Search results for: cyber criminality

Authors: S. Fantin

Abstract:

This study is the result of the legal research on cybersecurity and data protection within the EUNITY (Cybersecurity and Privacy Dialogue between Europe and Japan) project, aimed at fostering the dialogue between the European Union and Japan. Based on the research undertaken therein, the author offers an outline of the main asymmetries in the laws governing such fields in the two regions. The research is a comparative analysis of the two legal frameworks, taking into account specific provisions, ratio legis and policy initiatives. Recent doctrine was taken into account, too, as well as empirical interviews with EU and Japanese stakeholders and project partners. With respect to the protection of personal data, the European Union has recently reformed its legal framework with a package which includes a regulation (General Data Protection Regulation), and a directive (Directive 680 on personal data processing in the law enforcement domain). In turn, the Japanese law under scrutiny for this study has been the Act on Protection of Personal Information. Based on a comparative analysis, some asymmetries arise. The main ones refer to the definition of personal information and the scope of the two frameworks. Furthermore, the rights of the data subjects are differently articulated in the two regions, while the nature of sanctions take two opposite approaches. Regarding the cybersecurity framework, the situation looks similarly misaligned. Japan’s main text of reference is the Basic Cybersecurity Act, while the European Union has a more fragmented legal structure (to name a few, Network and Information Security Directive, Critical Infrastructure Directive and Directive on the Attacks at Information Systems). On an relevant note, unlike a more industry-oriented European approach, the concept of cyber hygiene seems to be neatly embedded in the Japanese legal framework, with a number of provisions that alleviate operators’ liability by turning such a burden into a set of recommendations to be primarily observed by citizens. With respect to the reasons to fill such normative gaps, these are mostly grounded on three basis. Firstly, the cross-border nature of cybercrime brings to consider both magnitude of the issue and its regulatory stance globally. Secondly, empirical findings from the EUNITY project showed how recent data breaches and cyber-attacks had shared implications between Europe and Japan. Thirdly, the geopolitical context is currently going through the direction of bringing the two regions to significant agreements from a trade standpoint, but also from a data protection perspective (with an imminent signature by both parts of a so-called ‘Adequacy Decision’). The research conducted in this study reveals two asymmetric legal frameworks on cyber security and data protection. With a view to the future challenges presented by the strengthening of the collaboration between the two regions and the trans-national fashion of cybercrime, it is urged that solutions are found to fill in such gaps, in order to allow European Union and Japan to wisely increment their partnership.

Keywords: cybersecurity, data protection, European Union, Japan

Procedia PDF Downloads 128

Authors: Ghazala Yasmeen, Zahid Yousaf

Abstract:

Frequent social media use has significantly changed people's life and communication styles during the last two decades. Social media use has multiple dimensions, and there are nuanced relationships between it and how it affects different societal subgroups. With the increased popularity and rapid growth of social networking sites, people are experiencing potential social media addiction, which causes severe mental health problems. How social media is dramatically influencing the lives and mental health of its users, and particularly of the students, creating psychological issues, e.g., isolation, depression, and anxiety, will be the primary objective of this study. This research will address the problems confronted by many students who are regular social media users and can undergo mental distress. This study aims to explore how social media use can lead to isolation, depression, and anxiety. This research will also investigate the effects of cyber-bullying on social, emotional, and psychological wellbeing. For this purpose, the researcher will use the survey technique as a method of inquiry. Ryff's theory of Psychological wellbeing will be used as a theoretical framework to explore the association between social media addiction and psychological effects among users. For data collection, the researcher will use the quantitative research method through a survey questionnaire from three universities in Pakistan from the public and private sectors. This study will imply a two-stage random sampling technique. At first, the researcher will select 20% of students from universities. In the second stage, 20% of students using different social networking sites will be chosen, and draw a representative sample from these will be. The intended study will use questionnaires comprising two portions. The first section will consist of social media engagement by the students, following impacts on their mental health and reported attitude towards psychological wellbeing. This study will spotlight the considerations of parents, educationists, and policymakers to take measures against the devastating effects of cyber-crimes on young adults.

Keywords: anxiety, depression, isolation, social media, wellbeing

Procedia PDF Downloads 84

Authors: Marta Maria Aguilar Carceles

Abstract:

This theoretical study argues how terrorism is rising around the world and which are the factors and situations that contribute to this process. Linked to aspects of human development, minors are one of the most vulnerable collectives to be engaged for this purpose. Its special weakness and lower possibility of self-defense makes them more likely to become victims as a result of a brainwashing process. Terrorism is an illicit way to achieve political and social changes and new technologies and available resources make it easier to spread. In this sense, throughout a theoretical revision of different recent and scientific articles, it is evaluated which risk factors can provoke its affiliation and later develop of antisocial and illicit behavior. An example of this group of factors could be the inter-generational continuity between parents and their children, as well as the sociodemographic aspects joined to cultural experiences (i.e. sense of dishonor, frustration, etc.). The assess of this kind of variables must be accompanied by the evaluation of protective factors, because the reasons through one person decides to join to terrorism are inherently idiosyncratic and we can only install mechanisms of prevention knowing those personal characteristics. To sum, both aspects underline the relevance of the internalizing and externalizing personal factors, each of them in one specific direction: a) to increase the possibility of being recruited or follow this type of criminal group by himself, and b) to be able of avoiding the effects and consequences of terrorism thanks to personal and resilient characteristics (resilience).

Keywords: criminality, minors, recruitment, resilience, terrorism

Procedia PDF Downloads 137

Authors: Liron Hoch

Abstract:

Traditional religious and spiritual texts offer a surprising wealth of relevant theoretical and practical knowledge about human behavior. This wellspring may contribute significantly to expanding our current body of knowledge in the social sciences and criminology in particular. In Jewish religious texts, specifically by Maimonides, we can find profound analyses of human traits and guidelines for a normative way of life. Among other things, modern criminological literature attempts to link certain character traits and divergent behaviors. Using the hermeneutic phenomenological approach, we analyzed the writings of Maimonides, mainly Laws of Human Dispositions, in order to understand Moses ben Maimon's (1138–1204) view of character traits. The analysis yielded four themes: (1) Human personality between nature and nurture; (2) The complexity of human personality, imbalance and criminality; (3) Extremism as a way to achieve balance; and (4) The Middle Way, flexibility and common sense. These themes can serve therapeutic purposes, as well as inform a rehabilitation model. Grounded in a theoretical rationale about the nature of humans, this model is designed to direct individuals to balance their traits by self-reflection and constant practice of the Middle Way. The proposal we will present is that implementing this model may promote normative behavior and thus contribute to rehabilitating offenders.

Keywords: rehabilitation, traits, offenders, maimonides, middle way

Procedia PDF Downloads 72

Authors: Tim Giesen, Raphael Adamietz, Pablo Mayer, Philipp Stiefel, Patrick Alle, Dirk Schlenker

Abstract:

The competitiveness and success of new electrical energy storages such as battery cells are significantly dependent on a short time-to-market. Producers who decide to supply new battery cells to the market need to be easily adaptable in manufacturing with respect to the early customers’ needs in terms of cell size, materials, delivery time and quantity. In the initial state, the required output rates do not yet allow the producers to have a fully automated manufacturing line nor to supply handmade battery cells. Yet there was no solution for manufacturing battery cells in low to medium volumes in a reproducible way. Thus, in terms of cell format and output quantity, a concept for the flexible assembly of battery cells was developed by the Fraunhofer-Institute for Manufacturing Engineering and Automation. Based on clustered processes, the modular system platform can be modified, enlarged or retrofitted in a short time frame according to the ordered product. The paper shows the analysis of the production steps from a conventional battery cell assembly line. Process solutions were found by using I/O-analysis, functional structures, and morphological boxes. The identified elementary functions were subsequently clustered by functional coherences for automation solutions and thus the single process cluster was generated. The result presented in this paper enables to manufacture different cell products on the same production system using seven process clusters. The paper shows the solution for a batch-wise flexible battery cell production using advanced process control. Further, the performed tests and benefits by using the process clusters as cyber-physical systems for an integrated production and value chain are discussed. The solution lowers the hurdles for SMEs to launch innovative cell products on the global market.

Keywords: automation, battery production, carrier, advanced process control, cyber-physical system

Procedia PDF Downloads 343

Authors: Van Trieu, Shouhuai Xu, Yusheng Feng

Abstract:

Tracking attack trajectories can be difficult, with limited information about the nature of the attack. Even more difficult as attack information is collected by Intrusion Detection Systems (IDSs) due to the current IDSs having some limitations in identifying malicious and anomalous traffic. Moreover, IDSs only point out the suspicious events but do not show how the events relate to each other or which event possibly cause the other event to happen. Because of this, it is important to investigate new methods capable of performing the tracking of attack trajectories task quickly with less attack information and dependency on IDSs, in order to prioritize actions during incident responses. This paper proposes a two-level graph causality framework for tracking attack trajectories in internet networks by leveraging observable malicious behaviors to detect what is the most probable attack events that can cause another event to occur in the system. Technically, given the time series of malicious events, the framework extracts events with useful features, such as attack time and port number, to apply to the conditional independent tests to detect the relationship between attack events. Using the academic datasets collected by IDSs, experimental results show that the framework can quickly detect the causal pairs that offer meaningful insights into the nature of the internet network, given only reasonable restrictions on network size and structure. Without the framework’s guidance, these insights would not be able to discover by the existing tools, such as IDSs. It would cost expert human analysts a significant time if possible. The computational results from the proposed two-level graph network model reveal the obvious pattern and trends. In fact, more than 85% of causal pairs have the average time difference between the causal and effect events in both computed and observed data within 5 minutes. This result can be used as a preventive measure against future attacks. Although the forecast may be short, from 0.24 seconds to 5 minutes, it is long enough to be used to design a prevention protocol to block those attacks.

Keywords: causality, multilevel graph, cyber-attacks, prediction

Procedia PDF Downloads 160

Authors: Gabriela Wasileski, Debra L. Stanley

Abstract:

Maryland efforts to decrease the juvenile criminality and recidivism shifts towards evidence based sentencing. While in theory the evidence based sentencing has an impact on the reduction of juvenile delinquency and drug abuse; the assessment of juveniles’ risk and needs usually lacks crucial information about juvenile’s prior victimization. The Maryland Comprehensive Assessment and Service Planning (MCASP) Initiative is the primary tool for developing and delivering a treatment service plan for juveniles at risk. Even though it consists of evidence-based screening and assessment instruments very little is currently known regarding the effectiveness and the impact of the assessment in general. In keeping with Maryland’s priority to develop successful evidence-based recidivism reduction programs, this study examined results of assessments based on MCASP using a representative sample of the juveniles at risk and their assessment results. Specifically, it examined: (1) the results of the assessments in an electronic database (2) areas of need that are more frequent among delinquent youth in a system/agency, (3) the overall progress of youth in an agency’s care (4) the impact of child victimization and trauma experiences reported in the assessment. The project will identify challenges regarding the use of MCASP in Maryland, and will provide a knowledge base to support future research and practices.

Keywords: Juvenile Justice, assessment of risk and need, victimization and crime, recidivism

Procedia PDF Downloads 322

Authors: Joseph Osafo, Winifred Asare-Doku, Charity Akotia

Abstract:

Decriminalizing suicide is one of the major goals of suicide prevention worldwide. In Ghana, suicide is legally prescribed and there is a wide-spread societal condemnation of the act, the survivor and families share the stigma. Evidence and advocacy continue to mount towards pressuring the government, the legal fraternity and lawmakers to consider decriminalizing the act. However, within this discourse, the views of families of attempt survivors are absent. The purpose of this study was to explore from relatives of suicide attempters their reactions towards the criminality of suicide attempt in the country. A total of 10 relatives of suicide attempters were interviewed using a semi-structured interview guide. Thematic analysis was used to analyze the data. We found that there were divergent views from families on decriminalizing suicide. We generated two major themes; Out-group bias versus In-group bias. Half of the participants opined that suicide attempt should not be decriminalized and others advocated for help and mental health care for victims of the suicide attempt. It was generally observed that although all 10 participants were cognizant that suicide attempt is a crime in Ghana, they preferred their relatives were spared from prosecution. The findings indicate incongruity, especially when participants want their relatives to avoid jail term but want the law that criminalizes suicide to remain. Findings are explained using the Fundamental Attribution Error and the concept of Kin selection. Implications for public education on decriminalization and advocacy are addressed.

Keywords: decriminalization, families, Ghana suicide, suicide attempt

Procedia PDF Downloads 525

Authors: Cara Williams

Abstract:

This paper considers the media’s role in formulating a dominant social deviance paradigm and medicalised portrayal of disabled people and examines how those representations of impairment reinforce the personal tragedy view that underpins the social value given to the category of disability. According to a materialist perspective, the personal tragedy medical model approach condemns disabled people to live an inferior 'life apart', socially excluded and prevented from living as fully participating citizens on an equal basis to non-disabled people. Commonly, disabled people are portrayed as a person who needs to be cured in order to achieve a better 'quality of life'; otherwise stories center on deviance, criminality or scrounger. Media representations have consistently used negative language and images that reinforce the personal tragedy 'deficient' view of disability. The systematic misrepresentation within film, literature, TV and other art forms have validated a process about what it means to be 'normal' and how 'difference' and 'identity' are interpreted. The impact of these stereotyped disabling images for disabled people is a barrier not experienced by many other oppressed minority groups. Applying a materialist analysis, this paper contends that the impact on audience’s perceptions of impaired bodies and minds, and the harmful effects on disabled people can be linked with agenda setting theory - the relationship between the media and the political agenda.

Keywords: media, disabled people, political agenda, personal tragedy

Procedia PDF Downloads 149

Authors: Guliz Kolburan

Abstract:

Juvenile delinquency studies has a special place and importance in criminality researches. Young adolescents, have not reached psychological, mental and physical maturity, and they cannot understand their roles and duties in society. In this case, if such an adolescent turns into a crime machine as a gang leader, he has the least responsibility of this result. All institutions, like family, school, community and the state as a whole have duties and responsibilities in this regard. While planning the studies about prevention of juvenile delinquency, all institutions related with the development of the children, should be involved in the center of the study. So that effective goals for prevention studies can be determined only in this way. Most of youth who commit homicide feel no attachment to anybody or society except for themselves. Children who committed homicide generally developed defense mechanisms about their guilt, sadness, fear and anger. For this reason, treatment of these children should be based on the awareness of these feelings and copying with them. In the movie, events making the youth realize his own feelings and responsibilities were studied from a theoretical perspective. In this study, some of the dialogs and the scenes in the movie were analyzed and the factors cause the young gang leader to be drawn to crime were evaluated in terms of the science of psychology. The aim of this study is to analyze the process of the youth to being drawn into criminal behavior in terms of social and emotional developmental phases in a theoretical perspective via the movie produced in 2005 (94. Min.). The method of this study is discourse analysis.

Keywords: crime, child, evaluation (development), psychology

Procedia PDF Downloads 448

Authors: Barrere Sarah

Abstract:

The area of liberty, security, and justice within the European Union is still a work in progress. No one can deny that the EU struggles between a monistic and a dualist approach. The aim of our essay is to first review how the European law is perceived by the rest of the international scene. It will then discuss two main mechanisms at play: the interpretation of larger international treaties and the penal mechanisms of European law. Finally, it will help us understand the role of a penal Europe on the international scene with concrete examples. Special attention will be paid to cases that deal with fundamental rights as they represent an interesting case study in Europe and in the rest of the World. It could illustrate the aforementioned duality currently present in the Union’s interpretation of international public law. On the other hand, it will explore some specific European penal mechanism through mutual recognition and the European arrest warrant in the transnational criminality frame. Concerning the interpretation of the treaties, it will first, underline the ambiguity and the general nature of some treaties that leave the EU exposed to tension and misunderstanding then it will review the validity of an EU act (whether or not it is compatible with the rules of International law). Finally, it will focus on the most complete manifestation of liberty, security and justice through the principle of mutual recognition. Used initially in commercial matters, it has become “the cornerstone” of European construction. It will see how it is applied in judicial decisions (its main event and achieving success is via the European arrest warrant) and how European member states have managed to develop this cooperation.

Keywords: European penal law, international scene, liberty security and justice area, mutual recognition

Procedia PDF Downloads 411

Authors: Ejd Garba, Okike Benjamin

Abstract:

Today, the word encryption has become very popular even among non-computer professionals. There is no doubt that some works have been carried out in this area, but more works need to be done. Presently, most of the works on encryption is concentrated on the sender of the message without paying any attention to the message recipient. However, it is a good practice if any message sent to someone is received by the particular person whom the message is sent to. This work seeks to ensure that at the receiving end of the message, there is a security to ensure that the recipient computes a key that would enable the encrypted message to be accessed. This key would be in form of password. This would make it possible for a given message to be sent to several people at the same time. When this happens, it is only those people who computes the key correctly that would be given the opportunity to access even the encrypted message, which can in turn be decrypted using the appropriate key.

Keywords: arithmetic, cyber space, modulo-2, information security

Procedia PDF Downloads 326

Authors: Barakat Adebisi Raji

Abstract:

In the workplace, Artificial Intelligence has, in recent years, emerged as a transformative technology that revolutionizes how organizations operate and perform tasks. It is a technology that has a significant impact on transportation, manufacturing, education, cyber security, robotics, agriculture, healthcare, and so many other organizations. By harnessing AI technology, workplaces can enhance productivity, streamline processes, and make more informed decisions. Given the potential of AI to change the way we work and its impact on the labor market in years to come, employers understand that it entails legal challenges and risks despite the advantages inherent in it. Therefore, as AI continues to integrate into various aspects of the workplace, understanding the legal and ethical implications becomes paramount. Also central to this study is the question of who is held liable where AI makes any defaults; the person (company) who created the AI, the person who programmed the AI algorithm or the person who uses the AI? Thus, the aim of this paper is to provide a detailed overview of how AI-related liabilities are addressed under each legal tradition and shed light on potential areas of accord and divergence between the two legal cultures. The objectives of this paper are to (i) examine the ability of Common law and Islamic law to accommodate the issues and damage caused by AI in the workplace and the legality of compensation for such injury sustained; (ii) to discuss the extent to which AI can be described as a legal personality to bear responsibility: (iii) examine the similarities and disparities between Common Law and Islamic Jurisprudence on the liability of AI in the workplace. The methodology adopted in this work was qualitative, and the method was purely a doctrinal research method where information is gathered from the primary and secondary sources of law, such as comprehensive materials found in journal articles, expert-authored books and online news sources. Comparative legal method was also used to juxtapose the approach of Islam and Common Law. The paper concludes that since AI, in its current legal state, is not recognized as a legal entity, operators or manufacturers of AI should be held liable for any damage that arises, and the determination of who bears the responsibility should be dependent on the circumstances surrounding each scenario. The study recommends the granting of legal personality to AI systems, the establishment of legal rights and liabilities for AI, the establishment of a holistic Islamic virtue-based AI ethics framework, and the consideration of Islamic ethics.

Keywords: AI, health- care, agriculture, cyber security, common law, Shari'ah

Procedia PDF Downloads 45

Authors: Proud Arunrangsiwed

Abstract:

This research is a collaborative narrative research, which is mixed with issues of selected papers and researcher's experience as an anonymous user on social networking sites. The objective of this research is to understand the reasons of the regular users who reject to contact with anonymous users, and to study the communication traditions used in the selected studies. Anonymous users are rejected by regular users, because of the fear of cyber bully, the fear of unpleasant behaviors, and unwillingness of changing communication norm. The suggestion for future research design is to use longitudinal design or quantitative design; and the theory in rhetorical tradition should be able to help develop a strong trust message.

Keywords: anonymous, anonymity, online identity, trust message, reliability

Procedia PDF Downloads 361

Authors: Chia-Wen Wang, Patou Masika Musumari, Teeranee Techasrivichien, S. Pilar Suguimoto, Chang-Chuan Chan, Masako Ono-Kihara, Masahiro Kihara

Abstract:

Background: In recent years, a particular form of bullying, referred to as 'cyberbullying' has emerged along with the rapid expansion of the Internet, social network services (SNSs) and smart phones. Many Asian countries, including Taiwan, are faced with both the cyberbullying and the traditional form of bullying. This study aims to explore Taiwanese adolescents’ experiences, perceptions and opinions regarding cyberbullying and traditional bullying through the perspective of victim, perpetrator, or witness. Method: This is a qualitative study using face-to-face in-depth interviews guided by a semi-structured questionnaire among high school students -aged 16 to 18 years- in Taipei, Taiwan. The participants were recruited through convenience sampling from five high schools between June and November 2016. Interviews were digitally recorded, transcribed, and analyzed using the thematic analysis approach. Results: Forty-eight participants were recruited, of which, 14 (29.2%) reported had ever experienced bullying. Specifically, 7 participants (14.6%) reported had ever been victims of cyberbullying, 1 (2%) had been victims of traditional bullying, and 6 (12.5%) had been victims of both cyber and traditional bullying. The majority (70.8%) reported had ever witnessed acts of bullying; however, none of the participants recognized had ever been a perpetrator of bullying. Cyberbullying mostly happens on social media (Facebook and Instagram) or LINE instant messaging application, and included upload and sharing of degrading pictures and videos of victims, as well as gossip and mean messages by the perpetrators. The anonymous and public nature of social media groups in schools made it easier to perpetrate bullying. The victim of traditional bullying reported being the target of verbal attack because of his physical appearance. Regardless of the type of bullying, victims reported feeling bad, angry, or depressed as a result of being bullied. Witnesses of both cyber- and traditional bullying cited physical appearance (e.g. having the big/flat bust or big butt, or overweight or obese) and disability as the most reasons of being a bullying victim. Conclusion: Both cyberbullying and traditional bullying had negative emotional and psychological impacts on victims. This study warrants further research to assess the extent of this phenomenon and understand the characteristics of perpetrators, victims, and witnesses to inform the design of tailored interventions using appropriate channels of dissemination.

Keywords: cyberbullying, traditional bullying, social media, adolescents

Procedia PDF Downloads 348

Authors: Johannes Atug, Stefan Braunreuther, Gunther Reinhart

Abstract:

Volatile markets, as well as increasing global competition in manufacturing, lead to a high demand of flexible and agile production systems. These advanced production systems in turn conduct to high capital expenditure along with high investment risks. Developments in production regarding digitalization and cyber-physical systems result to a merger of informational- and operational technology. The approach of this paper is to benefit from this merger and present a framework of a production network with scalable production capacity and low capital expenditure by adaptation of the IT concept 'everything as a service' into the production environment.

Keywords: digital manufacturing system, everything as a service, reconfigurable production, value network

Procedia PDF Downloads 347

Authors: Á. L. Bendes

Abstract:

By the end of the second decade of the 21st century, artificial intelligence (AI) has become an unavoidable part of everyday life and has necessarily aroused the interest of researchers in almost every field of science. This is no different in the case of jurisprudence, whose main task is not only to create its own theoretical paradigm related to AI. Perhaps the biggest impact on digital crime is artificial intelligence. In addition, the need to create legal frameworks suitable for the future application of the law has a similar importance. The prognosis according to which AI can reshape the practical application of law and, ultimately, the entire legal life is also of considerable importance. In the past, criminal law was basically created to sanction the criminal acts of a person, so the application of its concepts with original content to AI-related violations is not expected to be sufficient in the future. Taking this into account, it is necessary to rethink the basic elements of criminal law, such as the act and factuality, but also, in connection with criminality barriers and criminal sanctions, several new aspects have appeared that challenge both the criminal law researcher and the legislator. It is recommended to continuously monitor technological changes in the field of criminal law as well since it will be timely to re-create both the legal and scientific frameworks to correctly assess the events related to them, which may require a criminal law response. Artificial intelligence has completely reformed the world of digital crime. New crimes have appeared, which the legal systems of many countries do not or do not adequately regulate. It is considered important to investigate and sanction these digital crimes. The primary goal is prevention, for which we need a comprehensive picture of the intertwining of artificial intelligence and digital crimes. The goal is to explore these problems, present them, and create comprehensive proposals that support legal certainty.

Keywords: artificial intelligence, chat forums, defamation, international criminal cooperation, social networking, virtual sites

Procedia PDF Downloads 92

Authors: Ebtesam Shadadi, Rasha Ibrahim, Essam Ghadafi

Abstract:

Phishing poses a significant threat as a cybercrime by tricking end users into revealing their confidential and sensitive information. Attackers often manipulate victims to achieve their malicious goals. The increasing prevalence of Phishing has led to extensive research on this issue, including studies focusing on phishing attempts in healthcare institutions in the Kingdom of Saudi Arabia. This paper explores the importance of analyzing phishing attacks, specifically focusing on those targeting the healthcare industry. The study delves into the tactics, obstacles, and remedies associated with these attacks, all while considering the implications for Saudi Vision 2030.

Keywords: phishing, cybersecurity, cyber threat, social engineering, vision 2030

Procedia PDF Downloads 71

Authors: Marko Schuba, Florian Kessels, Niklas Reitz

Abstract:

Operational technology (OT) controls physical processes in critical infrastructures and economically important industries. With the convergence of OT with classical information technology (IT), rising cybercrime worldwide and the increasingly difficult geopolitical situation, the risks of OT infrastructures being attacked are growing. Classical penetration testing, in which testers take on the role of an attacker, has so far found little acceptance in the OT sector - the risk that a penetration test could do more harm than good seems too great. This paper examines the resilience of various OT systems using typical penetration test tools. It is shown that such a test certainly involves risks, but is also feasible in OT if a cautious approach is taken. Therefore, OT penetration testing should be considered as a tool to improve the cyber security of critical infrastructures.

Keywords: penetration testing, OT, ICS, OT security

Procedia PDF Downloads 24

Authors: Nuruddeen Usman, Usman Mohammed Gidado, Muhammad Ahmad Ibrahim

Abstract:

Construction industry is one of the sectors that are eyeing adoption of ICT for its development due to the advancement in technology. Though, many manufacturing sectors had been using it, but construction industry was left behind, especially in the developing nation like Nigeria. On account of that, the objective of this study is to conceptually and quantitatively synthesise whether the slow adoption of ICT by the construction industries can be attributable to cybercrime threats. The result of the investigation found that, the risk of cybercrime, and lack of adequate cyber security policies that can enforce and punish defaulters are among the things that hinder ICT adoption of the Nigerian construction industries. Therefore, there is need for the nations to educate their citizens on cybercrime risk, and to establish cybercrime police units that can be monitoring and controlling all online communications.

Keywords: construction industry, cybercrime, information and communication technology adoption, risk

Procedia PDF Downloads 513

Authors: Imen Aouini, Lamia Ben Azzouz

Abstract:

The energy need is growing rapidly due to the population growth and the large new usage of power. Several works put considerable efforts to make the electricity grid more intelligent to reduce essentially energy consumption and provide efficiency and reliability of power systems. The Smart Grid is a complex architecture that covers critical devices and systems vulnerable to significant attacks. Hence, security is a crucial factor for the success and the wide deployment of Smart Grids. In this paper, we present security issues of the Smart Grid architecture and we highlight open issues that will make the Smart Grid security a challenging research area in the future.

Keywords: smart grids, smart meters, home area network, neighbor area network

Procedia PDF Downloads 427

Authors: Nareshkumar Harale, B. B. Meshram

Abstract:

The continued exponential growth of successful cyber intrusions against today’s businesses has made it abundantly clear that traditional perimeter security measures are no longer adequate and effective. We evolved the network trust architecture from trust-untrust to Zero-Trust, With Zero Trust, essential security capabilities are deployed in a way that provides policy enforcement and protection for all users, devices, applications, data resources, and the communications traffic between them, regardless of their location. Information exchange over the Internet, in spite of inclusion of advanced security controls, is always under innovative, inventive and prone to cyberattacks. TCP/IP protocol stack, the adapted standard for communication over network, suffers from inherent design vulnerabilities such as communication and session management protocols, routing protocols and security protocols are the major cause of major attacks. With the explosion of cyber security threats, such as viruses, worms, rootkits, malwares, Denial of Service attacks, accomplishing efficient and effective intrusion detection and prevention is become crucial and challenging too. In this paper, we propose a design and analysis model for next generation network intrusion detection and protection system as part of layered security strategy. The proposed system design provides intrusion detection for wide range of attacks with layered architecture and framework. The proposed network intrusion classification framework deals with cyberattacks on standard TCP/IP protocol, routing protocols and security protocols. It thereby forms the basis for detection of attack classes and applies signature based matching for known cyberattacks and data mining based machine learning approaches for unknown cyberattacks. Our proposed implemented software can effectively detect attacks even when malicious connections are hidden within normal events. The unsupervised learning algorithm applied to network audit data trails results in unknown intrusion detection. Association rule mining algorithms generate new rules from collected audit trail data resulting in increased intrusion prevention though integrated firewall systems. Intrusion response mechanisms can be initiated in real-time thereby minimizing the impact of network intrusions. Finally, we have shown that our approach can be validated and how the analysis results can be used for detecting and protection from the new network anomalies.

Keywords: network intrusion detection, network intrusion prevention, association rule mining, system analysis and design

Procedia PDF Downloads 230

Authors: Shamatha Shetty, Sakshi Dhabadi, Prerana M., Indushree B.

Abstract:

About 66% of firms claim that insider attacks are more likely to happen. The frequency of insider incidents has increased by 47% in the last two years. The goal of this work is to prevent dangerous employee behavior by using keyloggers and the Machine Learning (ML) model. Every keystroke that the user enters is recorded by the keylogging program, also known as keystroke logging. Keyloggers are used to stop improper use of the system. This enables us to collect all textual data, save it in a CSV file, and analyze it using an ML algorithm and the VirusTotal API. Many large companies use it to methodically monitor how their employees use computers, the internet, and email. We are utilizing the SVM algorithm and the VirusTotal API to improve overall efficiency and accuracy in identifying specific patterns and words to automate and offer the report for improved monitoring.

Keywords: cyber security, machine learning, cyclic process, email notification

Procedia PDF Downloads 64

Authors: Vincent Andrew Cappellano

Abstract:

In the early phases of critical infrastructure system design, translating distributed computing requirements to an architecture has risk given the multitude of approaches (e.g., cloud, edge, fog). In many systems, a single requirement for system uptime / availability is used to encompass the system’s intended operations. However, when architected systems may perform to those availability requirements only during normal operations and not during component failure, or during outages caused by adversary attacks on critical infrastructure (e.g., physical, cyber). System designers lack a structured method to evaluate availability requirements against candidate system architectures through deep degradation scenarios (i.e., normal ops all the way down to significant damage of communications or physical nodes). This increases risk of poor selection of a candidate architecture due to the absence of insight into true performance for systems that must operate as a piece of critical infrastructure. This research effort proposes a process to analyze critical infrastructure system availability requirements and a candidate set of systems architectures, producing a metric assessing these architectures over a spectrum of degradations to aid in selecting appropriate resilient architectures. To accomplish this effort, a set of simulation and evaluation efforts are undertaken that will process, in an automated way, a set of sample requirements into a set of potential architectures where system functions and capabilities are distributed across nodes. Nodes and links will have specific characteristics and based on sampled requirements, contribute to the overall system functionality, such that as they are impacted/degraded, the impacted functional availability of a system can be determined. A machine learning reinforcement-based agent will structurally impact the nodes, links, and characteristics (e.g., bandwidth, latency) of a given architecture to provide an assessment of system functional uptime/availability under these scenarios. By varying the intensity of the attack and related aspects, we can create a structured method of evaluating the performance of candidate architectures against each other to create a metric rating its resilience to these attack types/strategies. Through multiple simulation iterations, sufficient data will exist to compare this availability metric, and an architectural recommendation against the baseline requirements, in comparison to existing multi-factor computing architectural selection processes. It is intended that this additional data will create an improvement in the matching of resilient critical infrastructure system requirements to the correct architectures and implementations that will support improved operation during times of system degradation due to failures and infrastructure attacks.

Keywords: architecture, resiliency, availability, cyber-attack

Procedia PDF Downloads 115

Authors: Kitty Kioskli, Theofanis Fotis, Nineta Polemi

Abstract:

The European Union (EU) directive Artificial Intelligence (AI) Act in Article 9 requires that risk management of AI systems includes both technical and human oversight, while according to NIST_AI_RFM (Appendix C) and ENISA AI Framework recommendations, claim that further research is needed to understand the current limitations of social threats and human-AI interaction. AI threats within social contexts significantly affect the security and trustworthiness of the AI systems; they are interrelated and trigger technical threats as well. For example, lack of explainability (e.g. the complexity of models can be challenging for stakeholders to grasp) leads to misunderstandings, biases, and erroneous decisions. Which in turn impact the privacy, security, accountability of the AI systems. Based on the NIST four fundamental criteria for explainability it can also classify the explainability threats into four (4) sub-categories: a) Lack of supporting evidence: AI systems must provide supporting evidence or reasons for all their outputs. b) Lack of Understandability: Explanations offered by systems should be comprehensible to individual users. c) Lack of Accuracy: The provided explanation should accurately represent the system's process of generating outputs. d) Out of scope: The system should only function within its designated conditions or when it possesses sufficient confidence in its outputs. Biases may also stem from historical data reflecting undesired behaviors. When present in the data, biases can permeate the models trained on them, thereby influencing the security and trustworthiness of the of AI systems. Social related AI threats are recognized by various initiatives (e.g., EU Ethics Guidelines for Trustworthy AI), standards (e.g. ISO/IEC TR 24368:2022 on AI ethical concerns, ISO/IEC AWI 42105 on guidance for human oversight of AI systems) and EU legislation (e.g. the General Data Protection Regulation 2016/679, the NIS 2 Directive 2022/2555, the Directive on the Resilience of Critical Entities 2022/2557, the EU AI Act, the Cyber Resilience Act). Measuring social threats, estimating the risks to AI systems associated to these threats and mitigating them is a research challenge. In this paper it will present the efforts of two European Commission Projects (FAITH and THEMIS) from the HorizonEurope programme that analyse the social threats by building cyber-social exercises in order to study human behaviour, traits, cognitive ability, personality, attitudes, interests, and other socio-technical profile characteristics. The research in these projects also include the development of measurements and scales (psychometrics) for human-related vulnerabilities that can be used in estimating more realistically the vulnerability severity, enhancing the CVSS4.0 measurement.

Keywords: social threats, artificial Intelligence, mitigation, social experiment

Procedia PDF Downloads 69

Authors: Glory Okereke

Abstract:

The paper examines the strength and influence of superpowers in asserting dominance in international relations through Culture and technological and cyber-power redistribution. The paper is divided into four parts to analyze what constitutes power and authority using realist and constructivist approaches. The second section explores strategic examples of how superpowers assert themselves through values, ideology, and technological warfare, focusing on the redistribution of authority. The third section evaluates whether these strategies enhance power or create greater risks, applying traditional theories of Realism and Constructivism. Finally, the paper challenges these traditional theories by highlighting the risks associated with the quest for power, drawing on the Copenhagen School’s Securitization Theory.

Keywords: US and China relations, great power competition, technology, cultural, asia, united states

Procedia PDF Downloads 12

Authors: Najmeh Abedzadeh, Matthew Jacobs

Abstract:

An intrusion detection system (IDS) is a software application that monitors malicious activities and generates alerts if any are detected. However, most network activities in IDS datasets are normal, and the relatively few numbers of attacks make the available data imbalanced. Consequently, cyber-attacks can hide inside a large number of normal activities, and machine learning algorithms have difficulty learning and classifying the data correctly. In this paper, a comprehensive literature review is conducted on different types of algorithms for both implementing the IDS and methods in correcting the imbalanced IDS dataset. The most famous algorithms are machine learning (ML), deep learning (DL), synthetic minority over-sampling technique (SMOTE), and reinforcement learning (RL). Most of the research use the CSE-CIC-IDS2017, CSE-CIC-IDS2018, and NSL-KDD datasets for evaluating their algorithms.

Keywords: IDS, imbalanced datasets, sampling algorithms, big data

Procedia PDF Downloads 334

Authors: Iqra Raza

Abstract:

This paper attempts to conceptualize the (de)humanization of the Muslim subject in Karen J. Greenberg and Janet Hamlin’s transmedia Sketching Guantanamo through a close study of the aesthetics and semiotics of the text. The Muslim experience, the paper shall argue, is mediated through a (de)humanization confined and incarcerated within the chains of artistic representation. Hamlin’s reliance on the distortions offered by stereotypes is reminiscent of the late Victorian epistemology on criminality, as evidenced most starkly in the sketch of Khalid Sheikh Mohammad. The position of the white artist thus becomes suspect in the enterprise of neo-Victorian ethnography. The visual stories of movement from within Guantanamo become potent; the paper shall argue, especially in juxtaposition with the images of stillness that came out from the detention centers, which portrayed the enactment of violence on individual bodies with a deliberate erasure of faces. So, while art becomes a way for reclaiming subjectivity or humanizing these identifiable bodies, the medium predicates itself on their objectification. The paper shall explore various questions about what it means for the (criminal?) subjects to be rendered into art rather than being photographed. Does art entail a necessary departure from the assumed objectivity of the photographic images? What makes art the preferred medium for (de)humanization of the violated Muslim bodies? What happens when art is produced without a recognition of the ‘precariousness’ of the life being portrayed? Rendering the detainees into art becomes a slippery task complicated by Hamlin’s privileged position outside the glass walls of the court. The paper shall adjourn analysis at the many dichotomies that exist in the text viz. between the White men and the brown, the Muslims and the Christians, Occident and the Orient problematized by Hamlin’s politics, that of a ‘neutral outsider’ which quickly turns on its head and becomes complicity in her deliberate erasure of the violence that shaped and still shapes Guantanamo.

Keywords: Abu Ghraib, Derrida, Guantanamo, graphic journalism, Muslimness, orient, spectrality

Procedia PDF Downloads 159

Authors: Romeu Bonk Mesquita

Abstract:

Argentina is the South American number 1 country of destiny to intraregional migration flows. This research aims to shed light on the main trends of the Argentine immigrant policy from 2016 on, when Mauricio Marci was elected President, taking the approval of the current and fairly protective of human rights Ley de Migraciones (2003) as an analytical starting point. Foreign Policy Analysis (FPA) serves as the theoretical background, highlighting decision-making processes and institutional designs that encourage or constraint political and social actors. The analysis goes through domestic and international levels, observing how immigration policy is formulated as a public policy and is simultaneously connected to Mercosur and other international organizations, such as the International Organization for Migration (IOM) and the United Nations High Commissioner for Refugees (UNHCR). Thus, the study revolves around the Direccion Nacional de Migraciones, which is the state agency in charge of executing the country’s immigrant policy, as to comprehend how its internal processes and the connections it has with both domestic and international institutions shape Argentina’s immigrant policy formulation and execution. Also, it aims to locate the migration agenda within the country’s contemporary social and political context. The methodology is qualitative, case-based and oriented by process-tracing techniques. Empirical evidence gathered includes official documents and data, media coverage and interviews to key-informants. Recent events, such as the Decreto de Necesidad y Urgencia 70/2017 issued by President Macri, and the return of discursive association between migration and criminality, indicate a trend of nationalization and securitization of the immigration policy in contemporary Argentina.

Keywords: Argentine foreign policy, human rights, immigrant policy, Mercosur

Procedia PDF Downloads 169

Authors: Anwesha Pathak

Abstract:

With the increasing number of satellites and space debris, space traffic management (STM) becomes crucial. AI can aid in STM by predicting and preventing potential collisions, optimizing satellite trajectories, and managing orbital slots. Governance frameworks need to address the integration of AI algorithms in STM to ensure safe and sustainable satellite activities. AI and governance play significant roles in the context of satellite activities in space. Artificial intelligence (AI) technologies, such as machine learning and computer vision, can be utilized to process vast amounts of data received from satellites. AI algorithms can analyse satellite imagery, detect patterns, and extract valuable information for applications like weather forecasting, urban planning, agriculture, disaster management, and environmental monitoring. AI can assist in automating and optimizing satellite operations. Autonomous decision-making systems can be developed using AI to handle routine tasks like orbit control, collision avoidance, and antenna pointing. These systems can improve efficiency, reduce human error, and enable real-time responsiveness in satellite operations. AI technologies can be leveraged to enhance the security of satellite systems. AI algorithms can analyze satellite telemetry data to detect anomalies, identify potential cyber threats, and mitigate vulnerabilities. Governance frameworks should encompass regulations and standards for securing satellite systems against cyberattacks and ensuring data privacy. AI can optimize resource allocation and utilization in satellite constellations. By analyzing user demands, traffic patterns, and satellite performance data, AI algorithms can dynamically adjust the deployment and routing of satellites to maximize coverage and minimize latency. Governance frameworks need to address fair and efficient resource allocation among satellite operators to avoid monopolistic practices. Satellite activities involve multiple countries and organizations. Governance frameworks should encourage international cooperation, information sharing, and standardization to address common challenges, ensure interoperability, and prevent conflicts. AI can facilitate cross-border collaborations by providing data analytics and decision support tools for shared satellite missions and data sharing initiatives. AI and governance are critical aspects of satellite activities in space. They enable efficient and secure operations, ensure responsible and ethical use of AI technologies, and promote international cooperation for the benefit of all stakeholders involved in the satellite industry.

Keywords: satellite, space debris, traffic, threats, cyber security.

Procedia PDF Downloads 82