Search results for: cyber attacks

Authors: Aanshika Puri, Sakshi Mehrotra

Abstract:

Technology has always been a double edged sword. The constant rut of updating oneself to a better and newer version is the new norm. ‘Being Online’ is the latest addition to one’s everyday routine. Availability of various social online platforms being served on a platter topped with easy and cheap access to the internet makes it simple and doable for people of all social backgrounds. Interestingly, in India, a recent development is the line of demarcation between people from varied backgrounds, doing the vanishing act. One finds everybody on at least one, if not more, social platforms in a desire to stay connected. For instance, this ranges from sending a ‘WhatsApp’ message to a vegetable vendor for ordering your daily needs to vendors and small entrepreneurs. Even a rickshaw puller now has access to a mobile phone, an internet connection and apps/ platforms to stay connected. Recent observations show the extent to which everyone is hooked on to their mobile phones/ tabs/ laptops/ etc. Young mothers use them to distract their children and keep them busy while they finish the task at hand. Exposure to this part of the technology at such a tender age requires responsible and careful handling. Talking of adolescents, their self- image depends on their online social image to a large extent. There is a desire to be liked and accepted by the peer group at all times. Cyber-bullying is a by-product of the 24/7 availability of these resources. There is enough research-based evidence to prove the psychosocial and emotional impact on the development and well-being of the victim. The present paper attempts to understand the dynamics of cyber bullying vis-à-vis the developmental and mental health issues faced by the bully.

Keywords: Developmental Psychology, Empathy & Resilience Based Interventions, Mental Well-Being of Cyber Bully, Positive Psychology

Procedia PDF Downloads 234

Authors: Doaa Wael, Naswa Abdelbaky

Abstract:

Malware is malicious software that is built to cause destructive actions and damage information systems and networks. Malware infections increase rapidly, and types of malware have become more sophisticated, which makes the malware detection process more difficult. On the other side, the Internet of Things IoT technology is vulnerable to malware attacks. These IoT devices are always connected to the internet and lack security. This makes them easy for hackers to access. These malware attacks are becoming the go-to attack for hackers. Thus, in order to deal with this challenge, new malware detection techniques are needed. Currently, building a blockchain solution that allows IoT devices to download any file from the internet and to verify/approve whether it is malicious or not is the need of the hour. In recent years, blockchain technology has stood as a solution to everything due to its features like decentralization, persistence, and anonymity. Moreover, using blockchain technology overcomes some difficulties in malware detection and improves the malware detection ratio over-than the techniques that do not utilize blockchain technology. In this paper, we study malware detection models which are based on blockchain technology. Furthermore, we elaborate on the effect of blockchain technology in malware detection, especially in the android environment.

Keywords: malware analysis, blockchain, malware attacks, malware detection approaches

Procedia PDF Downloads 52

Authors: Preston Nabors, Nasseh Tabrizi

Abstract:

Portable Document Format (PDF) files have gained significant popularity for sharing and distributing documents due to their universal compatibility. However, the widespread use of PDF files has made them attractive targets for cybercriminals, who exploit vulnerabilities to deliver malware and compromise the security of end-user systems. This paper reviews notable contributions in PDF malware detection, including static, dynamic, signature-based, and hybrid analysis. It presents a comprehensive examination of PDF malware detection techniques, focusing on the emerging threat of adversarial sampling and the need for robust defense mechanisms. The paper highlights the vulnerability of machine learning classifiers to evasion attacks. It explores adversarial sampling techniques in PDF malware detection to produce mimicry and reverse mimicry evasion attacks, which aim to bypass detection systems. Improvements for future research are identified, including accessible methods, applying adversarial sampling techniques to malicious payloads, evaluating other models, evaluating the importance of features to malware, implementing adversarial defense techniques, and conducting comprehensive examination across various scenarios. By addressing these opportunities, researchers can enhance PDF malware detection and develop more resilient defense mechanisms against adversarial attacks.

Keywords: adversarial attacks, adversarial defense, adversarial machine learning, intrusion detection, PDF malware, malware detection, malware detection evasion

Procedia PDF Downloads 21

Authors: Ersun N. Kurtulus

Abstract:

One of the strategic goals of left-wing terrorism, both in its Anarchist and Marxist-Leninist forms, was mobilization of masses as a first step in launching a revolution. However, in the canonical texts of left-wing terrorist literature (such as the works of Brousse, Nachaev, Bakunin, Kropotkin, Most, Heinzen, Guevara and Marighella) it is not clear how resort to terrorist tactics such as assassinations or bomb attacks will lead to mobilization of masses. This link is usually presumed and taken for granted. However, in other, less known terrorist texts, where there is some elaboration upon this link, two conflicting views emerge: (i) terrorist attacks are supposed to cause state repression which in turn radicalizes masses and opens up the way for recruitment and mobilization versus (ii) terrorist attacks are supposed to demonstrate the hollowness of the already existent state repression and thereby encourage mobilization of masses that are already radicalized but inactive due fear caused by state repression. The paper argues that terrorism studies have largely overemphasized the former while the latter has remained more or less unnoticed.

Keywords: terrorism, repression, radical left, mobilization of masses

Procedia PDF Downloads 207

Authors: Babak Pourghahramani

Abstract:

One of the modern crimes against property and ownership in the cyber-space is the computer fraud. Despite being modern, the aforementioned crime has its roots in the principles of religious jurisprudence. In some cases, this crime is compatible with the traditional regulations and that is when the computer is considered as a crime commitment device and also some computer frauds that take place in the context of electronic exchanges are considered as crime based on the E-commerce Law (approved in 2003) but the aforementioned regulations are flawed and until recent years there was no comprehensive law in this regard; yet after some years the Computer Crime Act was approved in 2009/26/5 and partly solved the problem of legal vacuum. The present study intends to investigate the computer fraud according to Iran's Computer Crime Act and by taking into consideration the international documents.

Keywords: fraud, cyber fraud, computer fraud, classic fraud, computer crime

Procedia PDF Downloads 309

Authors: S. B. Kumbalavati, J. D. Mallapur, K. Y. Bendigeri

Abstract:

A mobile Ad-hoc network (MANET) is a multihop wireless network where nodes communicate each other without any pre-deployed infrastructure. There is no central administrating unit. Hence, MANET is generally prone to many of the attacks. These attacks may alter, release or deny data. These attacks are nothing but intrusions. Intrusion is a set of actions that attempts to compromise integrity, confidentiality and availability of resources. A major issue in the design and operation of ad-hoc network is sharing the common spectrum or common channel bandwidth among all the nodes. We are performing intrusion detection using game theory approach. Game theory is a mathematical tool for analysing problems of competition and negotiation among the players in any field like marketing, e-commerce and networking. In this paper mathematical model is developed using game theory approach and intruders are detected and removed. Bandwidth utilization is estimated and comparison is made between bandwidth utilization with intrusion detection technique and without intrusion detection technique. Percentage of intruders and efficiency of the network is analysed.

Keywords: ad-hoc network, IDS, game theory, sensor networks

Procedia PDF Downloads 360

Authors: Manpreet Kaur, Amita Rani, Sanjay Kumar

Abstract:

The Internet of Things (IoT), a cyber-physical paradigm, allows a large number of devices to connect and send the sensory data in the network simultaneously. This tremendous amount of data generated leads to very high network load consequently resulting in network congestion. It further amounts to frequent loss of useful information and depletion of significant amount of nodes’ energy. Therefore, there is a need to control congestion in IoT so as to prolong network lifetime and improve the quality of service (QoS). Hence, we propose a two-level clustering based routing algorithm considering congestion score and packet priority metrics that focus on minimizing the network congestion. In the proposed Priority based Congestion Control (PBCC) protocol the sensor nodes in IoT network form clusters that reduces the amount of traffic and the nodes are prioritized to emphasize important data. Simultaneously, a congestion score determines the occurrence of congestion at a particular node. The proposed protocol outperforms the existing Packet Discard Network Clustering (PDNC) protocol in terms of buffer size, packet transmission range, network region and number of nodes, under various simulation scenarios.

Keywords: internet of things, cyber-physical systems, congestion control, priority, transmission rate

Procedia PDF Downloads 287

Authors: Joseph Udofia, Isaac Olufadewa

Abstract:

Everyday, the size of Electronic Health Records data keeps increasing as new patients visit health practitioner and returning patients fulfil their appointments. As these data grow, so is their susceptibility to cyber-attacks from criminals waiting to exploit this data. In the US, the damages for cyberattacks were estimated at $8 billion (2018), $11.5 billion (2019) and $20 billion (2021). These attacks usually involve the exposure of PII. Health data is considered PII, and its exposure carry significant impact. To this end, an enhancement of Health Policy and Standards in relation to data security, especially among patients and their clinical providers, is critical to ensure ethical practices, confidentiality, and trust in the healthcare system. As Clinical accelerators and applications that contain user data are used, it is expedient to have a review and revamp of policies like the Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act (HIPAA), the Fast Healthcare Interoperability Resources (FHIR), all aimed to ensure data protection and security in healthcare. FHIR caters for healthcare data interoperability, FHIR caters to healthcare data interoperability, as data is being shared across different systems from customers to health insurance and care providers. The astronomical cost of implementation has deterred players in the space from ensuring compliance, leading to susceptibility to data exfiltration and data loss on the security accuracy of protected health information (PHI). Though HIPAA hones in on the security accuracy of protected health information (PHI) and PCI DSS on the security of payment card data, they intersect with the shared goal of protecting sensitive information in line with industry standards. With advancements in tech and the emergence of new technology, it is necessary to revamp these policies to address the complexity and ambiguity, cost barrier, and ever-increasing threats in cyberspace. Healthcare data in the wrong hands is a recipe for disaster, and we must enhance its protection and security to protect the mental health of the current and future generations.

Keywords: cloud security, healthcare, cybersecurity, policy and standard

Procedia PDF Downloads 59

Authors: Johannes Günther

Abstract:

Time Sensitive Networking (TSN), standardized in the IEEE 802.1 standard, has been lent increasing attention in the context of mission critical systems. Such mission critical systems, e.g., in the automotive domain, aviation, industrial, and smart factory domain, are responsible for coordinating complex functionalities in real time. In many of these contexts, a reliable data exchange fulfilling hard time constraints and quality of service (QoS) conditions is of critical importance. TSN standards are able to provide guarantees for deterministic communication behaviour, which is in contrast to common best-effort approaches. Therefore, the superior QoS guarantees of TSN may aid in the development of new technologies, which rely on low latencies and specific bandwidth demands being fulfilled. TSN extends existing Ethernet protocols with numerous standards, providing means for synchronization, management, and overall real-time focussed capabilities. These additional QoS guarantees, as well as management mechanisms, lead to an increased attack surface for potential malicious attackers. As TSN guarantees certain deadlines for priority traffic, an attacker may degrade the QoS by delaying a packet beyond its deadline or even execute a denial of service (DoS) attack if the delays lead to packets being dropped. However, thus far, security concerns have not played a major role in the design of such standards. Thus, while TSN does provide valuable additional characteristics to existing common Ethernet protocols, it leads to new attack vectors on networks and allows for a range of potential attacks. One answer to these security risks is to deploy defense mechanisms according to a moving target defense (MTD) strategy. The core idea relies on the reduction of the attackers' knowledge about the network. Typically, mission-critical systems suffer from an asymmetric disadvantage. DoS or QoS-degradation attacks may be preceded by long periods of reconnaissance, during which the attacker may learn about the network topology, its characteristics, traffic patterns, priorities, bandwidth demands, periodic characteristics on links and switches, and so on. Here, we implemented and tested several MTD-like defense strategies against different attacker models of varying capabilities and budgets, as well as collaborative attacks of multiple attackers within a network, all within the context of TSN networks. We modelled the networks and tested our defense strategies on an OMNET++ testbench, with networks of different sizes and topologies, ranging from a couple dozen hosts and switches to significantly larger set-ups.

Keywords: network security, time sensitive networking, moving target defense, cyber security

Procedia PDF Downloads 49

Authors: M. Mansouri, P. Jaklitsch, E. Teiniker

Abstract:

SQL injection on web applications is a very popular kind of attack. There are mechanisms such as intrusion detection systems in order to detect this attack. These strategies often rely on techniques implemented at high layers of the application but do not consider the low level of system calls. The problem of only considering the high level perspective is that an attacker can circumvent the detection tools using certain techniques such as URL encoding. One technique currently used for detecting low-level attacks on privileged processes is the tracing of system calls. System calls act as a single gate to the Operating System (OS) kernel; they allow catching the critical data at an appropriate level of detail. Our basic assumption is that any type of application, be it a system service, utility program or Web application, “speaks” the language of system calls when having a conversation with the OS kernel. At this level we can see the actual attack while it is happening. We conduct an experiment in order to demonstrate the suitability of system call analysis for detecting SQL injection. We are able to detect the attack. Therefore we conclude that system calls are not only powerful in detecting low-level attacks but that they also enable us to detect high-level attacks such as SQL injection.

Keywords: Linux system calls, web attack detection, interception, SQL

Procedia PDF Downloads 330

Authors: Amirreza Fazely Hamedani, Muzzamil Aziz, Philipp Wieder, Ramin Yahyapour

Abstract:

Software-defined networking in recent years came into the sight of so many network designers as a successor to the traditional networking. Unlike traditional networks where control and data planes engage together within a single device in the network infrastructure such as switches and routers, the two planes are kept separated in software-defined networks (SDNs). All critical decisions about packet routing are made on the network controller, and the data level devices forward the packets based on these decisions. This type of network is vulnerable to DDoS attacks, degrading the overall functioning and performance of the network by continuously injecting the fake flows into it. This increases substantial burden on the controller side, and the result ultimately leads to the inaccessibility of the controller and the lack of network service to the legitimate users. Thus, the protection of this novel network architecture against denial of service attacks is essential. In the world of cybersecurity, attacks and new threats emerge every day. It is essential to have tools capable of managing and analyzing all this new information to detect possible attacks in real-time. These tools should provide a comprehensive solution to automatically detect, predict and prevent abnormalities in the network. Big data encompasses a wide range of studies, but it mainly refers to the massive amounts of structured and unstructured data that organizations deal with on a regular basis. On the other hand, it regards not only the volume of the data; but also that how data-driven information can be used to enhance decision-making processes, security, and the overall efficiency of a business. This paper presents an intelligent big data framework as a solution to handle illegitimate traffic burden on the SDN network created by the numerous DDoS attacks. The framework entails an efficient defence and monitoring mechanism against DDoS attacks by employing the state of the art machine learning techniques.

Keywords: apache spark, apache kafka, big data, DDoS attack, machine learning, SDN network

Procedia PDF Downloads 146

Authors: Jasmin H. Kwon , Thomas M. Brinthaupt

Abstract:

There is a general lack of consumer behavior research on seasonal shopping events. Studying these kinds of events is interesting and important for several reasons. First, global shopping opportunities have implications for cross-cultural shopping events and effects on seasonal events in other countries. Second, seasonal shopping events are subject to economic conditions and may wane in popularity, especially with e-commerce options. Third, retailers can expand the success of their seasonal shopping events by taking advantage of cross-cultural opportunities. Fourth, it is interesting to consider how consumers from other countries might take advantage of different countries’ seasonal shopping events. Many countries have seasonal shopping events such as Black Friday. Research on these kinds of events can lead to the identification of cross-cultural similarities and differences in consumer behavior. We compared shopping motivations of college students who did (n=36) and did not (n=81) shop on Cyber Monday. The results showed that the groups did not differ significantly on any of the shopping motivation subscales. The Cyber Monday shoppers reported being significantly more likely to agree than disagree that their online shopping experience was enjoyable and exciting. They were more likely to disagree than agree that their experience was overwhelming. In addition, they agreed that they shopped only for deals, purchased the exact items they wanted, and thought that their efforts were worth it. Finally, they intended to shop again at next year’s Cyber Monday. It appears that there are many positive aspects to online seasonal shopping, independent of one’s typical shopping motivations. Different countries have seasonal events similar to the Black Friday and Cyber Monday shopping holiday (e.g., Boxing Day, Fukubukuro, China’s Singles Day). In Korea, there is increasing interest in taking advantage of U.S. Black Friday and Cyber Monday opportunities. Government officials are interested in adapting the U.S. holiday to Korean retailers, essentially recreating the Black Friday/Cyber Monday holiday there. Similarly, the Japanese Fukubukuro ('Lucky Bag') holiday is being adapted by other countries such as Korea and the U.S. International shipping support companies are also emerging that help customers to identify and receive products from other countries. U.S. department stores also provide free shipping on international orders for certain items. As these structural changes are occurring and new options for global shopping emerge, the need to understand the role of shoppers’ motivations becomes even more important. For example, the Cyber Monday results are particularly relevant to the new landscape with e-commerce and cross-cultural opportunities, since many of these events involve e-commerce. Within today’s global market, physical location of a retail store is no longer a limitation to growing one’s market share. From a consumer perspective, it is important to investigate how shopping motivations are related to e-commerce seasonal events. From a retail perspective, understanding the shopping motivations of international customers would help retailers to expand and better tailor their seasonal shopping events beyond the boundaries of their own countries. From a collaborative perspective, research on this topic can include interdisciplinary researchers, including those from fashion merchandising, marketing, retailing, and psychology.

Keywords: Black Friday, cross-cultural research, Cyber Monday, seasonal shopping behavior

Procedia PDF Downloads 377

Authors: Sara Alshehri, Bayan Alenzi, Atheer Alshehri, Samia Chelloug, Zainab Almry, Hussah Albugmai

Abstract:

This paper concerns body area networks sensor that collect signals around a human body. The black hole attacks are the main security challenging problem because the data traffic can be dropped at any node. The focus of our proposed solution is to efficiently route data packets while detecting black hole nodes.

Keywords: body sensor networks, security, black hole, routing, broadcasting, OMNeT++

Procedia PDF Downloads 616

Authors: Sohni Siddiqui, Anja Schultze-Krumbholz

Abstract:

Our lives now revolve more around online-related tasks, as the internet has become a necessity. One of the disturbance concerns with high internet usage is the multiplication of cyber-associated risky behaviors such as cyber aggression and/or cyberbullying. Cyber Bullying is an emerging issue that needs immediate attention from many stakeholders such as parents, doctors, school administrators, policymakers, researchers, and others, especially in the COVID-19 pandemic when online learning has been adopted as an instructional strategy, and there is a continuous rise in cyberbullying cases. The aim of the article is to review existing successful and emerging interventions designed to control bullying and cyberbullying by engaging individuals through teachers’ professional development and adopting a whole-school approach. The study identified the strengths and limitations of the programs and suggested improvements to existing interventions. Preparing interventions with a strong theoretical framework, integrating applications of emerging theories in interventions, promoting proactive and reactive strategies in combination, beginning with the baseline needs assessment surveys, reducing digital time and digital divide among parents and children, promoting the concept of lead trainer, peer trainer, and hot spots, focusing on physical activities, use of landmarks are some of the recommendations proposed by authors. In addition to face-to-face intervention, the researchers recommend updating and improving previous intervention programs with games and apps. Especially in the time of pandemic crises, when face-to-face interactions are limited and cyberbullying is triggered, the use of apps, web-based interventions, and games can be an effective way to control electronic perpetration and victimization.

Keywords: anti bullying programs, cyber bullying, individualized trainings, teachers’ professional development, whole school interventions

Procedia PDF Downloads 125

Authors: Michaela Vašková

Abstract:

With the increasing dependence of countries on the critical infrastructure, it increases their vulnerability. Big threat is primarily in the human factor (personnel of the critical infrastructure) and in terrorist attacks. It emphasizes the development of methodology for searching of weak points and their subsequent elimination. This article discusses methods for the analysis of safety in the objects of critical infrastructure. It also contains proposal for methodology for training employees of security services in the objects of the critical infrastructure and developing scenarios of attacks on selected objects of the critical infrastructure.

Keywords: critical infrastructure, object of critical infrastructure, protection, safety, security, security audit

Procedia PDF Downloads 322

Authors: Asma Ben Yaghlane, Mohamed Naceur Azaiez

Abstract:

In this paper, we briefly introduce the concept of Poisson attacks in the case of defense/attack strategies where attacks are assumed to be continuous. We suggest a game model in which the attacker will combine both criteria of a sufficient confidence level of a successful attack and a reasonably small size of the estimation error in order to launch an attack. Here, estimation error arises from assessing the system failure upon attack using aggregate data at the system level. The corresponding error is referred to as aggregation error. On the other hand, the defender will attempt to deter attack by making one or both criteria inapplicable. The defender will build his/her strategy by both strengthening the targeted system and increasing the size of error. We will formulate the defender problem based on appropriate optimization models. The attacker will opt for a Bayesian updating in assessing the impact on the improvement made by the defender. Then, the attacker will evaluate the feasibility of the attack before making the decision of whether or not to launch it. We will provide illustrations to better explain the process.

Keywords: attacker, defender, game theory, information

Procedia PDF Downloads 441

Authors: Alese Boniface K., Adu Michael K., Owa Victor K.

Abstract:

Security can be defined as the degree of resistance to, or protection from harm. It applies to any vulnerable and valuable assets, such as persons, dwellings, communities, nations or organizations. Cybercrime is any crime committed or facilitated via the Internet. It is any criminal activity involving computers and networks. It can range from fraud to unsolicited emails (spam). It includes the distant theft of government or corporate secrets through criminal trespass into remote systems around the globe. Nigeria like any other nations of the world is currently having their own share of the menace that has been used even as tools by terrorists. This paper is an attempt at presenting cyber security as an issue that requires a coordinated national response. It also acknowledges and advocates the key roles to be played by stakeholders and the importance of forging strong partnerships to prevent and tackle cybercrime in Nigeria.

Keywords: security, cybercrime, internet, government, stakeholders, partnerships

Procedia PDF Downloads 507

Authors: Yael Deutsch, Arieh Gavious

Abstract:

The threat of aviation terrorism and its potential damage became significant after the 9/11 terror attacks. These attacks have led authorities and leaders to suggest that security personnel should overcome politically correct scruples about profiling and use it openly. However, there is a lack of knowledge about the smart usage of profiling and its advantages. We analyze game models that are suitable to specific real-world scenarios, focusing on profiling as a tool to detect potential violators, such as terrorists and smugglers. We provide analytical and clear answers to difficult questions, and by that help fighting against harmful violation acts.

Keywords: game theory, profiling, security, nash equilibrium

Procedia PDF Downloads 87

Authors: Mohamamd Shahjahan

Abstract:

Background: Cybercrime is common phenomenon at present both developed and developing countries. Young generation, especially adolescents now engaged internet frequently and they commit cybercrime frequently in Bangladesh. Objective: In this regard, the present study on the pattern of cybercrime among youngers of Bangladesh has been conducted. Methods and tools: This study was a cross-sectional study, descriptive in nature. Non-probability accidental sampling technique has been applied to select the sample because of the nonfinite population and the sample size was 167. A printed semi-structured questionnaire was used to collect data. Results: The study shows that adolescents mainly do hacking (94.6%), pornography (88.6%), software piracy (85 %), cyber theft (82.6%), credit card fraud (81.4%), cyber defamation (75.6%), sweet heart swindling (social network) (65.9%) etc. as cybercrime. According to findings the major causes of cybercrime among the respondents in Bangladesh were- weak laws (88.0%), defective socialization (81.4%), peer group influence (80.2%), easy accessibility to internet (74.3%), corruption (62.9%), unemployment (58.7%), and poverty (24.6%) etc. It is evident from the study that 91.0% respondents used password cracker as the techniques of cyber criminality. About 76.6%, 72.5%, 71.9%, 68.3% and 60.5% respondents’ technique was key loggers, network sniffer, exploiting, vulnerability scanner and port scanner consecutively. Conclusion: The study concluded that pattern of cybercrimes is frequently changing and increasing dramatically. Finally, it is recommending that the private public partnership and execution of existing laws can be controlling this crime.

Keywords: cybercrime, adolescents, pattern, internet

Procedia PDF Downloads 47

Authors: Andrea Tundis, Carlos García Cordero, Rolf Egert, Alfredo Garro, Max Mühlhäuser

Abstract:

Resilience is an important system property that relies on the ability of a system to automatically recover from a degraded state so as to continue providing its services. Resilient systems have the means of detecting faults and failures with the added capability of automatically restoring their normal operations. Mastering resilience in the domain of Cyber-Physical Systems is challenging due to the interdependence of hybrid hardware and software components, along with physical limitations, laws, regulations and standards, among others. In order to overcome these challenges, this paper presents a modeling approach, based on the concept of Dynamic Cells, tailored to the management of Smart Grids. Additionally, a heuristic algorithm that works on top of the proposed modeling approach, to find resilient configurations, has been defined and implemented. More specifically, the model supports a flexible representation of Smart Grids and the algorithm is able to manage, at different abstraction levels, the resource consumption of individual grid elements on the presence of failures and faults. Finally, the proposal is evaluated in a test scenario where the effectiveness of such approach, when dealing with complex scenarios where adequate solutions are difficult to find, is shown.

Keywords: cyber-physical systems, energy management, optimization, smart grids, self-healing, resilience, security

Procedia PDF Downloads 309

Authors: Arif Anwar Surani, Salman Ali, Asif Surani, Sohaib Zahid, Akbar Shoukat Ali, Zeeshan-Ul-Hassan Usmani, Joseph Varon, Salim Surani

Abstract:

Objective: Terrorism and suicidal bomb blast attacks are commonplace in Karachi, Pakistan. During the years 2000 to 2007, there were over 60 bomb explosions resulting in more than 1500 casualties. These explosions produce a wide variety of external injuries. We undertook this study to evaluate pattern of external injury produced after bomb blast attacks and to compare injury profile resulting from explosions in open versus semi-confined blast environments. Method: A retrospective, cross-sectional, study was conducted to review injuries sustained after bomb blast attacks in Karachi, Pakistan, from January 2000 to October 2007. Emergency medical records and medico legal certificates of patients presented to three major public sector hospitals of Karachi were evaluated using self-design proforma. Results: Data of 481 victims meet inclusion criteria and were incorporated for final analysis. Of these, 63.6% were injured in open spaces and 36.4% were injured in semi-confined blast environments. Lacerations were commonly encountered as external injury (47.7%) followed by penetrating wounds (15.3%). Lower and upper extremities were most commonly affected (38.6% and 19% respectively). Open and semi-confined blast environments produced a specific injury pattern and profile (p=<0.001). Conclusions: Bomb blast attacks in Karachi produce an external injury pattern consistent with other studies, with exception of an increased frequency in penetrating wounds. Semi-confined blast environments were associated with severe injuries. Further studies are required to better classify injuries and their severity based on standardized scoring systems. Effective emergency response systems must be designed to cope with mass causalities following bomb explosions.

Keywords: bomb blast attacks, injury pattern, external injury, open space, semi-confined space, blast environment

Procedia PDF Downloads 377

Authors: Francesco Buccafurri, Celeste Romolo

Abstract:

Nowadays phishing is the most frequent starting point of cyber-attack vectors. Phishing is implemented both via email and social network messages. While a wide scientific literature exists which addresses the problem of contrasting email spam-phishing, no specific countermeasure has been so far proposed for phishing included into private messages of social network platforms. Unfortunately, the problem is severe. This paper proposes an approach against social network phishing, based on a non invasive collaborative information-sharing approach which leverages blockchain. The detection method works by filtering candidate messages, by distilling them by means of a distance-preserving hash function, and by publishing hashes over a public blockchain through a trusted smart contract (thus avoiding denial of service attacks). Phishing detection exploits social information embedded into social network profiles to identify similar messages belonging to disjoint contexts. The main contribution of the paper is to introduce a new approach to contrasting the problem of social network phishing, which, despite its severity, received little attention by both research and industry.

Keywords: phishing, social networks, information sharing, blockchain

Procedia PDF Downloads 306

Authors: Sinchul Back, Sun Ho Kim, Jennifer LaPrade, Ilju Seong

Abstract:

Due to the advantage of using the Internet, cybercriminals can reach target(s) without border controls. Prior research on criminology and crime science has largely been void of empirical studies on journey-to-cybercrime and crime opportunity. Thus, the purpose of this study is to understand more about cyber offender spatial decision making associated with crime opportunity factors (i.e., co-offending, offender-stranger). Data utilized in this study were derived from 306 U.S. Federal court cases of cybercrime. The findings of this study indicated that there was a positive relationship between co-offending and journey-to-cybercrime, whereas there was no link between offender-stranger and journey-to-cybercrime. Also, the results showed that there was no relationship between cybercriminal sex, age, and journey-to-cybercrime. The policy implications and limitations of this study are discussed.

Keywords: co-offending, crime opportunity, journey-to-cybercrime, offender-stranger

Procedia PDF Downloads 154

Authors: M. Sandhya, R. M. Madhumitha, Sharmila Sankar

Abstract:

Interoperable medical devices (IMDs) face threats due to the increased attack surface accessible by interoperability and the corresponding infrastructure. Initiating networking and coordination functionalities primarily modify medical systems' security properties. Understanding the threats is a vital first step in ultimately crafting security solutions for such systems. The key to this problem is coming up with some common types of threats or attacks with those of security and privacy, and providing this information as a roadmap. This paper analyses the security issues in interoperability of devices and presents the main types of threats that have to be considered to build a secured system.

Keywords: interoperability, threats, attacks, medical devices

Procedia PDF Downloads 309

Authors: Hariz Halilovich

Abstract:

Based on conventional and digital ethnography, this paper discusses the ways Bosnian refugees utilise digital technologies and new media to recreate, synchronise and sustain their identities and memories in the aftermath of ‘ethnic cleansing’ and genocide and in the contexts of their new emplacements and home-making practices in diaspora. In addition to discussing representations of displacement and emplacement in the ‘digital age’, the paper also aims to make a contribution to the understanding and application of digital ethnography as an emerging method of inquiry in anthropology and related social science disciplines. While some researchers see digital ethnography as an exclusively online–based research, the author of this paper argues that it is critical to understand the online world in the context of the real world—made of real people, places, and social relations.

Keywords: Bosnia, cyber villages, digital diaspora, refugees

Procedia PDF Downloads 219

Authors: Mohan Ramasundaram, Amutha Prabakar Muniyandi

Abstract:

Remote user authentication is one of the important tasks for any kind of remote server applications. Several remote authentication schemes are proposed by the researcher for Telecare Medicine Information System (TMIS). Most of the existing techniques have limitations, vulnerable to various kind attacks, lack of functionalities, information leakage, no perfect forward security and ineffectiveness. Authentication is a process of user verification mechanism for allows him to access the resources of a server. Nowadays, most of the remote authentication protocols are using two-factor authentications. We have made a survey of several remote authentication schemes using three factors and this survey shows that the most of the schemes are inefficient and subject to several attacks. We observed from the experimental evaluation; the proposed scheme is very secure against various known attacks that include replay attack, man-in-the-middle attack. Furthermore, the analysis based on the communication cost and computational cost estimation of the proposed scheme with related schemes shows that our proposed scheme is efficient.

Keywords: Telecare Medicine Information System, elliptic curve cryptography, three-factor, biometric, random oracle

Procedia PDF Downloads 200

Authors: Yong-Kyu Jung

Abstract:

The fast growth in information technology has led to de-mands to access/process data. CPSs heavily depend on the time of hardware/software operations and communication over the network (i.e., real-time/parallel operations in CPSs (e.g., autonomous vehicles). Since data processing is an im-portant means to overcome the issue confronting data management, reducing the gap between the technological-growth and the data-complexity and channel-bandwidth. An adaptive perpetual data approximation method is intro-duced to manage the actual entropy of the digital spectrum. An ADAC implemented as an accelerator and/or apps for servers/smart-connected devices adaptively rescales digital contents (avg.62.8%), data processing/access time/energy, encryption/decryption overheads in AI/ML applications (facial ID/recognition).

Keywords: adaptive codec, AI, ML, HPC, cyber-physical, cybersecurity

Procedia PDF Downloads 61

Authors: Hongmei Chi

Abstract:

The Blockchain has become a necessity for many different societal industries and ordinary lives including cryptocurrency technology, supply chain, health care, public safety, education, etc. Therefore, training our future blockchain developers to know blockchain programming vulnerability and I.T. students' cyber security is in high demand. In this work, we propose a framework including learning modules and hands-on labs to guide future I.T. professionals towards developing secure blockchain programming habits and mitigating source code vulnerabilities at the early stages of the software development lifecycle following the concept of Secure Software Development Life Cycle (SSDLC). In this research, our goal is to make blockchain programmers and I.T. students aware of the vulnerabilities of blockchains. In summary, we develop a framework that will (1) improve students' skills and awareness of blockchain source code vulnerabilities, detection tools, and mitigation techniques (2) integrate concepts of blockchain vulnerabilities for IT students, (3) improve future IT workers’ ability to master the concepts of blockchain attacks.

Keywords: software vulnerability detection, hands-on lab, static analysis tools, vulnerabilities, blockchain, active learning

Procedia PDF Downloads 62

Authors: O. Fayomi, F. Chidozie, C. Ayo

Abstract:

The underlying causes of xenophobia are complex and varied. Xenophobia has to do with being contemptuous of that which is foreign, especially of strangers or of people from different countries or cultures. Unemployment and mounting poverty among South Africans at the bottom of the economic ladder have provoked fears of the competition that better educated and experienced migrants can represent. South Africa’s long track-record of violence as a means of protest and the targeting of foreigners in particular, and, the documented tensions over migration policy and the scale of repatriation serve a very good explanation for its xenophobia. It was clear that while most of the attacks were directed against foreign, primarily African, migrants, this was not the rule. Attacks were also noted against Chinese-speakers, Pakistani migrants as well as against South Africans from minority language groups (in the conflict areas). Settlements that have recently experienced the expression of ‘xenophobic’ violence have also been the site of violent and other forms of protest around other issues, most notably service delivery. The failure of government in service delivery was vexed on this form of xenophobia. Due to the increase in migration, this conflict is certainly not temporary in nature. Xenophobia manifests in different regions and communities with devastating effects on the affected nationals. Nigerians living in South Africa have been objects of severe attacks and assault as a result of this xenophobic attitude. It is against this background that this study seeks to investigate the xenophobic attacks against Nigerians in South Africa. The methodology is basically qualitative with the use of secondary sources such as books, journals, newspapers and internet sources.

Keywords: xenophobia, unemployment, poverty, Nigeria, South Africa

Procedia PDF Downloads 455

Authors: Haowen Xu, Xiaobing Liu, Jin Dong, Jianming Lian

Abstract:

Emerging smart buildings often employ cyberinfrastructure, cyber-physical systems, and Internet of Things (IoT) technologies to increase the automation and responsiveness of building operations for better energy efficiency and lower carbon emission. These operations include the control of Heating, Ventilation, and Air Conditioning (HVAC) and lighting systems, which are often considered a major source of energy consumption in both commercial and residential buildings. Developing energy-saving control models for optimizing HVAC operations usually requires the collection of high-quality instrumental data from iterations of in-situ building experiments, which can be time-consuming and labor-intensive. This abstract describes a digital twin approach to automate building energy experiments for optimizing HVAC operations through the design and development of an adaptive web-based platform. The platform is created to enable (a) automated data acquisition from a variety of IoT-connected HVAC instruments, (b) real-time situational awareness through domain-based visualizations, (c) adaption of HVAC optimization algorithms based on experimental data, (d) sharing of experimental data and model predictive controls through web services, and (e) cyber-physical control of individual instruments in the HVAC system using outputs from different optimization algorithms. Through the digital twin approach, we aim to replicate a real-world building and its HVAC systems in an online computing environment to automate the development of building-specific model predictive controls and collaborative experiments in buildings located in different climate zones in the United States. We present two case studies to demonstrate our platform’s capability for real-time situational awareness and cyber-physical control of the HVAC in the flexible research platforms within the Oak Ridge National Laboratory (ORNL) main campus. Our platform is developed using adaptive and flexible architecture design, rendering the platform generalizable and extendable to support HVAC optimization experiments in different types of buildings across the nation.

Keywords: energy-saving buildings, digital twins, HVAC, cyber-physical system, BIM

Procedia PDF Downloads 77