Search results for: dark side of information security
14425 An Overview of Privacy and Security Issues in Social Networks
Authors: Mohamad Ibrahim Al Ladan
Abstract:
Social networks, such as Facebook, Myspace, LinkedIn, Google+, and Twitter have experienced exponential growth and a remarkable adoption rate in recent years. They provide attractive means of online social interactions and communications with family, friends, and colleagues from around the corner or across the globe, and they have become an important part of daily digital interactions for more than one and a half billion users around the world. The various personal information sharing practices that social network providers encourage have led to their success as innovative social interaction platforms. However, these practices have resulted in ample concerns with respect to privacy and security from different stakeholders. Addressing these privacy and security concerns in social networks is a must for these networks to be sustainable. Existing security and privacy tools may not be enough to address existing concerns. Some guidelines should be followed to protect users from the existing risks. In this paper, we have investigated and discussed the various privacy and security issues and concerns pertaining to social networks. Moreover, we have classified these privacy and security issues and presented a thorough discussion of the implications of these issues and concerns on the future of the social networks. In addition, we have presented a set of guidelines as precaution measures that users can consider to address these issues and concerns.Keywords: social networks privacy issues, social networks security issues, social networks privacy precautions measures, social networks security precautions measures
Procedia PDF Downloads 27214424 Towards a Security Model against Denial of Service Attacks for SIP Traffic
Authors: Arellano Karina, Diego Avila-Pesántez, Leticia Vaca-Cárdenas, Alberto Arellano, Carmen Mantilla
Abstract:
Nowadays, security threats in Voice over IP (VoIP) systems are an essential and latent concern for people in charge of security in a corporate network, because, every day, new Denial-of-Service (DoS) attacks are developed. These affect the business continuity of an organization, regarding confidentiality, availability, and integrity of services, causing frequent losses of both information and money. The purpose of this study is to establish the necessary measures to mitigate DoS threats, which affect the availability of VoIP systems, based on the Session Initiation Protocol (SIP). A Security Model called MS-DoS-SIP is proposed, which is based on two approaches. The first one analyzes the recommendations of international security standards. The second approach takes into account weaknesses and threats. The implementation of this model in a VoIP simulated system allowed to minimize the present vulnerabilities in 92% and increase the availability time of the VoIP service into an organization.Keywords: Denial-of-Service SIP attacks, MS-DoS-SIP, security model, VoIP-SIP vulnerabilities
Procedia PDF Downloads 17014423 4P-Model of Information Terrorism
Authors: Nataliya Venelinova
Abstract:
The paper proposes a new interdisciplinary model of reconsidering the role of mass communication effects by coverage of terrorism. The idea of 4P model is based on the synergy, created by the information strategy of threat, predominantly used by terrorist groups, the effects of mediating the symbolic action of the terrorist attacks or the taking of responsibility of any attacks, and the reshaped public perception for security after the attacks being mass communicated. The paper defines the mass communication cycle of terrorism, which leads not only to re-agenda setting of the societies, but also spirally amplifying the effect of propagating fears by over-informing on terrorism attacks. This finally results in the outlining of the so called 4P-model of information terrorism: mass propaganda, panic, paranoia and pandemic.Keywords: information terrorism, mass communication cycle, public perception, security
Procedia PDF Downloads 14214422 Chaos Cryptography in Cloud Architectures with Lower Latency
Authors: Mohammad A. Alia
Abstract:
With the rapid evolution of the internet applications, cloud computing becomes one of today’s hottest research areas due to its ability to reduce costs associated with computing. Cloud is, therefore, increasing flexibility and scalability for computing services in the internet. Cloud computing is Internet based computing due to shared resources and information which are dynamically delivered to consumers. As cloud computing share resources via the open network, hence cloud outsourcing is vulnerable to attack. Therefore, this paper will explore data security of cloud computing by implementing chaotic cryptography. The proposal scenario develops a problem transformation technique that enables customers to secretly transform their information. This work proposes the chaotic cryptographic algorithms have been applied to enhance the security of the cloud computing accessibility. However, the proposed scenario is secure, easy and straightforward process. The chaotic encryption and digital signature systems ensure the security of the proposed scenario. Though, the choice of the key size becomes crucial to prevent a brute force attack.Keywords: chaos, cloud computing, security, cryptography
Procedia PDF Downloads 30914421 Security Architecture for Cloud Networking: A Survey
Authors: Vishnu Pratap Singh Kirar
Abstract:
In the cloud computing hierarchy IaaS is the lowest layer, all other layers are built over it. Thus it is the most important layer of cloud and requisite more importance. Along with advantages IaaS faces some serious security related issue. Mainly Security focuses on Integrity, confidentiality and availability. Cloud computing facilitate to share the resources inside as well as outside of the cloud. On the other hand, cloud still not in the state to provide surety to 100% data security. Cloud provider must ensure that end user/client get a Quality of Service. In this report we describe possible aspects of cloud related security.Keywords: cloud computing, cloud networking, IaaS, PaaS, SaaS, cloud security
Procedia PDF Downloads 49914420 Islamic Social Security: A Discourse
Authors: Safiyya A. Abba, Shehu U. R. Aliyu
Abstract:
This paper deals with Islamic social security: a discourse explores the meaning and nature of Islamic social security system. The paper reviews the social security framework and operations during the early period. The paper further identifies the instruments of Islamic social security discusses its principles and objectives. The paper discovers that Islamic social security is a personification of a comprehensive welfare approach in view of its varied instruments that are deeply rooted in the Islamic law, unique principles and realistic and achievable objectives. Furthermore, the Islamic social security system has far reaching socioeconomic implications; social justice, cohesion, equity, a catalyst for poverty eradication, income redistribution, economic growth and development.Keywords: Islamic social security, basic needs, zakat, socioeconomic justice, equity
Procedia PDF Downloads 40314419 Securing Healthcare IoT Devices and Enabling SIEM Integration: Addressing
Authors: Mubarak Saadu Nabunkari, Abdullahi Abdu Ibrahim, Muhammad Ilyas
Abstract:
This study looks at how Internet of Things (IoT) devices are used in healthcare to monitor and treat patients better. However, using these devices in healthcare comes with security problems. The research explores using Security Information and Event Management (SIEM) systems with healthcare IoT devices to solve these security challenges. Reviewing existing literature shows the current state of IoT security and emphasizes the need for better protection. The main worry is that healthcare IoT devices can be easily hacked, putting patient data and device functionality at risk. To address this, the research suggests a detailed security framework designed for these devices. This framework, based on literature and best practices, includes important security measures like authentication, data encryption, access controls, and anomaly detection. Adding SIEM systems to this framework helps detect threats in real time and respond quickly to incidents, making healthcare IoT devices more secure. The study highlights the importance of this integration and offers guidance for implementing healthcare IoT securely, efficiently, and effectively.Keywords: cyber security, threat intelligence, forensics, heath care
Procedia PDF Downloads 1814418 Advanced Fuzzy Control for a Doubly Fed Induction Generator in Wind Energy Conversion Systems
Authors: Santhosh Kumat T., Priya E.
Abstract:
The control of a doubly fed induction generator by fuzzy is described. The active and reactive power can be controlled by rotor and grid side converters with fuzzy controller. The main objective is to maintain constant voltage and frequency at the output of the generator. However the Line Side Converter (LSC) can be controlled to supply up to 50% of the required reactive current. When the crowbar is not activated the DFIG can supply reactive power from the rotor side through the machine as well as through the LSC.Keywords: Doubly Fed Induction Generator (DFIG), Rotor Side Converter (RSC), Grid Side Converter (GSC), Wind Energy Conversion Systems (WECS)
Procedia PDF Downloads 55314417 Tenure Security, Agricultural Diversity and Food Security
Authors: Amanuel Hadera Gebreyesus
Abstract:
In the literature, the study of tenure and food security has largely involved separate lines of inquiry. In effect, the nexus among these has received little attention; and the underinvestment in research related to the relationship between tenure and food security deters generation of tenure-related knowledge and policy guidance for improving food and nutrition security. Drawing from this motivation, we study the relationship among tenure security, agricultural diversity and food security and dietary diversity. We employ IV approaches to examine the effect of tenure security and agricultural diversity on food security and dietary diversity. We find tenure security is inversely related with food insecurity as shown by its negative association with hunger scale, hunger index and hunger category. On the other hand, results suggest that tenure security improves minimum dietary diversity of women while we find no association with child dietary diversity. Moreover, agricultural diversity is positively related with minimum dietary diversity of women, which may point to higher accessibility and consumption of dietary food groups by women. Also, findings suggest that farmers use their human (knowledge and skills) and resource (land) endowments to improve food security and dietary diversity. An implication from this is the importance of not only improving access to land but also long-term tenure security to promote agricultural diversity, food security and dietary diversity.Keywords: tenure security, food security, agricultural diversity, dietary diversity, women
Procedia PDF Downloads 16314416 Emerging Cyber Threats and Cognitive Vulnerabilities: Cyberterrorism
Authors: Oludare Isaac Abiodun, Esther Omolara Abiodun
Abstract:
The purpose of this paper is to demonstrate that cyberterrorism is existing and poses a threat to computer security and national security. Nowadays, people have become excitedly dependent upon computers, phones, the Internet, and the Internet of things systems to share information, communicate, conduct a search, etc. However, these network systems are at risk from a different source that is known and unknown. These network systems risk being caused by some malicious individuals, groups, organizations, or governments, they take advantage of vulnerabilities in the computer system to hawk sensitive information from people, organizations, or governments. In doing so, they are engaging themselves in computer threats, crime, and terrorism, thereby making the use of computers insecure for others. The threat of cyberterrorism is of various forms and ranges from one country to another country. These threats include disrupting communications and information, stealing data, destroying data, leaking, and breaching data, interfering with messages and networks, and in some cases, demanding financial rewards for stolen data. Hence, this study identifies many ways that cyberterrorists utilize the Internet as a tool to advance their malicious mission, which negatively affects computer security and safety. One could identify causes for disparate anomaly behaviors and the theoretical, ideological, and current forms of the likelihood of cyberterrorism. Therefore, for a countermeasure, this paper proposes the use of previous and current computer security models as found in the literature to help in countering cyberterrorismKeywords: cyberterrorism, computer security, information, internet, terrorism, threat, digital forensic solution
Procedia PDF Downloads 6914415 VANETs: Security Challenges and Future Directions
Authors: Jared Oluoch
Abstract:
Connected vehicles are equipped with wireless sensors that aid in Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I) communication. These vehicles will in the near future provide road safety, improve transport efficiency, and reduce traffic congestion. One of the challenges for connected vehicles is how to ensure that information sent across the network is secure. If security of the network is not guaranteed, several attacks can occur, thereby compromising the robustness, reliability, and efficiency of the network. This paper discusses existing security mechanisms and unique properties of connected vehicles. The methodology employed in this work is exploratory. The paper reviews existing security solutions for connected vehicles. More concretely, it discusses various cryptographic mechanisms available, and suggests areas of improvement. The study proposes a combination of symmetric key encryption and public key cryptography to improve security. The study further proposes message aggregation as a technique to overcome message redundancy. This paper offers a comprehensive overview of connected vehicles technology, its applications, its security mechanisms, open challenges, and potential areas of future research.Keywords: VANET, connected vehicles, 802.11p, WAVE, DSRC, trust, security, cryptography
Procedia PDF Downloads 27514414 Simple Ways to Enhance the Security of Web Services
Authors: Majid Azarniush, Soroush Mokallaei
Abstract:
Although robust security software, including anti-viruses, anti spy wares, anti-spam and firewalls, are amalgamated with new technologies such as Safe Zone, Hybrid Cloud, Sand Box etc., and it can be said that they have managed to prepare highest level of security against viruses, spy wares and other malwares in 2012, but in fact hackers' attacks to websites are increasingly becoming more and more complicated. Because of security matters and developments, it can be said that it was expected to happen so. Here in this work, we try to point out to some functional and vital notes to enhance security on the web enabling the user to browse safely in no limit web world and to use virtual space securely.Keywords: firewalls, security, web services, software
Procedia PDF Downloads 45414413 About the Number of Fundamental Physical Interactions
Authors: Andrey Angorsky
Abstract:
In the article an issue about the possible number of fundamental physical interactions is studied. The theory of similarity on the dimensionless quantity as the damping ratio serves as the instrument of analysis. The structure with the features of Higgs field comes out from non-commutative expression for this ratio. The experimentally checked up supposition about the nature of dark energy is spoken out.Keywords: damping ratio, dark energy, dimensionless quantity, fundamental physical interactions, Higgs field, non-commutative expression
Procedia PDF Downloads 10314412 Challenges in E-Government: Conceptual Views and Solutions
Authors: Rasim Alguliev, Farhad Yusifov
Abstract:
Considering the international experience, conceptual and architectural principles of forming of electron government are researched and some suggestions were made. The assessment of monitoring of forming processes of electron government, intellectual analysis of web-resources, provision of information security, electron democracy problems were researched, conceptual approaches were suggested. By taking into consideration main principles of electron government theory, important research directions were specified.Keywords: electron government, public administration, information security, web-analytics, social networks, data mining
Procedia PDF Downloads 43814411 Data Security: An Enhancement of E-mail Security Algorithm to Secure Data Across State Owned Agencies
Authors: Lindelwa Mngomezulu, Tonderai Muchenje
Abstract:
Over the decades, E-mails provide easy, fast and timely communication enabling businesses and state owned agencies to communicate with their stakeholders and with their own employees in real-time. Moreover, since the launch of Microsoft office 365 and many other clouds based E-mail services, many businesses have been migrating from the on premises E-mail services to the cloud and more precisely since the beginning of the Covid-19 pandemic, there has been a significant increase of E-mails utilization, which then leads to the increase of cyber-attacks. In that regard, E-mail security has become very important in the E-mail transportation to ensure that the E-mail gets to the recipient without the data integrity being compromised. The classification of the features to enhance E-mail security for further from the enhanced cyber-attacks as we are aware that since the technology is advancing so at the cyber-attacks. Therefore, in order to maximize the data integrity we need to also maximize security of the E-mails such as enhanced E-mail authentication. The successful enhancement of E-mail security in the future may lessen the frequency of information thefts via E-mails, resulting in the data of South African State-owned agencies not being compromised.Keywords: e-mail security, cyber-attacks, data integrity, authentication
Procedia PDF Downloads 10314410 Influence of Mooring Conditions on Side-By-Side Offloading System Safety Performance
Authors: Liu Shengnan, Sun Liping, Zhu Jianxun
Abstract:
Based on three dimensional potential flow theory, hydrodynamic response analysis is carried on the multi floating bodies system composed of FPSO moored with yoke and shuttle tanker. It considered hydrodynamic interaction between FPSO and shuttle tanker, interaction between the hull and yoke mooring systems, hawsers, fenders, and then focuses on hawsers of the side-by-side offloading system. The influence of hawsers parameters on system safety is studied in respects of hawser stiffness, length and arrangement. Through analysis in different environment conditions and two typical loading conditions, it can be found that a better safety performance can be achieved through these three ways including enlarging the number of hawsers as well as the stiffness of hawsers, changing the length and arrangement of hawsers.Keywords: yoke mooring, side-by-side offloading, multi floating body, hawser, safety
Procedia PDF Downloads 40014409 General Formula for Water Surface Profile over Side Weir in the Combined, Trapezoidal and Exponential, Channels
Authors: Abdulrahman Abdulrahman
Abstract:
A side weir is a hydraulic structure set into the side of a channel. This structure is used for water level control in channels, to divert flow from a main channel into a side channel when the water level in the main channel exceeds a specific limit and as storm overflows from urban sewerage system. Computation of water surface over the side weirs is essential to determine the flow rate of the side weir. Analytical solutions for water surface profile along rectangular side weir are available only for the special cases of rectangular and trapezoidal channels considering constant specific energy. In this paper, a rectangular side weir located in a combined (trapezoidal with exponential) channel was considered. Expanding binominal series of integer and fraction powers and the using of reduction formula of cosine function integrals, a general analytical formula was obtained for water surface profile along a side weir in a combined (trapezoidal with exponential) channel. Since triangular, rectangular, trapezoidal and parabolic cross-sections are special cases of the combined cross section, the derived formula, is applicable to triangular, rectangular, trapezoidal cross-sections as analytical solution and semi-analytical solution to parabolic cross-section with maximum relative error smaller than 0.76%. The proposed solution should be a useful engineering tool for the evaluation and design of side weirs in open channel.Keywords: analytical solution, combined channel, exponential channel, side weirs, trapezoidal channel, water surface profile
Procedia PDF Downloads 20914408 A Biometric Template Security Approach to Fingerprints Based on Polynomial Transformations
Authors: Ramon Santana
Abstract:
The use of biometric identifiers in the field of information security, access control to resources, authentication in ATMs and banking among others, are of great concern because of the safety of biometric data. In the general architecture of a biometric system have been detected eight vulnerabilities, six of them allow obtaining minutiae template in plain text. The main consequence of obtaining minutia templates is the loss of biometric identifier for life. To mitigate these vulnerabilities several models to protect minutiae templates have been proposed. Several vulnerabilities in the cryptographic security of these models allow to obtain biometric data in plain text. In order to increase the cryptographic security and ease of reversibility, a minutiae templates protection model is proposed. The model aims to make the cryptographic protection and facilitate the reversibility of data using two levels of security. The first level of security is the data transformation level. In this level generates invariant data to rotation and translation, further transformation is irreversible. The second level of security is the evaluation level, where the encryption key is generated and data is evaluated using a defined evaluation function. The model is aimed at mitigating known vulnerabilities of the proposed models, basing its security on the impossibility of the polynomial reconstruction.Keywords: fingerprint, template protection, bio-cryptography, minutiae protection
Procedia PDF Downloads 14114407 Security as Human Value: Issue of Human Rights in Indian Sub-Continental Operations
Authors: Pratyush Vatsala, Sanjay Ahuja
Abstract:
The national security and human rights are related terms as there is nothing like absolute security or absolute human right. If we are committed to security, human right is a problem and also a solution, and if we deliberate on human rights, security is a problem but also part of the solution. Ultimately, we have to maintain a balance between the two co-related terms. As more and more armed forces are being deployed by the government within the nation for maintaining peace and security, using force against its own citizen, the search for a judicious balance between intent and action needs to be emphasized. Notwithstanding that a nation state needs complete political independence; the search for security is a driving force behind unquestioned sovereignty. If security is a human value, it overlaps the value of freedom, order, and solidarity. Now, the question needs to be explored, to what extent human rights can be compromised in the name of security in Kashmir or Mizoram like places. The present study aims to explore the issue of maintaining a balance between the use of power and good governance as human rights, providing security as a human value. This paper has been prepared with an aim of strengthening the understanding of the complex and multifaceted relationship between human rights and security forces operating for conflict management and identifies some of the critical human rights issues raised in the context of security forces operations highlighting the relevant human rights principles and standards in which Security as human value be respected at all times and in particular in the context of security forces operations in India.Keywords: Kashmir, Mizoram, security, value, human right
Procedia PDF Downloads 24714406 Maintaining User-Level Security in Short Message Service
Authors: T. Arudchelvam, W. W. E. N. Fernando
Abstract:
Mobile phone has become as an essential thing in our life. Therefore, security is the most important thing to be considered in mobile communication. Short message service is the cheapest way of communication via the mobile phones. Therefore, security is very important in the short message service as well. This paper presents a method to maintain the security at user level. Different types of encryption methods are used to implement the user level security in mobile phones. Caesar cipher, Rail Fence, Vigenere cipher and RSA are used as encryption methods in this work. Caesar cipher and the Rail Fence methods are enhanced and implemented. The beauty in this work is that the user can select the encryption method and the key. Therefore, by changing the encryption method and the key time to time, the user can ensure the security of messages. By this work, while users can safely send/receive messages, they can save their information from unauthorised and unwanted people in their own mobile phone as well.Keywords: SMS, user level security, encryption, decryption, short message service, mobile communication
Procedia PDF Downloads 37014405 The Research of Weights Identify of Harbin Ecological Security Evaluation Index Based on AHP
Authors: Rong Guo, Mengshi Huang, Yujing Bai
Abstract:
With the rapid development of urbanization, the urban population increases and urban sprawl appeared. And these issues led to a sharp deterioration of the ecological environment. So, the urban ecological security evaluation was imminent. The weights identify of index was a key step of the research of ecological security evaluation. The AHP was widely used in the extensive research of weights identify of ecological security index. The characteristics of authority and quantitative can fully reflect the views of relevant experts. On the basis of building the ecological security evaluation index of Harbin, the paper combed and used the basic principle of the AHP, and calculated the weights of Harbin ecological security evaluation index through the process of the expert opinions “summary-feedback-summary”. And lay a foundation of future study of Harbin ecological security index, and guide the quantitative evaluation of Harbin ecological security.Keywords: AHP, ecological security, evaluation Index, weights identify, harbin
Procedia PDF Downloads 46614404 How Manufacturing Firm Manages Information Security: Need Pull and Technology Push Perspective
Authors: Geuna Kim, Sanghyun Kim
Abstract:
This study investigates various factors that may influence the ISM process, including the organization’s internal needs and external pressure, and examines the role of regulatory pressure in ISM development and performance. The 105 sets of data collected in a survey were tested against the research model using SEM. The results indicate that NP and TP had positive effects on the ISM process, except for perceived benefits. Regulatory pressure had a positive effect on the relationship between ISM awareness and ISM development and performance.Keywords: information security management, need pull, technology push, regulatory pressure
Procedia PDF Downloads 26814403 Biohydrogen Production Derived from Banana Pseudo Stem of Agricultural Residues by Dark Fermentation
Authors: Kholik
Abstract:
Nowadays, the demand of renewable energy in general is increasing due to the crisis of fossil fuels. Biohydrogen is an alternative fuel with zero emission derived from renewable resources such as banana pseudo stem of agricultural residues. Banana plant can be easily found in tropical and subtropical areas, so the resource is abundant and readily available as a biohydrogen substrate. Banana pseudo stem has not been utilised as a resource or substrate of biohydrogen production and it mainly contains 45-65% cellulose (α-cellulose), 5-15% hemicellulose and 20-30% Lignin, which indicates that banana pseudo stem will be renewable, sustainable and promising resource as lignocellulosic biomass. In this research, biohydrogen is derived from banana pseudo stem by dark fermentation. Dark fermentation is the most suitable approach for practical biohydrogen production from organic solid wastes. The process has several advantages including a fast reaction rate, no need of light, and a smaller footprint. 321 million metric tonnes banana pseudo stem of 428 million metric tonnes banana plantation residues in worldwide for 2013 and 22.5 million metric tonnes banana pseudo stem of 30 million metric tonnes banana plantation residues in Indonesia for 2015 will be able to generate 810.60 million tonne mol H2 and 56.819 million tonne mol H2, respectively. In this paper, we will show that the banana pseudo stem is the renewable, sustainable and promising resource to be utilised and to produce biohydrogen as energy generation with high yield and high contain of cellulose in comparison with the other substrates.Keywords: banana pseudo stem, biohydrogen, dark fermentation, lignocellulosic
Procedia PDF Downloads 32514402 Improving Digital Data Security Awareness among Teacher Candidates with Digital Storytelling Technique
Authors: Veysel Çelik, Aynur Aker, Ebru Güç
Abstract:
Developments in information and communication technologies have increased both the speed of producing information and the speed of accessing new information. Accordingly, the daily lives of individuals have started to change. New concepts such as e-mail, e-government, e-school, e-signature have emerged. For this reason, prospective teachers who will be future teachers or school administrators are expected to have a high awareness of digital data security. The aim of this study is to reveal the effect of the digital storytelling technique on the data security awareness of pre-service teachers of computer and instructional technology education departments. For this purpose, participants were selected based on the principle of volunteering among third-grade students studying at the Computer and Instructional Technologies Department of the Faculty of Education at Siirt University. In the research, the pretest/posttest half experimental research model, one of the experimental research models, was used. In this framework, a 6-week lesson plan on digital data security awareness was prepared in accordance with the digital narration technique. Students in the experimental group formed groups of 3-6 people among themselves. The groups were asked to prepare short videos or animations for digital data security awareness. The completed videos were watched and evaluated together with prospective teachers during the evaluation process, which lasted approximately 2 hours. In the research, both quantitative and qualitative data collection tools were used by using the digital data security awareness scale and the semi-structured interview form consisting of open-ended questions developed by the researchers. According to the data obtained, it was seen that the digital storytelling technique was effective in creating data security awareness and creating permanent behavior changes for computer and instructional technology students.Keywords: digital storytelling, self-regulation, digital data security, teacher candidates, self-efficacy
Procedia PDF Downloads 9514401 Understanding the Basics of Information Security: An Act of Defense
Authors: Sharon Q. Yang, Robert J. Congleton
Abstract:
Information security is a broad concept that covers any issues and concerns about the proper access and use of information on the Internet, including measures and procedures to protect intellectual property and private data from illegal access and online theft; the act of hacking; and any defensive technologies that contest such cybercrimes. As more research and commercial activities are conducted online, cybercrimes have increased significantly, putting sensitive information at risk. Information security has become critically important for organizations and private citizens alike. Hackers scan for network vulnerabilities on the Internet and steal data whenever they can. Cybercrimes disrupt our daily life, cause financial losses, and instigate fear in the public. Since the start of the pandemic, most data related cybercrimes targets have been either financial or health information from companies and organizations. Libraries also should have a high interest in understanding and adopting information security methods to protect their patron data and copyrighted materials. But according to information security professionals, higher education and cultural organizations, including their libraries, are the least prepared entities for cyberattacks. One recent example is that of Steven’s Institute of Technology in New Jersey in the US, which had its network hacked in 2020, with the hackers demanding a ransom. As a result, the network of the college was down for two months, causing serious financial loss. There are other cases where libraries, colleges, and universities have been targeted for data breaches. In order to build an effective defense, we need to understand the most common types of cybercrimes, including phishing, whaling, social engineering, distributed denial of service (DDoS) attacks, malware and ransomware, and hacker profiles. Our research will focus on each hacking technique and related defense measures; and the social background and reasons/purpose of hacker and hacking. Our research shows that hacking techniques will continue to evolve as new applications, housing information, and data on the Internet continue to be developed. Some cybercrimes can be stopped with effective measures, while others present challenges. It is vital that people understand what they face and the consequences when not prepared.Keywords: cybercrimes, hacking technologies, higher education, information security, libraries
Procedia PDF Downloads 10114400 Security Threats on Wireless Sensor Network Protocols
Authors: H. Gorine, M. Ramadan Elmezughi
Abstract:
In this paper, we investigate security issues and challenges facing researchers in wireless sensor networks and countermeasures to resolve them. The broadcast nature of wireless communication makes Wireless Sensor Networks prone to various attacks. Due to resources limitation constraint in terms of limited energy, computation power and memory, security in wireless sensor networks creates different challenges than wired network security. We will discuss several attempts at addressing the issues of security in wireless sensor networks in an attempt to encourage more research into this area.Keywords: wireless sensor networks, network security, light weight encryption, threats
Procedia PDF Downloads 48714399 Towards Security in Virtualization of SDN
Authors: Wanqing You, Kai Qian, Xi He, Ying Qian
Abstract:
In this paper, the potential security issues brought by the virtualization of a Software Defined Networks (SDN) would be analyzed. The virtualization of SDN is achieved by FlowVisor (FV). With FV, a physical network is divided into multiple isolated logical networks while the underlying resources are still shared by different slices (isolated logical networks). However, along with the benefits brought by network virtualization, it also presents some issues regarding security. By examining security issues existing in an OpenFlow network, which uses FlowVisor to slice it into multiple virtual networks, we hope we can get some significant results and also can get further discussions among the security of SDN virtualization.Keywords: SDN, network, virtualization, security
Procedia PDF Downloads 39214398 An Internet of Things Based Home Automation Based on Raspberry Pi and Node JS Server
Authors: Ahmed Khattab, Bassem Shetta
Abstract:
Today, there are many branches of technology, one of them is the internet of things. In this paper, it's focused specifically on automating all the home appliances through E-mail using Node JS server, the server side stores, and processes this data. The server side contains user interface and notification system functionalities which is operated by Raspberry Pi. It will present the security requirements for the smart home. In this application, the privilege of home control including special persons to use it, using the hardware appliances through mobiles and tablets is achieved. The proposed application delivers high quality of service, long lifetime, low maintenance, fast deployment, and low power requirements with low cost needed for development.Keywords: Raspberry Pi, E-mail, home automation, temperature sensor, PIR sensor, actuators, relay
Procedia PDF Downloads 23714397 A Systematic Literature Review on Security and Privacy Design Patterns
Authors: Ebtehal Aljedaani, Maha Aljohani
Abstract:
Privacy and security patterns are both important for developing software that protects users' data and privacy. Privacy patterns are designed to address common privacy problems, such as unauthorized data collection and disclosure. Security patterns are designed to protect software from attack and ensure reliability and trustworthiness. Using privacy and security patterns, software engineers can implement security and privacy by design principles, which means that security and privacy are considered throughout the software development process. These patterns are available to translate "security & privacy-by-design" into practical advice for software engineering. Previous research on privacy and security patterns has typically focused on one category of patterns at a time. This paper aims to bridge this gap by merging the two categories and identifying their similarities and differences. To do this, the authors conducted a systematic literature review of 25 research papers on privacy and security patterns. The papers were analysed based on the category of the pattern, the classification of the pattern, and the security requirements that the pattern addresses. This paper presents the results of a comprehensive review of privacy and security design patterns. The review is intended to help future IT designers understand the relationship between the two types of patterns and how to use them to design secure and privacy-preserving software. The paper provides a clear classification of privacy and security design patterns, along with examples of each type. The authors found that there is only one widely accepted classification of privacy design patterns, while there are several competing classifications of security design patterns. Three types of security design patterns were found to be the most commonly used.Keywords: design patterns, security, privacy, classification of patterns, security patterns, privacy patterns
Procedia PDF Downloads 9214396 The Dark Side of the Fight against Organised Crime
Authors: Ana M. Prieto del Pino
Abstract:
As is well known, UN Convention against Illicit Traffic in Narcotic Drugs and Psychotropic Substances (1988) was a landmark regarding the seizure of proceeds of crime. Depriving criminals of the profits from their activity became a priority at an international level in the fight against organised crime. Enabling confiscation of proceeds of illicit traffic in narcotic drugs and psychotropic substances, criminalising money laundering and confiscating the proceeds thereof are the three measures taken in order to achieve that purpose. The beginning of 21st century brought the declaration of war on corruption and on the illicit enjoyment of the profits thereof onto the international scene. According to the UN Convention against Transnational Organised Crime (2000), States Parties should adopt the necessary measures to enable the confiscation of proceeds of crime derived from offences (or property of equivalent value) and property, equipment and other instrumentalities used in offences covered by that Convention. The UN Convention against Corruption (2003) states asset recovery explicitly as a fundamental principle and sets forth measures aiming at the direct recovery of property through international cooperation in confiscation. Furthermore, European legislation has made many significant strides forward in less than twenty years concerning money laundering, confiscation, and asset recovery. Crime does not pay, let there be no doubt about it. Nevertheless, we must be very careful not to sing out of tune with individual rights and legal guarantees. On the one hand, innocent individuals and businesses must be protected, since they should not pay for the guilty ones’ faults. On the other hand, the rule of law must be preserved and not be tossed aside regarding those who have carried out criminal activities. An in-depth analysis of judicial decisions on money laundering and confiscation of proceeds of crime issued by European national courts and by the European Court of Human Rights in the last decade has been carried out from a human rights, legal guarantees and criminal law basic principles’ perspective. The undertaken study has revealed the violation of the right to property, of the proportionality principle legal and the infringement of basic principles of states’ domestic substantive and procedural criminal law systems. The most relevant ones have to do with the punishment of money laundering committed through negligence, non-conviction based confiscation and a too-far reaching interpretation of the notion of ‘proceeds of crime’. Almost everything in life has a bright and a dark side. Confiscation of criminal proceeds and asset recovery are not an exception to this rule.Keywords: confiscation, human rights, money laundering, organized crime
Procedia PDF Downloads 114