Biblio

Many organisations responded to the recent global pandemic by moving operations online. This has led to increased exposure to information security-related risks. There is thus an increased need to ensure organisational information security awareness programs are up to date and relevant to the needs of the intended target audience. The advent of online educational providers has similarly placed increased pressure on the formal educational sector to ensure course content is updated to remain relevant. Such processes of academic reflection and review should consider formal curriculum standards and guidelines in order to ensure wide relevance. This paper presents a case study of the review of an Introduction to Information Security course. This review is informed by the Information Security and Assurance knowledge area of the ACM/IEEE Computer Science 2013 curriculum standard. The paper presents lessons learned during this review process to serve as a guide for future reviews of this nature. The authors assert that these lessons learned can also be of value during the review of organisational information security awareness programs.

For a long time, SQL injection has been considered one of the most serious security threats. NoSQL databases are becoming increasingly popular as big data and cloud computing technologies progress. NoSQL injection attacks are designed to take advantage of applications that employ NoSQL databases. NoSQL injections can be particularly harmful because they allow unrestricted code execution. In this paper we use supervised learning and natural language processing to construct a model to detect NoSQL injections. Our model is designed to work with MongoDB, CouchDB, CassandraDB, and Couchbase queries. Our model has achieved an F1 score of 0.95 as established by 10-fold cross validation.

Injection attack is one of the best 10 security dangers declared by OWASP. SQL infusion is one of the main types of attack. In light of their assorted and quick nature, SQL injection can detrimentally affect the line, prompting broken and public data on the site. Therefore, this article presents a profound woodland-based technique for recognizing complex SQL attacks. Research shows that the methodology we use resolves the issue of expanding and debasing the first condition of the woodland. We are currently presenting the AdaBoost profound timberland-based calculation, which utilizes a blunder level to refresh the heaviness of everything in the classification. At the end of the day, various loads are given during the studio as per the effect of the outcomes on various things. Our model can change the size of the tree quickly and take care of numerous issues to stay away from issues. The aftereffects of the review show that the proposed technique performs better compared to the old machine preparing strategy and progressed preparing technique.

The increasing use of Information Technology applications in the distributed environment is increasing security exploits. Information about vulnerabilities is also available on the open web in an unstructured format that developers can take advantage of to fix vulnerabilities in their IT applications. SQL injection (SQLi) attacks are frequently launched with the objective of exfiltration of data typically through targeting the back-end server organisations to compromise their customer databases. There have been a number of high profile attacks against large enterprises in recent years. With the ever-increasing growth of online trading, it is possible to see how SQLi attacks can continue to be one of the leading routes for cyber-attacks in the future, as indicated by findings reported in OWASP. Various machine learning and deep learning algorithms have been applied to detect and prevent these attacks. However, such preventive attempts have not limited the incidence of cyber-attacks and the resulting compromised database as reported by (CVE) repository. In this paper, the potential of using data mining approaches is pursued in order to enhance the efficacy of SQL injection safeguarding measures by reducing the false-positive rates in SQLi detection. The proposed approach uses CountVectorizer to extract features and then apply various supervised machine-learning models to automate the classification of SQLi. The model that returns the highest accuracy has been chosen among available models. Also a new model has been created PALOSDM (Performance analysis and Iterative optimisation of the SQLI Detection Model) for reducing false-positive rate and false-negative rate. The detection rate accuracy has also been improved significantly from a baseline of 94% up to 99%.

With the development of Industrial Internet identification analysis, various encryption methods have been widely used in identification analysis to ensure the security of identification encoding and data. However, the past encryption methods failed to consider the problem of encryption efficiency in the case of high concurrency, so it will reduce the identification resolution efficiency and increase the computational pressure of secondary nodes when applying these methods to the identification analysis. In this paper, in order to improve the efficiency of identification analysis under the premise of ensuring information security, a safe and efficient analytical encryption method for industrial Internet identification based on Secure Hash Algorithm 256 (SHA-256), and Rivest-Shamir-Adleman (RSA) is presented. Firstly, by replacing the secret key in the identification encoding encryption with the SHA-256 function, the number of secret keys is reduced, which is beneficial to improve the efficiency of identification analysis. Secondly, by replacing the large prime number of the RSA encryption algorithm with multiple small prime numbers, the generation speed of RSA key pair is improved, which is conducive to reduce the computation of secondary nodes. Finally, by assigning a unique RSA private key to the identification code during the identification registration phase, SHA-256 and RSA are associated, the number of key exchanges is reduced during the encryption process, which is conducive to improve the security of encryption. The experiment verifies that the proposed method can improve security of encryption and efficiency of identification analysis, by comparing the complexity of ciphertext cracking and the identification security analysis time between the traditional encryption method and this method.

In the era of Internet usage growth, storage services are widely used where users' can store their data, while hackers techniques pose massive threats to users' data security. The proposed system introduces multiple layers of security where data confidentiality, integrity and availability are achieved using honey encryption, hashed random passwords as well as detecting intruders and preventing them. The used techniques can ensure security against brute force and denial of service attacks. Our proposed methodology proofs the efficiency for storing and retrieving data using honey words and password hashing with less execution time and more security features achieved compared with other systems. Other systems depend on user password leading to easily predict it, we avoid this approach by making the password given to the user is randomly generated which make it unpredictable and hard to break. Moreover, we created a simple user interface to interact with users to take their inputs and store them along with the given password in true database, if an adversary detected, he will be processed as a normal user but with fake information taken from another database called false database, after that, the admin will be notified about this illegitimate access by providing the IP address. This approach will make the admin have continuous detection and ensure availability and confidentiality. Our execution time is efficient as the encryption process takes 244 ms and decryption 229 ms.

Unmanned Aerial Vehicles (UAVs) are drawing enormous attention in both commercial and military applications to facilitate dynamic wireless communications and deliver seamless connectivity due to their flexible deployment, inherent line-of-sight (LOS) air-to-ground (A2G) channels, and high mobility. These advantages, however, render UAV-enabled wireless communication systems susceptible to eavesdropping attempts. Hence, there is a strong need to protect the wireless channel through which most of the UAV-enabled applications share data with each other. There exist various error correction techniques such as Low Density Parity Check (LDPC), polar codes that provide safe and reliable data transmission by exploiting the physical layer but require high transmission power. Also, the security gap achieved by these error-correction techniques must be reduced to improve the security level. In this paper, we present deep learning (DL) enabled punctured LDPC codes to provide secure and reliable transmission of data for UAVs through the Additive White Gaussian Noise (AWGN) channel irrespective of the computational power and channel state information (CSI) of the Eavesdropper. Numerical result analysis shows that the proposed scheme reduces the Bit Error Rate (BER) at Bob effectively as compared to Eve and the Signal to Noise Ratio (SNR) per bit value of 3.5 dB is achieved at the maximum threshold value of BER. Also, the security gap is reduced by 47.22 % as compared to conventional LDPC codes.

[Purpose/meaning] In this paper, a unified scheme based on blockchain technology to realize the three modules of intellectual property confirmation, utilization, and protection of rights at the application layer is constructed, to solve the problem of unbalanced and inadequate resource distribution and development level in the field of industrial intellectual property. [Method/process] Based on the application of the core technology of blockchain in the field of intellectual property, this paper analyzes the pain points in the current field of intellectual property, and selects matching blockchain types according to the protection of intellectual property and the different decisions involved in the transaction process, to build a heterogeneous multi-chain model based on blockchain technology. [Conclusion] The heterogeneous multi-chain model based on Polkadot[1] network is proposed to realize the intellectual property protection scheme of a heterogeneous multi-chain model, to promote collaborative design and product development between regions, and to make up for the shortcomings of technical exchange, and weaken the phenomenon of "information island" in a certain extent. [Limitation/deficiency] The design of smart contracts in the field of intellectual property, the development of cross-chain protocols, and the formulation of national standards for blockchain technology still need to be developed and improved. At the same time, the intellectual property protection model designed in this paper needs to be verified in the application of practical cases.

Insider threats have high risk and concealment characteristics, which makes traditional anomaly detection methods less effective in insider threat detection. Existing detection methods ignore the logical relationship between user behaviors and the consistency of behavior sequences among homogeneous users, resulting in poor model effects. We propose an insider threat detection method based on internal user heterogeneous graph embedding. Firstly, according to the characteristics of CERT data, comprehensively consider the relationship between users, the time sequence, and logical relationship, and construct a heterogeneous graph. In the second step, according to the characteristics of heterogeneous graphs, the embedding learning of graph nodes is carried out according to random walk and Word2vec. Finally, we propose an Insider Threat Detection Design (ITDD) model which can map and the user behavior sequence information into a high-dimensional feature space. In the CERT r5.2 dataset, compared with a variety of traditional machine learning methods, the effect of our method is significantly better than the final result.

The Activity and Event Network (AEN) graph is a new framework that allows modeling and detecting intrusions by capturing ongoing security-relevant activity and events occurring at a given organization using a large time-varying graph model. The graph is generated by processing various network security logs, such as network packets, system logs, and intrusion detection alerts. In this paper, we show how known attack methods can be captured generically using attack fingerprints based on the AEN graph. The fingerprints are constructed by identifying attack idiosyncrasies under the form of subgraphs that represent indicators of compromise (IOes), and then encoded using Property Graph Query Language (PGQL) queries. Among the many attack types, three main categories are implemented as a proof of concept in this paper: scanning, denial of service (DoS), and authentication breaches; each category contains its common variations. The experimental evaluation of the fingerprints was carried using a combination of intrusion detection datasets and yielded very encouraging results.

Nowadays, online cloud storage networks can be accessed by third parties. Businesses that host large data centers buy or rent storage space from individuals who need to store their data. According to customer needs, data hub operators visualise the data and expose the cloud storage for storing data. Tangibly, the resources may wander around numerous servers. Data resilience is a prior need for all storage methods. For routines in a distributed data center, distributed removable code is appropriate. A safe cloud cache solution, AES-UCODR, is proposed to decrease I/O overheads for multi-block updates in proxy re-encryption systems. Its competence is evaluated using the real-world finance sector.

A methodology for studying the level of security for various types of CPS through the analysis of the consequences was developed during the research process. An analysis of the architecture of cyber-physical systems was carried out, vulnerabilities and threats of specific devices were identified, a list of possible information attacks and their consequences after the exploitation of vulnerabilities was identified. The object of research is models of cyber-physical systems, including IoT devices, microcomputers, various sensors that function through communication channels, organized by cyber-physical objects. The main subjects of this investigation are methods and means of security testing of cyber-physical systems (CPS). The main objective of this investigation is to update the problem of security in cyber-physical systems, to analyze the security of these systems. In practice, the testing methodology for the cyber-physical system “Smart Factory” was implemented, which simulates the operation of a real CPS, with different types of links and protocols used.

Mobile small cells that are enabled with Network Coding (NC) are seen as a potentially useful technique for Fifth Generation (5G) networks, since they can cover an entire city and can be put up on demand anywhere, any time, and on any device. Despite numerous advantages, significant security issues arise as a result of the fact that the NC-enabled mobile small cells are vulnerable to attacks. Intrusions are a severe security threat that exploits the inherent vulnerabilities of NC. In order to make NC-enabled mobile small cells to realize their full potential, it is essential to implement intrusion detection systems. When compared to homomorphic signature or hashing systems, homomorphic message authentication codes (MACs) provide safe network coding techniques with relatively smaller overheads. A number of research studies have been conducted with the goal of developing mobile small cells that are enabled with secure network coding and coming up with integrity protocols that are appropriate for such crowded situations. However, the intermediate nodes alter packets while they are in transit and hence the integrity of the data cannot be confirmed by using MACs and checksums. This research study has analyzed numerous intrusion detection models for NC enabled small cells. This research helps the scholars to get a brief idea about various intrusion detection models.

In order to meet the needs of intellectual property protection and controlled sharing of scientific research sensitive data, a mechanism is proposed for security protection throughout “transfer, store and use” process of sensitive data which based on blockchain. This blockchain bottom layer security is reinforced. First, the encryption algorithm used is replaced by the national secret algorithm and the smart contract is encapsulated as API at the gateway level. Signature validation is performed when the API is used to prevent illegal access. Then the whole process of data up-chain, storage and down-chain is encrypted, and a mechanism of data structure query and data query condition construction based on blockchain smart is provided to ensure that the data is “usable and invisible”. Finally, data access control is ensured through role-based and hierarchical protection, and the blockchain base developed has good extensibility, which can meet the requirement of sensitive data security protection in scientific research filed and has broad application prospects.

Using the methods of literature and interview, this paper analyzes the current situation of performance evaluation of volunteers in large-scale games based on mobile Internet, By analyzing the popularity of mobile Internet, the convenience of performance evaluation, the security and privacy of performance evaluation, this paper demonstrates the necessity of performance evaluation of volunteers in large-scale games based on mobile Internet, This paper puts forward the Countermeasures of performance evaluation of volunteers in large-scale games based on mobile Internet.

To ensure comprehensive information protection, it is necessary to use various means of information protection, distributed by levels and segments of the information system. This creates a contradiction, which consists in the presence of many different means of information protection and the inability to ensure their joint coordinated application in ensuring the protection of information due to the lack of an automated control system. One of the tasks that contribute to the solution of this problem is the task of generating a feasible organizational structure and the structure of such an automated control system, the results of which would provide these options and choose the one that is optimal under given initial parameters and limitations. The problem is solved by reducing the General task with particular splitting the original graph of the automated cyber defense control system into subgraphs. As a result, the organizational composition and the automated cyber defense management system structures will provide a set of acceptable variants, on the basis of which the optimal choice is made under the given initial parameters and restrictions. As a result, admissible variants for the formation technique of organizational structure and structure by the automated control system of cyber defense is received.

Middleware for IoT (Internet of Things) helps application developers face challenges, such as device heterogeneity, service interoperability, security and scalability. While extensively adopted nowadays, IoT middleware systems are static because, after deployment, updates are only possible by stopping the thing. Therefore, adaptive capabilities can improve existing solutions by allowing their dynamic adaptation to changes in the environmental conditions, evolve provided functionalities, or fix bugs. This paper presents AMoT, an adaptive publish/subscribe middleware for IoT whose design and implementation adopt software architecture principles and evolutive adaptation mechanisms. The experimental evaluation of AMoT helps to measure the impact of the proposed adaptation mechanisms while also comparing the performance of AMoT with a widely adopted MQTT (Message Queuing Telemetry Transport) based middleware. In the end, adaptation has an acceptable performance cost and the advantage of tunning the middleware functionality at runtime.

Nowadays, web vulnerability is a critical issue in web applications. Web developers develop web applications, but sometimes they are not very well-versed with security concerns, thereby creating loopholes for the vulnerabilities. If a web application is developed without considering security, it is harmful for the client and the company. Different types of vulnerabilities encounter during the web application development process. Therefore, vulnerability identification is a crucial and critical task from a web application development perspective. It is vigorous to secure them from the earliest development life cycle process. In this paper, we have analyzed and classified vulnerabilities related to web application security during the development phases. Here, the concern is to identify a weakness, countermeasure, confidentiality impact, access complexity, and severity level, which affect the web application security.

This article is devoted to the existing standards for assessing the state of information security, which provides a classification and comparative analysis of standards for assessing the state of information.

The article describes an analytical model of the actions of an information security violator for the secret extraction of confidential information processed on the protected object in terms of the theory of Markov random processes. The characteristics of the existing models are given, as well as the requirements that are imposed on the model for simulating the process. All model states are described in detail, as well as the data flow that is used in the process simulation. The model is represented as a directed state graph. It also describes the option for evaluating the data obtained during modeling. In the modern world, with the developing methods and means of covert extraction of information, the problem of assessing the damage that can be caused by the theft of the organization's data is acute. This model can be used to build a model of information security threats.

Currently, statistical tests for random number generators (RNGs) are widely used in practice, and some of them are even included in information security standards. But despite the popularity of RNGs, consistent tests are known only for stationary ergodic deviations of randomness (a test is consistent if it detects any deviations from a given class when the sample size goes to infinity). However, the model of a stationary ergodic source is too narrow for some RNGs, in particular, for generators based on physical effects. In this article, we propose computable consistent tests for some classes of deviations more general than stationary ergodic and describe some general properties of statistical tests. The proposed approach and the resulting test are based on the ideas and methods of information theory.

Ciphertext Policy Attribute-Based Encryption (CPABE) has gained popularity in the research area among the many proposed security models for providing fine-grained access control of data. Lightweight ECC-based CP-ABE schemes can provide feasible selective sharing from resource-constrained devices. However, the existing schemes lack support for a complete revocation mechanism at the user and attribute levels. We propose a novel scheme called Ecc Proxy based Scalable Attribute Revocation (EPSAR-CP-ABE) scheme. It extends an existing ECC-based CP-ABE scheme for lightweight IoT and smart-card devices to implement scalable attribute revocation. The scheme does not require re-distribution of secret keys and re-encryption of ciphertext. It uses a proxy server to furnish a proxy component for decryption. The dependency of the proposed scheme is minimal on the proxy server compared to the other related schemes. The storage and computational overhead due to the attribute revocation feature are negligible. Hence, the proposed EPSAR-CP-ABE scheme can be deployed practically for resource-constrained devices.

Nowadays, many data owners choose to outsource their data to public cloud servers while allowing authorized users to retrieve them. To protect data confidentiality from an untrusted cloud, many studies on searchable encryption (SE) are proposed for privacy-preserving search over encrypted data. However, most of the existing SE schemes only focus on the single-owner model. Users need to search one-by-one among data owners to retrieve relevant results even if data are from the same cloud server, which inevitably incurs unnecessary bandwidth and computation cost to users. Thus, how to enable efficient authorized search over multi-owner datasets remains to be fully explored. In this paper, we propose a new privacy-preserving search scheme for the multi-owner and multi-user model. Our proposed scheme has two main advantages: 1) We achieve an attribute-based keyword search for multi-owner model, where users can only search datasets from specific authorized owners. 2) Each data owner can enforce its own fine-grained access policy for users while an authorized user only needs to generate one trapdoor (i.e., encrypted search keyword) to search over multi-owner encrypted data. Through rigorous security analysis and performance evaluation, we demonstrate that our scheme is secure and feasible.

The Interface to Network Security Functions (I2NSF) Working Group in Internet Engineering Task Force (IETF) provides data models of interfaces to easily configure Network Security Functions (NSF). The Working Group presents a high-level data model and a low-level data model for configuring the NSFs. The high-level data model is used for the users to manipulate the NSFs configuration easily without any security expertise. But the NSFs cannot be configured using the high-level data model as it needs a low-level data model to properly deploy their security operation. For that reason, the I2NSF Framework needs a security policy translator to translate the high-level data model into the corresponding low-level data model. This paper improves the previously proposed Security Policy Translator by adding an Automatic Data Model Mapper. The proposed mapper focuses on the mapping between the elements in the high-level data model and the elements in low-level data model to automate the translation without the need for a security administrator to create a mapping table.

The COVID-19 pandemic introduced novel incentives for adversaries to exploit the state of turmoil. As we have witnessed with the increase in for instance phishing attacks and domain name registrations piggybacking the COVID-19 brand name. In this paper, we perform an analysis at Internet-scale of COVID-19 domain name registrations during the early stages of the virus' spread, and investigate the rationales behind them. We leverage the DomainTools COVID-19 Threat List and additional measurements to analyze over 150,000 domains registered between January 1st 2020 and May 1st 2020. We identify two key rationales for covid-related domain registrations. Online marketing, by either redirecting traffic or hosting a commercial service on the domain, and domain parking, by registering domains containing popular COVID-19 keywords, presumably anticipating a profit when reselling the domain later on. We also highlight three public policy take-aways that can counteract this domain registration behavior.