Search results for: cybersecurity engineering

Authors: Pubudu K. Hitigala Kaluarachchilage, Champike Attanayake, Sasith Rajasooriya, Chris P. Tsokos

Abstract:

Operating system (OS) security is a key component of computer security. Assessing and improving OSs strength to resist against vulnerabilities and attacks is a mandatory requirement given the rate of new vulnerabilities discovered and attacks occurring. Frequency and the number of different kinds of vulnerabilities found in an OS can be considered an index of its information security level. In the present study five mostly used OSs, Microsoft Windows (windows 7, windows 8 and windows 10), Apple’s Mac and Linux are assessed for their discovered vulnerabilities and the risk associated with each. Each discovered and reported vulnerability has an exploitability score assigned in CVSS score of the national vulnerability database. In this study the risk from vulnerabilities in each of the five Operating Systems is compared. Risk Indexes used are developed based on the Markov model to evaluate the risk of each vulnerability. Statistical methodology and underlying mathematical approach is described. Initially, parametric procedures are conducted and measured. There were, however, violations of some statistical assumptions observed. Therefore the need for non-parametric approaches was recognized. 6838 vulnerabilities recorded were considered in the analysis. According to the risk associated with all the vulnerabilities considered, it was found that there is a statistically significant difference among average risk levels for some operating systems, indicating that according to our method some operating systems have been more risk vulnerable than others given the assumptions and limitations. Relevant test results revealing a statistically significant difference in the Risk levels of different OSs are presented.

Keywords: cybersecurity, Markov chain, non-parametric analysis, vulnerability, operating system

Procedia PDF Downloads 157

Authors: Papathanasiou Anastasios, Liontos George, Liagkou Vasiliki, Glavas Euripides

Abstract:

The purpose of this paper is to describe the growing problem of various cyber fraud schemes that exist on the internet and are currently among the most prevalent. The main focus of this paper is to provide a detailed description of the modus operandi, tools, and techniques utilized in four basic typologies of cyber frauds: Business Email Compromise (BEC) attacks, investment fraud, romance scams, and online sales fraud. The paper aims to shed light on the methods employed by cybercriminals in perpetrating these types of fraud, as well as the strategies they use to deceive and victimize individuals and businesses on the internet. Furthermore, this study outlines defense strategies intended to tackle the issue head-on, with a particular emphasis on the crucial role played by European Legislation. European legislation has proactively adapted to the evolving landscape of cyber fraud, striving to enhance cybersecurity awareness, bolster user education, and implement advanced technical controls to mitigate associated risks. The paper evaluates the advantages and innovations brought about by the European Legislation while also acknowledging potential flaws that cybercriminals might exploit. As a result, recommendations for refining the legislation are offered in this study in order to better address this pressing issue.

Keywords: business email compromise, cybercrime, European legislation, investment fraud, NIS, online sales fraud, romance scams

Procedia PDF Downloads 57

Authors: Rafat Rob, Khaled Alotaibi, Dana Nour, Abdullah Albadrani, Abdulmohsen Mulhim

Abstract:

Power systems digitization solutions provides a comprehensive smart, cohesive, interconnected network, extensive connectivity between digital assets, physical power plants, and resources to form digital economies. However, digitization has exposed the classical air gapped power plants to the rapid spread of cyber threats and attacks in the process delaying and forcing many organizations to rethink their cyber security policies and standards before they can augment their operation the new advanced digital devices. Cyber Security requirements for power systems (and industry control systems therein) demand a new approach, unique methodology, and design process that is completely different to Cyber Security measures designed for the IT systems. In practice, Cyber Security strategy, as applied to power systems, tends to be closely aligned to those measures applied for IT system purposes. The differentiator for Cyber Security in terms of power systems are the physical assets and applications used, alongside the ever-growing rate of expansion within the industry controls sector (in comparison to the relatively saturated growth observed for corporate IT systems). These factors increase the magnitude of the cyber security risk within such systems. The introduction of smart devices and sensors along the grid initiate vulnerable entry points to the systems. Every installed Smart Meter is a target; the way these devices communicate with each other may instigate a Denial of Service (DoS) and Distributed Denial of Service (DDoS) attack. Attacking one sensor or meter has the potential to propagate itself throughout the power grid reaching the IT network, where it may manifest itself as a malware infiltration.

Keywords: supply chain, cybersecurity, maturity model, risk, smart grid

Procedia PDF Downloads 78

Authors: Xiaoyuan Suo

Abstract:

3D object reconstruction is a broad research area within the computer vision field involving many stages and still open problems. One of the existing challenges in this field lies with micromotion, such as the facial expressions on the appearance of the human or animal face. Similar literatures in this field focuses on 3D reconstruction in stable conditions such as an existing image or photos taken in a rather static environment, while the purpose of this work is to discuss a flexible scan system using multiple cameras that can correctly reconstruct 3D stable and moving objects -- human face with expression in particular. Further, a mathematical model is proposed at the end of this literature to automate the 3D object reconstruction process. The reconstruction process takes several stages. Firstly, a set of simple 2D lines would be projected onto the object and hence a set of uneven curvy lines can be obtained, which represents the 3D numerical data of the surface. The lines and their shapes will help to identify object’s 3D construction in pixels. With the two-recorded angles and their distance from the camera, a simple mathematical calculation would give the resulting coordinate of each projected line in an absolute 3D space. This proposed research will benefit many practical areas, including but not limited to biometric identification, authentications, cybersecurity, preservation of cultural heritage, drama acting especially those with rapid and complex facial gestures, and many others. Specifically, this will (I) provide a brief survey of comparable techniques existing in this field. (II) discuss a set of specialized methodologies or algorithms for effective reconstruction of 3D objects. (III)implement, and testing the developed methodologies. (IV) verify findings with data collected from experiments. (V) conclude with lessons learned and final thoughts.

Keywords: 3D photogrammetry, 3D object reconstruction, facial expression recognition, facial recognition

Procedia PDF Downloads 124

Authors: Mojtaba Fayaz, Richard Hallal

Abstract:

This study examines the various types of dangers that our virtual environment is vulnerable to, including how it can be attacked and how to avoid/secure our data. The terrain of cyberspace is never completely safe, and Covid- 19 has added to the confusion, necessitating daily periodic checks and evaluations. Cybercriminals have been able to enact with greater skill and undertake more conspicuous and sophisticated attacks while keeping a higher level of finesse by operating from home. Different types of cyberattacks, such as operation-based attacks, authentication-based attacks, and software-based attacks, are constantly evolving, but research suggests that software-based threats, such as Ransomware, are becoming more popular, with attacks expected to increase by 93 percent by 2020. The effectiveness of cyber frameworks has shifted dramatically as the pandemic has forced work and private life to become intertwined, destabilising security overall and creating a new front of cyber protection for security analysis and personal. The high-rise formats in which cybercrimes are carried out, as well as the types of cybercrimes that exist, such as phishing, identity theft, malware, and DDoS attacks, have created a new front of cyber protection for security analysis and personal safety. The overall strategy for 2022 will be the introduction of frameworks that address many of the issues associated with offsite working, as well as education that provides better information about commercialised software that does not provide the highest level of security for home users, allowing businesses to plan better security around their systems.

Keywords: cyber security, authentication, software, hardware, malware, COVID-19, threat actors, awareness, home users, confidentiality, integrity, availability, attacks

Procedia PDF Downloads 93

Authors: Sindhu Govardhan, Kenneth G. Crowther

Abstract:

Modernisation of the water sector is leading to increased connectivity and integration of emerging technologies with traditional ones, leading to new security risks. The convergence of Information Technology (IT) with Operation Technology (OT) results in solutions that are spread across larger geographic areas, increasingly consist of interconnected Industrial Internet of Things (IIOT) devices and software, rely on the integration of legacy with modern technologies, use of complex supply chain components leading to complex architectures and communication paths. The result is that multiple parties collectively own and operate these emergent technologies, threat actors find new paths to exploit, and traditional cybersecurity controls are inadequate. Our approach is to explicitly identify and draw data flows that cross trust boundaries between owners and operators of various aspects of these emerging and interconnected technologies. On these data flows, we layer potential attack vectors to create a frame of reference for evaluating possible risks against connected technologies. Finally, we identify where existing controls, mitigations, and other remediations exist across industry partners (e.g., suppliers, product vendors, integrators, water utilities, and regulators). From these, we are able to understand potential gaps in security, the roles in the supply chain that are most likely to effectively remediate those security gaps, and test cases to evaluate and strengthen security across these partners. This informs a “shared responsibility” solution that recognises that security is multi-layered and requires collaboration to be successful. This shared responsibility security framework improves visibility, understanding, and control across the entire supply chain, and particularly for those water utilities that are accountable for safe and continuous operations.

Keywords: cyber security, shared responsibility, IIOT, threat modelling

Procedia PDF Downloads 45

Authors: Joseph Udofia, Isaac Olufadewa

Abstract:

Everyday, the size of Electronic Health Records data keeps increasing as new patients visit health practitioner and returning patients fulfil their appointments. As these data grow, so is their susceptibility to cyber-attacks from criminals waiting to exploit this data. In the US, the damages for cyberattacks were estimated at $8 billion (2018), $11.5 billion (2019) and $20 billion (2021). These attacks usually involve the exposure of PII. Health data is considered PII, and its exposure carry significant impact. To this end, an enhancement of Health Policy and Standards in relation to data security, especially among patients and their clinical providers, is critical to ensure ethical practices, confidentiality, and trust in the healthcare system. As Clinical accelerators and applications that contain user data are used, it is expedient to have a review and revamp of policies like the Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act (HIPAA), the Fast Healthcare Interoperability Resources (FHIR), all aimed to ensure data protection and security in healthcare. FHIR caters for healthcare data interoperability, FHIR caters to healthcare data interoperability, as data is being shared across different systems from customers to health insurance and care providers. The astronomical cost of implementation has deterred players in the space from ensuring compliance, leading to susceptibility to data exfiltration and data loss on the security accuracy of protected health information (PHI). Though HIPAA hones in on the security accuracy of protected health information (PHI) and PCI DSS on the security of payment card data, they intersect with the shared goal of protecting sensitive information in line with industry standards. With advancements in tech and the emergence of new technology, it is necessary to revamp these policies to address the complexity and ambiguity, cost barrier, and ever-increasing threats in cyberspace. Healthcare data in the wrong hands is a recipe for disaster, and we must enhance its protection and security to protect the mental health of the current and future generations.

Keywords: cloud security, healthcare, cybersecurity, policy and standard

Procedia PDF Downloads 48

Authors: Amirreza Fazely Hamedani, Muzzamil Aziz, Philipp Wieder, Ramin Yahyapour

Abstract:

Software-defined networking in recent years came into the sight of so many network designers as a successor to the traditional networking. Unlike traditional networks where control and data planes engage together within a single device in the network infrastructure such as switches and routers, the two planes are kept separated in software-defined networks (SDNs). All critical decisions about packet routing are made on the network controller, and the data level devices forward the packets based on these decisions. This type of network is vulnerable to DDoS attacks, degrading the overall functioning and performance of the network by continuously injecting the fake flows into it. This increases substantial burden on the controller side, and the result ultimately leads to the inaccessibility of the controller and the lack of network service to the legitimate users. Thus, the protection of this novel network architecture against denial of service attacks is essential. In the world of cybersecurity, attacks and new threats emerge every day. It is essential to have tools capable of managing and analyzing all this new information to detect possible attacks in real-time. These tools should provide a comprehensive solution to automatically detect, predict and prevent abnormalities in the network. Big data encompasses a wide range of studies, but it mainly refers to the massive amounts of structured and unstructured data that organizations deal with on a regular basis. On the other hand, it regards not only the volume of the data; but also that how data-driven information can be used to enhance decision-making processes, security, and the overall efficiency of a business. This paper presents an intelligent big data framework as a solution to handle illegitimate traffic burden on the SDN network created by the numerous DDoS attacks. The framework entails an efficient defence and monitoring mechanism against DDoS attacks by employing the state of the art machine learning techniques.

Keywords: apache spark, apache kafka, big data, DDoS attack, machine learning, SDN network

Procedia PDF Downloads 140

Authors: Tyler T. Procko, Steve Collins

Abstract:

New features in .NET (6 and above) permit streamlined access to information residing in JSON-capable relational databases, such as SQL Server (2016 and above). Traditional methods of data access now comparatively involve unnecessary steps which compromise system performance. This work posits that the established ORM (Object Relational Mapping) based methods of data access in applications and APIs result in common issues, e.g., object-relational impedance mismatch. Recent developments in C# and .NET Core combined with a framework of modern SQL Server coding conventions have allowed better technical solutions to the problem. As an amelioration, this work details the language features and coding conventions which enable this streamlined approach, resulting in an open-source .NET library implementation called Codeless Data Access (CODA). Canonical approaches rely on ad-hoc mapping code to perform type conversions between the client and back-end database; with CODA, no mapping code is needed, as JSON is freely mapped to SQL and vice versa. CODA streamlines API data access by improving on three aspects of immediate concern to web developers, database engineers and cybersecurity professionals: Simplicity, Speed and Security. Simplicity is engendered by cutting out the “middleman” steps, effectively making API data access a whitebox, whereas traditional methods are blackbox. Speed is improved because of the fewer translational steps taken, and security is improved as attack surfaces are minimized. An empirical evaluation of the speed of the CODA approach in comparison to ORM approaches ] is provided and demonstrates that the CODA approach is significantly faster. CODA presents substantial benefits for API developer workflows by simplifying data access, resulting in better speed and security and allowing developers to focus on productive development rather than being mired in data access code. Future considerations include a generalization of the CODA method and extension outside of the .NET ecosystem to other programming languages.

Keywords: API data access, database, JSON, .NET core, SQL server

Procedia PDF Downloads 45

Authors: Hoda Rahmani, Gary Weckman

Abstract:

The body of research examining the integration of drones into various industries is expanding rapidly. Despite progress made in addressing the cybersecurity concerns for commercial drones, knowledge deficits remain in determining potential occupational hazards and risks of drone use to employees’ well-being and health in the workplace. This creates difficulty in identifying key approaches to risk mitigation strategies and thus reflects the need for raising awareness among employers, safety professionals, and policymakers about workplace drone-related accidents. The purpose of this study is to investigate the prevalence of and possible risk factors for drone-related mishaps by comparing the application of drones in construction with manufacturing industries. The chief reason for considering these specific sectors is to ascertain whether there exists any significant difference between indoor and outdoor flights since most construction sites use drones outside and vice versa. Therefore, the current research seeks to examine the causes and patterns of workplace drone-related mishaps and suggest possible ergonomic interventions through data collection. Potential ergonomic practices to mitigate hazards associated with flying drones could include providing operators with professional pieces of training, conducting a risk analysis, and promoting the use of personal protective equipment. For the purpose of data analysis, two data mining techniques, the random forest and association rule mining algorithms, will be performed to find meaningful associations and trends in data as well as influential features that have an impact on the occurrence of drone-related accidents in construction and manufacturing sectors. In addition, Spearman’s correlation and chi-square tests will be used to measure the possible correlation between different variables. Indeed, by recognizing risks and hazards, occupational safety stakeholders will be able to pursue data-driven and evidence-based policy change with the aim of reducing drone mishaps, increasing productivity, creating a safer work environment, and extending human performance in safe and fulfilling ways. This research study was supported by the National Institute for Occupational Safety and Health through the Pilot Research Project Training Program of the University of Cincinnati Education and Research Center Grant #T42OH008432.

Keywords: commercial drones, ergonomic interventions, occupational safety, pattern recognition

Procedia PDF Downloads 177

Authors: Piret Pernik

Abstract:

Based on strategic, operational, and technical analysis of the ongoing armed conflict in Ukraine, this paper will examine the opportunities and risks of using small commercial drones (dual-use unmanned aerial vehicles, UAV) for military purposes. The paper discusses the opportunities and risks in the information domain, encompassing both cyber and electromagnetic interference and attacks. The paper will draw conclusions on a possible strategic impact to the battlefield outcomes in the modern armed conflicts by the widespread use of dual-use UAVs. This article will contribute to filling the gap in the literature by examining based on empirical data cyberattacks and electromagnetic interference. Today, more than one hundred states and non-state actors possess UAVs ranging from low cost commodity models, widely are dual-use, available and affordable to anyone, to high-cost combat UAVs (UCAV) with lethal kinetic strike capabilities, which can be enhanced with Artificial Intelligence (AI) and Machine Learning (ML). Dual-use UAVs have been used by various actors for intelligence, reconnaissance, surveillance, situational awareness, geolocation, and kinetic targeting. Thus they function as force multipliers enabling kinetic and electronic warfare attacks and provide comparative and asymmetric operational and tactical advances. Some go as far as argue that automated (or semi-automated) systems can change the character of warfare, while others observe that the use of small drones has not changed the balance of power or battlefield outcomes. UAVs give considerable opportunities for commanders, for example, because they can be operated without GPS navigation, makes them less vulnerable and dependent on satellite communications. They can and have been used to conduct cyberattacks, electromagnetic interference, and kinetic attacks. However, they are highly vulnerable to those attacks themselves. So far, strategic studies, literature, and expert commentary have overlooked cybersecurity and electronic interference dimension of the use of dual use UAVs. The studies that link technical analysis of opportunities and risks with strategic battlefield outcomes is missing. It is expected that dual use commercial UAV proliferation in armed and hybrid conflicts will continue and accelerate in the future. Therefore, it is important to understand specific opportunities and risks related to the crowdsourced use of dual-use UAVs, which can have kinetic effects. Technical countermeasures to protect UAVs differ depending on a type of UAV (small, midsize, large, stealth combat), and this paper will offer a unique analysis of small UAVs both from the view of opportunities and risks for commanders and other actors in armed conflict.

Keywords: dual-use technology, cyber attacks, electromagnetic warfare, case studies of cyberattacks in armed conflicts

Procedia PDF Downloads 72

Authors: Anna Fowler

Abstract:

When considering assets that may need protection, the mind begins to contemplate homes, cars, and investment funds. In most cases, the protection of those assets can be covered through security systems and insurance. Data is not the first thought that comes to mind that would need protection, even though data is at the core of most supply chain operations. It includes trade secrets, management of personal identifiable information (PII), and consumer data that can be used to enhance the overall experience. Data is considered a critical element of success for supply chains and should be one of the most critical areas to protect. In the supply chain industry, there are two major misconceptions about protecting data: (i) We do not manage or store confidential/personally identifiable information (PII). (ii) Reliance on Third-Party vendor security. These misconceptions can significantly derail organizational efforts to adequately protect data across environments. These statistics can be exciting yet overwhelming at the same time. The first misconception, “We do not manage or store confidential/personally identifiable information (PII)” is dangerous as it implies the organization does not have proper data literacy. Enterprise employees will zero in on the aspect of PII while neglecting trade secret theft and the complete breakdown of information sharing. To circumvent the first bullet point, the second bullet point forges an ideology that “Reliance on Third-Party vendor security” will absolve the company from security risk. Instead, third-party risk has grown over the last two years and is one of the major causes of data security breaches. It is important to understand that a holistic approach should be considered when protecting data which should not involve purchasing a Data Loss Prevention (DLP) tool. A tool is not a solution. To protect supply chain data, start by providing data literacy training to all employees and negotiating the security component of contracts with vendors to highlight data literacy training for individuals/teams that may access company data. It is also important to understand the origin of the data and its movement to include risk identification. Ensure processes effectively incorporate data security principles. Evaluate and select DLP solutions to address specific concerns/use cases in conjunction with data visibility. These approaches are part of a broader solutions framework called Data Security Assurance (DSA). The DSA Framework looks at all of the processes across the supply chain, including their corresponding architecture and workflows, employee data literacy, governance and controls, integration between third and fourth-party vendors, DLP as a solution concept, and policies related to data residency. Within cloud environments, this framework is crucial for the supply chain industry to avoid regulatory implications and third/fourth party risk.

Keywords: security by design, data security architecture, cybersecurity framework, data security assurance

Procedia PDF Downloads 61

Authors: Jennifer Wright

Abstract:

The recent rise of powerful terrorist groups such as ISIS and Al-Qaeda brings up concerns about nuclear terrorism as well as a focus on nuclear security, specifically the physical security of nuclear weapons and fissile material storage sites in countries where powerful nonstate actors are present. Particularly because these non-state actors, who lack their own sovereign territory, cannot be ‘deterred’ in the traditional sense. In light of the current threat environment, it’s necessary to now rethink these strategies in the 21st century – a multipolar world with the presence of powerful non-state actors. As a country in the spotlight for its low ranking on the Nuclear Threat Initiative’s (NTI) Nuclear Security Index, Pakistan is a relevant example to explore the question of whether the presence of non-state actors poses a real risk to nuclear security today. It’s necessary to take a look at their nuclear security policies to determine if they’re robust enough to deal with political instability and violence in the country. After carrying out interviews with experts in May 2017 in Islamabad on nuclear security and nuclear terrorism, this paper aims to highlight findings by providing a Pakistan-centric view on the subject and give experts there a chance to counter criticism. Western media would have us fearful of nuclear security mechanisms in Pakistan after reports that areas such as cybersecurity and accounting and control of materials are weak, as well as sensitive nuclear material being transported in unmarked, unguarded vehicles. Also reported are cases where terrorist groups carried out targeted attacks against Pakistani military bases or secure sites where nuclear material is stored. One specific question asked of each interviewee in Islamabad was Do you feel the threat of nuclear terrorism calls into question the reliance on deterrence? Their responses will be elaborated on in the longer paper, but overall they demonstrate views that deterrence still serves a purpose for state-to-state security strategy, but not for a state in countering nonstate threats. If nuclear security is lax enough for these non-state actors to get their hands on either an intact nuclear weapon or enough military-grade fissile material to build a nuclear weapon, then what would stop them from launching a nuclear attack? As deterrence is a state-centric strategy, it doesn’t work to deter non-state actors from carrying out an attack on another state, as they lack their own territory, and as such, are not fearful of a reprisal attack. Deterrence will need to be addressed, and its relevance analyzed to determine its utility in the current security environment. The aim of this research is to demonstrate the real risk of nuclear terrorism by pointing to weaknesses in global nuclear security, particularly in Pakistan. The research also aims to provoke thought on the weaknesses of deterrence as a whole. Original thinking is needed as we attempt to adequately respond to the 21st century’s current threat environment.

Keywords: deterrence, non-proliferation, nuclear security, nuclear terrorism

Procedia PDF Downloads 195

Authors: Kathrin F. Schneider, Luis Xavier Unda Galarza

Abstract:

In our modern world, few are the areas that are not permeated by digitalization: we use digital tools for work, study, entertainment, and daily life. Since technology changes rapidly, skills must adapt to the new reality, which gives a dynamic dimension to the set of skills necessary for people's academic, professional, and personal success. The concept of 21st-century digital skills, which includes skills such as collaboration, communication, digital literacy, citizenship, problem-solving, critical thinking, interpersonal skills, creativity, and productivity, have been widely discussed in the literature. Digital transformation has opened many economic opportunities for entrepreneurs for the development of their products, financing possibilities, and product distribution. One of the biggest advantages is the reduction in cost for the entrepreneur, which has opened doors not only for the entrepreneur or the entrepreneurial team but also for corporations through intrapreneurship. The development of students' general literacy level and their digital competencies is crucial for improving the effectiveness and efficiency of the learning process, as well as for students' adaptation to the constantly changing labor market. The digital economy allows a free substantial increase in the supply share of conditional and also innovative products; this is mainly achieved through 5 ways to reduce costs according to the conventional digital economy: search costs, replication, transport, tracking, and verification. Digital entrepreneurship worldwide benefits from such achievements. There is an expansion and democratization of entrepreneurship thanks to the use of digital technologies. The digital transformation that has been taking place in recent years is more challenging for developing countries, as they have fewer resources available to carry out this transformation while offering all the necessary support in terms of cybersecurity and educating their people. The degree of digitization (use of digital technology) in a country and the levels of digital literacy of its people often depend on the economic level and situation of the country. Telefónica's Digital Life Index (TIDL) scores are strongly correlated with country wealth, reflecting the greater resources that richer countries can contribute to promoting "Digital Life". According to the Digitization Index, Ecuador is in the group of "emerging countries", while Chile, Colombia, Brazil, Argentina, and Uruguay are in the group of "countries in transition". According to Herrera Espinoza et al. (2022), there are startups or digital ventures in Ecuador, especially in certain niches, but many of the ventures do not exceed six months of creation because they arise out of necessity and not out of the opportunity. However, there is a lack of relevant research, especially empirical research, to have a clearer vision. Through a self-report questionnaire, the digital skills of students will be measured in an Ecuadorian private university, according to the skills identified as the six 21st-century skills. The results will be put to the test against the variable of the intention to start a digital venture measured using the theory of planned behavior (TPB). The main hypothesis is that high digital competence is positively correlated with the intention to start digital entrepreneurship.

Keywords: new literacies, digital transformation, 21st century skills, theory of planned behavior, digital entrepreneurship

Procedia PDF Downloads 63

Authors: Antonella Falanga, Armando Cartenì

Abstract:

Today, an unprecedented amount of data coming from several sources, including mobile devices, sensors, tracking systems, and online platforms, characterizes our lives. The term “big data” not only refers to the quantity of data but also to the variety and speed of data generation. These data hold valuable insights that, when extracted and analyzed, facilitate informed decision-making. The 4Vs of big data - velocity, volume, variety, and value - highlight essential aspects, showcasing the rapid generation, vast quantities, diverse sources, and potential value addition of these kinds of data. This surge of information has revolutionized many sectors, such as business for improving decision-making processes, healthcare for clinical record analysis and medical research, education for enhancing teaching methodologies, agriculture for optimizing crop management, finance for risk assessment and fraud detection, media and entertainment for personalized content recommendations, emergency for a real-time response during crisis/events, and also mobility for the urban planning and for the design/management of public and private transport services. Big data's pervasive impact enhances societal aspects, elevating the quality of life, service efficiency, and problem-solving capacities. However, during this transformative era, new challenges arise, including data quality, privacy, data security, cybersecurity, interoperability, the need for advanced infrastructures, and staff training. Within the transportation sector (the one investigated in this research), applications span planning, designing, and managing systems and mobility services. Among the most common big data applications within the transport sector are, for example, real-time traffic monitoring, bus/freight vehicle route optimization, vehicle maintenance, road safety and all the autonomous and connected vehicles applications. Benefits include a reduction in travel times, road accidents and pollutant emissions. Within these issues, the proper transport demand estimation is crucial for sustainable transportation planning. Evaluating the impact of sustainable mobility policies starts with a quantitative analysis of travel demand. Achieving transportation decarbonization goals hinges on precise estimations of demand for individual transport modes. Emerging technologies, offering substantial big data at lower costs than traditional methods, play a pivotal role in this context. Starting from these considerations, this study explores the usefulness impact of big data within transport demand estimation. This research focuses on leveraging (big) data collected during the COVID-19 pandemic to estimate the evolution of the mobility demand in Italy. Estimation results reveal in the post-COVID-19 era, more than 96 million national daily trips, about 2.6 trips per capita, with a mobile population of more than 37.6 million Italian travelers per day. Overall, this research allows us to conclude that big data better enhances rational decision-making for mobility demand estimation, which is imperative for adeptly planning and allocating investments in transportation infrastructures and services.

Keywords: big data, cloud computing, decision-making, mobility demand, transportation

Procedia PDF Downloads 37

Authors: Jose L. Diego, Antonio Berlanga, Gregorio López, Diana López

Abstract:

The Rayuela method is a success story, as it is part of a project selected by the European Commission to face the challenge launched by itself for achieving a better understanding of human factors, as well as social and organisational aspects that are able to solve issues in fighting against crime. Rayuela's method specifically focuses on the drivers of cyber criminality, including approaches to prevent, investigate, and mitigate cybercriminal behavior. As the internet has become an integral part of young people’s lives, they are the key target of the Rayuela method because they (as a victim or as a perpetrator) are the most vulnerable link of the chain. Considering the increased time spent online and the control of their internet usage and the low level of awareness of cyber threats and their potential impact, it is understandable the proliferation of incidents due to human mistakes. 51% of Europeans feel not well informed about cyber threats, and 86% believe that the risk of becoming a victim of cybercrime is rapidly increasing. On the other hand, Law enforcement has noted that more and more young people are increasingly committing cybercrimes. This is an international problem that has considerable cost implications; it is estimated that crimes in cyberspace will cost the global economy $445B annually. Understanding all these phenomena drives to the necessity of a shift in focus from sanctions to deterrence and prevention. As a research project, Rayuela aims to bring together law enforcement agencies (LEAs), sociologists, psychologists, anthropologists, legal experts, computer scientists, and engineers, to develop novel methodologies that allow better understanding the factors affecting online behavior related to new ways of cyber criminality, as well as promoting the potential of these young talents for cybersecurity and technologies. Rayuela’s main goal is to better understand the drivers and human factors affecting certain relevant ways of cyber criminality, as well as empower and educate young people in the benefits, risks, and threats intrinsically linked to the use of the Internet by playing, thus preventing and mitigating cybercriminal behavior. In order to reach that goal it´s necessary an interdisciplinary consortium (formed by 17 international partners) carries out researches and actions like Profiling and case studies of cybercriminals and victims, risk assessments, studies on Internet of Things and its vulnerabilities, development of a serious gaming environment, training activities, data analysis and interpretation using Artificial intelligence, testing and piloting, etc. For facilitating the real implementation of the Rayuela method, as a community policing strategy, is crucial to count on a Police Force with a solid background in trust-building and community policing in order to do the piloting, specifically with young people. In this sense, Valencia Local Police is a pioneer Police Force working with young people in conflict solving, through providing police mediation and peer mediation services and advice. As an example, it is an official mediation institution, so agreements signed by their police mediators have once signed by the parties, the value of a judicial decision.

Keywords: fight against crime and insecurity, avert and prepare young people against aggression, ICT, serious gaming and artificial intelligence against cybercrime, conflict solving and mediation with young people

Procedia PDF Downloads 96

Authors: Fatemeh Modirzare

Abstract:

Smart interior design represents a transformative approach to creating living spaces that integrate technology seamlessly into our daily lives, enhancing comfort, convenience, and sustainability. This paper explores the concept of smart interior design, its principles, benefits, challenges, and future prospects. It also highlights various examples and applications of smart interior design to illustrate its potential in shaping the way we live and interact with our surroundings. In an increasingly digitized world, the boundaries between technology and interior design are blurring. Smart interior design, also known as intelligent or connected interior design, involves the incorporation of advanced technologies and automation systems into residential and commercial spaces. This innovative approach aims to make living environments more efficient, comfortable, and adaptable while promoting sustainability and user well-being. Smart interior design seamlessly integrates technology into the aesthetics and functionality of a space, ensuring that devices and systems do not disrupt the overall design. Sustainable materials, energy-efficient systems, and eco-friendly practices are central to smart interior design, reducing environmental impact. Spaces are designed to be adaptable, allowing for reconfiguration to suit changing needs and preferences. Smart homes and spaces offer greater comfort through features like automated climate control, adjustable lighting, and customizable ambiance. Smart interior design can significantly reduce energy consumption through optimized heating, cooling, and lighting systems. Smart interior design integrates security systems, fire detection, and emergency response mechanisms for enhanced safety. Sustainable materials, energy-efficient appliances, and waste reduction practices contribute to a greener living environment. Implementing smart interior design can be expensive, particularly when retrofitting existing spaces with smart technologies. The increased connectivity raises concerns about data privacy and cybersecurity, requiring robust measures to protect user information. Rapid advancements in technology may lead to obsolescence, necessitating updates and replacements. Users must be familiar with smart systems to fully benefit from them, requiring education and ongoing support. Residential spaces incorporate features like voice-activated assistants, automated lighting, and energy management systems. Intelligent office design enhances productivity and employee well-being through smart lighting, climate control, and meeting room booking systems. Hospitals and healthcare facilities use smart interior design for patient monitoring, wayfinding, and energy conservation. Smart retail design includes interactive displays, personalized shopping experiences, and inventory management systems. The future of smart interior design holds exciting possibilities, including AI-powered design tools that create personalized spaces based on user preferences. Smart interior design will increasingly prioritize factors that improve physical and mental health, such as air quality monitoring and mood-enhancing lighting. Smart interior design is revolutionizing the way we interact with our living and working spaces. By embracing technology, sustainability, and user-centric design principles, smart interior design offers numerous benefits, from increased comfort and convenience to energy efficiency and sustainability. Despite challenges, the future holds tremendous potential for further innovation in this field, promising a more connected, efficient, and harmonious way of living and working.

Keywords: smart interior design, home automation, sustainable living spaces, technological integration, user-centric design

Procedia PDF Downloads 39

Authors: Waqas Ali, Nadeem Majeed

Abstract:

Requirement engineering is an essence of software development life cycle. The more time we spend on requirement engineering, higher the probability of success. Effective requirement engineering ensures and predicts successful software product. This paper presents the adaptation of requirement engineering practices in small and medium size companies of Pakistan. The study is conducted by questionnaires to show how much of requirement engineering models and practices are followed in Pakistan.

Keywords: requirement engineering, Pakistan, models, practices, organizations

Procedia PDF Downloads 688

Authors: Myunghoun Jang

Abstract:

Most engineering colleges in South Korea have engineering design classes in order to develop and enhance a student's creativity and problem-solving ability. Many cases about engineering design class are shown in journals and magazines, but a case lasting many years is few. The engineering design class in the Department of Architectural Engineering, Jeju National University was open in 2009 and continues to this year. 3-5 teams in every year set up their problems found their solutions and produced good results. Three of the results obtained patents. The class also provides students with opportunities to improve communication skill because they have many discussions in solving their problems.

Keywords: engineering design, architectural engineering, team-based learning, construction safety

Procedia PDF Downloads 205

Authors: H. Naccache, R. Hleiss

Abstract:

The aim of this research is to study the relationship between the performance of engineering students in different math courses and their performance in specific engineering courses. The considered courses are taken mainly by engineering students during the first two years of their major. Several factors are being studied, such as gender and final grades in the math and specific engineering courses. Participants of this study comprised a sample of more than thousands of engineering students at Lebanese University during their tertiary academic years. A significant relationship tends to appear between these factors and the performance of students in engineering courses. Moreover, female students appear to outperform their male counterparts in both the math and engineering courses, and a high correlation was found between their grades in math courses and their grades in specific engineering courses. The results and implications of the study were being discussed.

Keywords: education, engineering, math, performance

Procedia PDF Downloads 312

Authors: Johnstone Walubengo Wangusi

Abstract:

Geotechnical engineering is a multidisciplinary field that encompasses the study of soil, rock, and groundwater properties and their interactions with civil engineering structures. This research paper provides an in-depth overview of geotechnical engineering, covering its fundamental principles, applications in civil infrastructure projects, and the challenges faced by practitioners in the field. Through a comprehensive examination of soil mechanics, foundation design, slope stability analysis, and geotechnical site investigation techniques, this paper aims to highlight the importance of geotechnical engineering in ensuring the safety, stability, and sustainability of infrastructure development. Additionally, it discusses emerging trends, innovative technologies, and future directions in geotechnical engineering research and practice.

Keywords: sustainable geotechnical engineering solutions, education and training for future generations geotechnical engineers, integration of geotechnical engineering and structural engineering, use of AI in geotechnical engineering modelling

Procedia PDF Downloads 21

Authors: Ali E. Abbas

Abstract:

Industrial Engineering is a broad multidisciplinary field with intersections and applications in numerous areas. When designing a product, it is important to determine the appropriate attributes of value and the preference function for which the product is optimized. This paper provides some guidelines on appropriate selection of attributes for preference and value functions for engineering design.

Keywords: decision analysis, industrial engineering, direct vs. indirect values, engineering management

Procedia PDF Downloads 279

Authors: Sunday Olufemi Adesogan

Abstract:

There is a strong link between engineering and development. Engineering as a profession is a call to service by the society. Perhaps next to soldiers, engineers are the most patriotic professionals. However, unlike soldiers, they remain servants of society at all times and in all circumstances. Despite their role to the society, engineering profession seems not to be enjoying the respect due to it probably because of failures associated with some engineering projects. This paper focuses on the need to improve on engineering practices for developments in developing countries using Engineering practice in Nigerian Universities as a tool for argument. Purposeful Survey, interview and focus group discussion were carried out among one hundred and twenty (120) reputable firms in Nigeria. The topic was approached through a few projects that the firms have been involved in from the planning stage, some to completion and beyond into the stage of maintenance and monitoring. It is revealed that some factors which are not determined by the engineers themselves impeded progress and full success of engineering practice in developing countries. The key culprit is corruption whose eradication will put the nation on the solid path of effective engineering development and poverty alleviation.

Keywords: development, engineering, practices, sustainable

Procedia PDF Downloads 305

Authors: Jay Xiong, Li Lin

Abstract:

This paper introduces a new software engineering paradigm based on complexity science, called NSE (Nonlinear Software Engineering paradigm). The purpose of establishing NSE is to help software development organizations double their productivity, half their cost, and increase the quality of their products in several orders of magnitude simultaneously. NSE complies with the essential principles of complexity science. NSE brings revolutionary changes to almost all aspects in software engineering. NSE has been fully implemented with its support platform Panorama++.

Keywords: complexity science, software development, software engineering, software maintenance

Procedia PDF Downloads 240

Authors: Roberto Cerchione, Emilio Esposito, Mario Raffa

Abstract:

The relevance and the strategic importance of engineering skills in innovation and in the development of businesses and organizations push to investigate the role of the engineer in society today. In the twentieth century the emergence of a variety of technical and scientific knowledge has led to the rise of new areas of skills going from a "all-comprehensive" engineering to an engineering characterized by many specializations. Organizational and structural changes within companies and the emergence of an industrial society based on multiple interrelationships led to the transformation of engineering education. The objective of this work is to report main steps and many pioneering experiences, both national and international, that have led to establish a graduate degree program in Engineering Management and its subsequent evolution in Entrepreneurial Engineering. The first section of this article focuses on the origins and precursors of Engineering Management education. The second section concerns main Italian education programs. Then the attention is focused on the evolution of Engineering Management in Naples, on the intersectoral nature of this degree program, on the relationship with business community, associations, labor market, small businesses and environment. Finally, the discussion of recent years about the skills that characterize entrepreneurial engineer in society are presented.

Keywords: education, engineering management, entrepreunerial engineering, engineering skills, managerial skills, entrepreneurial skills

Procedia PDF Downloads 460

Authors: Mariam Wagih Nagib Eskandar

Abstract:

The engineering design process is the activities formulation, to help an engineer raising a plan with a specified goal and performance. The engineering design process is a multi-stage course of action including the conceptualization, research, feasibility studies, establishment of design parameters, preliminary and finally the detailed design. It is a progression from the abstract to the concrete; starting with probably abstract ideas about need, and thereafter elaborating detailed specifications of the object that would satisfy the needs, identified. Engineering design issues, problems, and solutions are discussed in this paper using qualitative approach from an information structure perspective. The objective is to identify the problems, to analyze them and propose solutions by integrating; innovation, practical experience, time and resource management, communications skills, isolating the problem in coordination with all stakeholders. Consequently, this would be beneficial for the engineering community to improve the Engineering design practices.

Keywords: education, engineering, math, performanceengineering design, architectural engineering, team-based learning, construction safetyrequirement engineering, models, practices, organizations

Procedia PDF Downloads 36

Authors: M. U. Arshid, M. A. Kamal

Abstract:

The engineering design process is the activities formulation, to help an engineer raising a plan with a specified goal and performance. The engineering design process is a multi-stage course of action including the conceptualization, research, feasibility studies, establishment of design parameters, preliminary and finally the detailed design. It is a progression from the abstract to the concrete; starting with probably abstract ideas about need, and thereafter elaborating detailed specifications of the object that would satisfy the needs, identified. Engineering design issues, problems, and solutions are discussed in this paper using qualitative approach from an information structure perspective. The objective is to identify the problems, to analyze them and propose solutions by integrating; innovation, practical experience, time and resource management, communications skills, isolating the problem in coordination with all stakeholders. Consequently, this would be beneficial for the engineering community to improve the Engineering design practices.

Keywords: engineering design, engineering design issues, innovation, public sector projects

Procedia PDF Downloads 314

Authors: Liang Wang, Wei Zhang

Abstract:

There have been some existing researches on design-based engineering learning (DBEL) and project-based or problem-based engineering learning (PBEL). Those findings have greatly promoted the reform of engineering education in China. However, the engineering with a big E means that more and more engineering activities are designed and operated by communities of practice (CoPs), namely community-based engineering learning. However, whether community-based engineering learning can promote students' innovation has not been verified in published articles. This study fills this gap by investigating the relationship between community-based learning approach and students’ creativity, using engineering identity as an intermediary variable. The goal of this study is to discover the core features of community-based engineering learning, and make the features more beneficial for students’ creativity. The study created and adapted open survey items from previously published studies and a scale on learning community, students’ creativity and engineering identity. Firstly, qualitative content analysis methods by MAXQDA were used to analyze 32 open-ended questionnaires. Then the authors collected data (n=322) from undergraduate students in engineering competition teams and engineering laboratories in Zhejiang University, and structural equation modelling (SEM) was used to understand the relationship between different factors. The study finds: (a) community-based engineering learning has four main elements like real-task context, self-inquiry learning, deeply-consulted cooperation and circularly-iterated design, (b) community-based engineering learning can significantly enhance the engineering undergraduate students’ creativity, and (c) engineering identity partially moderated the relationship between community-based engineering learning and undergraduate students' creativity. The findings further illustrate the value of community-based engineering learning for undergraduate students. In the future research, the authors should further clarify the core mechanism of community-based engineering learning, and pay attention to the cultivation of undergraduate students’ engineer identity in learning community.

Keywords: community-based engineering learning, students' creativity, engineering identity, moderate effect

Procedia PDF Downloads 105

Authors: V. Nalina, P. Jayarekha

Abstract:

Consultancy by an engineering faculty member of an institution undertakes consulting assignments to provide professional or technical solutions to specific fields. Consulting is providing an opportunity for the engineering faculty to share their insights for the real world problems. It is a dynamic learning process with respect to students and faculty as it increases the teaching and research activities. In this paper, we discuss the need for consultancy in engineering education with faculty contribution towards consultancy and advantages of consultancy to institutions. Balance the workload of the faculty consulting with the responsibilities of academics defined by the universities.

Keywords: consultancy, academic consulting, engineering consultancy, faculty consulting

Procedia PDF Downloads 422

Authors: Mohammed A. Al-Ajmi, Reem S. Al-Kandari

Abstract:

This study is concerned with the behavior of engineering students in Kuwait University which became a concern due to the global issues of education in all levels. A survey has been conducted to identify academic and societal issues that affect the engineering student performance through. The study is drawing major conclusions with regard to private tutoring and the online availability of textbooks’ solution manuals.

Keywords: solution manual, engineering, textbook, ethics

Procedia PDF Downloads 466