The purpose of this paper is to provide a framework that allows for the development of a virtual lab that incorporates emerging technologies such as the Industrial Internet of Things and embedded systems while incorporating open source components. The global shortage of talent is a significant concern as organizations continue to embrace and roll out new technologies such as 5G, and Artificial Intelligence. Several countries such as those in developing countries face issues regarding technology use in the classroom. Thus, to provide a learning environment where cybersecurity and information systems concepts can be taught in an exploratory environment.
Challenges and Security Issues in Future IT Infrastructure ComponentsMubashir Ali
Over the past 2 decades, the information technology infrastructure has gone through an exponential change with the introduction and evolution of new technologies and trends. Organizations previously having their data on-premise and their infrastructure comprising of multiple server machines on multiple server racks and dedicated client personal computers (PCs) are moving towards cloud computing & virtualization to Smartphone and tablets. This rapid advancement and constant change, although increasing productivity for the organizations is resulting in a rising number of challenges and security issues for the organizations, their managers, IT administrators and technology architects. This paper discusses the future IT infrastructure components and the challenges & security issues that arise after their implementation that needs to be taken care of in order to get the full advantage of IT.
Cyber Security is a crucial and rising part of concern in the present age with a rapid increase in the graph of digitization. And with an increase in the activities in cyberspace, there is also an increase in the cyber-crimes. Handling the huge volumes of data with security has become an inevitable need of the hour. Antivirus software, Firewalls, and other technological solutions help to secure this data but are not sufficient enough to prevent the cybercrooks from destructing the network and stealing confidential information. This paper mainly focuses on the issues and challenges faced by cybersecurity. It also discusses the risks, cybersecurity techniques to curb cyber-crime, cyber ethics, and cyber trends.
The Internet of Things (IoT) promises to change the way enterprises connect, communicate, operate, and compete. At the same time, the IoT has left enterprise networks and IoT devices extremely vulnerable to security breaches. Current IoT devices and infrastructures are simply not equipped to tackle today’s sophisticated attack methods. Vulnerabilities can be easily exploited unless security is embedded from the inside out – from conception, deployment, and maintenance, to the network edge and across connected devices and infrastructures.
Challenges and Security Issues in Future IT Infrastructure ComponentsMubashir Ali
Over the past 2 decades, the information technology infrastructure has gone through an exponential change with the introduction and evolution of new technologies and trends. Organizations previously having their data on-premise and their infrastructure comprising of multiple server machines on multiple server racks and dedicated client personal computers (PCs) are moving towards cloud computing & virtualization to Smartphone and tablets. This rapid advancement and constant change, although increasing productivity for the organizations is resulting in a rising number of challenges and security issues for the organizations, their managers, IT administrators and technology architects. This paper discusses the future IT infrastructure components and the challenges & security issues that arise after their implementation that needs to be taken care of in order to get the full advantage of IT.
Cyber Security is a crucial and rising part of concern in the present age with a rapid increase in the graph of digitization. And with an increase in the activities in cyberspace, there is also an increase in the cyber-crimes. Handling the huge volumes of data with security has become an inevitable need of the hour. Antivirus software, Firewalls, and other technological solutions help to secure this data but are not sufficient enough to prevent the cybercrooks from destructing the network and stealing confidential information. This paper mainly focuses on the issues and challenges faced by cybersecurity. It also discusses the risks, cybersecurity techniques to curb cyber-crime, cyber ethics, and cyber trends.
The Internet of Things (IoT) promises to change the way enterprises connect, communicate, operate, and compete. At the same time, the IoT has left enterprise networks and IoT devices extremely vulnerable to security breaches. Current IoT devices and infrastructures are simply not equipped to tackle today’s sophisticated attack methods. Vulnerabilities can be easily exploited unless security is embedded from the inside out – from conception, deployment, and maintenance, to the network edge and across connected devices and infrastructures.
Novel authentication framework for securing communication in internet-of-things IJECEIAES
Internet-of-Things (IoT) offers a big boon towards a massive network of connected devices and is considered to offer coverage to an exponential number of the smart appliance in the very near future. Owing to the nascent stage of evolution of IoT, it is shrouded by security loopholes because of various reasons. Review of existing research-based solution highlights the usage of conventional cryptographic-based solution over the traditional mechanism of data forwarding process between IoT nodes and gateway. The proposed system presents a novel solution to this problem by a model that is capable of performing a highly secured and cost-effective authentication process. The proposed system introduces Authentication Using Signature (AUS) as well as Security with Complexity Reduction (SCR) for the purpose to resist participation of any form of unknown threats. The outcome of the model shows better security strength with faster response time and energy saving of the IoT nodes.
This approach mainly based on examines how many differences do exist between BlackBerry OS and new BlackBerry OS based on QNX OS. It highlights whether one techniques provide more easy implementation, investigation and handling or not, what common differences examiners may encounter and what they should as concept be involved to forensic handling with these platforms because a Playbook OS is completely a new approach.
http://hakin9.org/dont-be-mocked-secure-your-system-0512-2/
Malware threat analysis techniques and approaches for IoT applications: a reviewjournalBEEI
Internet of things (IoT) is a concept that has been widely used to improve business efficiency and customer’s experience. It involves resource constrained devices connecting to each other with a capability of sending data, and some with receiving data at the same time. The IoT environment enhances user experience by giving room to a large number of smart devices to connect and share information. However, with the sophistication of technology has resulted in IoT applications facing with malware threat. Therefore, it becomes highly imperative to give an understanding of existing state-of-the-art techniques developed to address malware threat in IoT applications. In this paper, we studied extensively the adoption of static, dynamic and hybrid malware analyses in proffering solution to the security problems plaguing different IoT applications. The success of the reviewed analysis techniques were observed through case studies from smart homes, smart factories, smart gadgets and IoT application protocols. This study gives a better understanding of the holistic approaches to malware threats in IoT applications and the way forward for strengthening the protection defense in IoT applications.
IoT and the implications on business IT architecture and securityDeniseFerniza
The basics of IoT, the security issues both personal and within businesses. These slides cover the basics of what IT and Business professionals should know when considering working with Cloud Computing and IoT devices.
A Novel Security Approach for Communication using IOTIJEACS
The Internet of Things (IOT) is the arrangement of physical articles or "things" introduced with equipment, programming, sensors, and framework accessibility, which enables these things to accumulate and exchange data. Here outlining security convention for the Internet of Things, and execution of this relating security convention on the inserted gadgets. This convention will cover the honesty of messages and verification of every customer by giving a productive confirmation component. By this venture the protected correspondence is executed on implanted gadgets.
SECURITY& PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN INTERNET OF THINGSIJNSA Journal
The idea to connect everything to anything and at any point of time is what vaguely defines the concept of
the Internet of Things (IoT). The IoT is not only about providing connectivity but also facilitating
interaction among these connected things. Though the term IoT was introduced in 1999 but has drawn
significant attention during the past few years, the pace at which new devices are being integrated into the
system will profoundly impact the world in a good way but also poses some severe queries about security
and privacy. IoT in its current form is susceptible to a multitudinous set of attacks. One of the most
significant concerns of IoT is to provide security assurance for the data exchange because data is
vulnerable to some attacks by the attackers at each layer of IoT. The IoT has a layered structure where
each layer provides a service. The security needs vary from layer to layer as each layer serves a different
purpose. This paper aims to analyze the various security and privacy threats related to IoT. Some attacks
have been discussed along with some existing and proposed countermeasures.
This article from Netmagic focuses on the security threats that a business enterprise face, such as threat mitigation in cloud, internet of things and mobility are the new normal in security.
Internet of Things IoT Anytime Anywhere Anything ConnectivityYogeshIJTSRD
This paper presents the key challenges in the domain of IoT. The key challenges associated with the development of IoT, industry as well as government, Industrial IoT systems, the related security and privacy challenges has been reviewed and presented. Vulnerability of Internet of Things systems have been improved with the advent of new computational systems for IoT. However, the current design of IoT does not effectively address the higher security requirements posed by those vulnerabilities. Many recent attacks on IoT systems have shown that novel security solutions are needed to protect this emerging system. Nidhi Chadha | Ramandeep Kaur "Internet of Things (IoT): Anytime-Anywhere-Anything Connectivity" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-3 , April 2021, URL: https://www.ijtsrd.com/papers/ijtsrd40008.pdf Paper URL: https://www.ijtsrd.com/computer-science/computer-network/40008/internet-of-things-iot-anytimeanywhereanything-connectivity/nidhi-chadha
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...ijccsa
The introduction of Internet of Things (IoT) applications into daily life has raised serious privacy concerns
among consumers, network service providers, device manufacturers, and other parties involved. This paper
gives a high-level overview of the three phases of data collecting, transmission, and storage in IoT systems
as well as current privacy-preserving technologies. The following elements were investigated during these
three phases:(1) Physical and data connection layer security mechanisms(2) Network remedies(3)
Techniques for distributing and storing data. Real-world systems frequently have multiple phases and
incorporate a variety of methods to guarantee privacy. Therefore, for IoT research, design, development,
and operation, having a thorough understanding of all phases and their technologies can be beneficial. In
this Study introduced two independent methodologies namely generic differential privacy (GenDP) and
Cluster-Based Differential privacy ( Cluster-based DP) algorithms for handling metadata as intents and
intent scope to maintain privacy and security of IoT data in cloud environments. With its help, we can
virtual and connect enormous numbers of devices, get a clearer understanding of the IoT architecture, and
store data eternally. However, due of the dynamic nature of the environment, the diversity of devices, the
ad hoc requirements of multiple stakeholders, and hardware or network failures, it is a very challenging
task to create security-, privacy-, safety-, and quality-aware Internet of Things apps. It is becoming more
and more important to improve data privacy and security through appropriate data acquisition. The
proposed approach resulted in reduced loss performance as compared to Support Vector Machine (SVM) ,
Random Forest (RF) .
An Investigation of Using Privilege Level System to Restrict Employers for Us...CSCJournals
This paper provides the security level for employees in the organization that prevents them to use or to browse some website that are not allowed to be seen during work time. However, there are many ready software tools have available which do the same task, but we will try finding a new algorithm to investigate the better solution for this research question. The main reason of our research is to provide an open source software that can be easily manipulated by providers rather than ready software. For example, tools that cannot be updated by the organization administrator (none open source software).
Novel authentication framework for securing communication in internet-of-things IJECEIAES
Internet-of-Things (IoT) offers a big boon towards a massive network of connected devices and is considered to offer coverage to an exponential number of the smart appliance in the very near future. Owing to the nascent stage of evolution of IoT, it is shrouded by security loopholes because of various reasons. Review of existing research-based solution highlights the usage of conventional cryptographic-based solution over the traditional mechanism of data forwarding process between IoT nodes and gateway. The proposed system presents a novel solution to this problem by a model that is capable of performing a highly secured and cost-effective authentication process. The proposed system introduces Authentication Using Signature (AUS) as well as Security with Complexity Reduction (SCR) for the purpose to resist participation of any form of unknown threats. The outcome of the model shows better security strength with faster response time and energy saving of the IoT nodes.
This approach mainly based on examines how many differences do exist between BlackBerry OS and new BlackBerry OS based on QNX OS. It highlights whether one techniques provide more easy implementation, investigation and handling or not, what common differences examiners may encounter and what they should as concept be involved to forensic handling with these platforms because a Playbook OS is completely a new approach.
http://hakin9.org/dont-be-mocked-secure-your-system-0512-2/
Malware threat analysis techniques and approaches for IoT applications: a reviewjournalBEEI
Internet of things (IoT) is a concept that has been widely used to improve business efficiency and customer’s experience. It involves resource constrained devices connecting to each other with a capability of sending data, and some with receiving data at the same time. The IoT environment enhances user experience by giving room to a large number of smart devices to connect and share information. However, with the sophistication of technology has resulted in IoT applications facing with malware threat. Therefore, it becomes highly imperative to give an understanding of existing state-of-the-art techniques developed to address malware threat in IoT applications. In this paper, we studied extensively the adoption of static, dynamic and hybrid malware analyses in proffering solution to the security problems plaguing different IoT applications. The success of the reviewed analysis techniques were observed through case studies from smart homes, smart factories, smart gadgets and IoT application protocols. This study gives a better understanding of the holistic approaches to malware threats in IoT applications and the way forward for strengthening the protection defense in IoT applications.
IoT and the implications on business IT architecture and securityDeniseFerniza
The basics of IoT, the security issues both personal and within businesses. These slides cover the basics of what IT and Business professionals should know when considering working with Cloud Computing and IoT devices.
A Novel Security Approach for Communication using IOTIJEACS
The Internet of Things (IOT) is the arrangement of physical articles or "things" introduced with equipment, programming, sensors, and framework accessibility, which enables these things to accumulate and exchange data. Here outlining security convention for the Internet of Things, and execution of this relating security convention on the inserted gadgets. This convention will cover the honesty of messages and verification of every customer by giving a productive confirmation component. By this venture the protected correspondence is executed on implanted gadgets.
SECURITY& PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN INTERNET OF THINGSIJNSA Journal
The idea to connect everything to anything and at any point of time is what vaguely defines the concept of
the Internet of Things (IoT). The IoT is not only about providing connectivity but also facilitating
interaction among these connected things. Though the term IoT was introduced in 1999 but has drawn
significant attention during the past few years, the pace at which new devices are being integrated into the
system will profoundly impact the world in a good way but also poses some severe queries about security
and privacy. IoT in its current form is susceptible to a multitudinous set of attacks. One of the most
significant concerns of IoT is to provide security assurance for the data exchange because data is
vulnerable to some attacks by the attackers at each layer of IoT. The IoT has a layered structure where
each layer provides a service. The security needs vary from layer to layer as each layer serves a different
purpose. This paper aims to analyze the various security and privacy threats related to IoT. Some attacks
have been discussed along with some existing and proposed countermeasures.
This article from Netmagic focuses on the security threats that a business enterprise face, such as threat mitigation in cloud, internet of things and mobility are the new normal in security.
Internet of Things IoT Anytime Anywhere Anything ConnectivityYogeshIJTSRD
This paper presents the key challenges in the domain of IoT. The key challenges associated with the development of IoT, industry as well as government, Industrial IoT systems, the related security and privacy challenges has been reviewed and presented. Vulnerability of Internet of Things systems have been improved with the advent of new computational systems for IoT. However, the current design of IoT does not effectively address the higher security requirements posed by those vulnerabilities. Many recent attacks on IoT systems have shown that novel security solutions are needed to protect this emerging system. Nidhi Chadha | Ramandeep Kaur "Internet of Things (IoT): Anytime-Anywhere-Anything Connectivity" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-3 , April 2021, URL: https://www.ijtsrd.com/papers/ijtsrd40008.pdf Paper URL: https://www.ijtsrd.com/computer-science/computer-network/40008/internet-of-things-iot-anytimeanywhereanything-connectivity/nidhi-chadha
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...ijccsa
The introduction of Internet of Things (IoT) applications into daily life has raised serious privacy concerns
among consumers, network service providers, device manufacturers, and other parties involved. This paper
gives a high-level overview of the three phases of data collecting, transmission, and storage in IoT systems
as well as current privacy-preserving technologies. The following elements were investigated during these
three phases:(1) Physical and data connection layer security mechanisms(2) Network remedies(3)
Techniques for distributing and storing data. Real-world systems frequently have multiple phases and
incorporate a variety of methods to guarantee privacy. Therefore, for IoT research, design, development,
and operation, having a thorough understanding of all phases and their technologies can be beneficial. In
this Study introduced two independent methodologies namely generic differential privacy (GenDP) and
Cluster-Based Differential privacy ( Cluster-based DP) algorithms for handling metadata as intents and
intent scope to maintain privacy and security of IoT data in cloud environments. With its help, we can
virtual and connect enormous numbers of devices, get a clearer understanding of the IoT architecture, and
store data eternally. However, due of the dynamic nature of the environment, the diversity of devices, the
ad hoc requirements of multiple stakeholders, and hardware or network failures, it is a very challenging
task to create security-, privacy-, safety-, and quality-aware Internet of Things apps. It is becoming more
and more important to improve data privacy and security through appropriate data acquisition. The
proposed approach resulted in reduced loss performance as compared to Support Vector Machine (SVM) ,
Random Forest (RF) .
An Investigation of Using Privilege Level System to Restrict Employers for Us...CSCJournals
This paper provides the security level for employees in the organization that prevents them to use or to browse some website that are not allowed to be seen during work time. However, there are many ready software tools have available which do the same task, but we will try finding a new algorithm to investigate the better solution for this research question. The main reason of our research is to provide an open source software that can be easily manipulated by providers rather than ready software. For example, tools that cannot be updated by the organization administrator (none open source software).
Design of an IT Capstone Subject - Cloud RoboticsITIIIndustries
This paper describes the curriculum of the three year IT undergraduate program at La Trobe University, and the faculty requirements in designing a capstone subject, followed by the ACM’s recommended IT curriculum covering the five pillars of the IT discipline. Cloud robotics, a broad multidisciplinary research area, requiring expertise in all five pillars with mechatronics, is an ideal candidate to offer capstone experiences to IT students. Therefore, in this paper, we propose a long term master project in developing a cloud robotics testbed, with many capstone sub-projects spanning across the five IT pillars, to meet the objectives of capstone experience. This paper also describes the design and implementation of the testbed, and proposes potential capstone projects for students with different interests.
Design of an IT Capstone Subject - Cloud RoboticsITIIIndustries
This paper describes the curriculum of the three year IT undergraduate program at La Trobe University, and the faculty requirements in designing a capstone subject, followed by the ACM’s recommended IT curriculum covering the five pillars of the IT discipline. Cloud robotics, a broad multidisciplinary research area, requiring expertise in all five pillars with mechatronics, is an ideal candidate to offer capstone experiences to IT students. Therefore, in this paper, we propose a long term
master project in developing a cloud robotics testbed, with many capstone sub-projects spanning across the five IT pillars, to meet the objectives of capstone experience. This paper also describes the design and implementation of the testbed, and proposes potential capstone projects for students with different interests.
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
In the IoT scenario, things at the edge can create significantly large amounts of data. Fog Computing has recently emerged as the paradigm to address the needs of edge computing in the Internet of Things (IoT) and Industrial Internet of Things (IIoT) applications. In a Fog Computing environment, much of the processing would take place closer to the edge in a router device, rather than having to be transmitted to the Fog. Authentication is an important issue for the security of fog computing since services are offered to massive-scale end users by front fog nodes.Fog computing faces new security and privacy challenges besides those inherited from cloud computing. Authentication helps to ensure and confirms a user's identity. The existing traditional password authentication does not provide enough security for the data and there have been instances when the password-based authentication has been manipulated to gain access into the data. Since the conventional methods such as passwords do not serve the purpose of data security, research worksare focused on biometric user authentication in fog computing environment. In this paper, we present biometric smartcard authentication to protect the fog computing environment.
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
In the IoT scenario, things at the edge can create significantly large amounts of data. Fog Computing has recently emerged as the paradigm to address the needs of edge computing in the Internet of Things (IoT) and Industrial Internet of Things (IIoT) applications. In a Fog Computing environment, much of the processing would take place closer to the edge in a router device, rather than having to be transmitted to the Fog. Authentication is an important issue for the security of fog computing since services are offered to massive-scale end users by front fog nodes.Fog computing faces new security and privacy challenges besides those inherited from cloud computing. Authentication helps to ensure and confirms a user's identity. The existing traditional password authentication does not provide enough security for the data and there have been instances when the password-based authentication has been manipulated to gain access into the data. Since the conventional methods such as passwords do not serve the purpose of data security, research worksare focused on biometric user authentication in fog computing environment. In this paper, we present biometric smartcard authentication to protect the fog computing environment.
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...IJNSA Journal
Multi-cloud is an advanced version of cloud computing that allows its users to utilize different cloud systems from several Cloud Service Providers (CSPs) remotely. Although it is a very efficient computing
facility, threat detection, data protection, and vendor lock-in are the major security drawbacks of this infrastructure. These factors act as a catalyst in promoting serious cyber-crimes of the virtual world. Privacy and safety issues of a multi-cloud environment have been overviewed in this research paper. The
objective of this research is to analyze some logical automation and monitoring provisions, such as monitoring Cyber-physical Systems (CPS), home automation, automation in Big Data Infrastructure (BDI), Disaster Recovery (DR), and secret protection. The Results of this research investigation indicate that it is possible to avoid security snags of a multi-cloud interface by adopting these scientific solutions methodically.
In the last few years, cloud computing has grown from being a promising business concept to one of the fastest growing segments of the IT industry. Now, recession-hit companies are increasingly realizing that simply by tapping into the cloud they can gain fast access to best-of-breed business applications or drastically boost their infrastructure resources, all at negligible cost. But as more and more information on individuals and companies is placed in the cloud, concerns are beginning to grow about just how safe an environment it is. This paper discusses security issues, requirements and challenges that cloud service providers (CSP) face during cloud engineering. Recommended security standards and management models to address these are suggested for technical and business community.
Challenges and Mechanisms for Securing Data in Mobile Cloud Computingijcnes
Cloud computing enables users to utilize the services of computing resources. Now days computing resources in mobile applications are being delivered with cloud computing. As there is a growing need for new mobile applications, usage of cloud computing can not be overlooked. Cloud service providers offers the services for the data request in a remote server. Virtualization aspect of cloud computing in mobile applications felicitates better utilization of resources. The industry needs to address the foremost security risk in the underlying technology. The cloud computing environment in mobile applications aggravated with various security problems. This paper addresses challenges in securing data in cloud for mobile Cloud computing and few mechanisms to overcome.
the world of technology is changing at an unprecedented pace, and th.docxpelise1
the world of technology is changing at an unprecedented pace, and these changes represent business opportunities as well as challenges. Mass connectivity and faster speeds create opportunities for businesses to network more devices, complete more transactions, and enhance transaction quality. Internet Protocol version 6 (IPv6) and Internet of things (IoT) are two such technologies that represent significant opportunities for strategic cybersecurity technology professionals to create lasting value for their organizations.
IoT is the phenomenon of connecting devices used in everyday life. It provides an interactive environment of human users and a myriad of devices in a global information highway, always on and always able to provide information. IoT connections happen among many types of devices — sensors, embedded technologies, machines, appliances, smart phones — all connected through wired and wireless networks.
Cloud architectures such as software as a service have allowed for big data analytics and improved areas such as automated manufacturing. Data and real-time analytics are now available to workers through wearables and mobile devices.
Such pervasive proliferation of IoT devices gives hackers avenues to gain access to personal data and financial information and increases the complexity of data protection. Given the increased risks of data breaches, newer techniques in data loss prevention should be examined.
Increased bandwidth and increased levels of interconnectivity have allowed data to become dispersed, creating issues for big data integrity. In such a world, even the financial transactions of the future are likely to be different — Bitcoin and digital currency may replace a large portion of future financial transactions.
To survive and thrive, organizational technology strategists must develop appropriate technology road maps. These strategists must consider appropriate function, protection, and tamper-proofing of these new communications and transactions.
It will be impossible to protect data by merely concentrating on protecting repositories such as networks or endpoints. Cybersecurity strategists have to concentrate on protecting the data themselves. They will need to ensure that the data are protected no matter where they reside.:
Step2
Select Devices and Technologies
By now, you have an idea of your team members and your role on the team project. Now, it's time to get the details about the devices and technologies needed to be included in the Strategic Technology Plan for Data Loss Prevention.
You should limit the scope of this project by selecting a set of devices and technologies which are most appropriate for data loss prevention for your business mission and future success. Based on your prior knowledge of your company and based on the project roles you agreed upon in the previous step, perform some independent research on the following topics and identify a set of devices and technologies that you propose for.
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionIJERA Editor
Cloud Computing is a heavily evolving domain in technology. Many public and private entities are shifting their workstations on the cloud due to its robust, remote, virtual environment. Due to the enormity of this domain, it has become increasingly easier to carry out any sort of malicious attacks on such cloud platforms. There is a very low research done to develop the theory and practice of cloud forensics. One of the main challenges includes the inability to collect enough evidence from each and every subscriber of a Cloud Service Provider(CSP) and thus not being able to trace out the roots of the malicious activity committed. In this paper we compare past research done in this field and address the gaps and loopholes in the frameworks previously suggested. Overcoming these, our system/framework facilitates the collection, organization, and thereby the analysis of the evidence sought, hence preserving the essential integrity of the sensitive and volatile data.
Cloud computing is a new term to provide application and hardware as service over the internet. Demand for cloud has increased dramatically in recent years. However, a major drawback for cloud adoption is lack of security so that we will try to solve some security issues related to cloud storage by design and implement a secure system to store privet data in cloud storage. This secure system provide secure login to cloud by using third parity authentication (smart phone) and one time password depend on chaotic system to prevent unauthorized people from get access to cloud and modified AES algorithms to encrypt the data in the cloud storage.
Network security is one of the foremost anxieties of the modern time. Over
the previous years, numerous studies have been accompanied on the
intrusion detection system. However, network security is one of the foremost
apprehensions of the modern era this is due to the speedy development and
substantial usage of altered technologies over the past period. The
vulnerabilities of these technologies security have become a main dispute
intrusion detection system is used to classify unapproved access and unusual
attacks over the secured networks. For the implementation of intrusion
detection system different approaches are used machine learning technique
is one of them. In order to comprehend the present station of application of
machine learning techniques for solving the intrusion discovery anomalies in
internet of thing (IoT) based big data this review paper conducted. Total 55
papers are summarized from 2010 and 2021 which were centering on the
manner of the single, hybrid and collaborative classifier design. This review
paper also includes some of the basic information like IoT, big data, and
machine learning approaches are discussed.
Understanding the Challenge of Cybersecurity in Critical Infrastructure SectorsMaurice Dawson
The cybersecurity of critical infrastructures is an essential topic within national and international security as 16 critical infrastructure sectors touch various aspects of American society. Because the failure to provide adequate cybersecurity controls within the critical infrastructure sectors renders the country open to an attack that could have a debilitating effect on security, national public health, safety, and economic security, this matter is so vital that there is the Presidential Policy Directive (PPD) 21 Critical Infrastructure Security and Resilience advances a national policy to strengthen and maintain secure, functioning and resilient critical infrastructure. An organization identified as the Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security (DHS) has the mission to be the risk advisor for the United States (US). Other organizations, such as the National Security Agency (NSA), have approved a specific Knowledge Unit (KU) to address cybersecurity for critical infrastructures associated with doctoral-level granting programs. To address this challenge, it is necessary to identify threats better and defend against them while mitigating risks to an acceptable level. Only then can a nation build a more secure and resilient infrastructure for the future while defending against present-day bad actors as cyberwarfare, cyber espionage, and cybersecurity attacks are the modern-day threats that need to be addressed in planning, designing, implementation, and maintenance. Therefore, the researchers developed a case study reviewing threats against different sectors defined in the PPD.
Unprotected Data: Your Risk of Internet-Enabled Psychological and Information...Maurice Dawson
Since the last elections in the United States, France, and other nations, fake news has become a tool to manipulate voters. This creation of fake news creates a problem that ripples through an entire society creating division. However, the media has not scrutinized enough on data misuse. Daily it appears that there are breaches causing millions of users to have their personal information taken, exposed, and sold on the Dark Web in exchange of encrypted currencies. Recently, news has surfaced of major social media sites allowing emails to be read without user consent.
Security Solutions for Hyperconnectivity in the Internet of ThingsMaurice Dawson
The Internet of Things describes a world in which smart technologies enable objects with a network to communicate with each other and interface with humans effortlessly. This connected world of convenience and technology does not come without its drawbacks, as interconnectivity implies hackability. This talk will discuss technical, human, societal, and policy issues concerning hyperconnectivity and IoT. Additionally, this talk will offer insights from cutting-edge research about the strategies and techniques that can be implemented to protect against cyber-attacks.
Unprepared for Cybersecurity in Saudi Arabia: Argument for a Shift Towards Cy...Maurice Dawson
In this paper, the researcher briefly discusses the attacks that have occurred recently within Saudi Arabia to entities such as Saudi Aramco to the Ministry of Health. These attacks are aggressions against government institutions that can render a sector vulnerable. Observing the ongoing attacks on critical infrastructure in Ukraine one can see a replication of similar attacks that could occur and spread over the Middle East. As this nation is a politically turbulent region, there is no small number of external threats. To combat these evolving threat, a shift towards cyber readiness must occur. This includes new laws, security hardened technologies, and education for people living in the kingdom.
An ever-evolving technological landscape also means a rapidly changing digital battlefield. The integration of intelligence, psychological operations, information warfare, data science, and cybersecurity has allowed for unparalleled events to be possible. This session is to explore the landscape and sample some of the applications to perform this exploration.
Newsletter editor's note p3
president's newsletter p4-6
MWAIS Recognizes Outstanding Officers p7
Highlights from MWAIS 2018 p8-11
Using Information Systems to aid the Agriculture Sector in West Africa p12-13
Establishing an Enterprise Security Architecture p14-16
MWAIS 2019 p17
Call for MWAIS Annual Conference Organizer p18
JMWAIS Call for Papers p19-20
2017-2018 MWAIS Executive Board p21
MWAIS New Members p22
Information Technology Use in West African Agriculture – challenges and oppor...Maurice Dawson
Many countries in the Economic Community of West African States (ECOWAS) are using Information Communications Technology (ICT) to enhance agriculture development and production. To do this efficiently the John Ogonowski and Doug Bereuter Farmer-to-Farmer Program managed for West Africa by Winrock International has been tasked with providing volunteer assignments to ministries of agriculture. The University of Missouri - Saint Louis (UMSL) has entered a partnership with Winrock International to offer upper-level undergraduate and graduate students the opportunity to provide technical assistance to international government entities. In this panel; we discuss findings and opportunities for improvement in Guinea and Senegal as they relate to ICT discovered through the onsite support provided.
The Case for IT Training within Guinea’s Ministry of Agriculture: Evaluating ...Maurice Dawson
This article critically analyzes a project executed for the The John Ogonowski and Doug Bereuter Farmer-to-Farmer Program which provides technical assistance with volunteers from the United States to farmers, agricultural institutions, and government organizations involved in agriculture such as the Ministry of Agriculture. In Guinea, the focus is on computer literacy as more sectors of agriculture rely on computing technology. These skills needs range from basic computing tasks such as creating databases to more advanced items such as programming Global Positional Systems. This study looks at findings, based on the analysis of the System Usability Scale results from a sample of 16 participants. The findings demonstrated that the training proved to be effective for the participants and continued training is necessary. As a result of training 62.5% of the participants ranked above average, as opposed to 43.6% prior to training.
Schedule for the 13th Annual Conference of the Midwest AIS Maurice Dawson
The 13th Annual Conference of the Midwest AIS will be held in St. Louis, Missouri, and is sponsored by the College of Business Administration at the University of Missouri – St. Louis (UMSL). MWAIS 2018 will provide an intimate environment to facilitate the sharing of ideas, and close interaction among participants. About 100 participants are expected from throughout the Midwest US, the neighboring states and Canadian provinces, and beyond.
With nearly 17,000 students, UMSL is the largest public research university in eastern Missouri. It provides excellent learning experiences and leadership opportunities to a diverse student body whose influence on the region upon graduation is immense. UMSL is spread across 470 acres in suburban St. Louis County. UMSL’s College of Business Administration is accredited by Association to Advance Collegiate Schools of Business (AACSB) International. UMSL is the region’s first and only NSA/DHS designated ‘Center of Academic Excellence in Cyber Defense Education’. The conference will be held at the the Anheuser-Busch Hall at UMSL.
Midwest Association for Information Systems - MWAIS2018Maurice Dawson
The 13th Annual Conference of the Midwest AIS will be held in St. Louis, Missouri, and is sponsored by the College of Business Administration at the University of Missouri – St. Louis (UMSL). MWAIS 2018 will provide an intimate environment to facilitate the sharing of ideas, and close interaction among participants. About 100 participants are expected from throughout the Midwest US, the neighboring states and Canadian provinces, and beyond.
The 13th Annual Conference of the Midwest AIS will be held in St. Louis, Missouri, and is sponsored by the College of Business Administration at the University of Missouri – St. Louis (UMSL). MWAIS 2018 will provide an intimate environment to facilitate the sharing of ideas, and close interaction among participants. About 100 participants are expected from throughout the Midwest US, the neighboring states and Canadian provinces, and beyond.
MWAIS 2018 : 13th Annual Conference of the Midwest Association for Informatio...Maurice Dawson
Midwest Association for Information Systems
13th Annual Conference
May 24 – 25, 2018
College of Business Administration
University of Missouri – Saint Louis
Saint Louis, Missouri
We invite submissions of completed manuscripts, research-in-progress papers, panel proposals, and workshop proposals addressing behavioral, organizational, and technical aspects of information systems. Two to three parallel sessions are planned. A computer lab will be available if needed. Submitted papers and proposals will undergo a double blind review process by at least two reviewers. To facilitate the blind review, include the title of the paper, names, affiliations, mailing addresses, e-mail addresses, and phone numbers of all authors on a cover page submitted as a separate document from the body of the manuscript. If one or more of the co-authors are students, please clearly indicate so. Include only the title of the paper at the beginning of the manuscript. In the case of multiple-authorship, designate the corresponding author with a footnote on the cover page. Please do not include any author or affiliation identification on any page (except the separate cover page), in headings/footers, or in the properties of the submitted file. Previously published work or work under review elsewhere is not eligible for submission. All submissions should be posted electronically in either MS Word or PDF.
Technological Advancements for Intelligence Collection, Analysis, and Dissemi...Maurice Dawson
Recently some countries have fell victim to attacks from nation-states, cyber criminals, and bad actors resulting in loss of critical data or damage to critical infrastructure. Thus there is an urgent need to design, implement, and deliver innovative solutions that meet the challenges through advancements in intellection collection, analysis. This submission will explore multiple aspects of the solutions side of cyber security and present cutting-edge research from researchers and practitioner around the world concerning multiple sources of intelligence. This submission will provide insights into technological advancement for all cyber intelligence. Additionally, technological advancements for subjects such as open source intelligence, human intelligence, geospatial intelligence, social media intelligence, and data science will be explored. Researchers, practitioners, and professionals will benefit from this publication’s broad perspective.
Hacking, Privacy and Security in a Hyperconnected SocietyMaurice Dawson
Data and technological advances are abounding at lightening speed. It is hard to stay on top of everything that is happening in these digitally disruptive times. But there has never been more important for companies and individuals to do so. Hacking, privacy, and security are on the minds of every corporation and private citizen. In this keynote, you will hear the latest trends in combating contrast threats to one’s security, how much more data can we possibly handle. The unknowing consumer of everyday products needs to be aware of what it means to have sensors, Radio Frequency IDentification (RFID), Bluetooth, and WiFi enabled products allowing Internet connectivity.
University of Missouri - Saint Louis Cyber SecurityMaurice Dawson
This presentation discusses UMSL's cyber security program which is currently the only and first NSA & DHS CAE in cyber security education in the St. Louis Metropolitan Region.
STAYING SAFE AND SECURED ON TODAY AND TOMORROW’S AFRICA CYBERSPACE WORKSHOP 2017Maurice Dawson
This is the most essential programme of the year around the dangers of cybercrime and how to manage safety within the most indispensable digital sphere & technology system. The reason is that, “Looking beyond Internet of Things (IoT) to Internet of Everything there is a potential market that is approximately $14.4 trillion and over 99% of physical devices are still unconnected.” ~Mo Dawson. Your participation give you golden access to a transcending Cyberspace picture, enhanced solution oriented capabilities as an ICT expert or practitioner, Telecommunications Corporates & Companies
Personnel, Aviation ICT Officials, Other Transportation controls network hubs, Business dealer in Cyberspace services provider or supplier, Academicians and researchers, Government Departments & Public service ICT systems Officials & staff, Students, general ICT security involvement and on top of that your enhanced multidimensional scope & prosperity out of this untapped gold mine is guaranteed.
Security Solutions for Hyperconnectivity and the Internet of ThingsMaurice Dawson
The Internet of Things describes a world in which smart technologies enable objects with a network to communicate with each other and interface with humans effortlessly. This connected world of convenience and technology does not come without its drawbacks, as interconnectivity implies hackability. Security Solutions for Hyperconnectivity and the Internet of Things offers insights from cutting-edge research about the strategies and techniques that can be implemented to protect against cyber-attacks.
Microblogging in higher education: Digital Natives, knowledge creation, socia...Maurice Dawson
With the rise of Web 2.0, microblogging has become a widely accepted phenomenon for sharing information. Moreover, the Twitter platform has become the tool of choice for universities looking to increase their digital footprint. However, scant research addresses the viability of microblogging as a tool to facilitate knowledge creation practices among higher education students. This paper proposes a model to explain how students, as digital natives, leverage the features of the Twitter microblogging for the transfer of knowledge. Finally, the paper examines the dark side of Twitter as a privacy-leaking platform and issues a call to higher institutions for specific security policies to prevent nefarious use.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Framework for the Development of Virtual Labs for Industrial Internet of Things and Hyperconnected Systems
1. Framework for the Development of Virtual Labs
for Industrial Internet of Things and
Hyperconnected Systems
Maurice Dawson a*, Francisco Garcia Martinez a, Pedro
Taveras b
a Illinois Institute of Technology, 10 West 35th Street, Chicago IL, 60616, USA
b Pontificia Universidad Catolica Madre y Maestra, Abraham Lincoln esq. Simón Bolivar,
Santo Domingo, 10108, Dominican Republic
8. Middle East Corporate
Attacks
1. Recently Saipem reported massive attacks
on their servers with the majority of the
attacks occurring in Saudi Arabia and the
Middle East (Albanese and Lepido, 2018).
This attack has brought up questions if it was
economic espionage or state-sponsored
information gathering as seen during
(Albanese and Lepido, 2018).
2. Approximately 94% of the companies in
the Middle East and Africa stated that
they had been a victim of a cyber attack in
the past year (Cisco, 2018). This is
frightening as this number shows that there
that it is no longer a risk of having a cyber
attack as this is an event that will occur.
Therefore, organizations in this region have
to adequately be prepared to encounter
attacks and recover depending upon the type
of attack.
9. Abstract
The purpose of this paper is to provide a framework that allows for the
development of a virtual lab that incorporates emerging technologies such as
the Industrial Internet of Things and embedded systems while incorporating
open source components. The global shortage of talent is a significant concern
as organizations continue to embrace and roll out new technologies such as 5G,
and Artificial Intelligence. Several countries such as those in developing countries
face issues regarding technology use in the classroom. Thus, to provide a
learning environment where cybersecurity and information systems concepts
can be taught in an exploratory environment.
10. RADISH
1. Remotely-Accessible Dynamic Infrastructure for Students
to Hack (RADISH) allows Illinois Institute of Technology
(IIT) School of Applied Technology (SAT) class
members to have full, unrestricted access to ForSec Lab
resources from any location and from nearly any
Internet-connected device. RADISH enables 24/7
access so students may work on their projects
continuously with no logistic concern.
2. RADISH was developed in 2010 as a replacement for
portable hard disk drives (HDDs) that were prepared
with several pre-configured virtual machines (VMs)
and distributed to students to complete in-class
laboratories and home exercises. By attaching these
HDDs to computers, students were able to determine
information based on the structure of the HDDs. The
physical existence aspect of the class was completely
eliminated by this new system. Classes became 100%
virtualized, and all the physical machines had their
virtual correspondent with remote access. The
system was originally designed to be an addition to the
class’s computer infrastructure; however, over the years,
RADISH has become the Cyber Forensics and Security
Laboratory’s main system, and the class laboratory acts
as an addition to RADISH.
11. Mission Framework
1. This framework ties in three themes.
1. The first of these themes is education as it
deals with establishing cybersecurity education
programs.
2. The next theme is the role of policy in
cybersecurity.
3. And the final theme covers the role of
echnology in cybersecurity. The Mission
Framework is shown in Fig. 1, which was used
to develop the learning environment.
2. Each policy required a different implementation
of a particular technology. Using this process
allows for educational components that can be
designed that reflect current policies.
3. Thus when an instructor needs to customize the
virtual lab to represent a specific country, then
they can use this framework as a guide to
ensure all components are considered to deploy
a virtual lab.
12. SAT - Cybersecurity Lab
The system diagram of the School of
Applied Technology Cybersecurity Lab
(SAT-CL) is shown in Figure 2.
Students can access the virtual lab
from several computing devices using a
remote desktop client. Once students
have been authenticated, they are
provided a Kali Linux Virtual Machine
(VM) from where they can gain access
to many systems beyond a
router/Domain Name System (DNS)
server. The system is scalable, in
which it allows for additional
components such as servers or images
of IoT devices to be added or removed.
13. Oracle Virtual Box
In Fig. 3, the current implementation is
shown that runs on any desktop or
laptop. The issue with this former
implementation is that it depends solely
on the end user’s computing
environment, such as the Central
Processing Unit (CPU), memory, and
hard disk space. However, the
applications such as the Kali VM and
vulnerable web server in Fig. 3 are all
found in Fig. 2, which is an expansion
of the virtual environment with an ability
to manage the complexity of the
network. This provides flexibility in what
concepts can be taught according to
specific laws and guidelines for a
particular mission.
14.
15.
16. Issues and Future Directions
There are indeed projects that have saved money
by adopting desktop virtualization, and most do
not see any ROI for at least a few years. To justify
the use of this type of technology for the proposed
objectives, the cost should not be a central
argument. This is because initially, licensing
costs and initial infrastructure far exceed the
initial benefits. VDI based projects generally
require investment in thin clients, and
improvements to storage and network
infrastructure, which can make it an expensive
project in the front end. To simulate basic
operations such as the use of office automation
applications, 200 kilobits of network bandwidth is
probably sufficient.
17. Conclusion
There are a few challenges in this implementation,
such as finding a fully open source virtual desktop
infrastructure. Other challenges are the Graphical
User Interface (GUI) remote desktop client. Further
issues are on hosting mobile device images and
ensuring the ability to have them operate as if hosted
on their native platform. The goal is to have a fully an
open source environment so that developing countries
are not burdened with the associated cost of software
licenses.