donkor

Abstract:

In this paper we defend the value of theories and approaches to educational policy and planning in enhancing the educational developments in Ghana. This mission is achieved by enumerating the recent educational developments in Ghana and juxtaposing it with some educational theories, approaches to policy making, and policy planning to see if the educational developments conform with the theory principles as well as policy making and planning processes. Data collection for the research was made through textual analysis of policy documents as well as review of relevant literatures. The findings reveled that educational developments in Ghana are unable to attain its objectives due to the policies not conforming with the policy formation and planning principles. In addition, was that education planning in Ghana does not follow the policy-administration dichotomy theory principles and likewise the distribution of educational needs goes contrary to the equity theory. We recommend that educational policies in Ghana should be in conformity with the principles of theories as well as the approaches to educational policy making and planning to help meet the needs of learners, attain educational quality, and to help in the accomplishment of educational development objectives.

Keywords: Ghana education, equity theories, politics- administration dichotomy theory, educational policies, educational planning

Procedia PDF Downloads 138

Authors: Sahar Dehghan, Yeganeh Mousavi Jahromi, Ghahraman Abdoli

Abstract:

Since tax revenues are one of the most important sources of government revenue, it is essential to consider increasing taxpayers' compliance. One of the factors that can affect the taxpayers' compliance is the structure of the crimes and incentives envisaged in the tax law. In this research, by using the 'prospect theory', the effects of changes in the rate of crimes and the tax incentive in the direct tax law on the taxpayer’s compliance behavior have been investigated. To determine the preferences and preferences of taxpayer’s in the business sector and their degree of sensitivity to fines and incentives, a questionnaire with mixed gamble structure is designed. Estimated results using the Hierarchical Bayesian method indicate that the taxpayer’s that have been tested in this study are more sensitive to the incentives in the direct tax law, and the tax administration can use this to increase the level of collected tax and increase the level of compliance.

Keywords: tax compliance, prospect theory, value function, mixed gamble

Procedia PDF Downloads 166

Authors: Flaurence Benjamain, Michel Casperance

Abstract:

We present in this paper, first, a comparative study of three mathematical theories to achieve the fusion of information sources. This study aims to identify the characteristics inherent in theories of possibilities, belief functions (DST) and plausible and paradoxical reasoning to establish a strategy of choice that allows us to adopt the most appropriate theory to solve a problem of fusion in order, taking into account the acquired information and imperfections that accompany them. Using the new theory of plausible and paradoxical reasoning, also called Dezert-Smarandache Theory (DSmT), to fuse information multi-sources needs, at first step, the generation of the composites events witch is, in general, difficult. Thus, we present in this paper a new approach to construct pertinent paradoxical classes based on gray levels histograms, which also allows to reduce the cardinality of the hyper-powerset. Secondly, we developed a new technique for order and coding generalized focal elements. This method is exploited, in particular, to calculate the cardinality of Dezert and Smarandache. Then, we give an experimentation of classification of a remote sensing image that illustrates the given methods and we compared the result obtained by the DSmT with that resulting from the use of the DST and theory of possibilities.

Keywords: segmentation, image, approach, vision computing

Procedia PDF Downloads 270

Authors: Danika Tynes

Abstract:

Telehealth is a promising advancement in health care, though there are certain conditions under which telehealth has a greater chance of success. This research sought to further the understanding of what conditions compel the success of telehealth adoption at the systems level applying Diffusion of Innovations (DoI) theory (Rogers, 1962). System-level indicators were selected to represent four components of DoI theory (relative advantage, compatibility, complexity, and observability) and regressed on 5 types of telehealth (teleradiology, teledermatology, telepathology, telepsychology, and remote monitoring) using multiple logistic regression. The analyses supported relative advantage and compatibility as the strongest influencers of telehealth adoption, remote monitoring in particular. These findings help to quantitatively clarify the factors influencing the adoption of innovation and advance the ability to make recommendations on the viability of state telehealth adoption. In addition, results indicate when DoI theory is most applicable to the understanding of telehealth diffusion. Ultimately, this research may contribute to more focused allocation of scarce health care resources through consideration of existing state conditions available foster innovation.

Keywords: adoption, diffusion of innovation theory, remote monitoring, system-level indicators

Procedia PDF Downloads 128

Authors: Senait G. Worku, Ellen Mangnus

Abstract:

Inclusive business models which integrates low-income people with companies value chain in a commercially viable way has gained momentum for the perceived potential to contribute to poverty alleviation and food security in developing countries. This article investigates the impact of Community Revenue Enhancement through Technology Extension (CREATE) project of Heineken brewery on smallholder farmers’ wellbeing in Arsi zone Oromia regional state of Ethiopia. CREATE is a Public-Private Partnership (PPP) between Ministry of Foreign Affairs of the Netherlands and Heineken N.V. which source malt barely from smallholder farmers in three zones of Oromia. The study assessed the impact of CREATE on malt barley productivity, food security and new asset purchase in Arsi zone by comparing households that participate in the project with non-participating households using propensity score matching method. The finding indicated that households that participated in the CREATE project had higher malt barley productivity and purchased more new assets than non-participating households. However, there is no significant difference on food security status of participating and non-participating households indicating that the project has a profound impact on asset accumulation than on food security improvement.

Keywords: inclusive business, malt barley, propensity score matching, wellbeing

Procedia PDF Downloads 148

Authors: N. Gopalakrishna Kini, Ranjana Paleppady, Akshata K. Naik

Abstract:

Password authentication is one of the widely used methods to achieve authentication for legal users of computers and defense against attackers. There are many different ways to authenticate users of a system and there are many password cracking methods also developed. This paper is mainly to propose how best password cracking can be performed on a CPU-GPGPU based system. The main objective of this work is to project how quickly a password can be cracked with some knowledge about the computer security and password cracking if sufficient security is not incorporated to the system.

Keywords: GPGPU, password cracking, secret key, user authentication

Procedia PDF Downloads 284

Authors: Emir Sunguroglu, Merve Sunguroglu, Yesim Aliefendioglu, Harun Tanrivermis

Abstract:

Basic human needs range from physiological needs such as food, water and shelter to safety needs such as security, protection from natural disasters and even urban terrorism which are extant and not fulfilled even in urban areas where people live civilly in large communities. These basic needs when arose in urban life lead to a different kind of crime set defined as urban crimes. Urban crimes mostly result from differences between socioeconomic conditions in society. Income inequality increases tendency towards urban crimes. Especially in slum areas and suburbs, urban crimes not only threaten public security but they also affect deliverance of public services. It is highlighted that, construction of urban security against problems caused by urban crimes is not only achieved by involvement of urban security in security of the community but also comprises juridical development and staying above a level of legal standards concurrently. The idea of urban transformation emerged as interventions to demolishment and rebuilding of built environment to solve the unhealthy urban environment, inadequate infrastructure and socioeconomic problems came up during the industrialization process. Considering the probability of urbanization process driving citizens to commit crimes, The United Nations Commission on Human Security’s focus on this theme is conferred to be a proper approach. In this study, the analysis and change in security before, through and after urban transformation, which is one of the tools related to urbanization process, is strived to be discussed through the case of Sincan County Saraycik District. The study also aims to suggest improvements to current legislation on public safety, urban resilience, and urban transformation. In spite of Saraycik District residing in a developing County in Ankara, Turkey, from urbanization perspective as well as socioeconomic and demographic indicators the District exhibits a negative view throughout the County and the country. When related to the county, rates of intentional harm reports, burglary reports, the offense of libel and threat reports and narcotic crime reports are higher. The District is defined as ‘crime hotspot’. Interviews with residents of Saraycik claim that the greatest issue of the neighborhood is Public Order and Security (82.44 %). The District becomes prominent with negative aspects, especially with the presence of unlicensed constructions, occurrence of important social issues such as crime and insecurity and complicated lives of inhabitants from poverty and low standard conditions of living. Additionally, the social structure and demographic properties and crime and insecurity of the field have been addressed in this study. Consequently, it is claimed that urban crime rates were related to level of education, employment and household income, poverty trap, physical condition of housing and structuration, accessibility of public services, security, migration, safety in terms of disasters and emphasized that urban transformation is one of the most important tools in order to provide urban security.

Keywords: urban security, urban crimes, urban transformation, Saraycik district

Procedia PDF Downloads 294

Authors: Vashti Carissa

Abstract:

The main objective of this study is to examine whether the life-cycle theory of dividends could explain the determinant of an optimal dividend policy in Indonesia. The sample that was used consists of 1,420 non-financial and non-trade, services, investment firms listed in Indonesian Stock Exchange during the period of 2005-2014. According to this finding using logistic regression, firm life-cycle measured by retained earnings as a proportion of total equity (RETE) significantly has a positive effect on the propensity of a firm pays dividend. The higher company’s earned surplus portion in its capital structure could reflect firm maturity level which will increase the likelihood of dividend payment in mature firms. This result provides an additional empirical evidence about the existence of life-cycle theory of dividends for dividend payout phenomenon in Indonesia. It can be known that dividends tend to be paid by mature firms while retention is more dominating in growth firms. From the testing results, it can also be known that majority of sample firms are being in the growth phase which proves the fact about infrequent dividend distribution in Indonesia during the ten years observation period.

Keywords: dividend, dividend policy, life-cycle theory of dividends, mix of earned and contributed capital

Procedia PDF Downloads 287

Authors: M. K. Dce

Abstract:

The aim of this paper is to investigate the behavior of simply supported beams having rectangular section and subjected to uniformly distributed load (UDL). In this study five beams of span 5m, 6m, 7m and 8m have been considered. The width of all the beams is 400 mm and span to depth ratio has been taken as 12. The superimposed live load has been increased from 10 kN/m to 25 kN/m at the interval of 5 kN/m. The analysis of the beams has been carried out using the elastic beam theory. On the basis of present study it has been concluded that the maximum bending moment as well as deflection occurs at the mid-span of simply supported beam and its magnitude increases in proportion to magnitude of UDL. Moreover, the study suggests that the maximum moment is proportional to square of span and maximum deflection is proportional to fourth power of span.

Keywords: beam, UDL, bending moment, deflection, elastic beam theory

Procedia PDF Downloads 385

Authors: Mehmet Karaata

Abstract:

Given two distinct vertices (nodes) source s and target t of a graph G = (V, E), the two node-disjoint paths problem is to identify two node-disjoint paths between s ∈ V and t ∈ V . Two paths are node-disjoint if they have no common intermediate vertices. In this paper, we present an algorithm with O(m)-time complexity for finding two node-disjoint paths between s and t in arbitrary graphs where m is the number of edges. The proposed algorithm has a wide range of applications in ensuring reliability and security of sensor, mobile and fixed communication networks.

Keywords: disjoint paths, distributed systems, fault-tolerance, network routing, security

Procedia PDF Downloads 435

Authors: Adam Gorine, Faten Spondon

Abstract:

Python is considered the most popular programming language and offers its own ecosystem for archiving and maintaining open-source software packages. This system is called the python package index (PyPI), the repository of this programming language. Unfortunately, one-third of these software packages have vulnerabilities that allow attackers to execute code automatically when a vulnerable or malicious package is installed. This paper contributes to large-scale empirical studies investigating security issues in the python ecosystem by evaluating package vulnerabilities. These provide a series of implications that can help the security of software ecosystems by improving the process of discovering, fixing, and managing package vulnerabilities. The vulnerable dataset is generated using the NVD, the national vulnerability database, and the Snyk vulnerability dataset. In addition, we evaluated 807 vulnerability reports in the NVD and 3900 publicly known security vulnerabilities in Python Package Manager (pip) from the Snyk database from 2002 to 2022. As a result, many Python vulnerabilities appear in high severity, followed by medium severity. The most problematic areas have been improper input validation and denial of service attacks. A hybrid scanning tool that combines the three scanners bandit, snyk and dlint, which provide a clear report of the code vulnerability, is also described.

Keywords: Python vulnerabilities, bandit, Snyk, Dlint, Python package index, ecosystem, static analysis, malicious attacks

Procedia PDF Downloads 124

Authors: Mabrouka Algherinai, Fatma Karkouri

Abstract:

Today, Short Message Service (SMS) is an important means of communication. SMS is not only used in informal environment for communication and transaction, but it is also used in formal environments such as institutions, organizations, companies, and business world as a tool for communication and transactions. Therefore, there is a need to secure the information that is being transmitted through this medium to ensure security of information both in transit and at rest. But, encryption has been identified as a means to provide security to SMS messages in transit and at rest. Several past researches have proposed and developed several encryption algorithms for SMS and Information Security. This research aims at comparing the performance of common Asymmetric encryption algorithms on SMS security. The research employs the use of three algorithms, namely RSA, McEliece, and RABIN. Several experiments were performed on SMS of various sizes on android mobile device. The experimental results show that each of the three techniques has different key generation, encryption, and decryption times. The efficiency of an algorithm is determined by the time that it takes for encryption, decryption, and key generation. The best algorithm can be chosen based on the least time required for encryption. The obtained results show the least time when McEliece size 4096 is used. RABIN size 4096 gives most time for encryption and so it is the least effective algorithm when considering encryption. Also, the research shows that McEliece size 2048 has the least time for key generation, and hence, it is the best algorithm as relating to key generation. The result of the algorithms also shows that RSA size 1024 is the most preferable algorithm in terms of decryption as it gives the least time for decryption.

Keywords: SMS, RSA, McEliece, RABIN

Procedia PDF Downloads 157

Authors: Saman R. Khan, Najma Sadiq

Abstract:

Silencing of opinions is an important aspect of Spiral of Silence theory however its applicability in rape-themed dramas requires investigation. This study focuses on the portrayal of female rape victim protagonists in Pakistani dramas and the factors influencing their behavior after rape. A quantitative content analysis was conducted on two prime-time dramas which directly dealt with female rape victims. Results indicate that the female protagonists who faced rape are shown as silent and submissive characters who are unable to communicate about their ordeal due to fear of social isolation. These findings lend support to the Spiral of Silence theory and indicate that the theory’s basic elements (inability to express opinions and fear of social isolation) exist in these TV dramas.

Keywords: gender stereotyping, rape victims, the spiral of silence, TV dramas

Procedia PDF Downloads 164

Authors: Jessemyn Modiini, Timothy Lynar, Elena Sitnikova

Abstract:

We present a novel enhanced compartmental model for malware spread analysis in cyber security. This paper applies cyber security data features to epidemiological compartmental models to model the infectious potential of malware. Compartmental models are most efficient for calculating the infectious potential of a disease. In this paper, we discuss and profile epidemiologically relevant data features from a Domain Name System (DNS) dataset. We then apply these features to epidemiological compartmental models to network traffic features. This paper demonstrates how epidemiological principles can be applied to the novel analysis of key cybersecurity behaviours and trends and provides insight into threat modelling above that of kill-chain analysis. In applying deterministic compartmental models to a cyber security use case, the authors analyse the deficiencies and provide an enhanced stochastic model for cyber epidemiology. This enhanced compartmental model (SUEICRN model) is contrasted with the traditional SEIR model to demonstrate its efficacy.

Keywords: cybersecurity, epidemiology, cyber epidemiology, malware

Procedia PDF Downloads 101

Authors: Ömer Aktaş, Olga A. Suvorova, Oleg Tretyakov

Abstract:

The boundary value problem on non-canonical and arbitrary shaped contour is solved with a numerically effective method called Analytical Regularization Method (ARM) to calculate propagation parameters. As a result of regularization, the equation of first kind is reduced to the infinite system of the linear algebraic equations of the second kind in the space of L2. This equation can be solved numerically for desired accuracy by using truncation method. The parameters as cut-off wavenumber and cut-off frequency are used in waveguide evolutionary equations of electromagnetic theory in time-domain to illustrate the real-valued TM fields with lossy and lossless media.

Keywords: analytical regularization method, electromagnetic theory evolutionary equations of time-domain, TM Field

Procedia PDF Downloads 492

Authors: Rachna Jain, Sushila Madan, Bindu Garg

Abstract:

Cloud computing is the key powerhouse in numerous organizations due to shifting of their data to the cloud environment. In recent years it has been observed that cloud-based-services are being used on large scale for content storage, distribution and processing. Various issues have been observed in cloud computing environment that need to be addressed. Security and privacy are found topmost concern area. In this paper, a novel security model is proposed to secure data by utilizing CDN services like image to icon conversion. CDN Service is a content delivery service which converts an image to icon, word to pdf & Latex to pdf etc. Presented model is used to convert an image into icon by keeping image secret. Here security of image is imparted so that image should be encrypted and decrypted by data owners only. It is also discussed in the paper that how server performs multiplication and selection on encrypted data without decryption. The data can be image file, word file, audio or video file. Moreover, the proposed model is capable enough to multiply images, encrypt them and send to a server application for conversion. Eventually, the prime objective is to encrypt an image and convert the encrypted image to image Icon by utilizing homomorphic encryption.

Keywords: cloud computing, user data security, homomorphic encryption, image multiplication, CDN service

Procedia PDF Downloads 328

Authors: Juan Manuel Sanchez-Cartas, Gonzalo Leon

Abstract:

A price competition algorithm for ABMs based on game theory principles is proposed to deal with the simulation of theoretical market models. The algorithm is applied to the classical Hotelling’s model and to a two-sided market model to show it leads to the optimal behavior predicted by theoretical models. However, when theoretical models fail to predict the equilibrium, the algorithm is capable of reaching a feasible outcome. Results highlight that the algorithm can be implemented in other simulation models to guarantee rational users and endogenous optimal behaviors. Also, it can be applied as a tool of verification given that is theoretically based.

Keywords: agent-based models, algorithmic game theory, multi-sided markets, price optimization

Procedia PDF Downloads 446

Authors: Jing Zhang

Abstract:

Sustainable development in the new energy vehicles field is the requirement of the net zero aim. Green bonds are accepted as a practical financial tool to boost the transformation of relevant enterprises. The paper analyzes the interactions among governments, enterprises of new energy vehicles, and financial institutions by an evolutionary game theory model and offers advice to stakeholders in China. The decision-making subjects of green behavior are affected by experiences, interests, perception ability, and risk preference, so it is difficult for them to be completely rational. Based on the bounded rationality hypothesis, this paper applies prospect theory in the evolutionary game analysis framework and analyses the costs of government regulation of enterprises adopting green bonds. The influence of the perceived value of revenue prospect and the probability and risk transfer coefficient of the government's active regulation on the decision-making agent's strategy is verified by numerical simulation. Finally, according to the research conclusions, policy suggestions are given to promote green bonds.

Keywords: green bonds, new energy vehicles, sustainable development, evolutionary Game Theory model

Procedia PDF Downloads 82