Search results for: web vulnerabilities

Authors: Preston Nabors, Nasseh Tabrizi

Abstract:

Portable Document Format (PDF) files have gained significant popularity for sharing and distributing documents due to their universal compatibility. However, the widespread use of PDF files has made them attractive targets for cybercriminals, who exploit vulnerabilities to deliver malware and compromise the security of end-user systems. This paper reviews notable contributions in PDF malware detection, including static, dynamic, signature-based, and hybrid analysis. It presents a comprehensive examination of PDF malware detection techniques, focusing on the emerging threat of adversarial sampling and the need for robust defense mechanisms. The paper highlights the vulnerability of machine learning classifiers to evasion attacks. It explores adversarial sampling techniques in PDF malware detection to produce mimicry and reverse mimicry evasion attacks, which aim to bypass detection systems. Improvements for future research are identified, including accessible methods, applying adversarial sampling techniques to malicious payloads, evaluating other models, evaluating the importance of features to malware, implementing adversarial defense techniques, and conducting comprehensive examination across various scenarios. By addressing these opportunities, researchers can enhance PDF malware detection and develop more resilient defense mechanisms against adversarial attacks.

Keywords: adversarial attacks, adversarial defense, adversarial machine learning, intrusion detection, PDF malware, malware detection, malware detection evasion

Procedia PDF Downloads 37

Authors: Andrii Shalaginov, Katrin Franke, Xiongwei Huang

Abstract:

One of the leading problems in Cyber Security today is the emergence of targeted attacks conducted by adversaries with access to sophisticated tools. These attacks usually steal senior level employee system privileges, in order to gain unauthorized access to confidential knowledge and valuable intellectual property. Malware used for initial compromise of the systems are sophisticated and may target zero-day vulnerabilities. In this work we utilize common behaviour of malware called ”beacon”, which implies that infected hosts communicate to Command and Control servers at regular intervals that have relatively small time variations. By analysing such beacon activity through passive network monitoring, it is possible to detect potential malware infections. So, we focus on time gaps as indicators of possible C2 activity in targeted enterprise networks. We represent DNS log files as a graph, whose vertices are destination domains and edges are timestamps. Then by using four periodicity detection algorithms for each pair of internal-external communications, we check timestamp sequences to identify the beacon activities. Finally, based on the graph structure, we infer the existence of other infected hosts and malicious domains enrolled in the attack activities.

Keywords: malware detection, network security, targeted attack, computational intelligence

Procedia PDF Downloads 263

Authors: Sri Lakshmi Kanniah, Mohd Naz’ri Mahrin

Abstract:

More and more businesses and services are depending on software to run their daily operations and business services. At the same time, cyber-attacks are becoming more covert and sophisticated, posing threats to software. Vulnerabilities exist in the software due to the lack of security practices during the phases of software development. Implementation of secure software development practices can improve the resistance to attacks. Many methods, models and standards for secure software development have been developed. However, despite the efforts, they still come up against difficulties in their deployment and the processes are not institutionalized. There is a set of factors that influence the successful deployment of secure software development processes. In this study, the methodology and results from a systematic literature review of factors influencing the implementation of secure software development practices is described. A total of 44 primary studies were analysed as a result of the systematic review. As a result of the study, a list of twenty factors has been identified. Some of factors that affect implementation of secure software development practices are: Involvement of the security expert, integration between security and development team, developer’s skill and expertise, development time and communication between stakeholders. The factors were further classified into four categories which are institutional context, people and action, project content and system development process. The results obtained show that it is important to take into account organizational, technical and people issues in order to implement secure software development initiatives.

Keywords: secure software development, software development, software security, systematic literature review

Procedia PDF Downloads 376

Authors: Ibhade Oluwabunlola Adisa Ibojo, Tolulope Funmilola Aladetan

Abstract:

Children living with albinism in Nigeria face significant legal and social challenges that threaten their rights and well-being. Despite existing laws aimed at protecting the rights of children, including the Child Rights Act of 2003, the unique vulnerabilities of children with albinism often go unaddressed. This abstract explores the legal status of these children, highlighting the gaps in legal protection and the prevalence of discrimination and violence against them. In many Nigerian communities, deep-seated myths and superstitions regarding albinism contribute to the marginalization and stigmatization of individuals with this condition. Consequently, children with albinism are at a heightened risk of violence, including abduction and ritualistic killings, often with impunity for the perpetrators. This situation is exacerbated by inadequate legal frameworks, ineffective enforcement of existing laws, and a lack of awareness among law enforcement officials and the general public. The paper also examines the implications of these challenges on the rights of children with albinism to life, education, and healthcare. Recommendations are proposed for improving the legal framework and implementing targeted awareness campaigns to protect these vulnerable children. By addressing these issues, the Nigerian legal system can better safeguard the rights and dignity of children living with albinism, ensuring they can lead safe and fulfilling lives. This research aims to raise awareness of the plight of these children and advocate for stronger legal protections to promote their rights and well-being in Nigerian society.

Keywords: Albinism, vulnerable, children, laws

Procedia PDF Downloads 10

Authors: Serzhan Ashirov, Dana Nour, Rafat Rob, Khaled Alotaibi

Abstract:

There has been a fast growth in the introduction and use of communications, information, monitoring, and sensing technologies. The new technologies are making their way to the Industrial Control Systems as embedded in products, software applications, IT services, or commissioned to enable integration and automation of increasingly global supply chains. As a result, the lines that separated the physical, digital, and cyber world have diminished due to the vast implementation of the new, disruptive digital technologies. The variety and increased use of these technologies introduce many cybersecurity risks affecting cyber-resilience of the supply chain, both in terms of the product or service delivered to a customer and members of the supply chain operation. US department of energy considers supply chain in the IR4 space to be the weakest link in cybersecurity. The IR4 identified the digitization of the field devices, followed by digitalization that eventually moved through the digital transformation space with little care for the new introduced cybersecurity risks. This paper will examine the best methodologies for securing the electrical substations from cybersecurity attacks due to supply chain risks, and due to digitization effort. SCADA systems are the most vulnerable part of the power system infrastructure due to digitization and due to the weakness and vulnerabilities in the supply chain security. The paper will discuss in details how create a secure supply chain methodology, secure substations, and mitigate the risks due to digitization

Keywords: cybersecurity, supply chain methodology, secure substation, digitization

Procedia PDF Downloads 60

Authors: Natalia Limones, Javier Marzo, Marcus Wijnen, Aleix Serrat-Capdevila

Abstract:

In this research we developed a structured approach for the detection of areas under the highest levels of drought risk that is suitable for data-scarce environments. The methodology is based on recent scientific outcomes and methods and can be easily adapted to different contexts in successive exercises. The research reviews the history of drought in the south of Angola and characterizes the experienced hazard in the episode from 2012, focusing on the meteorological and the hydrological drought types. Only global open data information coming from modeling or remote sensing was used for the description of the hydroclimatological variables since there is almost no ground data in this part of the country. Also, the study intends to portray the socioeconomic vulnerabilities and the exposure to the phenomenon in the region to fully understand the risk. As a result, a map of the areas under the highest risk in the south of the country is produced, which is one of the main outputs of this work. It was also possible to confirm that the set of indicators used revealed different drought vulnerability profiles in the South of Angola and, as a result, several varieties of priority areas prone to distinctive impacts were recognized. The results demonstrated that most of the region experienced a severe multi-year meteorological drought that triggered an unprecedent exhaustion of the surface water resources, and that the majority of their socioeconomic impacts started soon after the identified onset of these processes.

Keywords: drought risk, exposure, hazard, vulnerability

Procedia PDF Downloads 190

Authors: Crispin Rakibu Mbamba

Abstract:

Twenty-two years after the adoption of the United Nation Trafficking Protocol, evidence suggest that child trafficking continues to rise. Community level factors, like poverty which creates the conditions for children’s vulnerability is key to the rise in trafficking cases in Ghana. Albeit, growing evidence suggestthat despite the vulnerabilities, communities have the capacity to prevent and address child trafficking issues. This study contributes to this positive agenda by exploring the ways in which communities (and the key actors) in Ghana contribute to child trafficking interventions.The study objective is explored through in-depth interviews with practitioners (including social workers) from an organization working in trafficking hotspots in Ghana. Interviews wereanalyzed thematically with the help of HyperRESEARCH software. From the in-depth interviews, three themes were identified as the ways in which communities are involved in child trafficking interventions: 1) engagement of community leaders, 2) community-led anti-trafficking committees and 3) knowledge about trafficking. Albeit the cultural differences, evidence on the instrumental role of community chiefs and leaders provide important learning on how to harness trafficking intervention measures and ensure better child protection practices. Based on the findings, we recommend the need to intensify trafficking awareness campaigns in rural communities where education is lacking to contribute to United Nations (UN) promoting Just, Peaceful and Inclusive societies’ mandate.

Keywords: child trafficking, community interventions, knowledge on trafficking, human trafficking intervention

Procedia PDF Downloads 114

Authors: Lauren Provost

Abstract:

The digital world remains increasingly vulnerable, making the development of effective cybersecurity approaches even more critical in supporting the success of the digital economy and national security. Although approaches to cybersecurity have shifted and improved in the last decade with new models, especially with cloud computing and mobility, a record number of high severity vulnerabilities were recorded in the National Institute of Standards and Technology (NIST), and its National Vulnerability Database (NVD) in 2020. This is due, in part, to the increasing complexity of cyber ecosystems. Security must be approached with a more comprehensive, multi-tool strategy that addresses the complexity of cyber ecosystems, including the human factor. Ethical hacking has emerged as such an approach: a more effective, multi-strategy, comprehensive approach to cyber security's most pressing needs, especially understanding the human factor. Research on ethical hacking, however, is limited in scope. The two main objectives of this work are to (1) provide highlights of case studies in ethical hacking, (2) provide a conceptual framework for research in ethical hacking that embraces and addresses both technical and nontechnical security measures. Recommendations include an improved conceptual framework for research centered on ethical hacking that addresses many factors and attributes of significant attacks that threaten computer security; a more robust, integrative multi-layered framework embracing the complexity of cybersecurity ecosystems.

Keywords: ethical hacking, literature review, penetration testing, social engineering

Procedia PDF Downloads 217

Authors: Neha Ahirwar

Abstract:

In the contemporary digital era, the rise of credit card fraud poses a significant threat to both financial institutions and consumers. As fraudulent activities become more sophisticated, there is an escalating demand for robust and effective fraud detection mechanisms. Advanced machine learning algorithms have become crucial tools in addressing this challenge. This paper conducts a thorough examination of the design and evaluation of a credit card fraud detection system, utilizing four prominent machine learning algorithms: random forest, logistic regression, decision tree, and XGBoost. The surge in digital transactions has opened avenues for fraudsters to exploit vulnerabilities within payment systems. Consequently, there is an urgent need for proactive and adaptable fraud detection systems. This study addresses this imperative by exploring the efficacy of machine learning algorithms in identifying fraudulent credit card transactions. The selection of random forest, logistic regression, decision tree, and XGBoost for scrutiny in this study is based on their documented effectiveness in diverse domains, particularly in credit card fraud detection. These algorithms are renowned for their capability to model intricate patterns and provide accurate predictions. Each algorithm is implemented and evaluated for its performance in a controlled environment, utilizing a diverse dataset comprising both genuine and fraudulent credit card transactions.

Keywords: efficient credit card fraud detection, random forest, logistic regression, XGBoost, decision tree

Procedia PDF Downloads 64

Authors: Bagul Abhijeet

Abstract:

Background: Client-Server model is the backbone of today’s internet communication. In which normal user can not have control over particular website or server? By using the same processing model one can have unauthorized access to particular server. In this paper, we discussed about application scenario of hacking for simple website or server consist of unauthorized way to access the server database. This application emerges to autonomously take direct access of simple website or server and retrieve all essential information maintain by administrator. In this system, IP address of server given as input to retrieve user-id and password of server. This leads to breaking administrative security of server and acquires the control of server database. Whereas virus helps to escape from server security by crashing the whole server. Objective: To control malicious attack and preventing all government website, and also find out illegal work to do hackers activity. Results: After implementing different hacking as well as non-hacking techniques, this system hacks simple web sites with normal security credentials. It provides access to server database and allow attacker to perform database operations from client machine. Above Figure shows the experimental result of this application upon different servers and provides satisfactory results as required. Conclusion: In this paper, we have presented a to view to hack the server which include some hacking as well as non-hacking methods. These algorithms and methods provide efficient way to hack server database. By breaking the network security allow to introduce new and better security framework. The terms “Hacking” not only consider for its illegal activities but also it should be use for strengthen our global network.

Keywords: Hacking, Vulnerabilities, Dummy request, Virus, Server monitoring

Procedia PDF Downloads 250

Authors: Mayank Mundhra, Chester Rebeiro

Abstract:

Cryptocurrencies are rapidly finding wide application in areas such as Real Time Gross Settlements and Payments Systems. Ripple is a cryptocurrency that has gained prominence with banks and payment providers. It solves the Byzantine General’s Problem with its Ripple Protocol Consensus Algorithm (RPCA), where each server maintains a list of servers, called Unique Node List (UNL) that represents the network for the server, and will not collectively defraud it. The server believes that the network has come to a consensus when members of the UNL come to a consensus on a transaction. In this paper we improve Ripple to achieve better speed, security, last mile connectivity and ease of use. We implement guidelines and automated systems for building and maintaining UNLs for resilience, robustness, improved security, and efficient information propagation. We enhance the system so as to ensure that each server receives information from across the whole network rather than just from the UNL members. We also introduce the paradigm of UNL overlap as a function of information propagation and the trust a server assigns to its own UNL. Our design not only reduces vulnerabilities such as eclipse attacks, but also makes it easier to identify malicious behaviour and entities attempting to fraudulently Double Spend or stall the system. We provide experimental evidence of the benefits of our approach over the current Ripple scheme. We observe ≥ 4.97x and 98.22x in speedup and success rate for information propagation respectively, and ≥ 3.16x and 51.70x in speedup and success rate in consensus.

Keywords: Ripple, Kelips, unique node list, consensus, information propagation

Procedia PDF Downloads 144

Authors: A. V. Popa, C. Barna, V. Mihalache

Abstract:

Being the largest port at the Black Sea and functioning as a civil and military nodal point between Europe and Asia, Constantza Port has become a potential target on the terrorist international agenda. The authors use qualitative research based on both face-to-face and online semi-structured interviews with relevant stakeholders (top decision-makers in the Romanian Naval Authority, Romanian Maritime Training Centre, National Company "Maritime Ports Administration" and military staff) in order to detect potential vulnerabilities which might be exploited by terrorists in the case of Constantza Port. Likewise, this will enable bringing together the experts’ opinions on potential mitigation measures. Subsequently, this paper formulates various counter-terrorism policies to enhance the robustness of Constantza Port under potential terror attacks and connects them with the attributions in the field of critical infrastructure protection conferred by the law to the lead national authority for preventing and countering terrorism, namely the Romanian Intelligence Service. Extending the national counterterrorism efforts to an international level, the authors propose the establishment – among the experts of the NATO member states of the Wider Black Sea Region – of a platform for the exchange of know-how and best practices in the field of critical infrastructure protection.

Keywords: Constantza Port, counter-terrorism policies, critical infrastructure protection, security, Wider Black Sea Region

Procedia PDF Downloads 294

Authors: Karolin Bauer, Anna Brinkmann

Abstract:

Vulnerabilities in critical infrastructure can cause significant difficulties for the affected population during crises. Securing the food supply as part of the critical infrastructure in crisis situations is an essential part of public services and a ground stone for a successful concept of civil protection. In most industrialized countries, there are currently no comparative studies regarding the food supply of the population during crisis and disaster events. In order to mitigate the potential impact in case of major disasters in Germany, it is absolutely necessary to investigate how the food supply can be secured. The research project aims to provide in-depth research on the experiences gathered during past large-scale disasters in the 34 OECD member countries in order to discover alternatives for an updated civil protection system in Germany. The basic research question is: "Which international approaches and structures of civil protection have been proven and would be useful to modernize the German civil protection with regards to the critical infrastructure and food supply?" Research findings should be extracted from an extensive literature review covering the entire research period as well as from personal and online-based interviews with experts and responsible persons from involved institutions. The capability of the research project insists on the deliberate choice to investigate previous large-scale disasters to formulate important and practical approaches to modernize civil protection in Germany.

Keywords: food supply, vulnerabilty, critical infratstructure, large-scale disaster

Procedia PDF Downloads 335

Authors: Neha Gupta

Abstract:

Landslide vulnerability is considered as the crucial parameter for the assessment of landslide risk. The term vulnerability defined as the damage or degree of elements at risk of different dimensions, i.e., physical, social, economic, and environmental dimensions. Himalaya region is very prone to multi-hazard such as floods, forest fires, earthquakes, and landslides. With the increases in fatalities rates, loss of infrastructure, and economy due to landslide in the Himalaya region, leads to the assessment of vulnerability. In this study, a methodology to measure the combination of vulnerability dimension, i.e., social vulnerability, physical vulnerability, and environmental vulnerability in one framework. A combined result of these vulnerabilities has rarely been carried out. But no such approach was applied in the Indian Scenario. The methodology was applied in an area of east Sikkim Himalaya, India. The physical vulnerability comprises of building footprint layer extracted from remote sensing data and Google Earth imaginary. The social vulnerability was assessed by using population density based on land use. The land use map was derived from a high-resolution satellite image, and for environment vulnerability assessment NDVI, forest, agriculture land, distance from the river were assessed from remote sensing and DEM. The classes of social vulnerability, physical vulnerability, and environment vulnerability were normalized at the scale of 0 (no loss) to 1 (loss) to get the homogenous dataset. Then the Multi-Criteria Analysis (MCA) was used to assign individual weights to each dimension and then integrate it into one frame. The final vulnerability was further classified into four classes from very low to very high.

Keywords: landslide, multi-criteria analysis, MCA, physical vulnerability, social vulnerability

Procedia PDF Downloads 299

Authors: Esther Chiramal, Kelvin Soh Boon Kai

Abstract:

Explainable AI is a strong strategy implemented to understand complex black-box model predictions in a human-interpretable language. It provides the evidence required to execute the use of trustworthy and reliable AI systems. On the other hand, however, it also opens the door to locating possible vulnerabilities in an AI model. Traditional adversarial text attack uses word substitution, data augmentation techniques, and gradient-based attacks on powerful pre-trained Bidirectional Encoder Representations from Transformers (BERT) variants to generate adversarial sentences. These attacks are generally white-box in nature and not practical as they can be easily detected by humans e.g., Changing the word from “Poor” to “Rich”. We proposed a simple yet effective Grey-box cum Black-box approach that does not require the knowledge of the model while using a set of surrogate Transformer/BERT models to perform the attack using Explainable AI techniques. As Transformers are the current state-of-the-art models for almost all Natural Language Processing (NLP) tasks, an attack generated from BERT1 is transferable to BERT2. This transferability is made possible due to the attention mechanism in the transformer that allows the model to capture long-range dependencies in a sequence. Using the power of BERT generalisation via attention, we attempt to exploit how transformers learn by attacking a few surrogate transformer variants which are all based on a different architecture. We demonstrate that this approach is highly effective to generate semantically good sentences by changing as little as one word that is not detectable by humans while still fooling other BERT models.

Keywords: BERT, explainable AI, Grey-box text attack, transformer

Procedia PDF Downloads 134

Authors: Maria Elisa B. Manuel

Abstract:

The Philippine housing sector is bracing challenges with the massive housing backlog and the adamant cycle of relocation, resettlement and returns to the cities of informal settler families due to the vast inaccessibility of necessities and opportunities in the past off-city housing projects. Bistekville 2 has been established as a model socialized housing project by utilizing government partnerships with private developers and individuals in the first in-city and onsite resettlement effort in the country. The study looked into the resilience of the residents to idiosyncratic economic shocks by analyzing their vulnerabilities, assets and coping strategies. The study formulated an economic resilience framework to identify how these factors that interact to build the household’s capacity to positively adapt to sudden expenses in their households. The framework is supplemented with a scale that presents the proximity of the household to resilience by identifying through its indicators whether the households are in the level of subsistence, coping, adaptive or transformative. Survey interviews were conducted with 91 households from Bistekville 2 on the components that have been identified by the framework that was processed with qualitative and quantitative processes. The study has found that the households are highly vulnerable due to their family composition and other conditions such as unhealthy loans, inconsistent amortization payment. Along with their high vulnerability, the households have inadequate strategies to anticipate shocks and primarily react to the shock. This has led to the conclusion that the households do not reflect resilience to idiosyncratic economic shocks and are still at the level of coping.

Keywords: idiosyncratic economic shocks, socialized housing, economic resilience, economic vulnerability, adaptive capacity

Procedia PDF Downloads 150

Authors: Hamsini Pulugurtha, V.S. Lakshmi Jagadmaba Paluri

Abstract:

Distributed denial of service attack (DDoS) is one altogether the top-rated cyber threats presently. It runs down the victim server resources like a system of measurement and buffer size by obstructing the server to supply resources to legitimate shoppers. Throughout this text, we tend to tend to propose a mathematical model of DDoS attack; we discuss its relevancy to the choices like inter-arrival time or rate of arrival of the assault customers accessing the server. We tend to tend to further analyze the attack model in context to the exhausting system of measurement and buffer size of the victim server. The projected technique uses an associate in nursing unattended learning technique, self-organizing map, to make the clusters of identical choices. Lastly, the abstract applies mathematical correlation and so the standard likelihood distribution on the clusters and analyses their behaviors to look at a DDoS attack. These systems not exclusively interconnect very little devices exchanging personal data, but to boot essential infrastructures news standing of nuclear facilities. Although this interconnection brings many edges and blessings, it to boot creates new vulnerabilities and threats which might be conversant in mount attacks. In such sophisticated interconnected systems, the power to look at attacks as early as accomplishable is of paramount importance.

Keywords: application attack, bandwidth, buffer correlation, DDoS distribution flooding intrusion layer, normal prevention probability size

Procedia PDF Downloads 223

Authors: Wai M. Shum

Abstract:

There was evidence that the change of marital quality satisfaction was related to the different stages of the family life cycle. Research studies have been largely based on western contexts, which found a curvilinear U-shaped trend in changes of marital satisfaction over the course of a marriage, but little is known about the marital experiences of Hong Kong couples. Through in-depth interviews, this qualitative study explored the marital relationship of middle-aged couples in a satisfying marriage and to identify how couples maintain a satisfying relationship in the local context. Findings from this study suggested twelve themes with some showing consistency with previous literature, such as communication, companionship, trust, and fidelity. The affective aspects of empathetic understanding and perceived empathy were found to have an enormous effect on couples’ bondedness. The high level of differentiation and security served as a basis for unconditional contribution, acceptance, and adjustment to unsolvable issues such that negative emotion would not be escalated. The manifestations of intimacy and commitment in the triangular theory of love were more frequently addressed than passion in striving for marital longevity in the local context. This study challenged the curvilinear trend of marital satisfaction throughout marriage, with couples showing different pathways of marital satisfaction. The study gave insights on martial enrichment, such as facilitating couples to disclose their vulnerabilities, desire for physical intimacy, and passion in the pursuit of enduring marriage instead of an emphasis on skills training on communication and conflict resolution.

Keywords: intimacy, marital relationship, marital satisfaction, middle-aged

Procedia PDF Downloads 113

Authors: Jessica Lynne Hicksted

Abstract:

Disability discrimination is a long-standing issue that, despite protections, continues to result in unemployment, underemployment, and lack of advancement for disabled persons. Visible stigma is researched substantially; however, less is known about the impact of stigma associated with identities that can be concealed. Although researchers have investigated this issue, currently there is no tool to measure this phenomenon. The purpose of this quantitative study was to create and validate a new tool to measure stigma associated with invisible disabilities. The study is grounded by Roberts’ conceptual model of professional image construction integrating social identity, impression management, and organizational behavior; Meisenbach’s stigma management communication theory addressing the vulnerabilities and resilience to stigma communication by focusing on how individuals encounter and react to perceived stigmas; and Kelley and Michela’s causal attribution theory. Participants included 1,412 adults in the United States 18 years or older currently employed or who have been employed within the last 5 years. Confirmatory factor analysis of the new Workplace Invisible Disabilities Experience scale showed excellent fit of the factor structure to the data, X₂/df = 1.855, CFI = .955, RMSEA = .045, p = .0001. The scale has three subscales, Ableism, Advocacy, and Acceptance, with excellent internal consistency reliability. Total score, Advocacy, and Acceptance were associated with intention to disclose. Implications for positive social change include helping organizations to understand the extent of invisible disability stigma that can help improve workplace performance and satisfaction.

Keywords: invisible disabilities, accommodations, acceptance, social change, workplace inclusion

Procedia PDF Downloads 68

Authors: Ma Yuzhe, Burra Venkata Durga Kumar

Abstract:

The computer is a great invention. As people use computers more and more frequently, the demand for PCs is growing, and the performance of computer hardware is also rising to face more complex processing and operation. However, the operating system, which provides the soul for computers, has stopped developing at a stage. In the face of the high price of UNIX (Uniplexed Information and Computering System), batch after batch of personal computer owners can only give up. Disk Operating System is too simple and difficult to bring innovation into play, which is not a good choice. And MacOS is a special operating system for Apple computers, and it can not be widely used on personal computers. In this environment, Linux, based on the UNIX system, was born. Linux combines the advantages of the operating system and is composed of many microkernels, which is relatively powerful in the core architecture. Linux system supports all Internet protocols, so it has very good network functions. Linux supports multiple users. Each user has no influence on their own files. Linux can also multitask and run different programs independently at the same time. Linux is a completely open source operating system. Users can obtain and modify the source code for free. Because of these advantages of Linux, it has also attracted a large number of users and programmers. The Linux system is also constantly upgraded and improved. It has also issued many different versions, which are suitable for community use and commercial use. Linux system has good security because it relies on a file partition system. However, due to the constant updating of vulnerabilities and hazards, the using security of the operating system also needs to be paid more attention to. This article will focus on the analysis and discussion of Linux security issues.

Keywords: Linux, operating system, system management, security

Procedia PDF Downloads 107

Authors: Gaurav Kumar Sinha

Abstract:

The oil and gas industry is a critical component of the global economy, relying heavily on industrial control systems (ICS) to manage and monitor operations. However, these systems are increasingly becoming targets for cyber-attacks, posing significant risks to operational continuity, safety, and environmental integrity. This paper explores comprehensive cybersecurity strategies for protecting oil and gas industrial control systems. It delves into the unique vulnerabilities of ICS in this sector, including outdated legacy systems, integration with IT networks, and the increased connectivity brought by the Industrial Internet of Things (IIoT). We propose a multi-layered defense approach that includes the implementation of robust network security protocols, regular system updates and patch management, advanced threat detection and response mechanisms, and stringent access control measures. We illustrate the effectiveness of these strategies in mitigating cyber risks and ensuring the resilient and secure operation of oil and gas industrial control systems. The findings underscore the necessity for a proactive and adaptive cybersecurity framework to safeguard critical infrastructure in the face of evolving cyber threats.

Keywords: cybersecurity, industrial control systems, oil and gas, cyber-attacks, network security, IoT, threat detection, system updates, patch management, access control, cybersecurity awareness, critical infrastructure, resilience, cyber threats, legacy systems, IT integration, multi-layered defense, operational continuity, safety, environmental integrity

Procedia PDF Downloads 41

Authors: Anju Batta Sehgal

Abstract:

Climate change is a major challenge in terms of agriculture, food security and rural livelihood for thousands of people especially the poor in Himachal, which falls in North-Western Himalayas. Agriculture contributes over 45 per cent to net state domestic product. It is the main source of income and employment. Over 93 per cent of population is dependent on agriculture which provides direct employment to 71 percent of its people. Area of operation holding is about 9,79 lakh hectares owned by 9.14 lakh farmers. About 80 per cent area is rain-fed and farmers depend on weather gods for rains. Region is a home of diverse ethnic communities having enormous socio-economic and cultural diversities, gifted with range of farming systems and rich resource wealth, including biodiversity, hot spots and ecosystems sustaining millions of people living in the region. But growing demands of ecosystem goods and services are posing threats to natural resources. Climate change is already making adverse impact on the indigenous people. The rural populace is directly dependent for all its food, shelter and other needs on the climate. Our aim should be to shift the focus to indigenous people as primary actors in terms of global climate change monitoring, adaptations and innovations. Objective of this paper is to identify the climate change related threats and vulnerabilities associated with agriculture as a sector and agriculture as people’s livelihood. Broadly it analyses the connections between the nature and rural consumers the ethnic groups.

Keywords: climate change, agriculture, indigenous people, Himachal Pradesh

Procedia PDF Downloads 271

Authors: Ali El Ksimi

Abstract:

In today's digital academic environment, secure authentication methods are essential for managing sensitive user data, including that of students and faculty. The rise in cyber threats and data breaches has exposed the vulnerabilities of traditional authentication systems used in universities. Passwords, often the first line of defense, are particularly susceptible to hacking, phishing, and brute-force attacks. While multi-factor authentication (MFA) provides an additional layer of security, it can still be compromised and often adds complexity and inconvenience for users. As universities seek more robust security measures, blockchain technology emerges as a promising solution. Renowned for its decentralization, immutability, and transparency, blockchain has the potential to transform how user management is conducted in academic institutions. In this article, we explore a system that leverages blockchain technology specifically for managing user accounts within a university setting. The system enables the secure creation and management of accounts for different roles, such as administrators, teachers, and students. Each user is authenticated through a decentralized application (DApp) that ensures their data is securely stored and managed on the blockchain. By eliminating single points of failure and utilizing cryptographic techniques, the system enhances the security and integrity of user management processes. We will delve into the technical architecture, security benefits, and implementation considerations of this approach. By integrating blockchain into user management, we aim to address the limitations of traditional systems and pave the way for the future of digital security in education.

Keywords: blockchain, university, authentication, decentralization, cybersecurity, user management, privacy

Procedia PDF Downloads 22

Authors: Lucy Ampaw-Asiedu, Terri R. Norton

Abstract:

In the wake of recent disasters happening around the world such as earthquake in Italy (January, 2017); hurricanes in the United States (US) (September 2016 and September 2017); and compounding disasters in Haiti (September 2010 and September 2016); to our best knowledge, never has the world seen the need to work on preemptive rather than reactionary measures to salvage this situation than now. Tornadoes are natural hazards that mostly affect mid-western and central states in the US. Tornadoes, like all natural hazards such as hurricanes, earthquakes, floods and others, are very destructive and result in massive destruction to homes, cause billions of dollars in damage and claims many lives. Healthcare facilities in general are vulnerable to disasters, and therefore, the safety of patients, health workers and those who come in to seek shelter should be a priority. The focus of this study is to assess disaster management measures instituted by healthcare facilities. Thus, the sole aim of the study is to examine the vulnerabilities and the design of safe spaces in healthcare facilities in Central US. Objectives that guide the study are to primarily identify the impacts of tornadoes in hospitals and to assess the structural design or specifications of safe spaces. St. John’s Regional Medical Center, now Mercy Hospital in Joplin, is used as a case study. Preliminary results show that the lateral base shear of the proposed design to be 684.24 ton (1508.49kip) for the safe space. Findings from this work will be used to make recommendations about the design of safe spaces for health care facilities in Central US.

Keywords: disaster management, safe spaces, structural design, tornado, vulnerability

Procedia PDF Downloads 213

Authors: Ellen Lagast, Melissa Ceuterick, Mark Leys

Abstract:

Although adolescence is a stressful period with an increased risk for mental illnesses such as anxiety and depression, little in-depth knowledge is available on the determinants of the use of psychotropic drugs (BZD/SSRIs) and the effects. A qualitative research with adolescents in Flanders was performed. Based on indepth interviews, the interviewees indicate feelings of ambiguity towards their medication use because on the one hand the medication helps to manage their mental vulnerability and disrupted lives, but on the other hand they experience a loss of control of their self and their environment. Undesired side-effects and stigma led to a negative pharmaceutical self. The interviewed youngsters also express dissatisfaction about the prescription behavior with regard to psychotropic drugs of their general practitioner (GP). They wished to have received more information about alternative non-pharmaceutical treatment options. Notwithstanding these comments, the majority of the interviewees maintained trust in their GP to act in their best interest. This paper will relate the prescription behavior in primary care to the organization of mental health care to better understand the “phamaceuticalization” and medicalization of mental health problems in Belgium. Belgium implemented fundamental mental health care reforms to collaborate, to integrate care and to optimize continuity of care. Children and adolescents still are confronted with long waiting lists to access (non-medicalized) mental health services. This access to mental health care partly explains general practitioners’ prescription behavior of psychotropics. Moreover, multidisciplinary practices have not pervaded primary health care yet. Medicalization and pharmaceuticalization of mental health vulnerabilities of youth are both a structural and cultural problem.

Keywords: adolescents, antidepressants, benzodiazepines, mental health system, psychotropic drugs

Procedia PDF Downloads 99

Authors: Polychronis Kapalidis

Abstract:

In recent years, researchers have started to turn their attention to cyber security and maritime security independently, neglecting, in most cases, to examine the areas where these two critical issues are intertwined. The impact of cybersecurity issues on the maritime economy is emerging dramatically. Maritime transport and all related activities are conducted by technology-intensive platforms, which today rely heavily on information systems. The paper’s argument is that when no defense is completely effective against cyber attacks, it is vital to test responses to the inevitable incursions. Hence, preparedness in the form of testing existing cybersecurity structure via different tools for potential attacks is vital for minimizing risks. Traditional criminal activities may further be facilitated and evolved through the misuse of cyberspace. Kidnap, piracy, fraud, theft of cargo and imposition of ransomware are the major of these activities that mainly target the industry’s most valuable asset; the ship. The paper, adopting a case-study analysis, based on stakeholder consultation and secondary data analysis, namely policy and strategic-related documentation, presents the importance of holistic testing in the sector. Arguing that poor understanding of the issue leads to the adoption of ineffective policies the paper will present the level of awareness within the industry and assess the risks and vulnerabilities of ships to these cybercriminal activities. It will conclude by suggesting that testing procedures must be focused on three main pillars within the maritime transport sector: the human factor, the infrastructure, and the procedures.

Keywords: cybercrime, cybersecurity, organized crime, risk mitigation

Procedia PDF Downloads 156

Authors: Reet Bishnoi

Abstract:

Climate change poses a pressing global challenge, with far-reaching consequences for the planet's ecosystems and biodiversity. This abstract introduces the research topic, "Assessing the Impact of Climate Change on Biodiversity Hotspots: A Multidisciplinary Study," which delves into the intricate relationship between climate change and biodiversity in the world's most ecologically diverse regions. Biodiversity hotspots, characterized by their exceptionally high species richness and endemism, are under increasing threat due to rising global temperatures, altered precipitation patterns, and other climate-related factors. This research employs a multidisciplinary approach, incorporating ecological, climatological, and conservationist methodologies to comprehensively analyze the effects of climate change on these vital regions. Through a combination of field research, climate modelling, and ecological assessments, this study aims to elucidate the vulnerabilities of biodiversity hotspots and understand how changes in temperature and precipitation are affecting the diverse species and ecosystems that inhabit these areas. The research seeks to identify potential tipping points, assess the resilience of native species, and propose conservation strategies that can mitigate the adverse impacts of climate change on these critical regions. By illuminating the complex interplay between climate change and biodiversity hotspots, this research not only contributes to our scientific understanding of these issues but also informs policymakers, conservationists, and the public about the urgent need for coordinated efforts to safeguard our planet's ecological treasures. The outcomes of this multidisciplinary study are expected to play a pivotal role in shaping future climate policies and conservation practices, emphasizing the importance of protecting biodiversity hotspots for the well-being of the planet and future generations.

Keywords: climate change, biodiversity hotspots, ecological diversity, conservation, multidisciplinary study

Procedia PDF Downloads 74

Authors: Krish Batra

Abstract:

The advent of open banking has revolutionized the financial services industry by fostering innovation, enhancing customer experience, and promoting competition. However, this paradigm shift towards more open and interconnected banking ecosystems has introduced complex cybersecurity challenges. This research paper delves into the multifaceted cybersecurity landscape of open banking, highlighting the vulnerabilities and threats inherent in sharing financial data across a network of banks and third-party providers. Through a detailed analysis of recent data breaches, phishing attacks, and other cyber incidents, the paper assesses the current state of cybersecurity within the open banking framework. It examines the effectiveness of existing security measures, such as encryption, API security protocols, and authentication mechanisms, in protecting sensitive financial information. Furthermore, the paper explores the regulatory response to these challenges, including the implementation of standards such as PSD2 in Europe and similar initiatives globally. By identifying gaps in current cybersecurity practices, the research aims to propose a set of robust, forward-looking strategies that can enhance the security and resilience of open banking systems. This includes recommendations for banks, third-party providers, regulators, and consumers on how to mitigate risks and ensure a secure open banking environment. The ultimate goal is to provide stakeholders with a comprehensive understanding of the cybersecurity implications of open banking and to outline actionable steps for safeguarding the financial ecosystem in an increasingly interconnected world.

Keywords: open banking, financial services industry, cybersecurity challenges, data breaches, phishing attacks, encryption, API security protocols, authentication mechanisms, regulatory response, PSD2, cybersecurity practices

Procedia PDF Downloads 58

Authors: Sila K. Sari, Betty J.L. Laglbauer, Muhammad G. Salim, Irianies C. Gozali, Iqbal Herwata, Fahmi Fahmi, Selvia Oktaviyani, Isabel Ender, Sarah Lewis, Abraham Sianipar, Mark Erdmann

Abstract:

Taking strides towards the sustainable use of marine stocks requires science-based management of target fish populations and reduction of bycatch in non-selective fisheries. Among elasmobranchs, mobulid rays are faced with high extinction risk due to intrinsic vulnerability to fishing and their conservation has been recognized as a strong priority both in Indonesia and worldwide. Despite their common vulnerabilities to fishing pressure due to slow growth, late maturation and low fecundity, only manta rays, but not devil rays, are protected in Indonesian waters. However, both manta and devil rays are captured in non-selective fisheries, in particular drift gillnets, since their habitat overlaps with fishing grounds for primary target species (e.g. marlin, swordfish and bullet tuna off the coast of Muncar). For this reason, mobulid populations are being heavily impacted, and while national-level protections are crucial to help conservation, they may not suffice alone to insure populations sustainability. In order to assess the potential of applying live-release management measures to conserve mobulids captured as bycatch in drift gillnets, we deployed pop-up survival archival transmitters to assess post-release mortality in Indonesian mobulid rays. We also assessed which fishing practices, in particular, soak duration, affected post-release mortality in order to draw relevant conclusions for management.

Keywords: Mobulid, Devil ray, Manta ray, Bycatch

Procedia PDF Downloads 170

Authors: Falak Nawaz

Abstract:

The Climate Change Vulnerability and Capacity Assessment carried out in the coastal regions of Thatta and Malir districts underscore the potential risks and challenges associated with climate change affecting water resources. This study was conducted by the author using participatory rural appraisal tools, with a greater focus on conducting focus group discussions, direct observations, key informant interviews, and other PRA tools. The assessment delves into the specific impacts of climate change along the coastal belt, concentrating on aspects such as rising sea levels, depletion of freshwater, alterations in precipitation patterns, fluctuations in water table levels, and the intrusion of saltwater into rivers. These factors have significant consequences for the availability and quality of water resources in coastal areas, manifesting in frequent migration and alterations in agriculture-based livelihood practices. Furthermore, the assessment assesses the adaptive capacity of communities and organizations in these coastal regions to effectively confront and alleviate the effects of climate change on water resources. It considers various measures, including infrastructure enhancements, water management practices, adjustments in agricultural approaches, and disaster preparedness, aiming to bolster adaptive capacity. The study's findings emphasize the necessity for prompt actions to address identified vulnerabilities and fortify the adaptive capacities of Sindh's coastal areas. This calls for comprehensive strategies and policies promoting sustainable water resource management, integrating climate change considerations, and providing essential resources and support to vulnerable communities.

Keywords: climate, climate change adaptation, disaster reselience, vulnerability, capacity, assessment

Procedia PDF Downloads 57