Search results for: cybersecurity breaches

Authors: Mohamed Fadzlee Sulaiman, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin

Abstract:

Each individual organization has their own mechanism to build up cyber defense capability in protecting their information infrastructures from data breaches and cyber espionage. But, we can not deny the possibility of failing to detect and stop cyber attacks especially for those targeting credential information and intellectual property (IP). In this paper, we would like to share the modern approach of effective digital forensic methodology in order to identify the artifacts in tracing the trails of evidence while mitigating the infection from the target machine/s. This proposed approach will suit the digital forensic investigation to be conducted while resuming the business critical operation after mitigating the infection and minimizing the risk from the identified attack to transpire. Therefore, traditional digital forensics methodology has to be improvised to be proactive which not only focusing to discover the root caused and the threat actor but to develop the relevant mitigation plan in order to prevent from the same attack.

Keywords: digital forensic, detection, eradication, targeted attack, malware

Procedia PDF Downloads 275

Authors: C. N. Vanitha, M. Usha

Abstract:

In a real world scenario, the viability of the sensor networks has been proved by standardizing the technologies. Wireless sensor networks are vulnerable to both electronic and physical security breaches because of their deployment in remote, distributed, and inaccessible locations. The compromised sensor nodes send malicious data to the base station, and thus, the total network effectiveness will possibly be compromised. To detect and seclude the Route modifiers, a neural network based Pattern Learning predictor (PLP) is presented. This algorithm senses data at any node on present and previous patterns obtained from the en-route nodes. The eminence of any node is upgraded by their predicted and reported patterns. This paper propounds a solution not only to detect the route modifiers, but also to seclude the malevolent nodes from the network. The simulation result proves the effective performance of the network by the presented methodology in terms of energy level, routing and various network conditions.

Keywords: neural networks, pattern learning, security, wireless sensor networks

Procedia PDF Downloads 404

Authors: Ercan Eker, Muhammer Karaman, Akif Aslan, Hakan Tanrikuluoglu

Abstract:

Deficiency of institutional memory and knowledge management can result in information security breaches, loss of prestige and trustworthiness and the worst the loss of know-how and institutional knowledge. Traditional learning management within organizations is generally handled by personal efforts. That kind of struggle mostly depends on personal desire, motivation and institutional belonging. Even if an organization has highly motivated employees at a certain time, the institutional knowledge and memory life cycle will generally remain limited to these employees’ spending time in this organization. Having a learning management system in an organization can sustain the institutional memory, knowledge and know-how in the organization. Learning management systems are much more needed especially in public organizations where the job rotation is frequently seen and managers are appointed periodically. However, a learning management system should not be seen as an organizations’ website. It is a more comprehensive, interactive and user-friendly knowledge management tool for organizations. In this study, the importance of using learning management systems in the process of emerging tacit knowledge is underlined.

Keywords: knowledge management, learning management systems, tacit knowledge, institutional memory

Procedia PDF Downloads 380

Authors: Gemala Dewi, Wirdyaningsih, Farida Prihatini

Abstract:

The development of sharia business activities at present has solidified its societal mark and has crossed influence between several nations. In the practice, there may be disputes, breaches and other forms of conflict that occurred along the way. In the meantime, alternative settlements of disputes are utilized differently between nations in the context of their political, social, economic, legal and infrastructural (technology and transportation) scope. Besides the various conditions, there is a common driving factor, which is a consequence of the need for businesses to settle conflicts in an efficient and cost-efficient manner. This factor is paired symbiotically with the limitations of the court and legal processes. Knowing this, Indonesia and Egypt represent countries that have similar social, political, economic and legal conditions. This academic research establishes a normative analysis that looks and compares the rules that regulate the prospects and challenges in the regards of dispute settlements in reference to sharia economics in Indonesia and Egypt. This work recommends that sharia economics dispute settlement is significant to be incorporated in both Indonesian and Egyptian legal systems.

Keywords: sharia economics, dispute resolution, Indonesia, Egypt

Procedia PDF Downloads 338

Authors: Aofan Liu, Qianqian Tan, Burra Venkata Durga Kumar

Abstract:

Data security is of the utmost importance in the healthcare area, as sensitive patient information is constantly sent around and analyzed by many different parties. The use of federated learning, which enables data to be evaluated locally on devices rather than being transferred to a central server, has emerged as a potential solution for protecting the privacy of user information. To protect against data breaches and unauthorized access, federated learning alone might not be adequate. In this context, the application of blockchain technology could provide the system extra protection. This study proposes a distributed federated learning system that is built on blockchain technology in order to enhance security in healthcare. This makes it possible for a wide variety of healthcare providers to work together on data analysis without raising concerns about the confidentiality of the data. The technical aspects of the system, including as the design and implementation of distributed learning algorithms, consensus mechanisms, and smart contracts, are also investigated as part of this process. The technique that was offered is a workable alternative that addresses concerns about the safety of healthcare while also fostering collaborative research and the interchange of data.

Keywords: data privacy, distributed system, federated learning, machine learning

Procedia PDF Downloads 134

Authors: Genevieve Zingg

Abstract:

Since the onset of the 2015 ‘refugee crisis’ in the European Union (EU), migrant deaths have overwhelmingly occurred in the Mediterranean Sea. However, far less attention has been paid to the startling number of injuries, deaths, and allegations of systematic human rights violations occurring within European refugee camps. Most troubling is the assertion that injuries and deaths in EU refugee camps have occurred as a result of negligent management and poor access to healthcare, food, water and sanitation, and other elements that comprise an adequate standard of living under international human rights law. Using available evidence and documentation, this paper will conduct a thorough examination of the causes of death and injury in EU refugee camps, with a specific focus on Greece, in order to identify instances of negligence or conditions that amount to potential breaches of human rights law. Based on its analysis, this paper will subsequently explore potential legal avenues to achieving justice and accountability under international human rights law in order to effectively address and remedy inadequate standards of living causing wrongful death or injury in European refugee camps.

Keywords: European Union, Greece, human rights, international human rights law, migration, refugees

Procedia PDF Downloads 195

Authors: C. P. Autry, A.W. Roscoe

Abstract:

Authentication protocols based on public key infrastructure (PKI) and trusted third party (TTP) are no longer adequate for industrial scale IoT networks thanks to issues such as low compute and power availability, the use of widely distributed and commercial off-the-shelf (COTS) systems, and the increasingly sophisticated attackers and attacks we now have to counter. For example, there is increasing concern about nation-state-based interference and future quantum computing capability. We have examined this space from first principles and have developed several approaches to group and point-to-point authentication for IoT that do not depend on the use of a centralised client-server model. We emphasise the use of quantum resistant primitives such as strong cryptographic hashing and the use multi-factor authentication.

Keywords: authentication, enterprise IoT cybersecurity, PKI/TTP, IoT space

Procedia PDF Downloads 169

Authors: Achutha Raman

Abstract:

Today's brave new world features a bonanza of digitally interconnected products, or ‘things,’ that improve convenience, possibilities, and in some cases efficiency for consumers. Nonetheless, even as the market accelerates, this Internet of ‘things’ is subject to substantial leakage of consumer personal data. First defining the fluid concept of ‘things,’ this paper subsequently uses case studies taken from the EU, Asia, and the US, to highlight large gaps and comprehensively evaluate the state of security for consumer ‘things.’ Ultimately, this paper offers several ways of improving the present status quo, and especially focuses on an evaluative approach that augments the standard mechanism of Firmware Over the Air Updates, and ought to be easily implementable.

Keywords: cybersecurity, FOTA, Internet of Things, transnational privacy

Procedia PDF Downloads 218

Authors: Ken Munro

Abstract:

Cruise ships are possibly the most complex collection of systems it is possible to find in one physical, moving location. Propulsion, navigation, power generation and more, combined with a hotel, restaurant, casino, theatre etc, with safety and fire control systems to boot. That complexity creates huge challenges with keeping OT and IT systems apart. Ships engines are often remotely managed, network segregation is often defeated through troubleshooting when at sea. This session will refer to multiple entertaining and informative tales of taking control of ships, including accessing a ships Azipods via a game simulator for passengers. Fortunately, genuine attacks against vessels are very rare, but the effects and impacts to world trade are becoming increasingly obvious.

Keywords: maritime security, cybersecurity, OT, IT, networks

Procedia PDF Downloads 33

Authors: Samuel Owoade, Zainab Idowu, Idris Ajibade, Abel Uzoka

Abstract:

Cloud computing adoption continues to soar, with 83% of enterprise workloads estimated to be in the cloud by 2022. However, this rapid migration raises security concerns, needing strong security management solutions to safeguard sensitive data and essential applications. This paper investigates the critical role of technical project managers in orchestrating security management initiatives for cloud environments, evaluating their responsibilities, challenges, and best practices for assuring the resilience and integrity of cloud infrastructures. Drawing from a comprehensive review of industry reports and interviews with cloud security experts, this research highlights the multifaceted landscape of security management in cloud environments. Despite the rapid adoption of cloud services, only 25% of organizations have matured their cloud security practices, indicating a pressing need for effective management strategies. This paper proposes a strategy framework adapted to the demands of technical project managers, outlining the important components of effective cloud security management. Notably, 76% of firms identify misconfiguration as a major source of cloud security incidents, underlining the significance of proactive risk assessment and constant monitoring. Furthermore, the study emphasizes the importance of technical project managers in facilitating cross-functional collaboration, bridging the gap between cybersecurity professionals, cloud architects, compliance officers, and IT operations teams. With 68% of firms seeing difficulties integrating security policies into their cloud systems, effective communication and collaboration are critical to success. Case studies from industry leaders illustrate the practical use of security management projects in cloud settings. These examples demonstrate the importance of technical project managers in using their expertise to address obstacles and generate meaningful outcomes, with 92% of firms reporting improved security practices after implementing proactive security management tactics. In conclusion, this research underscores the critical role of technical project managers in safeguarding cloud environments against evolving threats. By embracing their role as guardians of the cloud realm, project managers can mitigate risks, optimize resource utilization, and uphold the trust and integrity of cloud infrastructures in an era of digital transformation.

Keywords: cloud security, security management, technical project management, cybersecurity, cloud infrastructure, risk management, compliance

Procedia PDF Downloads 51

Authors: Robin Singh, Jing-Chiou Liou

Abstract:

The Internet of Things (IoT) devices are being used heavily as part of our everyday routines. Through improved communication and automated procedures, its popularity has assisted users in raising the quality of work. These devices are used in healthcare in order to better collect the patient’s data for their treatment. They are generally considered safe and secure. However, there is some possibility that some loopholes do exist which manufacturers do need to identify before some hacker takes advantage of them. For this study, we focused on two medical IoT devices which are pacemakers and hearing aids. The aim of this paper is to identify if there is any likelihood of these medical devices being hijacked and used as a botnet in Distributed Denial-Of Service attacks. Moreover, some mitigation strategies are being proposed to better secure

Keywords: cybersecurity, DDoS, IoT, medical devices

Procedia PDF Downloads 86

Authors: Alicja Starczewska, Aleksander Nawrat, Krzysztof Daniec, Jarosław Homa, Kacper Hołda

Abstract:

Border Gateway Protocol is the main routing protocol that enables routing establishment between all autonomous systems, which are the basic administrative units of the internet. Due to the poor protection of BGP, it is important to use additional BGP security systems. Many solutions to this problem have been proposed over the years, but none of them have been implemented on a global scale. This article describes a system capable of building images of real-time BGP network topology in order to detect BGP anomalies. Our proposal performs a detailed analysis of BGP messages that come into local network cards supplemented by information collected by remote collectors in different localizations.

Keywords: BGP, BGP hijacking, cybersecurity, detection

Procedia PDF Downloads 78

Authors: Tim Nedyalkov

Abstract:

A business decision to move to the cloud brings fundamental changes in how an organization develops and delivers its Information Technology solutions. The accelerated pace of digital transformation across businesses and government agencies increases the reliance on cloud-based services. They are collecting, managing, and retaining large amounts of data in cloud environments makes information security and data privacy protection essential. It becomes even more important to understand what key factors drive successful cloud adoption following the commencement of the Privacy Amendment Notifiable Data Breaches (NDB) Act 2017 in Australia as the regulatory changes impact many organizations and industries. This quantitative correlational research investigated the governance, risk management, and compliance factors contributing to cloud security success. The factors influence the adoption of cloud computing within an organizational context after the commencement of the NDB scheme. The results and findings demonstrated that corporate information security policies, data storage location, management understanding of data governance responsibilities, and regular compliance assessments are the factors influencing cloud computing adoption. The research has implications for organizations, future researchers, practitioners, policymakers, and cloud computing providers to meet the rapidly changing regulatory and compliance requirements.

Keywords: cloud compliance, cloud security, data governance, privacy protection

Procedia PDF Downloads 116

Authors: Farid Fahami

Abstract:

This article explores the transformative role of technology in the finance, banking, and insurance sectors. It examines key technological trends such as AI, blockchain, data analytics, and digital platforms and their impact on operations, customer experiences, and business models. The article highlights the benefits of technology adoption, including improved efficiency, cost reduction, enhanced customer experiences, and expanded financial inclusion. It also addresses challenges like cybersecurity, data privacy, and the need for upskilling. Real-world case studies demonstrate successful technology integration, and recommendations for stakeholders emphasize embracing innovation and collaboration. The article concludes by emphasizing the importance of technology in shaping the future of these sectors.

Keywords: banking, finance, insurance, technology

Procedia PDF Downloads 72

Authors: Sanju Vaidya, Aihua Li

Abstract:

Vulnerability measures and topological indices are crucial in solving various problems such as the stability of the communication networks and development of mathematical models for chemical compounds. In 1947, Harry Wiener introduced a topological index related to molecular branching. Now there are more than 100 topological indices for graphs. For example, Hosoya polynomials (also called Wiener polynomials) were introduced to derive formulas for certain vulnerability measures and topological indices for various graphs. In this paper, we will find a relation between the Hosoya polynomials of any graph and its Mycielskian graph. Additionally, using this we will compute vulnerability measures, closeness and betweenness centrality, and extended Wiener indices. It is fascinating to see how Hosoya polynomials are useful in the two diverse fields, cybersecurity and chemistry.

Keywords: hosoya polynomial, mycielskian graph, graph vulnerability measure, topological index

Procedia PDF Downloads 70

Authors: Robert Gilliland

Abstract:

In any organization, a potential issue can arise and become a problem when management deviates from the standard norms set in the system development process of an IT system and the policies that pertain to it. In these instances, cybersecurity is a big challenge that organizations have to face in safeguarding the data that they generate and use. When a new idea, task, or process begins, specific standards must be followed, along with the policies and procedures that ensure the safeguard of data in the information system within the company. A good IT Strategy and Policy should have individuals who are in charge of overseeing the design, development, implementation, and auditing of these policies. Auditors are people who check to make sure that the issue conforms with the plan that is in place. Management has the ability through the role of the manager to potentially abuse power is given and to direct specific ideas, events, projects, and outcomes that are contrary to the vision or goals of the company.

Keywords: strategic policy, policy management, new policy, strategic planning

Procedia PDF Downloads 136

Authors: Anastasios Papathanasiou, George Liontos, Athanasios Katsouras, Vasiliki Liagkou, Euripides Glavas

Abstract:

Email remains a crucial communication tool due to its efficiency, accessibility and cost-effectiveness, enabling rapid information exchange across global networks. However, the global adoption of email has also made it a prime target for cyber threats, including phishing, malware and Business Email Compromise (BEC) attacks, which exploit its integral role in personal and professional realms in order to perform fraud and data breaches. To combat these threats, this research advocates for a multi-layered defense strategy incorporating advanced technological tools such as anti-spam and anti-malware software, machine learning algorithms and authentication protocols. Moreover, we developed an artificial intelligence model specifically designed to analyze email headers and assess their security status. This AI-driven model examines various components of email headers, such as "From" addresses, ‘Received’ paths and the integrity of SPF, DKIM and DMARC records. Upon analysis, it generates comprehensive reports that indicate whether an email is likely to be malicious or benign. This capability empowers users to identify potentially dangerous emails promptly, enhancing their ability to avoid phishing attacks, malware infections and other cyber threats.

Keywords: email security, artificial intelligence, header analysis, threat detection, phishing, DMARC, DKIM, SPF, ai model

Procedia PDF Downloads 59

Authors: Jihen Bennaceur, Wissem Zouaghi, Ali Mabrouk

Abstract:

The major aim of cyber threat intelligence (CTI) is to provide sophisticated knowledge about cybersecurity threats to ensure internal and external safeguards against modern cyberattacks. Inaccurate, incomplete, outdated, and invaluable threat intelligence is the main problem. Therefore, data analysis based on AI algorithms is one of the emergent solutions to overcome the threat of information-sharing issues. In this paper, we propose a supervised machine learning-based algorithm to improve threat information sharing by providing a sophisticated classification of cyber threats and data. Extensive simulations investigate the accuracy, precision, recall, f1-score, and support overall to validate the designed algorithm and to compare it with several supervised machine learning algorithms.

Keywords: threat information sharing, supervised learning, data classification, performance evaluation

Procedia PDF Downloads 149

Authors: Yong-Kyu Jung

Abstract:

The fast growth in information technology has led to de-mands to access/process data. CPSs heavily depend on the time of hardware/software operations and communication over the network (i.e., real-time/parallel operations in CPSs (e.g., autonomous vehicles). Since data processing is an im-portant means to overcome the issue confronting data management, reducing the gap between the technological-growth and the data-complexity and channel-bandwidth. An adaptive perpetual data approximation method is intro-duced to manage the actual entropy of the digital spectrum. An ADAC implemented as an accelerator and/or apps for servers/smart-connected devices adaptively rescales digital contents (avg.62.8%), data processing/access time/energy, encryption/decryption overheads in AI/ML applications (facial ID/recognition).

Keywords: adaptive codec, AI, ML, HPC, cyber-physical, cybersecurity

Procedia PDF Downloads 79

Authors: Sujan Tyata, Alison Shilpakar, Nayan Bakhadyo, Kushal K. C., Abhas Maskey

Abstract:

The Koshi River, acknowledged as the "Sorrow of Bihar," poses intricate challenges characterized by recurrent flooding. Within the Koshi Basin, floods have historically inflicted damage on infrastructure, agriculture, and settlements. The Koshi River exhibits a highly braided pattern across a 48 km stretch to the south of Chatara. The devastating flood from the Koshi River, which began in Nepal's Sunsari District in 2008, led to significant casualties and the destruction of agricultural areas.The catastrophe was exacerbated by a levee breach, underscoring the vulnerability of the region's flood defenses. A comprehensive understanding of environmental changes in the area is unveiled through satellite imagery analysis. This analysis facilitates the identification of high-risk zones and their contributing factors. Employing remote sensing, the analysis specifically pinpoints locations vulnerable to levee breaches. Topographical features of the area along with longitudinal and cross sectional profiles of the river and levee obtained from digital elevation model are used in the hydrological analysis for assessment of flood. To mitigate the impact of floods, the strategy involves the establishment of reservoirs upstream. Leveraging satellite data, optimal locations for water storage are identified. This approach presents a dual opportunity to not only alleviate flood risks but also catalyze the implementation of pumped storage hydropower initiatives. This holistic approach addresses environmental challenges while championing sustainable energy solutions.

Keywords: flood mitigation, levee, remote sensing, satellite imagery analysis, sustainable energy solutions

Procedia PDF Downloads 64

Authors: Sigal Barkai

Abstract:

'Ironic Historiography' is a hybrid notion combining criticism of historical narratives concerning the Israeli state with ironic artistic expression. The paper will deal with questions of identities of native Israeli visual artists who chose to live out of the country, or to move back and forth to and from it. It will examine the ways these wanderings are reflected in their work. The paper discusses the work of 4 contemporary artists who produce artworks in diverse techniques and media, such as video, performance and installation art. Yael Bartana, Erez Israeli and Tamir Zadok are artists who constantly deal with Israeli nationality and history in their artwork, using ironic components. In comparison, the paper will review the works of Mika Rottenberg, who is now a New York based artist. She is concerned with global social issues and neglected specific national identity altogether. All of them use visual irony as a means of reflecting and criticizing society. The analysis was done in awareness of the life stories of the artists, in an attempt to trace the ways they establish their identities through their art. It was pre-supposed that these identities will be shaped in the in-between space of being an Israeli citizen and a citizen of the world. The study asks how ironic expression appears in their work, what kind of irony do they use and in what ways does it serves them. The methodology combined visual analysis, interviews with the artists, and analyzation of secondary discourses in the media. As theoretical background various fields of knowledge were used, such as literature and language studies, Sociology, and Visual Culture studies. The findings point out that visual and artistic irony has many different goals in the use of historiographic fiction. It can bind an artist to his homeland and native society, or it can help her to detach. It helps healing breaches in the in-between space, or it can be used as a means to completely detach from any identification with a native origin.

Keywords: visual art, irony, identities, Israel

Procedia PDF Downloads 252

Authors: Faiza Marrium, Masood Rabbani, Ali Ahmad Sheikh, Muhammad Yasin Tipu Javed Muhammad, Sohail Raza

Abstract:

More than 75% diseases spreading in the past 10 years in human population globally are linked to veterinary sector. Veterinary diagnostic labs are the powerful ally for diagnosis, prevention and monitoring of animal diseases in any country. In order to avoid detrimental effects of errors in disease diagnostic and biorisk management, there is a dire need to establish quality control system. In current study, 3 private and 6 public sectors veterinary diagnostic labs were selected for survey. A questionnaire survey in biorisk management guidelines of CWA 15793 was designed to find quality control breaches in lab design, personal, equipment and consumable, quality control measures adopted in lab, waste management, environmental monitoring and customer care. The data was analyzed through frequency distribution statistically by using (SPSS) version 18.0. A non-significant difference was found in all parameters of lab design, personal, equipment and consumable, quality control measures adopted in lab, waste management, environmental monitoring and customer care with an average percentage of 46.6, 57.77, 52.7, 55.5, 54.44, 48.88 and 60, respectively. A non-significant difference among all nine labs were found, with highest average compliance percentage of all parameters are lab 2 (78.13), Lab 3 (70.56), Lab 5 (57.51), Lab 6 (56.37), Lab 4 (55.02), Lab 9 (49.58), Lab 7 (47.76), Lab 1 (41.01) and Lab 8 (36.09). This study shows that in Lahore district veterinary diagnostic labs are not giving proper attention to quality of their system and there is no significant difference between setups of private and public sector laboratories. These results show that most of parameters are between 50 and 80 percent, which needs some work and improvement as per WHO criteria.

Keywords: veterinary lab, quality management system, accreditation, regulatory body, disease identification

Procedia PDF Downloads 146

Authors: Kitty Kioskli, Nineta Polemi

Abstract:

Evaluating the levels of cyber-security risks within an enterprise is most important in protecting its information system, services and all its digital assets against security incidents (e.g. accidents, malicious acts, massive cyber-attacks). The existing risk assessment methodologies (e.g. eBIOS, OCTAVE, CRAMM, NIST-800) adopt a technical approach considering as attack factors only the capability, intention and target of the attacker, and not paying attention to the attacker’s psychological profile and personality traits. In this paper, a socio-technical approach is proposed in cyber risk assessment, in order to achieve more realistic risk estimates by considering the personality traits of the attackers. In particular, based upon principles from investigative psychology and behavioural science, a multi-dimensional, extended, quantifiable model for an attacker’s profile is developed, which becomes an additional factor in the cyber risk level calculation.

Keywords: attacker, behavioural models, cyber risk assessment, cybersecurity, human factors, investigative psychology, ISO27001, ISO27005

Procedia PDF Downloads 165

Authors: Leidy M. Aldana, Jorge E. Camargo

Abstract:

Adversarial Machine Learning has gained importance in recent years as Cybersecurity has gained too, especially malware, it has affected different entities and people in recent years. This paper shows a literature review about defense methods created to prevent adversarial machine learning attacks, firstable it shows an introduction about the context and the description of some terms, in the results section some of the attacks are described, focusing on detecting adversarial examples before coming to the machine learning algorithm and showing other categories that exist in defense. A method with five steps is proposed in the method section in order to define a way to make the literature review; in addition, this paper summarizes the contributions in this research field in the last seven years to identify research directions in this area. About the findings, the category with least quantity of challenges in defense is the Detection of adversarial examples being this one a viable research route with the adaptive approach in attack and defense.

Keywords: Malware, adversarial, machine learning, defense, attack

Procedia PDF Downloads 63

Authors: Aria Teimourzadeh, Marc Favier, Samaneh Kakavand

Abstract:

The emergence of social networks has revolutionized the exchange of information. Every behavior on these platforms contributes to the generation of data known as social network data that are processed, stored and published by the social network service providers. Hence, it is vital to investigate the role of these platforms in user data by considering the privacy measures, especially when we observe the increased number of individuals and organizations engaging with the current virtual platforms without being aware that the data related to their positioning, connections and behavior is uncovered and used by third parties. Performing analytics on social network datasets may result in the disclosure of confidential information about the individuals or organizations which are the members of these virtual environments. Analyzing separate datasets can reveal private information about relationships, interests and more, especially when the datasets are analyzed jointly. Intentional breaches of privacy is the result of such analysis. Addressing these privacy concerns requires an understanding of the nature of data being accumulated and relevant data privacy regulations, as well as motivations for disclosure of personal information on social network platforms. Some significant points about how user's online information is controlled by the influence of social factors and to what extent the users are concerned about future use of their personal information by the organizations, are highlighted in this paper. Firstly, this research presents a short literature review about the structure of a network and concept of privacy in Online Social Networks. Secondly, the factors of user behavior related to privacy protection and self-disclosure on these virtual communities are presented. In other words, we seek to demonstrates the impact of identified variables on user information disclosure that could be taken into account to explain the privacy preservation of individuals on social networking platforms. Thirdly, a few research directions are discussed to address this topic for new researchers.

Keywords: information disclosure, privacy measures, privacy preservation, social network analysis, user experience

Procedia PDF Downloads 281

Authors: Laura Bishop, Isabel Jones, Linn Halvorsen, Angela Smith

Abstract:

Phishing emails are a form of social engineering where attackers deceive email users into revealing sensitive information or installing malware such as ransomware. Scammers often use persuasion techniques to influence email users to interact with malicious content. This study will use eye-tracking equipment to analyze how participants respond to and process Cialdini’s persuasion principles when utilized within phishing emails. Eye tracking provides insights into what is happening on the subconscious level of the brain that the participant may not be aware of. An experiment is conducted to track participant eye movements, whilst interacting with and then filing a series of persuasive emails delivered at random. Eye tracking metrics will be analyzed in relation to whether a malicious email has been identified as phishing (filed as ‘suspicious’) or not phishing (filed in any other folder). This will help determine the most influential persuasion techniques and those 'areas of interest' within an email that require intervention. The results will aid further research on how to reduce the effects of persuasion on human decision-making when interacting with phishing emails.

Keywords: cybersecurity, human-centric, phishing, psychology

Procedia PDF Downloads 83

Authors: Yiyang Su, Jörg Neumann, Jan Wetzlich, Florian Thiel

Abstract:

Smart grid is a term used to describe the next generation power grid. New challenges such as integration of renewable and decentralized energy sources, the requirement for continuous grid estimation and optimization, as well as the use of two-way flows of energy have been brought to the power gird. In order to achieve efficient, reliable, sustainable, as well as secure delivery of electric power more and more information and communication technologies are used for the monitoring and the control of power grids. Consequently, the need for cybersecurity is dramatically increased and has converged into several standards which will be presented here. These standards for the smart grid must be designed to satisfy both performance and reliability requirements. An in depth investigation of the effect of retrospectively embedded security in existing grids on it’s dynamic behavior is required. Therefore, a retrofitting plan for existing meters is offered, and it’s performance in a test low voltage microgrid is investigated. As a result of this, integration of security measures into measurement architectures of smart grids at the design phase is strongly recommended.

Keywords: cyber security, performance, protocols, security standards, smart grid

Procedia PDF Downloads 324

Authors: Esteban Alejandro Armas Vega, Ana Lucila Sandoval Orozco, Luis Javier García Villalba

Abstract:

The benchmarking of tools for dynamic analysis of vulnerabilities in web applications is something that is done periodically, because these tools from time to time update their knowledge base and search algorithms, in order to improve their accuracy. Unfortunately, the vast majority of these evaluations are made by software enthusiasts who publish their results on blogs or on non-academic websites and always with the same evaluation methodology. Similarly, academics who have carried out this type of analysis from a scientific approach, the majority, make their analysis within the same methodology as well the empirical authors. This paper is based on the interest of finding answers to questions that many users of this type of tools have been asking over the years, such as, to know if the tool truly test and evaluate every vulnerability that it ensures do, or if the tool, really, deliver a real report of all the vulnerabilities tested and exploited. This kind of questions have also motivated previous work but without real answers. The aim of this paper is to show results that truly answer, at least on the tested tools, all those unanswered questions. All the results have been obtained by changing the common model of benchmarking used for all those previous works.

Keywords: cybersecurity, IDS, security, web scanners, web vulnerabilities

Procedia PDF Downloads 319

Authors: Felix Olajide Ibikunle

Abstract:

Introductory Statement: Sustainable participation of teenagers in sport requires deliberate and concerted plan and managerial policy rooted in the “philosophy of catch them young”. At risk, teenagers need proper integration into societal aspiration: This direction will go a long way to streamline them into the security breach and attractive nuisance free lifestyles. Basic Methodology: The population consists of children within 13-19 years old. A proportionate sampling size technique of 60% was adopted to select seven zones out of 11 geo-political zones in the Ibadan metropolis. Qualitative information and interview were used to collect needed information. Majority of the teenagers were out of school, street hawkers, motor pack, touts, and unserious vocation apprentices. These groups have the potentials of security breaches in the metropolis and beyond. Five hundred and thirty-four (534) respondents were used for the study. They were drawn from Ojoo, Akingbile, and Moniya axis = 72, Agbowo, Ajibode, and Apete axis = 74; Akobo, Basorun, and Idi-ape axis 79; Wofun, Monatan, and Iyana-Church axis = 78; Molete, Oke-ado and Oke-Bola axis = 75; Beere, Odinjo, Elekuro axis = 77; Eleyele, Ologuneru, and Alesinloye axis = 79. Major Findings: Multiple regression was used to analyze the independent variables and percentage. The respondents average age was 15.6 years old, and with 100% male. The instrument(questionnaire) used yielded; sport preference (r = 0.72); intervention (r = 0.68) and the sustainable participation (r = 0.70).The relative contributions of sport preference on participation of at risk teenagers was (F-ratio = 1.067); Intervention contribution of sport on participation of at risk teenagers = produced (F-ratio of 12.095) was significant while sustainable participation of at risk teenager produced (F-ratio = 1.062) was significant. Closing Statement: The respondents’ sport preference stimulated their participation in sport. The intervention exposed at risk-teenagers to coaching, which activated their interest and participation in sport. While sustainable participation contributed positively to evolve at risk teenagers participation in their preferred sport.

Keywords: sport, preference, intervention, teenagers, sustainable, participation and risk teenagers

Procedia PDF Downloads 112

Authors: Shih-Yu Wang, Shun-Wen Hsiao

Abstract:

In the field of cybersecurity, there exists many vendors giving malware samples classified results, namely naming after the label that contains some important information which is also called AV label. Lots of researchers relay on AV labels for research. Unfortunately, AV labels are too cluttered. They do not have a fixed format and fixed naming rules because the naming results were based on each classifiers' viewpoints. A way to fix the problem is taking a majority vote. However, voting can sometimes create problems of bias. Thus, we create a novel ensemble approach which does not rely on the cacophonous naming result but depend on group identification to aggregate everyone's opinion. To achieve this purpose, we develop an scoring system called Pairwise Consensus Score (PCS) to calculate result similarity. The entire method architecture combine Genetic Algorithm and PCS to find maximum consensus in the group. Experimental results revealed that our method outperformed the majority voting by 10% in term of the score.

Keywords: genetic algorithm, ensemble learning, malware family, malware labeling, AV labels

Procedia PDF Downloads 86