Search results for: cyberattack
7 Supervised/Unsupervised Mahalanobis Algorithm for Improving Performance for Cyberattack Detection over Communications Networks
Authors: Radhika Ranjan Roy
Abstract:
Deployment of machine learning (ML)/deep learning (DL) algorithms for cyberattack detection in operational communications networks (wireless and/or wire-line) is being delayed because of low-performance parameters (e.g., recall, precision, and f₁-score). If datasets become imbalanced, which is the usual case for communications networks, the performance tends to become worse. Complexities in handling reducing dimensions of the feature sets for increasing performance are also a huge problem. Mahalanobis algorithms have been widely applied in scientific research because Mahalanobis distance metric learning is a successful framework. In this paper, we have investigated the Mahalanobis binary classifier algorithm for increasing cyberattack detection performance over communications networks as a proof of concept. We have also found that high-dimensional information in intermediate features that are not utilized as much for classification tasks in ML/DL algorithms are the main contributor to the state-of-the-art of improved performance of the Mahalanobis method, even for imbalanced and sparse datasets. With no feature reduction, MD offers uniform results for precision, recall, and f₁-score for unbalanced and sparse NSL-KDD datasets.Keywords: Mahalanobis distance, machine learning, deep learning, NS-KDD, local intrinsic dimensionality, chi-square, positive semi-definite, area under the curve
Procedia PDF Downloads 786 When the Lights Go Down in the Delivery Room: Lessons From a Ransomware Attack
Authors: Rinat Gabbay-Benziv, Merav Ben-Natan, Ariel Roguin, Benyamine Abbou, Anna Ofir, Adi Klein, Dikla Dahan-Shriki, Mordechai Hallak, Boris Kessel, Mickey Dudkiewicz
Abstract:
Introduction: Over recent decades, technology has become integral to healthcare, with electronic health records and advanced medical equipment now standard. However, this reliance has made healthcare systems increasingly vulnerable to ransomware attacks. On October 13, 2021, Hillel Yaffe Medical Center experienced a severe ransomware attack that disrupted all IT systems, including electronic health records, laboratory services, and staff communications. The attack, carried out by the group DeepBlueMagic, utilized advanced encryption to lock the hospital's systems and demanded a ransom. This incident caused significant operational and patient care challenges, particularly impacting the obstetrics department. Objective: The objective is to describe the challenges facing the obstetric division following a cyberattack and discuss ways of preparing for and overcoming another one. Methods: A retrospective descriptive study was conducted in a mid-sized medical center. Division activities, including the number of deliveries, cesarean sections, emergency room visits, admissions, maternal-fetal medicine department occupancy, and ambulatory encounters, from 2 weeks before the attack to 8 weeks following it (a total of 11 weeks), were compared with the retrospective period in 2019 (pre-COVID-19). In addition, we present the challenges and adaptation measures taken at the division and hospital levels leading up to the resumption of full division activity. Results: On the day of the cyberattack, critical decisions were made. The media announced the event, calling on patients not to come to our hospital. Also, all elective activities other than cesarean deliveries were stopped. The number of deliveries, admissions, and both emergency room and ambulatory clinic visits decreased by 5%–10% overall for 11 weeks, reflecting the decrease in division activity. Nevertheless, in all stations, there were sufficient activities and adaptation measures to ensure patient safety, decision-making, and workflow of patients were accounted for. Conclusions: The risk of ransomware cyberattacks is growing. Healthcare systems at all levels should recognize this threat and have protocols for dealing with them once they occur.Keywords: ransomware attack, healthcare cybersecurity, obstetrics challenges, IT system disruption
Procedia PDF Downloads 245 Information Technology in Assessing Risks and Threats in the Transition of the Brand to the Digital Environment
Authors: Spanova Yerkezhan, Amantay Ayan, Alimzhanova Laura
Abstract:
This article discusses the concept of rebranding and its relationship to cybersecurity. Rebranding is the process of changing the appearance and image of a company or organization in order to appeal to new customers or change the perception of a company. It can be a powerful tool for businesses looking to renew their reputation or expand into new markets. In today's digital age, companies increasingly rely on technology and the internet to conduct business; rebranding can also present significant cybersecurity risks. This is because a rebranding effort can create new vulnerabilities for companies, particularly in terms of their online presence. This article explores the potential hazards associated with rebranding and provides recommendations for mitigating those risks. It also highlights the importance of considering cybersecurity in the rebranding process and how it can be integrated into the overall strategy for a successful and secure rebranding.Keywords: rebranding, cybersecurity, cyberattack, logo, vulnerability
Procedia PDF Downloads 1664 Towards Resilient Cloud Computing through Cyber Risk Assessment
Authors: Hilalah Alturkistani, Alaa AlFaadhel, Nora AlJahani, Fatiha Djebbar
Abstract:
Cloud computing is one of the most widely used technology which provides opportunities and services to government entities, large companies, and standard users. However, cybersecurity risk management studies of cloud computing and resiliency approaches are lacking. This paper proposes resilient cloud cybersecurity risk assessment and management tailored specifically, to Dropbox with two approaches:1) technical-based solution motivated by a cybersecurity risk assessment of cloud services, and 2)a target personnel-based solution guided by cybersecurity-related survey among employees to identify their knowledge that qualifies them withstand to any cyberattack. The proposed work attempts to identify cloud vulnerabilities, assess threats and detect high risk components, to finally propose appropriate safeguards such as failure predicting and removing, redundancy or load balancing techniques for quick recovery and return to pre-attack state if failure happens.Keywords: cybersecurity risk management plan, resilient cloud computing, cyberattacks, cybersecurity risk assessment
Procedia PDF Downloads 1403 Review of Electronic Voting as a Panacea for Election Malpractices in Nigerian Political System: Challenges, Benefits, and Issues
Authors: Muhammad Muhammad Suleiman
Abstract:
The Nigerian political system has witnessed rising occurrences of election malpractice in the last decade. This has been due to election rigging and other forms of electoral fraud. In order to find a sustainable solution to this malpractice, the introduction of electronic voting (e-voting) has been suggested. This paper reviews the challenges, benefits, and issues associated with e-voting as a panacea for election malpractice in Nigeria. The review of existing literature revealed that e-voting can reduce the cost of conducting elections and reduce the opportunity for electoral fraud. The review suggests that the introduction of e-voting in the Nigerian political system would require adequate cybersecurity measures, trust-building initiatives, and proper legal frameworks to ensure its successful implementation. It is recommended that there should be an effective policy that would ensure the security of the system as well as the credibility of the results. Furthermore, a comprehensive awareness campaign needs to be conducted to ensure that voters understand the process and are comfortable using the system. In conclusion, e-voting has the potential to reduce the occurrence of election malpractice in the Nigerian political system. However, the successful implementation of e-voting will require effective policy interventions and trust-building initiatives. Additionally, the costs of acquiring the necessary infrastructure and equipment and implementing proper legal frameworks need to be considered.Keywords: electronic voting, general election, candidate, INEC, cyberattack
Procedia PDF Downloads 1042 Security Report Profiling for Mobile Banking Applications in Indonesia Based on OWASP Mobile Top 10-2016
Authors: Bambang Novianto, Rizal Aditya Herdianto, Raphael Bianco Huwae, Afifah, Alfonso Brolin Sihite, Rudi Lumanto
Abstract:
The mobile banking application is a type of mobile application that is growing rapidly. This is caused by the ease of service and time savings in making transactions. On the other hand, this certainly provides a challenge in security issues. The use of mobile banking can not be separated from cyberattacks that may occur which can result the theft of sensitive information or financial loss. The financial loss and the theft of sensitive information is the most avoided thing because besides harming the user, it can also cause a loss of customer trust in a bank. Cyberattacks that are often carried out against mobile applications are phishing, hacking, theft, misuse of data, etc. Cyberattack can occur when a vulnerability is successfully exploited. OWASP mobile Top 10 has recorded as many as 10 vulnerabilities that are most commonly found in mobile applications. In the others, android permissions also have the potential to cause vulnerabilities. Therefore, an overview of the profile of the mobile banking application becomes an urgency that needs to be known. So that it is expected to be a consideration of the parties involved for improving security. In this study, an experiment has been conducted to capture the profile of the mobile banking applications in Indonesia based on android permission and OWASP mobile top 10 2016. The results show that there are six basic vulnerabilities based on OWASP Mobile Top 10 that are most commonly found in mobile banking applications in Indonesia, i.e. M1:Improper Platform Usage, M2:Insecure Data Storage, M3:Insecure Communication, M5:Insufficient Cryptography, M7:Client Code Quality, and M9:Reverse Engineering. The most permitted android permissions are the internet, status network access, and telephone read status.Keywords: mobile banking application, OWASP mobile top 10 2016, android permission, sensitive information, financial loss
Procedia PDF Downloads 1411 A Preliminary Comparative Study Between the United Kingdom and Taiwan: Public Private Collaboration and Cooperation in Tackling Large Scale Cyberattacks
Authors: Chi-Hsuan Cheng
Abstract:
This research aims to evaluate public-private partnerships against cyberattacks by comparing the UK and Taiwan. First, the study analyses major cyberattacks and factors influencing cybersecurity in both countries. Second, it assesses the effectiveness of current cyber defence strategies in combating cyberattacks by comparing the approaches taken in the UK and Taiwan, while also evaluating the cyber resilience of both nations. Lastly, the research evaluates existing public-private partnerships by comparing those in the UK and Taiwan, and proposes recommendations for enhancing cooperation and collaboration mechanisms in tackling cyberattacks. Grounded theory serves as the core research method. Theoretical sampling is used to recruit participants in both the UK and Taiwan, including investigators, police officers, and professionals from cybersecurity firms. Semi-structured interviews are conducted in English in the UK and Mandarin in Taiwan, recorded with consent, and pseudonymised for privacy. Data analysis involves open coding, grouping excerpts into codes, and categorising codes. Axial coding connects codes into categories, leading to the development of a codebook. The process continues iteratively until theoretical saturation is reached. Finally, selective coding identifies the core topic, evaluating public-private cooperation against cyberattacks and its implications for social and policing strategies in the UK and Taiwan, which highlights the current status of the cybersecurity industry, governmental plans for cybersecurity, and contributions to cybersecurity from both government sectors and cybersecurity firms, with a particular focus on public-private partnerships. In summary, this research aims to offer practical recommendations to law enforcement, private sectors, and academia for reflecting on current strategies and tailoring future approaches in cybersecurityKeywords: cybersecurity, cybercrime, public private partnerships, cyberattack
Procedia PDF Downloads 75