Search results for: cyber%20defence

Authors: Isik Z. Ulubas, Kaj Bjorkqvist

Abstract:

The relationships between perceived ethnic discrimination, peer aggression and school connectedness are being examined among 1,000 adolescents in Ostrobothnia, Finland with an online questionnaire. The study aims at investigating perceived ethnic discrimination in school environment by peers and teachers, and within society in general. Six types of aggressive behavior are measured: physical, verbal, indirect, and cyber aggression, in addition to both verbal and physical sexual harassment. High perceived ethnic discrimination is expected to be related with high aggression and low school connectedness. Adolescents who have special diet and clothing because of their cultural or religious background are expected to score higher on perceived ethnic discrimination and lower school connectedness. Adolescents who have lower domestic language skills (Finnish/Swedish) are expected to show lower school connectedness and higher perceived ethnic discrimination.

Keywords: adolescents, aggression, ethnic discrimination, school connectedness

Procedia PDF Downloads 193

Authors: Sandesh Achar

Abstract:

Cloud computing security is a broad term that covers a variety of security concerns for organizations that use cloud services. Multi-cloud service providers must consider several factors when addressing security for their customers, including identity and access management, data at rest and in transit, egress and ingress traffic control, vulnerability and threat management, and auditing. This paper explores each of these aspects of cloud security in detail and provides recommendations for best practices for multi-cloud service providers. It also discusses the challenges inherent in securing a multi-cloud environment and offers solutions for overcoming these challenges. By the end of this paper, readers should have a good understanding of the various security concerns associated with multi-cloud environments in the context of today’s modern cyber threats and how to address them.

Keywords: multi-cloud service, system organization control, data loss prevention, identity and access management

Procedia PDF Downloads 67

Authors: Nur Imroatun Sholihat, Gresika Bunga Sylvana

Abstract:

Currently, cyber attack became an incredibly serious problem due to its increasing trend all over the world. Therefore, information security becomes prominent for every organization including public sector organization. In Indonesia, unfortunately, Ministry of Finance (MoF) is the only public sector organization that has already formally established procedure to assess its information security adequacy by performing information security audits (November 2017). We assess the implementation of information security audits in the MoF using qualitative data obtained by interviewing IT auditors and by analysis of related documents. For this reason, information security audit practice in the MoF could become the acceptable benchmark for all other public sector organizations in Indonesia. This study is important because, to the best of the author’s knowledge, our research into information security audits practice in Indonesia’s public sector have not been found yet. Results showed that information security audits performed mostly by doing pentest (penetration testing) to MoF’s critical applications.

Keywords: information security audit, information technology, Ministry of Finance of Indonesia, public sector organization

Procedia PDF Downloads 197

Authors: Hasanah Md. Amin

Abstract:

The existence of cyberspace and its growing contents is real and overwhelming. Visual as one of the properties of cyber contents is increasingly becoming more significant and popular among creator and user. The visual and aesthetic of the content is consistent with many similarities. Aesthetic, although universal, has slight differences across the world. Aesthetic power could impress, influence, and cause bias among the users. The content creator who knows how to manipulate this visuals and aesthetic expression can dominate the scenario and the user who is ‘expressive literate’ will gain much from the scenes. User who understands aesthetic will be rewarded with competence, confidence, and certainly, a personality enhanced experience in carrying out a task when participating in this chaotic but promising cyberworld. The aim of this article is to gain knowledge from related literature and research regarding User-Generated Content (UGC), which focuses on aesthetic expression by the Net generation. The objective of this preliminary study is to analyze the aesthetic expression linked to visual from the participatory cultural viewpoint looking for meaning, value, patterns, and characteristics.

Keywords: visual overloaded, user-generated content, net generation, visual arts

Procedia PDF Downloads 408

Authors: Sara Muslat Alsahali, Nout Mohammed Alqahtani

Abstract:

Digital technology has changed the world, and with the increasing number of children accessing the Internet, it has now become an integral part of children's lives from their early years. With the rapid development of digital technology, the risks children face on the internet also evolve from cyberbullying to misuse, sexual exploitation, and abuse of their private information over the Internet. Digital technology, with its advantages and disadvantages, is now a fact of our life. Therefore, knowledge of how to reduce its risks and maximize its benefits will help shape the growth and future of a new generation of digital citizens. This paper will discuss access control techniques that help to create secure cyberspace where children can be safe without depriving them of their rights and freedom to use the internet and preventing them from its benefits. Also, it sheds light on its challenges and problems by classifying the methods of parental controlling into two possibilities asynchronous and synchronous techniques and choosing YouTube as a case study of access control techniques.

Keywords: access control, cyber security, kids, parental monitoring

Procedia PDF Downloads 105

Authors: Hilalah Alturkistani, Alaa AlFaadhel, Nora AlJahani, Fatiha Djebbar

Abstract:

Cloud computing is one of the most widely used technology which provides opportunities and services to government entities, large companies, and standard users. However, cybersecurity risk management studies of cloud computing and resiliency approaches are lacking. This paper proposes resilient cloud cybersecurity risk assessment and management tailored specifically, to Dropbox with two approaches:1) technical-based solution motivated by a cybersecurity risk assessment of cloud services, and 2)a target personnel-based solution guided by cybersecurity-related survey among employees to identify their knowledge that qualifies them withstand to any cyberattack. The proposed work attempts to identify cloud vulnerabilities, assess threats and detect high risk components, to finally propose appropriate safeguards such as failure predicting and removing, redundancy or load balancing techniques for quick recovery and return to pre-attack state if failure happens.

Keywords: cybersecurity risk management plan, resilient cloud computing, cyberattacks, cybersecurity risk assessment

Procedia PDF Downloads 105

Authors: Andrei Bogdan Stanescu, Robert Stana

Abstract:

Creating private and secure communication channels between employees has become a critical aspect in order to ensure organizational integrity and avoid leaks of sensitive information. With the widespread use of modern methods of disrupting communication between users, real use-cases of advanced encryption mechanisms have emerged to avoid cyber-attackers that are willing to intercept private conversations between critical employees in an organization. This paper aims to present a custom implementation of a messaging application named “Whisper” that uses end-to-end encryption (E2EE) mechanisms and blockchain-related components to protect sensitive conversations and mitigate the risks of information breaches inside organizations. The results of this research paper aim to expand the areas of applicability of E2EE algorithms and integrations with private blockchains in chat applications as a viable method of enhancing intra-organizational communication privacy.

Keywords: end-to-end encryption, mobile communication, cryptography, communication security, data privacy

Procedia PDF Downloads 49

Authors: Orestis Κ. Efthymiou, Stavros T. Ponis

Abstract:

In the last decade, a new industrial revolution seems to be emerging, supported -once again- by the rapid advancements of Information Technology in the areas of Machine-to-Machine (M2M) communication permitting large numbers of intelligent devices, e.g. sensors to communicate with each other and take decisions without any or minimum indirect human intervention. The advent of these technologies have triggered the emergence of a new category of hybrid (cyber-physical) manufacturing systems, combining advanced manufacturing techniques with innovative M2M applications based on the Internet of Things (IoT), under the umbrella term Industry 4.0. Even though the topic of Industry 4.0 has attracted much attention during the last few years, the attempts of providing a systematic literature review of the subject are scarce. In this paper, we present the authors’ initial study of the field with a special focus on the use and applications of Industry 4.0 principles in material handling automations and in-house logistics. Research shows that despite the vivid discussion and attractiveness of the subject, there are still many challenges and issues that have to be addressed before Industry 4.0 becomes standardized and widely applicable.

Keywords: Industry 4.0, internet of things, manufacturing systems, material handling, logistics

Procedia PDF Downloads 99

Authors: Emine Laarouchi, Daniela Cancila, Laurent Soulier, Hakima Chaouchi

Abstract:

Cyber-Physical Systems as drones proved their efficiency for supporting emergency applications. For these particular applications, travel time and autonomous navigation algorithms are of paramount importance, especially when missions are performed in urban environments with high obstacle density. In this context, however, safety properties are not properly addressed. Our ambition is to optimize the system safety level under autonomous navigation systems, by preserving performance of the CPS. At this aim, we introduce genetic algorithms in the autonomous navigation process of the drone to better infer its trajectory considering the possible obstacles. We first model the wished safety requirements through a cost function and then seek to optimize it though genetics algorithms (GA). The main advantage in the use of GA is to consider different parameters together, for example, the level of battery for navigation system selection. Our tests show that the GA introduction in the autonomous navigation systems minimize the risk of safety lossless. Finally, although our simulation has been tested for autonomous drones, our approach and results could be extended for other autonomous navigation systems such as autonomous cars, robots, etc.

Keywords: safety, unmanned aerial vehicles , CPS, ACPS, drones, path planning, genetic algorithms

Procedia PDF Downloads 144

Authors: Jameelah O. Yaqub

Abstract:

The financial industry all over the world has undergone and still undergoing great transformation especially with the introduction of e-products which involves the use of computers and telecommunications to enable banking transactions to be done by telephone or computer rather than by humans. The adoption of e-banking in Nigeria is becoming more popular with customers now being able to use the ATM cards for different transactions. The internet banking, POS machines, telephone banking as well as mobile banking are some other e-products being used in Nigeria. This study examines how satisfied bank customers are with the e-products. The study found that the ATM is the most popular e-products among bank customers in Nigeria; followed by the POS. The least use of the e-products is telephone banking. The study also found that visits to banks for transactions declined with the use of e-products. The chi-square analysis shows that there is significant relationship between the use of banks’ e-products and customers’ satisfaction. One of the major reason adduced by respondents for low usage of e-products is insecurity or fear of cyber fraud, it is therefore recommended that banks should provide adequate. Security for transactions and ensure the proper backing up of critical data files. In addition, government should ensure stable electricity supply to reduce banks’ running costs and consequently, customers’ cost of transactions.

Keywords: banks, e-products, innovation, Nigeria

Procedia PDF Downloads 314

Authors: Yiyang Su, Jörg Neumann, Jan Wetzlich, Florian Thiel

Abstract:

Smart grid is a term used to describe the next generation power grid. New challenges such as integration of renewable and decentralized energy sources, the requirement for continuous grid estimation and optimization, as well as the use of two-way flows of energy have been brought to the power gird. In order to achieve efficient, reliable, sustainable, as well as secure delivery of electric power more and more information and communication technologies are used for the monitoring and the control of power grids. Consequently, the need for cybersecurity is dramatically increased and has converged into several standards which will be presented here. These standards for the smart grid must be designed to satisfy both performance and reliability requirements. An in depth investigation of the effect of retrospectively embedded security in existing grids on it’s dynamic behavior is required. Therefore, a retrofitting plan for existing meters is offered, and it’s performance in a test low voltage microgrid is investigated. As a result of this, integration of security measures into measurement architectures of smart grids at the design phase is strongly recommended.

Keywords: cyber security, performance, protocols, security standards, smart grid

Procedia PDF Downloads 291

Authors: Z. Xu

Abstract:

Immersive virtual reality (VR) has gained momentum in humanitarian communication due to its utopian promises of co-presence, immediacy, and transcendence. These potential benefits have led the United Nations (UN) to tirelessly produce and distribute VR series to evoke global empathy and encourage policymakers, philanthropic business tycoons and citizens around the world to actually do something (i.e. give a donation). However, it is unclear whether or not VR can cultivate cosmopolitans with a sense of social responsibility towards the geographically, socially/culturally and morally mediated misfortune of faraway others. Drawing upon existing works on the mediation of distant suffering, this article constructs an analytical framework to articulate the issue. Applying this framework on a case study of five of the UN’s VR pieces, the article identifies three paradoxes that exist between cyber-utopian and cyber-dystopian narratives. In the “paradox of distance”, VR relies on the notions of “presence” and “storyliving” to implicitly link audiences spatially and temporally to distant suffering, creating global connectivity and reducing perceived distances between audiences and others; yet it also enables audiences to fully occupy the point of view of distant sufferers (creating too close/absolute proximity), which may cause them to feel naive self-righteousness or narcissism with their pleasures and desire, thereby destroying the “proper distance”. In the “paradox of agency”, VR simulates a superficially “real” encounter for visual intimacy, thereby establishing an “audiences–beneficiary” relationship in humanitarian communication; yet in this case the mediated hyperreality is not an authentic reality, and its simulation does not fill the gap between reality and the virtual world. In the “paradox of the hierarchies of human life”, VR enables an audience to experience virtually fundamental “freedom”, epitomizing an attitude of cultural relativism that informs a great deal of contemporary multiculturalism, providing vast possibilities for a more egalitarian representation of distant sufferers; yet it also takes the spectator’s personally empathic feelings as the focus of intervention, rather than structural inequality and political exclusion (an economic and political power relations of viewing). Thus, the audience can potentially remain trapped within the minefield of hegemonic humanitarianism. This study is significant in two respects. First, it advances the turn of digitalization in studies of media and morality in the polymedia milieu; it is motivated by the necessary call for a move beyond traditional technological environments to arrive at a more novel understanding of the asymmetry of power between the safety of spectators and the vulnerability of mediated sufferers. Second, it not only reminds humanitarian journalists and NGOs that they should not rely entirely on the richer news experience or powerful response-ability enabled by VR to gain a “moral bond” with distant sufferers, but also argues that when fully-fledged VR technology is developed, it can serve as a kind of alchemy and should not be underestimated merely as a “bugaboo” of an alarmist philosophical and fictional dystopia.

Keywords: audience, cosmopolitan, distant suffering, virtual reality, humanitarian communication

Procedia PDF Downloads 107

Authors: Ahlem Abid, Farah Jemili

Abstract:

Intrusion detection has been the subject of numerous studies in industry and academia, but cyber security analysts always want greater precision and global threat analysis to secure their systems in cyberspace. To improve intrusion detection system, the visualisation of the security events in form of graphs and diagrams is important to improve the accuracy of alerts. In this paper, we propose an approach of an IDS based on cloud computing, big data technique and using a machine learning graph algorithm which can detect in real time different attacks as early as possible. We use the MAWILab intrusion detection dataset . We choose Microsoft Azure as a unified cloud environment to load our dataset on. We implement the k2 algorithm which is a graphical machine learning algorithm to classify attacks. Our system showed a good performance due to the graphical machine learning algorithm and spark structured streaming engine.

Keywords: Apache Spark Streaming, Graph, Intrusion detection, k2 algorithm, Machine Learning, MAWILab, Microsoft Azure Cloud

Procedia PDF Downloads 110

Authors: Shan Jiang, Xinyu Tang

Abstract:

Game-based learning is an emerging pedagogy to make the learning experience more effective, enjoyable, and fun. However, most games used in classroom settings have been overly simplistic. This paper presents a case study on a Python-based online game designed to improve the effectiveness in both teaching and research in higher education. The proposed game system not only creates a fun and enjoyable experience for students to learn various topics in programming but also improves the effectiveness of teaching in several aspects, including material presentation, helping students to recognize the importance of the subjects, and linking theoretical concepts to practice. The proposed game system also serves as an information cyber-infrastructure that automatically collects and stores data from players. The data could be useful in research areas including human-computer interaction, decision making, opinion mining, and artificial intelligence. They further provide other possibilities beyond these areas due to the customizable nature of the game.

Keywords: game-based learning, programming, research-teaching integration, Hearthstone

Procedia PDF Downloads 136

Authors: Magdaléna Náplavová, Tomáš Ludík, Petr Hrůza, František Božek

Abstract:

The use of IT equipment has become a part of every day. However, each device that is part of cyberspace should be secured against unauthorized use. It is very important to know the basics of these security devices, but also the basics of safe conduct their owners. This information should be part of every curriculum computer science education in primary and secondary schools. Therefore, the work focuses on the education of pupils in primary and secondary schools on the Internet. Analysis of the current state describes approaches to the education of pupils in security issues on the Internet. The paper presents a questionnaire-based survey which was carried out in the Czech Republic, whose task was to ascertain the level of opinion pupils in primary and secondary schools on the issue of communication in social networks. The research showed that awareness of socio-pathological phenomena on the Internet environment is very low. Based on the results it was proposed appropriate ways of teaching to this issue and its inclusion a proposal of curriculum for primary and secondary schools.

Keywords: information security, cyber space, general awareness, questionnaire, socio-pathological phenomena, educational system

Procedia PDF Downloads 359

Authors: Mubarak Saadu Nabunkari, Abdullahi Abdu Ibrahim, Muhammad Ilyas

Abstract:

This study looks at how Internet of Things (IoT) devices are used in healthcare to monitor and treat patients better. However, using these devices in healthcare comes with security problems. The research explores using Security Information and Event Management (SIEM) systems with healthcare IoT devices to solve these security challenges. Reviewing existing literature shows the current state of IoT security and emphasizes the need for better protection. The main worry is that healthcare IoT devices can be easily hacked, putting patient data and device functionality at risk. To address this, the research suggests a detailed security framework designed for these devices. This framework, based on literature and best practices, includes important security measures like authentication, data encryption, access controls, and anomaly detection. Adding SIEM systems to this framework helps detect threats in real time and respond quickly to incidents, making healthcare IoT devices more secure. The study highlights the importance of this integration and offers guidance for implementing healthcare IoT securely, efficiently, and effectively.

Keywords: cyber security, threat intelligence, forensics, heath care

Procedia PDF Downloads 15

Authors: Francesco Buccafurri, Celeste Romolo

Abstract:

Nowadays phishing is the most frequent starting point of cyber-attack vectors. Phishing is implemented both via email and social network messages. While a wide scientific literature exists which addresses the problem of contrasting email spam-phishing, no specific countermeasure has been so far proposed for phishing included into private messages of social network platforms. Unfortunately, the problem is severe. This paper proposes an approach against social network phishing, based on a non invasive collaborative information-sharing approach which leverages blockchain. The detection method works by filtering candidate messages, by distilling them by means of a distance-preserving hash function, and by publishing hashes over a public blockchain through a trusted smart contract (thus avoiding denial of service attacks). Phishing detection exploits social information embedded into social network profiles to identify similar messages belonging to disjoint contexts. The main contribution of the paper is to introduce a new approach to contrasting the problem of social network phishing, which, despite its severity, received little attention by both research and industry.

Keywords: phishing, social networks, information sharing, blockchain

Procedia PDF Downloads 295

Authors: Aliasghar Arab

Abstract:

Autonomous robots interacting with humans, as safety-critical nonlinear control systems, are complex closed-loop cyber-physical dynamical machines. Keeping these intelligent yet complicated systems safe and smooth during their operations is challenging. The aim of the safe predictive output feedback linearization control synthesis is to design a novel controller for smooth trajectory following while unsafe situations must be avoided. The controller design should obtain a linearized output for smoothness and invariance to a safety subset. Inspired by finite-horizon nonlinear model predictive control, the problem is formulated as constrained nonlinear dynamic programming. The safety constraints can be defined as control barrier functions. Avoiding unsafe maneuvers and performing smooth motions increases the predictability of the robot’s movement for humans when robots and people are working together. Our results demonstrate the proposed output linearization method obeys the safety constraints and, compared to existing safety-guaranteed methods, is smoother and performs better.

Keywords: robotics, collaborative robots, safety, autonomous robots

Procedia PDF Downloads 71

Authors: Umar Albalawi, Sang C. Suh, Jinoh Kim

Abstract:

As internet continues to expand its usage with an enormous number of applications, cyber-threats have significantly increased accordingly. Thus, accurate detection of malicious traffic in a timely manner is a critical concern in today’s Internet for security. One approach for intrusion detection is to use Machine Learning (ML) techniques. Several methods based on ML algorithms have been introduced over the past years, but they are largely limited in terms of detection accuracy and/or time and space complexity to run. In this work, we present a novel method for intrusion detection that incorporates a set of supervised learning algorithms. The proposed technique provides high accuracy and outperforms existing techniques that simply utilizes a single learning method. In addition, our technique relies on partial flow information (rather than full information) for detection, and thus, it is light-weight and desirable for online operations with the property of early identification. With the mid-Atlantic CCDC intrusion dataset publicly available, we show that our proposed technique yields a high degree of detection rate over 99% with a very low false alarm rate (0.4%).

Keywords: intrusion detection, supervised learning, traffic classification, computer networks

Procedia PDF Downloads 316

Authors: Ajay Wadhwa

Abstract:

A Laboratory course on computational physics is different from the conventional lab course on other topics of physics like Mechanics, Heat, Optics, etc. because it involves active participation of the teacher as well as one-to-one interaction between teacher and the student. The course content requires the teacher to teach programming language as well as numerical methods along with their applications in physics. The task becomes more daunting when about 90% of the students in the class have no previous experience of any programming language. In the presented work, we have described a methodology for conducting the computational physics course by using the Google Drive and Dropitto.me cloud storage services. We have evaluated the performance in a class of sixty students by dividing them equally into four groups. One of the groups was made the peer group on whom the presented methodology was tested. The other groups were taught by using conventional method of classroom lectures. In order to assess our methodology, we analyzed the performance of students in four class tests. A study of certain statistical parameters like the mean, standard deviation, and Z-test hypothesis revealed that the cyber methodology based on cloud storage is more efficient than the conventional method of teaching.

Keywords: computational Physics, Z-test hypothesis, cloud storage, Google drive

Procedia PDF Downloads 275

Authors: Hongmei Chi

Abstract:

The Blockchain has become a necessity for many different societal industries and ordinary lives including cryptocurrency technology, supply chain, health care, public safety, education, etc. Therefore, training our future blockchain developers to know blockchain programming vulnerability and I.T. students' cyber security is in high demand. In this work, we propose a framework including learning modules and hands-on labs to guide future I.T. professionals towards developing secure blockchain programming habits and mitigating source code vulnerabilities at the early stages of the software development lifecycle following the concept of Secure Software Development Life Cycle (SSDLC). In this research, our goal is to make blockchain programmers and I.T. students aware of the vulnerabilities of blockchains. In summary, we develop a framework that will (1) improve students' skills and awareness of blockchain source code vulnerabilities, detection tools, and mitigation techniques (2) integrate concepts of blockchain vulnerabilities for IT students, (3) improve future IT workers’ ability to master the concepts of blockchain attacks.

Keywords: software vulnerability detection, hands-on lab, static analysis tools, vulnerabilities, blockchain, active learning

Procedia PDF Downloads 55

Authors: Hongyu Chen, Li Jiang

Abstract:

Ubiquitous anomalies endanger the security of our system con- stantly. They may bring irreversible damages to the system and cause leakage of privacy. Thus, it is of vital importance to promptly detect these anomalies. Traditional supervised methods such as Decision Trees and Support Vector Machine (SVM) are used to classify normality and abnormality. However, in some case, the abnormal status are largely rarer than normal status, which leads to decision bias of these methods. Generative adversarial network (GAN) has been proposed to handle the case. With its strong generative ability, it only needs to learn the distribution of normal status, and identify the abnormal status through the gap between it and the learned distribution. Nevertheless, existing GAN-based models are not suitable to process data with discrete values, leading to immense degradation of detection performance. To cope with the discrete features, in this paper, we propose an efficient GAN-based model with specifically-designed loss function. Experiment results show that our model outperforms state-of-the-art models on discrete dataset and remarkably reduce the overhead.

Keywords: GAN, discrete feature, Wasserstein distance, multiple intermediate layers

Procedia PDF Downloads 93

Authors: Jean Rosemond Dora, Karol Nemoga

Abstract:

In this work, we tackle a frequent problem that frequently occurs in the cybersecurity field which is the exploitation of websites by XSS attacks, which are nowadays considered a complicated attack. These types of attacks aim to execute malicious scripts in a web browser of the client by including code in a legitimate web page. A serious matter is when a website accepts the “user-input” option. Attackers can exploit the web application (if vulnerable), and then steal sensitive data (session cookies, passwords, credit cards, etc.) from the server and/or from the client. However, the difficulty of the exploitation varies from website to website. Our focus is on the usage of ontology in cybersecurity against XSS attacks, on the importance of the ontology, and its core meaning for cybersecurity. We explain how a vulnerable website can be exploited, and how different JavaScript payloads can be used to detect vulnerabilities. We also enumerate some tools to use for an efficient analysis. We present detailed reasoning on what can be done to improve the security of a website in order to resist attacks, and we provide supportive examples. Then, we apply an ontology model against XSS attacks to strengthen the protection of a web application. However, we note that the existence of ontology does not improve the security itself, but it has to be properly used and should require a maximum of security layers to be taken into account.

Keywords: cybersecurity, web application vulnerabilities, cyber threats, ontology model

Procedia PDF Downloads 134

Authors: Andre Slonopas, Zona Kostic, Warren Thompson

Abstract:

Obfuscation is one of the most useful tools to prevent network compromise. Previous research focused on the obfuscation of the network communications between external-facing edge devices. This work proposes the use of two edge devices, external and internal facing, which communicate via private IPv4 addresses in a software-defined pseudo-random IP hopping. This methodology does not require additional IP addresses and/or resources to implement. Statistical analyses demonstrate that the hopping surface must be at least 1e3 IP addresses in size with a broad standard deviation to minimize the possibility of coincidence of monitored and communication IPs. The probability of breaking the hopping algorithm requires a collection of at least 1e6 samples, which for large hopping surfaces will take years to collect. The probability of dropped packets is controlled via memory buffers and the frequency of hops and can be reduced to levels acceptable for video streaming. This methodology provides an impenetrable layer of security ideal for information and supervisory control and data acquisition systems.

Keywords: moving target defense, cybersecurity, network security, hopping randomization, software defined network, network security theory

Procedia PDF Downloads 154

Authors: Tania Mitra

Abstract:

Digital Activism or Cyber Activism uses digital media as a means to disseminate information and mobilize masses towards a specific goal. When digital activism was first born in the early 1990s, it was primarily used by groups of organized political activists. However, with the advent of social media, online activism has filtered down to the individual- one who does not necessarily belong to or identify with an agenda, group, or political party. A large part of digital activism today stems from the individual’s notion of what is right and wrong. This gives rise to a discourse around descriptive ethics and the implications of the independent digital activist. Although digital activism has paved the way for and bolstered support for causes like the MeToo Movement and Black Lives Matter, the lack of a unified, organized body has led to counterintuitive progressions and suspicions regarding the movements. The paper introduces the ideas of 'clout' culture, click baits, and clicktivism (the phenomenon where activism is reduced to a blind following of the online trends), to discuss the impacts of exclusive digital activism. By using Jeremy Bentham's utilitarian approach to ethics, that places emphasis on the best possible outcome for a society, the paper will show how individual online activism reaching for a larger, more common end can sometimes lead to an undermining of that end, not only in the online space but also how it manifests in the real world.

Keywords: digital activism, ethics, independent digital activist, utilitarianism

Procedia PDF Downloads 97

Authors: Ryan Lindsey, Lora Pitman

Abstract:

Forecasts about the compound annual growth rate (CAGR) for the 2024–2029 timeframe show that the fastest developing cybersecurity market is the Asia-Pacific. Only two countries from this region – Singapore and Malaysia, ranked 4th and 5th by the latest International Telecommunications Union report from 2020, are present in the list of top 10 countries with highest global cybersecurity index scores. Therefore, this study seeks to take a closer look at the rapid progress of Singapore (CAGR of 16.14%) and Malaysia (CAGR of 16.84%) in the area of cybersecurity. More specifically, it aims to respond to the question what developments made these countries rank so high. The focus of the analysis is on a 10-year period (2013-2023) and the data for this qualitative study will be gathered from news and reports by NGOs, the two countries’ governments, and the private sector. Variables for this research include five categories: new policy and legislation related to cybersecurity, technical developments and capabilities that can be used for cyber defense, development of domestic units and organizations, efforts to cooperate with other entities. Results are then discussed and recommendations, based on them, are made so that a successful path toward notable improvement can be outlined for other countries as well.

Keywords: cybersecurity, development, Southeast Asia, Singapore, Malaysia

Procedia PDF Downloads 0

Authors: Zahra Ramezanpanah, Joachim Carvallo, Aurelien Rodriguez

Abstract:

This paper aims to detect anomalies in streaming data using machine learning algorithms. In this regard, we designed two separate pipelines and evaluated the effectiveness of each separately. The first pipeline, based on supervised machine learning methods, consists of two phases. In the first phase, we trained several supervised models using the UNSW-NB15 data-set. We measured the efficiency of each using different performance metrics and selected the best model for the second phase. At the beginning of the second phase, we first, using Argus Server, sniffed a local area network. Several types of attacks were simulated and then sent the sniffed data to a running algorithm at short intervals. This algorithm can display the results of each packet of received data in real-time using the trained model. The second pipeline presented in this paper is based on unsupervised algorithms, in which a Temporal Graph Network (TGN) is used to monitor a local network. The TGN is trained to predict the probability of future states of the network based on its past behavior. Our contribution in this section is introducing an indicator to identify anomalies from these predicted probabilities.

Keywords: temporal graph network, anomaly detection, cyber security, IDS

Procedia PDF Downloads 74

Authors: Daniel Gonzales, Zev Winkelman, Trung Tran, Ricardo Sanchez, Dulani Woods, John Hollywood

Abstract:

We have developed a distributed computing capability, Digital Forensics Compute Cluster (DFORC2) to speed up the ingestion and processing of digital evidence that is resident on computer hard drives. DFORC2 parallelizes evidence ingestion and file processing steps. It can be run on a standalone computer cluster or in the Amazon Web Services (AWS) cloud. When running in a virtualized computing environment, its cluster resources can be dynamically scaled up or down using Kubernetes. DFORC2 is an open source project that uses Autopsy, Apache Spark and Kafka, and other open source software packages. It extends the proven open source digital forensics capabilities of Autopsy to compute clusters and cloud architectures, so digital forensics tasks can be accomplished efficiently by a scalable array of cluster compute nodes. In this paper, we describe DFORC2 and compare it with a standalone version of Autopsy when both are used to process evidence from hard drives of different sizes.

Keywords: digital forensics, cloud computing, cyber security, spark, Kubernetes, Kafka

Procedia PDF Downloads 367

Authors: Suglo Tohari Luri

Abstract:

Data analysis is an important aspect of business performance. With the application of artificial intelligence within databases, selecting a suitable database engine for an application design is also very crucial for business data analysis. The application of business intelligence (BI) software into some relational databases such as Neo4j has proved highly effective in terms of customer data analysis. Yet what remains of great concern is the fact that not all business organizations have the neo4j business intelligence software applications to implement for customer data analysis. Further, those with the BI software lack personnel with the requisite expertise to use it effectively with the neo4j database. The purpose of this research is to demonstrate how the Neo4j program code alone can be applied for the analysis of e-commerce website customer visits. As the neo4j database engine is optimized for handling and managing data relationships with the capability of building high performance and scalable systems to handle connected data nodes, it will ensure that business owners who advertise their products at websites using neo4j as a database are able to determine the number of visitors so as to know which products are visited at routine intervals for the necessary decision making. It will also help in knowing the best customer segments in relation to specific goods so as to place more emphasis on their advertisement on the said websites.

Keywords: data, engine, intelligence, customer, neo4j, database

Procedia PDF Downloads 164

Authors: David F. Nettleton, Christian Wasiak, Jonas Dorissen, David Gillen, Alexandr Tretyak, Elodie Bugnicourt, Alejandro Rosales

Abstract:

In this work, preliminary results are given for the modeling and calibration of two inline processes, pultrusion, and laser ablation, using machine learning techniques. The end product of the processes is the core of a medical guidewire, manufactured to comply with a user specification of diameter and flexibility. An ensemble approach is followed which requires training several models. Two state of the art machine learning algorithms are benchmarked: Kernel Recursive Least Squares (KRLS) and Support Vector Regression (SVR). The final objective is to build a precise digital model of the pultrusion and laser ablation process in order to calibrate the resulting diameter and flexibility of a medical guidewire, which is the end product while taking into account the friction on the forming die. The result is an ensemble of models, whose output is within a strict required tolerance and which covers the required range of diameter and flexibility of the guidewire end product. The modeling and automatic calibration of complex in-line industrial processes is a key aspect of the Industry 4.0 movement for cyber-physical systems.

Keywords: calibration, data modeling, industrial processes, machine learning

Procedia PDF Downloads 252