Search results for: cyber risk assessment

Authors: Adnan Baig, Ishteeaq Naeem, Saad Mansoor

Abstract:

The Internet of Things (IoT) gadgets have advanced quickly in recent years, and their use is steadily rising daily. However, cyber-attackers can target these gadgets due to their distributed nature. Additionally, many IoT devices have significant security flaws in their implementation and design, making them vulnerable to security threats. Hence, these threats can cause important data security and privacy loss from a single attack on network devices or systems. Botnets are a significant security risk that can harm the IoT network; hence, sophisticated techniques are required to mitigate the risk. This work uses a machine learning-based method to identify IoT orchestrated by botnets. The proposed technique identifies the net attack by distinguishing between legitimate and malicious traffic. This article proposes a hyperparameter tuning model to improvise the method to improve the accuracy of existing processes. The results demonstrated an improved and more accurate indication of botnet-based cyber-attacks.

Keywords: Internet of Things, Botnet, BoT-IoT dataset, ML techniques

Procedia PDF Downloads 11

Authors: Shireen Simon

Abstract:

Cyberbullying among schoolchildren and teenagers became a hot issue discussed by Malaysian society. Cyberbullying is a new age of bullying because it uses the modern digital technology intentionally to hurt and degrade someone in the cyber world. Cyberbullying is a problem affecting many teenagers as they embrace online communication and interaction whereby virtual world with no borders. By adopting a qualitative approach, this study has captured 8 cyberbullied victims’ school experience. Even years after leaving school, these 8 cyberbullied victims remember how it feels to be bullied in the cyber world. The principal investigator also tries to identify the possibility factors that contribute to cyberbullying among these 8 victims. The result shows that these victims were bullied differently in cyber world. This study not just primarily focuses on cyberbullying issues among schoolchildren and teenagers; it also addresses the motives and causes of cyberbullying. Lastly, this article will be served as guidance for school teachers, parents and teenagers to prepare to tackle cyberbullying together. Cyberbullying is no laughing matter in our community, and it is time to spread the seeds of peace inspires others to do the same.

Keywords: cyberbullying, cyber victimization, internet, school experience, teenagers

Procedia PDF Downloads 287

Authors: Qisheng Hu, Jianglei Han, Yue Yang, My Hoa Ha

Abstract:

When a company is considering purchasing software for commercial use, contract risk assessment is critical to identify risks to mitigate the potential adverse business impact, e.g., security, financial and regulatory risks. Contract risk assessment requires reviewers with specialized knowledge and time to evaluate the legal documents manually. Specifically, validating contracts for a software vendor requires the following steps: manual screening, interpreting legal documents, and extracting risk-prone segments. To automate the process, we proposed a framework to assist legal contract document risk identification, leveraging pre-trained deep learning models and natural language processing techniques. Given a set of pre-defined risk evaluation problems, our framework utilizes the pre-trained transformer-based models for question-answering to identify risk-prone sections in a contract. Furthermore, the question-answering model encodes the concatenated question-contract text and predicts the start and end position for clause extraction. Due to the limited labelled dataset for training, we leveraged transfer learning by fine-tuning the models with the CUAD dataset to enhance the model. On a dataset comprising 287 contract documents and 2000 labelled samples, our best model achieved an F1 score of 0.687.

Keywords: contract risk assessment, NLP, transfer learning, question answering

Procedia PDF Downloads 129

Authors: Gabriela Wasileski, Debra L. Stanley

Abstract:

Maryland efforts to decrease the juvenile criminality and recidivism shifts towards evidence based sentencing. While in theory the evidence based sentencing has an impact on the reduction of juvenile delinquency and drug abuse; the assessment of juveniles’ risk and needs usually lacks crucial information about juvenile’s prior victimization. The Maryland Comprehensive Assessment and Service Planning (MCASP) Initiative is the primary tool for developing and delivering a treatment service plan for juveniles at risk. Even though it consists of evidence-based screening and assessment instruments very little is currently known regarding the effectiveness and the impact of the assessment in general. In keeping with Maryland’s priority to develop successful evidence-based recidivism reduction programs, this study examined results of assessments based on MCASP using a representative sample of the juveniles at risk and their assessment results. Specifically, it examined: (1) the results of the assessments in an electronic database (2) areas of need that are more frequent among delinquent youth in a system/agency, (3) the overall progress of youth in an agency’s care (4) the impact of child victimization and trauma experiences reported in the assessment. The project will identify challenges regarding the use of MCASP in Maryland, and will provide a knowledge base to support future research and practices.

Keywords: Juvenile Justice, assessment of risk and need, victimization and crime, recidivism

Procedia PDF Downloads 318

Authors: Mohamed Fadzlee Sulaiman, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin

Abstract:

Each individual organization has their own mechanism to build up cyber defense capability in protecting their information infrastructures from data breaches and cyber espionage. But, we can not deny the possibility of failing to detect and stop cyber attacks especially for those targeting credential information and intellectual property (IP). In this paper, we would like to share the modern approach of effective digital forensic methodology in order to identify the artifacts in tracing the trails of evidence while mitigating the infection from the target machine/s. This proposed approach will suit the digital forensic investigation to be conducted while resuming the business critical operation after mitigating the infection and minimizing the risk from the identified attack to transpire. Therefore, traditional digital forensics methodology has to be improvised to be proactive which not only focusing to discover the root caused and the threat actor but to develop the relevant mitigation plan in order to prevent from the same attack.

Keywords: digital forensic, detection, eradication, targeted attack, malware

Procedia PDF Downloads 275

Authors: Grace karimi Muriithi, Behnaz Papari, Ali Arsalan, Christopher Shannon Edrington

Abstract:

Complexity and nonlinearity of the control system design is increasing for DC microgrid applications when the cyber concept associated with the technology constraints will added to the picture. Controllers’ functionality during the critical operation mode is required to guaranteed specifically for a high profile applications such as NAVY DC ship power system (SPS) as an small-scaled DC microgrid. Thus, SPS is susceptible to cyber-attacks and, accordingly, can provide the disastrous effects. In this study, a machine learning (ML) approach is demonstrated to offer the promising performance of SPS for developing an effective and robust functionality over attacks time. Simulation results analysis demonstrate that the proposed method can improve the controllability successfully.

Keywords: controlability, cyber attacks, distribute control, machine learning

Procedia PDF Downloads 114

Authors: Jongsung Kim, Daegun Han, Myungjin Lee, Soojun Kim, Hung Soo Kim

Abstract:

Recently, the frequency and magnitude of natural disasters are gradually increasing due to climate change. Especially in Korea, large-scale damage caused by heavy rainfall frequently occurs due to rapid urbanization. Therefore, this study proposed a Heavy rain Damage Risk Index (HDRI) using PSR (Pressure – State - Response) structure for heavy rain risk assessment. We constructed pressure index, state index, and response index for the risk assessment of each local government in Gyeonggi-do province, and the evaluation indices were determined by principal component analysis. The indices were standardized using the Z-score method then HDRIs were obtained for 31 local governments in the province. The HDRI is categorized into three classes, say, the safest class is 1st class. As the results, the local governments of the 1st class were 15, 2nd class 7, and 3rd class 9. From the study, we were able to identify the risk class due to the heavy rainfall for each local government. It will be useful to develop the heavy rainfall prediction function by risk class, and this was performed in this issue. Also, this risk class could be used for the decision making for efficient disaster management. Acknowledgements: This research was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Science, ICT & Future Planning (2017R1A2B3005695).

Keywords: natural disaster, heavy rain risk assessment, HDRI, PSR

Procedia PDF Downloads 199

Authors: Jessemyn Modiini, Timothy Lynar, Elena Sitnikova

Abstract:

We present a novel enhanced compartmental model for malware spread analysis in cyber security. This paper applies cyber security data features to epidemiological compartmental models to model the infectious potential of malware. Compartmental models are most efficient for calculating the infectious potential of a disease. In this paper, we discuss and profile epidemiologically relevant data features from a Domain Name System (DNS) dataset. We then apply these features to epidemiological compartmental models to network traffic features. This paper demonstrates how epidemiological principles can be applied to the novel analysis of key cybersecurity behaviours and trends and provides insight into threat modelling above that of kill-chain analysis. In applying deterministic compartmental models to a cyber security use case, the authors analyse the deficiencies and provide an enhanced stochastic model for cyber epidemiology. This enhanced compartmental model (SUEICRN model) is contrasted with the traditional SEIR model to demonstrate its efficacy.

Keywords: cybersecurity, epidemiology, cyber epidemiology, malware

Procedia PDF Downloads 107

Authors: Hyeon-Kyo Lim, Hyunjung Kim, Kune-Woo Lee

Abstract:

Decommissioning process of nuclear facilities can be said to consist of a sequence of problem solving activities, partly because there may exist working environments contaminated by radiological exposure, and partly because there may also exist industrial hazards such as fire, explosions, toxic materials, and electrical and physical hazards. As for an individual hazard factor, risk assessment techniques are getting known to industrial workers with advance of safety technology, but the way how to integrate those results is not. Furthermore, there are few workers who experienced decommissioning operations a lot in the past. Therefore, not a few countries in the world have been trying to develop appropriate counter techniques in order to guarantee safety and efficiency of the process. In spite of that, there still exists neither domestic nor international standard since nuclear facilities are too diverse and unique. In the consequence, it is quite inevitable to imagine and assess the whole risk in the situation anticipated one by one. This paper aimed to find out an appropriate technique to integrate individual risk assessment results from the viewpoint of experts. Thus, on one hand the whole risk assessment activity for decommissioning operations was modeled as a sequence of individual risk assessment steps, and on the other, a hierarchical risk structure was developed. Then, risk assessment procedure that can elicit individual hazard factors one by one were introduced with reference to the standard operation procedure (SOP) and hierarchical task analysis (HTA). With an assumption of quantification and normalization of individual risks, a technique to estimate relative weight factors was tried by using the conventional Analytic Hierarchical Process (AHP) and its result was reviewed with reference to judgment of experts. Besides, taking the ambiguity of human judgment into consideration, debates based upon fuzzy inference was added with a mathematical case study.

Keywords: decommissioning, risk assessment, analytic hierarchical process (AHP), fuzzy inference

Procedia PDF Downloads 424

Authors: Nuruddeen Usman, Usman Mohammed Gidado, Muhammad Ahmad Ibrahim

Abstract:

Construction industry is one of the sectors that are eyeing adoption of ICT for its development due to the advancement in technology. Though, many manufacturing sectors had been using it, but construction industry was left behind, especially in the developing nation like Nigeria. On account of that, the objective of this study is to conceptually and quantitatively synthesise whether the slow adoption of ICT by the construction industries can be attributable to cybercrime threats. The result of the investigation found that, the risk of cybercrime, and lack of adequate cyber security policies that can enforce and punish defaulters are among the things that hinder ICT adoption of the Nigerian construction industries. Therefore, there is need for the nations to educate their citizens on cybercrime risk, and to establish cybercrime police units that can be monitoring and controlling all online communications.

Keywords: construction industry, cybercrime, information and communication technology adoption, risk

Procedia PDF Downloads 509

Authors: Amirhossein Karamoozian, Desheng Wu, Behzad Abbasnejad

Abstract:

Building information modelling (BIM) is a new technology to enhance the efficiency of project management in the construction industry. In addition to the potential benefits of this useful technology, there are various risks and obstacles to applying it in construction projects. In this study, a decision making approach is presented for risk assessment in BIM adoption in construction projects. Various risk factors of exerting BIM during different phases of the project lifecycle are identified with the help of Delphi method, experts’ opinions and related literature. Afterward, Shannon’s entropy and Fuzzy TOPSIS (Technique for Order Preference by Similarity to Ideal Situation) are applied to derive priorities of the identified risk factors. Results indicated that lack of knowledge between professional engineers about workflows in BIM and conflict of opinions between different stakeholders are the risk factors with the highest priority.

Keywords: risk, BIM, fuzzy TOPSIS, construction projects

Procedia PDF Downloads 229

Authors: Shubhakar K., Nachamma S., Judy T., Jacob S. C., Melvin Lee, Kenneth Lo

Abstract:

In recent years, technological advancements have ushered in a new era of education characterized by the integration of technology-enabled devices and online tools. The cyber-physical learning environment (CPLE) is a prime example of this evolution, merging remote cyber participants with in-class learners through immersive technology, interactive digital whiteboards, and online communication platforms like Zoom and MS Teams. This approach transforms the teaching and learning experience into a more seamless, immersive, and inclusive one. This paper outlines the design principles and key features of CPLE that support both teaching and group-based activities. We also explore the key characteristics and potential impact of such environments on educational practices. By analyzing user feedback, we evaluate how technology enhances teaching and learning in a cyber-physical setting, its impact on learning outcomes, user-friendliness, and areas for further enhancement to optimize the teaching and learning environment.

Keywords: cyber-physical class, hybrid teaching, online learning, remote learning, technology enabled learning

Procedia PDF Downloads 37

Authors: Lagnajeet Mohanty, Mohnish Mishra, Pratham Tapdiya, Himanshu Sekhar Nayak, Swetapadma Singh

Abstract:

In the era of global interconnectedness, effective risk assessment and management are critical for organizational resilience. This review explores the integration of machine learning (ML) into risk processes, examining its transformative potential and the challenges it presents. The literature reveals ML's success in sectors like consumer credit, demonstrating enhanced predictive accuracy, adaptability, and potential cost savings. However, ethical considerations, interpretability issues, and the demand for skilled practitioners pose limitations. Looking forward, the study identifies future research scopes, including refining ethical frameworks, advancing interpretability techniques, and fostering interdisciplinary collaborations. The synthesis of limitations and future directions highlights the dynamic landscape of ML in risk management, urging stakeholders to navigate challenges innovatively. This abstract encapsulates the evolving discourse on ML's role in shaping proactive and effective risk management strategies in our interconnected and unpredictable global landscape.

Keywords: machine learning, risk assessment, ethical considerations, financial inclusion

Procedia PDF Downloads 72

Authors: Jong-Hyo Park, Eunyoung Choi, Jae-Yeon Lim, Seon-Suk Lee, Yeong-Rong Koo, Ji-Ung Kwon, Kyung-Sung Kim, Jong-Ik Lee, Juhan Park, Hyun-Kyu Lee, Won-Kyoung Oh, Jisang Lee, Jiwon Choe

Abstract:

Due to COVID-19, cyber violence among youths has soared as they spend more time online than before. In contrast to the deepening concerns, measurement tools that can assess the vulnerability of cyber violence in individual youths still need to be supplemented. The measurement tools lack consideration of various factors related to cyber violence among youths. Most of the tools are self-report questionnaires, and these adolescents' self-report questionnaire forms can underestimate the harmful behavior and overestimate the damage experience. Therefore, this study aims to develop a multi-report measurement tool for youths that can reliably measure individuals' ecological factors related to cyber violence. The literature review explored factors related to cyber violence, and the questions were constructed. The face validity of the questions was confirmed by conducting focus group interviews. Exploratory and confirmatory factor analyses (N=671) were also conducted for statistical validation. This study developed a multi-report measurement tool for cyber violence with 161 questions, consisting of six domains: online behavior, cyber violence awareness, victimization-perpetration-witness experience, coping efficacy (individuals, peers, teachers, and parents), psychological characteristics, and pro-social capabilities. In addition to self-report from a youth respondent, this measurement tool includes peers, teachers, and parents reporting for the respondent. It is possible to reliably measure the ecological factors of individual youths who are vulnerable or highly resistant to cyber violence. In schools, teachers could refer to the measurement results for guiding students, better understanding their cyber violence conditions, and assessing their pro-social capabilities. With the measurement results, teachers and police officers could detect perpetrators or victims and intervene immediately. In addition, this measurement tool could analyze the effects of the prevention and intervention programs for cyber violence and draw appropriate suggestions.

Keywords: adolescents, cyber violence, cyber violence measurement tool, measurement tool, multi-report measurement tool, youths

Procedia PDF Downloads 101

Authors: Cai Qianyi

Abstract:

In the midst of global digital revolution, the flow of data poses security threats that call China's existing legislative framework for protecting personal information into question. As a preliminary procedure for risk analysis and prevention, the risk assessment of personal data transmission lacks detailed guidelines for support. Existing provisions reveal unclear responsibilities for network operators and weakened rights for data subjects. Furthermore, the regulatory system's weak operability and a lack of industry self-regulation heighten data transmission hazards. This paper aims to compare the regulatory pathways for data information transmission risks between China and Europe from a legal framework and content perspective. It draws on the “Data Protection Impact Assessment Guidelines” to empower multiple stakeholders, including data processors, controllers, and subjects, while also defining obligations. In conclusion, this paper intends to solve China's digital security shortcomings by developing a more mature regulatory framework and industry self-regulation mechanisms, resulting in a win-win situation for personal data protection and the development of the digital economy.

Keywords: personal information data transmission, risk assessment, DPIA, internet service provider, personal information data transimission, risk assessment

Procedia PDF Downloads 60

Authors: Misha Teimouri

Abstract:

Our world has been transformed by the use of the internet and the constant flow of information. While this transmission has its benefits, it has also added significant challenges to family relations, primarily in the field of parenting and children's digital lives. Screens, speed, and connectedness are the words that characterize the lives of today's digital generation; it's as if the entire world is in their pockets at all times. Parents attempt to regulate and control their children's internet use in the hopes of maximizing the advantages and minimizing the disadvantages of their children's internet use; however, given that children spend more time online, particularly ever since the pandemic, children's cyber-aggression has become an issue for them. Children may externalize their behavior online, bully others, send anger/hatred/resist messages, share violent and bloody content, and engage in sexting. These types of online aggression make parenting more difficult, especially for digital immigrant parents compared to digital native parents. In response to these challenges, this study investigated the level of cyber aggression among children, as well as the effects of digi-parenting (active, monitoring, restrictive, and warm and supportive) on children's cyber-aggression (sexual, verbal, visual) as victims or aggressors. The study also determined whether there were any differences in parenting styles between digital natives (DN) and digital immigrants. In accordance with the study, boys and older children are more likely to engage in cyber aggression as aggressors, whereas girls and younger children are more likely to engage as victims. Warmth and supportive digiparenting have a greater impact on children's cyber-aggression (sexual, verbal, and visual) as victims or aggressors. This study also found that, when compared to DI parents, DN parents are more successful at digi-parenting and reducing their children's exposure to cyber-aggression.

Keywords: digi-parenting, cyber-aggression, digital natives, digital immigrants, children's cyber-aggression (sexual, verbal, visual)

Procedia PDF Downloads 51

Authors: Yunos Zahri, Ab Hamid R. Susanty, Ahmad Mustaffa

Abstract:

This paper explores the need for a national baseline study on understanding the level of cyber security situational awareness among primary and secondary school students in Malaysia. The online survey method was deployed to administer the data collection exercise. The target groups were divided into three categories: Group 1 (primary school aged 7-9 years old), Group 2 (primary school aged 10-12 years old), and Group 3 (secondary school aged 13-17 years old). A different questionnaire set was designed for each group. The survey topics/areas included Internet and digital citizenship knowledge. Respondents were randomly selected from rural and urban areas throughout all 14 states in Malaysia. A total of 9,158 respondents participated in the survey, with most states meeting the minimum sample size requirement to represent the country’s demographics. The findings and recommendations from this baseline study are fundamental to develop teaching modules required for children to understand the security risks and threats associated with the Internet throughout their years in school. Early exposure and education will help ensure healthy cyber habits among millennials in Malaysia.

Keywords: cyber security awareness, cyber security education, cyber security, school students

Procedia PDF Downloads 302

Authors: Bouba Oumarou Aboubakar, HongXia Li, Sardar Annes Farooq

Abstract:

The Belt and Road Initiative’s success strongly depends on the safety of all the million workers on construction projects sites. As the new BRI is directed toward Africa and meets a completely different culture from the Chinese project managers, maintaining low risk for workers risks shall be closely related to cultural sharing and mutual understanding. This is why this work introduces a cultural-wise safety management framework for Chinese Construction projects in Africa. The theoretical contribution of this paper is an improved risk assessment framework that integrates language, culture and difficulty of controlling risk factors into one approach. Practically, this study provides not only a useful tool for project safety management practitioners but the full understanding of all risks that may arise in the BRI projects in Africa.

Keywords: cultural-wise, safety culture, risk assessment, Chinese construction, BRI projects, Africa

Procedia PDF Downloads 107

Authors: Muhammad Wasif, Asif Ahmed Shaikh, Sarosh Hashmat Lodi, Muhammad Aslam Bhutto, Riazuddin

Abstract:

Risk Management System is quite popular in profit- based organizations, health and safety and project management fields since the last few decades. But due to rapidly changing environment and requirement of ISO 9001:2015 standards, public-sector institution, especially higher education institutes are also performing risk assessment to monitor the performance of the institution and aligning it with the latest benchmark. In this context, NED University of Engineering and Technology performed research and developed a Standard Operating Procedure (SOP) for the risk assessment, its monitoring and control. In this research, risks are broken into the four sources, namely; Internal Academics Risks, External Academics Risks, Internal Non-academic Risks, External Non-academic Risks. Risks are identified by the management at all levels. Severity and likelihood of the risks are assigned based on the previous audit results and the customer complains. Risk Ratings are calculated to orderly arrange the risk according to the Risk Rating, and controls for the risks are designed, which are assigned to the responsible person. At the end of the article, result and analysis on the different sources of risk are discussed in details and the conclusion is drawn. Discussion on few sample risks are presented in this article. Hence it is presented in the research that the Risk Management System can be applied in a Higher Education Institute to effectively control the risks which might affect the scope and Quality Management System of an organization.

Keywords: higher education, quality management system, risk assessment, risk management

Procedia PDF Downloads 310

Authors: Ines Gasmi, Salima Smiti, Makram Soui, Khaled Ghedira

Abstract:

Credit risk is considered as one of the important issues for financial institutions. It provokes great losses for banks. To this objective, numerous methods for credit risk evaluation have been proposed. Many evaluation methods are black box models that cannot adequately reveal information hidden in the data. However, several works have focused on building transparent rules-based models. For credit risk assessment, generated rules must be not only highly accurate, but also highly interpretable. In this paper, we aim to build both, an accurate and transparent credit risk evaluation model which proposes a set of classification rules. In fact, we consider the credit risk evaluation as an optimization problem which uses a genetic programming (GP) algorithm, where the goal is to maximize the accuracy of generated rules. We evaluate our proposed approach on the base of German and Australian credit datasets. We compared our finding with some existing works; the result shows that the proposed GP outperforms the other models.

Keywords: credit risk assessment, rule generation, genetic programming, feature selection

Procedia PDF Downloads 353

Authors: Prandesha Govender, Chris Cloete

Abstract:

Purpose: The objective of the paper is to develop a tool for the evaluation of the financial risk of a shopping center. Methodology: Important factors that indicate the success of a shopping center were identified from the available literature. Weights were allocated to these factors and a risk rating was calculated for 505 shopping centers in the largest province in South Africa by taking the factor scores, factor weights, and category weights into account. The ratings for ten randomly selected shopping centers were correlated with consumer feedback and standardized against the ECAI (External Credit Assessment Institutions) data for the same centers. The ratings were also mapped to corporates with the same risk rating to provide a better intuitive assessment of the meaning of the inherent risk of each center. Results: The proposed risk tool shows a strong linear correlation with consumer views and can be compared to expert opinions, such as that of fund managers and REITs. Interpretation of the tool was also illustrated by correlating the risk rating of selected shopping centers to the risk rating of reputable and established entities. Conclusions: The proposed Shopping Centre Risk Tool, used in conjunction with financial inputs from the relevant center, should prove useful to an investor when the desirability of investment in or expansion, renovation, or purchase of a shopping center is being considered.

Keywords: risk, shopping centres, risk modelling, investment, rating tool, rating scale

Procedia PDF Downloads 115

Authors: Babatunde Osabiya

Abstract:

Cybersecurity has emerged as a pressing policy problem in recent years, affecting individuals, businesses, and governments worldwide. This research paper aims to critically review the literature on cybersecurity policy and apply policy theory to propose a policy approach that balances the freedom to access and use technology with the human rights risks and threats posed by cyber. Drawing on various credible sources, the paper examines the scale and seriousness of cyber threats, highlighting the growing threat posed by cybercriminals, hackers, and nation-states. The paper also identifies the key challenges facing policymakers, including the need for more significant investment in cybersecurity research and development and the importance of balancing the benefits of technological innovation with the risks to privacy, security, and human rights. To address these challenges, the paper proposes a policy approach emphasizing investing in cybersecurity research and development to maintain a technological edge over potential adversaries. This approach also highlights the need for greater collaboration between government, industry, and civil society to develop effective cybersecurity policies and practices that protect the rights and freedoms of people while mitigating the risks posed by cyber threats. This paper will contribute to the growing body of literature on cybersecurity policy and offers a policy framework for addressing this critical policy challenge.

Keywords: security risk, legal framework, cyber security and policy, national security

Procedia PDF Downloads 93

Authors: Miral Sabry AlAshry

Abstract:

The main objective of the study is to investigate the effectiveness of Egyptian Journalists through the Anti-Cyber and Information Technology Crimes Law, as well as its implications for journalistic practice and the implications for press freedom in Egypt. Questionnaires were undertaken with 192 journalists representing four official newspapers, and in-depth interviews were held with 15 journalists. The study used an Authoritarian theory as a theoretical framework. The study revealed that the government placed restrictions on journalists by using the law to oppress them.

Keywords: anti-cyber and information technology crimes law, media legislation, personal information, Egyptian constitution

Procedia PDF Downloads 373

Authors: Elena M. Capitanul, Carlos A. Nunes Cosenza, Walid El Moudani, Felix Mora Camino

Abstract:

The construction of a new airport or the extension of an existing one requires massive investments and many times public private partnerships were considered in order to make feasible such projects. One characteristic of these projects is uncertainty with respect to financial and environmental impacts on the medium to long term. Another one is the multistage nature of these types of projects. While many airport development projects have been a success, some others have turned into a nightmare for their promoters. This communication puts forward a new approach for airport investment risk assessment. The approach takes explicitly into account the degree of uncertainty in activity levels prediction and proposes milestones for the different stages of the project for minimizing risk. Uncertainty is represented through fuzzy dual theory and risk management is performed using dynamic programming. An illustration of the proposed approach is provided.

Keywords: airports, fuzzy logic, risk, uncertainty

Procedia PDF Downloads 413

Authors: Francesco Lubrano, Fabrizio Bertone, Federico Stirano

Abstract:

Modern societies strongly depend on Critical Infrastructures (CI). Hospitals, power supplies, water supplies, telecommunications are just few examples of CIs that provide vital functions to societies. CIs like hospitals are very complex environments, characterized by a huge number of cyber and physical systems that are becoming increasingly integrated. Ensuring a high level of security within such critical infrastructure requires a deep knowledge of vulnerabilities, threats, and potential attacks that may occur, as well as defence and prevention or mitigation strategies. The possibility to remotely monitor and control almost everything is pushing the adoption of network-connected devices. This implicitly introduces new threats and potential vulnerabilities, posing a risk, especially to those devices connected to the Internet. Modern medical devices used in hospitals are not an exception and are more and more being connected to enhance their functionalities and easing the management. Moreover, hospitals are environments with high flows of people, that are difficult to monitor and can somehow easily have access to the same places used by the staff, potentially creating damages. It is therefore clear that physical and cyber threats should be considered, analysed, and treated together as cyber-physical threats. This means that an integrated approach is required. SAFECARE, an integrated cyber-physical security solution, tries to respond to the presented issues within healthcare infrastructures. The challenge is to bring together the most advanced technologies from the physical and cyber security spheres, to achieve a global optimum for systemic security and for the management of combined cyber and physical threats and incidents and their interconnections. Moreover, potential impacts and cascading effects are evaluated through impact propagation models that rely on modular ontologies and a rule-based engine. Indeed, SAFECARE architecture foresees i) a macroblock related to cyber security field, where innovative tools are deployed to monitor network traffic, systems and medical devices; ii) a physical security macroblock, where video management systems are coupled with access control management, building management systems and innovative AI algorithms to detect behavior anomalies; iii) an integration system that collects all the incoming incidents, simulating their potential cascading effects, providing alerts and updated information regarding assets availability.

Keywords: cyber security, defence strategies, impact propagation, integrated security, physical security

Procedia PDF Downloads 165

Authors: Ogbuagu Josephat Okechukwu, Okeke Abuchi Princewill, Arinze Rosemary Uche, Tabugbo Ifeyinwa Blessing, Ogbuagu Adaora Stellamaris

Abstract:

Phthalates or Phthalate esters (PAEs), categorized as an endocrine disruptor and persistent organic pollutants, are known for their environmental contamination and toxicological effects. In this study, the concentration of selected phthalates was determined across the sampling site to investigate their occurrence and the ecological and health risk assessment they pose to the environment. Water and sediment samples were collected following standard procedures. Solid phase and ultrasonic methods were used to extract seven different PAEs, which were analyzed by Gas Chromatography with Mass Detector (GCMS). The analytical average recovery was found to be within the range of 83.4% ± 2.3%. The results showed that PAEs were detected in six out of seven samples with a high percentage of detection rate in water. Di-n-butyl phthalate (DPB) and disobutyl phthalates (DiBP) showed a greater detection rate compared to other PAE monomers. The concentration of PEs was found to be higher in sediment samples compared to water samples due to the fact that sediments serve as a sink for most persistent organic pollutants. The concentrations of PAEs in water samples and sediments ranged from 0.00 to 0.23 mg/kg and 0.00 to 0.028 mg/l, respectively. Ecological risk assessment using the risk quotient method (RQ) reveals that the estimated environmental risk caused by phthalates lies within the moderate level as RQ ranges from 0.1 to 1.0, whereas the health risk assessment caused by phthalates on estimating the average daily dose reveals that the ingestion of phthalates was found to be approaching permissible limit which can cause serious carcinogenic occurrence in the human system with time due to excess accumulation.

Keywords: phthalates, endocrine disruptor, risk assessment, ecological risk, health risk

Procedia PDF Downloads 74

Authors: Charuvan Kasemsap

Abstract:

This research was studied in Bangnampriao District, Chachernsao Province, Thailand. The primary data relating to flooding, drought, and saline intrusion problem on agriculture were collected by surveying, focus group, and in-depth interview with agricultural officers, technical officers of irrigation department, and local government leader of Bangnampriao District. The likelihood and consequence of risk were determined the risk index by risk assessment matrix. In addition, the risk index and the total coping capacity scores were investigated the vulnerability index by vulnerability matrix. It was found that the high-risk drought and saline intrusion was dramatically along Bang Pakong River owing to the end destination of Chao Phraya Irrigation system of Central Thailand. This leads yearly the damage of rice paddy, mango tree, orchard, and fish pond. Therefore, some agriculture avoids rice growing during January to May, and also pumps fresh water from a canal into individual storage pond. However, Bangnampriao District will be strongly affected by the impacts of climate change. Monthly precipitations are expected to decrease in number; dry seasons are expected to be more in number and longer in duration. Thus, the risk and vulnerability of agriculture are also increasing. Adaptation strategies need to be put in place in order to enhance the resilience of the agriculture.

Keywords: agriculture, bangnampriao, climate change, risk assessment

Procedia PDF Downloads 430

Authors: Yang Yu, Jian Wang, Jiqiang Liu, Lei Han, Xudong He, Shaohua Lv

Abstract:

As the increasing network attacks become more and more complex, network situation assessment based on log analysis cannot meet the requirements to ensure network security because of the low quality of logs and alerts. This paper addresses the lack of consideration of security attributes of hosts and attacks in the network. Identity and effectiveness of Distributed Denial of Service (DDoS) are hard to be proved in risk assessment based on alerts and flow matching. This paper proposes a multi-dimension threat situation assessment method based on network security attributes. First, the paper offers an improved Common Vulnerability Scoring System (CVSS) calculation, which includes confident risk, integrity risk, availability risk and a weighted risk. Second, the paper introduces deterioration rate of properties collected by sensors in hosts and network, which aimed at assessing the time and level of DDoS attacks. Third, the paper introduces distribution of asset value in security attributes considering features of attacks and network, which aimed at assessing and show the whole situation. Experiments demonstrate that the approach reflects effectiveness and level of DDoS attacks, and the result can show the primary threat in network and security requirement of network. Through comparison and analysis, the method reflects more in security requirement and security risk situation than traditional methods based on alert and flow analyzing.

Keywords: DDoS evaluation, improved CVSS, network security attribute, threat situation assessment

Procedia PDF Downloads 209

Authors: J. R. Wang, W. Y. Cheng, J. S. Yeh, S. W. Chen, Y. M. Ferng, J. H. Yang, W. S. Hsu, C. Shih

Abstract:

To understand the risk for dry storage concrete casks in the cask loading, transfer, and storage phase, the purpose of this research is to establish the probabilistic risk assessment (PRA) analysis methodology for dry storage concrete casks by using SAPHIRE 8 code. This analysis methodology is used to perform the study of Taiwan nuclear power plants (NPPs) dry storage system. The process of research has three steps. First, the data of the concrete casks and Taiwan NPPs are collected. Second, the PRA analysis methodology is developed by using SAPHIRE 8. Third, the PRA analysis is performed by using this methodology. According to the analysis results, the maximum risk is the multipurpose canister (MPC) drop case.

Keywords: PRA, dry storage, concrete cask, SAPHIRE

Procedia PDF Downloads 212

Authors: Isabela Moreira Queiroz

Abstract:

Slope stability analyses are largely carried out by deterministic methods and evaluated through a single security factor. Although it is known that the geotechnical parameters can present great dispersal, such analyses are considered fixed and known. The probabilistic methods, in turn, incorporate the variability of input key parameters (random variables), resulting in a range of values of safety factors, thus enabling the determination of the probability of failure, which is an essential parameter in the calculation of the risk (probability multiplied by the consequence of the event). Among the probabilistic methods, there are three frequently used methods in geotechnical society: FOSM (First-Order, Second-Moment), Rosenblueth (Point Estimates) and Monte Carlo. This paper presents a comparison between the results from deterministic and probabilistic analyses (FOSM method, Monte Carlo and Rosenblueth) applied to a hypothetical slope. The end was held to evaluate the behavior of the slope and consequent risk analysis, which is used to calculate the risk and analyze their mitigation and control solutions. It can be observed that the results obtained by the three probabilistic methods were quite close. It should be noticed that the calculation of the risk makes it possible to list the priority to the implementation of mitigation measures. Therefore, it is recommended to do a good assessment of the geological-geotechnical model incorporating the uncertainty in viability, design, construction, operation and closure by means of risk management. 

Keywords: probabilistic methods, risk assessment, risk management, slope stability

Procedia PDF Downloads 391