Search results for: cyber attacks

Authors: Ejd Garba, Okike Benjamin

Abstract:

Today, the word encryption has become very popular even among non-computer professionals. There is no doubt that some works have been carried out in this area, but more works need to be done. Presently, most of the works on encryption is concentrated on the sender of the message without paying any attention to the message recipient. However, it is a good practice if any message sent to someone is received by the particular person whom the message is sent to. This work seeks to ensure that at the receiving end of the message, there is a security to ensure that the recipient computes a key that would enable the encrypted message to be accessed. This key would be in form of password. This would make it possible for a given message to be sent to several people at the same time. When this happens, it is only those people who computes the key correctly that would be given the opportunity to access even the encrypted message, which can in turn be decrypted using the appropriate key.

Keywords: arithmetic, cyber space, modulo-2, information security

Procedia PDF Downloads 284

Authors: Mattias Bergstrom

Abstract:

Significance of the Study: This research will provide new insights into the risks with digital embedded infrastructure. Through this research, we will analyze each risk and its potential negation strategies, especially for AI and autonomous automation. Moreover, the analysis that is presented in this paper will convey valuable information for future research that can create more stable, secure, and efficient autonomous systems. To learn and understand the risks, a large IoT system was envisioned, and risks with hardware, tampering, and cyberattacks were collected, researched, and evaluated to create a comprehensive understanding of the potential risks. Potential solutions have then been evaluated on an open source IoT hardware setup. This list shows the identified passive and active risks evaluated in the research. Passive Risks: (1) Hardware failures- Critical Systems relying on high rate data and data quality are growing; SCADA systems for infrastructure are good examples of such systems. (2) Hardware delivers erroneous data- Sensors break, and when they do so, they don’t always go silent; they can keep going, just that the data they deliver is garbage, and if that data is not filtered out, it becomes disruptive noise in the system. (3) Bad Hardware injection- Erroneous generated sensor data can be pumped into a system by malicious actors with the intent to create disruptive noise in critical systems. (4) Data gravity- The weight of the data collected will affect Data-Mobility. (5) Cost inhibitors- Running services that need huge centralized computing is cost inhibiting. Large complex AI can be extremely expensive to run. Active Risks: Denial of Service- It is one of the most simple attacks, where an attacker just overloads the system with bogus requests so that valid requests disappear in the noise. Malware- Malware can be anything from simple viruses to complex botnets created with specific goals, where the creator is stealing computer power and bandwidth from you to attack someone else. Ransomware- It is a kind of malware, but it is so different in its implementation that it is worth its own mention. The goal with these pieces of software is to encrypt your system so that it can only be unlocked with a key that is held for ransom. DNS spoofing- By spoofing DNS calls, valid requests and data dumps can be sent to bad destinations, where the data can be extracted for extortion or to corrupt and re-inject into a running system creating a data echo noise loop. After testing multiple potential solutions. We found that the most prominent solution to these risks was to use a Peer 2 Peer consensus algorithm over a blockchain to validate the data and behavior of the devices (sensors, storage, and computing) in the system. By the devices autonomously policing themselves for deviant behavior, all risks listed above can be negated. In conclusion, an Internet middleware that provides these features would be an easy and secure solution to any future autonomous IoT deployments. As it provides separation from the open Internet, at the same time, it is accessible over the blockchain keys.

Keywords: IoT, security, infrastructure, SCADA, blockchain, AI

Procedia PDF Downloads 72

Authors: Barakat Adebisi Raji

Abstract:

In the workplace, Artificial Intelligence has, in recent years, emerged as a transformative technology that revolutionizes how organizations operate and perform tasks. It is a technology that has a significant impact on transportation, manufacturing, education, cyber security, robotics, agriculture, healthcare, and so many other organizations. By harnessing AI technology, workplaces can enhance productivity, streamline processes, and make more informed decisions. Given the potential of AI to change the way we work and its impact on the labor market in years to come, employers understand that it entails legal challenges and risks despite the advantages inherent in it. Therefore, as AI continues to integrate into various aspects of the workplace, understanding the legal and ethical implications becomes paramount. Also central to this study is the question of who is held liable where AI makes any defaults; the person (company) who created the AI, the person who programmed the AI algorithm or the person who uses the AI? Thus, the aim of this paper is to provide a detailed overview of how AI-related liabilities are addressed under each legal tradition and shed light on potential areas of accord and divergence between the two legal cultures. The objectives of this paper are to (i) examine the ability of Common law and Islamic law to accommodate the issues and damage caused by AI in the workplace and the legality of compensation for such injury sustained; (ii) to discuss the extent to which AI can be described as a legal personality to bear responsibility: (iii) examine the similarities and disparities between Common Law and Islamic Jurisprudence on the liability of AI in the workplace. The methodology adopted in this work was qualitative, and the method was purely a doctrinal research method where information is gathered from the primary and secondary sources of law, such as comprehensive materials found in journal articles, expert-authored books and online news sources. Comparative legal method was also used to juxtapose the approach of Islam and Common Law. The paper concludes that since AI, in its current legal state, is not recognized as a legal entity, operators or manufacturers of AI should be held liable for any damage that arises, and the determination of who bears the responsibility should be dependent on the circumstances surrounding each scenario. The study recommends the granting of legal personality to AI systems, the establishment of legal rights and liabilities for AI, the establishment of a holistic Islamic virtue-based AI ethics framework, and the consideration of Islamic ethics.

Keywords: AI, health- care, agriculture, cyber security, common law, Shari'ah

Procedia PDF Downloads 8

Authors: Nádia Pereira, Paula Ferreira, Sofia Francisco, Sofia Oliveira, Sidclay Souza, Paula Paulino, Ana Margarida Veiga Simão

Abstract:

Social media has progressed into a platform for hate speech among its users, and thus, there is an increasing need to develop automatic detection classifiers of offense and conflicts to help decrease the prevalence of such incidents. Online communication can be used to intentionally harm someone, which is why such classifiers could be essential in social networks. A possible application of these classifiers is the automatic detection of cyberbullying. Even though identifying the aggressive language used in online interactions could be important to build cyberbullying datasets, there are other criteria that must be considered. Being able to capture the language, which is indicative of the intent to harm others in a specific context of online interaction is fundamental. Offense and hate speech may be the foundation of online conflicts, which have become commonly used in social media and are an emergent research focus in machine learning and natural language processing. This study presents two Portuguese language offense-related datasets which serve as examples for future research and extend the study of the topic. The first is similar to other offense detection related datasets and is entitled Aggressiveness dataset. The second is a novelty because of the use of the history of the interaction between users and is entitled the Conflicts/Attacks dataset. Both datasets were developed in different phases. Firstly, we performed a content analysis of verbal aggression witnessed by adolescents in situations of cyberbullying. Secondly, we computed frequency analyses from the previous phase to gather lexical and linguistic cues used to identify potentially aggressive conflicts and attacks which were posted on Twitter. Thirdly, thorough annotation of real tweets was performed byindependent postgraduate educational psychologists with experience in cyberbullying research. Lastly, we benchmarked these datasets with other machine learning classifiers.

Keywords: aggression, classifiers, cyberbullying, datasets, hate speech, machine learning

Procedia PDF Downloads 198

Authors: Proud Arunrangsiwed

Abstract:

This research is a collaborative narrative research, which is mixed with issues of selected papers and researcher's experience as an anonymous user on social networking sites. The objective of this research is to understand the reasons of the regular users who reject to contact with anonymous users, and to study the communication traditions used in the selected studies. Anonymous users are rejected by regular users, because of the fear of cyber bully, the fear of unpleasant behaviors, and unwillingness of changing communication norm. The suggestion for future research design is to use longitudinal design or quantitative design; and the theory in rhetorical tradition should be able to help develop a strong trust message.

Keywords: anonymous, anonymity, online identity, trust message, reliability

Procedia PDF Downloads 339

Authors: Chia-Wen Wang, Patou Masika Musumari, Teeranee Techasrivichien, S. Pilar Suguimoto, Chang-Chuan Chan, Masako Ono-Kihara, Masahiro Kihara

Abstract:

Background: In recent years, a particular form of bullying, referred to as 'cyberbullying' has emerged along with the rapid expansion of the Internet, social network services (SNSs) and smart phones. Many Asian countries, including Taiwan, are faced with both the cyberbullying and the traditional form of bullying. This study aims to explore Taiwanese adolescents’ experiences, perceptions and opinions regarding cyberbullying and traditional bullying through the perspective of victim, perpetrator, or witness. Method: This is a qualitative study using face-to-face in-depth interviews guided by a semi-structured questionnaire among high school students -aged 16 to 18 years- in Taipei, Taiwan. The participants were recruited through convenience sampling from five high schools between June and November 2016. Interviews were digitally recorded, transcribed, and analyzed using the thematic analysis approach. Results: Forty-eight participants were recruited, of which, 14 (29.2%) reported had ever experienced bullying. Specifically, 7 participants (14.6%) reported had ever been victims of cyberbullying, 1 (2%) had been victims of traditional bullying, and 6 (12.5%) had been victims of both cyber and traditional bullying. The majority (70.8%) reported had ever witnessed acts of bullying; however, none of the participants recognized had ever been a perpetrator of bullying. Cyberbullying mostly happens on social media (Facebook and Instagram) or LINE instant messaging application, and included upload and sharing of degrading pictures and videos of victims, as well as gossip and mean messages by the perpetrators. The anonymous and public nature of social media groups in schools made it easier to perpetrate bullying. The victim of traditional bullying reported being the target of verbal attack because of his physical appearance. Regardless of the type of bullying, victims reported feeling bad, angry, or depressed as a result of being bullied. Witnesses of both cyber- and traditional bullying cited physical appearance (e.g. having the big/flat bust or big butt, or overweight or obese) and disability as the most reasons of being a bullying victim. Conclusion: Both cyberbullying and traditional bullying had negative emotional and psychological impacts on victims. This study warrants further research to assess the extent of this phenomenon and understand the characteristics of perpetrators, victims, and witnesses to inform the design of tailored interventions using appropriate channels of dissemination.

Keywords: cyberbullying, traditional bullying, social media, adolescents

Procedia PDF Downloads 317

Authors: Johannes Atug, Stefan Braunreuther, Gunther Reinhart

Abstract:

Volatile markets, as well as increasing global competition in manufacturing, lead to a high demand of flexible and agile production systems. These advanced production systems in turn conduct to high capital expenditure along with high investment risks. Developments in production regarding digitalization and cyber-physical systems result to a merger of informational- and operational technology. The approach of this paper is to benefit from this merger and present a framework of a production network with scalable production capacity and low capital expenditure by adaptation of the IT concept 'everything as a service' into the production environment.

Keywords: digital manufacturing system, everything as a service, reconfigurable production, value network

Procedia PDF Downloads 312

Authors: Sehrish Qayyum

Abstract:

In this age of constant technology, asymmetrical warfare could not be won. Attuned psychometric study confirms that screaming sometimes is more productive than active retaliation against strong adversaries. Asymmetric warfare is a game of nerves and thoughts with least vigorous participation for large anticipated losses. It creates the condition of paraplegia with partial but permanent immobility, which effects the core warfare operations, being screams rather than active retaliation. When one’s own power is doubted, it gives power to one’s own doubt to ruin all planning either done with superlative cost-benefit analysis. Strategically calculated estimation of asymmetric warfare since the early WWI to WWII, WWII-to Cold War, and then to the current era in three chronological periods exposits that courage makes nations win the battle of warriors to battle of comrades. Asymmetric warfare has been most difficult to fight and survive due to unexpectedness and being lethal despite preparations. Thoughts before action may be the best-assumed strategy to mix Regional Security Complex Theory and OODA loop to develop the Paraplegic Resilience Policy Plan (PRPP) to win asymmetric warfare. PRPP may serve to control and halt the ongoing wave of terrorism, guerilla warfare, and insurgencies, etc. PRPP, along with a strategic work plan, is based on psychometric analysis to deal with any possible war condition and tactic to save millions of innocent lives such that lost in Christchurch New Zealand in 2019, November 2015 Paris attacks, and Berlin market attacks in 2016, etc. Getting tangled into self-imposed epistemic dilemmas results in regret that becomes the only option of performance. It is a descriptive psychometric analysis of war conditions with generic application of probability tests to find the best possible options and conditions to develop PRPP for any adverse condition possible so far. Innovation in technology begets innovation in planning and action-plan to serve as a rheostat approach to deal with asymmetric warfare.

Keywords: asymmetric warfare, psychometric analysis, PRPP, security

Procedia PDF Downloads 113

Authors: Nuruddeen Usman, Usman Mohammed Gidado, Muhammad Ahmad Ibrahim

Abstract:

Construction industry is one of the sectors that are eyeing adoption of ICT for its development due to the advancement in technology. Though, many manufacturing sectors had been using it, but construction industry was left behind, especially in the developing nation like Nigeria. On account of that, the objective of this study is to conceptually and quantitatively synthesise whether the slow adoption of ICT by the construction industries can be attributable to cybercrime threats. The result of the investigation found that, the risk of cybercrime, and lack of adequate cyber security policies that can enforce and punish defaulters are among the things that hinder ICT adoption of the Nigerian construction industries. Therefore, there is need for the nations to educate their citizens on cybercrime risk, and to establish cybercrime police units that can be monitoring and controlling all online communications.

Keywords: construction industry, cybercrime, information and communication technology adoption, risk

Procedia PDF Downloads 475

Authors: Sumanta Meher, Gaurav Shukla

Abstract:

The torments of the victims of terrorism have not only confined to loss of life and limp but also includes the physiological trauma to the innocent victims. The physical wounds may heal, but the trauma remains in the mind and heart of the victims and their loved ones; however, one should not deny that these terrorist activities affect to a major extent to their livelihood. To protect their human rights and restore the shattered lives of the victims of terrorism all the Nations beyond their differences have to show solidarity and frame a comprehensive restorative policy with an effective implementing mechanism. The General Assembly of United Nations, through its several resolutions, has appealed Nations to show solidarity and also committed to helping the Members State to frame the law and policy to support the victims of terrorism. To achieve the objectives of the resolutions adopted by the United Nations, the Indian legislators in 2008 amended the Code of Criminal Procedure, 1973 and incorporated Section 357A to provide financial assistance to the victims of terrorism. In India, the contemporary developments in the victims’ oriented studies have increased the dimension of the traditional criminal justice systems to protect the rights of the victims. In this regard, the paper has ascertained the Indian legal framework in respect to the restorative justice to the victims of terrorism and also addressed the question as to whether the statutory provisions and enforcement mechanisms are efficient enough to protect the human rights of the victims of terrorism. For that purpose, the paper has analyzed the International instruments and the reports with regard to the compensation to the victims of terrorist attacks, with that, the article also evaluates the initiatives of United Nations to help Members State to frame the law and policies to support the victims of terrorism. The study also made an attempt to critically analyze the legal provisions of compensation and rehabilitation of the victims of terrorist attacks in India and whether they are in alignment with the International standards. While concluding, the paper has made an endeavor for a robust legal framework towards the restorative justice for the victims of terrorism in India.

Keywords: victims of terrorism, restorative justice, human rights, criminal justice system of India

Procedia PDF Downloads 141

Authors: Mohsen Rezaee

Abstract:

Although robust security softwares, including anti-viruses, anti-spywares, anti-spam and firewalls are amalgamated with new technologies such as safe zone, hybrid cloud, sand box and etc., and although it can be said that they have managed to prepare highest level of security against viruses, spywares and other malwares in 2012, in fact, hacker attacks to websites are increasingly becoming more and more complicated. Because of security matters developments it can be said it was expected to happen so. Here in this work we try to point out some functional and vital notes to enhance security on the web, enabling the user to browse safely in unlimited web world and to use virtual space securely.

Keywords: firewalls, security, web services, computer science

Procedia PDF Downloads 372

Authors: Tao Feng, Wei-Wei Zhang, Chang-Ming Ding

Abstract:

Cross-site scripting (XSS) is one of the most popular WEB Attacking methods at present, and also one of the most risky web attacks. Because of the population of JavaScript, the scene of the cross site scripting attack is also gradually expanded. However, since the web application developers tend to only focus on functional testing and lack the awareness of the XSS, which has made the on-line web projects exist many XSS vulnerabilities. In this paper, different various techniques of XSS attack are analyzed, and a method automatically to detect it is proposed. It is easy to check the results of vulnerability detection when running it as a plug-in.

Keywords: XSS, no target attack platform, automatic detection，XSS detection

Procedia PDF Downloads 375

Authors: Muhammad Waqas Baqai, Noman Shahzad, Rehman Alvi

Abstract:

Communication among health care givers is the essence of quality patient care and any compromise results in errors and inefficiency leading to cumbersome outcomes. The use of smartphone among health professionals has increased tremendously. Almost every health professional carries it and majority of them uses a third party communication software called whatsApp for work related communications. It gives instant access to the person responsible for any particular query and therefore helps in efficient and timely decision making. It is also an easy way of sharing medical documents, multimedia and provides platform for consensual decision making through group discussions. However clinical communication through whatsApp has some demerits too including reduction in verbal communication, worsening professional relations, unprofessional behavior, risk of confidentiality breach and threats from cyber-attacks. On the other hand the traditional pager device being used in many health care systems is a unidirectional communication that lacks the ability to convey any information other than the number to which the receiver has to respond. Our study focused on these two widely used modalities of communication among doctors of the largest tertiary care center of Pakistan i.e. The Aga Khan University Hospital. Our aim was to note which modality is considered better and has fewer threats to medical data. Approval from ethical review committee of the institute was taken prior to conduction of this study. We submitted an online survey form to all the interns and residents working at our institute and collected their response in a month’s time. 162 submissions were recorded and analyzed using descriptive statistics. Only 20% of them were comfortable with using pagers exclusively, 52% with whatsApp and 28% with both. 65% think that whatsApp is time-saving and quicker than pager. 54% of them considered whatsApp to be causing nuisance from work related notifications in their off-work hours. 60% think that they are more likely to miss information through pager system because of the unidirectional nature. Almost all (96%) of residents and interns found whatsApp to be useful in terms of saving information for future reference. For urgent issues, majority (70%) preferred pager over whatsApp and also pager was considered more valid in terms of hospital policies and legal issues. Among major advantages of whatsApp as listed by them were; easy mass communication, sharing of clinical pictures, universal access and no need of carrying additional device. However the major drawback of using whatsApp for clinical communication that everyone shared was threat to patients’ confidentiality as clinicians usually share pictures of wounds, clinical documents etc. Lastly we asked them if they think there is a need of a separate application for instant communication dedicated to clinical communication only and 90% responded positively. Therefore, we concluded that both modalities have their merits and demerits but the greatest drawback with whatsApp is the risk of breach in patients’ confidentiality and off-work disturbance. Hence, we recommend a more secure, institute-run application for all intra hospital communications where they can share documents, pictures etc. easily under a controlled environment.

Keywords: WhatsApp, pager, clinical communication, confidentiality

Procedia PDF Downloads 117

Authors: Sandeep Mehmi, Harsh Verma, A. L. Sangal

Abstract:

Ever since the idea of using computing services as commodity that can be delivered like other utilities e.g. electric and telephone has been floated, the scientific fraternity has diverted their research towards a new area called utility computing. New paradigms like cluster computing and grid computing came into existence while edging closer to utility computing. With the advent of internet the demand of anytime, anywhere access of the resources that could be provisioned dynamically as a service, gave rise to the next generation computing paradigm known as cloud computing. Today, cloud computing has become one of the most aggressively growing computer paradigm, resulting in growing rate of applications in area of IT outsourcing. Besides catering the computational and storage demands, cloud computing has economically benefitted almost all the fields, education, research, entertainment, medical, banking, military operations, weather forecasting, business and finance to name a few. Smart grid is another discipline that direly needs to be benefitted from the cloud computing advantages. Smart grid system is a new technology that has revolutionized the power sector by automating the transmission and distribution system and integration of smart devices. Cloud based smart grid can fulfill the storage requirement of unstructured and uncorrelated data generated by smart sensors as well as computational needs for self-healing, load balancing and demand response features. But, security issues such as confidentiality, integrity, availability, accountability and privacy need to be resolved for the development of smart grid cloud. In recent years, a number of intrusion prevention techniques have been proposed in the cloud, but hackers/intruders still manage to bypass the security of the cloud. Therefore, precise intrusion detection systems need to be developed in order to secure the critical information infrastructure like smart grid cloud. Considering the success of artificial neural networks in building robust intrusion detection, this research proposes an artificial neural network based model for detecting attacks in smart grid cloud.

Keywords: artificial neural networks, cloud computing, intrusion detection systems, security issues, smart grid

Procedia PDF Downloads 295

Authors: Syed Sibtain Hussain Shah

Abstract:

The Afghan Taliban returned to power corridors in Afghanistan in August 2021 after waging a twenty-year insurgency in the country. U.S.-led forces completed their withdrawal from Afghanistan on August 30, 2021, but the Taliban took control of the whole country till August 15, 2021. At the same time, some of the militant groups such as Tehrik-e-Taliban Pakistan (TTP) and Islamic State Khurasan (IS-K) reappeared in Pakistan’s borders and other areas and by increasing attacks on the armed forces of Pakistan and minorities communities. These groups once again created a crucial challenge to the internal security of the country. Since mid of 2021, many of the terrorist incidents in the countries specified in the areas of Pakistan bordering Afghanistan were committed by TTP and IS-K. The aim of this paper is to investigate the reappearance of TTP and IS-K in 2021 and 2022 as a crucial threat to the internal security of Pakistan. The author will particularly probe threats to the security of military personnel and their installations and threats to human security, including danger to religious minority communities in the different areas of the country, including border areas such as Waziristan, which was once a hub of TTP and other militant groups in the 2000s. The author will employ the relevant method and appropriate theories of security studies, such as religious extremism and terrorism, in this study. TTP, inspired by the Afghan Taliban, initially emerged in Pakistan in 2007 and this group has so far targeted various religious and ethnic communities and government installations in Pakistan. The group is not only against Pakistan’s government policies, but it also committed terrorist attacks on the communities of the other Muslim sects and as well as non-Muslim communities. Most of the prominent figures of this violent group disappeared or escaped to Afghanistan after military actions, such as the larger “Zarb-e-Azb” operation in Pakistan in 2015. IS-K, which established its branch of Khurasan covering Pakistan and Afghanistan in 2015, with its main formation in Iraq and Syria in 2015, by targeting religious minorities such as Shia Muslims, has so far created a vital security challenge for the security of the country.

Keywords: Pakistan, Afghanistan, Afghan Taliban, Pakistani Taliban, Islamic state Khorasan, security threat

Procedia PDF Downloads 109

Authors: Kitty Kioskli, Theofanis Fotis, Nineta Polemi

Abstract:

The European Union (EU) directive Artificial Intelligence (AI) Act in Article 9 requires that risk management of AI systems includes both technical and human oversight, while according to NIST_AI_RFM (Appendix C) and ENISA AI Framework recommendations, claim that further research is needed to understand the current limitations of social threats and human-AI interaction. AI threats within social contexts significantly affect the security and trustworthiness of the AI systems; they are interrelated and trigger technical threats as well. For example, lack of explainability (e.g. the complexity of models can be challenging for stakeholders to grasp) leads to misunderstandings, biases, and erroneous decisions. Which in turn impact the privacy, security, accountability of the AI systems. Based on the NIST four fundamental criteria for explainability it can also classify the explainability threats into four (4) sub-categories: a) Lack of supporting evidence: AI systems must provide supporting evidence or reasons for all their outputs. b) Lack of Understandability: Explanations offered by systems should be comprehensible to individual users. c) Lack of Accuracy: The provided explanation should accurately represent the system's process of generating outputs. d) Out of scope: The system should only function within its designated conditions or when it possesses sufficient confidence in its outputs. Biases may also stem from historical data reflecting undesired behaviors. When present in the data, biases can permeate the models trained on them, thereby influencing the security and trustworthiness of the of AI systems. Social related AI threats are recognized by various initiatives (e.g., EU Ethics Guidelines for Trustworthy AI), standards (e.g. ISO/IEC TR 24368:2022 on AI ethical concerns, ISO/IEC AWI 42105 on guidance for human oversight of AI systems) and EU legislation (e.g. the General Data Protection Regulation 2016/679, the NIS 2 Directive 2022/2555, the Directive on the Resilience of Critical Entities 2022/2557, the EU AI Act, the Cyber Resilience Act). Measuring social threats, estimating the risks to AI systems associated to these threats and mitigating them is a research challenge. In this paper it will present the efforts of two European Commission Projects (FAITH and THEMIS) from the HorizonEurope programme that analyse the social threats by building cyber-social exercises in order to study human behaviour, traits, cognitive ability, personality, attitudes, interests, and other socio-technical profile characteristics. The research in these projects also include the development of measurements and scales (psychometrics) for human-related vulnerabilities that can be used in estimating more realistically the vulnerability severity, enhancing the CVSS4.0 measurement.

Keywords: social threats, artificial Intelligence, mitigation, social experiment

Procedia PDF Downloads 29

Authors: Majid Azarniush, Soroush Mokallaei

Abstract:

Although robust security software, including anti-viruses, anti spy wares, anti-spam and firewalls, are amalgamated with new technologies such as Safe Zone, Hybrid Cloud, Sand Box etc., and it can be said that they have managed to prepare highest level of security against viruses, spy wares and other malwares in 2012, but in fact hackers' attacks to websites are increasingly becoming more and more complicated. Because of security matters and developments, it can be said that it was expected to happen so. Here in this work, we try to point out to some functional and vital notes to enhance security on the web enabling the user to browse safely in no limit web world and to use virtual space securely.

Keywords: firewalls, security, web services, software

Procedia PDF Downloads 456

Authors: Safwan Mawlood Hussien

Abstract:

Internet of Things (IoT) is a promising technology has received considerable attention in different fields such as health, industry, defence, and agro, etc. Due to the limitation capacity of computing, storage, and communication, IoT objects are more vulnerable to attacks. Many solutions have been proposed to solve security issues, such as key management using symmetric-key ciphers. This study provides a scalable group distribution key management based on ECcryptography; with less transmitted messages The method has been validated through simulations in OMNeT++.

Keywords: elliptic curves, Diffie–Hellman, discrete logarithm problem, secure key exchange, WSN security, IoT security, smart-agro

Procedia PDF Downloads 99

Authors: Roberta Mugellesi Dow

Abstract:

As the climate crisis becomes unignorable, it is imperative that new services are developed addressing not only the needs of customers but also taking into account its impact on the environment. The Telecommunication and Integrated Application (TIA) Directorate of ESA is supporting the green transition with particular attention to the sustainable mobility.“Accelerating the shift to sustainable and smart mobility” is at the core of the European Green Deal strategy, which seeks a 90% reduction in related emissions by 2050 . Transforming the way that people and goods move is essential to increasing mobility while decreasing environmental impact, and transport must be considered holistically to produce a shared vision of green intermodal mobility. The use of space technologies, integrated with terrestrial technologies, is an enabler of smarter traffic management and increased transport efficiency for automated and connected multimodal mobility. Satellite connectivity, including future 5G networks, and digital technologies such as Digital Twin, AI, Machine Learning, and cloud-based applications are key enablers of sustainable mobility.SatCom is essential to ensure that connectivity is ubiquitously available, even in remote and rural areas, or in case of a failure, by the convergence of terrestrial and SatCom connectivity networks, This is especially crucial when there are risks of network failures or cyber-attacks targeting terrestrial communication. SatCom ensures communication network robustness and resilience. The combination of terrestrial and satellite communication networks is making possible intelligent and ubiquitous V2X systems and PNT services with significantly enhanced reliability and security, hyper-fast wireless access, as well as much seamless communication coverage. SatNav is essential in providing accurate tracking and tracing capabilities for automated vehicles and in guiding them to target locations. SatNav can also enable location-based services like car sharing applications, parking assistance, and fare payment. In addition to GNSS receivers, wireless connections, radar, lidar, and other installed sensors can enable automated vehicles to monitor surroundings, to ‘talk to each other’ and with infrastructure in real-time, and to respond to changes instantaneously. SatEO can be used to provide the maps required by the traffic management, as well as evaluate the conditions on the ground, assess changes and provide key data for monitoring and forecasting air pollution and other important parameters. Earth Observation derived data are used to provide meteorological information such as wind speed and direction, humidity, and others that must be considered into models contributing to traffic management services. The paper will provide examples of services and applications that have been developed aiming to identify innovative solutions and new business models that are allowed by new digital technologies engaging space and non space ecosystem together to deliver value and providing innovative, greener solutions in the mobility sector. Examples include Connected Autonomous Vehicles, electric vehicles, green logistics, and others. For the technologies relevant are the hybrid satcom and 5G providing ubiquitous coverage, IoT integration with non space technologies, as well as navigation, PNT technology, and other space data.

Keywords: sustainability, connectivity, mobility, satellites

Procedia PDF Downloads 100

Authors: Anwesha Pathak

Abstract:

With the increasing number of satellites and space debris, space traffic management (STM) becomes crucial. AI can aid in STM by predicting and preventing potential collisions, optimizing satellite trajectories, and managing orbital slots. Governance frameworks need to address the integration of AI algorithms in STM to ensure safe and sustainable satellite activities. AI and governance play significant roles in the context of satellite activities in space. Artificial intelligence (AI) technologies, such as machine learning and computer vision, can be utilized to process vast amounts of data received from satellites. AI algorithms can analyse satellite imagery, detect patterns, and extract valuable information for applications like weather forecasting, urban planning, agriculture, disaster management, and environmental monitoring. AI can assist in automating and optimizing satellite operations. Autonomous decision-making systems can be developed using AI to handle routine tasks like orbit control, collision avoidance, and antenna pointing. These systems can improve efficiency, reduce human error, and enable real-time responsiveness in satellite operations. AI technologies can be leveraged to enhance the security of satellite systems. AI algorithms can analyze satellite telemetry data to detect anomalies, identify potential cyber threats, and mitigate vulnerabilities. Governance frameworks should encompass regulations and standards for securing satellite systems against cyberattacks and ensuring data privacy. AI can optimize resource allocation and utilization in satellite constellations. By analyzing user demands, traffic patterns, and satellite performance data, AI algorithms can dynamically adjust the deployment and routing of satellites to maximize coverage and minimize latency. Governance frameworks need to address fair and efficient resource allocation among satellite operators to avoid monopolistic practices. Satellite activities involve multiple countries and organizations. Governance frameworks should encourage international cooperation, information sharing, and standardization to address common challenges, ensure interoperability, and prevent conflicts. AI can facilitate cross-border collaborations by providing data analytics and decision support tools for shared satellite missions and data sharing initiatives. AI and governance are critical aspects of satellite activities in space. They enable efficient and secure operations, ensure responsible and ethical use of AI technologies, and promote international cooperation for the benefit of all stakeholders involved in the satellite industry.

Keywords: satellite, space debris, traffic, threats, cyber security.

Procedia PDF Downloads 41

Authors: Nolitha L. Skenjana, Bongani P. Kubheka, Maxwell A. Poswal

Abstract:

The Eastern Cape Province of South Africa is characterized by subsistence farming, which is mostly distributed in the rural areas of the province. It is estimated that cereal crops such as maize and sorghum, and vegetables such as cabbage are grown in more than 400.000 rural households, with maize being the most dominant crop. However, compared to commercial agriculture, small-scale farmers receive minimal support from research and development, limited technology transfer on the latest production practices and systems and have poor production infrastructure and equipment. Similarly, there is limited farmers' appreciation on best practices in insect pest management and control. The paper presents findings from the primary literature and personal observations on insect pest management practices of small-scale farmers in the province. Inferences from literature and personal experiences in the production areas have led to a number of deductions regarding the level of exposure and extent of vulnerability. Farmers' pest management practices, which included not controlling at all though there is a pest problem, resulted in their crop stands to be more vulnerable to pest attacks. This became more evident with the recent brown locust, African armyworm, and Fall armyworm outbreaks, and with the incidences of opportunistic phytophagous insects previously collected on wild hosts only, found causing serious damages on crops. In most of these occurrences, damage to crops resulted in low or no yield. Improvements on farmers' reaction and response to pest problems were only observed in areas where focused awareness campaigns and trainings on specific pests and their management techniques were done. This then calls for a concerted effort from all role players in the sphere of small-scale crop production, to train and equip farmers with relevant skills, and provide them with information on affordable and climate-smart strategies and technologies in order to create a state of preparedness. This is necessary for the prevention of substantial crop losses that may exacerbate food insecurity in the province.

Keywords: Eastern Cape Province, small-scale farmers, insect pest management, vulnerability

Procedia PDF Downloads 114

Authors: H. Gorine, M. Ramadan Elmezughi

Abstract:

In this paper, we investigate security issues and challenges facing researchers in wireless sensor networks and countermeasures to resolve them. The broadcast nature of wireless communication makes Wireless Sensor Networks prone to various attacks. Due to resources limitation constraint in terms of limited energy, computation power and memory, security in wireless sensor networks creates different challenges than wired network security. We will discuss several attempts at addressing the issues of security in wireless sensor networks in an attempt to encourage more research into this area.

Keywords: wireless sensor networks, network security, light weight encryption, threats

Procedia PDF Downloads 490

Authors: M. Şimşek

Abstract:

Rapidly changing factors that affect daily life also affect operational environment and the way military leaders fulfill their missions. With the help of technological developments, traditional linearity of conflict and war has started to fade away. Furthermore, mission domain has broadened to include traditional threats, hybrid threats and new challenges of cyber and space. Considering the future operational environment, future military leaders need to adapt themselves to the new challenges of the future battlefield. But how to decide what kind of features of leadership are required to operate and accomplish mission in the new complex battlefield? In this article, the main aim is to provide answers to this question. To be able to find right answers, first leadership and leadership components are defined, and then characteristics of future operational environment are analyzed. Finally, leadership features that are required to be successful in redefined battlefield are explained.

Keywords: future operational environment, leadership, leadership components

Procedia PDF Downloads 409

Authors: C. P. Autry, A.W. Roscoe

Abstract:

Authentication protocols based on public key infrastructure (PKI) and trusted third party (TTP) are no longer adequate for industrial scale IoT networks thanks to issues such as low compute and power availability, the use of widely distributed and commercial off-the-shelf (COTS) systems, and the increasingly sophisticated attackers and attacks we now have to counter. For example, there is increasing concern about nation-state-based interference and future quantum computing capability. We have examined this space from first principles and have developed several approaches to group and point-to-point authentication for IoT that do not depend on the use of a centralised client-server model. We emphasise the use of quantum resistant primitives such as strong cryptographic hashing and the use multi-factor authentication.

Keywords: authentication, enterprise IoT cybersecurity, PKI/TTP, IoT space

Procedia PDF Downloads 141

Authors: H. El-Kamchouchi, Heba Gaber, Fatma Ahmed, Dalia H. El-Kamchouchi

Abstract:

Fault tolerance and data security are two important issues in modern communication systems. In this paper, we propose a secure and efficient digital signature scheme with fault tolerance based on the improved RSA system. The proposed scheme for the RSA cryptosystem contains three prime numbers and overcome several attacks possible on RSA. By using the Chinese Reminder Theorem (CRT) the proposed scheme has a speed improvement on the RSA decryption side and it provides high security also.

Keywords: digital signature, fault tolerance, RSA, security analysis

Procedia PDF Downloads 450

Authors: Neda Jebellie

Abstract:

New information and communication technologies (ICT) not only has revolutionized the world of communication but has also strongly impacted the state of international terrorism. Using the potential of social media, the new wave of terrorism easily can recruit new jihadi members, spread their violent ideology and garner financial support. IS (Islamic State) as the most dangerous terrorist group has already conquered a great deal of social media space and has deployed sophisticated web-based strategies to promote its extremist doctrine. In this respect the vastly popular social media are the perfect tools for IS to establish its virtual Caliphate (e-caliphate) and e-Ommah (e-citizen).Using social media to release violent videos of beheading journalists, burning their hostages alive and mass killing of prisoners are IS strategies to terrorize and subjugate its enemies. Several Twitter and Facebook accounts which are IS affiliations have targeted young generation of Muslims all around the world. In fact IS terrorists use modern resources of communication not only to share information and conduct operations but also justify their violent acts. The strict Wahhabi doctrine of ISIS is based on a fundamental interpretation of Islam in which religious war against non Muslims (Jihad) and killing infidels (Qatal) have been praised and recommended. Via social media IS disseminates its propaganda to inspire sympathizers across the globe. Combating this new wave of terrorism which is exploiting new communication technologies is the most significant challenge for authorities. Before the rise of internet and social media governments had to control only mosques and religious gathering such as Friday sermons(Jamaah Pray) to prevent spreading extremism among Muslims community in their country. ICT and new communication technologies have heighten the challenge of dealing with Islamic radicalism and have amplified its threat .According to the official reports even some of the governments such as UK have created a special force of Facebook warriors to engage in unconventional warfare in digital age. In compare with other terrorist groups, IS has effectively grasped social media potential. Their horrifying released videos on YouTube easily got viral and were re-twitted and shared by thousands of social media users. While some of the social media such as Twitter and Facebook have shut down many accounts alleged to IS but new ones create immediately so only blocking their websites and suspending their accounts cannot solve the problem as terrorists recreate new accounts. To combat cyber terrorism focusing on disseminating counter narrative strategies can be a solution. Creating websites and providing online materials to propagate peaceful and moderate interpretation of Islam can provide a cogent alternative to extremist views.

Keywords: IS-islamic state, cyber terrorism, social media, terrorism, information, communication technologies

Procedia PDF Downloads 457

Authors: Abhinav Singh

Abstract:

Point Of Sale (POS) malwares have been stealing the limelight this year. They have been the elemental factor in some of the biggest breaches uncovered in past couple of years. Some of them include • Target: A Retail Giant reported close to 40 million credit card data being stolen • Home Depot : A home product Retailer reported breach of close to 50 million credit records • Kmart: A US retailer recently announced breach of 800 thousand credit card details. Alone in 2014, there have been reports of over 15 major breaches of payment systems around the globe. Memory scrapping malwares infecting the point of sale devices have been the lethal weapon used in these attacks. These malwares are capable of reading the payment information from the payment device memory before they are being encrypted. Later on these malwares send the stolen details to its parent server. These malwares are capable of recording all the critical payment information like the card number, security number, owner etc. All these information are delivered in raw format. This Talk will cover the aspects of what happens after these details have been sent to the malware authors. The entire ecosystem of credit card frauds can be broadly classified into these three steps: • Purchase of raw details and dumps • Converting them to plastic cash/cards • Shop! Shop! Shop! The focus of this talk will be on the above mentioned points and how they form an organized network of cyber-crime. The first step involves buying and selling of the stolen details. The key point to emphasize are : • How is this raw information been sold in the underground market • The buyer and seller anatomy • Building your shopping cart and preferences • The importance of reputation and vouches • Customer support and replace/refunds These are some of the key points that will be discussed. But the story doesn’t end here. As of now the buyer only has the raw card information. How will this raw information be converted to plastic cash? Now comes in picture the second part of this underground economy where-in these raw details are converted into actual cards. There are well organized services running underground that can help you in converting these details into plastic cards. We will discuss about this technique in detail. At last, the final step involves shopping with the stolen cards. The cards generated with the stolen details can be easily used to swipe-and-pay for purchased goods at different retail shops. Usually these purchases are of expensive items that have good resale value. Apart from using the cards at stores, there are underground services that lets you deliver online orders to their dummy addresses. Once the package is received it will be delivered to the original buyer. These services charge based on the value of item that is being delivered. The overall underground ecosystem of credit card fraud works in a bulletproof way and it involves people working in close groups and making heavy profits. This is a brief summary of what I plan to present at the talk. I have done an extensive research and have collected good deal of material to present as samples. Some of them include: • List of underground forums • Credit card dumps • IRC chats among these groups • Personal chat with big card sellers • Inside view of these forum owners. The talk will be concluded by throwing light on how these breaches are being tracked during investigation. How are credit card breaches tracked down and what steps can financial institutions can build an incidence response over it.

Keywords: POS mawalre, credit card frauds, enterprise security, underground ecosystem

Procedia PDF Downloads 410

Authors: Modesta E. Ezema, Chikwendu V. Alabekee, Victoria N. Ishiwu, Ifeyinwa NwosuArize, Chinedu I. Nwoye

Abstract:

The advent of wireless networking in computing technology cannot be overemphasized, it opened up easy accessibility to information resources, networking made easier and brought internet accessibility to our doorsteps, but despite all these, some mishap came in with it that is causing mayhem in today ‘s overall information security. The cyber criminals will always compromise the integrity of a message that is not encrypted or that is encrypted with a weak algorithm.In other to correct the mayhem, this study focuses on cryptosystem and cryptography. This ensures end to end crypt messaging. The study of various cryptographic algorithms, as well as the techniques and applications of the cryptography for efficiency, were all considered in the work., present and future applications of cryptography were dealt with as well as Quantum Cryptography was exposed as the current and the future area in the development of cryptography. An empirical study was conducted to collect data from network users.

Keywords: algorithm, cryptography, cryptosystem, network

Procedia PDF Downloads 318

Authors: André Python

Abstract:

To this day, terrorism persists as a worldwide threat, exemplified by the recent deadly attacks in January 2015 in Paris and the ongoing massacres perpetrated by ISIS in Iraq and Syria. In response to this threat, states deploy various counterterrorism measures, the cost of which could be reduced through effective preventive measures. In order to increase the efficiency of preventive measures, policy-makers may benefit from accurate predictive models that are able to capture the complex spatial dynamics of terrorism occurring at a local scale. Despite empirical research carried out at country-level that has confirmed theories explaining the diffusion processes of terrorism across space and time, scholars have failed to assess diffusion’s theories on a local scale. Moreover, since scholars have not made the most of recent statistical modelling approaches, they have been unable to build up predictive models accurate in both space and time. In an effort to address these shortcomings, this research suggests a novel approach to systematically assess the theories of terrorism’s diffusion on a local scale and provide a predictive model of the local spatial dynamics of terrorism worldwide. With a focus on the lethal terrorist events that occurred after 9/11, this paper addresses the following question: why and how does lethal terrorism diffuse in space and time? Based on geolocalised data on worldwide terrorist attacks and covariates gathered from 2002 to 2013, a binomial spatio-temporal point process is used to model the probability of terrorist attacks on a sphere (the world), the surface of which is discretised in the form of Delaunay triangles and refined in areas of specific interest. Within a Bayesian framework, the model is fitted through an integrated nested Laplace approximation - a recent fitting approach that computes fast and accurate estimates of posterior marginals. Hence, for each location in the world, the model provides a probability of encountering a lethal terrorist attack and measures of volatility, which inform on the model’s predictability. Diffusion processes are visualised through interactive maps that highlight space-time variations in the probability and volatility of encountering a lethal attack from 2002 to 2013. Based on the previous twelve years of observation, the location and lethality of terrorist events in 2014 are statistically accurately predicted. Throughout the global scope of this research, local diffusion processes such as escalation and relocation are systematically examined: the former process describes an expansion from high concentration areas of lethal terrorist events (hotspots) to neighbouring areas, while the latter is characterised by changes in the location of hotspots. By controlling for the effect of geographical, economical and demographic variables, the results of the model suggest that the diffusion processes of lethal terrorism are jointly driven by contagious and non-contagious factors that operate on a local scale – as predicted by theories of diffusion. Moreover, by providing a quantitative measure of predictability, the model prevents policy-makers from making decisions based on highly uncertain predictions. Ultimately, this research may provide important complementary tools to enhance the efficiency of policies that aim to prevent and combat terrorism.

Keywords: diffusion process, terrorism, spatial dynamics, spatio-temporal modeling

Procedia PDF Downloads 320

Authors: Amirreza Razzaghipour Sorkhab

Abstract:

One of the most common disorders among humans is hearing impairment. This paper provides an evidence base that recovers understanding of Meniere’s disease and highlights the physical and mental health correlates of the disorder. Meniere's disease is more common in the elderly. The term idiopathic endolymphatic hydrops has been attributed to this disease by some in the previous. Meniere’s disease demonstrations a genetic tendency, and a family history is found in 10% of cases, with an autosomal dominant inheritance pattern. The COCH gene may be one of the hereditary factors contributing to Meniere’s disease, and the possibility of a COCH mutation should be considered in patients with Meniere’s disease symptoms. Should be considered Missense mutations in the COCH gene cause the autosomal dominant sensorineural hearing loss and vestibular disorder. Meniere’s disease is a complex, heterogeneous disorder of the inner ear and that is characterized by episodes of vertigo lasting from minutes to hours, fluctuating sensorineural hearing loss, tinnitus, and aural fullness. The existing evidence supports the suggestion that age and sleep disorder are risk factors for Meniere's disease. Many factors have been reported to precipitate the progress of Menier, including endolymphatic hydrops, immunology, viral infection, inheritance, vestibular migraine, and altered intra-labyrinthine fluid dynamics. Although there is currently no treatment that has a proven helpful effect on hearing levels or on the long-term evolution of the disease, however, in the primary stages, the hearing may improve among attacks, but a permanent hearing loss occurs in the majority of cases. Current publications have proposed a role for the intratympanic use of medicine, mostly aminoglycosides, for the control of vertigo. more than 85% of patients with Meniere's disease are helped by either changes in lifestyle and medical treatment or minimally aggressive surgical procedures such as intratympanic steroid therapy, intratympanic gentamicin therapy, and endolymphatic sac surgery. However, unilateral vestibular extirpation methods (intratympanic gentamicin, vestibular nerve section, or labyrinthectomy) are more predictable but invasive approaches to control the vertigo attacks. Medical therapy aimed at reducing endolymph volume, such as low-sodium diet, diuretic use, is the typical initial treatment.

Keywords: meniere's disease, endolymphatic hydrops, hearing loss, vertigo, tinnitus, COCH gene

Procedia PDF Downloads 63