Search results for: cyber security

Authors: Juan Jimenez, Erika Yambay, Dayana Pilco, Brayan Parra

Abstract:

This paper presents an investigation of voice signal processing and coding using MATLAB, with the objective of generating a plasma signal on a Tesla coil within a security system. The approach focuses on using advanced voice signal processing techniques to encode and modulate the audio signal, which is then amplified and applied to a Tesla coil. The result is the creation of a striking visual effect of voice-controlled plasma with specific applications in security systems. The article explores the technical aspects of voice signal processing, the generation of the plasma signal, and its relationship to security. The implications and creative potential of this technology are discussed, highlighting its relevance at the forefront of research in signal processing and visual effect generation in the field of security systems.

Keywords: voice signal processing, voice signal coding, MATLAB, plasma signal, Tesla coil, security system, visual effects, audiovisual interaction

Procedia PDF Downloads 52

Authors: Salha Abdullah Ali Al-Shamrani, Maha Muhammad Dhaher Aljuhani, Eman Ali Ahmed Aldhaheri

Abstract:

With the proliferation of Internet of Things (IoT) devices in various industries, there has been a concurrent rise in security vulnerabilities, particularly spoofing attacks. This study explores the potential of blockchain technology in enhancing the security of IoT systems and mitigating these attacks. Blockchain's decentralized and immutable ledger offers significant promise for improving data integrity, transaction transparency, and tamper-proofing. This research develops and implements a blockchain-based IoT architecture and a reference network to simulate real-world scenarios and evaluate a blockchain-integrated intrusion detection system. Performance measures including time delay, security, and resource utilization are used to assess the system's effectiveness, comparing it to conventional IoT networks without blockchain. The results provide valuable insights into the practicality and efficacy of employing blockchain as a security mechanism, shedding light on the trade-offs between speed and security in blockchain deployment for IoT. The study concludes that despite minor increases in time consumption, the security benefits of incorporating blockchain technology into IoT systems outweigh potential drawbacks, demonstrating a significant potential for blockchain in bolstering IoT security.

Keywords: internet of things, spoofing, IoT, access control, blockchain, raspberry pi

Procedia PDF Downloads 37

Authors: James Kaweesa

Abstract:

The Internet of Things (IoT) has become a critical component of modern technology, enabling the connection of numerous devices to the internet. The interconnected nature of IoT devices, along with their heterogeneous and resource-constrained nature, makes them vulnerable to various types of attacks, such as malware, denial-of-service attacks, and network scanning. Intrusion Detection Systems (IDSs) are a key mechanism for protecting IoT networks and from attacks by identifying and alerting administrators to suspicious activities. In this review, the paper will discuss the different types of IDSs available for IoT systems and evaluate their effectiveness in detecting and preventing attacks. Also, examine the various evaluation methods used to assess the performance of IDSs and the challenges associated with evaluating them in IoT environments. The review will highlight the need for effective and efficient IDSs that can cope with the unique characteristics of IoT networks, including their heterogeneity, dynamic topology, and resource constraints. The paper will conclude by indicating where further research is needed to develop IDSs that can address these challenges and effectively protect IoT systems from cyber threats.

Keywords: cyber-threats, iot, intrusion detection system, networks

Procedia PDF Downloads 52

Authors: Egboja Simon Oga

Abstract:

One of the most important keys to the success of a nation is to ensure steady development and national economic self-sufficiency and independence. It is therefore in this regard that this paper is designed to identify food security to be crucial to all nations’ effort toward sustainable national development. Nigeria as a case study employed various effort by the successive government towards food security. Emphasis were placed on the extent to which government has boosted food security situation on the basis of the identified limitations, conclusion was drawn, recommendation/suggestions proffered, that subsidization of the process of farm inputs like fertilizer, improved seeds and agrochemical, education of farmers on modern methods of farming through extension services, improvisation of village-based food storage mechanism and provision of infrastructural facilities in rural areas to facilitate the preservation and easy evacuation of farm produces are necessary.

Keywords: food, governance, development, security

Procedia PDF Downloads 297

Authors: Karim Abouelmehdi, Loubna Dali, Elmoutaoukkil Abdelmajid, Hoda Elsayed, Eladnani Fatiha, Benihssane Abderahim

Abstract:

The security of cloud services is the concern of cloud service providers. In this paper, we will mention different classifications of cloud attacks referred by specialized organizations. Each agency has its classification of well-defined properties. The purpose is to present a high-level classification of current research in cloud computing security. This classification is organized around attack strategies and corresponding defenses.

Keywords: cloud computing, classification, risk, security

Procedia PDF Downloads 506

Authors: Ambika Prasad Gupta, Harshit Sosan Lakra

Abstract:

Food security is an important issue that has been widely discussed in literature. However, there is a lack of research on the specific food security challenges faced by tribal communities. Tribal food security refers to the ability of indigenous or tribal communities to consistently access and afford an adequate and nutritious supply of food. These communities often have unique cultural, social, and economic contexts that can impact their food security. The study aims to assess the food security status of all thirty-two major tribes, including Particularly Vulnerable Tribal Groups (PVTG) people living in various blocks of Jharkhand State. The methodology of this study focuses on measuring the food security index of indigenous people by developing and redefining a new Tribal Food Security Index (TFSI) as per the indigenous community-level indicators identified by the Global Food Security Index and other indicators relevant to food security. Affordability, availability, quality and safety, and natural resources were the dimensions used to calculate the overall Tribal Food Security Index. A survey was conducted for primary data collection of tribes and PVTGs at the household level in various districts of Jharkhand with a considerable tribal population. The result shows that due to the transition from rural to urban areas, there is a considerable change in TFSI and a decrease in forest dependency of tribal communities. Socioeconomic factors like occupation and household size had a significant correlation with TFSI. Tribal households living in forests have a higher food security index than tribal households residing in urban transition areas. The study also shows that alternative methodology adopted to measure specific community-level food security creates high significant impact than using commonly used indices.

Keywords: indigenous people, tribal food security, particularly vulnerable tribal groups, Jharkhand

Procedia PDF Downloads 41

Authors: John Ayoade

Abstract:

Radio Frequency Identification (RFID) has gained a lot of popularity in all walks of life due to its usefulness and diverse use of the technology in almost every application. However, there have been some security concerns most especially in regards to how authentic readers and tags can confirm their authenticity before confidential data is exchanged between them. In this paper, Kerberos protocol is adopted for the mutual authentication of RFID system components in order to ensure the secure communication between those components and to realize the authenticity of the communicating components.

Keywords: RFID, security, mutual authentication, Kerberos

Procedia PDF Downloads 434

Authors: Jansen Ang, Andrew Neo, Dawn Chia

Abstract:

Border Security is unlike mainstream policing in that officers are essentially in static deployment, working round the clock every day and every hour of the year looking for illegitimate entry of persons and goods. In Singapore, Border Security officers perform multiple functions to ensure the nation’s safety and security. They are responsible for safeguarding the borders of Singapore to prevent threats from entering the country. Being the first line of defence in ensuring the nation’s border security officers are entrusted with the responsibility of screening travellers inbound and outbound of Singapore daily. They examined 99 million arrivals and departures at the various checkpoints in 2014, which is a considerable volume compared to most immigration agencies. The officers’ work scopes also include cargo clearance, protective and security functions of checkpoints. The officers work in very demanding environment which can range from the smog at the land checkpoints to the harshness of the ports at the sea checkpoints. In addition, all immigration checkpoints are located at the boundaries, posing commuting challenges for officers. At the land checkpoints, festive seasons and school breaks are peak periods as given the surge of inbound and outbound travellers at the various checkpoints. Such work provides unique challenges in comparison to other law enforcement duties. This paper assesses the current stressors faced by officers of a border security agency through the conduct of ground observations as well as a perceived stress survey as well as recommendations in combating stressors faced by border security officers. The findings from the field observations and surveys indicate organisational and operational stressors that are unique to border security and recommends interventions in managing these stressors. Understanding these stressors would better inform border security agencies on the interventions needed to enhance the resilience of border security officers.

Keywords: border security, Singapore, stress, operations

Procedia PDF Downloads 296

Authors: Maryam Shayan

Abstract:

Programming frameworks have been utilized as a part of chemical industry process safety operation and configuration to enhance its effectiveness. This paper gives a brief survey and investigation of the best in class and effects of programming frameworks in process security. A study was completed by talking staff accountable for procedure wellbeing practices in the Iranian chemical process industry and diving into writing of innovation for procedure security. This article investigates the useful and operational attributes of programming frameworks for security and endeavors to sort the product as indicated by its level of effect in the administration chain of importance. The study adds to better comprehension of the parts of Information Communication Technology in procedure security, the future patterns and conceivable gaps for innovative work.

Keywords: programming frameworks, chemical industry process, process security, administration chain, information communication technology

Procedia PDF Downloads 338

Authors: Sandhya Armoogum

Abstract:

In distributed systems and in open systems such as the Internet, often mobile code has to run on unknown and potentially hostile hosts. Mobile code such as a mobile agent is vulnerable when executing on remote hosts. The mobile agent may be subjected to various attacks such as tampering, inspection, and replay attack by a malicious host. Much research has been done to provide solutions for various security problems, such as authentication of mobile agent and hosts, integrity and confidentiality of the data carried by the mobile agent. Many of such proposed solutions in literature are not suitable for open systems whereby the mobile code arrives and executes on a host which is not known and trusted by the mobile agent owner. In this paper, we propose the adoption of the reference monitor by hosts in an open system for providing trust and security for mobile code execution. A secure protocol for the distribution of the reference monitor entity is described. This reference monitor entity on the remote host may also provide several security services such as authentication and integrity to the mobile code.

Keywords: security, mobile agents, reference monitor, trust

Procedia PDF Downloads 412

Authors: Prashansa Singh, Manjot Kaur, Rohit Bajaj

Abstract:

The proliferation of wireless sensor networks and Internet of Things (IoT) devices in the quickly changing digital landscape has highlighted the urgent need for strong security solutions that can handle these systems’ limited resources. A key solution to this problem is the emergence of ultralightweight security protocols, which provide strong security features while respecting the strict computational, energy, and memory constraints imposed on these kinds of devices. This in-depth analysis explores the field of ultralightweight security protocols, offering a thorough examination of their evolution, salient features, and the particular security issues they resolve. We carefully examine and contrast different protocols, pointing out their advantages and disadvantages as well as the compromises between resource limitations and security resilience. We also study these protocols’ application domains, including the Internet of Things, RFID systems, and wireless sensor networks, to name a few. In addition, the review highlights recent developments and advancements in the field, pointing out new trends and possible avenues for future research. This paper aims to be a useful resource for researchers, practitioners, and developers, guiding the design and implementation of safe, effective, and scalable systems in the Internet of Things era by providing a comprehensive overview of ultralightweight security protocols.

Keywords: wireless sensor network, machine-to-machine, MQTT broker, server, ultralightweight, TCP/IP

Procedia PDF Downloads 23

Authors: Pius Babuna, Xiaohua Yang, Roberto Xavier Supe Tulcan, Bian Dehui, Mohammed Takase, Bismarck Yelfogle Guba, Chuanliang Han, Doris Abra Awudi, Meishui Lia

Abstract:

Water inequality, water security, and water governance are fundamental parameters that affect the sustainable use of water resources. Through policy formulation and decision-making, water governance determines both water security and water inequality. Largely, where water inequality exists, water security is undermined through unsustainable water use practices that lead to pollution of water resources, conflicts, hoarding of water, and poor sanitation. Incidentally, the interconnectedness of water governance, water inequality, and water security has not been investigated previously. This study modified the Gini coefficient and used a Logistics Growth of Water Resources (LGWR) Model to access water inequality and water security mathematically, and discussed the connected role of water governance. We tested the validity of both models by calculating the actual water inequality and water security of Ghana. We also discussed the implications of water inequality on water security and the overarching role of water governance. The results show that regional water inequality is widespread in some parts. The Volta region showed the highest water inequality (Gini index of 0.58), while the central region showed the lowest (Gini index of 0.15). Water security is moderately sustainable. The use of water resources is currently stress-free. It was estimated to maintain such status until 2132 ± 18, when Ghana will consume half of the current total water resources of 53.2 billion cubic meters. Effectively, water inequality is a threat to water security, results in poverty, under-development heightens tensions in water use, and causes instability. With proper water governance, water inequality can be eliminated through formulating and implementing approaches that engender equal allocation and sustainable use of water resources.

Keywords: water inequality, water security, water governance, Gini coefficient, moran index, water resources management

Procedia PDF Downloads 96

Authors: Nicula Valentin, Andrei Virginia

Abstract:

Nowadays, the individual plays a central role in the state’s architecture. This is why the subjective dimension of the security represents a key concept in risk assessment. The paper’s scope is to emphasize the discrepancy between expert and lay evaluations of national security hazards, which is caused by key factors like emotions, personal experience, knowledge and media. Therefore, we have chosen to apply, using these two different groups of respondents, the Q-sort method, which reveals individual beliefs, attitudes, preferences hidden behind the subjects’ own way of prioritizing the risks they are confronted with. Our study’s conclusions are meant to unveil significant indicators needed to be taken into consideration by a state’s leadership in order to understand the social perception of national security hazards, to communicate better with the public opinion and prevent or mitigate the overestimation of the severity or probability of these dangers.

Keywords: risk perception, Q-sort method, national security hazards, individual beliefs

Procedia PDF Downloads 278

Authors: Somayeh Zeinali

Abstract:

A component is generally defined as a piece of executable software with a published interface. Component-based software engineering (CBSE) has become recognized as a new sub-discipline of software engineering. In the component-based software development, components cannot be completely secure and thus easily become vulnerable. Some researchers have investigated this issue and proposed approaches to detect component intrusions or protect distributed components. Software security also refers to the process of creating software that is considered secure.The terms “dependability”, “trustworthiness”, and “survivability” are used interchangeably to describe the properties of software security.

Keywords: component-based software development, component-based software engineering , software security attributes, dependability, component

Procedia PDF Downloads 518

Authors: Jong-Won Lee

Abstract:

Since Cloud environment has appeared as the most powerful keyword in the computing industry, the growth in VDI (Virtual Desktop Infrastructure) became remarkable in domestic market. In recent years, with the trend that mobile devices such as smartphones and pads spread so rapidly, the strengths of VDI that allows people to access and perform business on the move along with companies' office needs expedite more rapid spread of VDI. However, although this enhanced accessibility and mobility can bring the enhanced productivity, it sometimes conflicts with the security, so there should be more detailed security solution, which is user authentication. In this paper, mobile OTP (One-Time Password) authentication method is proposed to secure mobile device portability through rapid and secure authentication using mobile devices such as mobile phones or pads, which does not require additional purchase or possession of OTP tokens of users. However, in order to use the service continuously and reliably in the cloud environment, both service provider and user have to prepare for security awareness and security threats, and continuously study the conflicting aspect between the improving user convenience and the security and supplement so that cloud service can provide opportunities to develop as a new growth industry in the future and create a new market in IT industry.

Keywords: cloud, OTP, mobility, security, authentication

Procedia PDF Downloads 329

Authors: Niyi Adegoke, Saanumi Jimmy Omolou

Abstract:

The prevalence rate of youth involving in cybercrime is alarming, which calls for concern among the government, parents, NGO and religious bodies, hence this paper aims at examining youth involvement in cybercrime in Nigeria. Achievement motivation theory was used to explain the activities of cyber-criminals in Nigerian society. A descriptive survey method was adopted for the study. The sample for the study was one hundred and fifty (150) respondents randomly selected from the population of the study. A questionnaire was used to gather information and data from the respondents. Data collected through the questionnaire were analyzed using percentage tool for the respondents’ bio-data while chi-square was employed to test the hypotheses. Findings from the study have revealed that parental negligence, unemployment, peer influence, and quest for materialism were responsible for cyber-crimes in Nigeria. The study concludes with the following recommendations among which are: creating employment opportunities for the youths and ensure good governance and accountability among other things will go a long way to solve the problem of cybercrime in our society.

Keywords: cybercrime, youth, Nigeria, unemployment, information communication technology

Procedia PDF Downloads 188

Authors: Amirhossein Safi

Abstract:

Internet of things (IOT) is a kind of advanced information technology which has drawn societies’ attention. Sensors and stimulators are usually recognized as smart devices of our environment. Simultaneously, IOT security brings up new issues. Internet connection and possibility of interaction with smart devices cause those devices to involve more in human life. Therefore, safety is a fundamental requirement in designing IOT. IOT has three remarkable features: overall perception, reliable transmission, and intelligent processing. Because of IOT span, security of conveying data is an essential factor for system security. Hybrid encryption technique is a new model that can be used in IOT. This type of encryption generates strong security and low computation. In this paper, we have proposed a hybrid encryption algorithm which has been conducted in order to reduce safety risks and enhancing encryption's speed and less computational complexity. The purpose of this hybrid algorithm is information integrity, confidentiality, non-repudiation in data exchange for IOT. Eventually, the suggested encryption algorithm has been simulated by MATLAB software, and its speed and safety efficiency were evaluated in comparison with conventional encryption algorithm.

Keywords: internet of things, security, hybrid algorithm, privacy

Procedia PDF Downloads 428

Authors: Sewe Silvanus Odhiambo

Abstract:

Globally, many governments have publicly recognized private security firms as essential services providers. The private security firms face a lot of challenges, but the COVID-19 situation also has exacerbated them to another level. This paper locates its relevance in the post-coronavirus era. The COVID-19 pandemic has redefined the world operation, which shows a higher impact on the security field. Accordingly, the purpose of the study was to examine the role of corporate governance on the performance of private security firms in a post-covid pandemic era in Kenya. The study employed a descriptive research design, which included a quantitative approach and secondary data. The study was carried in the month of July 2021 from the registered private security firms. After targeting all private security firms, only 54 firms had disclosed their annual report by the time of conducting the study. The results depicted that pandemic has affected the performance of private security firms measures unfavorably. Further, boards of directors show a positive association with security firm performance. The study recommends that there is need board of directors to enhance management’s risk assessments in the midst of COVID-19; ensure that there are business continuity plans; there is organizational resilience; there is need for the development of new digital strategies; enabling the digital workforce in the firms and have effective communication plans with both internal and external stakeholders to deal with uncertainties and develop more post-COVID practices for boards of directors to improve performance of private security firms in Kenya. The practical implications of the study are that the research outcomes might assist regulatory bodies, investors, policymakers, and the security sector in general in their formulation of public and corporate governance strategies concerning future emergency preparedness and responses. This study also provides a unique contribution to the literature of COVID-19 and security firm performance in emerging economies context.

Keywords: COVID-19, corporate governance, firm performance, private security firms

Procedia PDF Downloads 133

Authors: Yohannes Haile, Dipo Onipede, Jr., Omar Ashour

Abstract:

The main thrust of our research is to determine Industry 4.0 readiness of small and mid-size manufacturing companies in our region and assist them to implement Cyber Physical Production System (CPPS) capabilities. Adopting CPPS capabilities will help organizations realize improved quality, order delivery, throughput, new value creation, and reduced idle time of machines and work centers of their manufacturing operations. The key metrics for the assessment include the level of intelligence, internal and external connections, responsiveness to internal and external environmental changes, capabilities for customization of products with reference to cost, level of additive manufacturing, automation, and robotics integration, and capabilities to manufacture hybrid products in the near term, where near term is defined as 0 to 18 months. In our initial evaluation of several manufacturing firms which are profitable and successful in what they do, we found low level of Physical-Digital-Physical (PDP) loop in their manufacturing operations, whereas 100% of the firms included in this research have specialized manufacturing core competencies that have differentiated them from their competitors. The level of automation and robotics integration is low to medium range, where low is defined as less than 30%, and medium is defined as 30 to 70% of manufacturing operation to include automation and robotics. However, there is a significant drive to include these capabilities at the present time. As it pertains to intelligence and connection of manufacturing systems, it is observed to be low with significant variance in tying manufacturing operations management to Enterprise Resource Planning (ERP). Furthermore, it is observed that the integration of additive manufacturing in general, 3D printing, in particular, to be low, but with significant upside of integrating it in their manufacturing operations in the near future. To hasten the readiness of the local and regional manufacturing companies to Industry 4.0 and transitions towards CPPS capabilities, our working group (ADMAR Working Group) in partnership with our university have been engaged with the local and regional manufacturing companies. The goal is to increase awareness, share know-how and capabilities, initiate joint projects, and investigate the possibility of establishing the Center for Cyber Physical Production Systems Innovation (C2P2SI). The center is intended to support the local and regional university-industry research of implementing intelligent factories, enhance new value creation through disruptive innovations, the development of hybrid and data enhanced products, and the creation of digital manufacturing enterprises. All these efforts will enhance local and regional economic development and educate students that have well developed knowledge and applications of cyber physical manufacturing systems and Industry 4.0.

Keywords: automation, cyber-physical production system, digital manufacturing enterprises, disruptive innovation, new value creation, physical-digital-physical loop

Procedia PDF Downloads 110

Authors: V. Reyes, P. Ferreira

Abstract:

In response to high levels of competitiveness, industrial systems have evolved to improve productivity. As a consequence, a rapid increase in volume production and simultaneously, a customization process require lower costs, more variety, and accurate quality of products. Reducing time-cycle production, enabling customizability, and ensure continuous quality improvement are key features in advance intelligent industry. In this scenario, customers and producers will be able to participate in the ongoing production life cycle through real-time interaction. To achieve this vision, transparency, predictability, and adaptability are key features that provide the industrial systems the capability to adapt to customer demands modifying the manufacturing process through an autonomous response and acting preventively to avoid errors. The industrial system incorporates a diversified number of components that in advanced industry are expected to be decentralized, end to end communicating, and with the capability to make own decisions through feedback. The evolving process towards advanced intelligent industry defines a set of stages to empower components of intelligence and enhancing efficiency to achieve the decision-making stage. The integrated system follows an industrial cyber-physical system (CPS) architecture whose real-time integration, based on a set of enabler technologies, links the physical and virtual world generating the digital twin (DT). This instance allows incorporating sensor data from real to virtual world and the required transparency for real-time monitoring and control, contributing to address important features of the advanced intelligent industry and simultaneously improve sustainability. Assuming the industrial CPS as the core technology toward the latest advanced intelligent industry stage, this paper reviews and highlights the correlation and contributions of the enabler technologies for the operationalization of each stage in the path toward advanced intelligent industry. From this research, a real-time integration architecture for a cyber-physical system with applications to collaborative robotics is proposed. The required functionalities and issues to endow the industrial system of adaptability are identified.

Keywords: cyber-physical systems, digital twin, sensor data, system integration, virtual model

Procedia PDF Downloads 87

Authors: Norshima Humaidi, Saif Hussein Abdallah Alghazo

Abstract:

Cybersecurity threat have become a serious issue recently, and one of the cause is because human error, which is usually constituted by carelessness, ignorance, and failure to practice cybersecurity behaviour adequately. Using a data from a quantitative survey, Partial Least Squares-Structural Equation Modelling (PLS-SEM) analysis was used to determine the factors that affect cybersecurity protective behaviour (CPB). This study adapts cybersecurity protective behaviour model by focusing on two constructs that can enhance CPB: manager’s information security competencies (MISI) and procedural information security countermeasure (PCM) awareness. Theory of leadership competencies were adapted to measure user’s perception towards competencies among security managers/leader in the organization. Confirmatory factor analysis (CFA) testing shows that all the measurement items of each constructs were adequate in their validity individually based on their factor loading value. Moreover, each constructs are valid based on their parameter estimates and statistical significance. The quantitative research findings show that PCM awareness strongly influences CPB compared to MISI. Meanwhile, MISI was significantlyPCM awarenss. This study believes that the research findings can contribute to human behaviour in IS studies and are particularly beneficial to policy makers in improving organizations’ strategic plans in information security, especially in this new era. Most organizations spend time and resources to provide and establish strategic plans of information security; however, if employees are not willing to comply and practice information security behaviour appropriately, then these efforts are in vain.

Keywords: cybersecurity, protection behaviour, information security, information security competencies, countermeasure awareness

Procedia PDF Downloads 64

Authors: Lethola Tshikose, Munyaradzi Katurura

Abstract:

Information and Communication Technology (ICT) plays a critical role in improving daily healthcare processes. The South African healthcare organizations have adopted Information Systems to integrate their patient records. This has made it much easier for healthcare organizations because patient information can now be accessible at any time. The primary purpose of this research study was to investigate the best practices that can be applied to enhance patient security and confidentiality when using e-health systems in South Africa. Security and confidentiality are critical in healthcare organizations as they ensure safety in EHRs. The research study used an inductive research approach that included a thorough literature review; therefore, no data was collected. The research paper’s scope included patient data and possible security threats associated with healthcare systems. According to the study, South African healthcare organizations discovered various patient data security and confidentiality issues. The study also revealed that when it comes to handling patient data, health professionals sometimes make mistakes. Some may not be computer literate, which posed issues and caused data to be tempered with. The research paper recommends that healthcare organizations ensure that security measures are adequately supported and promoted by their IT department. This will ensure that adequate resources are distributed to keep patient data secure and confidential. Healthcare organizations must correctly use standards set up by IT specialists to solve patient data security and confidentiality issues. Healthcare organizations must make sure that their organizational structures are adaptable to improve security and confidentiality.

Keywords: E-health, EHR, security, confidentiality, healthcare

Procedia PDF Downloads 25

Authors: Dhananjay Singh, M. Abdullah-Al-Wadud

Abstract:

The Internet of Things is a concept of a large scale ecosystem of wireless actuators. The actuators are defined as things in the IoT, those which contribute or produces some data to the ecosystem. However, ubiquitous data collection, data security, privacy preserving, large volume data processing, and intelligent analytics are some of the key challenges into the IoT technologies. In order to solve the security requirements, challenges and threats in the IoT, we have discussed a message authentication mechanism for IoT applications. Finally, we have discussed data encryption mechanism for messages authentication before propagating into IoT networks.

Keywords: Internet of Things (IoT), message authentication, privacy, security

Procedia PDF Downloads 341

Authors: Brennan Lodge

Abstract:

Cybersecurity professionals have long been embroiled in a digital arms race, confronting increasingly sophisticated threats with innovative solutions. The field of cybersecurity is in an unending race against malicious adversaries. As threats evolve in complexity, the tools used to defend against them need to advance even faster. Burdened with a vast arsenal of tools and an expansive scope of threat intelligence, analysts frequently navigate a complex web, trying to discern patterns amidst information overload. Herein lies the potential of Retrieval Augmented Generation (RAG). By combining the capabilities of Large Language Models (LLMs) with a generative AI facet, RAG brings to the table an unparalleled ability for real-time cross-referencing, bridging the gap between raw data and actionable insights. Imagine an analyst named Sarah working at a global Fortune 500 company. Every day, Sarah navigates a maze of diverse knowledge bases, real-time threat intelligence, and her company's vast proprietary data, from network specifics to intricate technical blueprints. One day, she's challenged by a potential breach through a personal device due to the company's global "Bring Your Own Device" policy. With the clock ticking, Sarah has mere minutes to trace the malware's origin, all while considering complex regional regulations. As she races against the benchmark of Mean Time To Resolution (MTTR), she wonders: Could "Cozy Bear" with its notorious malware tactic, HAMMERTOSS, be behind this? Balancing policy intricacies, global network considerations, and ever-emerging cyber threats, Sarah's role epitomizes the intense challenges faced by today's cybersecurity analysts. While analysts grapple with this array of intricate, time-sensitive challenges, the necessity for precision and efficiency is key. RAG technology—a cutting-edge advancement in Gen AI—is a promising solution. Designed to assimilate diverse data sources such as cyber advisory notices, phishing email sentiment, secure and insecure code examples, information security policy documentation, and the MITRE ATT&CK framework, RAG equips analysts with real-time querying capabilities through a vector database and a cross referenced concise response from a Gen AI model. Traditional relational databases often necessitate a tedious process of filtering through numerous entries. Now, with the synergy of vector databases and Gen AI models, analysts can rapidly access both contextually or semantically akin data points. This augmented approach equips analysts with a comprehensive understanding of the prevailing cyber threats, elevating the robustness of cybersecurity defenses and upskilling the analyst and team, too. Vector databases underpin the knowledge translation in Gen AI. They bridge the gap between raw data and translation into meaningful insights, ensuring that analysts are equipped with comprehensive and relevant information. This superior capability of the RAG framework, with its impressive depth and precision, finds application across a broad spectrum of cybersecurity challenges. Let's delve into some use cases where its potential becomes particularly evident: Phishing Email Sentiment Analysis: Phishing remains a predominant vector for cybersecurity breaches. Leveraging RAG's capabilities, analysts can not only assess the potential malevolence of an email but can also understand the context behind it. By cross-referencing patterns from varied data sources in real-time, the detection process evolves from a mere content evaluation to a holistic understanding of attacker tactics, behaviors, and evolving profiles. This allows for the identification of nuanced phishing strategies that might otherwise go undetected. Insecure Code Analysis: Software vulnerabilities form a critical entry point for cyber adversaries. With RAG, the process of code evaluation undergoes a transformation. Instead of manual code reviews, the system pulls insights from vector databases and historical code snippets marked as insecure, enabling detection of vulnerabilities based on historical patterns, emerging threat vectors, and even predictive threat modeling. This ensures that even the most obfuscated or embedded vulnerabilities are identified, and corrective measures can be promptly implemented. Vulnerability and Upskill Advisory: In the fast-paced world of cybersecurity, staying updated is paramount. Through RAG's capabilities, analysts are not only made aware of real-time vulnerabilities but are also guided on the necessary skills and tools needed to combat them. By dynamically sourcing data through vulnerability advisories, news on advanced persistent threats, and tactics to defend, RAG ensures that analysts are not only reactive to threats but are also proactively upskilled, thereby bolstering their defense mechanisms. Information Security Policies for Compliance Teams: Compliance remains at the heart of many organizational cybersecurity strategies. However, with ever-shifting regulatory landscapes, staying compliant becomes a moving target. RAG's ability to source real-time data ensures that compliance teams always have access to the latest policy changes, guidelines, and best practices. This not only facilitates adherence to current standards but also anticipates future shifts, assists with audits, and ensures that organizations remain ahead of the compliance curve. Fusing a RAG architecture with platforms like Slack amplifies its practical utility. Slack, known for its real-time communication prowess, seamlessly evolves into more than just a messaging platform in this context. Cybersecurity analysts can pose intricate queries within Slack and, almost instantaneously, receive comprehensive feedback powered by the harmonious interplay of RAG and Gen AI. This integration effectively transforms Slack into an AI-augmented chatbot-like assistant for cybersecurity professionals, always ready to provide informed insights on-demand, making it an indispensable ally in the ever-evolving cyber battlefield. Navigating the vast landscape of cybersecurity, analysts often encounter unfamiliar terminologies and techniques., analysts require tools that not only detect or inform them of threats, like CISA (U.S Cybersecurity Infrastructure Security Agency) Advisories, but also interpret and communicate them effectively. Consider a junior cybersecurity analyst named Alex, who comes across the term "Kerberoasting" while reviewing a network log. Unfamiliar with its intricacies, Alex turns to Slack to pose a query: "chat explain is Kerberoasting, using CISA." Almost instantaneously, Slack, powered by the harmonious interplay of RAG and Gen AI, provides a detailed response, cross-referencing a recent cyber advisory on the technique. It explains how attackers can exploit the Kerberos Ticket Granting Service to decipher service account passwords, potentially compromising a network. In this dynamic realm of cybersecurity, the blend of RAG and Generative AI represents more than just a technological leap. It embodies a paradigm shift, promising a future where human expertise and AI-driven precision join forces. As cyber threats continue their relentless advance, this synergy ensures that defenders are equipped with an arsenal that's not just reactive, but also profoundly insightful. No longer should analysts be submerged in a deluge of data without direction. Instead, they should be empowered, to discern, act, and preempt with unparalleled clarity and confidence. By harmoniously intertwining human discernment with AI capabilities, we should chart a path towards a future where cybersecurity is not just about defense, but about achieving a strategic advantage, paving the way for a safer, informed and a more secure digital horizon.

Keywords: cybersecurity, gen AI, retrieval augmented generation, cybersecurity defense strategies

Procedia PDF Downloads 47

Authors: Maleh Yassine, Ezzati Abdellah

Abstract:

Wireless Sensor Networks (WSNs) are currently used in different industrial and consumer applications, such as earth monitoring, health related applications, natural disaster prevention, and many other areas. Security is one of the major aspects of wireless sensor networks due to the resource limitations of sensor nodes. However, these networks are facing several threats that affect their functioning and their life. In this paper we present security attacks in wireless sensor networks, and we focus on a review and analysis of the recent Intrusion Detection schemes in WSNs.

Keywords: wireless sensor networks, security attack, denial of service, IDS, cluster-based model, signature based IDS, hybrid IDS

Procedia PDF Downloads 345

Authors: Damola O. Lawal, David W. Gresty, Diane E. Gan, Louise Hewitt

Abstract:

This paper investigates the feasibility of using a programmable USB such as the O.MG Cable to perform a file tampering attack. Here, the O.MG Cable, an apparently harmless mobile device charger, is used in an unauthorized way to alter the content of a file (accounts record-January_Contributions.xlsx). The aim is to determine if a forensics analyst can reliably determine who has altered the target file; the O.MG Cable or the user of the machine. This work highlights some of the traces of the O.MG Cable left behind on the target computer itself, such as the Product ID (PID) and Vendor ID (ID). Also discussed is the O.MG Cable’s behavior during the experiments. We determine if a forensics analyst could identify if any evidence has been left behind by the programmable device on the target file once it has been removed from the computer to establish if the analyst would be able to link the traces left by the O.MG Cable to the file tampering. It was discovered that the forensic analyst might mistake the actions of the O.MG Cable for the computer users. Experiments carried out in this work could further the discussion as to whether an innocent user could be punished for the unauthorized changes made by a programmable device.

Keywords: O.MG cable, programmable USB, file tampering attack, digital evidence credibility, miscarriage of justice, cyber fraud

Procedia PDF Downloads 128

Authors: Chalee Thammarat

Abstract:

Mobile phones are equipped with increased short-range communication functionality called Near Field Communication (or NFC for short). NFC needs no pairing between devices but suitable for little amounts of data in a very restricted area. A number of researchers presented authentication techniques for NFC communications, however, they still lack necessary authentication, particularly mutual authentication and security qualifications. This paper suggests a new authentication protocol for NFC communication that gives mutual authentication between devices. The mutual authentication is a one of property, of security that protects replay and man-in-the-middle (MitM) attack. The proposed protocols deploy a limited-use offline session key generation and use of distribution technique to increase security and make our protocol lightweight. There are four sub-protocols: NFCAuthv1 is suitable for identification and access control and NFCAuthv2 is suitable for the NFC-enhanced phone by a POS terminal for digital and physical goods and services.

Keywords: cryptographic protocols, NFC, near field communications, security protocols, mutual authentication, network security

Procedia PDF Downloads 399

Authors: Helyeh Doutaghi

Abstract:

The United Nations Security Council (UNSC) is one of the six principal organs of the United Nations. Under the Charter of the United Nations (UN Charter), the UNSC’s primary responsibility is maintaining international peace and security, which it does through establishing and adopting a Security Council resolution. United Nations resolutions are formal expressions of the opinion or will of United Nations organs. However, there have been times when powerful politicians (or governments with great political power) had the first say in situations where the UNSC should have had jurisdiction based on the principle of rule of law, which is the notion that people are governed by the law rather than by officials. This paper will assess the effectiveness of the UNSC by analyzing its actions during the Iran-Iraq war for it has been found that one of the major reasons for the prolongation of the war was a result of the one-sided positions taken by the UNSC and many nations. The UNSC’s success in achieving its primary goal during the war will be discussed, including an examination of the duties and structure of the UNSC by reviewing the articles in the UN Charter; this will include examples of the UNSC’s role in other international disputes as well.

Keywords: UN Security Council, Iran, Iraq, charter, international law

Procedia PDF Downloads 422

Authors: Asmau Zarma Gogaram

Abstract:

The paper examines adult education and how it can be employed as a strategy for transformation and security challenges in Nigeria. It defines the meaning of adult education and its objectives.The issue of the necessity of employing adult education as a strategy for transformation and security challenges was also examined in the paper.In doing this it discussed the different types of adult education programmes, i.e.continuing education, literacy education, retirement and pre-retirement education and civic education. The paper concluded by stating that if the programmes stated are internalizes and applied they can help to raise awareness. Finally the paper proffered some recommendations one of which was that government should at all levels increase their efforts or promoting acquisition of adult education.

Keywords: adult education, transformation and security challenges, Nigeria, education and human development

Procedia PDF Downloads 480

Authors: Sipumle Qapeshu, Bongiwe Mcata, Ajuruchukwu Obi

Abstract:

Subsistence farmers practice farming for survival while commercial farmers produce to feed themselves and larger society with the motive to achieve highest profit. These types of farmers are characterised by growing what they eat, live without making regular purchases in the markets. The main objective of subsistence/peasant farmers is to ensure food security at household level. Cabbage is a crop that has been identified to have vital food nutrient sources like Vitamin A, B and C, protein, calcium, iron and antioxidative compounds beneficial for preventing cancer. This paper, therefore, looks at the potential that cabbage production has in enhancing household food security and also the challenges encountered by these cabbage producers. Primary data was obtained from 50 respondents, and linear regression model was used to analyse the data used. Income was used as food security measure. The results showed that three variables were statistically significant and they are gender (10%), education (5%) and household size (5%). Meaning that these are variables that influenced cabbage production by these households, and it also affects their food security status since income is affected.

Keywords: subsistence farmers, food security, cabbage, farming

Procedia PDF Downloads 267