Search results for: cloud security governance

Authors: MooSeop Kim, Juhan Kim, Yongje Choi

Abstract:

Recently, much research has been conducted for security for wireless sensor networks and ubiquitous computing. Security issues such as authentication and data integrity are major requirements to construct sensor network systems. Advanced Encryption Standard (AES) is considered as one of candidate algorithms for data encryption in wireless sensor networks. In this paper, we will present the hardware architecture to implement low power AES crypto module. Our low power AES crypto module has optimized architecture of data encryption unit and key schedule unit which could be applicable to wireless sensor networks. We also details low power design methods used to design our low power AES crypto module.

Keywords: Algorithm, Low Power Crypto Circuit, AES, Security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2467

Authors: Sindhu Govardhan, Kenneth G. Crowther

Abstract:

Modernisation of the water sector is leading to increased connectivity and integration of emerging technologies with traditional ones, leading to new security risks. The convergence of Information Technology (IT) with Operation Technology (OT) results in solutions that are spread across larger geographic areas, increasingly consist of interconnected Industrial Internet of Things (IIOT) devices and software, rely on the integration of legacy with modern technologies, use of complex supply chain components leading to complex architectures and communication paths. The result is that multiple parties collectively own and operate these emergent technologies, threat actors find new paths to exploit, and traditional cybersecurity controls are inadequate. Our approach is to explicitly identify and draw data flows that cross trust boundaries between owners and operators of various aspects of these emerging and interconnected technologies. On these data flows, we layer potential attack vectors to create a frame of reference for evaluating possible risks against connected technologies. Finally, we identify where existing controls, mitigations, and other remediations exist across industry partners (e.g., suppliers, product vendors, integrators, water utilities, and regulators). From these, we are able to understand potential gaps in security, the roles in the supply chain that are most likely to effectively remediate those security gaps, and test cases to evaluate and strengthen security across these partners. This informs a “shared responsibility” solution that recognises that security is multi-layered and requires collaboration to be successful. This shared responsibility security framework improves visibility, understanding, and control across the entire supply chain, and particularly for those water utilities that are accountable for safe and continuous operations.

Keywords: Cyber security, shared responsibility, IIOT, threat modelling.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 74

Authors: M. Marsadek, A. Mohamed

Abstract:

Power system security analysis is the most time demanding process due to large number of possible contingencies that need to be analyzed.  In a power system, any contingency resulting in security violation such as line overload or low voltage may occur for a number of reasons at any time.  To efficiently rank a contingency, both probability and the extent of security violation must be considered so as not to underestimate the risk associated with the contingency. This paper proposed a contingency ranking method that take into account the probabilistic nature of power system and the severity of contingency by using a newly developed method based on risk factor.  The proposed technique is implemented on IEEE 24-bus system.

Keywords: Line overload, low voltage, probability, risk factor, severity.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1194

Authors: Supachai Tangwongsan, Labhidhorn Pangphuthipong

Abstract:

This research work proposes a model of network security systems aiming to prevent production system in a data center from being attacked by intrusions. Conceptually, we introduce a decoy system as a part of the security system for luring intrusions, and apply network intrusion detection (NIDS), coupled with the decoy system to perform intrusion prevention. When NIDS detects an activity of intrusions, it will signal a redirection module to redirect all malicious traffics to attack the decoy system instead, and hence the production system is protected and safe. However, in a normal situation, traffic will be simply forwarded to the production system as usual. Furthermore, we assess the performance of the model with various bandwidths, packet sizes and inter-attack intervals (attacking frequencies).

Keywords: Intrusion detection, Decoy, Snort, Intrusion prevention.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1705

Authors: A. Arul Lawrence Selvakumar, C. Suresh Ganandhas

Abstract:

This paper describes the study of cryptographic hash functions, one of the most important classes of primitives used in recent techniques in cryptography. The main aim is the development of recent crypt analysis hash function. We present different approaches to defining security properties more formally and present basic attack on hash function. We recall Merkle-Damgard security properties of iterated hash function. The Main aim of this paper is the development of recent techniques applicable to crypt Analysis hash function, mainly from SHA family. Recent proposed attacks an MD5 & SHA motivate a new hash function design. It is designed not only to have higher security but also to be faster than SHA-256. The performance of the new hash function is at least 30% better than that of SHA-256 in software. And it is secure against any known cryptographic attacks on hash functions.

Keywords: Crypt Analysis, cryptographic.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1297

Authors: Nebu Tom John, N. Dhinakaran

Abstract:

Multiparty voice over IP (MVoIP) systems allows a group of people to freely communicate each other via the internet, which have many applications such as online gaming, teleconferencing, online stock trading etc. Peertalk is a peer to peer multiparty voice over IP system (MVoIP) which is more feasible than existing approaches such as p2p overlay multicast and coupled distributed processing. Since the stream mixing and distribution are done by the peers, it is vulnerable to major security threats like nodes misbehavior, eavesdropping, Sybil attacks, Denial of Service (DoS), call tampering, Man in the Middle attacks etc. To thwart the security threats, a security framework called PEERTS (PEEred Reputed Trustworthy System for peertalk) is implemented so that efficient and secure communication can be carried out between peers.

Keywords: Key management system, peer-to-peer voice streaming, reputed trust management system, voice-over-IP.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1834

Authors: Ifedapo Francis Awolowo

Abstract:

The unrelenting series of embarrassing audit failures should stimulate a paradigm shift in accounting. And in this age of information revolution, there is need for a constant improvement on the products or services one offers to the market in order to be relevant. This study explores the perceptions of external auditors, forensic accountants and accounting academics on whether a paradigm shift to forensic accounting can reduce financial statement frauds. Through Neo-empiricism/inductive analytical approach, findings reveal that a paradigm shift to forensic accounting might be the right step in the right direction in order to increase the chances of fraud prevention and detection in the financial statement. This research has implication on accounting education on the need to incorporate forensic accounting into present day accounting curriculum. Accounting professional bodies, accounting standard setters and accounting firms all have roles to play in incorporating forensic accounting education into accounting curriculum. Particularly, there is need to alter the ISA 240 to make the prevention and detection of frauds the responsibilities of bot those charged with the management and governance of companies and statutory auditors.

Keywords: Financial statement fraud, forensic accounting, fraud prevention and detection, auditing, audit expectation gap, corporate governance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3598

Authors: Barnabas M. Suleiman, Ifeanyi P. Onyeonoru, Egharevba E. Matthew

Abstract:

This article interrogates the question of leadership in the context of the antidemocratic tendencies of Africa’s political leaders. The African continent has continued to struggle behind other continents of the world as a result of the failure of leadership to address the political and socio-economic challenges of the continent. Thus, bedevilled with the challenges of development, the African continent is in need of people-centred leadership. However, as the continent struggles to overcome its political and development predicaments, it is stuck in the dystopia of demagoguery that promises nothing but apocalyptic future for its teeming population. Thus, despite the enormous resources available in Africa, leadership failures have made progress difficult to achieve. At the centre of this leadership failure are demagogues: a set of leaders who have influence over a large number of people but take advantage of that influence to undermine democracy and good governance. Citing various examples across Africa, the article describes how demagogues, especially in democratic countries, have become the problem of the African continent in its quest to achieve democratic progress, development and peaceful progress.

Keywords: Africa, demagogue, good governance, democracy, leadership.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1262

Authors: Mir Shahriar Emami

Abstract:

Although it is fully impossible to ensure that a software system is quite secure, developing an acceptable secure software system in a convenient platform is not unreachable. In this paper, we attempt to analyze software development life cycle (SDLC) models from the hardware systems and circuits point of view. To date, the SDLC models pay merely attention to the software security from the software perspectives. In this paper, we present new features for SDLC stages to emphasize the role of systems and circuits in developing secure software system through the software development stages, the point that has not been considered previously in the SDLC models.

Keywords: Systems and circuits security, software security, software process engineering, SDLC, SSDLC.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1687

Authors: Andre Slonopas, Warren Thompson, Zona Kostic

Abstract:

Obfuscation is one of the most useful tools to prevent network compromise. Previous research focused on the obfuscation of the network communications between external-facing edge devices. This work proposes the use of two edge devices, external and internal facing, which communicates via private IPv4 addresses in a software-defined pseudo-random IP hopping. This methodology does not require additional IP addresses and/or resources to implement. Statistical analyses demonstrate that the hopping surface must be at least 1e3 IP addresses in size with a broad standard deviation to minimize the possibility of coincidence of monitored and communication IPs. The probability of breaking the hopping algorithm requires a collection of at least 1e6 samples, which for large hopping surfaces will take years to collect. The probability of dropped packets is controlled via memory buffers and the frequency of hops and can be reduced to levels acceptable for video streaming. This methodology provides an impenetrable layer of security ideal for information and supervisory control and data acquisition systems.

Keywords: Moving Target Defense, cybersecurity, network security, hopping randomization, software defined network, network security theory.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 526

Authors: Musa Bala Zakari, Mark Button

Abstract:

This paper explores the extent, nature, and characteristics of public sector corruption in Nigeria and the enhancement of the major anti-corruption initiatives (reforms), thereby providing insight into the types, forms and causes of corruption in Nigeria. This paper argues that attempts to devise and suggest effective anti-corruption reforms to control systemic corruption in Nigeria require identifying the most prevalent types of corruption targeted and tackling the fundamental country specific causes. It analyses two types of public sector corruption as it relates to Nigeria and the workings of its inefficient governance system. This paper concludes with the imperative of a collective action against corruption supported by considerable amount of domestic political will existing in a favourable policy context. In undertaking this, the paper draws upon publicly available documents, case laws review and semi-structured interviews conducted with various personnel working in the field of corruption in the dedicated anticorruption agencies, academics, and practitioners from other relevant institutions of accountability.

Keywords: Corruption, development, good governance, public sector.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 592

Authors: Jiří Barta

Abstract:

The paper deals with results of a project “Interoperability Workplaces to Support Teaching of Security Management in a Computer Network". This project is focused on the perspectives and possibilities of "new approaches" to education, training and crisis communication of rescue teams in the Czech Republic. It means that common technologies considering new perspectives are used to educate selected members of crisis management. The main part concentrates on possibilities of application of new technology and computer-aided tools to education and training of Integrated Rescue System teams.This project uses the COST principle for the creation of specialized centers and for all communication between these workplaces.

Keywords: Communication of Crisis Management, Information System, Interoperability, specializedcenter, Security Oriented Information System.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1477

Authors: Leonardo A. Ambrosio, Carlos. H. Silva Santos, Ivan E. L. Rodrigues, Ayumi K. de Campos, Leandro A. Machado

Abstract:

In this work, we propose an algorithm developed under Python language for the modeling of ordinary scalar Bessel beams and their discrete superpositions and subsequent calculation of optical forces exerted over dielectric spherical particles. The mathematical formalism, based on the generalized Lorenz-Mie theory, is implemented in Python for its large number of free mathematical (as SciPy and NumPy), data visualization (Matplotlib and PyJamas) and multiprocessing libraries. We also propose an approach, provided by a synchronized Software as Service (SaaS) in cloud computing, to develop a user interface embedded on a mobile application, thus providing users with the necessary means to easily introduce desired unknowns and parameters and see the graphical outcomes of the simulations right at their mobile devices. Initially proposed as a free Android-based application, such an App enables data post-processing in cloud-based architectures and visualization of results, figures and numerical tables.

Keywords: Bessel Beams and Frozen Waves, Generalized Lorenz-Mie Theory, Numerical Methods, Optical Forces.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2093

Authors: Cai Guoqiang, Jia Limin, Zhou Liming, Liang yu, Li xi

Abstract:

This paper analysis the integrated use of safety monitoring with the domestic and international latest research on rail safety protection system, and focus on the implementation of an organic whole system, with the monitoring and early warning, risk assessment, predictive control and emergency rescue system. The system framework, contents and system structure of Security system is proposed completely. It-s pointed out that the Security system is a negative feedback system composed of by safety monitoring and warning system, risk assessment and emergency rescue system. Safety monitoring and warning system focus on the monitoring target monitoring, early warning, tracking, integration of decision-making, for objective and subjective risks factors. Risk assessment system analysis the occurrence of a major Security risk mechanism, determines the standard of the future short, medium and long term safety conditions, and give prop for development of safety indicators, accident analysis and safety standards. Emergency rescue system is with the goal of rapid and effective rescue work for accident, to minimize casualties and property losses.

Keywords: rail safety protection, monitoring and early warning, risk assessment, emergency rescue.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3094

Authors: Shuen-Tai Wang, Fang-An Kuo, Chau-Yi Chou, Yu-Bin Fang

Abstract:

2016 has become the year of the Artificial Intelligence explosion. AI technologies are getting more and more matured that most world well-known tech giants are making large investment to increase the capabilities in AI. Machine learning is the science of getting computers to act without being explicitly programmed, and deep learning is a subset of machine learning that uses deep neural network to train a machine to learn  features directly from data. Deep learning realizes many machine learning applications which expand the field of AI. At the present time, deep learning frameworks have been widely deployed on servers for deep learning applications in both academia and industry. In training deep neural networks, there are many standard processes or algorithms, but the performance of different frameworks might be different. In this paper we evaluate the running performance of two state-of-the-art distributed deep learning frameworks that are running training calculation in parallel over multi GPU and multi nodes in our cloud environment. We evaluate the training performance of the frameworks with ResNet-50 convolutional neural network, and we analyze what factors that result in the performance among both distributed frameworks as well. Through the experimental analysis, we identify the overheads which could be further optimized. The main contribution is that the evaluation results provide further optimization directions in both performance tuning and algorithmic design.

Keywords: Artificial Intelligence, machine learning, deep learning, convolutional neural networks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1189

Authors: Pil Seong Park

Abstract:

Homemade HPC clusters are widely used in many small labs, because they are easy to build and cost-effective. Even though incremental growth is an advantage of clusters, it results in heterogeneous systems anyhow. Instead of adding new nodes to the cluster, we can extend clusters to include some other Internet servers working independently on the same LAN, so that we can make use of their idle times, especially during the night. However extension across a firewall raises some security problems with NFS. In this paper, we propose a method to solve such a problem using SSH tunneling, and suggest a modified structure of the cluster that implements it.

Keywords: Extension of HPC clusters, Security, NFS, SSH tunneling.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1859

Authors: Partha P. Gopmandal, S. Bhattacharyya

Abstract:

We have studied the migration of a charged permeable aggregate in electrolyte under the influence of an axial electric field and pressure gradient. The migration of the positively charged aggregate leads to a deformation of the anionic cloud around it. The hydrodynamics of the aggregate is governed by the interaction of electroosmotic flow in and around the particle, hydrodynamic friction and electric force experienced by the aggregate. We have computed the non-linear Nernest-Planck equations coupled with the Dracy- Brinkman extended Navier-Stokes equations and Poisson equation for electric field through a finite volume method. The permeability of the aggregate enable the counterion penetration. The penetration of counterions depends on the volume charge density of the aggregate and ionic concentration of electrolytes at a fixed field strength. The retardation effect due to the double layer polarization increases the drag force compared to an uncharged aggregate. Increase in migration sped from the electrophretic velocity of the aggregate produces further asymmetry in charge cloud and reduces the electric body force exerted on the particle. The permeability of the particle have relatively little influence on the electric body force when Double layer is relatively thin. The impact of the key parameters of electrokinetics on the hydrodynamics of the aggregate is analyzed.

Keywords: Electrophoresis, Advective flow, Polarization effect, Numerical solution.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1760

Authors: F. Matusek, G. Pujolle, R. Reda

Abstract:

Shadow detection is still considered as one of the potential challenges for intelligent automated video surveillance systems. A pre requisite for reliable and accurate detection and tracking is the correct shadow detection and classification. In such a landscape of conditions, privacy issues add more and more complexity and require reliable shadow detection. In this work the intertwining between security, accuracy, reliability and privacy is analyzed and, accordingly, a novel architecture for Privacy Enhancing Video Surveillance (PEVS) is introduced. Shadow detection and masking are dealt with through the combination of two different approaches simultaneously. This results in a unique privacy enhancement, without affecting security. Subsequently, the methodology was employed successfully in a large-scale wireless video surveillance system; privacy relevant information was stored and encrypted on the unit, without transferring it over an un-trusted network.

Keywords: Video Surveillance, Intelligent Video Surveillance, Physical Security, WSSU, Privacy, Shadow Detection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1310

Authors: S. B. Otieno, Were Fred, E. W. Kabiru, K. Waza

Abstract:

Background: HIV/AIDS is leading to the loss of labor through sickness and subsequent death, this is leading to the neglect of farm and off-farm activities, with the subsequent loss of potential income and food security. The situation is sensitive to seasonal labour peaks in agriculture. This study was done to determine the impact of high HIV prevalence in farming systems and food security in Pala Bondo District, Kenya. Methods: In this study, 386 respondents were randomly chosen in Pala Sub-Location. The respondents and key informants were interviewed using structured questionnaire. The data were entered and analyzed using SPSS version 16. Results: It was established that majority of respondents (67%) were between 18 and 35 years {χ² = (1, N = 386) = 13.430, p = 0.000} (chimney effect). The study also established that 83.5% of respondents were married {χ² = (1, N= 370) = 166.277 p = 0.000} and predominant occupation being farming and fishing (61%), while 52.8% of farm labour was by hand, 26% by oxen, and 4.9% mechanized. 73.2% of respondents only farm 0.25 to 2 acres, 48% mentioned lack of labour in land preparation {χ² ((1,N = 321) = 113.146, p = 0.000), in planting {χ² (1, N = 321) = 29.28, p = 0.000}. Majority of respondents lack food from January to June, during which 93% buy food. Conclusion: The high HIV prevalence in Pala has affected the farm labour leading to food insecurity.

Keywords: Food security, HIV, AIDS, labour.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1098

Authors: G. T. Balakayeva, K. K. Nurlybayeva, M. B. Zhanuzakov

Abstract:

In the proposed work, we have developed software and designed a software architecture for the implementation of enterprise business processes. The proposed software has a multi-level architecture using a domain-specific tool. The developed architecture is a guarantor of the availability, reliability and security of the system and the implementation of business processes, which are the basis for effective enterprise management. Automating business processes, automating the algorithmic stages of an enterprise, developing optimal algorithms for managing activities, controlling and monitoring, reducing risks and improving results help organizations achieve strategic goals quickly and efficiently. The software described in this article can connect to the corporate information system via two methods: a desktop client and a web client. With an appeal to the application server, the desktop client program connects to the information system on the company's work PCs over a local network. Outside the organization, the user can interact with the information system via a web browser, which acts as a web client and connects to a web server. The developed software consists of several integrated modules that share resources and interact with each other through an API. The following technology stack was used during development: Node js, React js, MongoDB, Ngnix, Cloud Technologies, Python.

Keywords: Algorithms, document processing, automation, integrated modules, software architecture, software design, information system.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 121

Authors: M. S. Razana, Z. W. Shafiuddin

Abstract:

Internal auditing is one of the most important activities for organizations that implement information security management systems (ISMS). The purpose of internal audits is to ensure the ISMS implementation is in accordance to the ISO/IEC 27001 standard and the organization’s own requirements for its ISMS. Competent internal auditors are the main element that contributes to the effectiveness of internal auditing activities. To realize this need, CyberSecurity Malaysia is now in the process of becoming a certification body that certifies ISMS internal auditors. The certification scheme will assess the competence of internal auditors in generic knowledge and skills in management systems, and also in ISMS-specific knowledge and skills. The certification assessment is based on the ISO/IEC 19011 Guidelines for auditing management systems, ISO/IEC 27007 Guidelines for information security management systems auditing and ISO/IEC 27001 Information security management systems requirements. The certification scheme complies with the ISO/IEC 17024 General requirements for bodies operating certification systems of persons. Candidates who pass the exam will be certified as an ISMS Internal Auditor, whose competency will be evaluated every three years.

Keywords: ISMS internal audit, ISMS internal auditor, ISO/IEC 17024, Competence, Certification.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1787

Authors: P. Vaattovaara, H. B. Swan, G. B. Jones, E. Deschaseaux, B. Miljevic, A. Laaksonen, Z. D. Ristovski

Abstract:

In order to investigate the properties of coral reef origin secondary aerosol and especially the contribution of secondary organic aerosol, ethanol affinity to atmospheric nucleation mode particles (diameter<15nm) was measured at the Heron reef marine environment in the South Pacific Ocean during the first coral reef aerosol characterization experiment in May-June 2011 using an ultrafine organic tandem differential mobility analyzer.

Our campaign study at Heron reef showed that the nucleation mode size particles (diameter =10nm) composition contain internally mixed sulfate and oxidized organic components in approximately equal proportion in sunny and still conditions around low tide time, indicating local biogenic sources. The produced secondary compounds and aerosols have potential to contribute to cloud condensation nuclei formation and properties that may affect local low-level cloud formation over the GBR. Additionally, primary marine sea-salt and organic material during windy conditions and anthropogenic/biogenic sources during continental air masses can affect the properties of these particles.

Keywords: Coral reef, DMS, particle composition, secondary organics.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1865

Authors: Saleh Dabil

Abstract:

The study will search the level of existence of the sweethearting in Saudi Arabia's Supermarkets in Riyadh. Sweethearting occurs when frontline workers give unauthorized free or uncounted goods and services to customer-s conspirators. The store managers and /or security managers were asked about the sweethearting that occurs in the supermarkets. The characteristics of sweethearting in Riyadh stores were investigated. Two independent variables were related to the report of sweethearting. These independent variables are: The effect of store environment on sweethearting and the security techniques and loss prevention electronics techniques used. This study expected to shed the light about the level of sweethearting in Saudi Arabia and the factors behind it. This study will serve as an exploratory study for such phenomenon in Saudi Arabia as well as both descriptive for the characteristics of sweethearting and explanatory study to link between the environmental and security systems factors to sweethearting.

Keywords: supermarket, stealing, sweethearting, theft.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1847

Authors: Lynette Drevin, Günther R. Drevin

Abstract:

Numerous threats have been identified when using social networks. The question is whether young people are aware of these negative impacts of online and mobile technologies. Will they identify threats when needed? Will they know where to get help? Students and school children were part of a survey where their behavior and use of Facebook and an instant messaging application - MXit were studied. This paper presents some of the results. It can be concluded that awareness on security and privacy issues should be raised. The benefit of doing such a survey is that it may help to direct educational efforts from a young age. In this way children – with their parents – can strive towards more secure behavior. Educators can focus their lessons towards the areas that need attention resulting in safer cyber interaction and ultimately more responsible online use.

Keywords: Facebook, Instant messaging, MXit, Privacy, Social networks Information Security awareness education, Trust.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2669

Authors: Vinay Gautam, Vivek Gautam

Abstract:

With increase in the unauthorized users access, it is required to increase the security in the Near Field Communication (NFC). In the paper we propose a user behavior based enhanced protocol entitled ‘User Behavior based Enhanced Protocol (UBEP)’ to increase the security in NFC enabled devices. The UBEP works on the history of interaction of a user with system.The propose protocol considers four different factors (touch, time and distance & angle) of user behavior to know the authenticity or authorization of the users. These factors can be same for a user during interaction with the system. The UBEP uses two phase user verification system to authenticate a user. Firstly the acquisition phase is used to acquire and store the user interaction with NFC device and the same information is used in future to detect the authenticity of the user. The second phase (recognition) uses analysis of current and previous scenario of user interaction and digital signature verification system to finally authenticate user. The analysis of user based input makes a NFC transaction more advance and secure. This security is very tactical because it is completely depends on usage of the device.

Keywords: Security, Network Field communication, NFC Protocol.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1949

Authors: Dimitrios E. Kontaxis, George Litainas, Dimitrios P. Ptochos, Vaggelis P. Ptochos, Sotirios P. Ptochos, Dimitrios Beletsis, Konstantinos Kritikakis, Milan Sunaric

Abstract:

Real-time monitoring of the supply chain conditions and procedures is a critical element for the optimal coordination and safety of the deliveries, as well as for the minimization of the delivery time and cost. Real time monitoring requires IoT data streams, which are related to the conditions of the products and the means of transport (e.g., location, temperature/humidity conditions, kinematic state, ambient light conditions, etc.). These streams are generated by battery-based IoT tracking devices, equipped with appropriate sensors, and are transmitted to a cloud-based back-end system. Proper handling and processing of the IoT data streams, using predictive and artificial intelligence algorithms, can provide significant and useful results, which can be exploited by the supply chain stakeholders in order to enhance their financial benefits, as well as the efficiency, security, transparency, coordination and sustainability of the supply chain procedures. The technology, the features and the characteristics of a complete, proprietary system, including hardware, firmware and software tools - developed in the context of a co-funded R&D program - are addressed and presented in this paper. 

Keywords: IoT embedded electronics, real-time monitoring, tracking device, sensor platform

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 559

Authors: Noor Suhana Sulaiman, Rohani Abu Bakar, Norrozila Sulaiman

Abstract:

Intrusion Detection System is significant in network security. It detects and identifies intrusion behavior or intrusion attempts in a computer system by monitoring and analyzing the network packets in real time. In the recent year, intelligent algorithms applied in the intrusion detection system (IDS) have been an increasing concern with the rapid growth of the network security. IDS data deals with a huge amount of data which contains irrelevant and redundant features causing slow training and testing process, higher resource consumption as well as poor detection rate. Since the amount of audit data that an IDS needs to examine is very large even for a small network, classification by hand is impossible. Hence, the primary objective of this review is to review the techniques prior to classification process suit to IDS data.

Keywords: Intrusion Detection System, security, soft computing, classification.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1833

Authors: Kyi Lin Lin Kyaw

Abstract:

Nowadays, we are facing with network threats that cause enormous damage to the Internet community day by day. In this situation, more and more people try to prevent their network security using some traditional mechanisms including firewall, Intrusion Detection System, etc. Among them honeypot is a versatile tool for a security practitioner, of course, they are tools that are meant to be attacked or interacted with to more information about attackers, their motives and tools. In this paper, we will describe usefulness of low-interaction honeypot and high-interaction honeypot and comparison between them. And then we propose hybrid honeypot architecture that combines low and high -interaction honeypot to mitigate the drawback. In this architecture, low-interaction honeypot is used as a traffic filter. Activities like port scanning can be effectively detected by low-interaction honeypot and stop there. Traffic that cannot be handled by low-interaction honeypot is handed over to high-interaction honeypot. In this case, low-interaction honeypot is used as proxy whereas high-interaction honeypot offers the optimal level realism. To prevent the high-interaction honeypot from infections, containment environment (VMware) is used.

Keywords: Low-interaction honeypot, High-interactionhoneypot, VMware, Proxy

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2907

Authors: Aabiah Nayeem, Fariha Shafiq, Mustabshra Aftab, Rabia Saman Pirzada, Samia Ghazala

Abstract:

In this modern era of technology, the concept of Internet of Things is very popular in every domain. It is a widely distributed system of things in which the data collected from sensory devices is transmitted, analyzed locally/collectively then broadcasted to network where action can be taken remotely via mobile/web apps. Today’s mobile computing is also gaining importance as the services are provided during mobility. Through mobile computing, data are transmitted via computer without physically connected to a fixed point. The challenge is to provide services with high speed and security. Also, the data gathered from the mobiles must be processed in a secured way. Mobile computing is strongly influenced by internet of things. In this paper, we have discussed security issues and challenges of internet of things and mobile computing and we have compared both of them on the basis of similarities and dissimilarities.

Keywords: Embedded computing, internet of things, mobile computing, and wireless technologies.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1267

Authors: Jay M. Joshi, Upena D. Dalal

Abstract:

Multimedia information availability has increased dramatically with the advent of video broadcasting on handheld devices. But with this availability comes problems of maintaining the security of information that is displayed in public. ISMA Encryption and Authentication (ISMACryp) is one of the chosen technologies for service protection in DVB-H (Digital Video Broadcasting- Handheld), the TV system for portable handheld devices. The ISMACryp is encoded with H.264/AVC (advanced video coding), while leaving all structural data as it is. Two modes of ISMACryp are available; the CTR mode (Counter type) and CBC mode (Cipher Block Chaining) mode. Both modes of ISMACryp are based on 128- bit AES algorithm. AES algorithms are more complex and require larger time for execution which is not suitable for real time application like live TV. The proposed system aims to gain a deep understanding of video data security on multimedia technologies and to provide security for real time video applications using selective encryption for H.264/AVC. Five level of security proposed in this paper based on the content of NAL unit in Baseline Constrain profile of H.264/AVC. The selective encryption in different levels provides encryption of intra-prediction mode, residue data, inter-prediction mode or motion vectors only. Experimental results shown in this paper described that fifth level which is ISMACryp provide higher level of security with more encryption time and the one level provide lower level of security by encrypting only motion vectors with lower execution time without compromise on compression and quality of visual content. This encryption scheme with compression process with low cost, and keeps the file format unchanged with some direct operations supported. Simulation was being carried out in Matlab.

Keywords: AES-128, CAVLC, H.264, ISMACryp

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2007