This presentation has been done at the latest DeepSec 2010 conference in Vienna. The aim of this study was to understand the importance of Cognitive Sciences for the study of Social Engineering. Perform a real and controlled phishing vulnerability assessment with real business users and address countermeasures.
The document provides information about the School of Information and Communication Technology (ICT) at Gautam Buddha University. It summarizes the academic programs offered including 5-year dual degree programs, 3-year MTech programs for science graduates, 2-year MTech programs for engineering graduates, and PhD programs. It also describes the various specializations and courses offered at the undergraduate and postgraduate level in areas like software engineering, wireless communication, VLSI design, and more. It lists the laboratories and facilities available and provides details about research activities, placements, and the curriculum structure for some of the programs.
The project sets out to study the level of awareness and perception of IT security amongst university students, paying particular attention to the world of mobile devices. The report analyses the answers given by 1012 students from over 15 Italian universities to a multiple-choice questionnaire. The analysis shows that students’ perception of their knowledge is generally wrong and that they are unaware of the risks arising from their behaviour. In view of these risks, a proposal has been made to implement technical and legal measures to reduce future problems deriving from faulty or lax adoption of security measures on their mobile devices.
Security and Privacy Measurements in Social Networks: Experiences and Lessons...FACE
We describe our experience gained while exploring practical security and privacy problems in a real-world, large- scale social network (i.e., Facebook), and summarize our conclu- sions in a series of “lessons learned”. We first conclude that it is better to adequately describe the potential ethical concerns from the very beginning and plan ahead the institutional review board (IRB) request. Even though sometimes optional, the IRB approval is a valuable point from the reviewer’s perspective. Another aspect that needs planning is getting in touch with the online social network security team, which takes a substantial amount of time. With their support, “bending the rules” (e.g., using scrapers) when the experimental goals require so, is easier. Clearly, in cases where critical technical vulnerabilities are found during the research, the general recommendations for responsible disclosure should be followed. Gaining the audience’s engagement and trust was essential to the success of our user study. Participants felt more comfortable when subscribing to our experiments, and also responsibly reported bugs and glitches. We did not observe the same behavior in crowd-sourcing workers, who were instead more interested in obtaining their rewards. On a related point, our experience suggests that crowd sourcing should not be used alone: Setting up tasks is more time consuming than it seems, and researchers must insert some sentinel checks to ensure that workers are not submitting random answers.
From a logistics point of view, we learned that having at least a high-level plan of the experiments pays back, especially when the IRB requires a detailed description of the work and the data to be collected. However, over planning can be dangerous because the measurement goals can change dynamically. From a technical point of view, partially connected to the logistics remarks, having a complex and large data-gathering and analysis framework may be counterproductive in terms of set-up and management overhead. From our experience we suggest to choose simple technologies that scale up if needed but, more importantly, can scale down. For example, launching a quick query should be straightforward, and the frameworks should not impose too much overhead for formulating it. We conclude with a series of practical recommendations on how to successfully collect data from online social networks (e.g., using techniques for network multi presence, mimicking user behavior, and other crawling “tricks”’) and avoid abusing the online service, while gathering the data required by the experiments.
Mobile devices have been playing vital roles in modern dayeducation delivery as students can access or
download learning materials on their smartphones and tablets, they can also install educational apps and
study anytime, anywhere. The need to provide adequate security forportable devices being used for
learning cannot be underestimated. In this paper, we present a mobile security enhancement app,
designed and developedfor Android smart mobile devices in order to promote security awareness among
students. The app can alsoidentify major and the most significant security weaknesses, scan or check for
vulnerabilities in m-learning devices and report any security threat.
Mobile devices have been playing vital roles in modern dayeducation delivery as students can access or
download learning materials on their smartphones and tablets, they can also install educational apps and
study anytime, anywhere. The need to provide adequate security forportable devices being used for
learning cannot be underestimated. In this paper, we present a mobile security enhancement app,
designed and developedfor Android smart mobile devices in order to promote security awareness among
students. The app can alsoidentify major and the most significant security weaknesses, scan or check for
vulnerabilities in m-learning devices and report any security threat
A framework for modelling trojans and computer virus infectionUltraUploader
This document proposes a framework for modeling trojans and computer viruses. It begins by noting the limitations of viewing computers as finite state machines like Turing machines, as viruses require interaction between systems. The document then outlines different categories of trojans before defining the three core components of a viral infection: a trojan component to do unwanted things, a dormancy component to conceal itself, and an infective component to spread to other programs/systems. The goal is to understand these phenomena without relying on biological metaphors or limited experiences.
AndRadar: Fast Discovery of Android Applications in Alternative MarketsFACE
Compared to traditional desktop software, Android applica- tions are delivered through software repositories, commonly known as application markets. Other mobile platforms, such as Apple iOS and BlackBerry OS also use the marketplace model, but what is unique to Android is the existence of a plethora of alternative application markets. This complicates the task of detecting and tracking Android malware. Identifying a malicious application in one particular market is simply not enough, as many instances of this application may exist in other markets. To quantify this phenomenon, we exhaustively crawled 8 markets between June and November 2013. Our findings indicate that alternative markets host a large number of ad-aggressive apps, a non-negligible amount of mal- ware, and some markets even allow authors to publish known malicious apps without prompt action.
Motivated by these findings, we present AndRadar, a framework for dis- covering multiple instances of a malicious Android application in a set of alternative application markets. AndRadar scans a set of markets in parallel to discover similar applications. Each lookup takes no more than a few seconds, regardless of the size of the marketplace. Moreover, it is modular, and new markets can be transparently added once the search and download URLs are known.
Using AndRadar we are able to achieve three goals. First, we can discover malicious applications in alternative markets, second, we can expose app distribution strategies used by malware developers, and third, we can moni- tor how different markets react to new malware. During a three-month eval- uation period, AndRadar tracked over 20,000 apps and recorded more than 1,500 app deletions in 16 markets. Nearly 8% of those deletions were related to apps that were hopping from market to market. The most established markets were able to react and delete new malware within tens of days from the malicious app publication date while other markets did not react at all.
Int. Workshop on Information Systems for Social Innovation (ISSI) 2013 Session: Systems Resilience
National Institute of Informatics, Tokyo, Japan
February 4, 2014
http://tric.rois.ac.jp/human/ISSI2013/
The document provides information about the School of Information and Communication Technology (ICT) at Gautam Buddha University. It summarizes the academic programs offered including 5-year dual degree programs, 3-year MTech programs for science graduates, 2-year MTech programs for engineering graduates, and PhD programs. It also describes the various specializations and courses offered at the undergraduate and postgraduate level in areas like software engineering, wireless communication, VLSI design, and more. It lists the laboratories and facilities available and provides details about research activities, placements, and the curriculum structure for some of the programs.
The project sets out to study the level of awareness and perception of IT security amongst university students, paying particular attention to the world of mobile devices. The report analyses the answers given by 1012 students from over 15 Italian universities to a multiple-choice questionnaire. The analysis shows that students’ perception of their knowledge is generally wrong and that they are unaware of the risks arising from their behaviour. In view of these risks, a proposal has been made to implement technical and legal measures to reduce future problems deriving from faulty or lax adoption of security measures on their mobile devices.
Security and Privacy Measurements in Social Networks: Experiences and Lessons...FACE
We describe our experience gained while exploring practical security and privacy problems in a real-world, large- scale social network (i.e., Facebook), and summarize our conclu- sions in a series of “lessons learned”. We first conclude that it is better to adequately describe the potential ethical concerns from the very beginning and plan ahead the institutional review board (IRB) request. Even though sometimes optional, the IRB approval is a valuable point from the reviewer’s perspective. Another aspect that needs planning is getting in touch with the online social network security team, which takes a substantial amount of time. With their support, “bending the rules” (e.g., using scrapers) when the experimental goals require so, is easier. Clearly, in cases where critical technical vulnerabilities are found during the research, the general recommendations for responsible disclosure should be followed. Gaining the audience’s engagement and trust was essential to the success of our user study. Participants felt more comfortable when subscribing to our experiments, and also responsibly reported bugs and glitches. We did not observe the same behavior in crowd-sourcing workers, who were instead more interested in obtaining their rewards. On a related point, our experience suggests that crowd sourcing should not be used alone: Setting up tasks is more time consuming than it seems, and researchers must insert some sentinel checks to ensure that workers are not submitting random answers.
From a logistics point of view, we learned that having at least a high-level plan of the experiments pays back, especially when the IRB requires a detailed description of the work and the data to be collected. However, over planning can be dangerous because the measurement goals can change dynamically. From a technical point of view, partially connected to the logistics remarks, having a complex and large data-gathering and analysis framework may be counterproductive in terms of set-up and management overhead. From our experience we suggest to choose simple technologies that scale up if needed but, more importantly, can scale down. For example, launching a quick query should be straightforward, and the frameworks should not impose too much overhead for formulating it. We conclude with a series of practical recommendations on how to successfully collect data from online social networks (e.g., using techniques for network multi presence, mimicking user behavior, and other crawling “tricks”’) and avoid abusing the online service, while gathering the data required by the experiments.
Mobile devices have been playing vital roles in modern dayeducation delivery as students can access or
download learning materials on their smartphones and tablets, they can also install educational apps and
study anytime, anywhere. The need to provide adequate security forportable devices being used for
learning cannot be underestimated. In this paper, we present a mobile security enhancement app,
designed and developedfor Android smart mobile devices in order to promote security awareness among
students. The app can alsoidentify major and the most significant security weaknesses, scan or check for
vulnerabilities in m-learning devices and report any security threat.
Mobile devices have been playing vital roles in modern dayeducation delivery as students can access or
download learning materials on their smartphones and tablets, they can also install educational apps and
study anytime, anywhere. The need to provide adequate security forportable devices being used for
learning cannot be underestimated. In this paper, we present a mobile security enhancement app,
designed and developedfor Android smart mobile devices in order to promote security awareness among
students. The app can alsoidentify major and the most significant security weaknesses, scan or check for
vulnerabilities in m-learning devices and report any security threat
A framework for modelling trojans and computer virus infectionUltraUploader
This document proposes a framework for modeling trojans and computer viruses. It begins by noting the limitations of viewing computers as finite state machines like Turing machines, as viruses require interaction between systems. The document then outlines different categories of trojans before defining the three core components of a viral infection: a trojan component to do unwanted things, a dormancy component to conceal itself, and an infective component to spread to other programs/systems. The goal is to understand these phenomena without relying on biological metaphors or limited experiences.
AndRadar: Fast Discovery of Android Applications in Alternative MarketsFACE
Compared to traditional desktop software, Android applica- tions are delivered through software repositories, commonly known as application markets. Other mobile platforms, such as Apple iOS and BlackBerry OS also use the marketplace model, but what is unique to Android is the existence of a plethora of alternative application markets. This complicates the task of detecting and tracking Android malware. Identifying a malicious application in one particular market is simply not enough, as many instances of this application may exist in other markets. To quantify this phenomenon, we exhaustively crawled 8 markets between June and November 2013. Our findings indicate that alternative markets host a large number of ad-aggressive apps, a non-negligible amount of mal- ware, and some markets even allow authors to publish known malicious apps without prompt action.
Motivated by these findings, we present AndRadar, a framework for dis- covering multiple instances of a malicious Android application in a set of alternative application markets. AndRadar scans a set of markets in parallel to discover similar applications. Each lookup takes no more than a few seconds, regardless of the size of the marketplace. Moreover, it is modular, and new markets can be transparently added once the search and download URLs are known.
Using AndRadar we are able to achieve three goals. First, we can discover malicious applications in alternative markets, second, we can expose app distribution strategies used by malware developers, and third, we can moni- tor how different markets react to new malware. During a three-month eval- uation period, AndRadar tracked over 20,000 apps and recorded more than 1,500 app deletions in 16 markets. Nearly 8% of those deletions were related to apps that were hopping from market to market. The most established markets were able to react and delete new malware within tens of days from the malicious app publication date while other markets did not react at all.
Int. Workshop on Information Systems for Social Innovation (ISSI) 2013 Session: Systems Resilience
National Institute of Informatics, Tokyo, Japan
February 4, 2014
http://tric.rois.ac.jp/human/ISSI2013/
Behaviorism is a psychological approach that views learning as conditioned responses to stimuli and looks to reward and punishment to shape behavior. Key theorists include Ivan Pavlov who demonstrated classical conditioning through his dog experiments, Edward Thorndike who proposed the Law of Effect that behaviors followed by reward become stronger, John Watson who believed behavior results from specific stimuli and responses, and B.F. Skinner who developed operant conditioning which examines the causes and consequences of actions. Behaviorism influenced education by advocating a system of rewards, targets, and breaking learning into small steps from simple to complex tasks.
Call of Duty: Black Ops was a first person shooter video game released in 2010 that sold over 25 million copies. It took place during the Cold War focusing on CIA clandestine operations. An extensive marketing campaign was used including trailers on sports games, partnerships with celebrities and Chrysler, and downloadable content to keep the game popular. The campaign aimed to reach the target demographic of young adult males and maximize sales through widespread promotion across media platforms.
Confucianism was founded in China around 500 BCE by Confucius, who was concerned by the fracturing of Chinese society. He believed social order and mutual respect could cure this. Confucianism teaches an all-encompassing humanism that values family, peace, justice, and devotion to others. It had a profound influence on China by shaping education, government, and social attitudes and etiquette for over 2000 years. Confucius is still considered the most influential philosopher in Chinese history.
The document discusses case study research design. It begins by explaining that case studies are appropriate for research questions starting with "how" or "why". It then describes different types of case study designs including holistic vs embedded, single vs multiple case, and exploratory vs explanatory vs descriptive vs confirmatory purposes. Finally, it notes that case study research design depends on the paradigmatic framework including epistemological project, ontological perspective, and methodological protocol.
This document provides an overview of case study research. It defines case study research as an approach that facilitates in-depth exploration of a phenomenon within its real-world context using multiple data sources. Case studies can be explanatory, exploratory, or descriptive in nature. Key components of case study research include determining the research questions, unit of analysis, sources of evidence, and criteria for interpreting findings. The document also discusses techniques for analyzing case study evidence such as pattern matching, explanation building, time-series analysis, logic models, and cross-case synthesis.
This document provides an overview of case study research methods. It defines a case study as an in-depth analysis of a single entity within its real-world context. The document discusses case study paradigms, types including intrinsic and instrumental, purposes such as explanatory and exploratory, designs including single and multiple case, methodology involving data collection from documentation and interviews, and analysis techniques like pattern matching. It also reviews issues in reporting case studies and lists some merits like understanding contemporary contexts and demerits like lack of generalization.
Artificial intelligence (AI) is everywhere, promising self-driving cars, medical breakthroughs, and new ways of working. But how do you separate hype from reality? How can your company apply AI to solve real business problems?
Here’s what AI learnings your business should keep in mind for 2017.
Study: The Future of VR, AR and Self-Driving CarsLinkedIn
We asked LinkedIn members worldwide about their levels of interest in the latest wave of technology: whether they’re using wearables, and whether they intend to buy self-driving cars and VR headsets as they become available. We asked them too about their attitudes to technology and to the growing role of Artificial Intelligence (AI) in the devices that they use. The answers were fascinating – and in many cases, surprising.
This SlideShare explores the full results of this study, including detailed market-by-market breakdowns of intention levels for each technology – and how attitudes change with age, location and seniority level. If you’re marketing a tech brand – or planning to use VR and wearables to reach a professional audience – then these are insights you won’t want to miss.
X-ware: a proof of concept malware utilizing artificial intelligenceIJECEIAES
Recent years have witnessed a dramatic growth in utilizing computational intelligence techniques for various domains. Coherently, malicious actors are expected to utilize these techniques against current security solutions. Despite the importance of these new potential threats, there remains a paucity of evidence on leveraging these research literature techniques. This article investigates the possibility of combining artificial neural networks and swarm intelligence to generate a new type of malware. We successfully created a proof of concept malware named X-ware, which we tested against the Windows-based systems. Developing this proof of concept may allow us to identify this potential threat’s characteristics for developing mitigation methods in the future. Furthermore, a method for recording the virus’s behavior and propagation throughout a file system is presented. The proposed virus prototype acts as a swarm system with a neural network-integrated for operations. The virus’s behavioral data is recorded and shown under a complex network format to describe the behavior and communication of the swarm. This paper has demonstrated that malware strengthened with computational intelligence is a credible threat. We envisage that our study can be utilized to assist current and future security researchers to help in implementing more effective countermeasures.
The document discusses the security challenges posed by the Internet of Things (IoT). It states that while the IoT concept and some security issues are not new, the scale of IoT networks, the heterogeneity of devices, reliance on cloud computing, and exposure of connected devices create new challenges for securing the IoT. Some key issues mentioned are that IoT is developing faster than laws and standards around security, different devices and platforms may have incompatible security measures, and many potential problems are simply existing security issues magnified by the massive scale of IoT infrastructure. Securing the IoT is seen as both a technological and business challenge that boards of directors need to address due to litigation risks for brands.
Running Head ANNOTATED BIBLIOGRAPHYANNOTATED BIBLIOGRAPHY .docxhealdkathaleen
Running Head: ANNOTATED BIBLIOGRAPHY
ANNOTATED BIBLIOGRAPHY 6
Annotated Bibliography on Emerging Cyber Threats
[Name of Institution]
[Name of Writer]
Annotated Bibliography on Emerging Cyber Threats
Source#1
Reference: Kettani, H., & Wainwright, P. (2019, March). On the Top Threats to Cyber Systems. In 2019 IEEE 2nd International Conference on Information and Computer Technologies (ICICT) (pp. 175-179). IEEE.
Summary: This article reveals the threats to the cyber systems even some of them are not known to the common people. The article defines that the latest technology has advanced the cyber systems and these advancements are attractive and beneficial in comparison to the previous systems. However, due to this sophisticated and attractive advancement the individuals, societies, and nations had become dependent on the cyber systems. These systems result in the higher gain and ease of handling since people had relying on the cyber systems. Moreover, the author argues that for the adoption of the proper defense and mitigations to the threats it is necessary to understand cyber threats. The top threats with a brief discussion of threat agents and attack vectors along with the countermeasures are mentioned so that the readers can find knowledge in this regard.
Relevance: This article is of paramount importance because it defines the importance of the topic of research. As the aim of the research is to expose the emerging cyber-attacks and the author of the article “On the Top Threats to Cyber Systems” reveals the importance of the cyber systems which is important for understanding the dependence over the cyber systems. In addition to this, the article is found worth reading because it reveals the emerging cybercrimes and ways of protection too. The study is found relevant because it reveals that cyber systems are important nowadays because they are used in the business systems, control systems, and for accessing the control systems. In other words, the articles provide an overview of the emerging threats and latest trends in the cyber systems.
Source#2
Reference: Parn, E. A., & Edwards, D. (2019). Cyber threats confronting the digital built environment. Engineering, Construction and Architectural Management.
Summary: This article determines the cyber systems attack in the sector of the digital built environment. The study gives the idea of emerging crimes that are made to threat the digital and physical assets that are used to form the digital economies. These threats are often made to affect the critical infrastructure of the smart cities. These smart cities are comprised of the cyber systems which also increase the national wealth, preserve health, and provide safety and welfare to the nation. In this regard, it is important to protect the cyber systems from the critical and emerging threats. Additionally, the article reveals the safe an ...
The document discusses trends and challenges in internet of things (IoT) from an information systems perspective. It describes IoT as involving the interconnection of heterogeneous networked entities through various communication patterns like human-to-human and machine-to-machine. The document outlines security and privacy as major issues in IoT due to the heterogeneity of devices, dynamicity of networks, and need to protect data. It reviews existing research that proposes solutions for these issues but identifies drawbacks like lack of testing on real heterogeneous devices and not addressing communication between different devices.
Problems With Battling Malware Have Been Discussed, Moving...Deb Birch
This document discusses several new methods for detecting malware, including CPU analyzers, holography, eigenvirus detection, differential fault analysis, and whitelist protection. It notes that due to a focus on deobfuscation, these ideas have only recently been explored and are still underdeveloped. Specific methods like CPU analyzers and holography are examined in more detail.
The mimetic virus A vector for cyberterrorismNicholas Ayres
The document discusses the potential for a "mimetic virus" to be used as a vector for cyberterrorism against the general public. It presents research involving a survey of 100 participants about their understanding and fear of cyberterrorism. The survey found that while participants had some knowledge of cyberterrorism, their fear of an attack was initially low. Participants were then shown a fabricated video claiming to depict a real computer virus that caused laptop batteries to explode. The data showed this increased participants' fear levels and likely to modify their future behaviors. The research suggests a mimetic virus could be an effective method for cyberterrorists to target and influence the general public, though the ability of such a virus to spread via social media is unclear.
Capture the flag (CTF) competitions involve finding hidden "flags" within challenges to test cybersecurity skills. Ethical hacking involves authorized attempts to hack systems to find vulnerabilities from a malicious attacker's perspective in order to improve security. The cyber kill chain describes the steps an attacker takes which include reconnaissance, scanning systems, and gaining access.
The document provides an overview of cybersecurity threats in the first half of 2013. Key points include:
- Exploit attacks targeting known Java vulnerabilities accounted for about half of all detections, focusing on CVE-2013-1493 and CVE-2011-3544.
- The ZeroAccess botnet was active spreading via exploit kits and Java exploits, with potential monthly profits from Bitcoin mining estimated at over $50,000.
- Ransomware called "Anti Child Porn Spam Protection" circulated in March and April.
- APT attacks often use specially crafted documents as bait targeting people in specific organizations or fields.
- The first Android malware spread through spam emails was
Encountering social engineering activities with a novel honeypot mechanismIJECEIAES
Communication and conducting businesses have eventually transformed to be performed through information and communication technology (ICT). While computer network security challenges have become increasingly significant, the world is facing a new era of crimes that can be conducted easily, quickly, and, on top of all, anonymously. Because system penetration is primarily dependent on human psychology and awareness, 80% of network cyberattacks use some form of social engineering tactics to deceive the target, exposing systems at risk, regardless of the security system's robustness. This study highlights the significance of technological solutions in making users more safe and secure. Throughout this paper, a novel approach to detecting and preventing social engineering attacks will be proposed, combining multiple security systems, and utilizing the concept of Honeypots to provide an automated prevention mechanism employing artificial intelligence (AI). This study aims to merge AI and honeypot with intrusion prevention system (IPS) to detect social engineering attacks, threaten the attacker, and restrict his session to keep users away from these manipulation tactics.
The document discusses the rise of unknown malware, which is malware that is not recognized by antivirus systems. In 2014, Check Point found that 41% of organizations downloaded at least one file containing unknown malware, a 25% increase from the previous year. Unknown malware downloads occurred at a staggering rate of 106 per hour, 48 times higher than the previous year. Unknown malware has become popular among hackers because it is easy to create variants of existing malware that can evade detection. Check Point researchers demonstrated how simple modifications could turn known malware into unknown malware that security systems would not recognize. The rapid growth of unknown malware poses a major threat as most organizations lack defenses against zero-day and unknown attacks.
This document discusses trends and challenges related to the Internet of Things (IoT). It provides definitions and examples of key concepts in IoT including human-to-human, human-to-thing, machine-to-machine, and thing-to-thing communication patterns. The document also discusses issues around heterogeneity, dynamicity, and evolution in IoT networks. It describes some common security issues in IoT like denial of service attacks, eavesdropping, and physical damage. Additionally, it notes that privacy, security, and data hacking are major concerns for IoT and discusses the need for new legal approaches and suitable security solutions to guarantee confidentiality, access control, and privacy for users and devices.
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...Cyber Security Alliance
Threats, risks, actors, trends, attack techniques, defense issues and possible future scenarios for Critical Infrastructures in the age of cyber insecurity.
Case Study On Social Engineering Techniques for Persuasion Full Text graphhoc
This document discusses case studies on using social engineering techniques to spread spyware on Linux systems. In three case studies, the authors were able to use social engineering to successfully install a spyware program on Linux systems 100% of the time by exploiting users' interests and trust. The document advocates for user education as the best prevention against social engineering attacks, as software defenses cannot prevent attacks targeting human psychology.
Behaviorism is a psychological approach that views learning as conditioned responses to stimuli and looks to reward and punishment to shape behavior. Key theorists include Ivan Pavlov who demonstrated classical conditioning through his dog experiments, Edward Thorndike who proposed the Law of Effect that behaviors followed by reward become stronger, John Watson who believed behavior results from specific stimuli and responses, and B.F. Skinner who developed operant conditioning which examines the causes and consequences of actions. Behaviorism influenced education by advocating a system of rewards, targets, and breaking learning into small steps from simple to complex tasks.
Call of Duty: Black Ops was a first person shooter video game released in 2010 that sold over 25 million copies. It took place during the Cold War focusing on CIA clandestine operations. An extensive marketing campaign was used including trailers on sports games, partnerships with celebrities and Chrysler, and downloadable content to keep the game popular. The campaign aimed to reach the target demographic of young adult males and maximize sales through widespread promotion across media platforms.
Confucianism was founded in China around 500 BCE by Confucius, who was concerned by the fracturing of Chinese society. He believed social order and mutual respect could cure this. Confucianism teaches an all-encompassing humanism that values family, peace, justice, and devotion to others. It had a profound influence on China by shaping education, government, and social attitudes and etiquette for over 2000 years. Confucius is still considered the most influential philosopher in Chinese history.
The document discusses case study research design. It begins by explaining that case studies are appropriate for research questions starting with "how" or "why". It then describes different types of case study designs including holistic vs embedded, single vs multiple case, and exploratory vs explanatory vs descriptive vs confirmatory purposes. Finally, it notes that case study research design depends on the paradigmatic framework including epistemological project, ontological perspective, and methodological protocol.
This document provides an overview of case study research. It defines case study research as an approach that facilitates in-depth exploration of a phenomenon within its real-world context using multiple data sources. Case studies can be explanatory, exploratory, or descriptive in nature. Key components of case study research include determining the research questions, unit of analysis, sources of evidence, and criteria for interpreting findings. The document also discusses techniques for analyzing case study evidence such as pattern matching, explanation building, time-series analysis, logic models, and cross-case synthesis.
This document provides an overview of case study research methods. It defines a case study as an in-depth analysis of a single entity within its real-world context. The document discusses case study paradigms, types including intrinsic and instrumental, purposes such as explanatory and exploratory, designs including single and multiple case, methodology involving data collection from documentation and interviews, and analysis techniques like pattern matching. It also reviews issues in reporting case studies and lists some merits like understanding contemporary contexts and demerits like lack of generalization.
Artificial intelligence (AI) is everywhere, promising self-driving cars, medical breakthroughs, and new ways of working. But how do you separate hype from reality? How can your company apply AI to solve real business problems?
Here’s what AI learnings your business should keep in mind for 2017.
Study: The Future of VR, AR and Self-Driving CarsLinkedIn
We asked LinkedIn members worldwide about their levels of interest in the latest wave of technology: whether they’re using wearables, and whether they intend to buy self-driving cars and VR headsets as they become available. We asked them too about their attitudes to technology and to the growing role of Artificial Intelligence (AI) in the devices that they use. The answers were fascinating – and in many cases, surprising.
This SlideShare explores the full results of this study, including detailed market-by-market breakdowns of intention levels for each technology – and how attitudes change with age, location and seniority level. If you’re marketing a tech brand – or planning to use VR and wearables to reach a professional audience – then these are insights you won’t want to miss.
X-ware: a proof of concept malware utilizing artificial intelligenceIJECEIAES
Recent years have witnessed a dramatic growth in utilizing computational intelligence techniques for various domains. Coherently, malicious actors are expected to utilize these techniques against current security solutions. Despite the importance of these new potential threats, there remains a paucity of evidence on leveraging these research literature techniques. This article investigates the possibility of combining artificial neural networks and swarm intelligence to generate a new type of malware. We successfully created a proof of concept malware named X-ware, which we tested against the Windows-based systems. Developing this proof of concept may allow us to identify this potential threat’s characteristics for developing mitigation methods in the future. Furthermore, a method for recording the virus’s behavior and propagation throughout a file system is presented. The proposed virus prototype acts as a swarm system with a neural network-integrated for operations. The virus’s behavioral data is recorded and shown under a complex network format to describe the behavior and communication of the swarm. This paper has demonstrated that malware strengthened with computational intelligence is a credible threat. We envisage that our study can be utilized to assist current and future security researchers to help in implementing more effective countermeasures.
The document discusses the security challenges posed by the Internet of Things (IoT). It states that while the IoT concept and some security issues are not new, the scale of IoT networks, the heterogeneity of devices, reliance on cloud computing, and exposure of connected devices create new challenges for securing the IoT. Some key issues mentioned are that IoT is developing faster than laws and standards around security, different devices and platforms may have incompatible security measures, and many potential problems are simply existing security issues magnified by the massive scale of IoT infrastructure. Securing the IoT is seen as both a technological and business challenge that boards of directors need to address due to litigation risks for brands.
Running Head ANNOTATED BIBLIOGRAPHYANNOTATED BIBLIOGRAPHY .docxhealdkathaleen
Running Head: ANNOTATED BIBLIOGRAPHY
ANNOTATED BIBLIOGRAPHY 6
Annotated Bibliography on Emerging Cyber Threats
[Name of Institution]
[Name of Writer]
Annotated Bibliography on Emerging Cyber Threats
Source#1
Reference: Kettani, H., & Wainwright, P. (2019, March). On the Top Threats to Cyber Systems. In 2019 IEEE 2nd International Conference on Information and Computer Technologies (ICICT) (pp. 175-179). IEEE.
Summary: This article reveals the threats to the cyber systems even some of them are not known to the common people. The article defines that the latest technology has advanced the cyber systems and these advancements are attractive and beneficial in comparison to the previous systems. However, due to this sophisticated and attractive advancement the individuals, societies, and nations had become dependent on the cyber systems. These systems result in the higher gain and ease of handling since people had relying on the cyber systems. Moreover, the author argues that for the adoption of the proper defense and mitigations to the threats it is necessary to understand cyber threats. The top threats with a brief discussion of threat agents and attack vectors along with the countermeasures are mentioned so that the readers can find knowledge in this regard.
Relevance: This article is of paramount importance because it defines the importance of the topic of research. As the aim of the research is to expose the emerging cyber-attacks and the author of the article “On the Top Threats to Cyber Systems” reveals the importance of the cyber systems which is important for understanding the dependence over the cyber systems. In addition to this, the article is found worth reading because it reveals the emerging cybercrimes and ways of protection too. The study is found relevant because it reveals that cyber systems are important nowadays because they are used in the business systems, control systems, and for accessing the control systems. In other words, the articles provide an overview of the emerging threats and latest trends in the cyber systems.
Source#2
Reference: Parn, E. A., & Edwards, D. (2019). Cyber threats confronting the digital built environment. Engineering, Construction and Architectural Management.
Summary: This article determines the cyber systems attack in the sector of the digital built environment. The study gives the idea of emerging crimes that are made to threat the digital and physical assets that are used to form the digital economies. These threats are often made to affect the critical infrastructure of the smart cities. These smart cities are comprised of the cyber systems which also increase the national wealth, preserve health, and provide safety and welfare to the nation. In this regard, it is important to protect the cyber systems from the critical and emerging threats. Additionally, the article reveals the safe an ...
The document discusses trends and challenges in internet of things (IoT) from an information systems perspective. It describes IoT as involving the interconnection of heterogeneous networked entities through various communication patterns like human-to-human and machine-to-machine. The document outlines security and privacy as major issues in IoT due to the heterogeneity of devices, dynamicity of networks, and need to protect data. It reviews existing research that proposes solutions for these issues but identifies drawbacks like lack of testing on real heterogeneous devices and not addressing communication between different devices.
Problems With Battling Malware Have Been Discussed, Moving...Deb Birch
This document discusses several new methods for detecting malware, including CPU analyzers, holography, eigenvirus detection, differential fault analysis, and whitelist protection. It notes that due to a focus on deobfuscation, these ideas have only recently been explored and are still underdeveloped. Specific methods like CPU analyzers and holography are examined in more detail.
The mimetic virus A vector for cyberterrorismNicholas Ayres
The document discusses the potential for a "mimetic virus" to be used as a vector for cyberterrorism against the general public. It presents research involving a survey of 100 participants about their understanding and fear of cyberterrorism. The survey found that while participants had some knowledge of cyberterrorism, their fear of an attack was initially low. Participants were then shown a fabricated video claiming to depict a real computer virus that caused laptop batteries to explode. The data showed this increased participants' fear levels and likely to modify their future behaviors. The research suggests a mimetic virus could be an effective method for cyberterrorists to target and influence the general public, though the ability of such a virus to spread via social media is unclear.
Capture the flag (CTF) competitions involve finding hidden "flags" within challenges to test cybersecurity skills. Ethical hacking involves authorized attempts to hack systems to find vulnerabilities from a malicious attacker's perspective in order to improve security. The cyber kill chain describes the steps an attacker takes which include reconnaissance, scanning systems, and gaining access.
The document provides an overview of cybersecurity threats in the first half of 2013. Key points include:
- Exploit attacks targeting known Java vulnerabilities accounted for about half of all detections, focusing on CVE-2013-1493 and CVE-2011-3544.
- The ZeroAccess botnet was active spreading via exploit kits and Java exploits, with potential monthly profits from Bitcoin mining estimated at over $50,000.
- Ransomware called "Anti Child Porn Spam Protection" circulated in March and April.
- APT attacks often use specially crafted documents as bait targeting people in specific organizations or fields.
- The first Android malware spread through spam emails was
Encountering social engineering activities with a novel honeypot mechanismIJECEIAES
Communication and conducting businesses have eventually transformed to be performed through information and communication technology (ICT). While computer network security challenges have become increasingly significant, the world is facing a new era of crimes that can be conducted easily, quickly, and, on top of all, anonymously. Because system penetration is primarily dependent on human psychology and awareness, 80% of network cyberattacks use some form of social engineering tactics to deceive the target, exposing systems at risk, regardless of the security system's robustness. This study highlights the significance of technological solutions in making users more safe and secure. Throughout this paper, a novel approach to detecting and preventing social engineering attacks will be proposed, combining multiple security systems, and utilizing the concept of Honeypots to provide an automated prevention mechanism employing artificial intelligence (AI). This study aims to merge AI and honeypot with intrusion prevention system (IPS) to detect social engineering attacks, threaten the attacker, and restrict his session to keep users away from these manipulation tactics.
The document discusses the rise of unknown malware, which is malware that is not recognized by antivirus systems. In 2014, Check Point found that 41% of organizations downloaded at least one file containing unknown malware, a 25% increase from the previous year. Unknown malware downloads occurred at a staggering rate of 106 per hour, 48 times higher than the previous year. Unknown malware has become popular among hackers because it is easy to create variants of existing malware that can evade detection. Check Point researchers demonstrated how simple modifications could turn known malware into unknown malware that security systems would not recognize. The rapid growth of unknown malware poses a major threat as most organizations lack defenses against zero-day and unknown attacks.
This document discusses trends and challenges related to the Internet of Things (IoT). It provides definitions and examples of key concepts in IoT including human-to-human, human-to-thing, machine-to-machine, and thing-to-thing communication patterns. The document also discusses issues around heterogeneity, dynamicity, and evolution in IoT networks. It describes some common security issues in IoT like denial of service attacks, eavesdropping, and physical damage. Additionally, it notes that privacy, security, and data hacking are major concerns for IoT and discusses the need for new legal approaches and suitable security solutions to guarantee confidentiality, access control, and privacy for users and devices.
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...Cyber Security Alliance
Threats, risks, actors, trends, attack techniques, defense issues and possible future scenarios for Critical Infrastructures in the age of cyber insecurity.
Case Study On Social Engineering Techniques for Persuasion Full Text graphhoc
This document discusses case studies on using social engineering techniques to spread spyware on Linux systems. In three case studies, the authors were able to use social engineering to successfully install a spyware program on Linux systems 100% of the time by exploiting users' interests and trust. The document advocates for user education as the best prevention against social engineering attacks, as software defenses cannot prevent attacks targeting human psychology.
Since Kevin Mitnick coined the phrase in 2002, the cybersecurity industry has been awash with the phrase 'the human factor is the weakest link’. From vendors to researchers, engineers, hackers, and journalists, we are all fond of blaming the ‘dumb users’. In this talk I argue that when we say that the ‘human being is the weakest link in cybersecurity’, not only are we telling a lie, we are inevitably setting ourselves up for a fall.
The document provides an overview of cyber risks and proposes a governance framework to manage those risks. It defines key concepts like cyber, security, threats and governance. It then presents a meta-model and framework with four core concepts: risks, response, reputation and resources that revolve around an organization's cyber ecosystem. The framework is intended to provide high-level guidance for executives on continuously governing cyber risks through a strategic approach.
Effective classification of android malware families through dynamic features...GiacomoCocozziello
The document discusses a study that aimed to develop an effective machine learning model for classifying Android malware families. It proposes a new dataset called UnisaMalwareDataset (UMD) which was created by extracting static and dynamic features from Android apps using the CuckooDroid sandbox. Experiments were conducted using common machine learning and deep learning techniques to demonstrate that efficient malware classification can be achieved by training models on the proposed dataset.
Security techniques for intelligent spam sensing and anomaly detection in onl...IJECEIAES
The recent advances in communication and mobile technologies made it easier to access and share information for most people worldwide. Among the most powerful information spreading platforms are the Online Social Networks (OSN)s that allow Internet-connected users to share different information such as instant messages, tweets, photos, and videos. Adding to that many governmental and private institutions use the OSNs such as Twitter for official announcements. Consequently, there is a tremendous need to provide the required level of security for OSN users. However, there are many challenges due to the different protocols and variety of mobile apps used to access OSNs. Therefore, traditional security techniques fail to provide the needed security and privacy, and more intelligence is required. Computational intelligence adds high-speed computation, fault tolerance, adaptability, and error resilience when used to ensure security in OSN apps. This research provides a comprehensive related work survey and investigates the application of artificial neural networks for intrusion detection systems and spam filtering for OSNs. In addition, we use the concept of social graphs and weighted cliques in the detection of suspicious behavior of certain online groups and to prevent further planned actions such as cyber/terrorist attacks before they happen.
This document summarizes a research paper on smartphone security and protection practices. The paper identifies several mobile security threats, including phishing apps, supply chain compromise, and crypto miners embedded in games. It also outlines key best practices like using strong authentication, regularly updating apps and OS, enabling encryption and remote data wiping. A survey was conducted to assess usage of these practices among 167 mobile users. The findings showed fingerprint scanning was the most common authentication method, while automatic backups and updates were also widely used. The paper concludes that balancing security and usability will remain an ongoing challenge as the mobile landscape continues to evolve.
Similar to Cognitive approach for social engineering (How to force smart people to do dumb things) (20)
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceIndexBug
Imagine a world where machines not only perform tasks but also learn, adapt, and make decisions. This is the promise of Artificial Intelligence (AI), a technology that's not just enhancing our lives but revolutionizing entire industries.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Cognitive approach for social engineering (How to force smart people to do dumb things)
1. Cognitive approach for social engineering How to force smart people to do dumb things. Enrico Frumento, CEFRIEL, Politecnico di Milano (IT) Claudio Lucchiari, Gabriella Pravettoni,Mario Andrea Valori, IRIDe(InterdisciplinaryResearch and Intervention on Decision), Center Università di Milano (IT) www.cefriel.it
2. Aim and main contribution of this paper Understand the importance of Cognitive Sciences for the study of Social Engineering Perform a real and controlled phishing vulnerability assessment with real business users Address countermeasures 2 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
3. Structure of the presentation How psychology contributes to security malware 2.0 Memetics what else? Our view of Social Engineering Social engineering 2.0 Cognitive approach An early study: Mobile World and SMSishing Results So far.. What’s to come.. 3 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
4. Structure of the presentation How psychology contributes to security malware 2.0 Memetics what else? Our view of Social Engineering Social engineering 2.0 Cognitive approach An early study: Mobile World and SMSishing Results So far.. What’s to come.. 4 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
5.
6. How extensively is psychological modeling used?Social Engineering: Memetics, Cognitive Sciences 5 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
7. Where are virus anyway? Malware 2.0 6 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
8. Malware 2.0 The Malware 2.0 model is characterized as follows: the absence of a single command and control center for networks of infected computers the active use of methods to combat the analysis of malicious code and attempts to gain control over a botnet short-lived mass mailings of malicious code Effective use of Social Engineering the use of a range of methods to spread malicious programs and a gradual move away from the use of methods (e.g. email) which attract attention using a range of modules (rather than a single one) in order to deliver a range of malicious payloads Malware as-a-service Source: KasperskyLabs 7 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
9. Trojans, trojans and again trojans.. Source: KasperskyLabs 8 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
10. Another way to view this trend.Malware & PUP Unique families from 1997 to 2007 ..and this trend from 2008 to 2009 is even worst.. Source: McAfee Journal 9 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
19. Strong contextualization of hooks (eg. Using social networks or linked-data)10 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
20. EARLY EVIDENCESHow do hackers bypass security? Take advantage of common weaknesses People don’t understand the technology Online Viewer Exploits People caught off guard Phishing Snail mail phishing People trust other people Hijack domain: typosquatting People trust the system Hacking RFID, telefonia People in a hurry ATM scam People get careless Social engineering, easier than it sounds… Source: Forgotten, sorry! But was taken from a two years ago conference 11 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
21. The Human ELEMENT OF SECURITY The essential change with modern malware is that the human element could be exploited even for automated attacks 12 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
22. How can we model and handle the human problem? Which approaches have been tried so far? 13 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
23. An Early Approach: memetics Memetics is a science that studies how memes (ideas) spread and evolves. "Meme" is an abbreviation of "mimeme" a greek word that means «imitation», it is the cultural equivalent of gene for biologists. It do exists a powerful analogy between the transmission and evolution of memes and the transmission and evolution of genes. The memetics is a «science» that applies the Darwinian evolution law (Universal Darwinism) to ideas transmission and evolution. This idea is really useful to model Social Engineering attacks: Virus of the mind, R. Brodie Why Phishing Works, J.D. Tygar “Whatever Happened to the Unlikely Lads? A Hoaxing Metamorphosis”, D. Harley, R. Abrams, Virus Bulletin Conference, Sept 2009 14 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
27. Cognitive Science is a better methodological approach15 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
28. Another approach: cyberskepticism «Cyberskepticism: The Mind’s Firewall” It is taught to US Army Quite effective way of thinking Good for your own mind shaping process Needs a previously well performed motivation phase Almost a technique (a mental framework) rather than a theory
29. Structure of the presentation How psychology contributes to security malware 2.0 Memetics what else? Our approach to Social Engineering Social engineering 2.0 Cognitive approach An early study: Mobile World and SMSishing Results So far.. What’s to come.. 17 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
30. Into Modern Social Engineering Status of detected attacks “Complex” attacks, or innovative evolution of attacks techniques are seldom observed Spear phishing, smishing, complex social attack are techniques rarely detected at the moment All the recent reports state that this is going to change soon It’s the right moment to study them and develop countermeasures! 18 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
31. Into Modern Social Engineering phases of an attack 19 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
33. Structure of the presentation How psychology contributes to security malware 2.0 Memetics what else? Our view of Social Engineering Social engineering 2.0 Cognitive approach An early study: Mobile World and SMSishing Results So far.. What’s to come.. 21 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
34. Our work To perform this study we used a pure cognitive approach to our phishing attacks To further stress this, the attacks has been created by a cognitive science student and not by a technical skilled attacker. The study targeted about 5000 employees of four different corporations SMSishing Phishing Complete results will be published. This is a preview of only those about SMSishing 22 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
35. WHY DO WE STARTED WITH MOBILE TERMINALS? WIDESPREAD Currently mobile phone are the most common communication devices in the world Sources: Akamai, The State of the Internet, 1st Quarter, 2010 Report 5 billion SIM active - Ericsson Observatory, July 2010 CROSSCULTURAL Phones in the last 10 years has had the largest circulation in both developed and developing countries. CONNECTED This year the number of internet connections from mobile devices exceeds fixed connections Source: ITU (International Telecommunication Union) 23 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
42. Method and test We needed a benchmark On the same population we performed 3 similar tests on PCs and mobile terminals Test 1: Slightly contextualized mail a company new SOS password service Test 2: Quite generic spam special discounts for company’s employees Test 3: very slightly contextualized spam on SMS request to upgrade the terminal 26 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
43. First test: RUN on PC/laptop !!! please don't reply [automatic mail] !! ! Dear user, You've recently joined the company and have been issued a Corporate Intranet Login and a fist Corporate Intranet Password that you generated. A web interface, SOSPassword, is at your disposal to give you more autonomy when managing your passwords: http://ITservices.$corporation/sospassword@123.456.789.0 SOSPassword enables you to change and synchronize on line the password. For an easiest synchronization, the password expire after 120 days. ADVANTAGE: You won't have to call the helpdesk when you have forgotten your passwords or when they have expired, you can manage the change yourself in SOSPassword. FOR YOUR FIRST USE OF SOSPASSWORD: Log into SOSPassword with your Corporate Intranet Login and Corporate Intranet Password (only at first use) and create your 5 individual questions/responses [e.g. Your Favorite book, your maiden name, Your dog's name, etc]. These questions will then be used to authenticate you for future connections to SOSPassword. TIPS: - Add the URL to your favorite: http://ITservices.$corporation/sospassword@123.456.789.0 - Read the FAQ and Download the available User Guide. We thank you for your cooperation. 27 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
44. SECOND test: RUN on PC/laptop Dear Colleagues, As many of you already know our company has been engaged in a campaign aimed at providing benefits to their employees in the form of rebates and discounts for goods and services provided by Ns. partners. As I'm sure you already know a few weeks ago, the Apple computer company known around the world, unveiled its flagship long-awaited, the famous iPad. Under a business agreement signed by us with some vendors, all Ns. Employees will have the opportunity to enjoy a discount of 40% of the cost of this jewel of technology. Many security systems include a request to retrieve your password, these questions usually standardized, tend to deal with specific difficult for an outsider to discover what colors and favorite foods, first name or names of relatives and the like. Providing this information increases the chances of an attacker to access other systems. To take advantage of this and other great offers you only need to register in the database of our official supplier, through this link: http://$openservices/$corporation/offers necessarily using the corporate email. Is invited to make such entry is absolutely free and without any obligation to buy. Regards Office of Human Resources - $corporation NB: subscribe to the service indicated in this message requires more than a personal ID (must mail the company) the choice of a password. For security reasons you can not use the same password as that used for access to their corporate account. 28 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
45. Third test: RUN on mobile !!! please don't reply [automatic SMS] ! ! ! Dear user, for enforcing IT mobile defenses, your terminal must be upgraded. A new tool from IT internal service is available in the Intranet IT section. For upgrade, please use this link: http://ITservices.$corporation/securitypatch@123.456.789.0 We thank you for your cooperation. IT Security Services - $corporation 29 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
46. Which psychological effects we used.. These tests were built stressing two basic behaviors Assumption of truth (truth-bias): People are used to evaluate facts using an heuristic process (non Bayesian thinking) which is largely incomplete. Initial facts are integrated with assumptions «a priori» in a not analytic process. Stereotypical Thinking: people’s judgment is often done comparing events against their own model. The most common is the thief’s stereotype. An updated version is the phishing mail stereotype (e.g. syntax errors and semantic inconsistencies in the text). Founding studies come from psychology, cognitive science and marketing techniques 30 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
47.
48. Age: 12 under 30 | 370 over 30 and under 50 | 438 over 50
52. SOME statistic: Reaction times Graphical comparison between the reaction times SMSishing is “faster” than phishing 32 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
53. SOME statistic: calls to IT center Graphical comparison between callbacks to IT Center SMSishing originated far less doubts 33 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
54. Questions: what matters a lot? Question 1: Does team working matter? Answer: The phone belongs to the private sphere (the team does not work). Question 2: Does linguistic competencies matter? Answer: The phone carries too few data (linguistic expert don't have advantages) 34 (C) 2010 CEFRIEL & UniversitàStatale Milano
55. Questions: does training work? Question 3: Does classical training works with mobile users? Answer: Training performed poorly for mobile terminals Question 4: How long training results last? Answer: differences reside in the cognitive processes, the training despite performing poorly lasts longer 35 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
56. Question: which is the perfect attack? Fourth test: a contextualized SMSishing message Test1: an SMS using a contextualized hook but non standard look Test2: An MMS using also the Corporate’s look and logo NB: we only used information that any external attacker might obtain 36 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
57. What’s to come: Countermeasures Technical approach (block the terminals) Pros: easy to implement Cons: professional users don’t want blocked terminals, easily circumvented on most mobile platforms Cognitive approach (understanding the complexity of the terminal interactions) A wikinomics strategy proposal: a company guided collaborative peer-to-peer strategy for learning best practices Early results on a pilot test dropped failures from 20.49% to a promising 13.98% Try new learning procedures starting from the Neurocognitive Sciences Exploit beneficial effects of stress on learning processes “Multisensory” learning Using error theories developed for other sectors like for Medical Error Prevention 37 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano
58. Conclusion Thanks for your attention- 38 Vienna, DeepSec 2010 (C) 2010 CEFRIEL & UniversitàStatale Milano