Search results for: cyber criminality
264 Cybersecurity Protection Structures: The Case of Lesotho
Authors: N. N. Mosola, K. F. Moeketsi, R. Sehobai, N. Pule
Abstract:
The Internet brings increasing use of Information and Communications Technology (ICT) services and facilities. Consequently, new computing paradigms emerge to provide services over the Internet. Although there are several benefits stemming from these services, they pose several risks inherited from the Internet. For example, cybercrime, identity theft, malware etc. To thwart these risks, this paper proposes a holistic approach. This approach involves multidisciplinary interactions. The paper proposes a top-down and bottom-up approach to deal with cyber security concerns in developing countries. These concerns range from regulatory and legislative areas, cyber awareness, research and development, technical dimensions etc. The main focus areas are highlighted and a cybersecurity model solution is proposed. The paper concludes by combining all relevant solutions into a proposed cybersecurity model to assist developing countries in enhancing a cyber-safe environment to instill and promote a culture of cybersecurity.Keywords: cybercrime, cybersecurity, computer emergency response team, computer security incident response team
Procedia PDF Downloads 163263 The Proactive Approach of Digital Forensics Methodology against Targeted Attack Malware
Authors: Mohamed Fadzlee Sulaiman, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin
Abstract:
Each individual organization has their own mechanism to build up cyber defense capability in protecting their information infrastructures from data breaches and cyber espionage. But, we can not deny the possibility of failing to detect and stop cyber attacks especially for those targeting credential information and intellectual property (IP). In this paper, we would like to share the modern approach of effective digital forensic methodology in order to identify the artifacts in tracing the trails of evidence while mitigating the infection from the target machine/s. This proposed approach will suit the digital forensic investigation to be conducted while resuming the business critical operation after mitigating the infection and minimizing the risk from the identified attack to transpire. Therefore, traditional digital forensics methodology has to be improvised to be proactive which not only focusing to discover the root caused and the threat actor but to develop the relevant mitigation plan in order to prevent from the same attack.Keywords: digital forensic, detection, eradication, targeted attack, malware
Procedia PDF Downloads 281262 Balancing Security and Human Rights: A Comprehensive Approach to Security and Defense Policy
Authors: Babatunde Osabiya
Abstract:
Cybersecurity has emerged as a pressing policy problem in recent years, affecting individuals, businesses, and governments worldwide. This research paper aims to critically review the literature on cybersecurity policy and apply policy theory to propose a policy approach that balances the freedom to access and use technology with the human rights risks and threats posed by cyber. Drawing on various credible sources, the paper examines the scale and seriousness of cyber threats, highlighting the growing threat posed by cybercriminals, hackers, and nation-states. The paper also identifies the key challenges facing policymakers, including the need for more significant investment in cybersecurity research and development and the importance of balancing the benefits of technological innovation with the risks to privacy, security, and human rights. To address these challenges, the paper proposes a policy approach emphasizing investing in cybersecurity research and development to maintain a technological edge over potential adversaries. This approach also highlights the need for greater collaboration between government, industry, and civil society to develop effective cybersecurity policies and practices that protect the rights and freedoms of people while mitigating the risks posed by cyber threats. This paper will contribute to the growing body of literature on cybersecurity policy and offers a policy framework for addressing this critical policy challenge.Keywords: security risk, legal framework, cyber security and policy, national security
Procedia PDF Downloads 96261 Cyber-Softbook: A Platform for Collaborative Content Development and Delivery for Cybersecurity Education
Authors: Eniye Tebekaemi, Martin Zhao
Abstract:
The dichotomy between the skills set of newly minted college graduates and the skills required by cybersecurity employers is on the rise. Colleges are struggling to cope with the rapid pace of technology evolution using outdated tools and practices. Industries are getting frustrated due to the need to retrain fresh college graduates on skills they should have acquired. There is a dire need for academic institutions to develop new tools and systems to deliver cybersecurity education to meet the ever-evolving technology demands of the industry. The Cyber-Softbook project’s goal is to bridge the tech industry and tech education gap by providing educators a framework to collaboratively design, manage, and deliver cybersecurity academic courses that meet the needs of the tech industry. The Cyber-Softbook framework, when developed, will provide a platform for academic institutions and tech industries to collaborate on tech education and for students to learn about cybersecurity with all the resources they need to understand concepts and gain valuable skills available on a single platform.Keywords: cybersecurity, education, skills, labs, curriculum
Procedia PDF Downloads 96260 European Prosecutor's Office: Chances and Threats; Brief to Polish Perspective
Authors: Katarzyna Stoklosa
Abstract:
Introduction: European Public Prosecutor’s Office (EPPO) is an independent office in European Union which was established under the article 86 of the Treaty on the Functioning of the European Union by the Treaty of Lisbon following the method of enhanced cooperation. EPPO is aimed at combating crimes against the EU’s financial interest et fraud against the EU budgets on the one hand, EPPO will give a chance to effective fight with organized criminality, on the other it seems to be a threat for member-states which bound with justice the problem of sovereignty. It is a new institution that will become effective from 2020, which is why it requires prior analysis. Methodology: The author uses statistical and comparative methods by collecting and analyzing the work of current institutions such as Europol, Eurojust, as well as the future impact of EPPO on detection and prosecution of crimes. The author will also conduct questionnaire among students and academic staff involved in the perception of EU institutions and the need to create new entities dealing with inter-agency cooperation in criminal matters. Thanks to these research the author will draw up present ways of cooperation between member-states and changes in fighting with financial crimes which will grow up under new regulation. Major Finding of the Study: Analysis and research show that EPPO is an institution based on the principle of mutual recognition, which often does not work in cooperation between Member States. Distrust and problems with the recognition of judgments of other EU Member States may significantly affect the functioning of EPPO. Poland is not part of the EPPO, because arguments have been raised that the European Public Prosecutor's Office interferes too much with the Member States’ pro-active sovereignty and duplicates competences. The research and analyzes carried out by the author show that EPPO has completely new competences, for example, it may file indictments against perpetrators of financial crimes. However, according to the research carried out by the author, such competences may undermine the sovereignty and the principle of protecting the public order of the EU. Conclusion: After the analysis, it will be possible to set following thesis: EPPO is only possible way to effective fight with organized financial criminality. However in conclusion Polish doubts should not be criticized at all. Institutions as EPPO must properly respect sovereignty of member-states. Even instruments like that cannot provoke political contraventions, because there are no other ways to effective resolving of international criminality problem.Keywords: criminal trial, economic crimes, European Public Prosecutor's Office, European Union
Procedia PDF Downloads 168259 Enhanced Model for Risk-Based Assessment of Employee Security with Bring Your Own Device Using Cyber Hygiene
Authors: Saidu I. R., Shittu S. S.
Abstract:
As the trend of personal devices accessing corporate data continues to rise through Bring Your Own Device (BYOD) practices, organizations recognize the potential cost reduction and productivity gains. However, the associated security risks pose a significant threat to these benefits. Often, organizations adopt BYOD environments without fully considering the vulnerabilities introduced by human factors in this context. This study presents an enhanced assessment model that evaluates the security posture of employees in BYOD environments using cyber hygiene principles. The framework assesses users' adherence to best practices and guidelines for maintaining a secure computing environment, employing scales and the Euclidean distance formula. By utilizing this algorithm, the study measures the distance between users' security practices and the organization's optimal security policies. To facilitate user evaluation, a simple and intuitive interface for automated assessment is developed. To validate the effectiveness of the proposed framework, design science research methods are employed, and empirical assessments are conducted using five artifacts to analyze user suitability in BYOD environments. By addressing the human factor vulnerabilities through the assessment of cyber hygiene practices, this study aims to enhance the overall security of BYOD environments and enable organizations to leverage the advantages of this evolving trend while mitigating potential risks.Keywords: security, BYOD, vulnerability, risk, cyber hygiene
Procedia PDF Downloads 80258 Bystander Perceived Severity on Traditional versus Cyber Bullying
Authors: C. Smith, T. Goga, T. Hancock
Abstract:
Bullying has been an increasingly prevalent problem among society for decades. Approximately one out of every four students report being bullied at least once during the school year. Additionally, these instances of bullying are often witnessed but not reported by the bystanders, which could be dependent on the type of bullying situation. Thus, the present study aims to investigate any possible perceptual differences which may exist between traditional bullying (i.e., face to face) and cyberbullying from the bystander’s point of view. Undergraduate students were given a bullying scenario to read from either the traditional condition or the cyber condition. They were then asked to rate how severe they perceived this behavior on a Likert based scale. Participants were also asked if they would intervene (yes or no) and what their individual response would be to the witnessed behavior (report/ignore/confront/other). Results indicated that, while there was no significant difference in perceived severity between the two bullying conditions, there was a significant difference in whether or not participants would intervene between the two types of scenarios. A significant effect was also found between the scenarios for response type. Together, these findings suggest that even though individuals may not be aware of how severe they perceive certain bullying behaviors, the responses they exhibit might suggest otherwise.Keywords: bullying, bystander, cyber, severity, traditional
Procedia PDF Downloads 138257 Communication Layer Security in Smart Farming: A Survey on Wireless Technologies
Authors: Hossein Mohammadi Rouzbahani, Hadis Karimipour, Evan Fraser, Ali Dehghantanha, Emily Duncan, Arthur Green, Conchobhair Russell
Abstract:
Human population growth has driven rising demand for food that has, in turn, imposed huge impacts on the environment. In an effort to reconcile our need to produce more sustenance while also protecting the world’s ecosystems, farming is becoming more reliant on smart tools and communication technologies. Developing a smart farming framework allows farmers to make more efficient use of inputs, thus protecting water quality and biodiversity habitat. Internet of Things (IoT), which has revolutionized every sphere of the economy, is being applied to agriculture by connecting on-farm devices and providing real-time monitoring of everything from environmental conditions to market signals through to animal health data. However, utilizing IoT means farming networks are now vulnerable to malicious activities, mostly when wireless communications are highly employed. With that in mind, this research aims to review different utilized communication technologies in smart farming. Moreover, possible cyber-attacks are investigated to discover the vulnerabilities of communication technologies considering the most frequent cyber-attacks that have been happened.Keywords: smart farming, Internet of Things, communication layer, cyber-attack
Procedia PDF Downloads 247256 Profile of Internet and Smartphone Overuse Based on Internet Usage Needs
Authors: Yeoju Chung
Abstract:
Adolescents internet and smartphone addiction are increasing in Korea. But differences between internet addiction and smartphone addiction have been researched in these days. The main objective of this article is to explore the presence of clusters within a sample of adolescents based on dimensions associated with addiction and internet usage needs. The sample consists of 617 adolescents in the 14-19 year age group who were recruited in Korea A cluster analysis identified four groups of participants: internet overuse(IO), smartphone overuse(SO), both overuse(B) and normal(N) use group. MANOVA analysis based on internet usage showed that there are differences among four groups in internet usage needs. IO has higher cyber self-seeking needs and emotion and thought expression needs than SO. SO has higher real relationship and life needs with cyberworld than IO, B, and N. B has the highest cyber self-seeking needs and emotion and thought expression needs, however, game fun seeking needs is the highest in IO. These results support that IO seeks game fun needs, SO seeks real relationship and life needs, and B seeks cyber self and expression in cyberworld.Keywords: addiction, internet, needs, smartphone
Procedia PDF Downloads 278255 Machine Learning Invariants to Detect Anomalies in Secure Water Treatment
Authors: Jonathan Heng, Yoong Cheah Huei
Abstract:
A strategic model that does not trigger any false alarms to detect anomalies in Secure Water Treatment (SWaT) test bed is presented. This model uses machine learning invariants formulated from streamlining the general form of Auto-Regressive models with eXogenous input. A creative generalized CUSUM algorithm to integrate the invariants and the detection strategy technique is successfully developed and tested in the SWaT Programmable Logic Controllers (PLCs). Three steps to fine-tune parameters, b and τ in the generalized algorithm are stated and an example used to demonstrate the tuning process is discussed. This approach can swiftly and effectively detect various scopes of cyber-attacks such as multiple points single stage and multiple points multiple stages in SWaT. This technique can be applied in water treatment plants and other cyber physical systems like power and gas plants too.Keywords: machine learning invariants, generalized CUSUM algorithm with invariants and detection strategy, scope of cyber attacks, strategic model, tuning parameters
Procedia PDF Downloads 186254 False Assumptions Made in Cybersecurity Curriculum: K-12
Authors: Nathaniel Evans, Jessica Boersma, Kenneth Kass
Abstract:
With technology and STEM fields growing every day, there is a significant projected shortfall in qualified cybersecurity workers. As such, it is essential to develop a cybersecurity curriculum that builds skills and cultivates interest in cybersecurity early on. With new jobs being created every day and an already significant gap in the job market, it is vital that educators are pro-active in introducing a cybersecurity curriculum where students are able to learn new skills and engage in an age-appropriate cyber curriculum. Within this growing world of cybersecurity, students should engage in age-appropriate technology and cybersecurity curriculum, starting with elementary school (k-5), extending through high school, and ultimately into college. Such practice will provide students with the confidence, skills, and, ultimately, the opportunity to work in the burgeoning information security field. This paper examines educational methods, pedagogical practices, current cybersecurity curricula, and other educational resources and conducts analysis for false assumptions and developmental appropriateness. It also examines and identifies common mistakes with current cyber curriculum and lessons and discuss strategies for improvement. Throughout the lessons that were reviewed, many common mistakes continued to pop up. These mistakes included age appropriateness, technology resources that were available, and consistency of student’s skill levels. Many of these lessons were written for the wrong grade levels. The ones written for the elementary level all had activities that assumed that every student in the class could read at grade level and also had background knowledge of the cyber activity at hand, which is not always the case. Another major mistake was that these lessons assumed that all schools had any kind of technology resource available to them. Some schools are 1:1, and others are only allotted three computers in their classroom where the students have to share. While coming up with a cyber-curriculum, it has to be kept in mind that not all schools are the same, not every classroom is the same. There are many students who are not reading at their grade level or have not had exposure to the digital world. We need to start slow and ease children into the cyber world. Once they have a better understanding, it will be easier to move forward with these lessons and get the students engaged. With a better understanding of common mistakes that are being made, a more robust curriculum and lessons can be created that no only spark a student’s interest in this much-needed career field but encourage learning while keeping our students safe from cyber-attacks.Keywords: assumptions, cybersecurity, k-12, teacher
Procedia PDF Downloads 169253 Deep Learning and Accurate Performance Measure Processes for Cyber Attack Detection among Web Logs
Authors: Noureddine Mohtaram, Jeremy Patrix, Jerome Verny
Abstract:
As an enormous number of online services have been developed into web applications, security problems based on web applications are becoming more serious now. Most intrusion detection systems rely on each request to find the cyber-attack rather than on user behavior, and these systems can only protect web applications against known vulnerabilities rather than certain zero-day attacks. In order to detect new attacks, we analyze the HTTP protocols of web servers to divide them into two categories: normal attacks and malicious attacks. On the other hand, the quality of the results obtained by deep learning (DL) in various areas of big data has given an important motivation to apply it to cybersecurity. Deep learning for attack detection in cybersecurity has the potential to be a robust tool from small transformations to new attacks due to its capability to extract more high-level features. This research aims to take a new approach, deep learning to cybersecurity, to classify these two categories to eliminate attacks and protect web servers of the defense sector which encounters different web traffic compared to other sectors (such as e-commerce, web app, etc.). The result shows that by using a machine learning method, a higher accuracy rate, and a lower false alarm detection rate can be achieved.Keywords: anomaly detection, HTTP protocol, logs, cyber attack, deep learning
Procedia PDF Downloads 217252 Cyber Bullying, Online Risks and Parental Mediation: A Comparison between Adolescent Reports and Parent Perceptions in South Africa
Authors: Masa Popovac, Philip Fine
Abstract:
Information and Communication Technologies (ICTs) have altered our social environments, and young people in particular have immersed themselves in the digital age. Despite countless benefits, younger ICT users are being exposed to various online risks such as contact with strangers, viewing of risky content, sending or receiving sexually themed images or comments (i.e. ‘sexting’) as well as cyber bullying. Parents may not be fully aware of the online spaces their children inhabit and often struggle to implement effective mediation strategies. This quantitative study explored (i) three types of online risks (contact risks, content risks and conduct risks), (ii) cyber bullying victimization and perpetration, and (iii) parental mediation among a sample of 689 South African adolescents aged between 12-17 years. Survey data was also collected for 227 of their parents relating to their perceptions of their child’s online experiences. A comparison between adolescent behaviors and parental perceptions was examined on the three variables in the study. Findings reveal various online risk taking behaviors. In terms of contact risks, 56% of adolescents reported having contact with at least one online stranger, with many meeting these strangers in person. Content risks included exposure to harmful information such as websites promoting extreme diets or self-harm as well as inappropriate content: 84% of adolescents had seen violent content and 75% had seen sexual content online. Almost 60% of adolescents engaged in conduct risks such as sexting. Eight online victimization behaviors were examined in the study and 79% of adolescents had at least one of these negative experiences, with a third (34%) defining this experience as cyber bullying. A strong connection between victimization and perpetration was found, with 63% of adolescents being both a victim and perpetrator. Very little parental mediation of ICT use was reported. Inferential statistics revealed that parents consistently underestimated their child’s online risk taking behaviors as well as their cyber bullying victimization and perpetration. Parents also overestimated mediation strategies in the home. The generational gap in the knowledge and use of ICTs is a barrier to effective parental mediation and online safety, since many negative online experiences by adolescents go undetected and can continue for extended periods of time thereby exacerbating the potential psychological and emotional distress. The study highlights the importance of including parents in online safety efforts.Keywords: cyber bullying, online risk behaviors, parental mediation, South Africa
Procedia PDF Downloads 485251 Security in Cyberspace: A Comprehensive Review of COVID-19 Continued Effects on Security Threats and Solutions in 2021 and the Trajectory of Cybersecurity Going into 2022
Authors: Mojtaba Fayaz, Richard Hallal
Abstract:
This study examines the various types of dangers that our virtual environment is vulnerable to, including how it can be attacked and how to avoid/secure our data. The terrain of cyberspace is never completely safe, and Covid- 19 has added to the confusion, necessitating daily periodic checks and evaluations. Cybercriminals have been able to enact with greater skill and undertake more conspicuous and sophisticated attacks while keeping a higher level of finesse by operating from home. Different types of cyberattacks, such as operation-based attacks, authentication-based attacks, and software-based attacks, are constantly evolving, but research suggests that software-based threats, such as Ransomware, are becoming more popular, with attacks expected to increase by 93 percent by 2020. The effectiveness of cyber frameworks has shifted dramatically as the pandemic has forced work and private life to become intertwined, destabilising security overall and creating a new front of cyber protection for security analysis and personal. The high-rise formats in which cybercrimes are carried out, as well as the types of cybercrimes that exist, such as phishing, identity theft, malware, and DDoS attacks, have created a new front of cyber protection for security analysis and personal safety. The overall strategy for 2022 will be the introduction of frameworks that address many of the issues associated with offsite working, as well as education that provides better information about commercialised software that does not provide the highest level of security for home users, allowing businesses to plan better security around their systems.Keywords: cyber security, authentication, software, hardware, malware, COVID-19, threat actors, awareness, home users, confidentiality, integrity, availability, attacks
Procedia PDF Downloads 123250 Developing a Secure Iris Recognition System by Using Advance Convolutional Neural Network
Authors: Kamyar Fakhr, Roozbeh Salmani
Abstract:
Alphonse Bertillon developed the first biometric security system in the 1800s. Today, many governments and giant companies are considering or have procured biometrically enabled security schemes. Iris is a kaleidoscope of patterns and colors. Each individual holds a set of irises more unique than their thumbprint. Every single day, giant companies like Google and Apple are experimenting with reliable biometric systems. Now, after almost 200 years of improvements, face ID does not work with masks, it gives access to fake 3D images, and there is no global usage of biometric recognition systems as national identity (ID) card. The goal of this paper is to demonstrate the advantages of iris recognition overall biometric recognition systems. It make two extensions: first, we illustrate how a very large amount of internet fraud and cyber abuse is happening due to bugs in face recognition systems and in a very large dataset of 3.4M people; second, we discuss how establishing a secure global network of iris recognition devices connected to authoritative convolutional neural networks could be the safest solution to this dilemma. Another aim of this study is to provide a system that will prevent system infiltration caused by cyber-attacks and will block all wireframes to the data until the main user ceases the procedure.Keywords: biometric system, convolutional neural network, cyber-attack, secure
Procedia PDF Downloads 226249 Intervening into the World of a Cyber-Bully
Authors: Aanshika Puri, Sakshi Mehrotra
Abstract:
Technology has always been a double edged sword. The constant rut of updating oneself to a better and newer version is the new norm. ‘Being Online’ is the latest addition to one’s everyday routine. Availability of various social online platforms being served on a platter topped with easy and cheap access to the internet makes it simple and doable for people of all social backgrounds. Interestingly, in India, a recent development is the line of demarcation between people from varied backgrounds, doing the vanishing act. One finds everybody on at least one, if not more, social platforms in a desire to stay connected. For instance, this ranges from sending a ‘WhatsApp’ message to a vegetable vendor for ordering your daily needs to vendors and small entrepreneurs. Even a rickshaw puller now has access to a mobile phone, an internet connection and apps/ platforms to stay connected. Recent observations show the extent to which everyone is hooked on to their mobile phones/ tabs/ laptops/ etc. Young mothers use them to distract their children and keep them busy while they finish the task at hand. Exposure to this part of the technology at such a tender age requires responsible and careful handling. Talking of adolescents, their self- image depends on their online social image to a large extent. There is a desire to be liked and accepted by the peer group at all times. Cyber-bullying is a by-product of the 24/7 availability of these resources. There is enough research-based evidence to prove the psychosocial and emotional impact on the development and well-being of the victim. The present paper attempts to understand the dynamics of cyber bullying vis-à-vis the developmental and mental health issues faced by the bully.Keywords: Developmental Psychology, Empathy & Resilience Based Interventions, Mental Well-Being of Cyber Bully, Positive Psychology
Procedia PDF Downloads 256248 Computer Fraud from the Perspective of Iran's Law and International Documents
Authors: Babak Pourghahramani
Abstract:
One of the modern crimes against property and ownership in the cyber-space is the computer fraud. Despite being modern, the aforementioned crime has its roots in the principles of religious jurisprudence. In some cases, this crime is compatible with the traditional regulations and that is when the computer is considered as a crime commitment device and also some computer frauds that take place in the context of electronic exchanges are considered as crime based on the E-commerce Law (approved in 2003) but the aforementioned regulations are flawed and until recent years there was no comprehensive law in this regard; yet after some years the Computer Crime Act was approved in 2009/26/5 and partly solved the problem of legal vacuum. The present study intends to investigate the computer fraud according to Iran's Computer Crime Act and by taking into consideration the international documents.Keywords: fraud, cyber fraud, computer fraud, classic fraud, computer crime
Procedia PDF Downloads 336247 Multi-Level Clustering Based Congestion Control Protocol for Cyber Physical Systems
Authors: Manpreet Kaur, Amita Rani, Sanjay Kumar
Abstract:
The Internet of Things (IoT), a cyber-physical paradigm, allows a large number of devices to connect and send the sensory data in the network simultaneously. This tremendous amount of data generated leads to very high network load consequently resulting in network congestion. It further amounts to frequent loss of useful information and depletion of significant amount of nodes’ energy. Therefore, there is a need to control congestion in IoT so as to prolong network lifetime and improve the quality of service (QoS). Hence, we propose a two-level clustering based routing algorithm considering congestion score and packet priority metrics that focus on minimizing the network congestion. In the proposed Priority based Congestion Control (PBCC) protocol the sensor nodes in IoT network form clusters that reduces the amount of traffic and the nodes are prioritized to emphasize important data. Simultaneously, a congestion score determines the occurrence of congestion at a particular node. The proposed protocol outperforms the existing Packet Discard Network Clustering (PDNC) protocol in terms of buffer size, packet transmission range, network region and number of nodes, under various simulation scenarios.Keywords: internet of things, cyber-physical systems, congestion control, priority, transmission rate
Procedia PDF Downloads 311246 Regulatory and Economic Challenges of AI Integration in Cyber Insurance
Authors: Shreyas Kumar, Mili Shangari
Abstract:
Integrating artificial intelligence (AI) in the cyber insurance sector represents a significant advancement, offering the potential to revolutionize risk assessment, fraud detection, and claims processing. However, this integration introduces a range of regulatory and economic challenges that must be addressed to ensure responsible and effective deployment of AI technologies. This paper examines the multifaceted regulatory landscape governing AI in cyber insurance and explores the economic implications of compliance, innovation, and market dynamics. AI's capabilities in processing vast amounts of data and identifying patterns make it an invaluable tool for insurers in managing cyber risks. Yet, the application of AI in this domain is subject to stringent regulatory scrutiny aimed at safeguarding data privacy, ensuring algorithmic transparency, and preventing biases. Regulatory bodies, such as the European Union with its General Data Protection Regulation (GDPR), mandate strict compliance requirements that can significantly impact the deployment of AI systems. These regulations necessitate robust data protection measures, ethical AI practices, and clear accountability frameworks, all of which entail substantial compliance costs for insurers. The economic implications of these regulatory requirements are profound. Insurers must invest heavily in upgrading their IT infrastructure, implementing robust data governance frameworks, and training personnel to handle AI systems ethically and effectively. These investments, while essential for regulatory compliance, can strain financial resources, particularly for smaller insurers, potentially leading to market consolidation. Furthermore, the cost of regulatory compliance can translate into higher premiums for policyholders, affecting the overall affordability and accessibility of cyber insurance. Despite these challenges, the potential economic benefits of AI integration in cyber insurance are significant. AI-enhanced risk assessment models can provide more accurate pricing, reduce the incidence of fraudulent claims, and expedite claims processing, leading to overall cost savings and increased efficiency. These efficiencies can improve the competitiveness of insurers and drive innovation in product offerings. However, balancing these benefits with regulatory compliance is crucial to avoid legal penalties and reputational damage. The paper also explores the potential risks associated with AI integration, such as algorithmic biases that could lead to unfair discrimination in policy underwriting and claims adjudication. Regulatory frameworks need to evolve to address these issues, promoting fairness and transparency in AI applications. Policymakers play a critical role in creating a balanced regulatory environment that fosters innovation while protecting consumer rights and ensuring market stability. In conclusion, the integration of AI in cyber insurance presents both regulatory and economic challenges that require a coordinated approach involving regulators, insurers, and other stakeholders. By navigating these challenges effectively, the industry can harness the transformative potential of AI, driving advancements in risk management and enhancing the resilience of the cyber insurance market. This paper provides insights and recommendations for policymakers and industry leaders to achieve a balanced and sustainable integration of AI technologies in cyber insurance.Keywords: artificial intelligence (AI), cyber insurance, regulatory compliance, economic impact, risk assessment, fraud detection, cyber liability insurance, risk management, ransomware
Procedia PDF Downloads 37245 Beyond Black Friday: The Value of Collaborative Research on Seasonal Shopping Events and Behavior
Authors: Jasmin H. Kwon , Thomas M. Brinthaupt
Abstract:
There is a general lack of consumer behavior research on seasonal shopping events. Studying these kinds of events is interesting and important for several reasons. First, global shopping opportunities have implications for cross-cultural shopping events and effects on seasonal events in other countries. Second, seasonal shopping events are subject to economic conditions and may wane in popularity, especially with e-commerce options. Third, retailers can expand the success of their seasonal shopping events by taking advantage of cross-cultural opportunities. Fourth, it is interesting to consider how consumers from other countries might take advantage of different countries’ seasonal shopping events. Many countries have seasonal shopping events such as Black Friday. Research on these kinds of events can lead to the identification of cross-cultural similarities and differences in consumer behavior. We compared shopping motivations of college students who did (n=36) and did not (n=81) shop on Cyber Monday. The results showed that the groups did not differ significantly on any of the shopping motivation subscales. The Cyber Monday shoppers reported being significantly more likely to agree than disagree that their online shopping experience was enjoyable and exciting. They were more likely to disagree than agree that their experience was overwhelming. In addition, they agreed that they shopped only for deals, purchased the exact items they wanted, and thought that their efforts were worth it. Finally, they intended to shop again at next year’s Cyber Monday. It appears that there are many positive aspects to online seasonal shopping, independent of one’s typical shopping motivations. Different countries have seasonal events similar to the Black Friday and Cyber Monday shopping holiday (e.g., Boxing Day, Fukubukuro, China’s Singles Day). In Korea, there is increasing interest in taking advantage of U.S. Black Friday and Cyber Monday opportunities. Government officials are interested in adapting the U.S. holiday to Korean retailers, essentially recreating the Black Friday/Cyber Monday holiday there. Similarly, the Japanese Fukubukuro ('Lucky Bag') holiday is being adapted by other countries such as Korea and the U.S. International shipping support companies are also emerging that help customers to identify and receive products from other countries. U.S. department stores also provide free shipping on international orders for certain items. As these structural changes are occurring and new options for global shopping emerge, the need to understand the role of shoppers’ motivations becomes even more important. For example, the Cyber Monday results are particularly relevant to the new landscape with e-commerce and cross-cultural opportunities, since many of these events involve e-commerce. Within today’s global market, physical location of a retail store is no longer a limitation to growing one’s market share. From a consumer perspective, it is important to investigate how shopping motivations are related to e-commerce seasonal events. From a retail perspective, understanding the shopping motivations of international customers would help retailers to expand and better tailor their seasonal shopping events beyond the boundaries of their own countries. From a collaborative perspective, research on this topic can include interdisciplinary researchers, including those from fashion merchandising, marketing, retailing, and psychology.Keywords: Black Friday, cross-cultural research, Cyber Monday, seasonal shopping behavior
Procedia PDF Downloads 401244 Commentary on Successful and Emerging Bullying Control Programs: A Comparison between Eighteen Bullying Interventions Applied Worldwide
Authors: Sohni Siddiqui, Anja Schultze-Krumbholz
Abstract:
Our lives now revolve more around online-related tasks, as the internet has become a necessity. One of the disturbance concerns with high internet usage is the multiplication of cyber-associated risky behaviors such as cyber aggression and/or cyberbullying. Cyber Bullying is an emerging issue that needs immediate attention from many stakeholders such as parents, doctors, school administrators, policymakers, researchers, and others, especially in the COVID-19 pandemic when online learning has been adopted as an instructional strategy, and there is a continuous rise in cyberbullying cases. The aim of the article is to review existing successful and emerging interventions designed to control bullying and cyberbullying by engaging individuals through teachers’ professional development and adopting a whole-school approach. The study identified the strengths and limitations of the programs and suggested improvements to existing interventions. Preparing interventions with a strong theoretical framework, integrating applications of emerging theories in interventions, promoting proactive and reactive strategies in combination, beginning with the baseline needs assessment surveys, reducing digital time and digital divide among parents and children, promoting the concept of lead trainer, peer trainer, and hot spots, focusing on physical activities, use of landmarks are some of the recommendations proposed by authors. In addition to face-to-face intervention, the researchers recommend updating and improving previous intervention programs with games and apps. Especially in the time of pandemic crises, when face-to-face interactions are limited and cyberbullying is triggered, the use of apps, web-based interventions, and games can be an effective way to control electronic perpetration and victimization.Keywords: anti bullying programs, cyber bullying, individualized trainings, teachers’ professional development, whole school interventions
Procedia PDF Downloads 157243 Cyber Security in Nigeria: A Collaboration between Communities and Professionals
Authors: Alese Boniface K., Adu Michael K., Owa Victor K.
Abstract:
Security can be defined as the degree of resistance to, or protection from harm. It applies to any vulnerable and valuable assets, such as persons, dwellings, communities, nations or organizations. Cybercrime is any crime committed or facilitated via the Internet. It is any criminal activity involving computers and networks. It can range from fraud to unsolicited emails (spam). It includes the distant theft of government or corporate secrets through criminal trespass into remote systems around the globe. Nigeria like any other nations of the world is currently having their own share of the menace that has been used even as tools by terrorists. This paper is an attempt at presenting cyber security as an issue that requires a coordinated national response. It also acknowledges and advocates the key roles to be played by stakeholders and the importance of forging strong partnerships to prevent and tackle cybercrime in Nigeria.Keywords: security, cybercrime, internet, government, stakeholders, partnerships
Procedia PDF Downloads 545242 Increasing the Resilience of Cyber Physical Systems in Smart Grid Environments using Dynamic Cells
Authors: Andrea Tundis, Carlos García Cordero, Rolf Egert, Alfredo Garro, Max Mühlhäuser
Abstract:
Resilience is an important system property that relies on the ability of a system to automatically recover from a degraded state so as to continue providing its services. Resilient systems have the means of detecting faults and failures with the added capability of automatically restoring their normal operations. Mastering resilience in the domain of Cyber-Physical Systems is challenging due to the interdependence of hybrid hardware and software components, along with physical limitations, laws, regulations and standards, among others. In order to overcome these challenges, this paper presents a modeling approach, based on the concept of Dynamic Cells, tailored to the management of Smart Grids. Additionally, a heuristic algorithm that works on top of the proposed modeling approach, to find resilient configurations, has been defined and implemented. More specifically, the model supports a flexible representation of Smart Grids and the algorithm is able to manage, at different abstraction levels, the resource consumption of individual grid elements on the presence of failures and faults. Finally, the proposal is evaluated in a test scenario where the effectiveness of such approach, when dealing with complex scenarios where adequate solutions are difficult to find, is shown.Keywords: cyber-physical systems, energy management, optimization, smart grids, self-healing, resilience, security
Procedia PDF Downloads 331241 Substation Automation, Digitization, Cyber Risk and Chain Risk Management Reliability
Authors: Serzhan Ashirov, Dana Nour, Rafat Rob, Khaled Alotaibi
Abstract:
There has been a fast growth in the introduction and use of communications, information, monitoring, and sensing technologies. The new technologies are making their way to the Industrial Control Systems as embedded in products, software applications, IT services, or commissioned to enable integration and automation of increasingly global supply chains. As a result, the lines that separated the physical, digital, and cyber world have diminished due to the vast implementation of the new, disruptive digital technologies. The variety and increased use of these technologies introduce many cybersecurity risks affecting cyber-resilience of the supply chain, both in terms of the product or service delivered to a customer and members of the supply chain operation. US department of energy considers supply chain in the IR4 space to be the weakest link in cybersecurity. The IR4 identified the digitization of the field devices, followed by digitalization that eventually moved through the digital transformation space with little care for the new introduced cybersecurity risks. This paper will examine the best methodologies for securing the electrical substations from cybersecurity attacks due to supply chain risks, and due to digitization effort. SCADA systems are the most vulnerable part of the power system infrastructure due to digitization and due to the weakness and vulnerabilities in the supply chain security. The paper will discuss in details how create a secure supply chain methodology, secure substations, and mitigate the risks due to digitizationKeywords: cybersecurity, supply chain methodology, secure substation, digitization
Procedia PDF Downloads 67240 Simulation of Cybersecurity Attacks and Detection Using Machine Learning Techniques with Virtual Local Area Networks Integration
Authors: Sankenth Jalwad, Satyam, Suteerth Kalkeri, Vidula L. S., Geetha Dayalan
Abstract:
In today’s cyber landscape, threats are emerging every single day; they are much more advanced and dynamic than in the past within this cyber landscape. This project focuses on Virtual Local Area Networks or VLANs. VLANs provide the compartmentalization of sensitive information and optimal management of traffic but introduce specific vulnerabilities. Attackers also target VLAN configurations for exploitation of some security holes, such as VLAN hopping. The aim is to deal with such security requirements by developing a machine learning-based IDS for the VLAN environment that identifies in real time the patterns and anomalies signifying possible attacks. Apart from the IDS, it also looks at the generation of cyberattack datasets specific to VLANs with the help of Wireshark that will help train the ML model.Keywords: cybersecurity, machine learning, VLAN networks, DTP, STP
Procedia PDF Downloads 12239 Journey to Cybercrime and Crime Opportunity: Quantitative Analysis of Cyber Offender Spatial Decision Making
Authors: Sinchul Back, Sun Ho Kim, Jennifer LaPrade, Ilju Seong
Abstract:
Due to the advantage of using the Internet, cybercriminals can reach target(s) without border controls. Prior research on criminology and crime science has largely been void of empirical studies on journey-to-cybercrime and crime opportunity. Thus, the purpose of this study is to understand more about cyber offender spatial decision making associated with crime opportunity factors (i.e., co-offending, offender-stranger). Data utilized in this study were derived from 306 U.S. Federal court cases of cybercrime. The findings of this study indicated that there was a positive relationship between co-offending and journey-to-cybercrime, whereas there was no link between offender-stranger and journey-to-cybercrime. Also, the results showed that there was no relationship between cybercriminal sex, age, and journey-to-cybercrime. The policy implications and limitations of this study are discussed.Keywords: co-offending, crime opportunity, journey-to-cybercrime, offender-stranger
Procedia PDF Downloads 184238 ANOVA-Based Feature Selection and Machine Learning System for IoT Anomaly Detection
Authors: Muhammad Ali
Abstract:
Cyber-attacks and anomaly detection on the Internet of Things (IoT) infrastructure is emerging concern in the domain of data-driven intrusion. Rapidly increasing IoT risk is now making headlines around the world. denial of service, malicious control, data type probing, malicious operation, DDos, scan, spying, and wrong setup are attacks and anomalies that can affect an IoT system failure. Everyone talks about cyber security, connectivity, smart devices, and real-time data extraction. IoT devices expose a wide variety of new cyber security attack vectors in network traffic. For further than IoT development, and mainly for smart and IoT applications, there is a necessity for intelligent processing and analysis of data. So, our approach is too secure. We train several machine learning models that have been compared to accurately predicting attacks and anomalies on IoT systems, considering IoT applications, with ANOVA-based feature selection with fewer prediction models to evaluate network traffic to help prevent IoT devices. The machine learning (ML) algorithms that have been used here are KNN, SVM, NB, D.T., and R.F., with the most satisfactory test accuracy with fast detection. The evaluation of ML metrics includes precision, recall, F1 score, FPR, NPV, G.M., MCC, and AUC & ROC. The Random Forest algorithm achieved the best results with less prediction time, with an accuracy of 99.98%.Keywords: machine learning, analysis of variance, Internet of Thing, network security, intrusion detection
Procedia PDF Downloads 130237 Refuge(e)s in Digital Diaspora: Reimagining and Reimaging ‘Ethnically Cleansed’ Villages as ‘Cyber Villages’
Authors: Hariz Halilovich
Abstract:
Based on conventional and digital ethnography, this paper discusses the ways Bosnian refugees utilise digital technologies and new media to recreate, synchronise and sustain their identities and memories in the aftermath of ‘ethnic cleansing’ and genocide and in the contexts of their new emplacements and home-making practices in diaspora. In addition to discussing representations of displacement and emplacement in the ‘digital age’, the paper also aims to make a contribution to the understanding and application of digital ethnography as an emerging method of inquiry in anthropology and related social science disciplines. While some researchers see digital ethnography as an exclusively online–based research, the author of this paper argues that it is critical to understand the online world in the context of the real world—made of real people, places, and social relations.Keywords: Bosnia, cyber villages, digital diaspora, refugees
Procedia PDF Downloads 244236 Adaptive Data Approximations Codec (ADAC) for AI/ML-based Cyber-Physical Systems
Authors: Yong-Kyu Jung
Abstract:
The fast growth in information technology has led to de-mands to access/process data. CPSs heavily depend on the time of hardware/software operations and communication over the network (i.e., real-time/parallel operations in CPSs (e.g., autonomous vehicles). Since data processing is an im-portant means to overcome the issue confronting data management, reducing the gap between the technological-growth and the data-complexity and channel-bandwidth. An adaptive perpetual data approximation method is intro-duced to manage the actual entropy of the digital spectrum. An ADAC implemented as an accelerator and/or apps for servers/smart-connected devices adaptively rescales digital contents (avg.62.8%), data processing/access time/energy, encryption/decryption overheads in AI/ML applications (facial ID/recognition).Keywords: adaptive codec, AI, ML, HPC, cyber-physical, cybersecurity
Procedia PDF Downloads 81235 Approaches to Ethical Hacking: A Conceptual Framework for Research
Authors: Lauren Provost
Abstract:
The digital world remains increasingly vulnerable, making the development of effective cybersecurity approaches even more critical in supporting the success of the digital economy and national security. Although approaches to cybersecurity have shifted and improved in the last decade with new models, especially with cloud computing and mobility, a record number of high severity vulnerabilities were recorded in the National Institute of Standards and Technology (NIST), and its National Vulnerability Database (NVD) in 2020. This is due, in part, to the increasing complexity of cyber ecosystems. Security must be approached with a more comprehensive, multi-tool strategy that addresses the complexity of cyber ecosystems, including the human factor. Ethical hacking has emerged as such an approach: a more effective, multi-strategy, comprehensive approach to cyber security's most pressing needs, especially understanding the human factor. Research on ethical hacking, however, is limited in scope. The two main objectives of this work are to (1) provide highlights of case studies in ethical hacking, (2) provide a conceptual framework for research in ethical hacking that embraces and addresses both technical and nontechnical security measures. Recommendations include an improved conceptual framework for research centered on ethical hacking that addresses many factors and attributes of significant attacks that threaten computer security; a more robust, integrative multi-layered framework embracing the complexity of cybersecurity ecosystems.Keywords: ethical hacking, literature review, penetration testing, social engineering
Procedia PDF Downloads 224