Search results for: security protection

Authors: Sindhu Govardhan, Kenneth G. Crowther

Abstract:

Modernisation of the water sector is leading to increased connectivity and integration of emerging technologies with traditional ones, leading to new security risks. The convergence of Information Technology (IT) with Operation Technology (OT) results in solutions that are spread across larger geographic areas, increasingly consist of interconnected Industrial Internet of Things (IIOT) devices and software, rely on the integration of legacy with modern technologies, use of complex supply chain components leading to complex architectures and communication paths. The result is that multiple parties collectively own and operate these emergent technologies, threat actors find new paths to exploit, and traditional cybersecurity controls are inadequate. Our approach is to explicitly identify and draw data flows that cross trust boundaries between owners and operators of various aspects of these emerging and interconnected technologies. On these data flows, we layer potential attack vectors to create a frame of reference for evaluating possible risks against connected technologies. Finally, we identify where existing controls, mitigations, and other remediations exist across industry partners (e.g., suppliers, product vendors, integrators, water utilities, and regulators). From these, we are able to understand potential gaps in security, the roles in the supply chain that are most likely to effectively remediate those security gaps, and test cases to evaluate and strengthen security across these partners. This informs a “shared responsibility” solution that recognises that security is multi-layered and requires collaboration to be successful. This shared responsibility security framework improves visibility, understanding, and control across the entire supply chain, and particularly for those water utilities that are accountable for safe and continuous operations.

Keywords: Cyber security, shared responsibility, IIOT, threat modelling.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 150

Authors: M. Marsadek, A. Mohamed

Abstract:

Power system security analysis is the most time demanding process due to large number of possible contingencies that need to be analyzed.  In a power system, any contingency resulting in security violation such as line overload or low voltage may occur for a number of reasons at any time.  To efficiently rank a contingency, both probability and the extent of security violation must be considered so as not to underestimate the risk associated with the contingency. This paper proposed a contingency ranking method that take into account the probabilistic nature of power system and the severity of contingency by using a newly developed method based on risk factor.  The proposed technique is implemented on IEEE 24-bus system.

Keywords: Line overload, low voltage, probability, risk factor, severity.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1221

Authors: Supachai Tangwongsan, Labhidhorn Pangphuthipong

Abstract:

This research work proposes a model of network security systems aiming to prevent production system in a data center from being attacked by intrusions. Conceptually, we introduce a decoy system as a part of the security system for luring intrusions, and apply network intrusion detection (NIDS), coupled with the decoy system to perform intrusion prevention. When NIDS detects an activity of intrusions, it will signal a redirection module to redirect all malicious traffics to attack the decoy system instead, and hence the production system is protected and safe. However, in a normal situation, traffic will be simply forwarded to the production system as usual. Furthermore, we assess the performance of the model with various bandwidths, packet sizes and inter-attack intervals (attacking frequencies).

Keywords: Intrusion detection, Decoy, Snort, Intrusion prevention.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1741

Authors: A. Arul Lawrence Selvakumar, C. Suresh Ganandhas

Abstract:

This paper describes the study of cryptographic hash functions, one of the most important classes of primitives used in recent techniques in cryptography. The main aim is the development of recent crypt analysis hash function. We present different approaches to defining security properties more formally and present basic attack on hash function. We recall Merkle-Damgard security properties of iterated hash function. The Main aim of this paper is the development of recent techniques applicable to crypt Analysis hash function, mainly from SHA family. Recent proposed attacks an MD5 & SHA motivate a new hash function design. It is designed not only to have higher security but also to be faster than SHA-256. The performance of the new hash function is at least 30% better than that of SHA-256 in software. And it is secure against any known cryptographic attacks on hash functions.

Keywords: Crypt Analysis, cryptographic.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1330

Authors: Nebu Tom John, N. Dhinakaran

Abstract:

Multiparty voice over IP (MVoIP) systems allows a group of people to freely communicate each other via the internet, which have many applications such as online gaming, teleconferencing, online stock trading etc. Peertalk is a peer to peer multiparty voice over IP system (MVoIP) which is more feasible than existing approaches such as p2p overlay multicast and coupled distributed processing. Since the stream mixing and distribution are done by the peers, it is vulnerable to major security threats like nodes misbehavior, eavesdropping, Sybil attacks, Denial of Service (DoS), call tampering, Man in the Middle attacks etc. To thwart the security threats, a security framework called PEERTS (PEEred Reputed Trustworthy System for peertalk) is implemented so that efficient and secure communication can be carried out between peers.

Keywords: Key management system, peer-to-peer voice streaming, reputed trust management system, voice-over-IP.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1873

Authors: Say Wei Foo, Qi Dong

Abstract:

Digital watermarking has become an important technique for copyright protection but its robustness against attacks remains a major problem. In this paper, we propose a normalizationbased robust image watermarking scheme. In the proposed scheme, original host image is first normalized to a standard form. Zernike transform is then applied to the normalized image to calculate Zernike moments. Dither modulation is adopted to quantize the magnitudes of Zernike moments according to the watermark bit stream. The watermark extracting method is a blind method. Security analysis and false alarm analysis are then performed. The quality degradation of watermarked image caused by the embedded watermark is visually transparent. Experimental results show that the proposed scheme has very high robustness against various image processing operations and geometric attacks.

Keywords: Image watermarking, Image normalization, Zernike moments, Robustness.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1749

Authors: Min Li, Tao Li

Abstract:

This paper constructs a four factors theoretical model of Chinese small and medium enterprises based on the “cartoon characters- reputation - enterprise marketing and management capabilities – protection of the cartoon image - institutional environment" by literature research, case studies and investigation. The empirical study show that the greatest impact on current merchandising rights income is the institutional environment friendliness, followed by marketing and management capabilities, input of character image protection and Cartoon characters- reputation through the real-time grey relational analysis, and the greatest impact on post-merchandising rights profit is Cartoon characters reputation, followed by the institutional environment friendliness, then marketing and management ability and input of character image protection through the time-delay grey relational analysis.

Keywords: Cartoon characters, merchandising rights, influencefactors, grey relational analysis

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1588

Authors: A. Radwan, A. Elbatran, A. Mehanna, M. Shehadeh

Abstract:

The corrosion is natural chemical phenomenon that is applied in many engineering structures. Hence, it is one of the important topics to study in the engineering research. Ship and offshore structures are most exposed to corrosion due to the presence of corrosive medium of air and the seawater. Consequently, investigation of the corrosion behavior and properties over ship and offshore hulls is one of the important topics to study in the marine engineering research. Using sacrificial anode is the most popular solution for protecting marine structures from corrosion. Hence, this research investigates the extent of corrosion between the composite ship model and relative velocity of water, along with the sacrificial aluminum anode consumption and its degree of protection in seawater. In this study, the consumption rate of sacrificial aluminum anode with respect to relative velocity at different Reynold’s numbers was studied experimentally, and it was found that, the degree of cathodic protection represented by the cathode potential at a given distance from the aluminum anode was decreased slightly with increment of the relative velocity.

Keywords: Corrosion, Reynold’s numbers, sacrificial anode, velocity.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1990

Authors: Mir Shahriar Emami

Abstract:

Although it is fully impossible to ensure that a software system is quite secure, developing an acceptable secure software system in a convenient platform is not unreachable. In this paper, we attempt to analyze software development life cycle (SDLC) models from the hardware systems and circuits point of view. To date, the SDLC models pay merely attention to the software security from the software perspectives. In this paper, we present new features for SDLC stages to emphasize the role of systems and circuits in developing secure software system through the software development stages, the point that has not been considered previously in the SDLC models.

Keywords: Systems and circuits security, software security, software process engineering, SDLC, SSDLC.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1727

Authors: Andre Slonopas, Warren Thompson, Zona Kostic

Abstract:

Obfuscation is one of the most useful tools to prevent network compromise. Previous research focused on the obfuscation of the network communications between external-facing edge devices. This work proposes the use of two edge devices, external and internal facing, which communicates via private IPv4 addresses in a software-defined pseudo-random IP hopping. This methodology does not require additional IP addresses and/or resources to implement. Statistical analyses demonstrate that the hopping surface must be at least 1e3 IP addresses in size with a broad standard deviation to minimize the possibility of coincidence of monitored and communication IPs. The probability of breaking the hopping algorithm requires a collection of at least 1e6 samples, which for large hopping surfaces will take years to collect. The probability of dropped packets is controlled via memory buffers and the frequency of hops and can be reduced to levels acceptable for video streaming. This methodology provides an impenetrable layer of security ideal for information and supervisory control and data acquisition systems.

Keywords: Moving Target Defense, cybersecurity, network security, hopping randomization, software defined network, network security theory.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 603

Authors: Aleksandra Chiniaeva

Abstract:

The following paper describes the activity of national and international parliamentary assemblies of the European region in protection and promotion of human rights. It may be said that parliamentarians have a “double mandate” — as members of the international assembly and of their respective national parliaments. In other words, parliamentarization at both international and national level provides a situation for parliamentarians, where they link people, national governments and international organizations. The paper is aimed towards demonstrating that the activity of the main international parliamentary assemblies of the European region have a real positive impact on the human rights situation in the European region. In addition, the paper describes the assemblies that include protection of human rights in their Agenda as one of the main subjects: the EP, the PACE, the OSCE PA and the IPA CIS. Co-operation activities such as joint election observation; participation in inter-parliamentary associations, such as the IPU; conclusion agreements allow assemblies to provide observation of human right situation in the states that are not members of the particular organization and as consequence make their impact broader.

Keywords: Human rights, International parliamentary assembly, IPU, EP, PACE, OSCE, IPA CIS, international election observation.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1678

Authors: Jiří Barta

Abstract:

The paper deals with results of a project “Interoperability Workplaces to Support Teaching of Security Management in a Computer Network". This project is focused on the perspectives and possibilities of "new approaches" to education, training and crisis communication of rescue teams in the Czech Republic. It means that common technologies considering new perspectives are used to educate selected members of crisis management. The main part concentrates on possibilities of application of new technology and computer-aided tools to education and training of Integrated Rescue System teams.This project uses the COST principle for the creation of specialized centers and for all communication between these workplaces.

Keywords: Communication of Crisis Management, Information System, Interoperability, specializedcenter, Security Oriented Information System.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1514

Authors: Sokjoon Lee, Howon Kim, Kyoil Chung

Abstract:

RFID system, in which we give identification number to each item and detect it with radio frequency, supports more variable service than barcode system can do. For example, a refrigerator with RFID reader and internet connection will automatically notify expiration of food validity to us. But, in spite of its convenience, RFID system has some security threats, because anybody can get ID information of item easily. One of most critical threats is privacy invasion. Existing privacy protection schemes or systems have been proposed, and these schemes or systems defend normal users from attempts that any attacker tries to get information using RFID tag value. But, these systems still have weakness that attacker can get information using analogous value instead of original tag value. In this paper, we mention this type of attack more precisely and suggest 'Tag Broker Model', which can defend it. Tag broker in this model translates original tag value to random value, and user can only get random value. Attacker can not use analogous tag value, because he/she is not able to know original one from it.

Keywords: Broker, EPC, Privacy, RFID.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1652

Authors: Yong Seo Koo, Dong Su Kim, Byung Seok Lee, Won Suk Park, Bo Bea Song

Abstract:

This paper presents a SCR-based ESD protection devices for I/O clamp and power rail clamp, respectably. These devices have a low trigger voltage and high holding voltage characteristics than conventional SCR device. These devices are fabricated by using 0.35um BCD (Bipolar-CMOS-DMOS) processes. These devices were validated using a TLP system. From the experimental results, the device for I/O ESD clamp has a trigger voltage of 5.8V. Also, the device for power rail ESD clamp has a holding voltage of 7.7V.

Keywords: ESD (Electro-Static Discharge), ESD protection device, SCR (Silicon Controlled Rectifier), Latch-up

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2769

Authors: H. Ahmed, A. Schlenkhoff

Abstract:

Recently, permeable breakwaters have been suggested to overcome the disadvantages of fully protection breakwaters. These protection structures have minor impacts on the coastal environment and neighboring beaches where they provide a more economical protection from waves and currents. For regular waves, a numerical model is used (FLOW-3D, VOF) to investigate the hydraulic performance of a permeable breakwater. The model of permeable breakwater consists of a pair of identical vertical slotted walls with an impermeable upper and lower part, where the draft is a decimal multiple of the total depth. The middle part is permeable with a porosity of 50%. The second barrier is located at distant of 0.5 and 1.5 of the water depth from the first one. The numerical model is validated by comparisons with previous laboratory data and semi-analytical results of the same model. A good agreement between the numerical results and both laboratory data and semi-analytical results has been shown and the results indicate the applicability of the numerical model to reproduce most of the important features of the interaction. Through the numerical investigation, the friction factor of the model is carefully discussed.

Keywords: Coastal structures, permeable breakwater, slotted wall, numerical model, energy dissipation coefficient.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2242

Authors: Pil Seong Park

Abstract:

Homemade HPC clusters are widely used in many small labs, because they are easy to build and cost-effective. Even though incremental growth is an advantage of clusters, it results in heterogeneous systems anyhow. Instead of adding new nodes to the cluster, we can extend clusters to include some other Internet servers working independently on the same LAN, so that we can make use of their idle times, especially during the night. However extension across a firewall raises some security problems with NFS. In this paper, we propose a method to solve such a problem using SSH tunneling, and suggest a modified structure of the cluster that implements it.

Keywords: Extension of HPC clusters, Security, NFS, SSH tunneling.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1891

Authors: F. Matusek, G. Pujolle, R. Reda

Abstract:

Shadow detection is still considered as one of the potential challenges for intelligent automated video surveillance systems. A pre requisite for reliable and accurate detection and tracking is the correct shadow detection and classification. In such a landscape of conditions, privacy issues add more and more complexity and require reliable shadow detection. In this work the intertwining between security, accuracy, reliability and privacy is analyzed and, accordingly, a novel architecture for Privacy Enhancing Video Surveillance (PEVS) is introduced. Shadow detection and masking are dealt with through the combination of two different approaches simultaneously. This results in a unique privacy enhancement, without affecting security. Subsequently, the methodology was employed successfully in a large-scale wireless video surveillance system; privacy relevant information was stored and encrypted on the unit, without transferring it over an un-trusted network.

Keywords: Video Surveillance, Intelligent Video Surveillance, Physical Security, WSSU, Privacy, Shadow Detection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1336

Authors: S. B. Otieno, Were Fred, E. W. Kabiru, K. Waza

Abstract:

Background: HIV/AIDS is leading to the loss of labor through sickness and subsequent death, this is leading to the neglect of farm and off-farm activities, with the subsequent loss of potential income and food security. The situation is sensitive to seasonal labour peaks in agriculture. This study was done to determine the impact of high HIV prevalence in farming systems and food security in Pala Bondo District, Kenya. Methods: In this study, 386 respondents were randomly chosen in Pala Sub-Location. The respondents and key informants were interviewed using structured questionnaire. The data were entered and analyzed using SPSS version 16. Results: It was established that majority of respondents (67%) were between 18 and 35 years {χ² = (1, N = 386) = 13.430, p = 0.000} (chimney effect). The study also established that 83.5% of respondents were married {χ² = (1, N= 370) = 166.277 p = 0.000} and predominant occupation being farming and fishing (61%), while 52.8% of farm labour was by hand, 26% by oxen, and 4.9% mechanized. 73.2% of respondents only farm 0.25 to 2 acres, 48% mentioned lack of labour in land preparation {χ² ((1,N = 321) = 113.146, p = 0.000), in planting {χ² (1, N = 321) = 29.28, p = 0.000}. Majority of respondents lack food from January to June, during which 93% buy food. Conclusion: The high HIV prevalence in Pala has affected the farm labour leading to food insecurity.

Keywords: Food security, HIV, AIDS, labour.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1139

Authors: A. Evans, M. McKinley

Abstract:

Knowledge management (KM) is generally considered to be a positive process in an organisation, facilitating opportunities to achieve competitive advantage via better quality information handling, compilation of expert know-how and rapid response to fluctuations in the business environment. The KM paradigm as portrayed in the literature informs the processes that can increase intangible assets so that corporate knowledge is preserved. However, in some instances, knowledge management exists in a universe of dynamic tension among the conflicting needs to respect privacy and intellectual property (IP), to guard against data theft, to protect national security and to stay within the laws. While the Knowledge Management literature focuses on the bright side of the paradigm, there is also a different side in which knowledge is distorted, suppressed or misappropriated due to personal or organisational motives (the paradox). This paper describes the ethical paradoxes that occur within the taxonomy and deontology of knowledge management and suggests that recognising both the promises and pitfalls of KM requires wisdom.

Keywords: business ethics, data, knowledge, knowledgemanagement, privacy, protection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2169

Authors: M. S. Razana, Z. W. Shafiuddin

Abstract:

Internal auditing is one of the most important activities for organizations that implement information security management systems (ISMS). The purpose of internal audits is to ensure the ISMS implementation is in accordance to the ISO/IEC 27001 standard and the organization’s own requirements for its ISMS. Competent internal auditors are the main element that contributes to the effectiveness of internal auditing activities. To realize this need, CyberSecurity Malaysia is now in the process of becoming a certification body that certifies ISMS internal auditors. The certification scheme will assess the competence of internal auditors in generic knowledge and skills in management systems, and also in ISMS-specific knowledge and skills. The certification assessment is based on the ISO/IEC 19011 Guidelines for auditing management systems, ISO/IEC 27007 Guidelines for information security management systems auditing and ISO/IEC 27001 Information security management systems requirements. The certification scheme complies with the ISO/IEC 17024 General requirements for bodies operating certification systems of persons. Candidates who pass the exam will be certified as an ISMS Internal Auditor, whose competency will be evaluated every three years.

Keywords: ISMS internal audit, ISMS internal auditor, ISO/IEC 17024, Competence, Certification.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1816

Authors: Saleh Dabil

Abstract:

The study will search the level of existence of the sweethearting in Saudi Arabia's Supermarkets in Riyadh. Sweethearting occurs when frontline workers give unauthorized free or uncounted goods and services to customer-s conspirators. The store managers and /or security managers were asked about the sweethearting that occurs in the supermarkets. The characteristics of sweethearting in Riyadh stores were investigated. Two independent variables were related to the report of sweethearting. These independent variables are: The effect of store environment on sweethearting and the security techniques and loss prevention electronics techniques used. This study expected to shed the light about the level of sweethearting in Saudi Arabia and the factors behind it. This study will serve as an exploratory study for such phenomenon in Saudi Arabia as well as both descriptive for the characteristics of sweethearting and explanatory study to link between the environmental and security systems factors to sweethearting.

Keywords: supermarket, stealing, sweethearting, theft.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1876

Authors: Lynette Drevin, Günther R. Drevin

Abstract:

Numerous threats have been identified when using social networks. The question is whether young people are aware of these negative impacts of online and mobile technologies. Will they identify threats when needed? Will they know where to get help? Students and school children were part of a survey where their behavior and use of Facebook and an instant messaging application - MXit were studied. This paper presents some of the results. It can be concluded that awareness on security and privacy issues should be raised. The benefit of doing such a survey is that it may help to direct educational efforts from a young age. In this way children – with their parents – can strive towards more secure behavior. Educators can focus their lessons towards the areas that need attention resulting in safer cyber interaction and ultimately more responsible online use.

Keywords: Facebook, Instant messaging, MXit, Privacy, Social networks Information Security awareness education, Trust.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2705

Authors: Vinay Gautam, Vivek Gautam

Abstract:

With increase in the unauthorized users access, it is required to increase the security in the Near Field Communication (NFC). In the paper we propose a user behavior based enhanced protocol entitled ‘User Behavior based Enhanced Protocol (UBEP)’ to increase the security in NFC enabled devices. The UBEP works on the history of interaction of a user with system.The propose protocol considers four different factors (touch, time and distance & angle) of user behavior to know the authenticity or authorization of the users. These factors can be same for a user during interaction with the system. The UBEP uses two phase user verification system to authenticate a user. Firstly the acquisition phase is used to acquire and store the user interaction with NFC device and the same information is used in future to detect the authenticity of the user. The second phase (recognition) uses analysis of current and previous scenario of user interaction and digital signature verification system to finally authenticate user. The analysis of user based input makes a NFC transaction more advance and secure. This security is very tactical because it is completely depends on usage of the device.

Keywords: Security, Network Field communication, NFC Protocol.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1999

Authors: Shang-Lin Hsieh, Lung-Yao Hsu, I-Ju Tsai

Abstract:

This paper proposes a copyright protection scheme for color images using secret sharing and wavelet transform. The scheme contains two phases: the share image generation phase and the watermark retrieval phase. In the generation phase, the proposed scheme first converts the image into the YCbCr color space and creates a special sampling plane from the color space. Next, the scheme extracts the features from the sampling plane using the discrete wavelet transform. Then, the scheme employs the features and the watermark to generate a principal share image. In the retrieval phase, an expanded watermark is first reconstructed using the features of the suspect image and the principal share image. Next, the scheme reduces the additional noise to obtain the recovered watermark, which is then verified against the original watermark to examine the copyright. The experimental results show that the proposed scheme can resist several attacks such as JPEG compression, blurring, sharpening, noise addition, and cropping. The accuracy rates are all higher than 97%.

Keywords: Color image, copyright protection, discrete wavelet transform, secret sharing, watermarking.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1835

Authors: Noor Suhana Sulaiman, Rohani Abu Bakar, Norrozila Sulaiman

Abstract:

Intrusion Detection System is significant in network security. It detects and identifies intrusion behavior or intrusion attempts in a computer system by monitoring and analyzing the network packets in real time. In the recent year, intelligent algorithms applied in the intrusion detection system (IDS) have been an increasing concern with the rapid growth of the network security. IDS data deals with a huge amount of data which contains irrelevant and redundant features causing slow training and testing process, higher resource consumption as well as poor detection rate. Since the amount of audit data that an IDS needs to examine is very large even for a small network, classification by hand is impossible. Hence, the primary objective of this review is to review the techniques prior to classification process suit to IDS data.

Keywords: Intrusion Detection System, security, soft computing, classification.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1859

Authors: Kyi Lin Lin Kyaw

Abstract:

Nowadays, we are facing with network threats that cause enormous damage to the Internet community day by day. In this situation, more and more people try to prevent their network security using some traditional mechanisms including firewall, Intrusion Detection System, etc. Among them honeypot is a versatile tool for a security practitioner, of course, they are tools that are meant to be attacked or interacted with to more information about attackers, their motives and tools. In this paper, we will describe usefulness of low-interaction honeypot and high-interaction honeypot and comparison between them. And then we propose hybrid honeypot architecture that combines low and high -interaction honeypot to mitigate the drawback. In this architecture, low-interaction honeypot is used as a traffic filter. Activities like port scanning can be effectively detected by low-interaction honeypot and stop there. Traffic that cannot be handled by low-interaction honeypot is handed over to high-interaction honeypot. In this case, low-interaction honeypot is used as proxy whereas high-interaction honeypot offers the optimal level realism. To prevent the high-interaction honeypot from infections, containment environment (VMware) is used.

Keywords: Low-interaction honeypot, High-interactionhoneypot, VMware, Proxy

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2944

Authors: Aabiah Nayeem, Fariha Shafiq, Mustabshra Aftab, Rabia Saman Pirzada, Samia Ghazala

Abstract:

In this modern era of technology, the concept of Internet of Things is very popular in every domain. It is a widely distributed system of things in which the data collected from sensory devices is transmitted, analyzed locally/collectively then broadcasted to network where action can be taken remotely via mobile/web apps. Today’s mobile computing is also gaining importance as the services are provided during mobility. Through mobile computing, data are transmitted via computer without physically connected to a fixed point. The challenge is to provide services with high speed and security. Also, the data gathered from the mobiles must be processed in a secured way. Mobile computing is strongly influenced by internet of things. In this paper, we have discussed security issues and challenges of internet of things and mobile computing and we have compared both of them on the basis of similarities and dissimilarities.

Keywords: Embedded computing, internet of things, mobile computing, and wireless technologies.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1311

Authors: Alfonso Bahillo, Juan Blas, Santiago Mazuelas, Patricia Fernanadez, Ruben Mateo Lorenzo, Evaristo Jose Abril

Abstract:

The wide increase and diffusion on telecommunication technologies have caused a huge spread of electromagnetic sources in most European Countries. Since the public is continuously being exposed to electromagnetic radiation the possible health effects have become the focus of population concerns. As a result, electromagnetic field monitoring stations which control field strength in commercial frequency bands are being placed on the flat roof of many buildings. However there is no guidance on where to place them. This paper presents an analysis of frequency, polarization and angles of incidence of a plane wave which impinges on a flat roof security wall and its dependence on electromagnetic field strength meters placement.

Keywords: EM field exposition, EM field strength meter, FDTD method, flat roof security wall, plane wave propagation.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1304

Authors: C. Mallada Fernández

Abstract:

Economic development and globalization of international markets have created a favourable atmosphere for the emergence of new forms of crime such as money laundering or financing of terrorism, which may contribute to destabilized and damage economic systems. In particular, money laundering have acquired great importance since the 11S attacks, what has caused on the one hand, the establishment and development of preventive measures and, on the other hand, a progressive hardening of penal measures. Since then, the regulations imposed to fight against money laundering have been viewed as key components also in the fight against terrorist financing. Terrorism, at the beginning, was a “national” crime connected with internal problems of the State (for instance the RAF in Germany or ETA in Spain) but in the last 20 years has started to be an international problem that is connected with the defence and security of the States. Therefore, the new strategic concept for the defense and security of NATO has a comprehensive list of security threats to the Alliance, such as terrorism, international instability, money laundering or attacks on cyberspace, among others. With this new concept, money laundering and terrorism has become a priority in the national defense.

In this work we will analyze the methods to combat these new threats to the national security. We will study the preventive legislations to combat money laundering and financing of terrorism, the UIF that exchange information between States, and the hawala-Banking.

Keywords: Control of financial flows, money laundering, terrorism, financing of terrorism.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2876

Authors: Saif Obaid Alkaabi, Nabil Ayad

Abstract:

Governments constantly seek to offer faster, more secure, efficient and effective services for their citizens. Recent changes and developments to communication services and technologies, mainly due the Internet, have led to immense improvements in the way governments of advanced countries carry out their interior operations Therefore, advances in e-government services have been broadly adopted and used in various developed countries, as well as being adapted to developing countries. The implementation of advances depends on the utilization of the most innovative structures of data techniques, mainly in web dependent applications, to enhance the main functions of governments. These functions, in turn, have spread to mobile and wireless techniques, generating a new advanced direction called m-government. This paper discusses a selection of available m-government applications and several business modules and frameworks in various fields. Practically, the m-government models, techniques and methods have become the improved version of e-government. M-government offers the potential for applications which will work better, providing citizens with services utilizing mobile communication and data models incorporating several government entities. Developing countries can benefit greatly from this innovation due to the fact that a large percentage of their population is young and can adapt to new technology and to the fact that mobile computing devices are more affordable. The use of models of mobile transactions encourages effective participation through the use of mobile portals by businesses, various organizations, and individual citizens. Although the application of m-government has great potential, it does have major limitations. The limitations include: the implementation of wireless networks and relative communications, the encouragement of mobile diffusion, the administration of complicated tasks concerning the protection of security (including the ability to offer privacy for information), and the management of the legal issues concerning mobile applications and the utilization of services.

Keywords: E-government, m-government, system dependability, system security, trust.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1765