Search results for: security challenges

Authors: Kang Huang, Wanting Zhou, Shiwei Yuan, Lei Li

Abstract:

Since information technology develops rapidly, the security issue has become an increasingly critical for computer system. In particular, as cloud computing and the Internet of Things (IoT) continue to gain widespread adoption, computer systems need to new security threats and attacks. The Root of Trust (RoT) is the foundation for providing basic trusted computing, which is used to verify the security and trustworthiness of other components. Design a reliable Root of Trust and guarantee its own security are essential for improving the overall security and credibility of computer systems. In this paper, we discuss the implementation of self-security technology based on the RISC-V Root of Trust at the hardware level. To effectively safeguard the security of the Root of Trust, researches on security safeguard technology on the Root of Trust have been studied. At first, a lightweight and secure boot framework is proposed as a secure mechanism. Secondly, two kinds of memory protection mechanism are built to against memory attacks. Moreover, hardware implementation of proposed method has been also investigated. A series of experiments and tests have been carried on to verify to effectiveness of the proposed method. The experimental results demonstrated that the proposed approach is effective in verifying the integrity of the Root of Trust’s own boot rom, user instructions, and data, ensuring authenticity and enabling the secure boot of the Root of Trust’s own system. Additionally, our approach provides memory protection against certain types of memory attacks, such as cache leaks and tampering, and ensures the security of root-of-trust sensitive information, including keys.

Keywords: root of trust, secure boot, memory protection, hardware security

Procedia PDF Downloads 140

Authors: Christopher Manyamba

Abstract:

Women in Malawi produce perform between 50-70 percent of all agricultural tasks and yet the majority remain food insecure. The aim of his paper is to build on existing mixed evidence that indicates that empowering women in agriculture is conducive to improving food security. The WEAI is used to provide evidence on the relationship between women’s empowerment in agriculture and household food security. A multinomial logistic regression is applied to the Women Empowerment in Agriculture Index (WEAI) components and the Household Hunger Scale. The overall results show that the WEAI can be used to determine household food insecurity; however it has to be contextually adapted. Assets ownership, credit, group membership and leisure time are positively associated with food security. Contrary to other literature, empowerment in having control and decisions on income indicate negative association with household food security. These results could potentially better inform public, private and civil society stakeholders’ dialogues in creating the most effective and sustainable interventions to help women attain long-term food security.

Keywords: food security, gender, empowerment, agriculture index, framework for African food security, household hunger scale

Procedia PDF Downloads 334

Authors: Halima Zaman

Abstract:

This paper identifies real-life challenges faced by non-English-speaking learners. The author focuses on challenges both inside and outside the classroom. A qualitative approach has been applied to conduct the study with two different groups of ESOL (English to Speakers of Other Languages) learners. The author pays attention to the reasons behind the difficulties in controlling the learners’ focus within the classroom. Learners’ lifestyles, motivations, and previous educational backgrounds have been considered while determining the challenges they face within the classroom. Some existing challenges of teaching English to adults have been discussed in this paper; however, the primary focus is to observe those two groups of learners to identify their challenges. In this paper, the author has applied the academic knowledge of her Master of Arts in English Language teaching program to support and strengthen the observation of this case study. The paper ends with a number of recommendations that can be beneficial for newcomers to ESOL teaching and a scope of further exploratory research.

Keywords: ESOL, challenges, classroom, motivation, adult learners, teaching

Procedia PDF Downloads 48

Authors: Se-Han Lee, Kwang-Woo Go, Gwang-Hyun Ahn, Hee-Sung Park, Cheol-Kyu Han, Jun-Bo Shim, Geun-Chul Kang, Hyun-Jung Lee

Abstract:

In recent years, with the advent of smart cars and the expansion of the market, the announcement of 'Adventures in Automotive Networks and Control Units' at the DEFCON21 conference in 2013 revealed that cars are not safe from hacking. As a result, the HEAVENS model considering not only the functional safety of the vehicle but also the security has been suggested. However, the HEAVENS model only presents a simple process, and there are no detailed procedures and activities for each process, making it difficult to apply it to the actual vehicle security vulnerability check. In this paper, we propose an automated attack database that systematically summarizes attack vectors, attack types, and vulnerable vehicle models to prepare for various car hacking attacks, and data flow diagrams that can detect various vulnerabilities and suggest a way to materialize the HEAVENS model.

Keywords: automotive security, HEAVENS, car hacking, security model, information security

Procedia PDF Downloads 319

Authors: Saleh Alumaran, Giampaolo Bella, Feng Chen

Abstract:

The study of organisations’ information security cultures has attracted scholars as well as healthcare services industry to research the topic and find appropriate tools and approaches to develop a positive culture. The vast majority of studies in Saudi national health services are on the use of technology to protect and secure health services information. On the other hand, there is a lack of research on the role and impact of an organisation’s cultural dimensions on information security. This research investigated and analysed the role and impact of cultural dimensions on information security in Saudi Arabia health service. Hypotheses were tested and two surveys were carried out in order to collect data and information from three major hospitals in Saudi Arabia (SA). The first survey identified the main cultural-dimension problems in SA health services and developed an initial information security culture framework model. The second survey evaluated and tested the developed framework model to test its usefulness, reliability and applicability. The model is based on human behaviour theory, where the individual’s attitude is the key element of the individual’s intention to behave as well as of his or her actual behaviour. The research identified six cultural dimensions: Saudi national culture, Saudi health service leadership, employees’ trust, technology, multicultural interactions and employees’ job roles. The research also identified a set of cultural sub-dimensions. These include working values and norms, tribe values and norms, attitudes towards women, power sharing, vision, social interaction, respect and understanding, hospital intra-net, hospital employees’ language(s) used, multi-national culture, communication system, employees’ job satisfaction and job security. The research identified that (a) the human behaviour towards medical information in SA is one of the main threats to information security and one of the main challenges to SA health authority, (b) The current situation of SA hospitals’ IS cultures is falling short in protecting medical information due to the current value and norms towards information security, (c) Saudi national culture and employees’ job role are the main dimensions playing major roles in the employees’ attitude, and technology is the least important dimension playing a role in the employees’ attitudes.

Keywords: cultural dimension, electronic health record, information security, privacy

Procedia PDF Downloads 324

Authors: Hebberly Ahatlan

Abstract:

The process of digitizing energy systems involves transforming traditional energy infrastructure into interconnected, data-driven systems that enhance efficiency, sustainability, and responsiveness. As smart grids become increasingly integral to the efficient distribution and management of electricity from both fossil and renewable energy sources, the energy industry faces strategic challenges associated with digitalization and interoperability — particularly in the context of modern energy business models, such as virtual power plants (VPPs). The critical challenge in modern smart grids is to seamlessly integrate diverse technologies and systems, including virtualization, grid computing and service-oriented architecture (SOA), across the entire energy ecosystem. Achieving this requires addressing issues like semantic interoperability, IT/OT convergence, and digital asset scalability, all while ensuring security and risk management. This paper proposes a four-layer digitalization framework to tackle these challenges, encompassing persistent data protection, trusted key management, secure messaging, and authentication of IoT resources. Data assets generated through this framework enable AI systems to derive insights for improving smart grid operations, security, and revenue generation. Furthermore, this paper also proposes a Trusted Energy Interoperability Alliance as a universal guiding standard in the development of this digitalization framework to support more dynamic and interoperable energy markets.

Keywords: digitalization, IT/OT convergence, semantic interoperability, VPP, energy blockchain

Procedia PDF Downloads 130

Authors: Arellano Karina, Diego Avila-Pesántez, Leticia Vaca-Cárdenas, Alberto Arellano, Carmen Mantilla

Abstract:

Nowadays, security threats in Voice over IP (VoIP) systems are an essential and latent concern for people in charge of security in a corporate network, because, every day, new Denial-of-Service (DoS) attacks are developed. These affect the business continuity of an organization, regarding confidentiality, availability, and integrity of services, causing frequent losses of both information and money. The purpose of this study is to establish the necessary measures to mitigate DoS threats, which affect the availability of VoIP systems, based on the Session Initiation Protocol (SIP). A Security Model called MS-DoS-SIP is proposed, which is based on two approaches. The first one analyzes the recommendations of international security standards. The second approach takes into account weaknesses and threats. The implementation of this model in a VoIP simulated system allowed to minimize the present vulnerabilities in 92% and increase the availability time of the VoIP service into an organization.

Keywords: Denial-of-Service SIP attacks, MS-DoS-SIP, security model, VoIP-SIP vulnerabilities

Procedia PDF Downloads 167

Authors: Ramon Santana

Abstract:

The use of biometric identifiers in the field of information security, access control to resources, authentication in ATMs and banking among others, are of great concern because of the safety of biometric data. In the general architecture of a biometric system have been detected eight vulnerabilities, six of them allow obtaining minutiae template in plain text. The main consequence of obtaining minutia templates is the loss of biometric identifier for life. To mitigate these vulnerabilities several models to protect minutiae templates have been proposed. Several vulnerabilities in the cryptographic security of these models allow to obtain biometric data in plain text. In order to increase the cryptographic security and ease of reversibility, a minutiae templates protection model is proposed. The model aims to make the cryptographic protection and facilitate the reversibility of data using two levels of security. The first level of security is the data transformation level. In this level generates invariant data to rotation and translation, further transformation is irreversible. The second level of security is the evaluation level, where the encryption key is generated and data is evaluated using a defined evaluation function. The model is aimed at mitigating known vulnerabilities of the proposed models, basing its security on the impossibility of the polynomial reconstruction.

Keywords: fingerprint, template protection, bio-cryptography, minutiae protection

Procedia PDF Downloads 137

Authors: Themistoklis Tzimas

Abstract:

The proposed paper focuses on a triangular relationship, between human security, human development and responsibility to rebuild. This relationship constitutes the innovative contribution to the debate about human security. Human security constitutes a generic and legally binding notion, which orientates from an integrated approach the UN Charter principles and of the collective security system. Such an approach brings at the forefront of international law and of international relations not only states but non- state actors as well. Several doctrines attempt to implement the fore-mentioned approach among which the Responsibility to Protect- hereinafter R2P- doctrine and its aspect of Responsibility to Rebuild- hereinafter R2R. In this sense, R2P in general and R2R are supposed to be guided by human security imperatives. Human security because of its human- centered approach encompasses as an integral part of it, human development. Human development constitutes part of the backbone of human security, since it deals with the social and economic root- causes of the threats, which human security attempts to confront. In this sense, doctrines which orientate from human security, such as R2P and its R2R aspect should also take into account human development imperatives, in order to improve their efficiency. On the contrary though, R2R is more often linked with market- orientated policies, which are often imposed under transitional authorities, regardless of local needs. The implementation of such policies can be identified as a cause for striking failures in the framework of R2R. In addition it is a misinterpretation of the essence of human security and subsequently of R2P as well. The findings of the article, on the basis of the fore-mentioned argument is that a change must take place from a market- orientated misinterpretation of R2R to an approach attempting to implement human development doctrines, since the latter lie at the heart of human security and can be proven more effective in dealing with the root- causes of conflicts. Methodologically, the article begins with an examination of human security and of its binding nature on the basis of its orientation from the UN Charter. It also examines its significance in the framework of the collective security system. Then, follows the analysis of why and how human development constitutes an integral part of human security. At the next part it is proven that R2P in general and R2R more specifically constitute or should constitute an attempt to implement human security doctrines within the collective security system. Having built this triangular relationship it is argued that human development is proven to be the most suitable notion, so that the spirit of human security and the scopes of R2P are successfully implemented.

Keywords: human security, un charter, responsibility to protect, responsibility to rebuild, human development

Procedia PDF Downloads 250

Authors: Ekin D. Horzum

Abstract:

The aim of the proposal is to examine the relationship between human trafficking related corruption and human security. The proposal suggests that the human trafficking related corruption is about willingness of the states to turn a blind eye to the human trafficking cases. Therefore, it is important to approach human trafficking related corruption in terms of human security and human rights violation to find an effective way to fight against human trafficking. In this context, the purpose of this proposal is to examine the human trafficking related corruption as a safe haven in which trafficking thrives for perpetrators.

Keywords: human trafficking, human security, human rights, corruption, organized crime

Procedia PDF Downloads 434

Authors: Yanal Abul Failat

Abstract:

The production of oil and natural gas from shale formations is becoming a trend, and many countries with technically and economically recoverable unconventional resources are endeavoring to explore how shale formations may benefit the economy and achieve energy security. The trajectory of shale gas development in the UK is highly supported by the government; in the Gas Generation Strategy Paper published by the UK government on 5 December 2013, it is recognized that the shale gas production would decrease reliance on imports and thus enhance the UK’s energy security. Moreover, the UK Institute of Directors report on UK Shale Gas Potential explains that in the UK there is a potential of production peaking at around 1.13 trillion cubic feet (“tcf”) and a sector that could support around 70,000 jobs and secure net benefit to the Treasury in tax revenues. On this basis, there has been a growing interest in the benefits of exploring the UK’s shale gas but a combination of technical challenges faced in shale gas operations, a stern opposition by environmentalists and concerns on the adequacy of the legal framework have slowed the progress of the emerging UK shale industry.

Keywords: shale gas, UK, legal, oil and gas, energy

Procedia PDF Downloads 681

Authors: Richard Grünwald, Wenling Wang, Yan Feng

Abstract:

The presented paper explores the changing dynamics of regional water security in the Mekong River Basin and examines the contemporary water-related challenges from a critical hydropolitical perspective. By drawing on the Lancang-Mekong Cooperation and Conflict Database (LMCCD) recording more than 3000 water-related events within the basin in the last 30 years, we identified several trends changing the dynamics of the regional water security in the Mekong River Basin. Firstly, there is growing politicization of water that is no longer interpreted as abundant. While some scientists blame the rapid basin development, particularly in upstream countries, other researchers consider climate change and cumulative environmental impacts of various water projects as the main culprit for changing the water flow. Secondly, there is an increasing securitization of large-scale hydropower dams with questionable outcomes. Despite hydropower dams raise many controversies, many riparian states push the development at all cost. Such water security dilemma can be especially traced to Laos and Cambodia, which highly invest in the hydropower sector even at the expense of the local environment and good relations with neighbouring countries situated lower on the river. Thirdly, there is a lack of accountable transboundary water governance that will effectively face a looming water crisis. To date, most of the existing cooperation mechanisms are undermined by the geopolitical interests of foreign donors and increasing mistrust to scientific approaches dealing with water insecurity. Our findings are beneficial for the policy-makers and other water experts who want to grasp the broader hydropolitical context in the Mekong River Basin and better understand the new water security threats, including misinterpretation of the hydrological data and legitimization of the pro-development narratives.

Keywords: critical hydropolitics, mekong river, politicization of science, water governance, water security

Procedia PDF Downloads 174

Authors: Kun Li, Yuzheng Liu, Xiuqi Fan

Abstract:

High-security standard and high efficiency of screening seem to be contradictory to each other in the airport security check process. Improving the efficiency as far as possible while maintaining the same security standard is significantly meaningful. This paper utilizes the knowledge of Operation Research and Stochastic Process to establish mathematical models to explore this problem. We analyze the current process of airport security check and use the M/G/1 and M/G/k models in queuing theory to describe the process. Then we find the least efficient part is the pre-check lane, the bottleneck of the queuing system. To improve passenger throughput and reduce the variance of passengers’ waiting time, we adjust our models and use Monte Carlo method, then put forward three modifications: adjust the ratio of Pre-Check lane to regular lane flexibly, determine the optimal number of security check screening lines based on cost analysis and adjust the distribution of arrival and service time based on Monte Carlo simulation results. We also analyze the impact of cultural differences as the sensitivity analysis. Finally, we give the recommendations for the current process of airport security check process.

Keywords: queue theory, security check, stochatic process, Monte Carlo simulation

Procedia PDF Downloads 159

Authors: Umesh Kumar Singh, Chanchala Joshi

Abstract:

With increasing dependency on IT infrastructure, the main objective of a system administrator is to maintain a stable and secure network, with ensuring that the network is robust enough against malicious network users like attackers and intruders. Security risk management provides a way to manage the growing threats to infrastructures or system. This paper proposes a framework for risk level estimation which uses vulnerability database National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) and the Common Vulnerability Scoring System (CVSS). The proposed framework measures the frequency of vulnerability exploitation; converges this measured frequency with standard CVSS score and estimates the security risk level which helps in automated and reasonable security management. In this paper equation for the Temporal score calculation with respect to availability of remediation plan is derived and further, frequency of exploitation is calculated with determined temporal score. The frequency of exploitation along with CVSS score is used to calculate the security risk level of the system. The proposed framework uses the CVSS vectors for risk level estimation and measures the security level of specific network environment, which assists system administrator for assessment of security risks and making decision related to mitigation of security risks.

Keywords: CVSS score, risk level, security measurement, vulnerability category

Procedia PDF Downloads 294

Authors: Owulo Thomas

Abstract:

Despite Nigeria’s ranking as the 6th among oil producing countries, the country faces great challenges. One of such challenges is how to reduce poverty or eradicating it in the land that promises milk and honey to enhance national development. The government of Nigeria initiated various programmes including the NEEDS programme in which it committed her to meeting these challenges. This paper is an attempt to discuss the concept of National Development, the Nigerian poverty profile and its implication for national development, the NEEDS programmes and the extent to which it has addressed the poverty problem in Nigeria at 53.

Keywords: challenges, poverty, national development, NEEDS programme

Procedia PDF Downloads 347

Authors: Maryam M Esfahani

Abstract:

The Internet of Things is a concept that has fundamentally changed the way information technology works and communication environments. This concept, which is referred to as the next revolution in the field of information and communication technology, takes advantage of existing technologies such as wireless sensor networks, RFID, cloud computing, M2M, etc., to the final slogan of providing the possibility of connecting any object anywhere and everywhere. This use of technologies, along with the possibility of providing new services, also inherits their threats, and although the Internet of Things is facing many challenges, it can be said that its most important challenge is security and privacy, and perhaps even a more tangible challenge is privacy. In this article, we will first introduce the definition and concepts related to privacy, and then we will examine some threats against the privacy of the Internet of Things in different layers of a typical architecture. Also, while examining the differences and the relationship between security and privacy, we study different dimensions of privacy, and finally, we review some of the methods and technologies for improving the level of privacy.

Keywords: Iot, privacy, different dimension of privacy, W3model, privacy enhancing technologies

Procedia PDF Downloads 53

Authors: Kenny Onayemi

Abstract:

In an era where academic institutions increasingly rely on information technology, the security of academic networks has emerged as a paramount concern. This comprehensive study delves into the effectiveness of security practices, including network mapping, vulnerability scanning, and penetration testing, within academic networks. Leveraging data from surveys administered to faculty, staff, IT professionals and IT students in the university, the study assesses their familiarity with these practices, perceived effectiveness, and frequency of implementation. The findings reveal that a significant portion of respondents exhibit a strong understanding of network mapping, vulnerability scanning, and penetration testing, highlighting the presence of knowledgeable professionals within academic institutions. Additionally, active scanning using network scanning tools and automated vulnerability scanning tools emerge as highly effective methods. However, concerns arise as the respondents show that the academic institutions conduct these practices rarely or never. Notably, many respondents have reported significant vulnerabilities or security incidents through these security measures within their institution. This study concludes with recommendations to enhance network security awareness and practices among faculty, staff, IT personnel, and students, ultimately fortifying the security posture of academic networks in the digital age.

Keywords: network security, academic networks, vulnerability scanning, penetration testing, information security

Procedia PDF Downloads 17

Authors: Amjad Nusayr

Abstract:

Software security is a general term used to any type of software architecture or model in which security aspects are incorporated in this architecture. These aspects are not part of the main logic of the underlying program. Software security can be achieved using a combination of approaches, including but not limited to secure software designs, third part component validation, and secure coding practices. Memory safety is one feature in software security where we ensure that any object in memory has a valid pointer or a reference with a valid type. Aspect-Oriented Programming (AOP) is a paradigm that is concerned with capturing the cross-cutting concerns in code development. AOP is generally used for common cross-cutting concerns like logging and DB transaction managing. In this paper, we introduce the concepts that enable AOP to be used for the purpose of memory and type safety. We also present ideas for extending AOP in software security practices.

Keywords: aspect oriented programming, programming languages, software security, memory and type safety

Procedia PDF Downloads 96

Authors: Lindelwa Mngomezulu, Tonderai Muchenje

Abstract:

Over the decades, E-mails provide easy, fast and timely communication enabling businesses and state owned agencies to communicate with their stakeholders and with their own employees in real-time. Moreover, since the launch of Microsoft office 365 and many other clouds based E-mail services, many businesses have been migrating from the on premises E-mail services to the cloud and more precisely since the beginning of the Covid-19 pandemic, there has been a significant increase of E-mails utilization, which then leads to the increase of cyber-attacks. In that regard, E-mail security has become very important in the E-mail transportation to ensure that the E-mail gets to the recipient without the data integrity being compromised. The classification of the features to enhance E-mail security for further from the enhanced cyber-attacks as we are aware that since the technology is advancing so at the cyber-attacks. Therefore, in order to maximize the data integrity we need to also maximize security of the E-mails such as enhanced E-mail authentication. The successful enhancement of E-mail security in the future may lessen the frequency of information thefts via E-mails, resulting in the data of South African State-owned agencies not being compromised.

Keywords: e-mail security, cyber-attacks, data integrity, authentication

Procedia PDF Downloads 98

Authors: Mayada Al Meghari

Abstract:

Recently, grid middlewares have provided large integrated use of network resources as the shared data and the CPU to become a virtual supercomputer. In this work, we present the design and implementation of the middleware for Data Warehouse Signature, DWS Framework. The aim of using the middleware in our DWS framework is to achieve the high performance by the parallel computing. This middleware is developed on Alchemi.Net framework to increase the security among the network nodes through the authentication and group-key distribution model. This model achieves the key security and prevents any intermediate attacks in the middleware. This paper presents the flow process structures of the middleware design. In addition, the paper ensures the implementation of security for DWS middleware enhancement with the authentication and group-key distribution model. Finally, from the analysis of other middleware approaches, the developed middleware of DWS framework is the optimal solution of a complete covering of security issues.

Keywords: middleware, parallel computing, data warehouse, security, group-key, high performance

Procedia PDF Downloads 85

Authors: Ruwen Pei

Abstract:

In the rapidly evolving landscape of the digital economy, platform employment has emerged as a transformative labor force, fundamentally altering the traditional paradigms of the employer-employee relationship. This paper provides a comprehensive analysis of the unique dynamics and intricate legal challenges associated with platform work, where workers often navigate precarious labor conditions without the robust safety nets typically afforded in traditional industries. It underscores the limitations of current labor regulations, particularly in addressing pressing concerns such as income volatility and disparate benefits. By drawing insights from diverse global case studies, this study emphasizes the compelling need for platform companies to shoulder their social welfare responsibilities, ensuring fair treatment and security for their workers. Moreover, it critically examines the profound influence of socio-cultural factors and educational awareness on the platform economy, shedding light on the complexities of this emerging labor landscape. Advocating for a harmonious equilibrium between flexibility and security, this paper calls for substantial legal reforms and innovative policy initiatives that can adapt to the evolving nature of work in the digital age. Finally, it anticipates forthcoming trends in the digital economy and platform labor relations, underscoring the significance of proactive adaptation to foster equitable and inclusive employment practices.

Keywords: platform employment, labor protections, social welfare, legal reforms, digital economy

Procedia PDF Downloads 18

Authors: Shehu S. Janguza

Abstract:

The need for national security cannot be over Emphasis, which should be pursued by any means. Thus the need for effective management of education through effective school community Relationship/participation. In preparing and implementing only effort to promote community involvement in manning Education, it is importance to understand the whole picture of community participation, how it works, what forms are used, what benefit it can yield and what we should expect in the process of carrying out the efforts finally emphasis will be made on how effective school community relationship/participation and lead to national security.

Keywords: community participation, managing, school community, national security

Procedia PDF Downloads 568

Authors: Rose Mwanza

Abstract:

This paper investigates security factors influencing primary school pupils’ school participation in Kenya. Schools, communities and the Government all have roles to play in enhancing primary school pupil’s school participation. The effective security system of a country provides the necessary avenues to facilitate improved health services protection of children and allows free movement of the country’s citizens which leads to a conducive atmosphere for school participation. Kenya is a signatory to international commitments and conventions related to security such as the National Policy on Peace Building and Conflict Management, United Nations Development Assistance Framework and Key Security Unity, which enable primary school pupils to participate in education. The paper also looks at the strategies the Government of Kenya has put in place to ensure effective pupil school participation.

Keywords: ethnicity, social media, participation in school, poverty, terrorism

Procedia PDF Downloads 28

Authors: Masese Chuma Benard, Martin Onsiro Ronald

Abstract:

Businesses have been using cloud computing more frequently recently because they wish to take advantage of its advantages. However, employing cloud computing also introduces new security concerns, particularly with regard to data security, potential risks and weaknesses that could be exploited by attackers, and various tactics and strategies that could be used to lessen these risks. This study examines data security issues on cloud computing amongst sme’s in Nairobi county, Kenya. The study used the sample size of 48, the research approach was mixed methods, The findings show that data owner has no control over the cloud merchant's data management procedures, there is no way to ensure that data is handled legally. This implies that you will lose control over the data stored in the cloud. Data and information stored in the cloud may face a range of availability issues due to internet outages; this can represent a significant risk to data kept in shared clouds. Integrity, availability, and secrecy are all mentioned.

Keywords: data security, cloud computing, information, information security, small and medium-sized firms (SMEs)

Procedia PDF Downloads 52

Authors: T. Arudchelvam, W. W. E. N. Fernando

Abstract:

Mobile phone has become as an essential thing in our life. Therefore, security is the most important thing to be considered in mobile communication. Short message service is the cheapest way of communication via the mobile phones. Therefore, security is very important in the short message service as well. This paper presents a method to maintain the security at user level. Different types of encryption methods are used to implement the user level security in mobile phones. Caesar cipher, Rail Fence, Vigenere cipher and RSA are used as encryption methods in this work. Caesar cipher and the Rail Fence methods are enhanced and implemented. The beauty in this work is that the user can select the encryption method and the key. Therefore, by changing the encryption method and the key time to time, the user can ensure the security of messages. By this work, while users can safely send/receive messages, they can save their information from unauthorised and unwanted people in their own mobile phone as well.

Keywords: SMS, user level security, encryption, decryption, short message service, mobile communication

Procedia PDF Downloads 366

Authors: Hailyie Tekleselase

Abstract:

Deep learning is increasingly used as a building block of security systems. However, neural networks are hard to interpret and typically solid to the practitioner. This paper presents a detail survey of computing methods in cyber security, and analyzes the prospects of enhancing the cyber security capabilities by suggests that of accelerating the intelligence of the security systems. There are many AI-based applications used in industrial scenarios such as Internet of Things (IoT), smart grids, and edge computing. Machine learning technologies require a training process which introduces the protection problems in the training data and algorithms. We present machine learning techniques currently applied to the detection of intrusion, malware, and spam. Our conclusions are based on an extensive review of the literature as well as on experiments performed on real enterprise systems and network traffic. We conclude that problems can be solved successfully only when methods of artificial intelligence are being used besides human experts or operators.

Keywords: artificial intelligence, machine learning, deep learning, cyber security, big data

Procedia PDF Downloads 96

Authors: Karl Mabiala Dondia, Jing Ma

Abstract:

In recent years, networks based on the 802.11 standards have gained a prolific deployment. The reason for this massive acceptance of the technology by both home users and corporations is assuredly due to the "plug-and-play" nature of the technology and the mobility. The lack of physical containment due to inherent nature of the wireless medium makes maintenance very challenging from a security standpoint. This study examines via continuous monitoring various predictable threats that 802.11 networks can face, how they are executed, where each attack may be executed and how to effectively defend against them. The key goal is to identify the key components of an effective wireless security policy.

Keywords: wireless LAN, IEEE 802.11 standards, continuous monitoring, security policy

Procedia PDF Downloads 345

Authors: Mustafa Kamoona, Mohamed El-Sharkawy

Abstract:

Although the latest Wireless Local Area Network technology Wi-Fi 802.11i standard addresses many of the security weaknesses of the antecedent Wired Equivalent Privacy (WEP) protocol, there are still scenarios where the network security are still vulnerable. The first security model that 802.11i offers is the Personal model which is very cheap and simple to install and maintain, yet it uses a Pre Shared Key (PSK) and thus has a low to medium security level. The second model that 802.11i provide is the Enterprise model which is highly secured but much more expensive and difficult to install/maintain and requires the installation and maintenance of an authentication server that will handle the authentication and key management for the wireless network. A central issue with the personal model is that the PSK needs to be shared with all the devices that are connected to the specific Wi-Fi network. This pre-shared key, unless changed regularly, can be cracked using offline dictionary attacks within a matter of hours. The key is burdensome to change in all the connected devices manually unless there is some kind of algorithm that coordinate this PSK update. The key idea of this paper is to propose a new algorithm that proactively and effectively coordinates the pre-shared key generation, management, and distribution in the cheap WPA/WPA2 personal security model using only a DD-WRT router.

Keywords: Wi-Fi, WPS, TLS, DD-WRT

Procedia PDF Downloads 204

Authors: Babalola Sunday Oyetayo, Igbinomwanhia Uyi Osamwonyi, Idowu T. O., Herbert Tata

Abstract:

This paper explores the potential benefits of adopting blockchain technology in Nigeria's land administration systems while also addressing the challenges and implications of its implementation in the country's unique context. Through a comprehensive literature review and analysis of existing research, the paper delves into the key attributes of blockchain that can revolutionize land administration practices, with a particular focus on simplifying land registration procedures, expediting land title issuance, and enhancing data transparency and security. The decentralized and immutable nature of blockchain offers unique advantages, instilling trust and confidence in land transactions, which are especially crucial in Nigeria's land governance landscape. However, integrating blockchain in Nigeria's land administration ecosystem presents specific challenges, necessitating a critical evaluation of technical, socio-economic, and infrastructural barriers. These challenges encompass data privacy concerns, scalability, interoperability with outdated systems, and gaining acceptance from various stakeholders. By synthesizing these insights, the paper proposes strategies tailored to Nigeria's context to optimize the benefits of blockchain adoption while addressing the identified challenges. The research findings contribute significantly to the ongoing discourse on blockchain technology in Nigeria's land governance, offering evidence-based recommendations to policymakers, land administrators, and stakeholders. Ultimately, the paper aims to promote the effective utilization of blockchain, fostering efficiency, transparency, and trust in Nigeria's land administration systems to drive sustainable development and societal progress.

Keywords: block-chain, technology, stakeholders, land registration

Procedia PDF Downloads 33

Authors: Mustapha Aminu Bagiwa, Ainuddin Wahid Abdul Wahab, Mohd Yamani Idna Idris, Suleman Khan

Abstract:

Video source device identification has become a problem of concern in numerous domains especially in multimedia security and digital investigation. This is because videos are now used as evidence in legal proceedings. Source device identification aim at identifying the source of digital devices using the content they produced. However, due to affordable processing tools and the influx in digital content generating devices, source device identification is still a major problem within the digital forensic community. In this paper, we discuss source device identification for digital videos by identifying techniques that were proposed in the literature for model or specific device identification. This is aimed at identifying salient open challenges for future research.

Keywords: video forgery, source camcorder, device identification, forgery detection

Procedia PDF Downloads 595