Search results for: cyber forensics

Authors: Dina Sabirova, Madina Moldagali

Abstract:

The rapid development of new media, especially the Internet, has led to major changes in folk culture. The net space is increasingly becoming a creation of the ‘folk’ imagination, saturated with multimedia stories with collective authorship, like traditional folklore. Moreover, the Internet picks up and changes old folklore traditions, such as the form of publication, the way of storytelling, or gave a new morality to the ‘old tales’. In this article, the similarities and differences between Internet folklore/ cyber-folklore/ digital folklore and oral folk art were examined by using the material of modern Kazakh authors. The relationship between tradition and innovation was studied in order to interpret the sequence of the authors' research taking into account the realities. The material of the article was the prose texts of Kazakh writers published in internet magazines and social networks. An immanent and intertextual analysis of the text was carried out. Thus, the new forms of Internet folklore lead to new forms of expression and social morality in society

Keywords: internet literature, modern Kazakhstani authors, net folklore, oral folk art

Procedia PDF Downloads 92

Authors: Isik Z. Ulubas, Kaj Bjorkqvist

Abstract:

The relationships between perceived ethnic discrimination, peer aggression and school connectedness are being examined among 1,000 adolescents in Ostrobothnia, Finland with an online questionnaire. The study aims at investigating perceived ethnic discrimination in school environment by peers and teachers, and within society in general. Six types of aggressive behavior are measured: physical, verbal, indirect, and cyber aggression, in addition to both verbal and physical sexual harassment. High perceived ethnic discrimination is expected to be related with high aggression and low school connectedness. Adolescents who have special diet and clothing because of their cultural or religious background are expected to score higher on perceived ethnic discrimination and lower school connectedness. Adolescents who have lower domestic language skills (Finnish/Swedish) are expected to show lower school connectedness and higher perceived ethnic discrimination.

Keywords: adolescents, aggression, ethnic discrimination, school connectedness

Procedia PDF Downloads 219

Authors: Sandesh Achar

Abstract:

Cloud computing security is a broad term that covers a variety of security concerns for organizations that use cloud services. Multi-cloud service providers must consider several factors when addressing security for their customers, including identity and access management, data at rest and in transit, egress and ingress traffic control, vulnerability and threat management, and auditing. This paper explores each of these aspects of cloud security in detail and provides recommendations for best practices for multi-cloud service providers. It also discusses the challenges inherent in securing a multi-cloud environment and offers solutions for overcoming these challenges. By the end of this paper, readers should have a good understanding of the various security concerns associated with multi-cloud environments in the context of today’s modern cyber threats and how to address them.

Keywords: multi-cloud service, system organization control, data loss prevention, identity and access management

Procedia PDF Downloads 93

Authors: Nur Imroatun Sholihat, Gresika Bunga Sylvana

Abstract:

Currently, cyber attack became an incredibly serious problem due to its increasing trend all over the world. Therefore, information security becomes prominent for every organization including public sector organization. In Indonesia, unfortunately, Ministry of Finance (MoF) is the only public sector organization that has already formally established procedure to assess its information security adequacy by performing information security audits (November 2017). We assess the implementation of information security audits in the MoF using qualitative data obtained by interviewing IT auditors and by analysis of related documents. For this reason, information security audit practice in the MoF could become the acceptable benchmark for all other public sector organizations in Indonesia. This study is important because, to the best of the author’s knowledge, our research into information security audits practice in Indonesia’s public sector have not been found yet. Results showed that information security audits performed mostly by doing pentest (penetration testing) to MoF’s critical applications.

Keywords: information security audit, information technology, Ministry of Finance of Indonesia, public sector organization

Procedia PDF Downloads 227

Authors: Felib Ayman Shawky Salem

Abstract:

Nowadays crypto currency has become a global phenomenon known to most people. People using this alternative digital money to do a transaction in many ways (e.g. Used for online shopping, wealth management, and fundraising). However, this digital asset also widely used in criminal activities since its use decentralized control as opposed to centralized electronic money and central banking systems and this makes a user, who used this currency invisible. The high-value exchange of these digital currencies also has been a target to criminal activities. The crypto currency crimes have become a challenge for the law enforcement to analyze and to proof the evidence as criminal devices. In this paper, our focus is more on bitcoin crypto currency and the possible artifacts that can be obtained from the different type of digital wallet, which is software and browser-based application. The process memory and physical hard disk are examined with the aims of identifying and recovering potential digital evidence. The stage of data acquisition divided by three states which are the initial creation of the wallet, transaction that consists transfer and receiving a coin and the last state is after the wallet is being deleted. Findings from this study suggest that both data from software and browser type of wallet process memory is a valuable source of evidence, and many of the artifacts found in process memory are also available from the application and wallet files on the client computer storage.

Keywords: cryptocurrency, bitcoin, payment methods, blockchain, appropriation, online retailers, TOE framework, disappropriation, non-appropriationBitCoin, financial protection, crypto currency, money laundering cryptocurrency, digital wallet, digital forensics

Procedia PDF Downloads 28

Authors: Hasanah Md. Amin

Abstract:

The existence of cyberspace and its growing contents is real and overwhelming. Visual as one of the properties of cyber contents is increasingly becoming more significant and popular among creator and user. The visual and aesthetic of the content is consistent with many similarities. Aesthetic, although universal, has slight differences across the world. Aesthetic power could impress, influence, and cause bias among the users. The content creator who knows how to manipulate this visuals and aesthetic expression can dominate the scenario and the user who is ‘expressive literate’ will gain much from the scenes. User who understands aesthetic will be rewarded with competence, confidence, and certainly, a personality enhanced experience in carrying out a task when participating in this chaotic but promising cyberworld. The aim of this article is to gain knowledge from related literature and research regarding User-Generated Content (UGC), which focuses on aesthetic expression by the Net generation. The objective of this preliminary study is to analyze the aesthetic expression linked to visual from the participatory cultural viewpoint looking for meaning, value, patterns, and characteristics.

Keywords: visual overloaded, user-generated content, net generation, visual arts

Procedia PDF Downloads 432

Authors: Sara Muslat Alsahali, Nout Mohammed Alqahtani

Abstract:

Digital technology has changed the world, and with the increasing number of children accessing the Internet, it has now become an integral part of children's lives from their early years. With the rapid development of digital technology, the risks children face on the internet also evolve from cyberbullying to misuse, sexual exploitation, and abuse of their private information over the Internet. Digital technology, with its advantages and disadvantages, is now a fact of our life. Therefore, knowledge of how to reduce its risks and maximize its benefits will help shape the growth and future of a new generation of digital citizens. This paper will discuss access control techniques that help to create secure cyberspace where children can be safe without depriving them of their rights and freedom to use the internet and preventing them from its benefits. Also, it sheds light on its challenges and problems by classifying the methods of parental controlling into two possibilities asynchronous and synchronous techniques and choosing YouTube as a case study of access control techniques.

Keywords: access control, cyber security, kids, parental monitoring

Procedia PDF Downloads 128

Authors: Hilalah Alturkistani, Alaa AlFaadhel, Nora AlJahani, Fatiha Djebbar

Abstract:

Cloud computing is one of the most widely used technology which provides opportunities and services to government entities, large companies, and standard users. However, cybersecurity risk management studies of cloud computing and resiliency approaches are lacking. This paper proposes resilient cloud cybersecurity risk assessment and management tailored specifically, to Dropbox with two approaches:1) technical-based solution motivated by a cybersecurity risk assessment of cloud services, and 2)a target personnel-based solution guided by cybersecurity-related survey among employees to identify their knowledge that qualifies them withstand to any cyberattack. The proposed work attempts to identify cloud vulnerabilities, assess threats and detect high risk components, to finally propose appropriate safeguards such as failure predicting and removing, redundancy or load balancing techniques for quick recovery and return to pre-attack state if failure happens.

Keywords: cybersecurity risk management plan, resilient cloud computing, cyberattacks, cybersecurity risk assessment

Procedia PDF Downloads 128

Authors: Andrei Bogdan Stanescu, Robert Stana

Abstract:

Creating private and secure communication channels between employees has become a critical aspect in order to ensure organizational integrity and avoid leaks of sensitive information. With the widespread use of modern methods of disrupting communication between users, real use-cases of advanced encryption mechanisms have emerged to avoid cyber-attackers that are willing to intercept private conversations between critical employees in an organization. This paper aims to present a custom implementation of a messaging application named “Whisper” that uses end-to-end encryption (E2EE) mechanisms and blockchain-related components to protect sensitive conversations and mitigate the risks of information breaches inside organizations. The results of this research paper aim to expand the areas of applicability of E2EE algorithms and integrations with private blockchains in chat applications as a viable method of enhancing intra-organizational communication privacy.

Keywords: end-to-end encryption, mobile communication, cryptography, communication security, data privacy

Procedia PDF Downloads 81

Authors: Orestis Κ. Efthymiou, Stavros T. Ponis

Abstract:

In the last decade, a new industrial revolution seems to be emerging, supported -once again- by the rapid advancements of Information Technology in the areas of Machine-to-Machine (M2M) communication permitting large numbers of intelligent devices, e.g. sensors to communicate with each other and take decisions without any or minimum indirect human intervention. The advent of these technologies have triggered the emergence of a new category of hybrid (cyber-physical) manufacturing systems, combining advanced manufacturing techniques with innovative M2M applications based on the Internet of Things (IoT), under the umbrella term Industry 4.0. Even though the topic of Industry 4.0 has attracted much attention during the last few years, the attempts of providing a systematic literature review of the subject are scarce. In this paper, we present the authors’ initial study of the field with a special focus on the use and applications of Industry 4.0 principles in material handling automations and in-house logistics. Research shows that despite the vivid discussion and attractiveness of the subject, there are still many challenges and issues that have to be addressed before Industry 4.0 becomes standardized and widely applicable.

Keywords: Industry 4.0, internet of things, manufacturing systems, material handling, logistics

Procedia PDF Downloads 122

Authors: Emine Laarouchi, Daniela Cancila, Laurent Soulier, Hakima Chaouchi

Abstract:

Cyber-Physical Systems as drones proved their efficiency for supporting emergency applications. For these particular applications, travel time and autonomous navigation algorithms are of paramount importance, especially when missions are performed in urban environments with high obstacle density. In this context, however, safety properties are not properly addressed. Our ambition is to optimize the system safety level under autonomous navigation systems, by preserving performance of the CPS. At this aim, we introduce genetic algorithms in the autonomous navigation process of the drone to better infer its trajectory considering the possible obstacles. We first model the wished safety requirements through a cost function and then seek to optimize it though genetics algorithms (GA). The main advantage in the use of GA is to consider different parameters together, for example, the level of battery for navigation system selection. Our tests show that the GA introduction in the autonomous navigation systems minimize the risk of safety lossless. Finally, although our simulation has been tested for autonomous drones, our approach and results could be extended for other autonomous navigation systems such as autonomous cars, robots, etc.

Keywords: safety, unmanned aerial vehicles , CPS, ACPS, drones, path planning, genetic algorithms

Procedia PDF Downloads 177

Authors: Rady Farag Aziz Ibrahim

Abstract:

The gap between Islamic terrorism and human rights has become an important issue in the fight against Islamic terrorism worldwide. This situation is repeated because terrorism and human rights are interconnected in such a way that when the former begins, the latter becomes subject to violence. This unknown relationship was recognized in the Vienna Declaration and Program of Action adopted at the International Conference on Human Rights held in Vienna on 25 June 1993, confirming that terrorist acts, in all their forms and manifestations, aim to destroy the rights of individuals. humanity to destroy. Therefore, Islamic terrorism is a violation of basic human rights. For this purpose, the first part of the article will focus on the relationship between terrorism and human rights and the synergy between these two concepts. The second part then explores the emerging concept of cyber threats and how they exist. Additionally, technology analysis will be conducted against threats based on human rights. This will be achieved through analysis of the concept of 'securitization' of human rights and by striking a balance between counter-terrorism measures and the protection of human rights at all costs. This article concludes with recommendations on how to balance terrorism and human rights today.

Keywords: sustainable development, human rights, the right to development, the human rights-based approach to development

Procedia PDF Downloads 30

Authors: Jameelah O. Yaqub

Abstract:

The financial industry all over the world has undergone and still undergoing great transformation especially with the introduction of e-products which involves the use of computers and telecommunications to enable banking transactions to be done by telephone or computer rather than by humans. The adoption of e-banking in Nigeria is becoming more popular with customers now being able to use the ATM cards for different transactions. The internet banking, POS machines, telephone banking as well as mobile banking are some other e-products being used in Nigeria. This study examines how satisfied bank customers are with the e-products. The study found that the ATM is the most popular e-products among bank customers in Nigeria; followed by the POS. The least use of the e-products is telephone banking. The study also found that visits to banks for transactions declined with the use of e-products. The chi-square analysis shows that there is significant relationship between the use of banks’ e-products and customers’ satisfaction. One of the major reason adduced by respondents for low usage of e-products is insecurity or fear of cyber fraud, it is therefore recommended that banks should provide adequate. Security for transactions and ensure the proper backing up of critical data files. In addition, government should ensure stable electricity supply to reduce banks’ running costs and consequently, customers’ cost of transactions.

Keywords: banks, e-products, innovation, Nigeria

Procedia PDF Downloads 332

Authors: Yiyang Su, Jörg Neumann, Jan Wetzlich, Florian Thiel

Abstract:

Smart grid is a term used to describe the next generation power grid. New challenges such as integration of renewable and decentralized energy sources, the requirement for continuous grid estimation and optimization, as well as the use of two-way flows of energy have been brought to the power gird. In order to achieve efficient, reliable, sustainable, as well as secure delivery of electric power more and more information and communication technologies are used for the monitoring and the control of power grids. Consequently, the need for cybersecurity is dramatically increased and has converged into several standards which will be presented here. These standards for the smart grid must be designed to satisfy both performance and reliability requirements. An in depth investigation of the effect of retrospectively embedded security in existing grids on it’s dynamic behavior is required. Therefore, a retrofitting plan for existing meters is offered, and it’s performance in a test low voltage microgrid is investigated. As a result of this, integration of security measures into measurement architectures of smart grids at the design phase is strongly recommended.

Keywords: cyber security, performance, protocols, security standards, smart grid

Procedia PDF Downloads 313

Authors: Z. Xu

Abstract:

Immersive virtual reality (VR) has gained momentum in humanitarian communication due to its utopian promises of co-presence, immediacy, and transcendence. These potential benefits have led the United Nations (UN) to tirelessly produce and distribute VR series to evoke global empathy and encourage policymakers, philanthropic business tycoons and citizens around the world to actually do something (i.e. give a donation). However, it is unclear whether or not VR can cultivate cosmopolitans with a sense of social responsibility towards the geographically, socially/culturally and morally mediated misfortune of faraway others. Drawing upon existing works on the mediation of distant suffering, this article constructs an analytical framework to articulate the issue. Applying this framework on a case study of five of the UN’s VR pieces, the article identifies three paradoxes that exist between cyber-utopian and cyber-dystopian narratives. In the “paradox of distance”, VR relies on the notions of “presence” and “storyliving” to implicitly link audiences spatially and temporally to distant suffering, creating global connectivity and reducing perceived distances between audiences and others; yet it also enables audiences to fully occupy the point of view of distant sufferers (creating too close/absolute proximity), which may cause them to feel naive self-righteousness or narcissism with their pleasures and desire, thereby destroying the “proper distance”. In the “paradox of agency”, VR simulates a superficially “real” encounter for visual intimacy, thereby establishing an “audiences–beneficiary” relationship in humanitarian communication; yet in this case the mediated hyperreality is not an authentic reality, and its simulation does not fill the gap between reality and the virtual world. In the “paradox of the hierarchies of human life”, VR enables an audience to experience virtually fundamental “freedom”, epitomizing an attitude of cultural relativism that informs a great deal of contemporary multiculturalism, providing vast possibilities for a more egalitarian representation of distant sufferers; yet it also takes the spectator’s personally empathic feelings as the focus of intervention, rather than structural inequality and political exclusion (an economic and political power relations of viewing). Thus, the audience can potentially remain trapped within the minefield of hegemonic humanitarianism. This study is significant in two respects. First, it advances the turn of digitalization in studies of media and morality in the polymedia milieu; it is motivated by the necessary call for a move beyond traditional technological environments to arrive at a more novel understanding of the asymmetry of power between the safety of spectators and the vulnerability of mediated sufferers. Second, it not only reminds humanitarian journalists and NGOs that they should not rely entirely on the richer news experience or powerful response-ability enabled by VR to gain a “moral bond” with distant sufferers, but also argues that when fully-fledged VR technology is developed, it can serve as a kind of alchemy and should not be underestimated merely as a “bugaboo” of an alarmist philosophical and fictional dystopia.

Keywords: audience, cosmopolitan, distant suffering, virtual reality, humanitarian communication

Procedia PDF Downloads 135

Authors: Ahlem Abid, Farah Jemili

Abstract:

Intrusion detection has been the subject of numerous studies in industry and academia, but cyber security analysts always want greater precision and global threat analysis to secure their systems in cyberspace. To improve intrusion detection system, the visualisation of the security events in form of graphs and diagrams is important to improve the accuracy of alerts. In this paper, we propose an approach of an IDS based on cloud computing, big data technique and using a machine learning graph algorithm which can detect in real time different attacks as early as possible. We use the MAWILab intrusion detection dataset . We choose Microsoft Azure as a unified cloud environment to load our dataset on. We implement the k2 algorithm which is a graphical machine learning algorithm to classify attacks. Our system showed a good performance due to the graphical machine learning algorithm and spark structured streaming engine.

Keywords: Apache Spark Streaming, Graph, Intrusion detection, k2 algorithm, Machine Learning, MAWILab, Microsoft Azure Cloud

Procedia PDF Downloads 140

Authors: Shan Jiang, Xinyu Tang

Abstract:

Game-based learning is an emerging pedagogy to make the learning experience more effective, enjoyable, and fun. However, most games used in classroom settings have been overly simplistic. This paper presents a case study on a Python-based online game designed to improve the effectiveness in both teaching and research in higher education. The proposed game system not only creates a fun and enjoyable experience for students to learn various topics in programming but also improves the effectiveness of teaching in several aspects, including material presentation, helping students to recognize the importance of the subjects, and linking theoretical concepts to practice. The proposed game system also serves as an information cyber-infrastructure that automatically collects and stores data from players. The data could be useful in research areas including human-computer interaction, decision making, opinion mining, and artificial intelligence. They further provide other possibilities beyond these areas due to the customizable nature of the game.

Keywords: game-based learning, programming, research-teaching integration, Hearthstone

Procedia PDF Downloads 157

Authors: Magdaléna Náplavová, Tomáš Ludík, Petr Hrůza, František Božek

Abstract:

The use of IT equipment has become a part of every day. However, each device that is part of cyberspace should be secured against unauthorized use. It is very important to know the basics of these security devices, but also the basics of safe conduct their owners. This information should be part of every curriculum computer science education in primary and secondary schools. Therefore, the work focuses on the education of pupils in primary and secondary schools on the Internet. Analysis of the current state describes approaches to the education of pupils in security issues on the Internet. The paper presents a questionnaire-based survey which was carried out in the Czech Republic, whose task was to ascertain the level of opinion pupils in primary and secondary schools on the issue of communication in social networks. The research showed that awareness of socio-pathological phenomena on the Internet environment is very low. Based on the results it was proposed appropriate ways of teaching to this issue and its inclusion a proposal of curriculum for primary and secondary schools.

Keywords: information security, cyber space, general awareness, questionnaire, socio-pathological phenomena, educational system

Procedia PDF Downloads 383

Authors: Francesco Buccafurri, Celeste Romolo

Abstract:

Nowadays phishing is the most frequent starting point of cyber-attack vectors. Phishing is implemented both via email and social network messages. While a wide scientific literature exists which addresses the problem of contrasting email spam-phishing, no specific countermeasure has been so far proposed for phishing included into private messages of social network platforms. Unfortunately, the problem is severe. This paper proposes an approach against social network phishing, based on a non invasive collaborative information-sharing approach which leverages blockchain. The detection method works by filtering candidate messages, by distilling them by means of a distance-preserving hash function, and by publishing hashes over a public blockchain through a trusted smart contract (thus avoiding denial of service attacks). Phishing detection exploits social information embedded into social network profiles to identify similar messages belonging to disjoint contexts. The main contribution of the paper is to introduce a new approach to contrasting the problem of social network phishing, which, despite its severity, received little attention by both research and industry.

Keywords: phishing, social networks, information sharing, blockchain

Procedia PDF Downloads 323

Authors: Aliasghar Arab

Abstract:

Autonomous robots interacting with humans, as safety-critical nonlinear control systems, are complex closed-loop cyber-physical dynamical machines. Keeping these intelligent yet complicated systems safe and smooth during their operations is challenging. The aim of the safe predictive output feedback linearization control synthesis is to design a novel controller for smooth trajectory following while unsafe situations must be avoided. The controller design should obtain a linearized output for smoothness and invariance to a safety subset. Inspired by finite-horizon nonlinear model predictive control, the problem is formulated as constrained nonlinear dynamic programming. The safety constraints can be defined as control barrier functions. Avoiding unsafe maneuvers and performing smooth motions increases the predictability of the robot’s movement for humans when robots and people are working together. Our results demonstrate the proposed output linearization method obeys the safety constraints and, compared to existing safety-guaranteed methods, is smoother and performs better.

Keywords: robotics, collaborative robots, safety, autonomous robots

Procedia PDF Downloads 91

Authors: Umar Albalawi, Sang C. Suh, Jinoh Kim

Abstract:

As internet continues to expand its usage with an enormous number of applications, cyber-threats have significantly increased accordingly. Thus, accurate detection of malicious traffic in a timely manner is a critical concern in today’s Internet for security. One approach for intrusion detection is to use Machine Learning (ML) techniques. Several methods based on ML algorithms have been introduced over the past years, but they are largely limited in terms of detection accuracy and/or time and space complexity to run. In this work, we present a novel method for intrusion detection that incorporates a set of supervised learning algorithms. The proposed technique provides high accuracy and outperforms existing techniques that simply utilizes a single learning method. In addition, our technique relies on partial flow information (rather than full information) for detection, and thus, it is light-weight and desirable for online operations with the property of early identification. With the mid-Atlantic CCDC intrusion dataset publicly available, we show that our proposed technique yields a high degree of detection rate over 99% with a very low false alarm rate (0.4%).

Keywords: intrusion detection, supervised learning, traffic classification, computer networks

Procedia PDF Downloads 343

Authors: Harold P. Pareja

Abstract:

This paper answers the question whether the minimum age of criminal responsibility under the Republic Act No. 9344 (Juvenile Justice Act) as amended by Republic Act No. 10630 should be lowered to 15 years of age or not in the light of international standards and domestic concerns both of which will definitely elicit strong views. It also explores the specific provision on the minimum age of criminal responsibility under the Republic Act No. 9344 (Juvenile Justice Act) and traces the bases of such law by discussing its presented evidences and justifications as reflected in the records of proceedings in the law-making phase. On one hand, the paper discusses the impact of lowering the minimum age to the state of juvenile delinquencies and to the rate of rehabilitation for those CICL who have undergone the DSWD-supervised recovery programs. On the other hand, it presents its impact to the international community specifically to the Committee of the Rights of the Child and the UNICEF considering that the even the current minimum age set in RA 9344 is lower than the international standards. Document review and content analysis are the major research tools. Primary and secondary sources were used as references such as Philippine laws on juvenile justice and from the different states international think-tanks. The absence of reliable evidences on criminal capacity made the arguments in increasing the MACR in the harder position. Studies on criminal capacity vary from different countries and from practitioners in in the fields of psychology, psychiatry and forensics. Juvenile delinquency is mainly contributed by poverty and dysfunctional families. On the other hand, the science of the criminal mind specifically among children has not been established yet. Philippines have the legal obligations to be faithful to the CRC and other related international instruments for the juvenile justice and welfare system. Decreasing MACR does not only send wrong message to the international community but the Philippines is violating its own laws.

Keywords: juvenile justice, minimum age of responsibility (MAR), juvenile justice act of the Philippines, children in conflict with the law, international standards on juvenile justice

Procedia PDF Downloads 398

Authors: Ajay Wadhwa

Abstract:

A Laboratory course on computational physics is different from the conventional lab course on other topics of physics like Mechanics, Heat, Optics, etc. because it involves active participation of the teacher as well as one-to-one interaction between teacher and the student. The course content requires the teacher to teach programming language as well as numerical methods along with their applications in physics. The task becomes more daunting when about 90% of the students in the class have no previous experience of any programming language. In the presented work, we have described a methodology for conducting the computational physics course by using the Google Drive and Dropitto.me cloud storage services. We have evaluated the performance in a class of sixty students by dividing them equally into four groups. One of the groups was made the peer group on whom the presented methodology was tested. The other groups were taught by using conventional method of classroom lectures. In order to assess our methodology, we analyzed the performance of students in four class tests. A study of certain statistical parameters like the mean, standard deviation, and Z-test hypothesis revealed that the cyber methodology based on cloud storage is more efficient than the conventional method of teaching.

Keywords: computational Physics, Z-test hypothesis, cloud storage, Google drive

Procedia PDF Downloads 294

Authors: László Schmidt

Abstract:

In the context of artificial intelligence, we need to pay primary and particular attention to ethical principles not only in the design process but also during the application process. According to the European Commission's Ethical Guidelines, AI must have three main characteristics: it must be legal, ethical and stabil. We must never lose sight of the ethical principles because we risk that this new technology will not help democratic decision-making under the rule of law, but will, on the contrary, destroy it. The rapid spread and use of artificial intelligence poses an enormous challenge to both lawmaking and law enforcement. On legislation because AI permeates many areas of our daily lives that the legislator must regulate. We can see how challenging it is to regulate e.g., selfdriving cars/taxis/vans etc. Not to mention, more recently, cryptocurrencies and Chat GPT, the use of which also requires legislative intervention, from copyright to scientific use and even law of succession. Artificial intelligence also poses an extraordinary challenge to law enforcement. In criminal cases, police and prosecutors can make great use of AI in investigations, e.g. in forensics, DNA samples, reconstruction, identification, etc. But it can also be of great help in the detection of crimes committed in cyberspace. In criminal or civil court proceedings, AI can also play a major role in the evaluation of evidence and proof. For example, a photo or video or audio recording could be immediately revealed as genuine or fake. Likewise, the authenticity or falsification of a document could be determined much more quickly and cheaply than with current procedure (expert witnesses). Neither the current Hungarian Civil Procedure Act nor the Criminal Procedure Act allows the use of artificial intelligence in the evidentiary process. However, this should be changed. To use this technology in court proceedings would be very useful. The procedures would be faster, simpler, and therefore cheaper. Artificial intelligence could also replace much of the work of expert witnesses. Its introduction into judicial procedures would certainly be justified, but with due respect for human rights, the right to a fair trial and other democratic and rule of law guarantees.

Keywords: artificial intelligence, judiciary, Hungarian, court practice

Procedia PDF Downloads 70

Authors: Emmanuelle Maria, Pierre Crançon, Gaëtane Lespes

Abstract:

Colloids are ubiquitous in the environment and are known to play a major role in enhancing the transport of trace elements, thus being an important vector for contaminants dispersion. Colloids study and characterization are necessary to improve our understanding of the fate of pollutants in the environment. However, in stream water and groundwater, colloids are often very poorly concentrated. It is therefore necessary to pre-concentrate colloids in order to get enough material for analysis, while preserving their initial structure. Many techniques are used to extract and/or pre-concentrate the colloidal phase from bulk aqueous phase, but yet there is neither reference method nor estimation of the impact of these different techniques on the colloids structure, as well as the bias introduced by the separation method. In the present work, we have tested and compared several methods of colloidal phase extraction/pre-concentration, and their impact on colloids properties, particularly their size distribution and their elementary composition. Ultrafiltration methods (frontal, tangential and centrifugal) have been considered since they are widely used for the extraction of colloids in natural waters. To compare these methods, a ‘synthetic groundwater’ was used as a reference. The size distribution (obtained by Field-Flow Fractionation (FFF)) and the chemical composition of the colloidal phase (obtained by Inductively Coupled Plasma Mass Spectrometry (ICPMS) and Total Organic Carbon analysis (TOC)) were chosen as comparison factors. In this way, it is possible to estimate the pre-concentration impact on the colloidal phase preservation. It appears that some of these methods preserve in a more efficient manner the colloidal phase composition while others are easier/faster to use. The choice of the extraction/pre-concentration method is therefore a compromise between efficiency (including speed and ease of use) and impact on the structural and chemical composition of the colloidal phase. In perspective, the use of these methods should enhance the consideration of colloidal phase in the transport of pollutants in environmental assessment studies and forensics.

Keywords: chemical composition, colloids, extraction, preconcentration methods, size distribution

Procedia PDF Downloads 211

Authors: Hongmei Chi

Abstract:

The Blockchain has become a necessity for many different societal industries and ordinary lives including cryptocurrency technology, supply chain, health care, public safety, education, etc. Therefore, training our future blockchain developers to know blockchain programming vulnerability and I.T. students' cyber security is in high demand. In this work, we propose a framework including learning modules and hands-on labs to guide future I.T. professionals towards developing secure blockchain programming habits and mitigating source code vulnerabilities at the early stages of the software development lifecycle following the concept of Secure Software Development Life Cycle (SSDLC). In this research, our goal is to make blockchain programmers and I.T. students aware of the vulnerabilities of blockchains. In summary, we develop a framework that will (1) improve students' skills and awareness of blockchain source code vulnerabilities, detection tools, and mitigation techniques (2) integrate concepts of blockchain vulnerabilities for IT students, (3) improve future IT workers’ ability to master the concepts of blockchain attacks.

Keywords: software vulnerability detection, hands-on lab, static analysis tools, vulnerabilities, blockchain, active learning

Procedia PDF Downloads 91

Authors: Hongyu Chen, Li Jiang

Abstract:

Ubiquitous anomalies endanger the security of our system con- stantly. They may bring irreversible damages to the system and cause leakage of privacy. Thus, it is of vital importance to promptly detect these anomalies. Traditional supervised methods such as Decision Trees and Support Vector Machine (SVM) are used to classify normality and abnormality. However, in some case, the abnormal status are largely rarer than normal status, which leads to decision bias of these methods. Generative adversarial network (GAN) has been proposed to handle the case. With its strong generative ability, it only needs to learn the distribution of normal status, and identify the abnormal status through the gap between it and the learned distribution. Nevertheless, existing GAN-based models are not suitable to process data with discrete values, leading to immense degradation of detection performance. To cope with the discrete features, in this paper, we propose an efficient GAN-based model with specifically-designed loss function. Experiment results show that our model outperforms state-of-the-art models on discrete dataset and remarkably reduce the overhead.

Keywords: GAN, discrete feature, Wasserstein distance, multiple intermediate layers

Procedia PDF Downloads 122

Authors: Jean Rosemond Dora, Karol Nemoga

Abstract:

In this work, we tackle a frequent problem that frequently occurs in the cybersecurity field which is the exploitation of websites by XSS attacks, which are nowadays considered a complicated attack. These types of attacks aim to execute malicious scripts in a web browser of the client by including code in a legitimate web page. A serious matter is when a website accepts the “user-input” option. Attackers can exploit the web application (if vulnerable), and then steal sensitive data (session cookies, passwords, credit cards, etc.) from the server and/or from the client. However, the difficulty of the exploitation varies from website to website. Our focus is on the usage of ontology in cybersecurity against XSS attacks, on the importance of the ontology, and its core meaning for cybersecurity. We explain how a vulnerable website can be exploited, and how different JavaScript payloads can be used to detect vulnerabilities. We also enumerate some tools to use for an efficient analysis. We present detailed reasoning on what can be done to improve the security of a website in order to resist attacks, and we provide supportive examples. Then, we apply an ontology model against XSS attacks to strengthen the protection of a web application. However, we note that the existence of ontology does not improve the security itself, but it has to be properly used and should require a maximum of security layers to be taken into account.

Keywords: cybersecurity, web application vulnerabilities, cyber threats, ontology model

Procedia PDF Downloads 164

Authors: Andre Slonopas, Zona Kostic, Warren Thompson

Abstract:

Obfuscation is one of the most useful tools to prevent network compromise. Previous research focused on the obfuscation of the network communications between external-facing edge devices. This work proposes the use of two edge devices, external and internal facing, which communicate via private IPv4 addresses in a software-defined pseudo-random IP hopping. This methodology does not require additional IP addresses and/or resources to implement. Statistical analyses demonstrate that the hopping surface must be at least 1e3 IP addresses in size with a broad standard deviation to minimize the possibility of coincidence of monitored and communication IPs. The probability of breaking the hopping algorithm requires a collection of at least 1e6 samples, which for large hopping surfaces will take years to collect. The probability of dropped packets is controlled via memory buffers and the frequency of hops and can be reduced to levels acceptable for video streaming. This methodology provides an impenetrable layer of security ideal for information and supervisory control and data acquisition systems.

Keywords: moving target defense, cybersecurity, network security, hopping randomization, software defined network, network security theory

Procedia PDF Downloads 176

Authors: Tania Mitra

Abstract:

Digital Activism or Cyber Activism uses digital media as a means to disseminate information and mobilize masses towards a specific goal. When digital activism was first born in the early 1990s, it was primarily used by groups of organized political activists. However, with the advent of social media, online activism has filtered down to the individual- one who does not necessarily belong to or identify with an agenda, group, or political party. A large part of digital activism today stems from the individual’s notion of what is right and wrong. This gives rise to a discourse around descriptive ethics and the implications of the independent digital activist. Although digital activism has paved the way for and bolstered support for causes like the MeToo Movement and Black Lives Matter, the lack of a unified, organized body has led to counterintuitive progressions and suspicions regarding the movements. The paper introduces the ideas of 'clout' culture, click baits, and clicktivism (the phenomenon where activism is reduced to a blind following of the online trends), to discuss the impacts of exclusive digital activism. By using Jeremy Bentham's utilitarian approach to ethics, that places emphasis on the best possible outcome for a society, the paper will show how individual online activism reaching for a larger, more common end can sometimes lead to an undermining of that end, not only in the online space but also how it manifests in the real world.

Keywords: digital activism, ethics, independent digital activist, utilitarianism

Procedia PDF Downloads 118