Search results for: information security competencies

Authors: Issa Qabaja, Fadi Thabtah

Abstract:

Email phishing classification is one of the vital problems in the online security research domain that have attracted several scholars due to its impact on the users payments performed daily online. One aspect to reach a good performance by the detection algorithms in the email phishing problem is to identify the minimal set of features that significantly have an impact on raising the phishing detection rate. This paper investigate three known feature selection methods named Information Gain (IG), Chi-square and Correlation Features Set (CFS) on the email phishing problem to separate high influential features from low influential ones in phishing detection. We measure the degree of influentially by applying four data mining algorithms on a large set of features. We compare the accuracy of these algorithms on the complete features set before feature selection has been applied and after feature selection has been applied. After conducting experiments, the results show 12 common significant features have been chosen among the considered features by the feature selection methods. Further, the average detection accuracy derived by the data mining algorithms on the reduced 12-features set was very slight affected when compared with the one derived from the 47-features set.

Keywords: data mining, email classification, phishing, online security

Procedia PDF Downloads 432

Authors: Hala A. Alrumaih

Abstract:

It is widely believed that mobile device is a promising technology for lending the opportunity for the third wave of electronic commerce. Mobile devices have changed the way companies do business. Many applications are under development or being incorporated into business processes. In this day, mobile applications are a vital component of any industry strategy. One of the greatest benefits of selling merchandise and providing services on a mobile application is that it widens a company’s customer base significantly. Mobile applications are accessible to interested customers across regional and international borders in different electronic business (e-business) area. But there is a dark side to this success story. The security risks associated with mobile devices and applications are very significant. This paper introduces a broad risk analysis for the various threats, vulnerabilities, and risks in mobile e-business applications and presents some important risk mitigation approaches. It reviews and compares two different frameworks for security assurance in mobile e-business applications. Based on the comparison, the paper suggests some recommendations for applications developers and business owners in mobile e-business application development process.

Keywords: e-business, mobile applications, risk mitigations, security assurance

Procedia PDF Downloads 295

Authors: Reham Al-Zahrani, Noura Aleisa

Abstract:

The proliferation of Radio Frequency Identification (RFID) technology has raised concerns about system security, particularly regarding tag impersonation attacks. Regarding RFID systems, an appropriate authentication protocol must resist active and passive attacks. A tag impersonation occurs when an adversary's tag is used to fool an authenticating reader into believing it is a legitimate tag. This paper analyzed the security of the efficient, secure, and practical ultra-lightweight RFID Authentication Scheme (ESRAS). Then, the paper presents a comprehensive analysis of the Efficient, Secure, and Practical Ultra-Lightweight RFID Authentication Scheme (ESRAS) in the context of radio frequency identification (RFID) systems that employed the Scyther tool to examine the protocol's security against a tag impersonation attack.

Keywords: RFID, impersonation attack, authentication, ultra-lightweight protocols

Procedia PDF Downloads 65

Authors: Eftah Bte. Moh Hj Abdullah, Izazol Binti Idris, Abd Aziz Bin Abd Shukor

Abstract:

This study aims to identify the understanding expectations of school administrators concerning school assessment. The researcher utilized a qualitative descriptive study on 19 administrators from three secondary schools in the North Kinta district. The respondents had been interviewed on their understanding expectations of school assessment using the focus group discussion method. Overall findings showed that the administrators’ understanding expectations of school assessment was weak; especially in terms of content focus, articulation across age and grade, transparency and fairness, as well as the pedagogical implications. Findings from interviews indicated that administrators explained their understanding expectations of school assessment from the aspect of school management, and not from the aspect of instructional leadership or specifically as assessment leaders. The study implications from the administrators’ understanding expectations may hint at the difficulty of the administrators to function as assessment leaders, in order to reduce their focus as manager, and move towards their primary role in the process of teaching and learning. The administrator, as assessment leaders, would be able to reach assessment goals via collaboration in identifying and listing teacher assessment competencies, how to construct assessment capacity, how to interpret assessment correctly, the use of assessment and how to use assessment information to communicate confidently and effectively to the public.

Keywords: assessment leaders, assessment goals, instructional leadership, understanding expectation of assessment

Procedia PDF Downloads 458

Authors: Nuzhat Sultana M. B.

Abstract:

Children are high-risk population in terms of food born illnesses. Food safety and security are the most important aspect of the success of midday meal programmes. Improper holding temperatures, cross-contamination and poor personal hygiene of food handlers are the main causes for the prevalence of pathogenic microbes in the food servicing areas. Two hundred and fifty preschool children in the age of 3 to 6 years from urban and rural anganwadies (pre school center) of Beed district were selected. Nutritional status of preschool children were assessed by anthropometrical and clinical measurement. The study assessed the food safety and security with the help of personal hygiene and other safety measures maintained by the food personnel working for midday meal programme, supplying mid meals to children in govt. anganwadies (pre school center). The hygiene level, sanitary condition and microbial quality of food and water, pathological health examination of food handlers were assessed with the help of checklist. A questionnaire was designed to evaluate knowledge, attitude, and practices of food handlers. Results of the study show that the nutritional and health status of rural and urban preschool children was very poor. Many of the food handlers were not aware of general knowledge and hygiene practices to be followed during food preparation areas. An intervention programme of education and importing training at workplaces has shown a positive impact on the outcome of safety and security practices and safe, hygienic practices of food handlers at workplace.

Keywords: food, health, preschool children, safety, security

Procedia PDF Downloads 203

Authors: Afsana Afsar Tuly

Abstract:

The Rohingyas are a group of minority Muslimsin Myanmar who witnessed series of persecution, violence, and torture from Burmese military since 1948. In 2017, around 700,000 Rohingyas fled to the neighboring country Bangladesh and took shelter as refugees after facing clashes with Myanmar security forces. The number increased to 1.8 million in 2020, creating one of the largest refugee crises of recent times. This research focuses on the vulnerability and poverty faced by Rohingyas in refugee camps and how thelack of long-term solution and silence from international communitycan pose national security threat and increasing Islamic extremism in Bangladesh. Islamic religious and terrorist groups have used the Rohingyas position as stateless people to influence them into speaking against the secular government of Bangladesh. There has been increasing crime rates and formation of different rebel groups in refugee camps, causing clashes with Bangladeshi police and authority. Human trafficking, illegal drug dealings, prostitution, and other illicit activities have continuously gone up in the southeastern part of Bangladesh. Some economic, social, and environmental factors are studied and analyzed to show the change in Bangladesh between 2017 and 2020.

Keywords: national security threat, islamic extremism, rohingya refugees, refugee studies, Bangladesh, myanmar

Procedia PDF Downloads 146

Authors: Brinda Sharma, Saakshi S. Sarpotdar

Abstract:

Deep-fat frying is popular standard method that has been studied basically to clarify the complicated mechanisms of fat decomposition at high temperatures and to assess their effects on human health. The aim of this paper is to point out the application of method engineering that has been recently improved our understanding of the fundamental principles and mechanisms concerned at different scales and different times throughout the process: pretreatment, frying, and cooling. It covers the several aspects of deep-fat drying. New results regarding the understanding of the frying method that are obtained as a results of major breakthroughs in on-line instrumentation (heat, steam flux, and native pressure sensors), within the methodology of microstructural and imaging analysis (NMR, MRI, SEM) and in software system tools for the simulation of coupled transfer and transport phenomena. Such advances have opened the approach for the creation of significant information of the behavior of varied materials and to the event of latest tools to manage frying operations via final product quality in real conditions. Lastly, this paper promotes an integrated approach to the frying method as well as numerous competencies like those of chemists, engineers, toxicologists, nutritionists, and materials scientists also as of the occupation and industrial sectors.

Keywords: frying, cooling, imaging analysis (NMR, MRI, SEM), deep-fat frying

Procedia PDF Downloads 430

Authors: Carmen Rocio Fernandez Diaz

Abstract:

This paper focuses on the relevance of information and communication technologies (hereinafter referred as ‘ICTs’) as an essential part of the day-to-day life of all societies nowadays, as they offer the scenario where an immense number of behaviors are performed that previously took place in the physical world. In this context, areas of reality that have remained outside the so-called ‘information society’ are hardly imaginable. Nevertheless, it is possible to identify a means that continue to be behind this reality, and it is the penitentiary area regarding inmates rights, as security aspects in prison have already be improved by new technologies. Introducing ICTs in prisons is still a matter subject to great rejections. The study of comparative penitentiary systems worldwide shows that most of them use ICTs only regarding educational aspects of life in prison and that communications with the outside world are generally based on traditional ways. These are only two examples of the huge range of activities where ICTs can carry positive results within the prison. Those positive results have to do with the social reintegration of persons serving a prison sentence. Deprivation of liberty entails contact with the prison subculture and the harmful effects of it, causing in cases of long-term sentences the so-called phenomenon of ‘prisonization’. This negative effect of imprisonment could be reduced if ICTs were used inside prisons in the different areas where they can have an impact, and which are treated in this research, as (1) access to information and culture, (2) basic and advanced training, (3) employment, (4) communication with the outside world, (5) treatment or (6) leisure and entertainment. The content of all of these areas could be improved if ICTs were introduced in prison, as it is shown by the experience of some prisons of Belgium, United Kingdom or The United States. However, rejections to introducing ICTs in prisons obey to the fact that it could carry also risks concerning security and the commission of new offences. Considering these risks, the scope of this paper is to offer a real proposal to introduce ICTs in prison, trying to avoid those risks. This enterprise would be done to take advantage of the possibilities that ICTs offer to all inmates in order to start to build a life outside which is far from delinquency, but mainly to those inmates who are close to release. Reforming prisons in this sense is considered by the author of this paper an opportunity to offer inmates a progressive resettlement to live in freedom with a higher possibility to obey the law and to escape from recidivism. The value that new technologies would add to education, employment, communications or treatment to a person deprived of liberty constitutes a way of humanization of prisons in the 21st century.

Keywords: deprivation of freedom, information and communication technologies, imprisonment, social reintegration

Procedia PDF Downloads 165

Authors: Anthony I. Otuonye, Juliet N. Odii, Perpetual N. Ibe

Abstract:

The obvious challenges faced by most commercial bank customers while using the services of ATMs (Automated Teller Machines) across developing countries have triggered the need for an improved system with better security features. Current ATM systems are password-based, and research has proved the vulnerabilities of these systems to heinous attacks and manipulations. We have discovered by research that the security of current ATM-assisted banking services in most developing countries of the world is easily broken and maneuvered by fraudsters, majorly because it is quite difficult for these systems to identify an impostor with privileged access as against the authentic bank account owner. Again, PIN (Personal Identification Number) code passwords are easily guessed, just to mention a few of such obvious limitations of traditional ATM operations. In this research work also, we have developed a system of fingerprint biometrics with PIN code Authentication that seeks to improve the security features of traditional ATM installations as well as other Banking Services. The aim is to ensure better security at all ATM installations and raise the confidence of bank customers. It is hoped that our system will overcome most of the challenges of the current password-based ATM operation if properly applied. The researchers made use of the OOADM (Object-Oriented Analysis and Design Methodology), a software development methodology that assures proper system design using modern design diagrams. Implementation and coding were carried out using Visual Studio 2010 together with other software tools. Results obtained show a working system that provides two levels of security at the client’s side using a fingerprint biometric scheme combined with the existing 4-digit PIN code to guarantee the confidence of bank customers across developing countries.

Keywords: fingerprint biometrics, banking operations, verification, ATMs, PIN code

Procedia PDF Downloads 42

Authors: Faiza Babur Khan, Sohail Asghar

Abstract:

With an emergence of distributed environment, cloud computing is proving to be the most stimulating computing paradigm shift in computer technology, resulting in spectacular expansion in IT industry. Many companies have augmented their technical infrastructure by adopting cloud resource sharing architecture. Cloud computing has opened doors to unlimited opportunities from application to platform availability, expandable storage and provision of computing environment. However, from a security viewpoint, an added risk level is introduced from clouds, weakening the protection mechanisms, and hardening the availability of privacy, data security and on demand service. Issues of trust, confidentiality, and integrity are elevated due to multitenant resource sharing architecture of cloud. Trust or reliability of cloud refers to its capability of providing the needed services precisely and unfailingly. Confidentiality is the ability of the architecture to ensure authorization of the relevant party to access its private data. It also guarantees integrity to protect the data from being fabricated by an unauthorized user. So in order to assure provision of secured cloud, a roadmap or model is obligatory to analyze a security problem, design mitigation strategies, and evaluate solutions. The aim of the paper is twofold; first to enlighten the factors which make cloud security critical along with alleviation strategies and secondly to propose an intrusion detection model that identifies the attackers in a preventive way using machine learning Random Forest classifier with an accuracy of 99.8%. This model uses less number of features. A comparison with other classifiers is also presented.

Keywords: cloud security, threats, machine learning, random forest, classification

Procedia PDF Downloads 320

Authors: Md. Mizanoor Rahman, Md. Zakir Hossain Talukder, M. Mahruf C. Shohel, Prithvi Shrestha

Abstract:

In Bangladesh, classroom practice and English Learning (EL) competencies acquired both by the teacher and learner in primary and secondary schools are still very weak. Therefore, English is the most commonly failed examination subject at the school level; in addition, there are severe problems in communicative English by the Bangladeshi nationals– this has been characterized as a constraint to economic development. Job applicants and employees often lack English language skills necessary to work effectively. As a result; both government and its international development partners such as DFID, UNESCO, and CIDA have been very active to uplift the quality of the English language learning and implementing projects with innovative approaches. Recently; the economy has been increasing and in line with this, the technology has been deployed in English learning to improve reading, writing, speaking and listening skills. Young Bangladeshi creative, from a variety of backgrounds including film, animation, photography, and digital media are being trained to develop ideas for English Language Teaching (ELT) media. They are being motivated to develop a wide range of ideas for low cost English learning media products. English Language education policy in Bangladesh supports communicative language teaching practices and accordingly, actors have been influencing curriculum, textbook, deployment of technology and assessment changes supporting communicative ELT. The various projects are also being implemented to reform the curriculum, revise the textbook and adjust the assessment mechanism so that the country can increase in proficiency in communicative English among the population. At present; the numbers of teachers, students and adult learners classified at higher levels of proficiency because of deployment of technology and motivation for learning and using English among school population of Bangladesh. The current paper discusses the various interventions in Bangladesh with appropriate media to improve the competencies of the ELT among population.

Keywords: English learning, technology, education, psychological sciences

Procedia PDF Downloads 416

Authors: Charles Mazhazhate

Abstract:

This study interrogates and analyses the intricate kin- and- kith network patterns of corruption and mismanagement of resources prevalent in public sector supply chains bedeviling the developing economies of Sub-Saharan Africa with particular reference to Zimbabwe. This is forcing governments to resort to harsh fiscal policies that see their citizens paying high taxes against a backdrop of incomes below the poverty datum line, and this negatively affects their quality of life. The corporate world is also affected by the various tax-regime instituted. Mismanagement of resources and corrupt practices are rampant in state-owned enterprises to the extent that institutional policies, procedures, and practices are often flouted for the benefit of a clique of individuals. This interwoven in kith and kin blood human relations in organizations where appointments to critical positions are based on ascribed status. People no longer place value in their systems to make them work thereby violating corporate governance principles. Greediness and ‘unholy friendship connections’ are instrumental in fueling the employment of people who know each other from their discrete backgrounds. Such employments or socio-metric unions are meant to protect those at the top by giving them intelligent information through spying on what other subordinates are doing inside and outside the organization. This practice has led to the underperforming of organizations as those employees with connections and their upper echelons favorites connive to abuse resources for their own benefit. Even if culprits are known, no draconian measures are employed as a deterrence measure. Public value along public sector supply chains is lost. The study used a descriptive case study research design on fifty organizations in Zimbabwe mainly state-owned enterprises. Both qualitative and quantitative instrumentations were used. Both Snowball and random sampling techniques were used. The study found out that in all the fifty SOEs, there were employees in key positions related to top management, with tentacles feeding into the law enforcement agents, judiciary, security systems, and the executive. Such employees in public seem not to know each other with but would be involved in dirty scams and then share the proceeds with top people behind the scenes. The study also established that the same employees do not have the necessary competencies, qualifications, abilities, and capabilities to be in those positions. This culture is now strong that it is difficult to bust. The study recommends recruitment of all employees through an independent employment bureau to ensure strategic fit.

Keywords: corruption, state owned enterprises, strategic fit, public sector supply chains, efficiency

Procedia PDF Downloads 160

Authors: Brenden M. Shutt, Lubjana Beshaj, Paul L. Goethals, Ambrose Kam

Abstract:

Communication security is of particular interest to military data networks. A relatively novel approach to network security is blockchain, a cryptographically secured distribution ledger with a decentralized consensus mechanism for data transaction processing. Recent advances in blockchain technology have proposed new techniques for both data validation and trust management, as well as different frameworks for managing dataflow. The purpose of this work is to test the feasibility of different blockchain architectures as applied to military command and control networks. Various architectures are tested through discrete-event simulation and the feasibility is determined based upon a blockchain design’s ability to maintain long-term stable performance at industry standards of throughput, network latency, and security. This work proposes a consortium blockchain architecture with a computationally inexpensive consensus mechanism, one that leverages a Proof-of-Identity (PoI) concept and a reputation management mechanism.

Keywords: blockchain, consensus mechanism, discrete-event simulation, fog computing

Procedia PDF Downloads 138

Authors: Jakub Kraus, Vladimír Plos, Peter Vittek

Abstract:

This article deals with a new approach to the airport emergency plans, which are the basic documents and manuals for dealing with events with impact on safety or security. The article describes the identified parts in which the current airport emergency plans do not fulfill their role and which should therefore be considered in the creation of corrective measures. All these issues have been identified at airports in the Czech Republic and confirmed at airports in neighboring countries.

Keywords: airport emergency plan, aviation safety, aviation security, comprehensive management system

Procedia PDF Downloads 511

Authors: Richard Grünwald, Wenling Wang, Yan Feng

Abstract:

The presented paper explores the changing dynamics of regional water security in the Mekong River Basin and examines the contemporary water-related challenges from a critical hydropolitical perspective. By drawing on the Lancang-Mekong Cooperation and Conflict Database (LMCCD) recording more than 3000 water-related events within the basin in the last 30 years, we identified several trends changing the dynamics of the regional water security in the Mekong River Basin. Firstly, there is growing politicization of water that is no longer interpreted as abundant. While some scientists blame the rapid basin development, particularly in upstream countries, other researchers consider climate change and cumulative environmental impacts of various water projects as the main culprit for changing the water flow. Secondly, there is an increasing securitization of large-scale hydropower dams with questionable outcomes. Despite hydropower dams raise many controversies, many riparian states push the development at all cost. Such water security dilemma can be especially traced to Laos and Cambodia, which highly invest in the hydropower sector even at the expense of the local environment and good relations with neighbouring countries situated lower on the river. Thirdly, there is a lack of accountable transboundary water governance that will effectively face a looming water crisis. To date, most of the existing cooperation mechanisms are undermined by the geopolitical interests of foreign donors and increasing mistrust to scientific approaches dealing with water insecurity. Our findings are beneficial for the policy-makers and other water experts who want to grasp the broader hydropolitical context in the Mekong River Basin and better understand the new water security threats, including misinterpretation of the hydrological data and legitimization of the pro-development narratives.

Keywords: critical hydropolitics, mekong river, politicization of science, water governance, water security

Procedia PDF Downloads 213

Authors: Umair Shafique, Hafiz Usman Zia, Fiaz Majeed, Samina Naz, Javeria Ahmed, Maleeha Zainab

Abstract:

The Internet of Things (IoT) has become a hot topic for the last couple of years. This innovative technology has shown promising progress in various areas, and the world has witnessed exponential growth in multiple application domains. Researchers are working to investigate its aptitudes to get the best from it by harnessing its true potential. But at the same time, IoT networks open up a new aspect of vulnerability and physical threats to data integrity, privacy, and confidentiality. It's is due to centralized control, data silos approach for handling information, and a lack of standardization in the IoT networks. As we know, blockchain is a new technology that involves creating secure distributed ledgers to store and communicate data. Some of the benefits include resiliency, integrity, anonymity, decentralization, and autonomous control. The potential for blockchain technology to provide the key to managing and controlling IoT has created a new wave of excitement around the idea of putting that data back into the hands of the end-users. In this manuscript, we have proposed a model that combines blockchain and IoT networks to address potential security and privacy issues in the healthcare domain. Then we try to describe various application areas, challenges, and future directions in the healthcare sector where blockchain platforms merge with IoT networks.

Keywords: IoT, blockchain, cryptocurrency, healthcare, consensus, data

Procedia PDF Downloads 180

Authors: P. Ghann, J. Shiguang, C. Zhou

Abstract:

Access control is one of the most challenging issues facing information security. Access control is defined as, the ability to permit or deny access to a particular computational resource or digital information by an unauthorized user or subject. The concept of usage control (UCON) has been introduced as a unified approach to capture a number of extensions for access control models and systems. In UCON, an access decision is determined by three factors: Authorizations, obligations and conditions. Attribute mutability and decision continuity are two distinct characteristics introduced by UCON for the first time. An observation of UCON components indicates that, the components are predefined and static. In this paper, we propose a new and flexible model of usage control for the creation and elimination of some of these components; for example new objects, subjects, attributes and integrate these with the original UCON model. We also propose a model for concurrent usage scenarios in UCON.

Keywords: access control, concurrency, digital container, usage control

Procedia PDF Downloads 321

Authors: Mujahid Muhammad, Paul Kearney, Adel Aneiba

Abstract:

The ability for vehicles to communicate with other vehicles (V2V), the physical (V2I) and network (V2N) infrastructures, pedestrians (V2P), etc. – collectively known as V2X (Vehicle to Everything) – will enable a broad and growing set of applications and services within the intelligent transport domain for improving road safety, alleviate traffic congestion and support autonomous driving. The telecommunication research and industry communities and standardization bodies (notably 3GPP) has finally approved in Release 14, cellular communications connectivity to support V2X communication (known as LTE – V2X). LTE – V2X system will combine simultaneous connectivity across existing LTE network infrastructures via LTE-Uu interface and direct device-to-device (D2D) communications. In order for V2X services to function effectively, a robust security mechanism is needed to ensure legal and safe interaction among authenticated V2X entities in the LTE-based V2X architecture. The characteristics of vehicular networks, and the nature of most V2X applications, which involve human safety makes it significant to protect V2X messages from attacks that can result in catastrophically wrong decisions/actions include ones affecting road safety. Attack vectors include impersonation attacks, modification, masquerading, replay, MiM attacks, and Sybil attacks. In this paper, we focus our attention on LTE-based V2X security and access control mechanisms. The current LTE-A security framework provides its own access authentication scheme, the AKA protocol for mutual authentication and other essential cryptographic operations between UEs and the network. V2N systems can leverage this protocol to achieve mutual authentication between vehicles and the mobile core network. However, this protocol experiences technical challenges, such as high signaling overhead, lack of synchronization, handover delay and potential control plane signaling overloads, as well as privacy preservation issues, which cannot satisfy the adequate security requirements for majority of LTE-based V2X services. This paper examines these challenges and points to possible ways by which they can be addressed. One possible solution, is the implementation of the distributed peer-to-peer LTE security mechanism based on the Bitcoin/Namecoin framework, to allow for security operations with minimal overhead cost, which is desirable for V2X services. The proposed architecture can ensure fast, secure and robust V2X services under LTE network while meeting V2X security requirements.

Keywords: authentication, long term evolution, security, vehicle-to-everything

Procedia PDF Downloads 167

Authors: Abdul Basit Kiani

Abstract:

Web development, the art of creating and maintaining websites, has witnessed remarkable advancements. The aim is to provide an overview of some of the cutting-edge developments in the field. Firstly, the rise of responsive web design has revolutionized user experiences across devices. With the increasing prevalence of smartphones and tablets, web developers have adapted to ensure seamless browsing experiences, regardless of screen size. This progress has greatly enhanced accessibility and usability, catering to the diverse needs of users worldwide. Additionally, the evolution of web frameworks and libraries has significantly streamlined the development process. Tools such as React, Angular, and Vue.js have empowered developers to build dynamic and interactive web applications with ease. These frameworks not only enhance efficiency but also bolster scalability, allowing for the creation of complex and feature-rich web solutions. Furthermore, the emergence of progressive web applications (PWAs) has bridged the gap between native mobile apps and web development. PWAs leverage modern web technologies to deliver app-like experiences, including offline functionality, push notifications, and seamless installation. This innovation has transformed the way users interact with websites, blurring the boundaries between traditional web and mobile applications. Moreover, the integration of artificial intelligence (AI) and machine learning (ML) has opened new horizons in web development. Chatbots, intelligent recommendation systems, and personalization algorithms have become integral components of modern websites. These AI-powered features enhance user engagement, provide personalized experiences, and streamline customer support processes, revolutionizing the way businesses interact with their audiences. Lastly, the emphasis on web security and privacy has been a pivotal area of progress. With the increasing incidents of cyber threats, web developers have implemented robust security measures to safeguard user data and ensure secure transactions. Innovations such as HTTPS protocol, two-factor authentication, and advanced encryption techniques have bolstered the overall security of web applications, fostering trust and confidence among users. Hence, recent progress in web development has propelled the industry forward, enabling developers to craft innovative and immersive digital experiences. From responsive design to AI integration and enhanced security, the landscape of web development continues to evolve, promising a future filled with endless possibilities.

Keywords: progressive web applications (PWAs), web security, machine learning (ML), web frameworks, advancement responsive web design

Procedia PDF Downloads 54

Authors: Katie Wood

Abstract:

Cyber criminals are constantly on the lookout for new opportunities to exploit organisation and cause destruction. This could lead to significant cause of economic loss for organisations in the form of destruction in finances, reputation and even the overall survival of the organization. Additionally, this leads to serious consequences on national security. The threat of possible cyber attacks places further pressure on organisations to ensure they are secure, at a time where international scale cyber attacks have occurred in a range of sectors. Stakeholders are wanting confidence that their data is protected. This is only achievable if a business fosters a resilient supply chain strategy which is implemented throughout its supply chain by having a strong cyber leadership culture. This paper will discuss the essential role and need for organisations to adopt a cyber leadership culture and direction to learn about own internal processes to ensure mitigating systemic vulnerability of its supply chains. This paper outlines that to protect national security there is an urgent need for cyber awareness culture change. This is required in all organisations, regardless of their sector or size, to implementation throughout the whole supplier chain to support and protect economic prosperity to make the UK more resilient to cyber-attacks. Through businesses understanding the supply chain and risk management cycle of their own operates has to be the starting point to ensure effective cyber migration strategies.

Keywords: cyber leadership, cyber migration strategies, resilient supply chain strategy, cybersecurity

Procedia PDF Downloads 242

Authors: Albert T. Akume, Yahya M. Abdullahi

Abstract:

The impact of poverty on individual and society is grave, hence the efforts by the government to eradicate or alleviate. In Nigeria the various efforts to reduce rural poverty by empowering them and making the process of their development self-sustaining have ended dismally. That notwithstanding, government determination to conquer poverty has not diminish as in the early 1990s the government with financial collaboration from the World Bank and African Development Bank introduced the fadama project. It is against this backdrop that this paper uses the documentary and analytical research methods to examine the implication the fadama development project has for community capacity development and human security in Nigeria. From the analysis it was discovered the fadama project improved household income of fadama farmers, community empowerment, participatory development planning and support for demand driven productive investment in farm and non-farm activities including community infrastructures. Despite this impressive result the fadama project is challenged by conflict especially in northern Nigeria and late delivery of necessary farm consumables that aid improved productivity. It was therefore recommended that the government should strengthen her various state security institutions to proactively mitigate conflicts and to ensure that farm consumables and other support services reach farmers timely.

Keywords: capacity development, empowerment, fadama, human security, poverty reduction, theory of change, sustainable development

Procedia PDF Downloads 496

Authors: Iruka C. Anugwo, Winston M. Shakantu

Abstract:

The objective of this study is to uncover the basic business-forces that necessitated the survival and sustainable performance of the medium scale contractors in the South African construction market. This study is essential as it set to contribute towards long-term strategic solutions for combating the incessant failure of start-ups construction organizations within South African. The study used a qualitative research methodology; as the most appropriate approach to elicit and understand, and uncover the phenomena that are basic business-forces for the active contractors in the market. The study also adopted a phenomenological study approach; and in-depth interviews were conducted with 20 medium scale contractors in Port Elizabeth, South Africa, between months of August to October 2015. This allowed for an in-depth understanding of the critical and basic business-forces that influenced their survival and performance beyond the first five years of business operation. Findings of the study showed that for potential contractors (startups), to survival in the competitive business environment such as construction industry, they must possess the basic business-forces. These forces are educational knowledge in construction and business management related disciplines, adequate industrial experiences, competencies and capabilities to delivery excellent services and products as well as embracing the spirit of entrepreneurship. Convincingly, it can be concluded that the strategic approach to minimize the endless failure of startups construction businesses; the potential construction contractors must endeavoring to access and acquire the basic educationally knowledge, training and qualification; need to acquire industrial experiences in collaboration with required competencies, capabilities and entrepreneurship acumen. Without these basic business-forces as been discovered in this study, the majority of the contractors gaining entrance in the market will find it difficult to develop and grow a competitive and sustainable construction organization in South Africa.

Keywords: basic business-forces, medium scale contractors, South Africa, sustainable organisations

Procedia PDF Downloads 293

Authors: Roman Kulikov, Svetlana Kolesnikova

Abstract:

Last decade Cloud Computing technologies have been rapidly becoming ubiquitous. Each year more and more organizations, corporations, internet services and social networks trust their business sensitive information to Public Cloud. The data storage in Public Cloud is protected by security mechanisms such as firewalls, cryptography algorithms, backups, etc.. In this way, however, only outsider attacks can be prevented, whereas virtualization tools can be easily compromised by insider. The protection of Public Cloud’s critical elements from internal intruder remains extremely challenging. A hypervisor, also called a virtual machine manager, is a program that allows multiple operating systems (OS) to share a single hardware processor in Cloud Computing. One of the hypervisor's functions is to enforce access control policies. Furthermore, it prevents guest OS from disrupting each other and from accessing each other's memory or disk space. Hypervisor is the one of the most critical and vulnerable elements in Cloud Computing infrastructure. Nevertheless, it has been poorly protected from being compromised by insider. By exploiting certain vulnerabilities, privilege escalation can be easily achieved in insider attacks on hypervisor. In this way, an internal intruder, who has compromised one process, is able to gain control of the entire virtual machine. Thereafter, the consequences of insider attacks in Public Cloud might be more catastrophic and significant to virtual tools and sensitive data than of outsider attacks. So far, almost no preventive security countermeasures have been developed. There has been little attention paid for developing models to assist risks mitigation strategies. In this paper formal model of insider attacks on hypervisor is designed. Our analysis identifies critical hypervisor`s vulnerabilities that can be easily compromised by internal intruder. Consequently, possible conditions for successful attacks implementation are uncovered. Hence, development of preventive security countermeasures can be improved on the basis of the proposed model.

Keywords: insider attack, public cloud, cloud computing, hypervisor

Procedia PDF Downloads 361

Authors: Sakapas Saengchai

Abstract:

A Study on Strengthening the Security of the Thai-Myanmar Border Trade Area of the people in the Mae Sot customs checkpoint area, Tak province, was designed as a qualitative research study. Its objectives were to study the principles of strengthening border trade security and enhancing people's participation. To develop a border trade model that enhances the spatial economy and improves people's quality of life by collecting data using a participant observation method. In-depth interview group chats border checkpoint administrators, Mae Sot customs checkpoint, Tak province, private entrepreneurs, community leaders, and the opening of a community forum to exchange opinions with people in the area. The results of the study found that 1. Security development is to promote crime reduction. Reduce drug trafficking problems Smuggling and human trafficking have been reduced. Including planning and preparation to protect people from terrorism, epidemics, and communicable diseases, including cooperation with Burma on border rules for people and workers, 2. Wealth development is to promote investment. Transport links value chain logistics Cross-border goods and services on the Thai-Myanmar border Both amending regulations and laws to promote fair trade. Emphasis on convenient and fast service as well as promoting the Thai border area to be a tourist attraction that can create prosperity and income for the community in the area By using balanced natural resources, with production and consumption that are environmentally friendly, and emphasizes the participation of the public sector, the private sector, and people from all sectors in the sustainable development of the Thai border.

Keywords: security, border trade, customs, participation, people

Procedia PDF Downloads 181

Authors: Abhimanyu Behera

Abstract:

Over the past few years, energy security and sustainable development have moved rapidly into the global agenda. There are two main reasons: first, the impact of high and often volatile energy prices; second, concerns over environmental sustainability particularly about the global climate. Both issues are critically important in which impressive economic growth has boosted the demand for energy and put corresponding strains on the environment. Energy security is a broad concept that focuses on energy availability and pricing. Specifically, it refers to the ability of the energy supply system i.e. suppliers, transporters, distributors and regulatory, financial and R&D institutions to deliver the amount of competitively priced energy that customers demand, within accepted standards of reliability, timeliness, quality, safety. Traditionally, energy security has been defined in the context of the geopolitical risks to external oil supplies but today it is encompassing all energy forms, all the external and internal links bringing the energy to the final consumer, and all the many ways energy supplies can be disrupted including equipment malfunctions, system design flaws, operator errors, malicious computer activities, deficient market and regulatory frameworks, corporate financial problems, labour actions, severe weather and natural events, aggressive acts (e.g. war, terrorism and sabotage), and geopolitical disruptions. In practice, the most challenging disruptions are those linked to: 1) extreme weather events; 2) mismatched electricity supply and demand; 3) regulatory failures; and 4) concentration of oil and gas resources in certain regions of the world. However, insecure energy supplies inhibit development by raising energy costs and imposing expensive cuts in services when disruptions actually occur. The energy supply sector can best advance sustainable development by producing and delivering secure and environmentally-friendly sources of energy and by increasing the efficiency of energy use. With this objective, this paper seeks to highlight the significance of energy security and sustainable development in today’s world. Moreover, it critically overhauls the major challenges towards sustainability of energy security and what are the major policies are taken to overcome these challenges by Government is lucidly explicated in this paper.

Keywords: energy, policies, security, sustainability

Procedia PDF Downloads 388

Authors: Anum Ali, Kashaf ad Dooja, Asif Saleem

Abstract:

The future smart cities trend will be towards Internet of Things (IoT); IoT creates dynamic connections in a ubiquitous manner. Smart cities offer ease and flexibility for daily life matters. By using small devices that are connected to cloud servers based on IoT, network traffic between these devices is growing exponentially, whose security is a concerned issue, since ratio of cyber attack may make the network traffic vulnerable. This paper discusses the latest machine learning approaches in related work further to tackle the increasing rate of cyber attacks, machine learning algorithm is applied to IoT-based network traffic data. The proposed algorithm train itself on data and identify different sections of devices interaction by using supervised learning which is considered as a classifier related to a specific IoT device class. The simulation results clearly identify the attacks and produce fewer false detections.

Keywords: IoT, traffic security, deep learning, classification

Procedia PDF Downloads 154

Authors: Magdalena Suárez-Ortega, M. Fe. Sánchez-García

Abstract:

This paper focuses on the analysis of the motivations that lead people to undertake and consolidate their business. It is addressed from the framework of planned behavior theory, which recognizes the importance of the social environment and cultural values, both in the decision to undertake business and in business consolidation. Similarly, it is also based on theories of career development, which emphasize the importance of career management competencies and their connections to other vital aspects of people, including their roles within their families and other personal activities. This connects directly with the impact of entrepreneurship on the career and the professional-personal project of each individual. This study is part of the project titled Career Design and Talent Management (Ministry of Economy and Competitiveness of Spain, State Plan 2013-2016 Excellence Ref. EDU2013-45704-P). The aim of the study is to identify and describe entrepreneurial competencies and motivational profiles in a sample of 248 Spanish entrepreneurs, considering the consolidated profile and the profile in transition (n = 248).In order to obtain the information, the Questionnaire of Motivation and conditioners of the entrepreneurial career (MCEC) has been applied. This consists of 67 items and includes four scales (E1-Conflicts in conciliation, E2-Satisfaction in the career path, E3-Motivations to undertake, E4-Guidance Needs). Cluster analysis (mixed method, combining k-means clustering with a hierarchical method) was carried out, characterizing the groups profiles according to the categorical variables (chi square, p = 0.05), and the quantitative variables (ANOVA). The results have allowed us to characterize three motivational profiles relevant to the motivation, the degree of conciliation between personal and professional life, and the degree of conflict in conciliation, levels of career satisfaction and orientation needs (in the entrepreneurial project and life-career). The first profile is formed by extrinsically motivated entrepreneurs, professionally satisfied and without conflict of vital roles. The second profile acts with intrinsic motivation and also associated with family models, and although it shows satisfaction with their professional career, it finds a high conflict in their family and professional life. The third is composed of entrepreneurs with high extrinsic motivation, professional dissatisfaction and at the same time, feel the conflict in their professional life by the effect of personal roles. Ultimately, the analysis has allowed us to line the kinds of entrepreneurs to different levels of motivation, satisfaction, needs and articulation in professional and personal life, showing characterizations associated with the use of time for leisure, and the care of the family. Associations related to gender, age, activity sector, environment (rural, urban, virtual), and the use of time for domestic tasks are not identified. The model obtained and its implications for the design of training actions and orientation to entrepreneurs is also discussed.

Keywords: motivation, entrepreneurial career, guidance needs, life-work balance, job satisfaction, assessment

Procedia PDF Downloads 301

Authors: Jie Zhang, Qianyu Guo, Tieyi Zhang, Zhiyong Feng, Xiaohong Li

Abstract:

With the widespread popularity of mobile devices and the development of artificial intelligence (AI), deep learning (DL) has been extensively applied in Android apps. Compared with traditional Android apps (traditional apps), deep learning based Android apps (DL-based apps) need to use more third-party application programming interfaces (APIs) to complete complex DL inference tasks. However, existing methods (e.g., FlowDroid) for detecting sensitive information leakage in Android apps cannot be directly used to detect DL-based apps as they are difficult to detect third-party APIs. To solve this problem, we design DLtrace; a new static information flow analysis tool that can effectively recognize third-party APIs. With our proposed trace and detection algorithms, DLtrace can also efficiently detect privacy leaks caused by sensitive APIs in DL-based apps. Moreover, using DLtrace, we summarize the non-sequential characteristics of DL inference tasks in DL-based apps and the specific functionalities provided by DL models for such apps. We propose two formal definitions to deal with the common polymorphism and anonymous inner-class problems in the Android static analyzer. We conducted an empirical assessment with DLtrace on 208 popular DL-based apps in the wild and found that 26.0% of the apps suffered from sensitive information leakage. Furthermore, DLtrace has a more robust performance than FlowDroid in detecting and identifying third-party APIs. The experimental results demonstrate that DLtrace expands FlowDroid in understanding DL-based apps and detecting security issues therein.

Keywords: mobile computing, deep learning apps, sensitive information, static analysis

Procedia PDF Downloads 179

Authors: Umesh Kumar Singh, Abhishek Raghuvanshi, Suyash Kumar Singh

Abstract:

As IoT networks gain popularity, they are more susceptible to security breaches. As a result, it is crucial to analyze the IoT platform as a whole from the standpoint of core security concepts. The Internet of Things relies heavily on wireless networks, which are well-known for being susceptible to a wide variety of attacks. This article provides an analysis of many techniques that may be used to identify vulnerabilities in the software and hardware associated with the Internet of Things (IoT). In the current investigation, an experimental setup is built with the assistance of server computers, client PCs, Internet of Things development boards, sensors, and cloud subscriptions. Through the use of network host scanning methods and vulnerability scanning tools, raw data relating to IoT-based applications and devices may be collected. Shodan is a tool that is used for scanning, and it is also used for effective vulnerability discovery in IoT devices as well as penetration testing. This article presents an efficient mitigation plan for encountering vulnerabilities in the Internet of Things.

Keywords: internet of things, security, privacy, vulnerability identification, mitigation plan

Procedia PDF Downloads 40

Authors: Sri Lakshmi Kanniah, Mohd Naz’ri Mahrin

Abstract:

More and more businesses and services are depending on software to run their daily operations and business services. At the same time, cyber-attacks are becoming more covert and sophisticated, posing threats to software. Vulnerabilities exist in the software due to the lack of security practices during the phases of software development. Implementation of secure software development practices can improve the resistance to attacks. Many methods, models and standards for secure software development have been developed. However, despite the efforts, they still come up against difficulties in their deployment and the processes are not institutionalized. There is a set of factors that influence the successful deployment of secure software development processes. In this study, the methodology and results from a systematic literature review of factors influencing the implementation of secure software development practices is described. A total of 44 primary studies were analysed as a result of the systematic review. As a result of the study, a list of twenty factors has been identified. Some of factors that affect implementation of secure software development practices are: Involvement of the security expert, integration between security and development team, developer’s skill and expertise, development time and communication between stakeholders. The factors were further classified into four categories which are institutional context, people and action, project content and system development process. The results obtained show that it is important to take into account organizational, technical and people issues in order to implement secure software development initiatives.

Keywords: secure software development, software development, software security, systematic literature review

Procedia PDF Downloads 378