Search results for: border security
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 3157

Search results for: border security

2167 Security Report Profiling for Mobile Banking Applications in Indonesia Based on OWASP Mobile Top 10-2016

Authors: Bambang Novianto, Rizal Aditya Herdianto, Raphael Bianco Huwae, Afifah, Alfonso Brolin Sihite, Rudi Lumanto

Abstract:

The mobile banking application is a type of mobile application that is growing rapidly. This is caused by the ease of service and time savings in making transactions. On the other hand, this certainly provides a challenge in security issues. The use of mobile banking can not be separated from cyberattacks that may occur which can result the theft of sensitive information or financial loss. The financial loss and the theft of sensitive information is the most avoided thing because besides harming the user, it can also cause a loss of customer trust in a bank. Cyberattacks that are often carried out against mobile applications are phishing, hacking, theft, misuse of data, etc. Cyberattack can occur when a vulnerability is successfully exploited. OWASP mobile Top 10 has recorded as many as 10 vulnerabilities that are most commonly found in mobile applications. In the others, android permissions also have the potential to cause vulnerabilities. Therefore, an overview of the profile of the mobile banking application becomes an urgency that needs to be known. So that it is expected to be a consideration of the parties involved for improving security. In this study, an experiment has been conducted to capture the profile of the mobile banking applications in Indonesia based on android permission and OWASP mobile top 10 2016. The results show that there are six basic vulnerabilities based on OWASP Mobile Top 10 that are most commonly found in mobile banking applications in Indonesia, i.e. M1:Improper Platform Usage, M2:Insecure Data Storage, M3:Insecure Communication, M5:Insufficient Cryptography, M7:Client Code Quality, and M9:Reverse Engineering. The most permitted android permissions are the internet, status network access, and telephone read status.

Keywords: mobile banking application, OWASP mobile top 10 2016, android permission, sensitive information, financial loss

Procedia PDF Downloads 142
2166 Detecting and Secluding Route Modifiers by Neural Network Approach in Wireless Sensor Networks

Authors: C. N. Vanitha, M. Usha

Abstract:

In a real world scenario, the viability of the sensor networks has been proved by standardizing the technologies. Wireless sensor networks are vulnerable to both electronic and physical security breaches because of their deployment in remote, distributed, and inaccessible locations. The compromised sensor nodes send malicious data to the base station, and thus, the total network effectiveness will possibly be compromised. To detect and seclude the Route modifiers, a neural network based Pattern Learning predictor (PLP) is presented. This algorithm senses data at any node on present and previous patterns obtained from the en-route nodes. The eminence of any node is upgraded by their predicted and reported patterns. This paper propounds a solution not only to detect the route modifiers, but also to seclude the malevolent nodes from the network. The simulation result proves the effective performance of the network by the presented methodology in terms of energy level, routing and various network conditions.

Keywords: neural networks, pattern learning, security, wireless sensor networks

Procedia PDF Downloads 405
2165 Treadmill Negotiation: The Stagnation of the Israeli – Palestinian Peace Process

Authors: Itai Kohavi, Wojciech Nowiak

Abstract:

This article explores the stagnation of the Israeli -Palestinian peace negotiation process, and the reasons behind the failure of more than 12 international initiatives to resolve the conflict. Twenty-seven top members of the Israeli national security elite (INSE) were interviewed, including heads of the negotiation teams, the National Security Council, the Mossad, and other intelligence and planning arms. The interviewees provided their insights on the Israeli challenges in reaching a sustainable and stable peace agreement and in dealing with the international pressure on Israel to negotiate a peace agreement while preventing anti-Israeli UN decisions and sanctions. The findings revealed a decision tree, with red herring deception strategies implemented to postpone the negotiation process and to delay major decisions during the negotiation process. Beyond the possible applications for the Israeli – Palestinian conflict, the findings shed more light on the phenomenon of rational deception of allies in a negotiation process, a subject less frequently researched as compared with deception of rivals.

Keywords: deception, Israeli-Palestinian conflict, negotiation, red herring, terrorist state, treadmill negotiation

Procedia PDF Downloads 305
2164 Jordan Curves in the Digital Plane with Respect to the Connectednesses given by Certain Adjacency Graphs

Authors: Josef Slapal

Abstract:

Digital images are approximations of real ones and, therefore, to be able to study them, we need the digital plane Z2 to be equipped with a convenient structure that behaves analogously to the Euclidean topology on the real plane. In particular, it is required that such a structure allows for a digital analogue of the Jordan curve theorem. We introduce certain adjacency graphs on the digital plane and prove digital Jordan curves for them thus showing that the graphs provide convenient structures on Z2 for the study and processing of digital images. Further convenient structures including the wellknown Khalimsky and Marcus-Wyse adjacency graphs may be obtained as quotients of the graphs introduced. Since digital Jordan curves represent borders of objects in digital images, the adjacency graphs discussed may be used as background structures on the digital plane for solving the problems of digital image processing that are closely related to borders like border detection, contour filling, pattern recognition, thinning, etc.

Keywords: digital plane, adjacency graph, Jordan curve, quotient adjacency

Procedia PDF Downloads 380
2163 Requirement Engineering for Intrusion Detection Systems in Wireless Sensor Networks

Authors: Afnan Al-Romi, Iman Al-Momani

Abstract:

The urge of applying the Software Engineering (SE) processes is both of vital importance and a key feature in critical, complex large-scale systems, for example, safety systems, security service systems, and network systems. Inevitably, associated with this are risks, such as system vulnerabilities and security threats. The probability of those risks increases in unsecured environments, such as wireless networks in general and in Wireless Sensor Networks (WSNs) in particular. WSN is a self-organizing network of sensor nodes connected by wireless links. WSNs consist of hundreds to thousands of low-power, low-cost, multi-function sensor nodes that are small in size and communicate over short-ranges. The distribution of sensor nodes in an open environment that could be unattended in addition to the resource constraints in terms of processing, storage and power, make such networks in stringent limitations such as lifetime (i.e. period of operation) and security. The importance of WSN applications that could be found in many militaries and civilian aspects has drawn the attention of many researchers to consider its security. To address this important issue and overcome one of the main challenges of WSNs, security solution systems have been developed by researchers. Those solutions are software-based network Intrusion Detection Systems (IDSs). However, it has been witnessed, that those developed IDSs are neither secure enough nor accurate to detect all malicious behaviours of attacks. Thus, the problem is the lack of coverage of all malicious behaviours in proposed IDSs, leading to unpleasant results, such as delays in the detection process, low detection accuracy, or even worse, leading to detection failure, as illustrated in the previous studies. Also, another problem is energy consumption in WSNs caused by IDS. So, in other words, not all requirements are implemented then traced. Moreover, neither all requirements are identified nor satisfied, as for some requirements have been compromised. The drawbacks in the current IDS are due to not following structured software development processes by researches and developers when developing IDS. Consequently, they resulted in inadequate requirement management, process, validation, and verification of requirements quality. Unfortunately, WSN and SE research communities have been mostly impermeable to each other. Integrating SE and WSNs is a real subject that will be expanded as technology evolves and spreads in industrial applications. Therefore, this paper will study the importance of Requirement Engineering when developing IDSs. Also, it will study a set of existed IDSs and illustrate the absence of Requirement Engineering and its effect. Then conclusions are drawn in regard of applying requirement engineering to systems to deliver the required functionalities, with respect to operational constraints, within an acceptable level of performance, accuracy and reliability.

Keywords: software engineering, requirement engineering, Intrusion Detection System, IDS, Wireless Sensor Networks, WSN

Procedia PDF Downloads 324
2162 A Software Engineering Methodology for Developing Secure Obfuscated Software

Authors: Carlos Gonzalez, Ernesto Linan

Abstract:

We propose a methodology to conciliate two apparently contradictory processes in the development of secure obfuscated software and good software engineered software. Our methodology consists first in the system designers defining the type of security level required for the software. There are four types of attackers: casual attackers, hackers, institution attack, and government attack. Depending on the level of threat, the methodology we propose uses five or six teams to accomplish this task. One Software Engineer Team and one or two software Obfuscation Teams, and Compiler Team, these four teams will develop and compile the secure obfuscated software, a Code Breakers Team will test the results of the previous teams to see if the software is not broken at the required security level, and an Intrusion Analysis Team will analyze the results of the Code Breakers Team and propose solutions to the development teams to prevent the detected intrusions. We also present an analytical model to prove that our methodology is no only easier to use, but generates an economical way of producing secure obfuscated software.

Keywords: development methodology, obfuscated software, secure software development, software engineering

Procedia PDF Downloads 252
2161 Analytical Study of Applying the Account Aggregation Approach in E-Banking Services

Authors: A. Al Drees, A. Alahmari, R. Almuwayshir

Abstract:

The advanced information technology is becoming an important factor in the development of financial services industry, especially the banking industry. It has introduced new ways of delivering banking to the customer, such as Internet Banking. Banks began to look at electronic banking (e-banking) as a means to replace some of their traditional branch functions using the Internet as a new distribution channel. Some consumers have at least more than one account, and across banks, and access these accounts using e-banking services. To look at the current net worth position, customers have to login to each of their accounts and get the details and work on consolidation. This not only takes ample time but it is a repetitive activity at a specified frequency. To address this point, an account aggregation concept is added as a solution. E-banking account aggregation, as one of the e-banking types, appeared to build a stronger relationship with customers. Account Aggregation Service generally refers to a service that allows customers to manage their bank accounts maintained in different institutions through a common Internet banking operating a platform, with a high concern to security and privacy. This paper presents an overview of an e-banking account aggregation approach as a new service in the e-banking field.

Keywords: e-banking, account aggregation, security, enterprise development

Procedia PDF Downloads 332
2160 Accelerating Mobile Innovation, Adoption, and Translational Science within a Large Research Enterprise and Healthcare System

Authors: Stephen Wheat

Abstract:

Institutional mobile application governance and distribution processes are essential to mobile app innovation. The absence of effective processes poses a significant barrier to the development and adoption of mobile apps for use within a research enterprise and also impedes the translational science of applying research apps in clinical and engineering settings. To accelerate mobile app innovation and adoption, Emory University and Emory Healthcare implemented a three-pronged strategy including. I) Mobile app review and distribution policies and processes. II) Mobile app management infrastructure and mobile app foundation components. III) A strategic sourcing strategy based on preferred mobile app development firms. The results have been an increase from five to 56 mobile apps in the pipeline over three years; increased engagement from technology transfer, legal counsel, compliance, and information security; articulation of a coordinated mobile app strategy; and allocation of more institutional resources toward specific mobile technology and mobile application goals.

Keywords: mobile app management, governance, distribution, information security

Procedia PDF Downloads 300
2159 An Evaluation of People’s Susceptibility to Phishing Attacks in Nepal and Effectiveness of the Applied Countermeasures

Authors: Sunil Chaudhary, Rajendra Bahadur Thapa, Eleni Berki, Marko Helenius

Abstract:

The increasing number of Internet and mobile phone users, and essentially those, who use these electronic media to perform online transactions makes Nepal lucrative for phishing attacks. It is one of the reasons behind escalating phishing attacks in the country. Therefore, in this paper we examine various phishing attempts and real scenarios in Nepal to determine the seriousness of the problem. We also want to find out how prepared are the Internet and mobile phone users and how well-equipped are the private sector and government authorities responsible to handle cybercrime in the country. We considered five areas of research study, i.e., legal measures, technical and procedural measures, organizational structure, capacity building and international cooperation. These constitute important factors in cyber security and are recommended by the Global Cyber security Agenda (GCA). On the basis of our findings, we provide essential suggestions to make anti-phishing measures more appropriate to Nepalese State and society.

Keywords: internet banking, mobile banking, e-commerce, phishing, anti-phishing, Nepal

Procedia PDF Downloads 488
2158 Intrusion Detection Based on Graph Oriented Big Data Analytics

Authors: Ahlem Abid, Farah Jemili

Abstract:

Intrusion detection has been the subject of numerous studies in industry and academia, but cyber security analysts always want greater precision and global threat analysis to secure their systems in cyberspace. To improve intrusion detection system, the visualisation of the security events in form of graphs and diagrams is important to improve the accuracy of alerts. In this paper, we propose an approach of an IDS based on cloud computing, big data technique and using a machine learning graph algorithm which can detect in real time different attacks as early as possible. We use the MAWILab intrusion detection dataset . We choose Microsoft Azure as a unified cloud environment to load our dataset on. We implement the k2 algorithm which is a graphical machine learning algorithm to classify attacks. Our system showed a good performance due to the graphical machine learning algorithm and spark structured streaming engine.

Keywords: Apache Spark Streaming, Graph, Intrusion detection, k2 algorithm, Machine Learning, MAWILab, Microsoft Azure Cloud

Procedia PDF Downloads 149
2157 Factors Affecting Citizens’ Behavioural Intention to Use E-voter Registration and Verification System Towards the Electoral Process in Nigeria

Authors: Aishatu Shuaibu

Abstract:

It is expected that electronic voter registration and verification in Nigeria will enhance the integrity of elections, which is vital for democratic development; it is also expected to enhance efficiency, transparency, and security. However, the reasons for citizens' intentions with respect to behavioral use of such platforms have not been studied in the literature much. This paper, therefore, intends to look into significant characteristics affecting the acceptance and use of e-voter technology among Nigerian residents. Data will be collected using a structured questionnaire from several local government areas (LGAs) around Nigeria to evaluate the influence of demographic characteristics, technology usability, security perceptions, and governmental education on the intention to implement e-voter systems. The results will offer vital insights into the barriers and drivers of voter technology acceptance, aiding in policy suggestions to enhance voter registration and verification processes within Nigeria's electoral framework. This study is designed to aid electoral stakeholders in devising successful strategies for encouraging the broad deployment of e-voter systems in Nigeria.

Keywords: e-governance, e-voting, e-democracy, INEC, Nigeria

Procedia PDF Downloads 23
2156 Digital Literacy Skills for Geologist in Public Sector

Authors: Angsumalin Puntho

Abstract:

Disruptive technology has had a great influence on our everyday lives and the existence of an organization. Geologists in the public sector need to keep up with digital technology and be able to work and collaborate in a more effective manner. The result from SWOT and 7S McKinsey analyses suggest that there are inadequate IT personnel, no individual digital literacy development plan, and a misunderstanding of management policies. The Office of Civil Service Commission develops digital literacy skills that civil servants and government officers should possess in order to work effectively; it consists of nine dimensions, including computer skills, internet skills, cyber security awareness, word processing, spreadsheets, presentation programs, online collaboration, graphics editors and cyber security practices; and six steps of digital literacy development including self-assessment, individual development plan, self-learning, certified test, learning reflection, and practices. Geologists can use digital literacy as a learning tool to develop themselves for better career opportunities.

Keywords: disruptive technology, digital technology, digital literacy, computer skills

Procedia PDF Downloads 117
2155 Indoor and Outdoor Forest Farming for Year-Round Food and Medicine Production, Carbon Sequestration, Soil-Building, and Climate Change Mitigation

Authors: Jerome Osentowski

Abstract:

The objective at Central Rocky Mountain Permaculture Institute has been to put in practice a sustainable way of life while growing food, medicine, and providing education. This has been done by applying methods of farming such as agroforestry, forest farming, and perennial polycultures. These methods have been found to be regenerative to the environment through carbon sequestration, soil-building, climate change mitigation, and the provision of food security. After 30 years of implementing carbon farming methods, the results are agro-diversity, self-sustaining systems, and a consistent provision of food and medicine. These results are exhibited through polyculture plantings in an outdoor forest garden spanning roughly an acre containing about 200 varieties of fruits, nuts, nitrogen-fixing trees, and medicinal herbs, and two indoor forest garden greenhouses (one Mediterranean and one Tropical) containing about 50 varieties of tropical fruits, beans, herbaceous plants and more. While the climate zone outside the greenhouse is 6, the tropical forest garden greenhouse retains an indoor climate zone of 11 with near-net-zero energy consumption through the use of a climate battery, allowing the greenhouse to serve as a year-round food producer. The effort to source food from the forest gardens is minimal compared to annual crop production. The findings at Central Rocky Mountain Permaculture Institute conclude that agroecological methods are not only beneficial but necessary in order to revive and regenerate the environment and food security.

Keywords: agroecology, agroforestry, carbon farming, carbon sequestration, climate battery, food security, forest farming, forest garden, greenhouse, near-net-zero, perennial polycultures

Procedia PDF Downloads 444
2154 Banking and Accounting Analysis Researches Effect on Environment

Authors: Marina Magdy Naguib Karas

Abstract:

New methods of providing banking services to the customer have been introduced, such as online banking. Banks have begun to consider electronic banking (e-banking) as a way to replace some traditional branch functions by using the Internet as a new distribution channel. Some consumers have at least one account at multiple banks and access these accounts through online banking. To check their current net worth, clients need to log into each of their accounts, get detailed information, and work toward consolidation. Not only is it time-consuming, but it is also a repeatable activity with a certain frequency. To solve this problem, the concept of account aggregation was added as a solution. Account consolidation in e-banking as a form of electronic banking appears to build a stronger relationship with customers. An account linking service is generally referred to as a service that allows customers to manage their bank accounts held at different institutions via a common online banking platform that places a high priority on security and data protection. The article provides an overview of the account aggregation approach in e-banking as a new service in the area of e-banking.

Keywords: compatibility, complexity, mobile banking, observation, risk banking technology, Internet banks, modernization of banks, banks, account aggregation, security, enterprise development

Procedia PDF Downloads 51
2153 Expert System: Debugging Using MD5 Process Firewall

Authors: C. U. Om Kumar, S. Kishore, A. Geetha

Abstract:

An Operating system (OS) is software that manages computer hardware and software resources by providing services to computer programs. One of the important user expectations of the operating system is to provide the practice of defending information from unauthorized access, disclosure, modification, inspection, recording or destruction. Operating system is always vulnerable to the attacks of malwares such as computer virus, worm, Trojan horse, backdoors, ransomware, spyware, adware, scareware and more. And so the anti-virus software were created for ensuring security against the prominent computer viruses by applying a dictionary based approach. The anti-virus programs are not always guaranteed to provide security against the new viruses proliferating every day. To clarify this issue and to secure the computer system, our proposed expert system concentrates on authorizing the processes as wanted and unwanted by the administrator for execution. The Expert system maintains a database which consists of hash code of the processes which are to be allowed. These hash codes are generated using MD5 message-digest algorithm which is a widely used cryptographic hash function. The administrator approves the wanted processes that are to be executed in the client in a Local Area Network by implementing Client-Server architecture and only the processes that match with the processes in the database table will be executed by which many malicious processes are restricted from infecting the operating system. The add-on advantage of this proposed Expert system is that it limits CPU usage and minimizes resource utilization. Thus data and information security is ensured by our system along with increased performance of the operating system.

Keywords: virus, worm, Trojan horse, back doors, Ransomware, Spyware, Adware, Scareware, sticky software, process table, MD5, CPU usage and resource utilization

Procedia PDF Downloads 428
2152 Termination of the Brachial Artery in the Arm and Its Clinical Significance

Authors: Ramya Rathan, Miral N. F. Salama

Abstract:

The variations in the arteries have been drawing attention of anatomists for a long time because of their clinical significance. The brachial artery is the principal artery of the arm which is the continuation of the axillary artery from the lower border of the Teres Major. It terminates into the radial and ulnar arteries below the elbow joint at the neck radius. The present study aims at exploring the clinical significance of the high termination of the brachial artery. During the routine cadaveric dissection of the arm, for the undergraduate students of medicine at our university, we observed a high bifurcation of the radial and the ulnar artery at the midshaft of the humerus. The median nerve was seen passing between these two junctions. Further, the course and the relations of this artery were studied. The accurate knowledge regarding these kinds of variation in the blood vessels is mandatory for planning of designing. General physicians, surgeons and radiologists should keep in mind the variations in the branching pattern of the arteries in their daily medical, diagnostic and therapeutic procedures to avoid complications in diagnostic and surgical procedures.

Keywords: brachial artery, high termination, radial artery, ulnar artery

Procedia PDF Downloads 169
2151 Food Insecurity Assessment, Consumption Pattern and Implications of Integrated Food Security Phase Classification: Evidence from Sudan

Authors: Ahmed A. A. Fadol, Guangji Tong, Wlaa Mohamed

Abstract:

This paper provides a comprehensive analysis of food insecurity in Sudan, focusing on consumption patterns and their implications, employing the Integrated Food Security Phase Classification (IPC) assessment framework. Years of conflict and economic instability have driven large segments of the population in Sudan into crisis levels of acute food insecurity according to the (IPC). A substantial number of people are estimated to currently face emergency conditions, with an additional sizeable portion categorized under less severe but still extreme hunger levels. In this study, we explore the multifaceted nature of food insecurity in Sudan, considering its historical, political, economic, and social dimensions. An analysis of consumption patterns and trends was conducted, taking into account cultural influences, dietary shifts, and demographic changes. Furthermore, we employ logistic regression and random forest analysis to identify significant independent variables influencing food security status in Sudan. Random forest clearly outperforms logistic regression in terms of area under curve (AUC), accuracy, precision and recall. Forward projections of the IPC for Sudan estimate that 15 million individuals are anticipated to face Crisis level (IPC Phase 3) or worse acute food insecurity conditions between October 2023 and February 2024. Of this, 60% are concentrated in Greater Darfur, Greater Kordofan, and Khartoum State, with Greater Darfur alone representing 29% of this total. These findings emphasize the urgent need for both short-term humanitarian aid and long-term strategies to address Sudan's deepening food insecurity crisis.

Keywords: food insecurity, consumption patterns, logistic regression, random forest analysis

Procedia PDF Downloads 76
2150 Search for Alternative Strategy to Enhancing Food Security at Household Level: Hybrid Urban Agriculture as a Strategy

Authors: Nyumbaiza Tambwe

Abstract:

The purpose of this paper is to demonstrate that hybrid urban agriculture as the most practiced type of urban agriculture in the majority of cities in sub-Saharan Africa can be taken as an alternative strategy in fighting food insecurity. The practice not only provides food, generates income and fights against unemployment; it constitutes a true back-up for households during crisis linked to the nature of capitalism system. African cities are mostly characterized by rapid population growth, rampant poverty, and high level of unemployment and food insecurity. Those factors and many others are at the origin of the emergence of urban agriculture in many African cities. Based particularly on results of research undertaken in the Democratic Republic of Congo (DRC), but also in comparison with those realized in other parts of the African continent, the paper is a case study. Therefore, the paper firstly describes the situation of food in Africa, secondly, presents hybrid urban agriculture as a household strategy in fighting food insecurity and finally shows possibilities and limits of this practice.

Keywords: alternative strategy, food security, household strategy, hybrid urban agriculture

Procedia PDF Downloads 327
2149 USBware: A Trusted and Multidisciplinary Framework for Enhanced Detection of USB-Based Attacks

Authors: Nir Nissim, Ran Yahalom, Tomer Lancewiki, Yuval Elovici, Boaz Lerner

Abstract:

Background: Attackers increasingly take advantage of innocent users who tend to use USB devices casually, assuming these devices benign when in fact they may carry an embedded malicious behavior or hidden malware. USB devices have many properties and capabilities that have become the subject of malicious operations. Many of the recent attacks targeting individuals, and especially organizations, utilize popular and widely used USB devices, such as mice, keyboards, flash drives, printers, and smartphones. However, current detection tools, techniques, and solutions generally fail to detect both the known and unknown attacks launched via USB devices. Significance: We propose USBWARE, a project that focuses on the vulnerabilities of USB devices and centers on the development of a comprehensive detection framework that relies upon a crucial attack repository. USBWARE will allow researchers and companies to better understand the vulnerabilities and attacks associated with USB devices as well as providing a comprehensive platform for developing detection solutions. Methodology: The framework of USBWARE is aimed at accurate detection of both known and unknown USB-based attacks by a process that efficiently enhances the framework's detection capabilities over time. The framework will integrate two main security approaches in order to enhance the detection of USB-based attacks associated with a variety of USB devices. The first approach is aimed at the detection of known attacks and their variants, whereas the second approach focuses on the detection of unknown attacks. USBWARE will consist of six independent but complimentary detection modules, each detecting attacks based on a different approach or discipline. These modules include novel ideas and algorithms inspired from or already developed within our team's domains of expertise, including cyber security, electrical and signal processing, machine learning, and computational biology. The establishment and maintenance of the USBWARE’s dynamic and up-to-date attack repository will strengthen the capabilities of the USBWARE detection framework. The attack repository’s infrastructure will enable researchers to record, document, create, and simulate existing and new USB-based attacks. This data will be used to maintain the detection framework’s updatability by incorporating knowledge regarding new attacks. Based on our experience in the cyber security domain, we aim to design the USBWARE framework so that it will have several characteristics that are crucial for this type of cyber-security detection solution. Specifically, the USBWARE framework should be: Novel, Multidisciplinary, Trusted, Lightweight, Extendable, Modular and Updatable and Adaptable. Major Findings: Based on our initial survey, we have already found more than 23 types of USB-based attacks, divided into six major categories. Our preliminary evaluation and proof of concepts showed that our detection modules can be used for efficient detection of several basic known USB attacks. Further research, development, and enhancements are required so that USBWARE will be capable to cover all of the major known USB attacks and to detect unknown attacks. Conclusion: USBWARE is a crucial detection framework that must be further enhanced and developed.

Keywords: USB, device, cyber security, attack, detection

Procedia PDF Downloads 398
2148 Toward a Characteristic Optimal Power Flow Model for Temporal Constraints

Authors: Zongjie Wang, Zhizhong Guo

Abstract:

While the regular optimal power flow model focuses on a single time scan, the optimization of power systems is typically intended for a time duration with respect to a desired objective function. In this paper, a temporal optimal power flow model for a time period is proposed. To reduce the computation burden needed for calculating temporal optimal power flow, a characteristic optimal power flow model is proposed, which employs different characteristic load patterns to represent the objective function and security constraints. A numerical method based on the interior point method is also proposed for solving the characteristic optimal power flow model. Both the temporal optimal power flow model and characteristic optimal power flow model can improve the systems’ desired objective function for the entire time period. Numerical studies are conducted on the IEEE 14 and 118-bus test systems to demonstrate the effectiveness of the proposed characteristic optimal power flow model.

Keywords: optimal power flow, time period, security, economy

Procedia PDF Downloads 452
2147 Modelling Insider Attacks in Public Cloud

Authors: Roman Kulikov, Svetlana Kolesnikova

Abstract:

Last decade Cloud Computing technologies have been rapidly becoming ubiquitous. Each year more and more organizations, corporations, internet services and social networks trust their business sensitive information to Public Cloud. The data storage in Public Cloud is protected by security mechanisms such as firewalls, cryptography algorithms, backups, etc.. In this way, however, only outsider attacks can be prevented, whereas virtualization tools can be easily compromised by insider. The protection of Public Cloud’s critical elements from internal intruder remains extremely challenging. A hypervisor, also called a virtual machine manager, is a program that allows multiple operating systems (OS) to share a single hardware processor in Cloud Computing. One of the hypervisor's functions is to enforce access control policies. Furthermore, it prevents guest OS from disrupting each other and from accessing each other's memory or disk space. Hypervisor is the one of the most critical and vulnerable elements in Cloud Computing infrastructure. Nevertheless, it has been poorly protected from being compromised by insider. By exploiting certain vulnerabilities, privilege escalation can be easily achieved in insider attacks on hypervisor. In this way, an internal intruder, who has compromised one process, is able to gain control of the entire virtual machine. Thereafter, the consequences of insider attacks in Public Cloud might be more catastrophic and significant to virtual tools and sensitive data than of outsider attacks. So far, almost no preventive security countermeasures have been developed. There has been little attention paid for developing models to assist risks mitigation strategies. In this paper formal model of insider attacks on hypervisor is designed. Our analysis identifies critical hypervisor`s vulnerabilities that can be easily compromised by internal intruder. Consequently, possible conditions for successful attacks implementation are uncovered. Hence, development of preventive security countermeasures can be improved on the basis of the proposed model.

Keywords: insider attack, public cloud, cloud computing, hypervisor

Procedia PDF Downloads 364
2146 Banking and Accounting Analysis Researches Effect on Environment and Income

Authors: Gerges Samaan Henin Abdalla

Abstract:

New methods of providing banking services to the customer have been introduced, such as online banking. Banks have begun to consider electronic banking (e-banking) as a way to replace some traditional branch functions by using the Internet as a new distribution channel. Some consumers have at least one account at multiple banks and access these accounts through online banking. To check their current net worth, clients need to log into each of their accounts, get detailed information, and work toward consolidation. Not only is it time consuming, but it is also a repeatable activity with a certain frequency. To solve this problem, the concept of account aggregation was added as a solution. Account consolidation in e-banking as a form of electronic banking appears to build a stronger relationship with customers. An account linking service is generally referred to as a service that allows customers to manage their bank accounts held at different institutions via a common online banking platform that places a high priority on security and data protection. The article provides an overview of the account aggregation approach in e-banking as a new service in the area of e-banking.

Keywords: compatibility, complexity, mobile banking, observation, risk banking technology, Internet banks, modernization of banks, banks, account aggregation, security, enterprise development

Procedia PDF Downloads 58
2145 Specific Emitter Identification Based on Refined Composite Multiscale Dispersion Entropy

Authors: Shaoying Guo, Yanyun Xu, Meng Zhang, Weiqing Huang

Abstract:

The wireless communication network is developing rapidly, thus the wireless security becomes more and more important. Specific emitter identification (SEI) is an vital part of wireless communication security as a technique to identify the unique transmitters. In this paper, a SEI method based on multiscale dispersion entropy (MDE) and refined composite multiscale dispersion entropy (RCMDE) is proposed. The algorithms of MDE and RCMDE are used to extract features for identification of five wireless devices and cross-validation support vector machine (CV-SVM) is used as the classifier. The experimental results show that the total identification accuracy is 99.3%, even at low signal-to-noise ratio(SNR) of 5dB, which proves that MDE and RCMDE can describe the communication signal series well. In addition, compared with other methods, the proposed method is effective and provides better accuracy and stability for SEI.

Keywords: cross-validation support vector machine, refined com- posite multiscale dispersion entropy, specific emitter identification, transient signal, wireless communication device

Procedia PDF Downloads 130
2144 Analyzing the Risk Based Approach in General Data Protection Regulation: Basic Challenges Connected with Adapting the Regulation

Authors: Natalia Kalinowska

Abstract:

The adoption of the General Data Protection Regulation, (GDPR) finished the four-year work of the European Commission in this area in the European Union. Considering far-reaching changes, which will be applied by GDPR, the European legislator envisaged two-year transitional period. Member states and companies have to prepare for a new regulation until 25 of May 2018. The idea, which becomes a new look at an attitude to data protection in the European Union is risk-based approach. So far, as a result of implementation of Directive 95/46/WE, in many European countries (including Poland) there have been adopted very particular regulations, specifying technical and organisational security measures e.g. Polish implementing rules indicate even how long password should be. According to the new approach from May 2018, controllers and processors will be obliged to apply security measures adequate to level of risk associated with specific data processing. The risk in GDPR should be interpreted as the likelihood of a breach of the rights and freedoms of the data subject. According to Recital 76, the likelihood and severity of the risk to the rights and freedoms of the data subject should be determined by reference to the nature, scope, context and purposes of the processing. GDPR does not indicate security measures which should be applied – in recitals there are only examples such as anonymization or encryption. It depends on a controller’s decision what type of security measures controller considered as sufficient and he will be responsible if these measures are not sufficient or if his identification of risk level is incorrect. Data protection regulation indicates few levels of risk. Recital 76 indicates risk and high risk, but some lawyers think, that there is one more category – low risk/now risk. Low risk/now risk data processing is a situation when it is unlikely to result in a risk to the rights and freedoms of natural persons. GDPR mentions types of data processing when a controller does not have to evaluate level of risk because it has been classified as „high risk” processing e.g. processing on a large scale of special categories of data, processing with using new technologies. The methodology will include analysis of legal regulations e.g. GDPR, the Polish Act on the Protection of personal data. Moreover: ICO Guidelines and articles concerning risk based approach in GDPR. The main conclusion is that an appropriate risk assessment is a key to keeping data safe and avoiding financial penalties. On the one hand, this approach seems to be more equitable, not only for controllers or processors but also for data subjects, but on the other hand, it increases controllers’ uncertainties in the assessment which could have a direct impact on incorrect data protection and potential responsibility for infringement of regulation.

Keywords: general data protection regulation, personal data protection, privacy protection, risk based approach

Procedia PDF Downloads 253
2143 Eco-Literacy and Pedagogical Praxis in the Multidisciplinary University Greenhouse toward the Food Security Strengthening

Authors: Citlali Aguilera Lira, David Lynch Steinicke, Andrea León García

Abstract:

One of the challenges that higher education faces is to find how to approach the sustainability in an inclusive way to the student within all the different academic areas, how to move the sustainable development from the abstract field to the operational field. This research comes from the ecoliteracy and the pedagogical praxis as tools for rebuilding the teaching processes inside of universities. The purpose is to determine and describe which are the factors involved in the process of learning particularly in the Greenhouse-School Siembra UV. In the Greenhouse-School Siembra UV, of the University of Veracruz, are cultivated vegetables, medicinal plants and small cornfields under the usage of eco-technologies such as hydroponics, Wickingbed and Hugelkultur, which main purpose is the saving of space, labor and natural resources, as well as function as agricultural production alternatives in the urban and periurban zones. The sample was formed with students from different academic areas and who are actively involved in the greenhouse, as well as institutes from the University of Veracruz and governmental and non-governmental departments. This project comes from a pedagogic praxis approach, from filling the needs that the different professional profiles of the university students have. All this with the purpose of generate a pragmatic dialogue with the sustainability. It also comes from the necessity to understand the factors that intervene in the students’ praxis. In this manner is how the students are the fundamental unit in the sphere of sustainability. As a result, it is observed that those University of Veracruz students who are involved in the Greenhouse-school, Siembra UV, have enriched in different levels the sense of urban and periurban agriculture because of the diverse academic approaches they have and the interaction between them. It is concluded that the eco-technologies act as fundamental tools for ecoliteracy in society, where it is strengthen the nutritional and food security from a sustainable development approach.

Keywords: farming eco-technologies, food security, multidisciplinary, pedagogical praxis

Procedia PDF Downloads 317
2142 Conflict and Hunger Revisit: Evidences from Global Surveys, 1989-2020

Authors: Manasse Elusma, Thung-Hong Lin, Chun-yin Lee

Abstract:

The relationship between hunger and war or conflict remains to be discussed. Do wars or conflicts cause hunger and food scarcity, or is the reverse relationship is true? As the world becomes more peaceful and wealthier, some countries are still suffered from hunger and food shortage. So, eradicating hunger calls for a more comprehensive understanding of the relationship between conflict and hunger. Several studies are carried out to detect the importance of conflict or war on food security. Most of these studies, however, perform only descriptive analysis and largely use food security indicators instead of the global hunger index. Few studies have employed cross-country panel data to explicitly analyze the association between conflict and chronic hunger, including hidden hunger. Herein, this study addresses this issue and the knowledge gap. We combine global datasets to build a new panel dataset including 143 countries from 1989 to 2020. This study examines the effect of conflict on hunger with fixed effect models, and the results show that the increase of conflict frequency deteriorates hunger. Peacebuilding efforts and war prevention initiative are required to eradicate global hunger.

Keywords: armed conflict, food scarcity, hidden hunger, hunger, malnutrition

Procedia PDF Downloads 174
2141 Nutrition Environments and the Development of Taste Preferences: A Cross-Sectional Study of Primary School Children in Trinidad and Tobago

Authors: Fareena Alladin

Abstract:

In the Caribbean, issues of food security, health and taste are intricately linked, seen most clearly in the increasing incidence of lifestyle diseases among children coupled with a taste for high calorie and Westernized diets. In order to fully appreciate this link, the role of nutrition environments must be examined. To this end, the present study incorporates tenets of Bourdieu’s social constructivist theory with the Community Nutrition Environment Model. The aim of this study was to examine the relationships between availability of and access to healthy/unhealthy foods within nutrition environments, namely the household and school, and the development of taste preferences for healthy/unhealthy foods among primary school children in a selected educational district in Trinidad and Tobago. A cross-sectional survey of 400 children between the ages of 9 and 11 years was conducted. Data analysis was conducted using SPSS 24. Results indicated that availability of healthy food at home was positively correlated with preference for vegetables, and negatively correlated with preference for salty snacks and fast food. The availability of unhealthy food within the home was found to be negatively correlated with preference for vegetables and positively correlated with preference for salty snacks. Access to unhealthy foods at school had a positive correlation with preference for fast food. These findings highlight the role of the food environment in shaping taste preferences, and point to the need for interrogating the centrality of food security concerns in emerging health concerns of Caribbean countries. Such interrogations are a necessary part of the development of research agendas, and policy formulation and implementation.

Keywords: food security, nutrition environment, taste preference, Trinidad and Tobago

Procedia PDF Downloads 136
2140 Structured Tariff Calculation to Promote Geothermal for Energy Security

Authors: Siti Mariani, Arwin DW Sumari, Retno Gumilang Dewi

Abstract:

This paper analyzes the necessity of a structured tariff calculation for geothermal electricity in Indonesia. Indonesia is blessed with abundant natural resources and a choices of energy resources to generate electricity among other are coal, gas, biomass, hydro to geothermal, creating a fierce competition in electricity tariffs. While geothermal is inline with energy security principle and green growth initiative, it requires a huge capital funding. Geothermal electricity development consists of phases of project with each having its own financial characteristics. The Indonesian government has set a support in the form of ceiling price of geothermal electricity tariff by 11 U.S cents / kWh. However, the government did not set a levelized cost of geothermal, as an indication of lower limit capacity class, to which support is given. The government should establish a levelized cost of geothermal energy to reflect its financial capability in supporting geothermal development. Aside of that, the government is also need to establish a structured tariff calculation to reflect a fair and transparent business cooperation.

Keywords: load fator, levelized cost of geothermal, geothermal power plant, structured tariff calculation

Procedia PDF Downloads 442
2139 Cybersecurity Protective Behavior in Industrial Revolution 4.0 Era: A Conceptual Framework

Authors: Saif Hussein Abdallah Alghazo, Norshima Humaidi

Abstract:

Adopting cybersecurity protective behaviour among the employees is seriously considered in the organization, especially when the Internet of Things (IoT) is widely used in Industrial Revolution 4.0 (IR 4.0) era. Cybersecurity issues arise due to weaknesses of employees’ behaviour such as carelessness and failure to adopt good practices of information security behaviour. Therefore, this study aims to explore the dimensions that might influence employees’ behaviour to adopt good cybersecurity practices and to develop a new holistic model related to this concept. The study proposed this by reviewing the existing works of literature related to this field extensively, especially by focusing on the existing theory such as Protection Motivation Theory (PMT). Moreover, this study has also explored the role of cybersecurity competency among the security manager in the organization since this construct is essential to enhance the protective behaviour towards cybersecurity among the employees in the organization. The proposed research model is important to be quantitatively tested in the future as the findings will serve as the input to the act that will enhance employee’s cybersecurity protective behaviour in the IR 4.0 environment.

Keywords: cybersecurity protective behaviour, protection motivation theory, IR 4.0, cybersecurity competency

Procedia PDF Downloads 153
2138 An Assessment of Housing Affordability and Safety Measures in the Varied Residential Area of Lagos, A Case Study of the Amuwo-Odofin Local Government Area in Lagos State

Authors: Jubril Olatunbosun Akinde

Abstract:

Unplanned population growth are mostly attributed to a lack of infrastructural facilities and poor economic condition in the rural dwellings and the incidence of rural-urban migration, which has resulted in severe housing deficiency in the urban centre, with a resultant pressure on housing delivery in the cities. Affordable housing does not only encompass environmental factors that make living acceptable and comfortable, which include good access routes, ventilation, sanitation and access to other basic human needs, which include water and safety. The research assessed the housing affordability and safety measures in the varied residential area of lagos by examining the demographic and socioeconomic attributes of residents; examining the existing residential safety measures; by examining the residential quality in terms of safety; the researcher therefore examined if relationship between housing affordability and safety in the varied residential areas. The research adopted the bartlett, kotrlik and higgins (2001) method of t-test to determine the sample size which specifies different populations at different levels of significance (α). The researcher adopted primary data which was sourced from a field survey where the sample population was simply randomly selected to give a member of the population an equal chance of being selected, therefore, the sample size for the field survey was two hundred (200) respondents, and subjected to necessary testing. The research come to conclusion that housing safety and security is the responsibility of every resident, the landlords/landladies possess a better sense of security in their neighbourhood than renters in the community, therefore they need to be aware of their responsibility of ensuring the safety of lives and property.

Keywords: housing, housing affordability, housing security, residential, residential quality

Procedia PDF Downloads 112