Search results for: threats

Authors: M. Sandhya, R. M. Madhumitha, Sharmila Sankar

Abstract:

Interoperable medical devices (IMDs) face threats due to the increased attack surface accessible by interoperability and the corresponding infrastructure. Initiating networking and coordination functionalities primarily modify medical systems' security properties. Understanding the threats is a vital first step in ultimately crafting security solutions for such systems. The key to this problem is coming up with some common types of threats or attacks with those of security and privacy, and providing this information as a roadmap. This paper analyses the security issues in interoperability of devices and presents the main types of threats that have to be considered to build a secured system.

Keywords: interoperability, threats, attacks, medical devices

Procedia PDF Downloads 295

Authors: O. A. Ajigini, E. N. Mwim

Abstract:

Cybersecurity is the protection of computers, programs, networks, and data from attack, damage, unauthorised, unintended access, change, or destruction. Organisations collect, process and store their confidential and sensitive information on computers and transmit this data across networks to other computers. Moreover, the advent of internet technologies has led to various cyberattacks resulting in dangerous consequences for organisations. Therefore, with the increase in the volume and sophistication of cyberattacks, there is a need to develop models and make recommendations for the management of cybersecurity threats in organisations. This paper reports on various threats that cause malicious damage to organisations in cyberspace and provides measures on how these threats can be eliminated or reduced. The paper explores various aspects of protection measures against cybersecurity threats such as handling of sensitive data, network security, protection of information assets and cybersecurity awareness. The paper posits a model and recommendations on how to manage cybersecurity threats in organisations effectively. The model and the recommendations can then be utilised by organisations to manage the threats affecting their cyberspace. The paper provides valuable information to assist organisations in managing their cybersecurity threats and hence protect their computers, programs, networks and data in cyberspace. The paper aims to assist organisations to protect their information assets and data from cyberthreats as part of the contributions toward community engagement.

Keywords: confidential information, cyberattacks, cybersecurity, cyberspace, sensitive information

Procedia PDF Downloads 215

Authors: Kunto Wibowo Agung Prodjonoto

Abstract:

Occasionally, opportunities occur not due to chances but threats. This, however, is often not realized because a greater threat is perceived to be anything that threatens, endangers, or harms, resulting in bad impacts that are also part of the risk and consequence. As a result, more focus tends to direct towards the bad impacts. Risk, in this case, shall be seen rather as something challenging, which can turn to be an opportunity to tackle an obstacle. Therefore, it does not seem exaggerating if later, risk can be considered as a challenge that presents an opportunity. So as in the context of the threat of natural disasters which gives an idea that opportunities exist. Nature referred to in a fashion as 'natural disasters' captured an expression to picture the 'threats' aspect, which instructively implying a chance of opportunity. This is quite logical, as SWOT (strengths, weaknesses, opportunities, threats) analysis can evaluate the situation at hand related to the analysis of various factors in formulating strategies to deal with natural disaster situations. The analytical method created by Albert Humphrey is indeed not an analytical tool to provide solutions, but certainly 'opportunities and challenges' are discussed therein on a vertical line, where opportunities are posited on the positive axis, and threats are posed on the negative axis. Observing this dynamism, the challenges and threats of disasters are having opportunity relevance to moralizing opportunities, that by quality poses universalism populist characteristics, universalism characteristics, and regional characteristics. Here, universalism appears as an opportunity domain underneath the threats and challenges of natural disasters.

Keywords: universality, opportunities, threats, challenges of natural disasters

Procedia PDF Downloads 118

Authors: Somayeh Sobati Moghadam

Abstract:

Business processes are crucial for organizations and help businesses to evaluate and optimize their performance and processes against current and future-state business goals. Outsourcing business processes to the cloud becomes popular due to a wide varsity of benefits and cost-saving. However, cloud outsourcing raises enterprise data security concerns, which must be incorporated in Business Process Model and Notation (BPMN). This paper, presents SeCloudBPMN, a lightweight extension for BPMN which extends the BPMN to explicitly support the security threats in the cloud as an outsourcing environment. SeCloudBPMN helps business’s security experts to outsource business processes to the cloud considering different threats from inside and outside the cloud. In this way, appropriate security countermeasures could be considered to preserve data security in business processes outsourcing to the cloud.

Keywords: BPMN, security threats, cloud computing, business processes outsourcing, privacy

Procedia PDF Downloads 233

Authors: Faisal Al Yahmadi, Muhammad R. Ahmed

Abstract:

Electric power is a fundamental necessity in the 21^st century. Consequently, any break in electric power is probably going to affect the general activity. To make the power supply smooth and efficient, a smart grid network is introduced which uses communication technology. In any communication network, security is essential. It has been observed from several recent incidents that adversary causes an interruption to the operation of networks. In order to resolve the issues, it is vital to understand the threats and vulnerabilities associated with the smart grid networks. In this paper, we have investigated the threats and vulnerabilities in Smart Grid Networks (SGN) and the few solutions in the literature. Proposed solutions showed developments in electricity theft countermeasures, Denial of services attacks (DoS) and malicious injection attacks detection model, as well as malicious nodes detection using watchdog like techniques and other solutions.

Keywords: smart grid network, security, threats, vulnerabilities

Procedia PDF Downloads 102

Authors: Ehsan Daryadel, Farhad Talaie

Abstract:

Wetlands are one of the most important ecosystems on Earth. Nevertheless, various challenges threaten these ecosystems and disrupt their ecological character. Among these, the effects of human-based threats are more devastating. Following mass degradation of wetlands during 1970s, the Ramsar Convention on Wetlands (Ramsar, Iran, 1971) was concluded to conserve wetlands of international importance and prevent destruction and degradation of such ecosystems through wise use of wetlands as a mean to achieve sustainable development in all over the world. Therefore, in this paper, efforts have been made to analyze threats to wetlands and then investigate solutions in the framework of the Ramsar Convention. Finally, in order to operate these mechanisms, this study concludes that all states should in turn make their best effort to improve and restore global wetlands through preservation of environmental standards and close contribution and also through taking joint measures with other states effectively.

Keywords: Ramsar Convention, threats, wetland wcosystems, wise use

Procedia PDF Downloads 359

Authors: Ivan Župan

Abstract:

Critical infrastructure is essential for the functioning of a country and is designated for special protection by governments worldwide. Due to the increase in smart technology usage in every facet of the industry, including critical infrastructure, the exposure to malicious cyber-physical attacks has grown in the last few years. Proper security measures must be undertaken in order to defend against cyber-physical threats that can disrupt the normal functioning of critical infrastructure and, consequently the functioning of the country. This paper provides a review of the scientific literature of models, methods and technologies used to protect from cyber-physical threats in industries. The focus of the literature was observed from three aspects. The first aspect, resilience, concerns itself with the robustness of the system’s defense against threats, as well as preparation and education about potential future threats. The second aspect concerns security risk management for systems with cyber-physical aspects, and the third aspect investigates available testbed environments for testing developed models on scaled models of vulnerable infrastructure.

Keywords: critical infrastructure, cyber-physical security, smart industry, security methodology, security technology

Procedia PDF Downloads 38

Authors: N. A. Badrul

Abstract:

People are concerned that they are vulnerable as a result of what is exposed about them on the internet. Users are increasingly aware of their privacy and are making various efforts to protect their personal information. However, besides individuals themselves, organisations are also exposing personal information of their staff to the general public by publishing it on their official website. This practice may put individuals at risk and particularly vulnerable to threats. This preliminary study explores explicitly the amount and types of personal information disclosure from organisational websites. Threats and risks related to the disclosures are discussed. In general, all the examined organisational websites discloses personal information with varies identifiable degree of data.

Keywords: personal information, privacy, e-government, information disclosure

Procedia PDF Downloads 274

Authors: Arun Prabhakar

Abstract:

Threat modeling is an important activity carried out in the initial stages of the development lifecycle that helps in building proactive security measures in the product. Though there are many techniques and tools available today, one of the common challenges with the traditional methods is the lack of a systematic approach in identifying security threats. The proposed solution describes an organized model by defining ontologies that help in building patterns to enumerate threats. The concepts of graph theory are applied to build the pattern for discovering threats for any given scenario. This graph-based solution also brings in other benefits, making it a customizable and scalable model.

Keywords: directed acyclic graph, ontology, patterns, threat identification, threat modeling

Procedia PDF Downloads 100

Authors: Jeonghwan Jeon, Mintak Han, Youngjun Kim

Abstract:

Due to the rapid development of information and communication technology (ICT), a substantial transformation is currently happening in the society. As the range of intelligent technologies and services is continuously expanding, ‘things’ are becoming capable of communicating one another and even with people. However, such “Internet of Things” has the technical weakness so that a great amount of such information transferred in real-time may be widely exposed to the threat of security. User’s personal data are a typical example which is faced with a serious security threat. The threats of security will be diversified and arose more frequently because next generation of unfamiliar technology develops. Moreover, as the society is becoming increasingly complex, security vulnerability will be increased as well. In the existing literature, a considerable number of private and public reports that forecast future society have been published as a precedent step of the selection of future technology and the establishment of strategies for competitiveness. Although there are previous studies that forecast security technology, they have focused only on technical issues and overlooked the interrelationships between security technology and social factors are. Therefore, investigations of security threats in the future and security technology that is able to protect people from various threats are required. In response, this study aims to derive potential security threats associated with the development of technology and to explore the security technology that can protect against them. To do this, first of all, private and public reports that forecast future and online documents from technology-related communities are collected. By analyzing the data, future issues are extracted and categorized in terms of STEEP (Society, Technology, Economy, Environment, and Politics), as well as security. Second, the components of potential security threats are developed based on classified future issues. Then, points that the security threats may occur –for example, mobile payment system based on a finger scan technology– are identified. Lastly, alternatives that prevent potential security threats are proposed by matching security threats with points and investigating related security technologies from patent data. Proposed approach can identify the ICT-related latent security menaces and provide the guidelines in the ‘problem – alternative’ form by linking the threat point with security technologies.

Keywords: future society, information and communication technology, security technology, technology forecasting

Procedia PDF Downloads 432

Authors: Nima Amani, Ali Salehi Dastjerdi, Fatemeh Ahmadi, Ardalan Sabamehr

Abstract:

The cost overrun of the construction projects has always been one of the main problems of the construction companies caused by the risky nature of the construction projects. Therefore, today, the application of risk management is inevitable. Although in theory, the issue of risk management is divided into the opportunities and threats management, in practice, most of the projects have been focused on the threats management. However, considering the opportunities management and applying the opportunities-response strategies can lead to the improved profitability of the construction projects of the companies. In this paper, a new technique is developed to identify the opportunities in the construction projects using an improved protocol and propose the appropriate opportunities-response strategies to the construction companies to provide them with higher profitability. To evaluate the effectiveness of the protocol for selecting the most appropriate strategies in ‎response to the opportunities and threats, two projects from a construction company in Iran were ‎studied. Both projects selected were in mid-range in terms of size and similar in terms of time, ‎run time and costs. Finally, the output indicates that using the proposed opportunities-response strategies show that the company's profitability in the future can be increased approximately for similar projects.

Keywords: opportunities management, risk-response strategy, opportunity-response strategy, productivity, risk management

Procedia PDF Downloads 193

Authors: Xudong He, Jian Wang, Jiqiang Liu, Lei Han, Yang Yu, Shaohua Lv

Abstract:

Nowadays, the threats of the internet are enormous and increasing; however, the classification of huge alert messages generated in this environment is relatively monotonous. It affects the accuracy of the network situation assessment, and also brings inconvenience to the security managers to deal with the emergency. In order to deal with potential network threats effectively and provide more effective data to improve the network situation awareness. It is essential to build a hierarchical filtering method to prevent the threats. In this paper, it establishes a model for data monitoring, which can filter systematically from the original data to get the grade of threats and be stored for using again. Firstly, it filters the vulnerable resources, open ports of host devices and services. Then use the entropy theory to calculate the performance changes of the host devices at the time of the threat occurring and filter again. At last, sort the changes of the performance value at the time of threat occurring. Use the alerts and performance data collected in the real network environment to evaluate and analyze. The comparative experimental analysis shows that the threat filtering method can effectively filter the threat alerts effectively.

Keywords: correlation analysis, hierarchical filtering, multisource data, network security

Procedia PDF Downloads 167

Authors: Carlos Gonzalez

Abstract:

This paper describes the use of the Internet as a feature to enhance the security of our software that is going to be distributed/sold to users potentially all over the world. By placing in a secure server some of the features of the secure software, we increase the security of such software. The communication between the protected software and the secure server is done by a double lock algorithm. This paper also includes an analysis of intruders and describes possible responses to detect threats.

Keywords: internet, secure software, threats, cryptography process

Procedia PDF Downloads 287

Authors: Kitty Kioskli, Theofanis Fotis, Nineta Polemi

Abstract:

The European Union (EU) directive Artificial Intelligence (AI) Act in Article 9 requires that risk management of AI systems includes both technical and human oversight, while according to NIST_AI_RFM (Appendix C) and ENISA AI Framework recommendations, claim that further research is needed to understand the current limitations of social threats and human-AI interaction. AI threats within social contexts significantly affect the security and trustworthiness of the AI systems; they are interrelated and trigger technical threats as well. For example, lack of explainability (e.g. the complexity of models can be challenging for stakeholders to grasp) leads to misunderstandings, biases, and erroneous decisions. Which in turn impact the privacy, security, accountability of the AI systems. Based on the NIST four fundamental criteria for explainability it can also classify the explainability threats into four (4) sub-categories: a) Lack of supporting evidence: AI systems must provide supporting evidence or reasons for all their outputs. b) Lack of Understandability: Explanations offered by systems should be comprehensible to individual users. c) Lack of Accuracy: The provided explanation should accurately represent the system's process of generating outputs. d) Out of scope: The system should only function within its designated conditions or when it possesses sufficient confidence in its outputs. Biases may also stem from historical data reflecting undesired behaviors. When present in the data, biases can permeate the models trained on them, thereby influencing the security and trustworthiness of the of AI systems. Social related AI threats are recognized by various initiatives (e.g., EU Ethics Guidelines for Trustworthy AI), standards (e.g. ISO/IEC TR 24368:2022 on AI ethical concerns, ISO/IEC AWI 42105 on guidance for human oversight of AI systems) and EU legislation (e.g. the General Data Protection Regulation 2016/679, the NIS 2 Directive 2022/2555, the Directive on the Resilience of Critical Entities 2022/2557, the EU AI Act, the Cyber Resilience Act). Measuring social threats, estimating the risks to AI systems associated to these threats and mitigating them is a research challenge. In this paper it will present the efforts of two European Commission Projects (FAITH and THEMIS) from the HorizonEurope programme that analyse the social threats by building cyber-social exercises in order to study human behaviour, traits, cognitive ability, personality, attitudes, interests, and other socio-technical profile characteristics. The research in these projects also include the development of measurements and scales (psychometrics) for human-related vulnerabilities that can be used in estimating more realistically the vulnerability severity, enhancing the CVSS4.0 measurement.

Keywords: social threats, artificial Intelligence, mitigation, social experiment

Procedia PDF Downloads 21

Authors: Irfan Mohiuddin, Ahmad Al Mogren

Abstract:

In recent years, cloud computing has earned substantial attention in the Oil and Gas Industry and provides services in all the phases of the industry lifecycle. Oil and gas supply infrastructure, in particular, is more vulnerable to accidental, natural and intentional threats because of its widespread distribution. Numerous surveys have been conducted on cloud security and privacy. However, to the best of our knowledge, hardly any survey is carried out that reviews cyber security in all phases with a cloud computing perspective. Moreover, a distinctive classification is performed for all the cloud-based cyber security measures based on the cloud component in use. The classification approach will enable researchers to identify the required technique used to enhance the security in specific cloud components. Also, the limitation of each component will allow the researchers to design optimal algorithms. Lastly, future directions are given to point out the imminent challenges that can pave the way for researchers to further enhance the resilience to cyber security threats in the oil and gas industry.

Keywords: cyber security, cloud computing, safety and security, oil and gas industry, security threats, oil and gas pipelines

Procedia PDF Downloads 107

Authors: Arellano Karina, Diego Avila-Pesántez, Leticia Vaca-Cárdenas, Alberto Arellano, Carmen Mantilla

Abstract:

Nowadays, security threats in Voice over IP (VoIP) systems are an essential and latent concern for people in charge of security in a corporate network, because, every day, new Denial-of-Service (DoS) attacks are developed. These affect the business continuity of an organization, regarding confidentiality, availability, and integrity of services, causing frequent losses of both information and money. The purpose of this study is to establish the necessary measures to mitigate DoS threats, which affect the availability of VoIP systems, based on the Session Initiation Protocol (SIP). A Security Model called MS-DoS-SIP is proposed, which is based on two approaches. The first one analyzes the recommendations of international security standards. The second approach takes into account weaknesses and threats. The implementation of this model in a VoIP simulated system allowed to minimize the present vulnerabilities in 92% and increase the availability time of the VoIP service into an organization.

Keywords: Denial-of-Service SIP attacks, MS-DoS-SIP, security model, VoIP-SIP vulnerabilities

Procedia PDF Downloads 162

Authors: Abdoulaye Diop, Nahid Emad, Thierry Winter, Mohamed Hilia

Abstract:

Data assets protection is a crucial issue in the cybersecurity field. Companies use logical access control tools to vault their information assets and protect them against external threats, but they lack solutions to counter insider threats. Nowadays, insider threats are the most significant concern of security analysts. They are mainly individuals with legitimate access to companies information systems, which use their rights with malicious intents. In several fields, behavior anomaly detection is the method used by cyber specialists to counter the threats of user malicious activities effectively. In this paper, we present the step toward the construction of a user and entity behavior analysis framework by proposing a behavior anomaly detection model. This model combines machine learning classification techniques and graph-based methods, relying on linear algebra and parallel computing techniques. We show the utility of an ensemble learning approach in this context. We present some detection methods tests results on an representative access control dataset. The use of some explored classifiers gives results up to 99% of accuracy.

Keywords: cybersecurity, data protection, access control, insider threat, user behavior analysis, ensemble learning, high performance computing

Procedia PDF Downloads 90

Authors: Aisha F. Bushager

Abstract:

Today we are more exposed than ever to cyber threats and attacks at personal, community, organizational, national, and international levels. More aspects of our lives are operating on computer networks simply because we are living in the fifth domain, which is called the Cyberspace. One of the most sensitive areas that are vulnerable to cyber threats and attacks is the Electronic Banking (e-Banking) area, where the banking sector is providing online banking services to its clients. To be able to obtain the clients trust and encourage them to practice e-Banking, also, to maintain the services provided by the banks and ensure safety, cyber security and risks control should be given a high priority in the e-banking area. The aim of the study is to carry out risk assessment on the e-banking services and determine the cyber threats, cyber attacks, and vulnerabilities that are facing the e-banking area specifically in the Kingdom of Bahrain. To collect relevant data, structured interviews were taken place with e-banking experts in different banks. Then, collected data where used as in input to the risk management framework provided by the National Institute of Standards and Technology (NIST), which was the model used in the study to assess the risks associated with e-banking services. The findings of the study showed that the cyber threats are commonly human errors, technical software or hardware failure, and hackers, on the other hand, the most common attacks facing the e-banking sector were phishing, malware attacks, and denial-of-service. The risks associated with the e-banking services were around the moderate level, however, more controls and countermeasures must be applied to maintain the moderate level of risks. The results of the study will help banks discover their vulnerabilities and maintain their online services, in addition, it will enhance the cyber security and contribute to the management and control of risks that are facing the e-banking sector.

Keywords: cyber security, e-banking, risk assessment, threats identification

Procedia PDF Downloads 315

Authors: S. K. M. Basha

Abstract:

Pulicat Lake is the second largest brackish water lagoon after Chilika Lake of Orissa along the east coast of India. Estuaries and lagoons have brackish water which shows high biological productivity than fresh or sea water. Hence it has wide range of aquatic, terrestrial flora and fauna. The World Wide Fund for Nature declared that it is a protected area. Present study aims to explore the flora and fauna of the lagoon along with the various threats for its eco-degradation which helps to plan necessary conservation methods.

Keywords: phytodiversity, Pulicat Lake, threats, conservation

Procedia PDF Downloads 300

Authors: Ndje Ndje Mireille

Abstract:

For some years in Cameroon, there has been an increase in violence in schools. This violence has gone from verbal to physical, sometimes going as far as murder. At the centre of this violence, we find the student who is a teenager in the midst of both physical and psychological changes. The unpredictable transformations of his body, the unexpected emotions arrouse when he encouters someonelse, intrusion, shortcomings, boredom, loneliness and self-deception are the threats to which the teenager faces daily. From the psychopathological point of view, the greatest threat in adolesence is probably the depresive threat. During adolescence and for several resons, the subject is confronted with the self image. He displays certantity which sometimes hides great uncertaintity about what leads him to manifest some particular behaviours or undertake certain actions. Faced with aggressiveness twards those he confronts, he feels more or less guilt. This can lead a certain number of adolescents to feel heplessness faced to their vis-à-vis, faced to life. This helplessness is sometimes reinforced by the social, cultural and economic context in which they are. The teeneger then feels threatens by this depression which, when it reaches its extreme, it is manifested by the feeling that he can no longer do anything. Generally, the depressive threats manifest itself in defensive forms vis-à-vis with the depression itself. Reason why, it is indeed a threat and not a threshold already crossed. This threat often manifests itself in inappropriate forms of attack on one’s own body as seen in a number of repetitive risky behaviours. We also see teenegers confront peers and even adults through physical attacks and often go as far as murder. All these behaviours appears as an absurd way of attacking and at the same time confronting the feeling of remaining alive. This depressive threats can also be expressed in forms of attacks on an individual’s thinking abilities or more explicitely in the form of accademic downfall. The depressive threats does not sum up all the problems of adolescence, but, undoubtly represents currently, one of the deepest form of unease adolescents face.

Keywords: violence, school, depression threats, adolescent, behavior

Procedia PDF Downloads 52

Authors: Khasim Munir Bhasha Shaik

Abstract:

Pulicat Lake is the second largest brackish water lagoon after Chilika Lake of Orissa along the east coast of India. Estuaries and lagoons have brackish water which shows high biological productivity than fresh or sea water. Hence, it has a wide range of aquatic, terrestrial flora. The World Wide Fund for Nature declared it as a protected area. The present study aims to explore the flora of the lagoon along with the various threats for its eco-degradation which helps to plan necessary conservation methods.

Keywords: phytodiversity, pulicat lake, threats, conservation

Procedia PDF Downloads 244

Authors: H. Gorine, M. Ramadan Elmezughi

Abstract:

In this paper, we investigate security issues and challenges facing researchers in wireless sensor networks and countermeasures to resolve them. The broadcast nature of wireless communication makes Wireless Sensor Networks prone to various attacks. Due to resources limitation constraint in terms of limited energy, computation power and memory, security in wireless sensor networks creates different challenges than wired network security. We will discuss several attempts at addressing the issues of security in wireless sensor networks in an attempt to encourage more research into this area.

Keywords: wireless sensor networks, network security, light weight encryption, threats

Procedia PDF Downloads 479

Authors: Carlos Alberto Ríos Reyes, Andrés Felipe Mejía Durán, Oscar Mauricio Castellanos Alarcón

Abstract:

There is no doubt of great importance to make it known that planet Earth is an entity in constant change and transformation; processes such as construction and destruction are part of the evolution of the territory. Geoeducation workshops represent a significant contribution to the search for educational projects focused on teaching relevant geoscience topics to make natural threats known in schools through recreational and didactic activities. This initiative represents an educational alternative that must be developed with the participation of primary and secondary schools, universities, and local communities. The methodology is based on several phases, which include: diagnosis to know the best teaching method for basic concepts and establish a starting point for the topics to be taught, as well as to identify areas and concepts that need to be reinforced and/or deepened; design of activities that involve all students regardless of their ability or level; use of accessible materials and experimentation to support clear and concise explanations for all students; adaptation of the teaching-learning process to individual needs; sensitization about natural threats; and evaluation and feedback. It is expected to offer a series of activities and materials as a significant contribution to the search for educational projects focused on teaching relevant geoscientific topics such as natural threats associated with earthquakes, volcanic eruptions, floods, landslides, etc. The major findings of this study are the pedagogical strategies that primary and secondary school teachers can appropriate to face the challenge of transferring geological knowledge and to advise decision-makers and citizens on the importance of geosciences for daily life. We conclude that the knowledge of the natural threats to our planet is very important to contribute to mitigating their risk.

Keywords: workshops, geoeducation, curriculum, geosciences, natural threats

Procedia PDF Downloads 34

Authors: Kai Qian, Lixin Tao

Abstract:

Mobile devices such as smartphones are getting more and more popular in our daily lives. The security vulnerability and threat attacks become a very emerging and important research and education topic in computing security discipline. There is a need to have an innovative mobile security hands-on laboratory to provide students with real world relevant mobile threat analysis and protection experience. This paper presents an authentic teaching and learning mobile security approach with smartphone devices which covers most important mobile threats in most aspects of mobile security. Each lab focuses on one type of mobile threats, such as mobile messaging threat, and conveys the threat analysis and protection in multiple ways, including lectures and tutorials, multimedia or app-based demonstration for threats analysis, and mobile app development for threat protections. This authentic learning approach is affordable and easily-adoptable which immerse students in a real world relevant learning environment with real devices. This approach can also be applied to many other mobile related courses such as mobile Java programming, database, network, and any security relevant courses so that can learn concepts and principles better with the hands-on authentic learning experience.

Keywords: mobile computing, Android, network, security, labware

Procedia PDF Downloads 366

Authors: Nila Febri Wilujeng, Helda Risman

Abstract:

Enjoying stable security within its region for the last 50 years, ASEAN nowadays contends with the global context emerging dynamically, which brings about multidimensional challenges and threats such as terrorism, radicalism, armed rebellion, hijacking, and other non-traditional threats. Dealing with these circumstances, ASEAN member states tighten its capacity by enhancing regional cooperation and strategic information exchange among ASEAN member states so-called ASEAN Our Eyes. This initiative adopted for the sake of forestalling any possible threat posed by violent extremism, radicalization, and terrorism through timely strategic information exchange among ASEAN member states. By using qualitative method, this paper will utilize regional security complex and international cooperation theories in analyzing the process to examine ASEAN Our Eyes based on its terms of reference. As a result, it portrays that ASEAN Our Eyes is able to undermine the gaps in the realm of strategic information exchange in monitoring the movement of violent extremism, radicalism, foreign terrorist fighters, and crime-terror nexus. However, it remains premature as a strategic measure to encounter those threats in the years to come.

Keywords: regional cooperation, counter-terrorism, ASEAN our eyes, strategic information exchange

Procedia PDF Downloads 167

Authors: Joo-Hyung Oh

Abstract:

The number of service users of 4G VoLTE (voice over LTE) using LTE data networks is rapidly growing. VoLTE based on all-IP network enables clearer and higher-quality voice calls than 3G. It does, however, pose new challenges; a voice call through IP networks makes it vulnerable to security threats such as wiretapping and forged or falsified information. And in particular, stealing other users’ phone numbers and forging or falsifying call request messages from outgoing voice calls within VoLTE result in considerable losses that include user billing and voice phishing to acquaintances. This paper focuses on the threats of caller phone number spoofing in the VoLTE and countermeasure technology as safety measures for mobile communication networks.

Keywords: LTE, 4G, VoLTE, phone number spoofing

Procedia PDF Downloads 400

Authors: Yunyong Guo, Man Wang, Bryan Guo, Nathan Guo

Abstract:

This paper introduces an advanced security and privacy model tailored for Telehealth systems, emphasizing end-to-end protection across IoT, Fog, and Cloud components. The proposed model integrates encryption, key management, intrusion detection, and privacy-preserving measures to safeguard patient data. A comprehensive simulation study evaluates the model's effectiveness in scenarios such as unauthorized access, physical breaches, and insider threats. Results indicate notable success in detecting and mitigating threats yet underscore areas for refinement. The study contributes insights into the intricate balance between security and usability in Telehealth environments, setting the stage for continued advancements.

Keywords: cloud, enhancing security, fog, IoT, telehealth

Procedia PDF Downloads 28

Authors: Amjad F. Alharbi, Bashayer A. Alotaibi, Fahd S. Alotaibi

Abstract:

The emergence of Internet of Things (IoT) technology provides capabilities for a huge number of smart devices, services and people to be communicate with each other for exchanging data and information over existing network. While as IoT is progressing, it provides many opportunities for new ways of communications as well it introduces many security and privacy threats and challenges which need to be considered for the future of IoT development. In this survey paper, an IoT security issues as threats and current challenges are summarized. The security architecture for IoT are presented from four main layers. Based on these layers, the IoT security requirements are presented to insure security in the whole system. Furthermore, some researches initiatives related to IoT security are discussed as well as the future direction for IoT security are highlighted.

Keywords: Internet of Things (IoT), IoT security challenges, IoT security requirements, IoT security architecture

Procedia PDF Downloads 334

Authors: Constantinos Adamides, Petros Petrikkos

Abstract:

In the era of growing hybrid threats, small states find themselves in need to re-evaluate existing foreign and defense policies. The pressure to establishing or maintain a status of a reliable partner in the community in which they belong to, vis-à-vis their multilateral relations with other organisations and entities, small states may need to shift their policies in the field to accommodate security needs that are not only pertinent to their security, but also to that of the organisations (bloc) in which they interact. Unlike potential shortcomings in a small state’s mainstream security and defence framework where the threat would be limited to the state itself, in more contemporary times with dominating hybrid threats, the small states’ security shortcomings may also become a security problem for the bloc in which these states belong to. An indicative example is small states like Cyprus and Malta, which belong and 'interact' in the European Union. As a result, the nature of hybrid threats can be utilised to hurt bigger states in a bloc by exploiting the small states’ vulnerabilities and security gaps. Inevitably, both the defensive and foreign policy collaborations of small states with bigger states have been and are constantly re-evaluated to tackle and prevent such problems. In essence, the goal of this ‘re-evaluation’ aims to achieve a twofold goal: The first is the small states’ quest to appear as a reliable partner within the bloc, while the second is to avoid being the weakest security link in the bloc’s defence against hybrid threats. Indeed, the hybrid arena is a security area where they can excel in the bloc, despite the potential and expected conventional military deficiencies. This new environment prompts us to think security from the perspective of small states differently and in relation to their role as members or big organisations. The paper focuses on the case of Cyprus following its accession to the European Union and examines how a country that has had a very focused security orientation –not least due to its ongoing security problems– altered its foreign and defence policies within the European Union to ensure compliance with the rest of the bloc, while at the same time maximizing its role as a security player. Specifically, it examines the methods through which the country shifted its policies as well as the challenges and opportunities that emerged from these security shifts.

Keywords: Cyprus, defence, foreign policy, hybrid threats, ontological security, small states

Procedia PDF Downloads 102

Authors: Joo-Hyung Oh, Sekwon Kim, Myoungsun Noh, Chaetae Im

Abstract:

The number of service users of 4G VoLTE (voice over LTE) using LTE data networks is rapidly growing. VoLTE based on All-IP network enables clearer and higher-quality voice calls than 3G. It does, however, pose new challenges; a voice call through IP networks makes it vulnerable to security threats such as wiretapping and forged or falsified information. Moreover, in particular, stealing other users’ phone numbers and forging or falsifying call request messages from outgoing voice calls within VoLTE result in considerable losses that include user billing and voice phishing to acquaintances. This paper focuses on the threats of caller phone number spoofing in the VoLTE and countermeasure technology as safety measures for mobile communication networks.

Keywords: LTE, 4G, VoLTE, phone number spoofing

Procedia PDF Downloads 476