SlideShare a Scribd company logo

June 2021 - Top 10 Read Articles in Network Security and Its Applications

IJNSA Journal
IJNSA Journal

The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.

Engineering
1 of 44
Download to read offline
June 2021: Top 10 Read Articles in Network Security and Its Applications International Journal of Network Security & Its Applications (IJNSA) http://airccse.org/journal/ijnsa.html ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)
SECURITY & PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN INTERNET OF THINGS Faheem Masoodi1 Shadab Alam2 and Shams Tabrez Siddiqui2 1 Department of Computer Science, University of Kashmir, J&k, India 2 Department of Computer Science, Jazan University, KSA ABSTRACT The idea to connect everything to anything and at any point of time is what vaguely defines the concept of the Internet of Things (IoT). The IoT is not only about providing connectivity but also facilitating interaction among these connected things. Though the term IoT was introduced in 1999 but has drawn significant attention during the past few years, the pace at which new devices are being integrated into the system will profoundly impact the world in a good way but also poses some severe queries about security and privacy. IoT in its current form is susceptible to a multitudinous set of attacks. One of the most significant concerns of IoT is to provide security assurance for the data exchange because data is vulnerable to some attacks by the attackers at each layer of IoT. The IoT has a layered structure where each layer provides a service. The security needs vary from layer to layer as each layer serves a different purpose. This paper aims to analyze the various security and privacy threats related to IoT. Some attacks have been discussed along with some existing and proposed countermeasures. KEYWORDS Internet of Things, privacy, attacks, security, threats, protocols. For More Details : http://aircconline.com/ijnsa/V11N2/11219ijnsa05.pdf Volume Link : http://airccse.org/journal/jnsa19_current.html
REFERENCES [1] J. Gubbi, R. Buyya, S. Marusic, M. Palaniswami, Internet of things (IoT): a vision, architectural elements, and future directions, Future Gener. Comput. Syst. 29 (7) (2013) 1645–1660. [2] Roman, R., Najera, P., Lopez, J., 2011. Securing the internet of things. Computer 44 (9), 51_58. [3] Horrow, S., and Anjali, S. (2012). Identity Management Framework for Cloud-Based Internet of Things. SecurIT ’12 Proceedings of the First International Conference on Security of Internet of Things, 200– 203. 2012 [4] Whitmore, A., Agarwal, A., and Da Xu, L. (2014). The Internet of Things: A survey of topics and trends. Information Systems Frontiers, 17(2), 261– 274. [5] Aazam, M., St-Hilaire, M., Lung, C.-H., and Lambadaris, I. (2016). PRE-Fog: IoT trace based probabilistic resource estimation at Fog. 2016 13th IEEE Annual Consumer Communications and Networking Conference (CCNC), 12– 17. [6] Jiang, H., Shen, F., Chen, S., Li, K. C., and Jeong, Y. S. (2015). A secure and scalable storage system for aggregate data in IoT. Future Generation Computer Systems, 49, 133– 141. [7] Li, S., Tryfonas, T., and Li, H. (2016). The Internet of Things: a security point of view. Internet Research, 26(2), 337– 359. [8] A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, and M. Ayyash. Internet of things: A survey on enabling technologies, protocols, and applications. IEEE Communications Surveys Tutorials, 17(4):2347–2376, Fourth quarter 2015. [9] Pongle, P., and Chavan, G. (2015). A survey: Attacks on RPL and 6LoWPAN in IoT. 2015 International Conference on Pervasive Computing: Advance Communication Technology and Application for Society, ICPC 2015, 0(c), 0–5 [10] Tsai, C.-W., Lai, C.-F., and Vasilakos, A. V. (2014). Future Internet of Things: open issues and challenges. Wireless Networks, 20(8), 2201–2217. [11] V. Karagiannis, P. Chatzimisios, F. Vazquez-Gallego, and J. Alonso-Zarate, "A survey on application layer protocols for the internet of things," Transaction on IoT and Cloud Computing, vol. 3, no. 1, pp. 11-17, 2015 [12] D. Locke, "MQ telemetry transport (MQTT) v3. 1 protocol specification," IBM Developer WorksTechnicalLibrary,2010, http://www.ibm.com/developerworks/webservices/library/wsmqtt/index.html
[13] M. Singh, M. Rajan, V. Shivraj, and P. Balamuralidhar, "Secure MQTT for the Internet of Things (IoT)," in Fifth International Conference on Communication Systems and Network Technologies (CSNT 2015), April 2015, pp. 746-751. [14] OASIS, "OASIS Advanced Message Queuing Protocol (AMQP) Version 1.0," 2012, http://docs.oasis-open.org/amqp/core/v1.0/os/amqp-core-complete-v1.0-os.pdf [15] T. Winter, et al., "RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks," IETF RFC 6550, Mar. 2012, http://www.ietf.org/rfc/rfc6550.txt [16] A. Aijaz and A. Aghvami, "Cognitive machine-to-machine communications for internet- of-things: A protocol stack perspective," IEEE Internet of Things Journal, vol. 2, no. 2, pp. 103-112, April 2015, [17] http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=7006643 [18] Z. Zhou, B. Yao, R. Xing, L. Shu, and S. Bu, "E-CARP: An energy-efficient routing protocol for UWSNs on the internet of underwater things," IEEE Sensors Journal, vol. PP, no. 99, 2015, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7113774 [19] D. Dujovne, T. Watteyne, X. Vilajosana, and P. Thubert, "6TiSCH: Deterministic IP- enabled industrial internet (of things)," IEEE Communications Magazine, vol. 52, no.12, pp. 36-41, December 2014, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6979984 [20] M. Hasan, E. Hossain, D. Niyato, "Random access for machine-to-machine communication in LTEadvanced networks: issues and approaches," in IEEE Communications Magazine, vol. 51, no. 6, pp.86-93, June 2013, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=6525600 [21] Z-Wave, "Z-Wave Protocol Overview," v. 4, May 2007, https://wiki.ase.tut.fi/courseWiki/imges/9/94/SDS10243_2_Z_Wave_Protocol_Overview.pdf [22] ZigBee Standards Organization, “ZigBee Specification,” Document 053474r17, Jan 2008, 604 pp., http://home.deib.polimi.it/cesana/teaching/IoT/papers/ZigBee/ZigBeeSpec.pdf [23] O. Cetinkaya and O. Akan, "A dash7-based power metering system," in 12th Annual IEEE Consumer Communications and Networking Conference (CCNC), Jan 2015, pp. 406- 411, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=7158010 [24] Zhang, Zhi-Kai, et al. ”IoT security: ongoing challenges and research opportunities.” ServiceOriented Computing and Applications (SOCA), 2014 IEEE 7th International Conference on. IEEE, 2014.
[25] D. Migault, D. Palomares, E. Herbert, W. You, G. Ganne, G. Arfaoui, and M. Laurent, “E2E: An Optimized IPsec Architecture for Secure And Fast Offload,” in Seventh International Conference on Availability, Reliability and Security E2E: 2012. [26] Abomhara, Mohamed, and Geir M. Køien. ”Security and privacy in the Internet of Things: Current status and open issues.” Privacy and Security in Mobile Systems (PRISMS), 2014 International Conference on. IEEE, 2014. [27] B. L. Suto, “Analyzing the Accuracy and Time Costs of Web Application Security Scanners,” San Fr., no. October 2007, 2010. [28] O. El Mouaatamid, M. LahmerInternet of Things security: layered classification of attacks and possible countermeasures Electron J (9) (2016). [29] Seda F. Gürses/Bettina Berendt/Thomas Santen, Multilateral Security Requirements Analysis for Preserving Privacy in Ubiquitous Environments, in Bettina Berendt/Ernestina Menasalvas (eds), Workshop on Ubiquitous Knowledge Discovery for Users (UKDU '06), at 51–64; [30] Stankovic, J. (2014). Research directions for the internet of things. IEEE Internet of Things Journal, 1(1), 3–9 [31] Sicari, Sabrina, et al. "Security, privacy and trust in the Internet of Things: The road ahead." Computer Networks76 (2015): 146-164. [32] https://www.cso.com.au/article/575407/internet-things-iot-threats-countermeasures/ Accessed on 15-03-2019 [33] Bokhari, Mohammad Ubaidullah, and Faheem Masoodi. "Comparative analysis of structures and attacks on various stream ciphers." Proceedings of the 4th National Conference. 2010.
PHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEY Wosah Peace Nmachi and Thomas Win School of Computing & Engineering University of Gloucestershire, Park Campus, Cheltenham GL50 2RH United Kingdom ABSTRACT Email is a channel of communication which is considered to be a confidential medium of communication for exchange of information among individuals and organisations. The confidentiality consideration about e-mail is no longer the case as attackers send malicious emails to users to deceive them into disclosing their private personal information such as username, password, and bank card details, etc. In search of a solution to combat phishing cybercrime attacks, different approaches have been developed. However, the traditional exiting solutions have been limited in assisting email users to identify phishing emails from legitimate ones. This paper reveals the different email and website phishing solutions in phishing attack detection. It first provides a literature analysis of different existing phishing mitigation approaches. It then provides a discussion on the limitations of the techniques, before concluding with an explorationin to how phishing detection can be improved. KEYWORDS Cyber-security, Phishing Email Attack, Deep Learning, Stylometric Analysis, Cyber Human Behaviour For More Details : https://aircconline.com/ijnsa/V13N2/13221ijnsa05.pdf Volume Link : http://airccse.org/journal/jnsa21_current.html
REFERENCES [1] Leite C., Gondim J. J. C., Barreto P. S., and Alchieri E. A., (2019). Waste flooding: A phishing retaliation tool [2] Xiujuan W., Chenxi Z., Kangfeng Z., Haoyang T., &Yuanrui T.(2019)detecting spear- phishing emails based on authentication [3] Duman S, Kalkan-Cakmakci K, Egele M. (2016)EmailProfiler: Spear phishing filtering with header and stylometric features of emails. [4] Calix K., Connors M., Levy D., Manzar H., McCabe G., & Westcott S. (2008). Stylometry for E-mail author identification and authentication [5] Gupta B. B., Arachchilage N A.G., &Psannis K. E. (2018).Defending against phishing attacks: taxonomy of methods, current issues and future direction [6] Dewan P, Kashyap A, &Kumaraguru P. (2014). Analysingsocial and stylometric features to identify spear phishing emails [7] AbahussainO. &Harrath Y. (2019). Detection of malicious emails through regular expressions and databases [8] Helmi R. A. A., Ren C. S.&Jamal A. (2019). Email anti-phishing detection application [9] Asanka N. G.A.,Steve L.&Beznosov K. (2016) Phishing threat avoidance behaviour: An empirical investigation [10] Mohammad R., Thabtah F. & McCluskey L. (2015): Tutorial and critical analysis of phishing websites methods [11] Heartfield Ryan& George Loukas, (2018) Detecting semantic social engineering attacks with the weakest link: Implementation and empirical evaluation of a human-as-a-security- sensor framework [12] Baniya T., Gautam D.& Kim Y. (2015). Safeguarding web surfing with URL blacklisting [13] Canova G., Volkamer M., Bergmann C., &Borza R. (2014). NoPhish: An anti-phishing education app [14] Bottazzi G., Casalicchio E., Marturana F., &Piu M. (2015). MP-shield: A framework for phishing detection in mobile devices. [15] Li, J., Li, J., Chen, X., Jia, C., & Lou, W. (2015) Identity-based encryption without sourced revocation incloud computing
[16] Qabajeh I.,Thabtah F.,&Chiclana F. (2018) A recent review of conventional vs. automated cybersecurity anti-phishing techniques [17] Lötter Andrés.&Futcher Lynn, (2015) A framework to Assist Email Users in the Identification of Phishing Attacks [18] Gascon H., Ullrich S., Stritter B. &Rieck K. (2018) Reading between the lines: content- agnostic detection of spear-phishing emails [19] Smadi S., Aslam N., & Zhang L. (2018). Detection of online phishing email using dynamic evolving neural network based on reinforcement learning [20] Chandrasekaran M., Narayanan K., andUpadhayayaS. (2006) Phishing e-mail detection based on structural properties. [21] Ghafir I., Saleem J., Hammoudeh M., Faour H., Prenosil V., Jaf S., Jabbar S. & Baker T. (2018). Security threats to critical infrastructure: the human factor [22] Khonji M, Iraqi Y& Jones A. (2011). Mitigation of spear phishing attacks: A Content- based Authorship Identification framework [23] Iqbal F, BinsalleehH&Fung B C M. (2010). Mining writeprints from anonymous e-mails for forensic investigation [24] Lyon, J.& Wong M. (2006). Sender ID: authenticating e-mail,” RFC 4406. [25] KunjuM.V., Esther D., Anthony H. C. &BhelwaS. (2019) Evaluation of phishing techniques based on machine learning [26] Peng T., Harris I., &Sawa Y. (2018).Detecting phishing attacks using natural language processing and machine learning [27] SahingozO.K.,Buber E., Demir O., &Diri B. (2019). Machine learning based phishing detection from URLs [28] Zhang, Y., Hong, J. I., &Cranor, L. F.(2007). Cantina: A content based approach to detecting phishing web sites. [29] Suganya V. (2016): A review on phishing attacks and various anti-phishing techniques [30] Abdelhamid N., Ayesh A. &Thabtah F. (2014) Phishing detection based associative classification data mining
[31] SternfeldUri&Striem-Amit Yonatan. (2019) Prevention of rendezvous generation algorithm (RGA) and domain generation algorithm (DGA) malware over exiting internet services. [32] Akarsh S., Sriram S., &Poornachandran P.(2019) Deep learning framework for domain generation algorithms prediction using long short-term memory. [33] Bagui S., Nandi D.,Subhash B. & White J.R (2019) Classifying phishing email using machine learning and deep learning [34] Jain Kumar Ankit. & Gupta B.B. (2018). A machine learning based approach for phishing detection using hyperlinks information [35] Vinayakumar R., Soman K. P., Poornachandran P., Akarsh S. &Elhoseny M. (2019) Deep learning framework for cyber threat situational awareness based on email and url data analysis. [36] Park Gilchan and Rayz Julia (2018).Ontological detection of phishing emails [37] Surbhi G., Abhishek S.&Akanksha K. (2016). A literature survey on social engineering attacks: phishing attack [38] Jamil A., Asif K.& Ghulam Z. (2018) MPMPA: A mitigation and prevention model for social engineering based phishing attacks on facebook [39] Platsis George, (2018) Thehuman factor: Cyber security's greatest challenge [40] NaimBaftiu. (2017).Cyber security in Kosovo [41] Abdelhamid N., Thabtah F. & Abdel-jaber H. (2017) Phishing detection: A recent intelligent machine learning comparison based on models content and features [42] Alsharnouby M., Alaca F., Chiasson S. (2015)Why phishing still works: User strategies for combating phishing attacks [43] Chou N., Ledesma R., Teraguchi Y., Boneh D., and Mitchell J. C. (2004) “Client-side defence against web-based identity theft”. [44] Prakash P., Kumar M., Rao R. K. and Gupta M. (2010) PhishNet: Predictive blacklisting to detect phishing attacks [45] Delany Mark, (2007) Domain-based email authentication using public keys advertised in the DNS (Domain Keys).
[46] Saidani N., Adi K. and AlliliM. S. (2020)A semantic-based classification approach for an enhanced spam detection. [47] Bhowmick A. and Hazarika S.M. (2016) Machine learning for e-mail spam filtering: review techniques and trends.
A CONCEPTUAL SECURE BLOCKCHAIN-BASED ELECTRONIC VOTING SYSTEM Ahmed Ben Ayed Department of Engineering and Computer Science, Colorado Technical University, Colorado Springs, Colorado, USA ABSTRACT Blockchain is offering new opportunities to develop new types of digital services. While research on the topic is still emerging, it has mostly focused on the technical and legal issues instead of taking advantage of this novel concept and creating advanced digital services. In this paper, we are going to leverage the open source Blockchain technology to propose a design for a new electronic voting system that could be used in local or national elections. The Blockchain-based system will be secure, reliable, and anonymous, and will help increase the number of voters as well as the trust of people in their governments. KEYWORDS Blockchain, Electronic Voting System, e-Voting, I-Voting, iVote For More Details : https://aircconline.com/ijnsa/V9N3/9317ijnsa01.pdf Volume Link : http://airccse.org/journal/jnsa17_current.html
REFERENCES [1] Madise, Ü. Madise and T. Martens, “E-voting in Estonia 2005. The first practice of country- wide binding Internet voting in the world.”,Electronic voting, 2nd International Workshop, Bregenz, Austria,(2006) August 2-4. [2] J. Gerlach and U. Grasser, “Three Case Studies from Switzerland: E-voting”, Berkman Center Research Publication, (2009). [3] I. S. G. Stenerud and C. Bull, “When reality comes knocking Norwegian experiences with verifiable electronic voting”, Electronic Voting. Vol. 205. (2012), pp. 21-33. [4] C. Meter and A. Schneider and M. Mauve, “Tor is not enough: Coercion in Remote Electronic Voting Systems. arXiv preprint. (2017). [5] D. L. Chaum, “Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms”, Communication of the ACM. Vol. 24(2). (1981), pp. 84-90. [6] T. ElGamal, “A public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms”, IEEE Trans. Info. Theory. Vol. 31. (1985), pp. 469-472. [7] S. Ibrahim and M. Kamat and M. Salleh and S. R. A. Aziz, “Secure E-Voting with Blind Signature”, Proceeding of the 4th National Conference of Communication Technology, Johor, Malaysia, (2003) January 14-15. [8] J. Jan and Y. Chen and Y. Lin, “The Design of Protocol for e-Voting on the Internet”, Proceedings IEEE 35th Annual 2001 International Carnahan Conference on Security Technology, London, England, (2001) October 16-19. [9] D. L. Dill and A.D. Rubin, “E-Voting Security”, Security and Privacy Magazine, Vol. 2(1). (2004), pp. 22-23. [10] D. Evans and N. Paul, “Election Security: Perception and Reality”. IEEE Privacy Magazine, vol. 2(1). (2004), pp. 2-9. [11] Trueb Baltic, “Estonian Electronic ID – Card Application Specification Prerequisites to the Smart Card Differentiation to previous Version of EstEID Card Application.” http://www.id.ee/public/TBSPEC-EstEID-Chip-App-v3_5-20140327.pdf [12] Cybernetica. “Internet Voting Solution.” https://cyber.ee/uploads/2013/03/cyber_ivoting_NEW2_A4_web.pdf. [13] D. Springall, T. Finkenauer, Z. Durumeric, J. Kitcat, H. Hursti, M. MacAlpine, and J. A. Halderman, “Security Analysis of the Estonian Internet Voting System.” Proceedings of the
2014 ACM SIGSAC Conference on Computer and Communications Security. (2014), pp. 703-715. [14] Ministry of Local Government and Modernisation. “Internet Voting Pilot to be Discontinued.” https://www.regjeringen.no/en/aktuelt/Internet-voting-pilot-to-be- discontinued/id764300/ [15] J. A. Halderman, and V. Teague, “The New South Wales iVote System: Security Failures and Verifications Flaws in a Live Online Election.” International Conference on E-Voting and Identity. (2015), pp. 35-53. [16] S. Wolchok, E. Wustrow, D. Isabel, J. A. Halderman, “Attacking the Washington, DC Internet Voting System.” International Conference on Financial Cryptography and Data Security (2012), pp. 114-128. [17] National Institute of Standards and Technology, “Federal Information Processing Standards Publication”, (2012). [18] S. Nakamoto, “A Peer-to-Peer Electronic Cash System”, (2008). [19] F. Reid and M. Harrigan, “An Analysis of Anonymity in the Bitcoin System”, Security and Privacy in Social Networks. (2013), pp. 1-27. [20] S. Raval, “Decentralized Applications: Harnessing Bitcoin’s Blockchain Technology.” O’Reilly Media, Inc. Sebastopol, California (2016). [21] J. R. Douceur, “The Sybil Attack”, International Workshop on Peer-to-Peer Systems, (2002), pp. 251-260. AUTHORS Ahmed Ben Ayed, has received his Bachelor of Science in Computer Information Systems, Master of Science in Cyber Security and Information Assurance, and currently a doctoral student at Colorado Technical University, and an Adjunct Professor at California Takshila University. His research interests are Android Security, Pattern Recognition of Malicious Applications, Machine Learning, Cryptography, Information & System Security and Cyber Security.
A LITERATURE SURVEY AND ANALYSIS ON SOCIAL ENGINEERING DEFENSE MECHANISMS AND INFOSEC POLICIES Dalal Alharthi and Amelia Regan Department of Computer Science, University of California Irvine, Irvine, California ABSTRACT Social engineering attacks can be severe and hard to detect. Therefore, to prevent such attacks, organizations should be aware of social engineering defense mechanisms and security policies. To that end, the authors developed a taxonomy of social engineering defense mechanisms, designed a survey to measure employee awareness of these mechanisms, proposed a model of Social Engineering InfoSec Policies (SE-IPs), and designed a survey to measure the incorporation level of these SE-IPs. After analyzing the data from the first survey, the authors found that more than half of employees are not aware of social engineering attacks. The paper also analyzed a second set of survey data, which found that on average, organizations incorporated just over fifty percent of the identified formal SE-IPs. Such worrisome results show that organizations are vulnerable to social engineering attacks, and serious steps need to be taken to elevate awareness against these emerging security threats. KEYWORDS Cybersecurity, Social Engineering, Employee Awareness, Defense Mechanisms, Security Policies For More Details : https://aircconline.com/ijnsa/V13N2/13221ijnsa04.pdf Volume Link : http://airccse.org/journal/jnsa21_current.html
REFERENCES [1] S. D. Applegate, Social engineering: hacking the wetware! Information Security Journal: A Global Perspective 18 (1) (2009) 40–46. [2] C. Hadnagy, Social engineering: The art of human hacking, John Wiley & Sons, 2010.3. A. Berg, Cracking a social engineer, [online]. lan times (1995). [3] A. Berg, Cracking a social engineer, [online]. lan times (1995). [4] T. Greening, Ask and ye shall receive: a study in social engineering, ACM SIGSAC Review 14 (2) (1996) 8–14. [5] A. Karakasiliotis, S. Furnell, M. Papadaki, Assessing end-user awareness of social engineering and phishing. [6] M. Workman, A test of interventions for security threats from social engineering, Information Management & Computer Security 16 (5) (2008) 463–483. [7] G. L. Orgill, G. W. Romney, M. G. Bailey, P. M. Orgill, The urgency for effective user privacy-education to counter social engineering attacks on secure computer systems, in: Proceedings of the 5th conference on Information technology education, ACM, 2004, pp. 177–181 [8] T. Bakhshi, M. Papadaki, S. Furnell, A practical assessment of social engineering vulnerabilities., in: HAISA, 2008, pp. 12–23. [9] F. Mouton, M. M. Malan, L. Leenen, H. S. Venter, Social engineering attack framework, in: 2014 Information Security for South Africa, IEEE, 2014, pp. 1–9. [10] R. Kalnin,š, J. Purin,š, and G. Alksnis, “Security evaluation of wireless network access points,” Applied Computer Systems, vol. 21, no. 1, pp.38–45, 2017. [11] D. N. Alharthi, M. M. Hammad, and A. C. Regan, “A taxonomy of social engineering defense mechanisms,” in Future of Information and Communication Conference. Springer, 2020, pp. 27–41. [12] F. Mouton, L. Leenen, and H. S. Venter, “Social engineering attack examples, templates and scenarios,” Computers & Security, vol. 59, pp.186–209, 2016. [13] N. Saxena, E. Hayes, E. Bertino, P. Ojo, K.-K. R. Choo, and P. Burnap, “Impact and key challenges of insider threats on organizations and critical businesses,” Electronics, vol. 9, no. 9, p. 1460, 2020.
[14] T. Ahmad, “Corona virus (covid-19) pandemic and work from home: Challenges of cybercrimes and cybersecurity,” Available at SSRN3568830, 2020. [15] N. Sarginson, “Securing your remote workforce against new phishing attacks,” Computer Fraud & Security, vol. 2020, no. 9, pp. 9–12, 2020. [16] H. Aldawood and G. Skinner, “Contemporary cyber security social engineering solutions, measures, policies, tools and applications: Acritical appraisal,” International Journal of Security (IJS), vol. 10, no. 1, p. 1, 2019. [17] V. Systems, “Varonis 2019 global data risk report,” 2019. [18] A. Yazdanmehr and J. Wang, “Employees’ information security policy compliance: A norm activation perspective,” Decision Support Systems, vol. 92, pp. 36–46, 2016. [19] D. N. Alharthi and A. C. Regan, “Social engineering defense mechanisms: A taxonomy and a survey of employees’ awareness level,” in Science and Information Conference. Springer, 2020, pp. 521–541. [20] D. N. Alharthi and A. C. Regan, “Social engineering InfoSec Policies (SE-IPs),” in the 14th International Conference on Network Security & Applications (CNSA 2021). CICT, 2021, pp. 521–541. NIAI - 2021 pp. 57-74, 2021. [21] H. Aldawood, G. Skinner, An academic review of current industrial and commercial cyber security social engineering solutions, in: Proceedings of the 3rd International Conference on Cryptography, Security and Privacy, ACM, 2019, pp. 110–115. [22] B. M. E. Elnaim, H. A. S. W. Al-Lami, The current state of phishing attacks against Saudi Arabia university students. [23] C. Happ, A. Melzer, G. Steffgen, Trick with treat–reciprocity increases the willingness to communicate personal data, Computers in Human Behavior 61 (2016) 372–377. [24] I. Ghafir, V. Prenosil, A. Alhejailan, M. Hammoudeh, Social engineering attack strategies and defence approaches, in: 2016 IEEE 4th International Conference onFuture Internet of Things and Cloud (FiCloud), IEEE, 2016, pp. 145–149. [25] M. Gupta, R. Sharman, Social network theoretic framework for organizational socialengineering susceptibility index, AMCIS 2006 Proceedings (2006) 408. [26] K. Parsons, D. Calic, M. Pattinson, M. Butavicius, A. McCormac, T. Zwaans, Thehuman aspects of information security questionnaire (hais-q): two further validation studies, Computers & Security 66 (2017) 40–51.
[27] T. Herath, H. R. Rao, Encouraging information security behaviours in organizations: Role of penalties, pressures and perceived effectiveness, Decision Support Systems47 (2) (2009) 154–165. [28] J. A. Stoner, Risky and cautious shifts in group decisions: The influence of widely held values, Journal of Experimental Social Psychology 4 (4) (1968) 442–459. [29] H. Aldawood and G. Skinner, “Reviewing cyber security social engineering training and awareness programs—pitfalls and ongoing issues,” Future Internet, vol. 11, no. 3, p. 73, 2019. [30] K. J. Knapp, R. F. Morris Jr, T. E. Marshall, and T. A. Byrd, “Information security policy: An organizational-level process model,” computers &security, vol. 28, no. 7, pp. 493–508, 2009. [31] C. Senarak, “Port cybersecurity and threat: A structural model for prevention and policy development,” The Asian Journal of Shipping and Logistics, 2020. [32] A. Karakasiliotis, S. Furnell, and M. Papadaki, “Assessing end-user awareness of social engineering and phishing,” 2006. [33] L. Li, W. He, L. Xu, I. Ash, M. Anwar, and X. Yuan, “Investigating the impact of cybersecurity policy awareness on employees’ cybersecurity behavior,” International Journal of Information Management, vol. 45, pp. 13–24, 2019. [34] M. Siponen, M. A. Mahmood, and S. Pahnila, “Employees’ adherence to information security policies: An exploratory field study,” Information& management, vol. 51, no. 2, pp. 217–224, 2014. [35] F. Bélanger, S. Collignon, K. Enget, and E. Negangard, “Determinants of early conformance with information security policies,” Information& Management, vol. 54, no. 7, pp. 887–901, 2017. [36] K.-c. Chang and Y. M. Seow, “Effects of it-culture conflict and user dissatisfaction on information security policy non-compliance: A sense-making perspective,” 2014. [37] F. Hadi, M. Imran, M. H. Durad, and M. Waris, “A simple security policy enforcement system for an institution using sdn controller,” in 2018 15th International Bhurban Conference on Applied Sciences and Technology (IBCAST). IEEE, 2018, pp. 489–494. [38] V. D. Soni, “Disaster recovery planning: Untapped success factor in an organization,” Available at SSRN 3628630, 2020.
[39] J. Horney, M. Nguyen, D. Salvesen, O. Tomasco, and P. Berke, “Engaging the public in planning for disaster recovery,” International journal of disaster risk reduction, vol. 17, pp. 33–37, 2016. [40] F. Salahdine and N. Kaabouch, “Social engineering attacks: A survey,” Future Internet, vol. 11, no. 4, p. 89, 2019. [41] C. Okoli, K. Schabram, A guide to conducting a systematic literature review of information systems research. [42] NCSC, National Cybersecurity Centre (Accessed 2019). Link [43] S. Inc., Surveymonkey (Accessed 2019). Link [44] Stats, “Saudi general authority for statistics,” Accessed 2020. [Online]. Available: https://www.stats.gov.sa/ [45] Statista, “Statista,” Accessed 2020. [Online]. Available: https://www.statista.com/ [46] C. Bronk and E. Tikk-Ringas, “The cyber-attack on Saudi Aramco,” Survival, vol. 55, no. 2, pp. 81–96, 2013. [47] D. D. Cheong, “Cyberattacks in the gulf: lessons for active defence,” 2012. [48] S. S. Basamh, H. Qudaih, and J. B. Ibrahim, “An overview on cybersecurity awareness in Muslim countries,” International Journal of Information and Communication Technology Research, 2014. [49] ITU, “Committed to connecting the world,” Accessed 2020. [Online]. Available: https://www.itu.int/en/Pages/default.aspx [50] T. McClelland, “The insider’s view of a data breach-how policy, forensics, and attribution apply in the real world,” 2018. [51] R. Bhor and H. Khanuja, “Analysis of web application security mechanism and attack detection using vulnerability injection technique,” in 2016 International Conference on Computing Communication Control and automation (ICCUBEA). IEEE, 2016, pp. 1–6. [52] J. Saleem and M. Hammoudeh, “Defense methods against social engineering attacks,” in Computer and network security essentials. Springer, 2018, pp. 603–618.
AUTHORS Dalal Alharthi is a Ph.D. Candidate in Computer Science at the University of California, Irvine. She is also a Resident Engineer at Palo Alto Networks and a Senior Prisma Cloud Consultant at Dell. She is equipped with 12+ years of work experience between academia and industry. Her research interests are in the field of Cybersecurity, Network Security, Cloud Security, Privacy, Human-Computer Interaction (HCI), and Artificial Intelligence (AI). Amelia Regan received a BAS in Systems Engineering from the University of Pennsylvania, an MS degree in Applied Mathematics from Johns Hopkins University, and an MSE degree and Ph.D. degree at the University of Texas. She is a Professor of Computer Science at the University of California, Irvine. Her research interests include network optimization, cyber-physical transportation systems, machine learning tools for temporal-spatial data analysis, and cybersecurity.
COMPARISON OF MALWARE CLASSIFICATION METHODS USING CONVOLUTIONAL NEURAL NETWORK BASED ON API CALL STREAM Matthew Schofield1 , Gulsum Alicioglu2 , Bo Sun1 , Russell Binaco1 , Paul Turner1 , Cameron Thatcher1 , Alex Lam1 and Anthony Breitzman1 1 Department of Computer Science, Rowan University, Glassboro, New Jersey, USA 2 Department of Electrical and Computer Engineering, Rowan University, Glassboro, New Jersey, USA ABSTRACT Malicious software is constantly being developed and improved, so detection and classification of malwareis an ever-evolving problem. Since traditional malware detection techniques fail to detect new/unknown malware, machine learning algorithms have been used to overcome this disadvantage. We present a Convolutional Neural Network (CNN) for malware type classification based on the API (Application Program Interface) calls. This research uses a database of 7107 instances of API call streams and 8 different malware types:Adware, Backdoor, Downloader, Dropper, Spyware, Trojan, Virus,Worm. We used a 1-Dimensional CNN by mapping API calls as categorical and term frequency-inverse document frequency (TF-IDF) vectors and compared the results to other classification techniques.The proposed 1-D CNN outperformed other classification techniques with 91% overall accuracy for both categorical and TFIDF vectors. KEYWORDS Convolutional Neural Network, Malware Classification, N-gram Analysis, Term Frequency- Inverse Document Frequency Vectors, Windows API Calls. For More Details : https://aircconline.com/ijnsa/V13N2/13221ijnsa01.pdf Volume Link : http://airccse.org/journal/jnsa21_current.html
REFERENCES [1] Daniel Gibert, Carles Mateu, & Jordi Planes, (2020) “The rise of machine learning for detection and classification of malware: Research developments, trends and challenges”, Journal of Network and Computer Applications. 10.1016/j.jnca.2019.102526. [2] Zahra Bazrafshan, Hashem Hashemi, Fard Hazrati, Mehdi Seyed, & Ali Hamzeh, (2013) “A survey on heuristic malware detection techniques”, 2013 5th Conference on Information and Knowledge Technology. 113-120. 10.1109/IKT.2013.6620049. [3] Jyoti Landage, & M. P. Wankhade, (2013) “Malware and Malware Detection Techniques : A Survey”, International journal of engineering research and technology, 2. [4] DainiusCeponis, & Nikolaj Goranin,(2019) “Evaluation of Deep Learning Methods Efficiency for Malicious and Benign System Calls Classification on the AWSCTD”,Security and Communication Networks,2317976:1-2317976:12. [5] SerifBahtiyar, Mehmet BarisYaman, & Can Yilmaz Altinigne, (2019)“A multi-dimensional machine learning approach to predict advanced malware”, Comput. Networks, 160,118-129. [6] GyuwanKim, Hayoon Yi, JanghoLee, YunheungPaek, & Sungroh Yoon, (2016) “LSTM- Based System-Call Language Modeling and Robust Ensemble Method for Designing Host- Based Intrusion Detection Systems”, ArXiv, abs/1611.01726. [7] AhmetYazi, Ferhat Ozgur Catak,& EnsarGul,(2019) “Classification of Methamorphic Malware with Deep Learning (LSTM)”,10.1109/SIU.2019.8806571. [8] Ferhat OzgurCatak,&AhmetYazi,(2019) “A Benchmark API Call Dataset for Windows PE MalwareClassification”, https://arxiv.org/abs/1905.01999. [9] EslamAmer,&Ivan Zelinka,(2020) “A dynamic Windows malware detection and prediction method based on contextual understanding of API call sequence”, Computers & Security. 10.1016/j.cose.2020.101760. [10] YuntaoZhao, Bo Bo, Yongxin Feng, ChunYu Xu, & Bo Yu,(2019) “A feature extraction method of hybrid gram for malicious behavior based on machine learning”, Secur. Commun. Netw. [11] Chang Choi, ChristianEsposito, MungyuLee, & JunhoChoi, (2019) “Metamorphic malicious code behavior detection using probabilistic inference methods”, Cognit. Syst. Res. 56, 142–150. [12] AsgharTajoddin, & SaeedJalili, (2018) “HM3alD: polymorphic Malware detection using program behavior-aware hidden Markov model”, Appl. Sci. 8 (7), 1044.
[13] Matthew Schofield, Gulsum Alicioglu, Russell Binaco, Paul Turner, Cameron Thatcher, Alex Lam & Bo Sun, (2021) “Convolutional Neural Network For Malware Classification Based On API Call Sequence”, In proceedings of 2021 the 14th International Conference on Network Security & Applications. Computer Science & Information Technology (CS & IT). Zurich, Switzerland. [14] Jeffrey Heer, Micheal Bostock, & Vadim Ogievetsky,(2010) “A Tour through the Visualization Zoo”, ACM Queue, 8, 20. [15] WeijieHan, Jingfeng Xue, YongWang, LuHuang, ZixiaoKong, & Limin Mao, (2019) “MalDAE: Detecting and explaining malware based on correlation and fusion of static and dynamic characteristics”, Comput. Secur., 83, 208-233. [16] LuXiao-Feng, ZhouXiao, Jiang Fangshuo, Yi Sheng-wei,&ShaJing,(2018) “ASSCA: API based Sequence and Statistics featuresCombinedmalwaredetectionArchitecture”,Procedia Computer Science, 129, 248-256. [17] MatildaRhode, Pete Burnap, & Kevin Jones, (2018) “Early Stage Malware Prediction Using Recurrent Neural Networks”,Comput. Secur., 77,578-594. [18] ZahraSalehi, Ashkan Sami, & Mahboobe Ghiasi, (2017) “MAAR: Robust features to detect malicious activity based on API calls, their arguments and return values”, Eng. Appl. Artif. Intell., 59, 93-102. [19] MohamedBelaoued, & SmaineMazouzi, (2016) “A Chi-Square-Based Decision for Real- Time Malware Detection Using PE-File Features”, JIPS, 12,644-660. [20] Sanchit Gupta, Harshit Sharma, & Sarvjeet Kaur, (2016) “Malware Characterization Using Windows API Call Sequences”,SPACE. [21] Jixin Zhang, Zheng Qin, Hui Yin, Lu Ou, & Kehuan Zhang, (2019) “A feature-hybrid malware variants detection using CNN based opcode embedding and BPNN based API embedding”, Comput. Secur., 84,376-392. [22] Tableau Software. (2020). Retrieved from www.tableau.com. [23] Kolosnjaji Bojan, Zarras Apostolis, Webster George, & Eckert Claudia, (2016) “Deep Learning for Classification of Malware System Call Sequences”, In: Kang B., Bai Q. (eds) AI 2016: Advances in Artificial Intelligence. Lecture Notes in Computer Science, vol 9992. Springer, Cham. https://doi.org/10.1007/978-3-319-50127-7_11. [24] Catak Ferhat Ozgur, Yazı Ahmet Faruk, Elezaj Ogerta & Ahmed Javed, (2020) “Deep learning based Sequential model for malware analysis using Windows exe API Calls”, PeerJ Computer Science 6:e285 https://doi.org/10.7717/peerj-cs.285.
[25] Albawi Saad, Mohammad Tareq Abed, & Al-Zawi Saad, (2017), “Understanding of a convolutional neural network”, 2017 International Conference on Engineering and Technology (ICET), Antalya, pp. 1-6, doi: 10.1109/ICEngTechnol.2017.8308186. [26] “http://alexlenail.me/NN-SVG,” 2016. (Accessed 20 December 2020). [27] Chigozie Nwankpa, Winifred Ijomah, Anthony Gachagan, & Stephen Marshall, (2018) “Activation Functions: Comparison of trends in Practice and Research for Deep Learning”, ArXiv, abs/1811.03378. [28] Yinzheng Gu, Chuanpeng Li, & Jinbin Xie, (2018) “Attention-aware Generalized Mean Pooling for Image Retrieval”, ArXiv, abs/1811.00202. [29] Mark Cheung, John Shi, Lavender Jiang, Oren Wright, &Jose Moura, (2019) “Pooling in Graph Convolutional Neural Networks”, 53rd Asilomar Conference on Signals, Systems, and Computers, 462-466. [30] WilliamCavnar, & John Trenkle, (1994) “N-gram-based text categorization”, Proceedings of SDAIR-94, 3rd annual symposium on document analysis and information retrieval. Vol. 161175. [31] Raymond Canzanese, Spiros Mancoridis, &Moshe Kam, (2015) “Run-time classification of malicious processes using system call analysis”, 10th International Conference on Malicious and Unwanted Software (MALWARE), Fajardo, 2015, pp. 21-28. [32] ShahzadQaiser, & Ramsha Ali, (2018) “Text Mining: Use of TF-IDF to Examine the Relevance of Words to Documents”, International Journal of Computer Applications, 181, 25-29. AUTHORS Matthew Schofield is currently enrolled at Rowan University pursuing his B.S/M.S degree in Computer Science anticipating graduation in December 2021. He is currently working on his master’s thesis on Deep Reinforcement Learning in Incentivization Systems. His research interests are in Machine Learning and Deep Reinforcement Learning. Gulsum Alicioglu received M.Sc. Degree in Industrial Engineering from Gazi University, Turkey, in 2018. Currently, she is a Ph.D. candidate at the Department of Electrical and Computer Engineering of Rowan University, USA. Her research interests aredata visualization, machine learning, and explainable artificial intelligence.
Bo Sun is an associate professor of Computer Science and led the project effort of this paper.She received her B.S. in Computer Science from Wuhan University, her M.S.in Computer Science from Lamar University, and her Ph.D. in Modeling and Simulation from Old Dominion University. Her research interests include Visual Analytics and Data Visualization. Russell Binaco graduated from Rowan University with an M.S. in Computer Science in Spring 2020. He now works as a software engineer for Innovative Defense Technologies, and as an adjunct for Rowan University. At Rowan, he earned undergraduate degrees in Computer Science and Electrical and Computer Engineering. He has also been published in the Journal of the International Neuropsychological Society for research using Machine Learning to classify patients’ levels of cognitive decline with regards to Alzheimer’s Disease. Paul Turner received his B.S. in Computer Science from Rowan University in 2018 and is currently enrolled in an M.S. program at the aforementioned University. His interests include machine learning, text mining, and cloud computing. Cameron Thatcher received his B.S in Computer Science from Rowan University in 2019 and is currently pursuing his M.S. in Computer Science at Rowan University. His research interests include Machine Learning and Data Mining. Alex Lam is currently attending Rowan University pursuing his B.S/M.S degree in Computer Science and Data Analytics. He has also been published in the 3rd ACM SIGSPATIAL International Workshop on Analytics for Local Events and News (LENS’19) for research in identifying real-world events using bike-sharing data. Anthony Breitzman holds an M.A. in Mathematics from Temple University, and an M.S. and Ph.D. from Drexel University. He is an associate professor of Computer Science at Rowan University and his research interests are Data Mining, Text Mining, Machine Learning, Algorithm Design, Convolution Algorithms, and Number Theory.
EFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS ATTACK STRATEGIES Iyas Alodat Department of Computer and Information System, Jerash University, Jerash, Jordan ABSTRACT In this paper, we examined the effect on network performance of the various strategies an attacker could adopt to launch Man-In The Middle (MITM) attacks on the wireless network, such as fleet or random strategies. In particular, we're focusing on some of those goals for MITM attackers - message delay, message dropping. According to simulation data, these attacks have a significant effect on legitimate nodes in the network, causing vast amounts of infected packets, end-to-end delays, and significant packet loss. KEYWORDS Wireless Network, Mobile Network, security; Man-In-The-Middle Attack; smart cities; simulation; Intelligent Transportation System; Internet-of-Things. For More Details : http://aircconline.com/ijnsa/V13N3/13321ijnsa02.pdf Volume Link : http://airccse.org/journal/jnsa21_current.html
REFERENCES [1] Burchfiel, J., Tomlinson, R., & Beeler, M. (1975, May). Functions and structure of a packet radio station. In Proceedings of the May 19-22, 1975, national computer conference and exposition (pp. 245-251). [2] Toor, Y., Muhlethaler, P., Laouiti, A., & De La Fortelle, A. (2008). Vehicle ad hoc networks: Applications and related technical issues. IEEE communications surveys & tutorials, 10(3), 74-88. [3] Bauwens, J., Jooris, B., Giannoulis, S., Jabandžić, I., Moerman, I., & De Poorter, E. (2019). Portability, compatibility and reuse of MAC protocols across different IoT radio platforms. Ad Hoc Networks, 86, 144-153. [4] Chaqfeh, M.; Lakas, A. A Novel Approach for Scalable Multi-hop Data Dissemination in Vehicular Ad Hoc Networks. Ad Hoc Netw. 2016, 37, 228–239 [5] Shi, Y., Ross, A., & Biswas, S. (2018). Source identification of encrypted video traffic in the presence of heterogeneous network traffic. Computer Communications, 129, 101-110. [6] Williams, R., Samtani, S., Patton, M., & Chen, H. (2018, November). Incremental hacker forum exploit collection and classification for proactive cyber threat intelligence: An exploratory study. In 2018 IEEE International Conference on Intelligence and Security Informatics (ISI) (pp. 94-99). IEEE. [7] Wang, J., Juarez, N., Kohm, E., Liu, Y., Yuan, J., & Song, H. (2019, April). Integration of SDR and UAS for malicious Wi-Fi hotspots detection. In 2019 Integrated Communications, Navigation and Surveillance Conference (ICNS) (pp. 1-8). IEEE. [8] Phung, C. V., Dizdarevic, J., Carpio, F., & Jukan, A. (2019, May). Enhancing rest http with random linear network coding in dynamic edge computing environments. In 2019 42nd International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO) (pp. 435-440). IEEE. [9] AMIR, A. Z. B. (2018). A study on Rogue Wireless Devices with Detection of Mousejack Attacks and Vulnerabilities. [10] Vanhoef, M., Bhandaru, N., Derham, T., Ouzieli, I., & Piessens, F. (2018, June). Operating channel validation: preventing Multi-Channel Man-in-the-Middle attacks against protected Wi-Fi networks. In Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks (pp. 34-39). [11] Chittamuru, S. V. R., Thakkar, I. G., Pasricha, S., Vatsavai, S. S., & Bhat, V. (2020). Exploiting Process Variations to Secure Photonic NoC Architectures from Snooping Attacks. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.
[12] Rupprecht, D., Kohls, K., Holz, T., & Pöpper, C. (2019, May). Breaking LTE on layer two. In 2019 IEEE Symposium on Security and Privacy (SP) (pp. 1121-1136). IEEE. [13] Ullas, S. U., & Sandeep, J. (2019). Reliable Monitoring Security System to Prevent MAC Spoofing in Ubiquitous Wireless Network. In Advances in Big Data and Cloud Computing (pp. 141-153). Springer, Singapore. [14] Maithili, K., Vinothkumar, V., & Latha, P. (2018). Analyzing the security mechanisms to prevent unauthorized access in cloud and network security. Journal of Computational and Theoretical Nanoscience, 15(6-7), 2059-2063. [15] Tochner, S., Zohar, A., & Schmid, S. (2020, October). Route Hijacking and DoS in Off- Chain Networks. In Proceedings of the 2nd ACM Conference on Advances in Financial Technologies (pp. 228-240). [16] Alharthi, D. N., Hammad, M. M., & Regan, A. C. (2020, March). A taxonomy of social engineering defense mechanisms. In Future of Information and Communication Conference (pp. 27-41). Springer, Cham. [17] Metz, L. A. E. P. (2020). An evaluation of unity ML-Agents toolkit for learning boss strategies (Doctoral dissertation). [18] Shringarputale, S., McDaniel, P., Butler, K., & La Porta, T. (2020, November). Co- residency Attacks on Containers are Real. In Proceedings of the 2020 ACM SIGSAC Conference on Cloud Computing Security Workshop (pp. 53-66). [19] Xia, W., Cong, W., Wei, Y., & Li, C. (2020). Critical angle of attack and the corresponding impact cavity for non-circuitous trajectory of water entry of circular cylinder. Applied Ocean Research, 103, 102322. [20] Huang, Y., Kuo, H. K., Thomas, S., Kons, Z., Audhkhasi, K., Kingsbury, B., ... & Picheny, M. (2020, May). Leveraging unpaired text data for training end-to-end speech-to- intent systems. In ICASSP 2020-2020 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) (pp. 7984-7988). IEEE. [21] Verma, S., Hamieh, A., Huh, J. H., Holm, H., Rajagopalan, S. R., Korczynski, M., & Fefferman, N. (2016, August). Stopping amplified dns ddos attacks through distributed query rate sharing. In 2016 11th International Conference on Availability, Reliability and Security (ARES) (pp. 69-78). IEEE. [22] A. Guruswamy, R. S. Blum, S. Kishore and M. Bordogna, “On the Optimum Design of L-Estimators for Phase Offset Estimation in IEEE 1588,” IEEE Transactions on Communications, Vol. 63 , No. 9, pp. 5101 – 5115, Dec. 2015.
[23] Karthik, A. K., & Blum, R. S. (2016). Estimation theory based robust phase offset estimation in the presence of delay attacks. arXiv preprint arXiv:1611.05117. [24] Tsigkari, D., & Spyropoulos, T. (2020). An approximation algorithm for joint caching and recommendations in cache networks. arXiv preprint arXiv:2006.08421. [25] Stricot-Tarboton, S.; Chaisiri, S.; Ko, R.K.L. Taxonomy of Man-in-the-Middle Attacks on HTTPS. In Proceedings of the 2016 IEEE Trustcom/BigDataSE/ISPA, Tianjin, China, 23–26 August 2016; pp. 527–534. [CrossRef] [26] Chen, Z.; Guo, S.; Duan, R.; Wang, S. Security Analysis on Mutual Authentication against Man-in-the-Middle Attack. In Proceedings of the First International Conference on Information Science and Engineering, Nanjing, China, 26–28 December 2009; pp. 1855– 1858. [CrossRef] [27] Conti, M.; Dragoni, N.; Lesyk, V. A Survey of Man In The Middle Attacks. IEEE Commun. Surv. Tutor. 2016, 18, 2027–2051. [CrossRef] [28] Glass, S.M.; Muthukkumarasamy, V.; Portmann, M. Detecting Man-in-the-Middle and Wormhole Attacks in Wireless Mesh Networks. In Proceedings of the International Conference on Advanced Information Networking and Applications, Bradford, UK, 26–29 May 2009; pp. 530–538. [29] Kaplanis, C. Detection and Prevention of Man in the Middle Attacks in Wi-Fi Technology. Master’s Thesis, Aalborg University, Aalborg, Denmark, 2015.
MINING PATTERNS OF SEQUENTIAL MALICIOUS APIS TO DETECT MALWARE Abdurrahman Pektaş1 , Elif Nurdan Pektaş2 and Tankut Acarman1 1 Department of Computer Engineering, Galatasaray University, İstanbul, Turkey 2 Siemens Turkey, Yakack Caddesi No: 111, 34870 Kartal, Istanbul, Turkey ABSTRACT In the era of information technology and connected world, detecting malware has been a major security concern for individuals, companies and even for states. The New generation of malware samples upgraded with advanced protection mechanism such as packing, and obfuscation frustrate anti-virus solutions. API call analysis is used to identify suspicious malicious behavior thanks to its description capability of a software functionality. In this paper, we propose an effective and efficient malware detection method that uses sequential pattern mining algorithm to discover representative and discriminative API call patterns. Then, we apply three machine learning algorithms to classify malware samples. Based on the experimental results, the proposed method assures favorable results with 0.999 F-measure on a dataset including 8152 malware samples belonging to 16 families and 523 benign samples. KEYWORDS Android, Malware, Frequent Sequence Mining, Behavioural Pattern, API Calls, Dynamic Analysis For More Details : http://aircconline.com/ijnsa/V10N4/10418ijnsa01.pdf Volume Link : http://airccse.org/journal/jnsa18_current.html
REFERENCES [1] Statcounter: Operating system market share worldwide, (2018). http://gs.statcounter.com/os- marketshare#monthly-201801-201801-bar. [Online; accessed 7-October-2017]. [2] Ilsun You & Kangbin Yim (2010) “Malware obfuscation techniques: A brief survey”, Broadband, Wireless Computing, Communication and Applications (BWCCA), 2010 International Conference on, pp297– 300. [3] 2016 Symantec Security Report, Internet: https://www.symantec.com/content/dam/symantec/docs/reports/istr-21-2016-en.pdf, 29.06.2018. [4] Abdurrahman Pektas & Tankut Acarman (2018) “Malware classification based on api calls and behavior analysis”, IET Information Security, Vol. 12, No.2, pp 107-117. [5] Abdurrahman Pektas & Tankut Acarman (2014) “A dynamic malware analyzer against virtual machine aware malicious software”, Security and Communication Networks, Vol. 7, No.12, pp2245–2257. [6] Nizar R Mabroukeh & Christie I Ezeife (2010)“A taxonomy of sequential pattern mining algorithms”, ACM Computing Surveys (CSUR), Vol. 43, No.1:3 [7] Philippe Fournier-Viger & Jerry Chun-Wei Lin & Rage Uday Kiran & Yun Sing Koh & Rincy Thomas (2017) “A survey of sequential pattern mining”, Data Science and Pattern Recognition, Vol.1, No.1, pp54–77. [8] Yong Qiao & Jie He & Yuexiang Yang & Lin Ji (2013) “Analyzing malware by abstracting the frequent itemsets in api call sequences”,Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on, pp.265–270. [9] Youngjoon Ki & Eunjin Kim & Huy Kang Kim (2015) “A novel approach to detect malware based on api call sequence analysis”, International Journal of Distributed Sensor Networks, Vol. 11, No.6,pp:95-10. [10] In Kyeom Cho & Eul Gyu Im (2015), “Extracting representative api patterns of malware families using multiple sequence alignments”, In Proceedings of the 2015 Conference on research in adaptive and convergent systems, pp.308–313. [11] Winfried Just (2001) “Computational complexity of multiple sequence alignment with sp-score”, Journal of computational biology, Vol. 8, No. 6. pp. 615–623. [12] Lusheng Wang & Tao Jiang (1994), “On the complexity of multiple sequence alignment”, Journal of computational biology, Vol. 1, No.4, p.337–348.
[13] Yujie Fan &Yanfang Ye & Lifei Chen (2016), “Malicious sequential pattern mining for automatic malware detection”, Expert Systems with Applications, Vol.52, pp.16–25. [14] Iltaek Kwon & Eul Gyu Im (2017), “Extracting the representative api call patterns of malware families using recurrent neural network”, In Proceedings of the International Conference on Research in Adaptive and Convergent Systems, pp.202–207. [15] Canfora, G., Mercaldo, F., & Visaggio, C. A. (2016). An hmm and structural entropy based detector for android malware: An empirical study. Computers & Security, 61, 1-18. [16] Salehi, Z., Sami, A., & Ghiasi, M. (2017). MAAR: Robust features to detect malicious activity based on API calls, their arguments and return values. Engineering Applications of Artificial Intelligence, 59, 93-102. [17] Shijo, P. V., & Salim, A. (2015). Integrated static and dynamic analysis for malware detection. Procedia Computer Science, 46, 804-811. [18] Cuckoo Sandbox, Internet: https://cuckoosandbox.org/, 29.06.2018. [19] Virustotal, Internet: https://www.virustotal.com/, 29.06.2018. [20] Payam Refaeilzadeh & Lei Tang & Huan Liu (2009) “Cross-validation”, In Encyclopedia of database systems, pp.532–538, Springer. [21] A. Barthels, Behavior-based Malware Detection, Faculty of Informatics, The Technical University of Munich, Master Thesis, 2009. [22] Chand, C., Thakkar, A., & Ganatra, A. (2012). Sequential pattern mining: Survey and current research challenges. International Journal of Soft Computing and Engineering, 2(1), 185-193. [23] Parikh, M., Chaudhari, B., & Chand, C. (2013). A comparative study of sequential pattern mining algorithms. International Journal of Application or Innovation in Engineering & Management (IJAIEM), 2(2). [24] Mooney, C. H., & Roddick, J. F. (2013). Sequential pattern mining--approaches and algorithms. ACM Computing Surveys (CSUR), 45(2), 19. [25] Ramakrishnan Srikant & Rakesh Agrawal (1996), “Mining sequential patterns: Generalizations and performance improvements”, In International Conference on Extending Database Technology, pp.1–17, Springer. [26] Jay Ayres & Jason Flannick & Johannes Gehrke & Tomi Yiu (2002) “Sequential pattern mining using a bitmap representation”, In Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining, pp.429–435.
[27] Mohammed J Zaki. Spade (2001) “An efficient algorithm for mining frequent sequences. Machine learning”, Vol.42, No.1-2, pp.31–60. [28] Philippe Fournier-Viger &Antonio Gomariz & Ted Gueniche &Azadeh Soltani & Cheng- Wei Wu & Vincent S Tseng (2014) “Spmf: a java open-source pattern mining library”, The Journal of Machine Learning Research, Vol.15, No.1, pp.3389–3393. [29] SPMF library, Internet: http://www.philippe-fournier-viger.com/spmf/, 29.06.2018. [30] Philippe Fournier-Viger & Antonio Gomariz & Manuel Campos & Rincy Thomas (2014) “Fast vertical mining of sequential patterns using co-occurrence information”, In Pacific- Asia Conference on Knowledge Discovery and Data Mining, pp.40–52, Springer. [31] Gandotra, E., Bansal, D., & Sofat, S. (2014). Malware analysis and classification: A survey. Journal of Information Security, 5(02), 56. [32] Leo Breiman (2001) “Random forests”, Machine learning, Vol.45, No.1, pp.5–32. [33] Padraig Cunningham & Sarah Jane Delany (2007) “k-nearest neighbour classifiers”, Multiple Classifier Systems, Vol.34, pp.1–17. [34] Marti A. Hearst & Susan T Dumais & Edgar Osuna & John Platt & Bernhard Scholkopf (1998), “Support vector machines”, IEEE Intelligent Systems and their applications, Vol. 13, No.4, pp.18–28. [35] Fabian Pedregosa & Gaël Varoquaux &Alexandre Gramfort & Vincent Michel & Bertrand Thirion & Olivier Grisel & Mathieu Blondel & Peter Prettenhofer & Ron Weiss &Vincent Dubourg (2011) “Scikit-learn: Machine learning in python”, Journal of machine learning research, Vol. 12, pp.2825–2830. [36] Hossin, M., & Sulaiman, M. N. (2015). A review on evaluation metrics for data classification evaluations. International Journal of Data Mining & Knowledge Management Process, 5(2), 1. [37] Yiming Yang (1999) “An evaluation of statistical approaches to text categorization”, Information retrieval, Vol.1, No. 1-2, pp.69–90. [38] Thomas G Dietterich (1998), “Approximate statistical tests for comparing supervised classification learning algorithms”, Neural computation, Vol.10, No.7, pp.1895–1923.
AUTHORS Abdurrahman Pektaş received his B.Sc. and M Sc. at Galatasaray University and his PhD at the University of Joseph Fourier, all in computer engineering, in 2009, 2012 and 2015, respectively. He is a senior researcher at Galatasaray University. His research interests are analysis, detection and classification of malicious software, machine learning and security analysis tool development. Elif Nurdan Pektaş received his B.Sc. and M Sc. at Galatasaray University all in computer engineering, in 2010, and 2014, respectively. She is leading software developer at Siemens Turkey. Her research interests are developing IoT based applications, deep learning, cloud based application and automated testing. Tankut Acarman received his Ph.D. degree in Electrical and Computer engineering from the Ohio State University in 2002. He is professor and head of computer engineering department at Galatasaray University in Istanbul, Turkey. His research interests lie along all aspects of autonomous s ystems, intelligent vehicle technologies and security. He is the co-author of the book entitled “Autonomous Ground.
HYBRIDIZATION OF DCT BASED STEGANOGRAPHY AND RANDOM GRIDS Pratarshi Saha1 , Sandeep Gurung2 and Kunal Krishanu Ghose3 1,2 Department of Computer Science & Engineering, Sikkim Manipal Institute of Technology, Majhitar, Sikkim, India 3 QualComm, Sandiego, CA, USA ABSTRACT With the increasing popularity of information technology in communication network, security has become an inseparable but vital issue for providing for confidentiality, data security, entity authentication and data origin authentication. Steganography is the scheme of hiding data into a cover media to provide confidentiality and secrecy without risking suspicion of an intruder. Visual cryptography is a new technique which provides information security using simple algorithm unlike the complex, computationally intensive algorithms used in other techniques like traditional cryptography. This technique allows visual information to be encrypted in such a way that their decryption can be performed by the Human Visual System (HVS), without any complex cryptographic algorithms. To provide a better secured system that ensures high data capacity and information security, a multilevel security system can be thought for which can be built by incorporating the principles of steganography and visual cryptography. KEYWORDS Data Security, DCT based Steganography, Random Grids, Visual Cryptography, Hybrid For More Details : http://airccse.org/journal/nsa/5413nsa13.pdf Volume Link : http://airccse.org/journal/jnsa13_current.html
REFERENCES [1] Ahmad Movahedian Attar, Isfahan University of Technology, Omid Taheri, Isfahan University of Technology, Saeid Sadri, Isfahan University of Technology, Mohammad Javad Omidi, Isfahan University of Technology,” Data Hiding in Halftone Images Using Error Diffusion Half toning Method with Adaptive Thresholding”, 2006,pp. 2. [2] Adi Shamir and Moni Naor, “Visual Cryptography”, 1964, pp. 1-2, 3-5. [3] Hardik Patel and Preeti Dave, “Steganography Technique based on DCT Coefficients”, Jan – Feb 2012, International Journal of Engineering Research and Applications, Vol 2, Issue 1,pp 713-717, www.ijera.com. [4] Jonathan Weir and Wei Qi Yan Queen’s University Belfast, Belfast, BT7 1NN,UK,A, 2010, “Comprehensive Study of Visual Cryptography”, pp. 70. [5] Kafri, O., Keren, E., “Encryption of pictures and shapes by Random Grids.” Optics,Letters, 1987, 377–379. [6] Shyong Jian Shyu , Department of Computer Science and Information Engineering, Ming Chuan University, 5 Der Ming Rd, Gawi Shan, Taoyuan 333,Taiwan, ROC. “Image Encryption by Random Grids”, 2006, The Journal of Pattern Recognition Society, www.sciencedirect.com. [7] Tzung-Her Chen, Kai-Hsiang Tsao Department of Computer Science and Information Engineering, National Chiayi University, 300 University Rd., Chiayi City60004, Taiwan, “Threshold Visual Secret Sharing using Random Grids”,2011, pp. 1198. AUTHORS First Author:- Pratarshi Saha is a Final year student in the Department of Computer Science and Engineering at Sikkim Manipal Institute of Technology, Mazitar, Sikkim, India. He subject of interests are Computer and Information Security, Design and Analysis of Algorithms and Computer Networks. Second Author:- Sandeep Gurung received his M. Tech degree in Computer Science and Engineering from the Sikkim Manipal University in 2009 and is currently pursuing his Ph.D. degree in Computer Science and Engineering. He is a Assistant Professor in the Department of Computer Science at Sikkim Manipal Institute of Technology, Mazitar, Sikkim, India. His research interests include Computer Networks, Cryptography, Distributed Systems and Soft Computing.
Third Author:- Kunal Krishanu Ghose did his MS (Engg.) in Electrical and Communication Engineering with specialization Wireless Sensor Network from University at Buffalo, NY, USA in 2009 and B. Tech (ECE) from NIT Durgapur, INDIA in 2006. After completion of B. Tech, he joined as a System Engineer in Aricent (Hughes Software System), Chennai for a year in 2007. Presently, he is working in Qualcomm Inc., Sandiego, CA, USA as a Sr. Engineer in Architecture Performance Department, looking after the Quad core processor technology. His areas of research interest are Mobile Network, Communications, and Cryptography.
PERFORMANCE EVALUATION OF MACHINE LEARNING TECHNIQUES FOR DOS DETECTION IN WIRELESS SENSOR NETWORK Lama Alsulaiman and Saad Al-Ahmadi Department of Computer Science, King Saud University, Riyadh, Saudi Arabia ABSTRACT The nature of Wireless Sensor Networks (WSN) and the widespread of using WSN introduce many security threats and attacks. An effective Intrusion Detection System (IDS) should be used to detect attacks. Detecting such an attack is challenging, especially the detection of Denial of Service (DoS) attacks. Machine learning classification techniques have been used as an approach for DoS detection. This paper conducted an experiment using Waikato Environment for Knowledge Analysis (WEKA)to evaluate the efficiency of five machine learning algorithms for detecting flooding, grayhole, blackhole, and scheduling at DoS attacks in WSNs. The evaluation is based on a dataset, called WSN-DS. The results showed that the random forest classifier outperforms the other classifiers with an accuracy of 99.72%. KEYWORDS Wireless Sensor Networks, Machine Learning, Denial of Service For More Details : https://aircconline.com/ijnsa/V13N2/13221ijnsa02.pdf Volume Link : http://airccse.org/journal/jnsa21_current.html
REFERENCES [1] N. A. A. Aziz and K. A. Aziz, “Managing disaster with wireless sensor networks,” in International Conference on Advanced Communication Technology, ICACT, 2011, pp. 202–207. [2] I. Almomani, B. Al-Kasasbeh, and M. Al-Akhras, “WSN-DS: A Dataset for Intrusion Detection Systems in Wireless Sensor Networks,” J. Sensors, vol. 2016, 2016, doi: 10.1155/2016/4731953. [3] M. A. Alsheikh, S. Lin, D. Niyato, and H. P. Tan, “Machine learning in wireless sensor networks: Algorithms, strategies, and applications,” IEEE Commun. Surv. Tutorials, 2014, doi: 10.1109/COMST.2014.2320099. [4] S. Gunduz, B. Arslan, and M. Demirci, “A review of machine learning solutions to denial- of-services attacks in wireless sensor networks,” in Proceedings - 2015 IEEE 14th International Conference on Machine Learning and Applications, ICMLA 2015, 2016, pp. 150–155, doi: 10.1109/ICMLA.2015.202. [5] M. C. Belavagi and B. Muniyal, “Performance Evaluation of Supervised Machine Learning Algorithms for Intrusion Detection,” in Procedia Computer Science, 2016, vol. 89, pp. 117– 123, doi: 10.1016/j.procs.2016.06.016. [6] G. Pachauri and S. Sharma, “Anomaly Detection in Medical Wireless Sensor Networks using Machine Learning Algorithms,” in Procedia Computer Science, 2015, vol. 70, pp. 325–333, doi: 10.1016/j.procs.2015.10.026. [7] L. Almon, M. Riecker, and M. Hollick, “Lightweight Detection of Denial-of-Service Attacks on Wireless Sensor Networks Revisited,” in Proceedings - Conference on Local Computer Networks, LCN, 2017, vol. 2017-October, pp. 444–452, doi: 10.1109/LCN.2017.110. [8] P. Nancy, S. Muthurajkumar, S. Ganapathy, S. V. N. Santhosh Kumar, M. Selvi, and K. Arputharaj, “Intrusion detection using dynamic feature selection and fuzzy temporal decision tree classification for wireless sensor networks,” IET Commun., 2020, doi: 10.1049/iet-com.2019.0172. [9] V. T. Alaparthy and S. D. Morgera, “A Multi-Level Intrusion Detection System for Wireless Sensor Networks Based on Immune Theory,” IEEE Access, 2018, doi: 10.1109/ACCESS.2018.2866962. [10] R. Vinayakumar, M. Alazab, K. P. Soman, P. Poornachandran, A. Al-Nemrat, and S. Venkatraman, “Deep Learning Approach for Intelligent Intrusion Detection System,” IEEE Access, 2019, doi: 10.1109/ACCESS.2019.2895334.
[11] B. Riyaz and S. Ganapathy, “A deep learning approach for effective intrusion detection in wireless networks using CNN,” Soft Comput., vol. 24, no. 22, pp. 17265–17278, 2020, doi: 10.1007/s00500-020-05017-0. [12] C. Ioannou, V. Vassiliou, and C. Sergiou, “An Intrusion Detection System for Wireless Sensor Networks,” 2017, doi: 10.1109/ICT.2017.7998271. [13] O. A. Osanaiye, A. S. Alfa, and G. P. Hancke, “Denial of Service Defence for Resource Availability in Wireless Sensor Networks,” IEEE Access. 2018, doi: 10.1109/ACCESS.2018.2793841. [14] I. H. Witten, E. Frank, M. A. Hall, and C. J. Pal, Data Mining: Practical Machine Learning Tools and Techniques. 2016. [15] A. D. Wood and J. A. Stankovic, “Denial of service in sensor networks,” Computer (Long. Beach. Calif)., vol. 35, no. 10, pp. 54–62, 2002, doi: 10.1109/MC.2002.1039518. [16] G. Holmes, A. Donkin, and I. H. Witten, “WEKA: A machine learning workbench,” 1994, doi: 10.1109/anziis.1994.396988. AUTHORS Lama Alsulaiman received her bachelor's degree in Computer Science from Imam Muhammad ibn Saud Islamic University. She is currently pursuing the masterdegree in the Computer Science program at King Saud University. Her research interests are mainly in the field of Computer Networks, Networks Security, Software-Defined Networks. Saad Al-Ahmadi received the MS and Ph.D. degree in computer science from King Saud University, Saudi Arabia. He is an Associate Professor in the Department of Computer Science, King Saud University. Also, he serves as a part-time consultant in many public and private organizations. His current research interests include Cybersecurity, IoT, machine learning for healthcare, and future generation networks.
APPLYING THE HEALTH BELIEF MODEL TO CARDIAC IMPLANTED MEDICAL DEVICE PATIENTS George W. Jackson1 and Shawon Rahman2 1 College of Business and Technology, Capella University, Minneapolis, USA 2 Professor, Dept.of Computer Science & Engineering, University of Hawaii-Hilo, 200W.KawiliStreet, Hilo, HI96720, USA ABSTRACT Wireless Implanted Medical Devices (WIMD) are helping millions of users experience a better quality of life. Because of their many benefits, these devices are experiencing dramatic growth in usage, application, and complexity. However, this rapid growth has precipitated an equally rapid growth of cybersecurity risks and threats. While it is apparent from the literature WIMD cybersecurity is a shared responsibility among manufacturers, healthcare providers, and patients; what explained what role patients should play in WIMD cybersecurity and how patients should be empowered to assume this role. The health belief model (HBM) was applied as the theoretical framework for a multiple case study which examined the question: How are the cybersecurity risks and threats related to wireless implanted medical devices being communicated to patients who have or will have these devices implanted in their bodies? The subjects of this multiple case study were sixteen cardiac device specialists in the U.S., each possessing at least one year of experience working directly with cardiac implanted medical device (CIMD) patients, who actively used cardiac device home monitoring systems. The HBM provides a systematic framework suitable for the proposed research. Because of its six-decade history of validity and its extraordinary versatility, the health belief model, more efficiently than any other model considered, provides a context for understanding and interpreting the results of this study. Thus, the theoretical contribution of this research is to apply the HBM in a setting where it has never been applied before, WIMD patient cybersecurity awareness. This analysis (using a multiple case study) will demonstrate how the HBM can assist the health practitioners, regulators, manufacturers, security practitioners, and the research community in better understanding the factors, which support WIMD patient cybersecurity awareness and subsequent adherence to cybersecurity best practices. KEYWORDS Health Belief Model, Healthcare Cybersecurity, Cardiac Implanted Device, Wireless Implanted Medical Devices, WIMD, WIMD cybersecurity For More Details : http://aircconline.com/ijnsa/V13N2/13221ijnsa03.pdf Volume Link : http://airccse.org/journal/jnsa21_current.html
REFERENCES [1] Lee, S. Hyun. & Kim Mi Na, (2008) “This is my paper”, ABC Transactions on ECE, Vol. 10,No. 5, pp120-122. [2] Gizem, Aksahya & Ayese, Ozcan (2009) Communications & Networks, Network Books, ABC Publishers. [3] Williams, C. K., Wynn, D., Madupalli, R., Karahanna, E., & Duncan, B. K. (2014). Explaining users' security behaviors with the security belief model. Journal of Organizational and End User Computing, 26(3), 23-46. [4] Ng, B. Y., Kankanhalli, A., & Xu, Y. C. (2009). Studying users' computer security behavior: A health belief perspective. Decision Support Systems, 46(4), 815-825. [5] Jung, E. E., Ho, E. Y., Chung, H., & Sinclair, M. (2015). Perceived risk and self-efficacy regarding internet security in a marginalized community. Proceedings of the 33rd Annual ACM Conference Extended Abstracts on Human Factors in Computing Systems, ACM, 1085-1090. [6] Davinson, N., & Sillence, E. (2014). Using the health belief model to explore users' perceptions of ‘being safe and secure’ in the world of technology-mediated financial transactions. International Journal of Human-Computer Studies, 72(2), 154-168. [7] Khan, B., Alghathbar, K. S., Nabi, S. I., & Khan, M. K. (2011). The effectiveness of information security awareness methods based on psychological theories. African Journal of Business Management, 5(26), 10862-10868. [8] Marton, C., & Chun, W. C. (2012). A review of theoretical models of health information seeking on the web. Journal of Documentation, 68(3), 330-352. [9] Herath, T., & Rao, H. R. (2009). Protection motivation and deterrence: A framework for security policy compliance in organizations. European Journal of Information Systems, 18(2), 106-125. [10] Armitage, C. J., & Conner, M. (2000). Social cognition models and health behaviour: A structured review. Psychology and health, 15(2), 173-189. [11] Camara, C., Peris-Lopez, P., & Tapiador, J.E. (2015). Security and privacy issues in implantable medical devices: A comprehensive survey. Journal of Biomedical Informatics, 55, 272-289. [12] Denning, T., Borning, A., Friedman, B., Gill, B. T., Kohno, T., & Maisel, W. H. (2010). Patients, pacemakers, and implantable defibrillators: Human values and security for wireless implantable medical devices. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, 917-926.
[13] Fu, K. (2009). Inside risks: Reducing risks of implantable medical devices. Communications of the ACM, 52(6), 25-27. [14] Fu, K., & Blum, J. (2013). Controlling for cybersecurity risks of medical device software. Communications of the ACM, 56(10), 35-37 [15] Kotz, D. (2011). A threat taxonomy for mHealth privacy. Proceedings of Third International Conference on Communication Systems and Network (COMSNETS), 1-6. [16] Leavitt, N. (2010). Researchers fight to keep implanted medical devices safe from hackers. Computer, 43(8), 11-14. [17] Ray, A., Jones, P., & Zhang, Y. (2013). Medical device security-A new frontier. Biomedical Instrumentation & Technology, 47(1), 72-72. [18] Sametinger, J., Rozenblit, J., Lysecky, R., & Ott, P. (2015). Security Challenges for Medical Devices. Communications of the ACM, 58(4), 74-82. [19] Williams, P. A., & Woodward, A. J. (2015). Cybersecurity vulnerabilities in medical devices: a complex environment and multifaceted problem. Medical Devices: Evidence and Research, 8, 305–316. [20] Middaugh, D. J. (2016). Do security flaws put your patients' health at risk? MedSurg Nursing, 25(2), 131-133. [21] Boulos, P., Sargolzaei, A., Ziaei, A., & Sargolzaei, S. (2016). Pacemakers: A Survey on Development History, Cyber-Security Threats, and Countermeasures. [22] Perakslis, E. D. (2014). Cybersecurity in health care. New England Journal of Medicine, 371(5), 395-397. [23] Lyon, D. (2016). Making Trade-Offs for Safe, Effective, and Secure Patient Care. Journal of Diabetes Science and Technology, [24] Sansurooah, K. (2015). Security risks of medical devices in wireless environments. [25] Appari, A., & Johnson, M. E. (2010). Information security and privacy in healthcare: Current state of research. International Journal of Internet and management, 6(4), 279-314. [26] Armstrong, D. G., Kleidermacher, D. N., Klonoff, D. C., & Slepian, M. J. (2015). Cyber security regulation of wireless devices for performance and assurance in the age of “medjacking”. Journal of Diabetes Science and Technology, 1-4. [27] Garfinkel, S. L. (2012). The cybersecurity risk. Communications of the ACM, 55(6), 29-32.
[28] Klonoff, D. C. (2015). Cybersecurity for connected diabetes devices. Journal of diabetes science and technology. [29] Rushanan, M., Rubin, A. D., Kune, D. F., & Swanson, C. M. (2014). SoK: Security and privacy in implantable medical devices and body area networks. Proceedings of IEEE Security and Privacy 2014 Symposium, 524-539. [30] Wirth, A. (2011). Cybercrimes pose growing threat to medical devices. Biomedical Instrumentation & Technology, 45(1), 26-34. [31] Hansen, J. A., & Hansen, N. M. (2010). A taxonomy of vulnerabilities in implantable medical devices. In Proceedings of the Second Annual Workshop On Security and Privacy in Medical and Home-Care Systems, 13-20/ [32] Murphy, S. (2015). Is cyber security possible in healthcare? National Cybersecurity Institute Journal,1(3)49-63. [33] Gupta, S. (2012). Implantable Medical Devices-Cyber Risks and Mitigation Approaches. In Proceedings of the Cybersecurity in Cyber-Physical Workshop, The National Institute of Standards and Technology (NIST), US. [34] Ellouze, N., Rekhis, S., Boudriga, N., & Allouche, M. (2017). Cardiac Implantable Medical Devices forensics: Postmortem analysis of lethal attacks scenarios. Digital Investigation, 21, 11- 30. [35] Halperin, D., Heydt-Benjamin, T. S., Fu, K., Kohno, T., & Maisel, W. H. (2008). Security and privacy for implantable medical devices. IEEE pervasive computing, 7(1), 30-39. [36] Burleson, W., Clark, S. S., Ransford, B., & Fu, K. (2012, June). Design challenges for secure implantable medical devices. In Proceedings of the 49th Annual Design Automation Conference (pp. 12-17). ACM. [37] Rostami, M., Burleson, W., Koushanfar, F., & Juels, A. (2013, May). Balancing security and utility in medical devices? In Proceedings of the 50th Annual Design Automation Conference (p. 13). ACM. [38] Faizi, Salman and Rahman, Shawon;” Securing Cloud Computing Through IT Governance”; International Journal of Information Technology in Industry (ITII), vol. 7, no.1, 2019, Pages: 1-14 [39] Jackson, George and Rahman, Shawon; “Exploring Challenges and Opportunities in Cybersecurity Risk and Threat Communications related to the Medical Internet of Things (MIoT)”, International Journal of Network Security & Its Applications (IJNSA), Vol. 11, No.4, July 2019.
[40] Loukaka, Alain and Rahman, Shawon; “Discovering New Cyber Protection Approaches From a Security Professional Prospective”; International Journal of Computer Networks & Communications (IJCNC) Vol.9, No.4, July 2017 [41] Al-Mamun, Abdullah, Rahman, Shawon and et al;“ Security Analysis of AES and Enhancing its Security by Modifying S-Box with an Additional Byte ”; International Journal of Computer Networks & Communications (IJCNC), Vol.9, No.2, March 2017 [42] Opala, Omondi John; Rahman, Shawon; and Alelaiwi, Abdulhameed; “The Influence of Information Security on the Adoption of Cloud computing: An Exploratory Analysis”, International Journal of Computer Networks & Communications (IJCNC), Vol.7, No.4, July 2015 [43] Faizi, Salman and Rahman, Shawon; “Secured Cloud for Enterprise Computing”; 34th International Conference on Computers and Their Applications (CATA-2019), March 18-20, 2019, Waikiki Beach Marriott Resort & Spa, Honolulu, Hawaii, USA [44] Faizi, Salman and Rahman, Shawon; “Choosing the Best-fit Lifecycle Framework while Addressing Functionality and Security Issues”; 34th International Conference on Computers and Their Applications (CATA-2019), March 18-20, 2019, Waikiki Beach Marriott Resort & Spa, Honolulu, Hawaii, USA [45] Schneider, Marvin and Rahman, Shawon “Protection Motivation Theory Factors that Influence Undergraduates to Adopt Smartphone Security Measures ”; International Journal of Information Technology in Industry (ITII), Vol 9, No 1 (2021) AUTHORS Dr. George W. Jackson, Jr. has earned a Ph.D. in Information Technology, Information Assurance, and Cybersecurity degree from Capella University. He has nearly 30 years of experience in Information Technology, Information Security, and IT Project Management. A seasoned business and technology expert possessing an MBA and IT Management and professional certifications in Project Management, Information Security, and Healthcare Information Security and Privacy. Dr. Shawon S. M. Rahman is a Professor of Computer Science at the University of Hawaii-Hilo and a part-time faculty of Information Technology, Information Assurance and Security Program at the Capella University. Dr. Rahman’s research interests include software engineering education, information assurance and security, digital forensics, web accessibility, cloud computing, and software testing and quality assurance. He has published over 125 peer reviewed articles in various international journals, conferences, and books. He is an active member of many professional organizations including IEEE, ACM, ASEE, ASQ, and UPE.

Recommended

May 2021: Top 10 Read Articles in Network Security and Its Applications
May 2021: Top 10 Read Articles in Network Security and Its ApplicationsMay 2021: Top 10 Read Articles in Network Security and Its Applications
May 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
July 2021 - Top 10 Read Articles in Network Security & Its Applications
July 2021 - Top 10 Read Articles in Network Security & Its ApplicationsJuly 2021 - Top 10 Read Articles in Network Security & Its Applications
July 2021 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
September 2021: Top 10 Read Articles in Network Security and Its Applications
September 2021: Top 10 Read Articles in Network Security and Its ApplicationsSeptember 2021: Top 10 Read Articles in Network Security and Its Applications
September 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
January 2021 - Top 10 Read Articles in Network Security & Its Applications
January 2021 - Top 10 Read Articles in Network Security & Its ApplicationsJanuary 2021 - Top 10 Read Articles in Network Security & Its Applications
January 2021 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
October 2020 - Top Read Articles in Network Security & Its Applications
October 2020 - Top Read Articles in Network Security & Its ApplicationsOctober 2020 - Top Read Articles in Network Security & Its Applications
October 2020 - Top Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
March 2021: Top 10 Read Articles in Network Security and Its Applications
March 2021: Top 10 Read Articles in Network Security and Its ApplicationsMarch 2021: Top 10 Read Articles in Network Security and Its Applications
March 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
Most cited articles in academia - International journal of network security &...
Most cited articles in academia - International journal of network security &...Most cited articles in academia - International journal of network security &...
Most cited articles in academia - International journal of network security &...IJNSA Journal
 
March 2022 - Top 10 Read Articles in Network Security and Its Applications
March 2022 - Top 10 Read Articles in Network Security and Its ApplicationsMarch 2022 - Top 10 Read Articles in Network Security and Its Applications
March 2022 - Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 

Recommended

May 2021: Top 10 Read Articles in Network Security and Its Applications
May 2021: Top 10 Read Articles in Network Security and Its ApplicationsMay 2021: Top 10 Read Articles in Network Security and Its Applications
May 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
July 2021 - Top 10 Read Articles in Network Security & Its Applications
July 2021 - Top 10 Read Articles in Network Security & Its ApplicationsJuly 2021 - Top 10 Read Articles in Network Security & Its Applications
July 2021 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
September 2021: Top 10 Read Articles in Network Security and Its Applications
September 2021: Top 10 Read Articles in Network Security and Its ApplicationsSeptember 2021: Top 10 Read Articles in Network Security and Its Applications
September 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
January 2021 - Top 10 Read Articles in Network Security & Its Applications
January 2021 - Top 10 Read Articles in Network Security & Its ApplicationsJanuary 2021 - Top 10 Read Articles in Network Security & Its Applications
January 2021 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
October 2020 - Top Read Articles in Network Security & Its Applications
October 2020 - Top Read Articles in Network Security & Its ApplicationsOctober 2020 - Top Read Articles in Network Security & Its Applications
October 2020 - Top Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
March 2021: Top 10 Read Articles in Network Security and Its Applications
March 2021: Top 10 Read Articles in Network Security and Its ApplicationsMarch 2021: Top 10 Read Articles in Network Security and Its Applications
March 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
Most cited articles in academia - International journal of network security &...
Most cited articles in academia - International journal of network security &...Most cited articles in academia - International journal of network security &...
Most cited articles in academia - International journal of network security &...IJNSA Journal
 
March 2022 - Top 10 Read Articles in Network Security and Its Applications
March 2022 - Top 10 Read Articles in Network Security and Its ApplicationsMarch 2022 - Top 10 Read Articles in Network Security and Its Applications
March 2022 - Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
December 2021: Top 10 Read Articles in Network Security and Its Applications
December 2021: Top 10 Read Articles in Network Security and Its ApplicationsDecember 2021: Top 10 Read Articles in Network Security and Its Applications
December 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
November 2021 - Top 10 Read Articles in Network Security & Its Applications
November 2021 - Top 10 Read Articles in Network Security & Its ApplicationsNovember 2021 - Top 10 Read Articles in Network Security & Its Applications
November 2021 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
October 2021: Top 10 Read Articles in Network Security and Its Applications
October 2021: Top 10 Read Articles in Network Security and Its ApplicationsOctober 2021: Top 10 Read Articles in Network Security and Its Applications
October 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
Efficient Data Security for Mobile Instant Messenger
Efficient Data Security for Mobile Instant MessengerEfficient Data Security for Mobile Instant Messenger
Efficient Data Security for Mobile Instant MessengerTELKOMNIKA JOURNAL
 
Efficient Data Security for Mobile Instant Messenger
Efficient Data Security for Mobile Instant MessengerEfficient Data Security for Mobile Instant Messenger
Efficient Data Security for Mobile Instant MessengerPutra Wanda
 
Securing mobile cloud using finger print authentication
Securing mobile cloud using finger print authenticationSecuring mobile cloud using finger print authentication
Securing mobile cloud using finger print authenticationIJNSA Journal
 
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...Trusting Smart Speakers: Understanding the Different Levels of Trust between ...
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...CSCJournals
 
Data Science for IoT
Data Science for IoTData Science for IoT
Data Science for IoTOlivera Kotevska, Ph.D.
 
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGES
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGESTHE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGES
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGESIJNSA Journal
 
Top 10 Read Article in Computer Science & Information Technology: September 2021
Top 10 Read Article in Computer Science & Information Technology: September 2021Top 10 Read Article in Computer Science & Information Technology: September 2021
Top 10 Read Article in Computer Science & Information Technology: September 2021AIRCC Publishing Corporation
 
WEARABLE TECHNOLOGY DEVICES SECURITY AND PRIVACY VULNERABILITY ANALYSIS
WEARABLE TECHNOLOGY DEVICES SECURITY AND PRIVACY VULNERABILITY ANALYSISWEARABLE TECHNOLOGY DEVICES SECURITY AND PRIVACY VULNERABILITY ANALYSIS
WEARABLE TECHNOLOGY DEVICES SECURITY AND PRIVACY VULNERABILITY ANALYSISIJNSA Journal
 
Security Aspects of the Information Centric Networks Model
Security Aspects of the Information Centric Networks ModelSecurity Aspects of the Information Centric Networks Model
Security Aspects of the Information Centric Networks ModelCSCJournals
 
76 s201913
76 s20191376 s201913
76 s201913IJRAT
 
Challenges of IP protection in era of cloud computing
Challenges of IP protection in era of cloud computingChallenges of IP protection in era of cloud computing
Challenges of IP protection in era of cloud computingBrandix India Apparel City Pvt Ltd.
 
Complexity Versus Comprehendability: Simplifying Wireless Security
Complexity Versus Comprehendability: Simplifying Wireless SecurityComplexity Versus Comprehendability: Simplifying Wireless Security
Complexity Versus Comprehendability: Simplifying Wireless SecurityOlivia Moran
 
Trust management techniques_for_the_internet_of_things_a_survey-converted
Trust management techniques_for_the_internet_of_things_a_survey-convertedTrust management techniques_for_the_internet_of_things_a_survey-converted
Trust management techniques_for_the_internet_of_things_a_survey-convertedtanvir616
 
Paper published
Paper published Paper published
Paper published University of Fallujah
 
Data Security in Mobile Cloud Computing A State of the Art Review
Data Security in Mobile Cloud Computing A State of the Art ReviewData Security in Mobile Cloud Computing A State of the Art Review
Data Security in Mobile Cloud Computing A State of the Art ReviewRida Qayyum
 
07 20252 cloud computing survey
07 20252 cloud computing survey07 20252 cloud computing survey
07 20252 cloud computing surveyIAESIJEECS
 
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGES
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGESTHE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGES
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGESIJNSA Journal
 
Most Downloaded article for an year in academia - International Journal of Ne...
Most Downloaded article for an year in academia - International Journal of Ne...Most Downloaded article for an year in academia - International Journal of Ne...
Most Downloaded article for an year in academia - International Journal of Ne...IJNSA Journal
 
March 2024 - Top 10 Read Articles in Network Security & Its Applications
March 2024 - Top 10 Read Articles in Network Security & Its ApplicationsMarch 2024 - Top 10 Read Articles in Network Security & Its Applications
March 2024 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 

More Related Content

What's hot

December 2021: Top 10 Read Articles in Network Security and Its Applications
December 2021: Top 10 Read Articles in Network Security and Its ApplicationsDecember 2021: Top 10 Read Articles in Network Security and Its Applications
December 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
November 2021 - Top 10 Read Articles in Network Security & Its Applications
November 2021 - Top 10 Read Articles in Network Security & Its ApplicationsNovember 2021 - Top 10 Read Articles in Network Security & Its Applications
November 2021 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
October 2021: Top 10 Read Articles in Network Security and Its Applications
October 2021: Top 10 Read Articles in Network Security and Its ApplicationsOctober 2021: Top 10 Read Articles in Network Security and Its Applications
October 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
Efficient Data Security for Mobile Instant Messenger
Efficient Data Security for Mobile Instant MessengerEfficient Data Security for Mobile Instant Messenger
Efficient Data Security for Mobile Instant MessengerTELKOMNIKA JOURNAL
 
Efficient Data Security for Mobile Instant Messenger
Efficient Data Security for Mobile Instant MessengerEfficient Data Security for Mobile Instant Messenger
Efficient Data Security for Mobile Instant MessengerPutra Wanda
 
Securing mobile cloud using finger print authentication
Securing mobile cloud using finger print authenticationSecuring mobile cloud using finger print authentication
Securing mobile cloud using finger print authenticationIJNSA Journal
 
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...Trusting Smart Speakers: Understanding the Different Levels of Trust between ...
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...CSCJournals
 
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGES
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGESTHE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGES
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGESIJNSA Journal
 
Top 10 Read Article in Computer Science & Information Technology: September 2021
Top 10 Read Article in Computer Science & Information Technology: September 2021Top 10 Read Article in Computer Science & Information Technology: September 2021
Top 10 Read Article in Computer Science & Information Technology: September 2021AIRCC Publishing Corporation
 
WEARABLE TECHNOLOGY DEVICES SECURITY AND PRIVACY VULNERABILITY ANALYSIS
WEARABLE TECHNOLOGY DEVICES SECURITY AND PRIVACY VULNERABILITY ANALYSISWEARABLE TECHNOLOGY DEVICES SECURITY AND PRIVACY VULNERABILITY ANALYSIS
WEARABLE TECHNOLOGY DEVICES SECURITY AND PRIVACY VULNERABILITY ANALYSISIJNSA Journal
 
Security Aspects of the Information Centric Networks Model
Security Aspects of the Information Centric Networks ModelSecurity Aspects of the Information Centric Networks Model
Security Aspects of the Information Centric Networks ModelCSCJournals
 
76 s201913
76 s20191376 s201913
76 s201913IJRAT
 
Complexity Versus Comprehendability: Simplifying Wireless Security
Complexity Versus Comprehendability: Simplifying Wireless SecurityComplexity Versus Comprehendability: Simplifying Wireless Security
Complexity Versus Comprehendability: Simplifying Wireless SecurityOlivia Moran
 
Trust management techniques_for_the_internet_of_things_a_survey-converted
Trust management techniques_for_the_internet_of_things_a_survey-convertedTrust management techniques_for_the_internet_of_things_a_survey-converted
Trust management techniques_for_the_internet_of_things_a_survey-convertedtanvir616
 
Data Security in Mobile Cloud Computing A State of the Art Review
Data Security in Mobile Cloud Computing A State of the Art ReviewData Security in Mobile Cloud Computing A State of the Art Review
Data Security in Mobile Cloud Computing A State of the Art ReviewRida Qayyum
 
07 20252 cloud computing survey
07 20252 cloud computing survey07 20252 cloud computing survey
07 20252 cloud computing surveyIAESIJEECS
 
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGES
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGESTHE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGES
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGESIJNSA Journal
 

What's hot (20)

December 2021: Top 10 Read Articles in Network Security and Its Applications
December 2021: Top 10 Read Articles in Network Security and Its ApplicationsDecember 2021: Top 10 Read Articles in Network Security and Its Applications
December 2021: Top 10 Read Articles in Network Security and Its Applications
 
November 2021 - Top 10 Read Articles in Network Security & Its Applications
November 2021 - Top 10 Read Articles in Network Security & Its ApplicationsNovember 2021 - Top 10 Read Articles in Network Security & Its Applications
November 2021 - Top 10 Read Articles in Network Security & Its Applications
 
October 2021: Top 10 Read Articles in Network Security and Its Applications
October 2021: Top 10 Read Articles in Network Security and Its ApplicationsOctober 2021: Top 10 Read Articles in Network Security and Its Applications
October 2021: Top 10 Read Articles in Network Security and Its Applications
 
Efficient Data Security for Mobile Instant Messenger
Efficient Data Security for Mobile Instant MessengerEfficient Data Security for Mobile Instant Messenger
Efficient Data Security for Mobile Instant Messenger
 
Efficient Data Security for Mobile Instant Messenger
Efficient Data Security for Mobile Instant MessengerEfficient Data Security for Mobile Instant Messenger
Efficient Data Security for Mobile Instant Messenger
 
Securing mobile cloud using finger print authentication
Securing mobile cloud using finger print authenticationSecuring mobile cloud using finger print authentication
Securing mobile cloud using finger print authentication
 
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...Trusting Smart Speakers: Understanding the Different Levels of Trust between ...
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...
 
Data Science for IoT
Data Science for IoTData Science for IoT
Data Science for IoT
 
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGES
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGESTHE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGES
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGES
 
Top 10 Read Article in Computer Science & Information Technology: September 2021
Top 10 Read Article in Computer Science & Information Technology: September 2021Top 10 Read Article in Computer Science & Information Technology: September 2021
Top 10 Read Article in Computer Science & Information Technology: September 2021
 
WEARABLE TECHNOLOGY DEVICES SECURITY AND PRIVACY VULNERABILITY ANALYSIS
WEARABLE TECHNOLOGY DEVICES SECURITY AND PRIVACY VULNERABILITY ANALYSISWEARABLE TECHNOLOGY DEVICES SECURITY AND PRIVACY VULNERABILITY ANALYSIS
WEARABLE TECHNOLOGY DEVICES SECURITY AND PRIVACY VULNERABILITY ANALYSIS
 
Security Aspects of the Information Centric Networks Model
Security Aspects of the Information Centric Networks ModelSecurity Aspects of the Information Centric Networks Model
Security Aspects of the Information Centric Networks Model
 
76 s201913
76 s20191376 s201913
76 s201913
 
Challenges of IP protection in era of cloud computing
Challenges of IP protection in era of cloud computingChallenges of IP protection in era of cloud computing
Challenges of IP protection in era of cloud computing
 
Complexity Versus Comprehendability: Simplifying Wireless Security
Complexity Versus Comprehendability: Simplifying Wireless SecurityComplexity Versus Comprehendability: Simplifying Wireless Security
Complexity Versus Comprehendability: Simplifying Wireless Security
 
Trust management techniques_for_the_internet_of_things_a_survey-converted
Trust management techniques_for_the_internet_of_things_a_survey-convertedTrust management techniques_for_the_internet_of_things_a_survey-converted
Trust management techniques_for_the_internet_of_things_a_survey-converted
 
Paper published
Paper published Paper published
Paper published
 
Data Security in Mobile Cloud Computing A State of the Art Review
Data Security in Mobile Cloud Computing A State of the Art ReviewData Security in Mobile Cloud Computing A State of the Art Review
Data Security in Mobile Cloud Computing A State of the Art Review
 
07 20252 cloud computing survey
07 20252 cloud computing survey07 20252 cloud computing survey
07 20252 cloud computing survey
 
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGES
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGESTHE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGES
THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGES
 

Similar to June 2021 - Top 10 Read Articles in Network Security and Its Applications

Most Downloaded article for an year in academia - International Journal of Ne...
Most Downloaded article for an year in academia - International Journal of Ne...Most Downloaded article for an year in academia - International Journal of Ne...
Most Downloaded article for an year in academia - International Journal of Ne...IJNSA Journal
 
March 2024 - Top 10 Read Articles in Network Security & Its Applications
March 2024 - Top 10 Read Articles in Network Security & Its ApplicationsMarch 2024 - Top 10 Read Articles in Network Security & Its Applications
March 2024 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
February 2024 - Top 10 Read Articles in Network Security & Its Applications
February 2024 - Top 10 Read Articles in Network Security & Its ApplicationsFebruary 2024 - Top 10 Read Articles in Network Security & Its Applications
February 2024 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
May 2023: Top 10 Read Articles in Network Security and Its Applications
May 2023: Top 10 Read Articles in Network Security and Its ApplicationsMay 2023: Top 10 Read Articles in Network Security and Its Applications
May 2023: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
May 2022: Top 10 Read Articles in Network Security and Its Applications
May 2022: Top 10 Read Articles in Network Security and Its ApplicationsMay 2022: Top 10 Read Articles in Network Security and Its Applications
May 2022: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
March 2023: Top 10 Read Articles in Network Security and Its Applications
March 2023: Top 10 Read Articles in Network Security and Its ApplicationsMarch 2023: Top 10 Read Articles in Network Security and Its Applications
March 2023: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
January 2023: Top 10 Read Articles in Network Security and Its Applications
January 2023: Top 10 Read Articles in Network Security and Its ApplicationsJanuary 2023: Top 10 Read Articles in Network Security and Its Applications
January 2023: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
June 2023: Top 10 Read Articles in Network Security and Its Applications
June 2023: Top 10 Read Articles in Network Security and Its ApplicationsJune 2023: Top 10 Read Articles in Network Security and Its Applications
June 2023: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
January 2024 - Top 10 Read Articles in Network Security & Its Applications
January 2024 - Top 10 Read Articles in Network Security & Its ApplicationsJanuary 2024 - Top 10 Read Articles in Network Security & Its Applications
January 2024 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
April 2023: Top 10 Read Articles in Network Security and Its Applications
April 2023: Top 10 Read Articles in Network Security and Its Applications April 2023: Top 10 Read Articles in Network Security and Its Applications
April 2023: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
July 2022 - Top 10 Read Articles in Network Security & Its Applications
July 2022 - Top 10 Read Articles in Network Security & Its ApplicationsJuly 2022 - Top 10 Read Articles in Network Security & Its Applications
July 2022 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
June 2022: Top 10 Read Articles in Network Security and Its Applications
June 2022: Top 10 Read Articles in Network Security and Its ApplicationsJune 2022: Top 10 Read Articles in Network Security and Its Applications
June 2022: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
November 2023 - Top 10 Read Articles in Network Security & Its Applications
November 2023 - Top 10 Read Articles in Network Security & Its ApplicationsNovember 2023 - Top 10 Read Articles in Network Security & Its Applications
November 2023 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
October 2022: Top 10 Read Articles in Network Security & Its Applications
October 2022: Top 10 Read Articles in Network Security & Its ApplicationsOctober 2022: Top 10 Read Articles in Network Security & Its Applications
October 2022: Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
December 2023 - Top 10 Read Articles in Network Security & Its Applications
December 2023 - Top 10 Read Articles in Network Security & Its ApplicationsDecember 2023 - Top 10 Read Articles in Network Security & Its Applications
December 2023 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
April 2022 - Top 10 Read Articles in Network Security and Its Applications
April 2022 - Top 10 Read Articles in Network Security and Its ApplicationsApril 2022 - Top 10 Read Articles in Network Security and Its Applications
April 2022 - Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
September 2022: Top 10 Read Articles in Network Security & Its Applications
September 2022: Top 10 Read Articles in Network Security & Its ApplicationsSeptember 2022: Top 10 Read Articles in Network Security & Its Applications
September 2022: Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
February 2023: Top 10 Read Articles in Network Security and Its Applications
February 2023: Top 10 Read Articles in Network Security and Its ApplicationsFebruary 2023: Top 10 Read Articles in Network Security and Its Applications
February 2023: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
August 2022: Top 10 Read Articles in Network Security and Its Applications
August 2022: Top 10 Read Articles in Network Security and Its ApplicationsAugust 2022: Top 10 Read Articles in Network Security and Its Applications
August 2022: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
October 2023 - Top 10 Read Articles in Network Security & Its Applications.pdf
October 2023 - Top 10 Read Articles in Network Security & Its Applications.pdfOctober 2023 - Top 10 Read Articles in Network Security & Its Applications.pdf
October 2023 - Top 10 Read Articles in Network Security & Its Applications.pdfIJNSA Journal
 

Similar to June 2021 - Top 10 Read Articles in Network Security and Its Applications (20)

Most Downloaded article for an year in academia - International Journal of Ne...
Most Downloaded article for an year in academia - International Journal of Ne...Most Downloaded article for an year in academia - International Journal of Ne...
Most Downloaded article for an year in academia - International Journal of Ne...
 
March 2024 - Top 10 Read Articles in Network Security & Its Applications
March 2024 - Top 10 Read Articles in Network Security & Its ApplicationsMarch 2024 - Top 10 Read Articles in Network Security & Its Applications
March 2024 - Top 10 Read Articles in Network Security & Its Applications
 
February 2024 - Top 10 Read Articles in Network Security & Its Applications
February 2024 - Top 10 Read Articles in Network Security & Its ApplicationsFebruary 2024 - Top 10 Read Articles in Network Security & Its Applications
February 2024 - Top 10 Read Articles in Network Security & Its Applications
 
May 2023: Top 10 Read Articles in Network Security and Its Applications
May 2023: Top 10 Read Articles in Network Security and Its ApplicationsMay 2023: Top 10 Read Articles in Network Security and Its Applications
May 2023: Top 10 Read Articles in Network Security and Its Applications
 
May 2022: Top 10 Read Articles in Network Security and Its Applications
May 2022: Top 10 Read Articles in Network Security and Its ApplicationsMay 2022: Top 10 Read Articles in Network Security and Its Applications
May 2022: Top 10 Read Articles in Network Security and Its Applications
 
March 2023: Top 10 Read Articles in Network Security and Its Applications
March 2023: Top 10 Read Articles in Network Security and Its ApplicationsMarch 2023: Top 10 Read Articles in Network Security and Its Applications
March 2023: Top 10 Read Articles in Network Security and Its Applications
 
January 2023: Top 10 Read Articles in Network Security and Its Applications
January 2023: Top 10 Read Articles in Network Security and Its ApplicationsJanuary 2023: Top 10 Read Articles in Network Security and Its Applications
January 2023: Top 10 Read Articles in Network Security and Its Applications
 
June 2023: Top 10 Read Articles in Network Security and Its Applications
June 2023: Top 10 Read Articles in Network Security and Its ApplicationsJune 2023: Top 10 Read Articles in Network Security and Its Applications
June 2023: Top 10 Read Articles in Network Security and Its Applications
 
January 2024 - Top 10 Read Articles in Network Security & Its Applications
January 2024 - Top 10 Read Articles in Network Security & Its ApplicationsJanuary 2024 - Top 10 Read Articles in Network Security & Its Applications
January 2024 - Top 10 Read Articles in Network Security & Its Applications
 
April 2023: Top 10 Read Articles in Network Security and Its Applications
April 2023: Top 10 Read Articles in Network Security and Its Applications April 2023: Top 10 Read Articles in Network Security and Its Applications
April 2023: Top 10 Read Articles in Network Security and Its Applications
 
July 2022 - Top 10 Read Articles in Network Security & Its Applications
July 2022 - Top 10 Read Articles in Network Security & Its ApplicationsJuly 2022 - Top 10 Read Articles in Network Security & Its Applications
July 2022 - Top 10 Read Articles in Network Security & Its Applications
 
June 2022: Top 10 Read Articles in Network Security and Its Applications
June 2022: Top 10 Read Articles in Network Security and Its ApplicationsJune 2022: Top 10 Read Articles in Network Security and Its Applications
June 2022: Top 10 Read Articles in Network Security and Its Applications
 
November 2023 - Top 10 Read Articles in Network Security & Its Applications
November 2023 - Top 10 Read Articles in Network Security & Its ApplicationsNovember 2023 - Top 10 Read Articles in Network Security & Its Applications
November 2023 - Top 10 Read Articles in Network Security & Its Applications
 
October 2022: Top 10 Read Articles in Network Security & Its Applications
October 2022: Top 10 Read Articles in Network Security & Its ApplicationsOctober 2022: Top 10 Read Articles in Network Security & Its Applications
October 2022: Top 10 Read Articles in Network Security & Its Applications
 
December 2023 - Top 10 Read Articles in Network Security & Its Applications
December 2023 - Top 10 Read Articles in Network Security & Its ApplicationsDecember 2023 - Top 10 Read Articles in Network Security & Its Applications
December 2023 - Top 10 Read Articles in Network Security & Its Applications
 
April 2022 - Top 10 Read Articles in Network Security and Its Applications
April 2022 - Top 10 Read Articles in Network Security and Its ApplicationsApril 2022 - Top 10 Read Articles in Network Security and Its Applications
April 2022 - Top 10 Read Articles in Network Security and Its Applications
 
September 2022: Top 10 Read Articles in Network Security & Its Applications
September 2022: Top 10 Read Articles in Network Security & Its ApplicationsSeptember 2022: Top 10 Read Articles in Network Security & Its Applications
September 2022: Top 10 Read Articles in Network Security & Its Applications
 
February 2023: Top 10 Read Articles in Network Security and Its Applications
February 2023: Top 10 Read Articles in Network Security and Its ApplicationsFebruary 2023: Top 10 Read Articles in Network Security and Its Applications
February 2023: Top 10 Read Articles in Network Security and Its Applications
 
August 2022: Top 10 Read Articles in Network Security and Its Applications
August 2022: Top 10 Read Articles in Network Security and Its ApplicationsAugust 2022: Top 10 Read Articles in Network Security and Its Applications
August 2022: Top 10 Read Articles in Network Security and Its Applications
 
October 2023 - Top 10 Read Articles in Network Security & Its Applications.pdf
October 2023 - Top 10 Read Articles in Network Security & Its Applications.pdfOctober 2023 - Top 10 Read Articles in Network Security & Its Applications.pdf
October 2023 - Top 10 Read Articles in Network Security & Its Applications.pdf
 

Recently uploaded

Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxk795866
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningmisbanausheenparvam
 
HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2RajaP95
 
Electronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfElectronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfme23b1001
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)dollysharma2066
 
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEINFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEroselinkalist12
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
Introduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxIntroduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxvipinkmenon1
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxDeepakSakkari2
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSCAESB
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AIabhishek36461
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidNikhilNagaraju
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfAsst.prof M.Gokilavani
 
Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .Satyam Kumar
 

Recently uploaded (20)

Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptx
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learning
 
HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2
 
Electronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfElectronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdf
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
 
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
 
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEINFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
Introduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxIntroduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptx
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptx
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentation
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AI
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfid
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
 
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
 
Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .
 

June 2021 - Top 10 Read Articles in Network Security and Its Applications

  • 1. June 2021: Top 10 Read Articles in Network Security and Its Applications International Journal of Network Security & Its Applications (IJNSA) http://airccse.org/journal/ijnsa.html ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)
  • 2. SECURITY & PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN INTERNET OF THINGS Faheem Masoodi1 Shadab Alam2 and Shams Tabrez Siddiqui2 1 Department of Computer Science, University of Kashmir, J&k, India 2 Department of Computer Science, Jazan University, KSA ABSTRACT The idea to connect everything to anything and at any point of time is what vaguely defines the concept of the Internet of Things (IoT). The IoT is not only about providing connectivity but also facilitating interaction among these connected things. Though the term IoT was introduced in 1999 but has drawn significant attention during the past few years, the pace at which new devices are being integrated into the system will profoundly impact the world in a good way but also poses some severe queries about security and privacy. IoT in its current form is susceptible to a multitudinous set of attacks. One of the most significant concerns of IoT is to provide security assurance for the data exchange because data is vulnerable to some attacks by the attackers at each layer of IoT. The IoT has a layered structure where each layer provides a service. The security needs vary from layer to layer as each layer serves a different purpose. This paper aims to analyze the various security and privacy threats related to IoT. Some attacks have been discussed along with some existing and proposed countermeasures. KEYWORDS Internet of Things, privacy, attacks, security, threats, protocols. For More Details : http://aircconline.com/ijnsa/V11N2/11219ijnsa05.pdf Volume Link : http://airccse.org/journal/jnsa19_current.html
  • 3. REFERENCES [1] J. Gubbi, R. Buyya, S. Marusic, M. Palaniswami, Internet of things (IoT): a vision, architectural elements, and future directions, Future Gener. Comput. Syst. 29 (7) (2013) 1645–1660. [2] Roman, R., Najera, P., Lopez, J., 2011. Securing the internet of things. Computer 44 (9), 51_58. [3] Horrow, S., and Anjali, S. (2012). Identity Management Framework for Cloud-Based Internet of Things. SecurIT ’12 Proceedings of the First International Conference on Security of Internet of Things, 200– 203. 2012 [4] Whitmore, A., Agarwal, A., and Da Xu, L. (2014). The Internet of Things: A survey of topics and trends. Information Systems Frontiers, 17(2), 261– 274. [5] Aazam, M., St-Hilaire, M., Lung, C.-H., and Lambadaris, I. (2016). PRE-Fog: IoT trace based probabilistic resource estimation at Fog. 2016 13th IEEE Annual Consumer Communications and Networking Conference (CCNC), 12– 17. [6] Jiang, H., Shen, F., Chen, S., Li, K. C., and Jeong, Y. S. (2015). A secure and scalable storage system for aggregate data in IoT. Future Generation Computer Systems, 49, 133– 141. [7] Li, S., Tryfonas, T., and Li, H. (2016). The Internet of Things: a security point of view. Internet Research, 26(2), 337– 359. [8] A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, and M. Ayyash. Internet of things: A survey on enabling technologies, protocols, and applications. IEEE Communications Surveys Tutorials, 17(4):2347–2376, Fourth quarter 2015. [9] Pongle, P., and Chavan, G. (2015). A survey: Attacks on RPL and 6LoWPAN in IoT. 2015 International Conference on Pervasive Computing: Advance Communication Technology and Application for Society, ICPC 2015, 0(c), 0–5 [10] Tsai, C.-W., Lai, C.-F., and Vasilakos, A. V. (2014). Future Internet of Things: open issues and challenges. Wireless Networks, 20(8), 2201–2217. [11] V. Karagiannis, P. Chatzimisios, F. Vazquez-Gallego, and J. Alonso-Zarate, "A survey on application layer protocols for the internet of things," Transaction on IoT and Cloud Computing, vol. 3, no. 1, pp. 11-17, 2015 [12] D. Locke, "MQ telemetry transport (MQTT) v3. 1 protocol specification," IBM Developer WorksTechnicalLibrary,2010, http://www.ibm.com/developerworks/webservices/library/wsmqtt/index.html
  • 4. [13] M. Singh, M. Rajan, V. Shivraj, and P. Balamuralidhar, "Secure MQTT for the Internet of Things (IoT)," in Fifth International Conference on Communication Systems and Network Technologies (CSNT 2015), April 2015, pp. 746-751. [14] OASIS, "OASIS Advanced Message Queuing Protocol (AMQP) Version 1.0," 2012, http://docs.oasis-open.org/amqp/core/v1.0/os/amqp-core-complete-v1.0-os.pdf [15] T. Winter, et al., "RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks," IETF RFC 6550, Mar. 2012, http://www.ietf.org/rfc/rfc6550.txt [16] A. Aijaz and A. Aghvami, "Cognitive machine-to-machine communications for internet- of-things: A protocol stack perspective," IEEE Internet of Things Journal, vol. 2, no. 2, pp. 103-112, April 2015, [17] http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=7006643 [18] Z. Zhou, B. Yao, R. Xing, L. Shu, and S. Bu, "E-CARP: An energy-efficient routing protocol for UWSNs on the internet of underwater things," IEEE Sensors Journal, vol. PP, no. 99, 2015, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7113774 [19] D. Dujovne, T. Watteyne, X. Vilajosana, and P. Thubert, "6TiSCH: Deterministic IP- enabled industrial internet (of things)," IEEE Communications Magazine, vol. 52, no.12, pp. 36-41, December 2014, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6979984 [20] M. Hasan, E. Hossain, D. Niyato, "Random access for machine-to-machine communication in LTEadvanced networks: issues and approaches," in IEEE Communications Magazine, vol. 51, no. 6, pp.86-93, June 2013, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=6525600 [21] Z-Wave, "Z-Wave Protocol Overview," v. 4, May 2007, https://wiki.ase.tut.fi/courseWiki/imges/9/94/SDS10243_2_Z_Wave_Protocol_Overview.pdf [22] ZigBee Standards Organization, “ZigBee Specification,” Document 053474r17, Jan 2008, 604 pp., http://home.deib.polimi.it/cesana/teaching/IoT/papers/ZigBee/ZigBeeSpec.pdf [23] O. Cetinkaya and O. Akan, "A dash7-based power metering system," in 12th Annual IEEE Consumer Communications and Networking Conference (CCNC), Jan 2015, pp. 406- 411, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=7158010 [24] Zhang, Zhi-Kai, et al. ”IoT security: ongoing challenges and research opportunities.” ServiceOriented Computing and Applications (SOCA), 2014 IEEE 7th International Conference on. IEEE, 2014.
  • 5. [25] D. Migault, D. Palomares, E. Herbert, W. You, G. Ganne, G. Arfaoui, and M. Laurent, “E2E: An Optimized IPsec Architecture for Secure And Fast Offload,” in Seventh International Conference on Availability, Reliability and Security E2E: 2012. [26] Abomhara, Mohamed, and Geir M. Køien. ”Security and privacy in the Internet of Things: Current status and open issues.” Privacy and Security in Mobile Systems (PRISMS), 2014 International Conference on. IEEE, 2014. [27] B. L. Suto, “Analyzing the Accuracy and Time Costs of Web Application Security Scanners,” San Fr., no. October 2007, 2010. [28] O. El Mouaatamid, M. LahmerInternet of Things security: layered classification of attacks and possible countermeasures Electron J (9) (2016). [29] Seda F. Gürses/Bettina Berendt/Thomas Santen, Multilateral Security Requirements Analysis for Preserving Privacy in Ubiquitous Environments, in Bettina Berendt/Ernestina Menasalvas (eds), Workshop on Ubiquitous Knowledge Discovery for Users (UKDU '06), at 51–64; [30] Stankovic, J. (2014). Research directions for the internet of things. IEEE Internet of Things Journal, 1(1), 3–9 [31] Sicari, Sabrina, et al. "Security, privacy and trust in the Internet of Things: The road ahead." Computer Networks76 (2015): 146-164. [32] https://www.cso.com.au/article/575407/internet-things-iot-threats-countermeasures/ Accessed on 15-03-2019 [33] Bokhari, Mohammad Ubaidullah, and Faheem Masoodi. "Comparative analysis of structures and attacks on various stream ciphers." Proceedings of the 4th National Conference. 2010.
  • 6. PHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEY Wosah Peace Nmachi and Thomas Win School of Computing & Engineering University of Gloucestershire, Park Campus, Cheltenham GL50 2RH United Kingdom ABSTRACT Email is a channel of communication which is considered to be a confidential medium of communication for exchange of information among individuals and organisations. The confidentiality consideration about e-mail is no longer the case as attackers send malicious emails to users to deceive them into disclosing their private personal information such as username, password, and bank card details, etc. In search of a solution to combat phishing cybercrime attacks, different approaches have been developed. However, the traditional exiting solutions have been limited in assisting email users to identify phishing emails from legitimate ones. This paper reveals the different email and website phishing solutions in phishing attack detection. It first provides a literature analysis of different existing phishing mitigation approaches. It then provides a discussion on the limitations of the techniques, before concluding with an explorationin to how phishing detection can be improved. KEYWORDS Cyber-security, Phishing Email Attack, Deep Learning, Stylometric Analysis, Cyber Human Behaviour For More Details : https://aircconline.com/ijnsa/V13N2/13221ijnsa05.pdf Volume Link : http://airccse.org/journal/jnsa21_current.html
  • 7. REFERENCES [1] Leite C., Gondim J. J. C., Barreto P. S., and Alchieri E. A., (2019). Waste flooding: A phishing retaliation tool [2] Xiujuan W., Chenxi Z., Kangfeng Z., Haoyang T., &Yuanrui T.(2019)detecting spear- phishing emails based on authentication [3] Duman S, Kalkan-Cakmakci K, Egele M. (2016)EmailProfiler: Spear phishing filtering with header and stylometric features of emails. [4] Calix K., Connors M., Levy D., Manzar H., McCabe G., & Westcott S. (2008). Stylometry for E-mail author identification and authentication [5] Gupta B. B., Arachchilage N A.G., &Psannis K. E. (2018).Defending against phishing attacks: taxonomy of methods, current issues and future direction [6] Dewan P, Kashyap A, &Kumaraguru P. (2014). Analysingsocial and stylometric features to identify spear phishing emails [7] AbahussainO. &Harrath Y. (2019). Detection of malicious emails through regular expressions and databases [8] Helmi R. A. A., Ren C. S.&Jamal A. (2019). Email anti-phishing detection application [9] Asanka N. G.A.,Steve L.&Beznosov K. (2016) Phishing threat avoidance behaviour: An empirical investigation [10] Mohammad R., Thabtah F. & McCluskey L. (2015): Tutorial and critical analysis of phishing websites methods [11] Heartfield Ryan& George Loukas, (2018) Detecting semantic social engineering attacks with the weakest link: Implementation and empirical evaluation of a human-as-a-security- sensor framework [12] Baniya T., Gautam D.& Kim Y. (2015). Safeguarding web surfing with URL blacklisting [13] Canova G., Volkamer M., Bergmann C., &Borza R. (2014). NoPhish: An anti-phishing education app [14] Bottazzi G., Casalicchio E., Marturana F., &Piu M. (2015). MP-shield: A framework for phishing detection in mobile devices. [15] Li, J., Li, J., Chen, X., Jia, C., & Lou, W. (2015) Identity-based encryption without sourced revocation incloud computing
  • 8. [16] Qabajeh I.,Thabtah F.,&Chiclana F. (2018) A recent review of conventional vs. automated cybersecurity anti-phishing techniques [17] Lötter Andrés.&Futcher Lynn, (2015) A framework to Assist Email Users in the Identification of Phishing Attacks [18] Gascon H., Ullrich S., Stritter B. &Rieck K. (2018) Reading between the lines: content- agnostic detection of spear-phishing emails [19] Smadi S., Aslam N., & Zhang L. (2018). Detection of online phishing email using dynamic evolving neural network based on reinforcement learning [20] Chandrasekaran M., Narayanan K., andUpadhayayaS. (2006) Phishing e-mail detection based on structural properties. [21] Ghafir I., Saleem J., Hammoudeh M., Faour H., Prenosil V., Jaf S., Jabbar S. & Baker T. (2018). Security threats to critical infrastructure: the human factor [22] Khonji M, Iraqi Y& Jones A. (2011). Mitigation of spear phishing attacks: A Content- based Authorship Identification framework [23] Iqbal F, BinsalleehH&Fung B C M. (2010). Mining writeprints from anonymous e-mails for forensic investigation [24] Lyon, J.& Wong M. (2006). Sender ID: authenticating e-mail,” RFC 4406. [25] KunjuM.V., Esther D., Anthony H. C. &BhelwaS. (2019) Evaluation of phishing techniques based on machine learning [26] Peng T., Harris I., &Sawa Y. (2018).Detecting phishing attacks using natural language processing and machine learning [27] SahingozO.K.,Buber E., Demir O., &Diri B. (2019). Machine learning based phishing detection from URLs [28] Zhang, Y., Hong, J. I., &Cranor, L. F.(2007). Cantina: A content based approach to detecting phishing web sites. [29] Suganya V. (2016): A review on phishing attacks and various anti-phishing techniques [30] Abdelhamid N., Ayesh A. &Thabtah F. (2014) Phishing detection based associative classification data mining
  • 9. [31] SternfeldUri&Striem-Amit Yonatan. (2019) Prevention of rendezvous generation algorithm (RGA) and domain generation algorithm (DGA) malware over exiting internet services. [32] Akarsh S., Sriram S., &Poornachandran P.(2019) Deep learning framework for domain generation algorithms prediction using long short-term memory. [33] Bagui S., Nandi D.,Subhash B. & White J.R (2019) Classifying phishing email using machine learning and deep learning [34] Jain Kumar Ankit. & Gupta B.B. (2018). A machine learning based approach for phishing detection using hyperlinks information [35] Vinayakumar R., Soman K. P., Poornachandran P., Akarsh S. &Elhoseny M. (2019) Deep learning framework for cyber threat situational awareness based on email and url data analysis. [36] Park Gilchan and Rayz Julia (2018).Ontological detection of phishing emails [37] Surbhi G., Abhishek S.&Akanksha K. (2016). A literature survey on social engineering attacks: phishing attack [38] Jamil A., Asif K.& Ghulam Z. (2018) MPMPA: A mitigation and prevention model for social engineering based phishing attacks on facebook [39] Platsis George, (2018) Thehuman factor: Cyber security's greatest challenge [40] NaimBaftiu. (2017).Cyber security in Kosovo [41] Abdelhamid N., Thabtah F. & Abdel-jaber H. (2017) Phishing detection: A recent intelligent machine learning comparison based on models content and features [42] Alsharnouby M., Alaca F., Chiasson S. (2015)Why phishing still works: User strategies for combating phishing attacks [43] Chou N., Ledesma R., Teraguchi Y., Boneh D., and Mitchell J. C. (2004) “Client-side defence against web-based identity theft”. [44] Prakash P., Kumar M., Rao R. K. and Gupta M. (2010) PhishNet: Predictive blacklisting to detect phishing attacks [45] Delany Mark, (2007) Domain-based email authentication using public keys advertised in the DNS (Domain Keys).
  • 10. [46] Saidani N., Adi K. and AlliliM. S. (2020)A semantic-based classification approach for an enhanced spam detection. [47] Bhowmick A. and Hazarika S.M. (2016) Machine learning for e-mail spam filtering: review techniques and trends.
  • 11. A CONCEPTUAL SECURE BLOCKCHAIN-BASED ELECTRONIC VOTING SYSTEM Ahmed Ben Ayed Department of Engineering and Computer Science, Colorado Technical University, Colorado Springs, Colorado, USA ABSTRACT Blockchain is offering new opportunities to develop new types of digital services. While research on the topic is still emerging, it has mostly focused on the technical and legal issues instead of taking advantage of this novel concept and creating advanced digital services. In this paper, we are going to leverage the open source Blockchain technology to propose a design for a new electronic voting system that could be used in local or national elections. The Blockchain-based system will be secure, reliable, and anonymous, and will help increase the number of voters as well as the trust of people in their governments. KEYWORDS Blockchain, Electronic Voting System, e-Voting, I-Voting, iVote For More Details : https://aircconline.com/ijnsa/V9N3/9317ijnsa01.pdf Volume Link : http://airccse.org/journal/jnsa17_current.html
  • 12. REFERENCES [1] Madise, Ü. Madise and T. Martens, “E-voting in Estonia 2005. The first practice of country- wide binding Internet voting in the world.”,Electronic voting, 2nd International Workshop, Bregenz, Austria,(2006) August 2-4. [2] J. Gerlach and U. Grasser, “Three Case Studies from Switzerland: E-voting”, Berkman Center Research Publication, (2009). [3] I. S. G. Stenerud and C. Bull, “When reality comes knocking Norwegian experiences with verifiable electronic voting”, Electronic Voting. Vol. 205. (2012), pp. 21-33. [4] C. Meter and A. Schneider and M. Mauve, “Tor is not enough: Coercion in Remote Electronic Voting Systems. arXiv preprint. (2017). [5] D. L. Chaum, “Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms”, Communication of the ACM. Vol. 24(2). (1981), pp. 84-90. [6] T. ElGamal, “A public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms”, IEEE Trans. Info. Theory. Vol. 31. (1985), pp. 469-472. [7] S. Ibrahim and M. Kamat and M. Salleh and S. R. A. Aziz, “Secure E-Voting with Blind Signature”, Proceeding of the 4th National Conference of Communication Technology, Johor, Malaysia, (2003) January 14-15. [8] J. Jan and Y. Chen and Y. Lin, “The Design of Protocol for e-Voting on the Internet”, Proceedings IEEE 35th Annual 2001 International Carnahan Conference on Security Technology, London, England, (2001) October 16-19. [9] D. L. Dill and A.D. Rubin, “E-Voting Security”, Security and Privacy Magazine, Vol. 2(1). (2004), pp. 22-23. [10] D. Evans and N. Paul, “Election Security: Perception and Reality”. IEEE Privacy Magazine, vol. 2(1). (2004), pp. 2-9. [11] Trueb Baltic, “Estonian Electronic ID – Card Application Specification Prerequisites to the Smart Card Differentiation to previous Version of EstEID Card Application.” http://www.id.ee/public/TBSPEC-EstEID-Chip-App-v3_5-20140327.pdf [12] Cybernetica. “Internet Voting Solution.” https://cyber.ee/uploads/2013/03/cyber_ivoting_NEW2_A4_web.pdf. [13] D. Springall, T. Finkenauer, Z. Durumeric, J. Kitcat, H. Hursti, M. MacAlpine, and J. A. Halderman, “Security Analysis of the Estonian Internet Voting System.” Proceedings of the
  • 13. 2014 ACM SIGSAC Conference on Computer and Communications Security. (2014), pp. 703-715. [14] Ministry of Local Government and Modernisation. “Internet Voting Pilot to be Discontinued.” https://www.regjeringen.no/en/aktuelt/Internet-voting-pilot-to-be- discontinued/id764300/ [15] J. A. Halderman, and V. Teague, “The New South Wales iVote System: Security Failures and Verifications Flaws in a Live Online Election.” International Conference on E-Voting and Identity. (2015), pp. 35-53. [16] S. Wolchok, E. Wustrow, D. Isabel, J. A. Halderman, “Attacking the Washington, DC Internet Voting System.” International Conference on Financial Cryptography and Data Security (2012), pp. 114-128. [17] National Institute of Standards and Technology, “Federal Information Processing Standards Publication”, (2012). [18] S. Nakamoto, “A Peer-to-Peer Electronic Cash System”, (2008). [19] F. Reid and M. Harrigan, “An Analysis of Anonymity in the Bitcoin System”, Security and Privacy in Social Networks. (2013), pp. 1-27. [20] S. Raval, “Decentralized Applications: Harnessing Bitcoin’s Blockchain Technology.” O’Reilly Media, Inc. Sebastopol, California (2016). [21] J. R. Douceur, “The Sybil Attack”, International Workshop on Peer-to-Peer Systems, (2002), pp. 251-260. AUTHORS Ahmed Ben Ayed, has received his Bachelor of Science in Computer Information Systems, Master of Science in Cyber Security and Information Assurance, and currently a doctoral student at Colorado Technical University, and an Adjunct Professor at California Takshila University. His research interests are Android Security, Pattern Recognition of Malicious Applications, Machine Learning, Cryptography, Information & System Security and Cyber Security.
  • 14. A LITERATURE SURVEY AND ANALYSIS ON SOCIAL ENGINEERING DEFENSE MECHANISMS AND INFOSEC POLICIES Dalal Alharthi and Amelia Regan Department of Computer Science, University of California Irvine, Irvine, California ABSTRACT Social engineering attacks can be severe and hard to detect. Therefore, to prevent such attacks, organizations should be aware of social engineering defense mechanisms and security policies. To that end, the authors developed a taxonomy of social engineering defense mechanisms, designed a survey to measure employee awareness of these mechanisms, proposed a model of Social Engineering InfoSec Policies (SE-IPs), and designed a survey to measure the incorporation level of these SE-IPs. After analyzing the data from the first survey, the authors found that more than half of employees are not aware of social engineering attacks. The paper also analyzed a second set of survey data, which found that on average, organizations incorporated just over fifty percent of the identified formal SE-IPs. Such worrisome results show that organizations are vulnerable to social engineering attacks, and serious steps need to be taken to elevate awareness against these emerging security threats. KEYWORDS Cybersecurity, Social Engineering, Employee Awareness, Defense Mechanisms, Security Policies For More Details : https://aircconline.com/ijnsa/V13N2/13221ijnsa04.pdf Volume Link : http://airccse.org/journal/jnsa21_current.html
  • 15. REFERENCES [1] S. D. Applegate, Social engineering: hacking the wetware! Information Security Journal: A Global Perspective 18 (1) (2009) 40–46. [2] C. Hadnagy, Social engineering: The art of human hacking, John Wiley & Sons, 2010.3. A. Berg, Cracking a social engineer, [online]. lan times (1995). [3] A. Berg, Cracking a social engineer, [online]. lan times (1995). [4] T. Greening, Ask and ye shall receive: a study in social engineering, ACM SIGSAC Review 14 (2) (1996) 8–14. [5] A. Karakasiliotis, S. Furnell, M. Papadaki, Assessing end-user awareness of social engineering and phishing. [6] M. Workman, A test of interventions for security threats from social engineering, Information Management & Computer Security 16 (5) (2008) 463–483. [7] G. L. Orgill, G. W. Romney, M. G. Bailey, P. M. Orgill, The urgency for effective user privacy-education to counter social engineering attacks on secure computer systems, in: Proceedings of the 5th conference on Information technology education, ACM, 2004, pp. 177–181 [8] T. Bakhshi, M. Papadaki, S. Furnell, A practical assessment of social engineering vulnerabilities., in: HAISA, 2008, pp. 12–23. [9] F. Mouton, M. M. Malan, L. Leenen, H. S. Venter, Social engineering attack framework, in: 2014 Information Security for South Africa, IEEE, 2014, pp. 1–9. [10] R. Kalnin,š, J. Purin,š, and G. Alksnis, “Security evaluation of wireless network access points,” Applied Computer Systems, vol. 21, no. 1, pp.38–45, 2017. [11] D. N. Alharthi, M. M. Hammad, and A. C. Regan, “A taxonomy of social engineering defense mechanisms,” in Future of Information and Communication Conference. Springer, 2020, pp. 27–41. [12] F. Mouton, L. Leenen, and H. S. Venter, “Social engineering attack examples, templates and scenarios,” Computers & Security, vol. 59, pp.186–209, 2016. [13] N. Saxena, E. Hayes, E. Bertino, P. Ojo, K.-K. R. Choo, and P. Burnap, “Impact and key challenges of insider threats on organizations and critical businesses,” Electronics, vol. 9, no. 9, p. 1460, 2020.
  • 16. [14] T. Ahmad, “Corona virus (covid-19) pandemic and work from home: Challenges of cybercrimes and cybersecurity,” Available at SSRN3568830, 2020. [15] N. Sarginson, “Securing your remote workforce against new phishing attacks,” Computer Fraud & Security, vol. 2020, no. 9, pp. 9–12, 2020. [16] H. Aldawood and G. Skinner, “Contemporary cyber security social engineering solutions, measures, policies, tools and applications: Acritical appraisal,” International Journal of Security (IJS), vol. 10, no. 1, p. 1, 2019. [17] V. Systems, “Varonis 2019 global data risk report,” 2019. [18] A. Yazdanmehr and J. Wang, “Employees’ information security policy compliance: A norm activation perspective,” Decision Support Systems, vol. 92, pp. 36–46, 2016. [19] D. N. Alharthi and A. C. Regan, “Social engineering defense mechanisms: A taxonomy and a survey of employees’ awareness level,” in Science and Information Conference. Springer, 2020, pp. 521–541. [20] D. N. Alharthi and A. C. Regan, “Social engineering InfoSec Policies (SE-IPs),” in the 14th International Conference on Network Security & Applications (CNSA 2021). CICT, 2021, pp. 521–541. NIAI - 2021 pp. 57-74, 2021. [21] H. Aldawood, G. Skinner, An academic review of current industrial and commercial cyber security social engineering solutions, in: Proceedings of the 3rd International Conference on Cryptography, Security and Privacy, ACM, 2019, pp. 110–115. [22] B. M. E. Elnaim, H. A. S. W. Al-Lami, The current state of phishing attacks against Saudi Arabia university students. [23] C. Happ, A. Melzer, G. Steffgen, Trick with treat–reciprocity increases the willingness to communicate personal data, Computers in Human Behavior 61 (2016) 372–377. [24] I. Ghafir, V. Prenosil, A. Alhejailan, M. Hammoudeh, Social engineering attack strategies and defence approaches, in: 2016 IEEE 4th International Conference onFuture Internet of Things and Cloud (FiCloud), IEEE, 2016, pp. 145–149. [25] M. Gupta, R. Sharman, Social network theoretic framework for organizational socialengineering susceptibility index, AMCIS 2006 Proceedings (2006) 408. [26] K. Parsons, D. Calic, M. Pattinson, M. Butavicius, A. McCormac, T. Zwaans, Thehuman aspects of information security questionnaire (hais-q): two further validation studies, Computers & Security 66 (2017) 40–51.
  • 17. [27] T. Herath, H. R. Rao, Encouraging information security behaviours in organizations: Role of penalties, pressures and perceived effectiveness, Decision Support Systems47 (2) (2009) 154–165. [28] J. A. Stoner, Risky and cautious shifts in group decisions: The influence of widely held values, Journal of Experimental Social Psychology 4 (4) (1968) 442–459. [29] H. Aldawood and G. Skinner, “Reviewing cyber security social engineering training and awareness programs—pitfalls and ongoing issues,” Future Internet, vol. 11, no. 3, p. 73, 2019. [30] K. J. Knapp, R. F. Morris Jr, T. E. Marshall, and T. A. Byrd, “Information security policy: An organizational-level process model,” computers &security, vol. 28, no. 7, pp. 493–508, 2009. [31] C. Senarak, “Port cybersecurity and threat: A structural model for prevention and policy development,” The Asian Journal of Shipping and Logistics, 2020. [32] A. Karakasiliotis, S. Furnell, and M. Papadaki, “Assessing end-user awareness of social engineering and phishing,” 2006. [33] L. Li, W. He, L. Xu, I. Ash, M. Anwar, and X. Yuan, “Investigating the impact of cybersecurity policy awareness on employees’ cybersecurity behavior,” International Journal of Information Management, vol. 45, pp. 13–24, 2019. [34] M. Siponen, M. A. Mahmood, and S. Pahnila, “Employees’ adherence to information security policies: An exploratory field study,” Information& management, vol. 51, no. 2, pp. 217–224, 2014. [35] F. Bélanger, S. Collignon, K. Enget, and E. Negangard, “Determinants of early conformance with information security policies,” Information& Management, vol. 54, no. 7, pp. 887–901, 2017. [36] K.-c. Chang and Y. M. Seow, “Effects of it-culture conflict and user dissatisfaction on information security policy non-compliance: A sense-making perspective,” 2014. [37] F. Hadi, M. Imran, M. H. Durad, and M. Waris, “A simple security policy enforcement system for an institution using sdn controller,” in 2018 15th International Bhurban Conference on Applied Sciences and Technology (IBCAST). IEEE, 2018, pp. 489–494. [38] V. D. Soni, “Disaster recovery planning: Untapped success factor in an organization,” Available at SSRN 3628630, 2020.
  • 18. [39] J. Horney, M. Nguyen, D. Salvesen, O. Tomasco, and P. Berke, “Engaging the public in planning for disaster recovery,” International journal of disaster risk reduction, vol. 17, pp. 33–37, 2016. [40] F. Salahdine and N. Kaabouch, “Social engineering attacks: A survey,” Future Internet, vol. 11, no. 4, p. 89, 2019. [41] C. Okoli, K. Schabram, A guide to conducting a systematic literature review of information systems research. [42] NCSC, National Cybersecurity Centre (Accessed 2019). Link [43] S. Inc., Surveymonkey (Accessed 2019). Link [44] Stats, “Saudi general authority for statistics,” Accessed 2020. [Online]. Available: https://www.stats.gov.sa/ [45] Statista, “Statista,” Accessed 2020. [Online]. Available: https://www.statista.com/ [46] C. Bronk and E. Tikk-Ringas, “The cyber-attack on Saudi Aramco,” Survival, vol. 55, no. 2, pp. 81–96, 2013. [47] D. D. Cheong, “Cyberattacks in the gulf: lessons for active defence,” 2012. [48] S. S. Basamh, H. Qudaih, and J. B. Ibrahim, “An overview on cybersecurity awareness in Muslim countries,” International Journal of Information and Communication Technology Research, 2014. [49] ITU, “Committed to connecting the world,” Accessed 2020. [Online]. Available: https://www.itu.int/en/Pages/default.aspx [50] T. McClelland, “The insider’s view of a data breach-how policy, forensics, and attribution apply in the real world,” 2018. [51] R. Bhor and H. Khanuja, “Analysis of web application security mechanism and attack detection using vulnerability injection technique,” in 2016 International Conference on Computing Communication Control and automation (ICCUBEA). IEEE, 2016, pp. 1–6. [52] J. Saleem and M. Hammoudeh, “Defense methods against social engineering attacks,” in Computer and network security essentials. Springer, 2018, pp. 603–618.
  • 19. AUTHORS Dalal Alharthi is a Ph.D. Candidate in Computer Science at the University of California, Irvine. She is also a Resident Engineer at Palo Alto Networks and a Senior Prisma Cloud Consultant at Dell. She is equipped with 12+ years of work experience between academia and industry. Her research interests are in the field of Cybersecurity, Network Security, Cloud Security, Privacy, Human-Computer Interaction (HCI), and Artificial Intelligence (AI). Amelia Regan received a BAS in Systems Engineering from the University of Pennsylvania, an MS degree in Applied Mathematics from Johns Hopkins University, and an MSE degree and Ph.D. degree at the University of Texas. She is a Professor of Computer Science at the University of California, Irvine. Her research interests include network optimization, cyber-physical transportation systems, machine learning tools for temporal-spatial data analysis, and cybersecurity.
  • 20. COMPARISON OF MALWARE CLASSIFICATION METHODS USING CONVOLUTIONAL NEURAL NETWORK BASED ON API CALL STREAM Matthew Schofield1 , Gulsum Alicioglu2 , Bo Sun1 , Russell Binaco1 , Paul Turner1 , Cameron Thatcher1 , Alex Lam1 and Anthony Breitzman1 1 Department of Computer Science, Rowan University, Glassboro, New Jersey, USA 2 Department of Electrical and Computer Engineering, Rowan University, Glassboro, New Jersey, USA ABSTRACT Malicious software is constantly being developed and improved, so detection and classification of malwareis an ever-evolving problem. Since traditional malware detection techniques fail to detect new/unknown malware, machine learning algorithms have been used to overcome this disadvantage. We present a Convolutional Neural Network (CNN) for malware type classification based on the API (Application Program Interface) calls. This research uses a database of 7107 instances of API call streams and 8 different malware types:Adware, Backdoor, Downloader, Dropper, Spyware, Trojan, Virus,Worm. We used a 1-Dimensional CNN by mapping API calls as categorical and term frequency-inverse document frequency (TF-IDF) vectors and compared the results to other classification techniques.The proposed 1-D CNN outperformed other classification techniques with 91% overall accuracy for both categorical and TFIDF vectors. KEYWORDS Convolutional Neural Network, Malware Classification, N-gram Analysis, Term Frequency- Inverse Document Frequency Vectors, Windows API Calls. For More Details : https://aircconline.com/ijnsa/V13N2/13221ijnsa01.pdf Volume Link : http://airccse.org/journal/jnsa21_current.html
  • 21. REFERENCES [1] Daniel Gibert, Carles Mateu, & Jordi Planes, (2020) “The rise of machine learning for detection and classification of malware: Research developments, trends and challenges”, Journal of Network and Computer Applications. 10.1016/j.jnca.2019.102526. [2] Zahra Bazrafshan, Hashem Hashemi, Fard Hazrati, Mehdi Seyed, & Ali Hamzeh, (2013) “A survey on heuristic malware detection techniques”, 2013 5th Conference on Information and Knowledge Technology. 113-120. 10.1109/IKT.2013.6620049. [3] Jyoti Landage, & M. P. Wankhade, (2013) “Malware and Malware Detection Techniques : A Survey”, International journal of engineering research and technology, 2. [4] DainiusCeponis, & Nikolaj Goranin,(2019) “Evaluation of Deep Learning Methods Efficiency for Malicious and Benign System Calls Classification on the AWSCTD”,Security and Communication Networks,2317976:1-2317976:12. [5] SerifBahtiyar, Mehmet BarisYaman, & Can Yilmaz Altinigne, (2019)“A multi-dimensional machine learning approach to predict advanced malware”, Comput. Networks, 160,118-129. [6] GyuwanKim, Hayoon Yi, JanghoLee, YunheungPaek, & Sungroh Yoon, (2016) “LSTM- Based System-Call Language Modeling and Robust Ensemble Method for Designing Host- Based Intrusion Detection Systems”, ArXiv, abs/1611.01726. [7] AhmetYazi, Ferhat Ozgur Catak,& EnsarGul,(2019) “Classification of Methamorphic Malware with Deep Learning (LSTM)”,10.1109/SIU.2019.8806571. [8] Ferhat OzgurCatak,&AhmetYazi,(2019) “A Benchmark API Call Dataset for Windows PE MalwareClassification”, https://arxiv.org/abs/1905.01999. [9] EslamAmer,&Ivan Zelinka,(2020) “A dynamic Windows malware detection and prediction method based on contextual understanding of API call sequence”, Computers & Security. 10.1016/j.cose.2020.101760. [10] YuntaoZhao, Bo Bo, Yongxin Feng, ChunYu Xu, & Bo Yu,(2019) “A feature extraction method of hybrid gram for malicious behavior based on machine learning”, Secur. Commun. Netw. [11] Chang Choi, ChristianEsposito, MungyuLee, & JunhoChoi, (2019) “Metamorphic malicious code behavior detection using probabilistic inference methods”, Cognit. Syst. Res. 56, 142–150. [12] AsgharTajoddin, & SaeedJalili, (2018) “HM3alD: polymorphic Malware detection using program behavior-aware hidden Markov model”, Appl. Sci. 8 (7), 1044.
  • 22. [13] Matthew Schofield, Gulsum Alicioglu, Russell Binaco, Paul Turner, Cameron Thatcher, Alex Lam & Bo Sun, (2021) “Convolutional Neural Network For Malware Classification Based On API Call Sequence”, In proceedings of 2021 the 14th International Conference on Network Security & Applications. Computer Science & Information Technology (CS & IT). Zurich, Switzerland. [14] Jeffrey Heer, Micheal Bostock, & Vadim Ogievetsky,(2010) “A Tour through the Visualization Zoo”, ACM Queue, 8, 20. [15] WeijieHan, Jingfeng Xue, YongWang, LuHuang, ZixiaoKong, & Limin Mao, (2019) “MalDAE: Detecting and explaining malware based on correlation and fusion of static and dynamic characteristics”, Comput. Secur., 83, 208-233. [16] LuXiao-Feng, ZhouXiao, Jiang Fangshuo, Yi Sheng-wei,&ShaJing,(2018) “ASSCA: API based Sequence and Statistics featuresCombinedmalwaredetectionArchitecture”,Procedia Computer Science, 129, 248-256. [17] MatildaRhode, Pete Burnap, & Kevin Jones, (2018) “Early Stage Malware Prediction Using Recurrent Neural Networks”,Comput. Secur., 77,578-594. [18] ZahraSalehi, Ashkan Sami, & Mahboobe Ghiasi, (2017) “MAAR: Robust features to detect malicious activity based on API calls, their arguments and return values”, Eng. Appl. Artif. Intell., 59, 93-102. [19] MohamedBelaoued, & SmaineMazouzi, (2016) “A Chi-Square-Based Decision for Real- Time Malware Detection Using PE-File Features”, JIPS, 12,644-660. [20] Sanchit Gupta, Harshit Sharma, & Sarvjeet Kaur, (2016) “Malware Characterization Using Windows API Call Sequences”,SPACE. [21] Jixin Zhang, Zheng Qin, Hui Yin, Lu Ou, & Kehuan Zhang, (2019) “A feature-hybrid malware variants detection using CNN based opcode embedding and BPNN based API embedding”, Comput. Secur., 84,376-392. [22] Tableau Software. (2020). Retrieved from www.tableau.com. [23] Kolosnjaji Bojan, Zarras Apostolis, Webster George, & Eckert Claudia, (2016) “Deep Learning for Classification of Malware System Call Sequences”, In: Kang B., Bai Q. (eds) AI 2016: Advances in Artificial Intelligence. Lecture Notes in Computer Science, vol 9992. Springer, Cham. https://doi.org/10.1007/978-3-319-50127-7_11. [24] Catak Ferhat Ozgur, Yazı Ahmet Faruk, Elezaj Ogerta & Ahmed Javed, (2020) “Deep learning based Sequential model for malware analysis using Windows exe API Calls”, PeerJ Computer Science 6:e285 https://doi.org/10.7717/peerj-cs.285.
  • 23. [25] Albawi Saad, Mohammad Tareq Abed, & Al-Zawi Saad, (2017), “Understanding of a convolutional neural network”, 2017 International Conference on Engineering and Technology (ICET), Antalya, pp. 1-6, doi: 10.1109/ICEngTechnol.2017.8308186. [26] “http://alexlenail.me/NN-SVG,” 2016. (Accessed 20 December 2020). [27] Chigozie Nwankpa, Winifred Ijomah, Anthony Gachagan, & Stephen Marshall, (2018) “Activation Functions: Comparison of trends in Practice and Research for Deep Learning”, ArXiv, abs/1811.03378. [28] Yinzheng Gu, Chuanpeng Li, & Jinbin Xie, (2018) “Attention-aware Generalized Mean Pooling for Image Retrieval”, ArXiv, abs/1811.00202. [29] Mark Cheung, John Shi, Lavender Jiang, Oren Wright, &Jose Moura, (2019) “Pooling in Graph Convolutional Neural Networks”, 53rd Asilomar Conference on Signals, Systems, and Computers, 462-466. [30] WilliamCavnar, & John Trenkle, (1994) “N-gram-based text categorization”, Proceedings of SDAIR-94, 3rd annual symposium on document analysis and information retrieval. Vol. 161175. [31] Raymond Canzanese, Spiros Mancoridis, &Moshe Kam, (2015) “Run-time classification of malicious processes using system call analysis”, 10th International Conference on Malicious and Unwanted Software (MALWARE), Fajardo, 2015, pp. 21-28. [32] ShahzadQaiser, & Ramsha Ali, (2018) “Text Mining: Use of TF-IDF to Examine the Relevance of Words to Documents”, International Journal of Computer Applications, 181, 25-29. AUTHORS Matthew Schofield is currently enrolled at Rowan University pursuing his B.S/M.S degree in Computer Science anticipating graduation in December 2021. He is currently working on his master’s thesis on Deep Reinforcement Learning in Incentivization Systems. His research interests are in Machine Learning and Deep Reinforcement Learning. Gulsum Alicioglu received M.Sc. Degree in Industrial Engineering from Gazi University, Turkey, in 2018. Currently, she is a Ph.D. candidate at the Department of Electrical and Computer Engineering of Rowan University, USA. Her research interests aredata visualization, machine learning, and explainable artificial intelligence.
  • 24. Bo Sun is an associate professor of Computer Science and led the project effort of this paper.She received her B.S. in Computer Science from Wuhan University, her M.S.in Computer Science from Lamar University, and her Ph.D. in Modeling and Simulation from Old Dominion University. Her research interests include Visual Analytics and Data Visualization. Russell Binaco graduated from Rowan University with an M.S. in Computer Science in Spring 2020. He now works as a software engineer for Innovative Defense Technologies, and as an adjunct for Rowan University. At Rowan, he earned undergraduate degrees in Computer Science and Electrical and Computer Engineering. He has also been published in the Journal of the International Neuropsychological Society for research using Machine Learning to classify patients’ levels of cognitive decline with regards to Alzheimer’s Disease. Paul Turner received his B.S. in Computer Science from Rowan University in 2018 and is currently enrolled in an M.S. program at the aforementioned University. His interests include machine learning, text mining, and cloud computing. Cameron Thatcher received his B.S in Computer Science from Rowan University in 2019 and is currently pursuing his M.S. in Computer Science at Rowan University. His research interests include Machine Learning and Data Mining. Alex Lam is currently attending Rowan University pursuing his B.S/M.S degree in Computer Science and Data Analytics. He has also been published in the 3rd ACM SIGSPATIAL International Workshop on Analytics for Local Events and News (LENS’19) for research in identifying real-world events using bike-sharing data. Anthony Breitzman holds an M.A. in Mathematics from Temple University, and an M.S. and Ph.D. from Drexel University. He is an associate professor of Computer Science at Rowan University and his research interests are Data Mining, Text Mining, Machine Learning, Algorithm Design, Convolution Algorithms, and Number Theory.
  • 25. EFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS ATTACK STRATEGIES Iyas Alodat Department of Computer and Information System, Jerash University, Jerash, Jordan ABSTRACT In this paper, we examined the effect on network performance of the various strategies an attacker could adopt to launch Man-In The Middle (MITM) attacks on the wireless network, such as fleet or random strategies. In particular, we're focusing on some of those goals for MITM attackers - message delay, message dropping. According to simulation data, these attacks have a significant effect on legitimate nodes in the network, causing vast amounts of infected packets, end-to-end delays, and significant packet loss. KEYWORDS Wireless Network, Mobile Network, security; Man-In-The-Middle Attack; smart cities; simulation; Intelligent Transportation System; Internet-of-Things. For More Details : http://aircconline.com/ijnsa/V13N3/13321ijnsa02.pdf Volume Link : http://airccse.org/journal/jnsa21_current.html
  • 26. REFERENCES [1] Burchfiel, J., Tomlinson, R., & Beeler, M. (1975, May). Functions and structure of a packet radio station. In Proceedings of the May 19-22, 1975, national computer conference and exposition (pp. 245-251). [2] Toor, Y., Muhlethaler, P., Laouiti, A., & De La Fortelle, A. (2008). Vehicle ad hoc networks: Applications and related technical issues. IEEE communications surveys & tutorials, 10(3), 74-88. [3] Bauwens, J., Jooris, B., Giannoulis, S., Jabandžić, I., Moerman, I., & De Poorter, E. (2019). Portability, compatibility and reuse of MAC protocols across different IoT radio platforms. Ad Hoc Networks, 86, 144-153. [4] Chaqfeh, M.; Lakas, A. A Novel Approach for Scalable Multi-hop Data Dissemination in Vehicular Ad Hoc Networks. Ad Hoc Netw. 2016, 37, 228–239 [5] Shi, Y., Ross, A., & Biswas, S. (2018). Source identification of encrypted video traffic in the presence of heterogeneous network traffic. Computer Communications, 129, 101-110. [6] Williams, R., Samtani, S., Patton, M., & Chen, H. (2018, November). Incremental hacker forum exploit collection and classification for proactive cyber threat intelligence: An exploratory study. In 2018 IEEE International Conference on Intelligence and Security Informatics (ISI) (pp. 94-99). IEEE. [7] Wang, J., Juarez, N., Kohm, E., Liu, Y., Yuan, J., & Song, H. (2019, April). Integration of SDR and UAS for malicious Wi-Fi hotspots detection. In 2019 Integrated Communications, Navigation and Surveillance Conference (ICNS) (pp. 1-8). IEEE. [8] Phung, C. V., Dizdarevic, J., Carpio, F., & Jukan, A. (2019, May). Enhancing rest http with random linear network coding in dynamic edge computing environments. In 2019 42nd International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO) (pp. 435-440). IEEE. [9] AMIR, A. Z. B. (2018). A study on Rogue Wireless Devices with Detection of Mousejack Attacks and Vulnerabilities. [10] Vanhoef, M., Bhandaru, N., Derham, T., Ouzieli, I., & Piessens, F. (2018, June). Operating channel validation: preventing Multi-Channel Man-in-the-Middle attacks against protected Wi-Fi networks. In Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks (pp. 34-39). [11] Chittamuru, S. V. R., Thakkar, I. G., Pasricha, S., Vatsavai, S. S., & Bhat, V. (2020). Exploiting Process Variations to Secure Photonic NoC Architectures from Snooping Attacks. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.
  • 27. [12] Rupprecht, D., Kohls, K., Holz, T., & Pöpper, C. (2019, May). Breaking LTE on layer two. In 2019 IEEE Symposium on Security and Privacy (SP) (pp. 1121-1136). IEEE. [13] Ullas, S. U., & Sandeep, J. (2019). Reliable Monitoring Security System to Prevent MAC Spoofing in Ubiquitous Wireless Network. In Advances in Big Data and Cloud Computing (pp. 141-153). Springer, Singapore. [14] Maithili, K., Vinothkumar, V., & Latha, P. (2018). Analyzing the security mechanisms to prevent unauthorized access in cloud and network security. Journal of Computational and Theoretical Nanoscience, 15(6-7), 2059-2063. [15] Tochner, S., Zohar, A., & Schmid, S. (2020, October). Route Hijacking and DoS in Off- Chain Networks. In Proceedings of the 2nd ACM Conference on Advances in Financial Technologies (pp. 228-240). [16] Alharthi, D. N., Hammad, M. M., & Regan, A. C. (2020, March). A taxonomy of social engineering defense mechanisms. In Future of Information and Communication Conference (pp. 27-41). Springer, Cham. [17] Metz, L. A. E. P. (2020). An evaluation of unity ML-Agents toolkit for learning boss strategies (Doctoral dissertation). [18] Shringarputale, S., McDaniel, P., Butler, K., & La Porta, T. (2020, November). Co- residency Attacks on Containers are Real. In Proceedings of the 2020 ACM SIGSAC Conference on Cloud Computing Security Workshop (pp. 53-66). [19] Xia, W., Cong, W., Wei, Y., & Li, C. (2020). Critical angle of attack and the corresponding impact cavity for non-circuitous trajectory of water entry of circular cylinder. Applied Ocean Research, 103, 102322. [20] Huang, Y., Kuo, H. K., Thomas, S., Kons, Z., Audhkhasi, K., Kingsbury, B., ... & Picheny, M. (2020, May). Leveraging unpaired text data for training end-to-end speech-to- intent systems. In ICASSP 2020-2020 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) (pp. 7984-7988). IEEE. [21] Verma, S., Hamieh, A., Huh, J. H., Holm, H., Rajagopalan, S. R., Korczynski, M., & Fefferman, N. (2016, August). Stopping amplified dns ddos attacks through distributed query rate sharing. In 2016 11th International Conference on Availability, Reliability and Security (ARES) (pp. 69-78). IEEE. [22] A. Guruswamy, R. S. Blum, S. Kishore and M. Bordogna, “On the Optimum Design of L-Estimators for Phase Offset Estimation in IEEE 1588,” IEEE Transactions on Communications, Vol. 63 , No. 9, pp. 5101 – 5115, Dec. 2015.
  • 28. [23] Karthik, A. K., & Blum, R. S. (2016). Estimation theory based robust phase offset estimation in the presence of delay attacks. arXiv preprint arXiv:1611.05117. [24] Tsigkari, D., & Spyropoulos, T. (2020). An approximation algorithm for joint caching and recommendations in cache networks. arXiv preprint arXiv:2006.08421. [25] Stricot-Tarboton, S.; Chaisiri, S.; Ko, R.K.L. Taxonomy of Man-in-the-Middle Attacks on HTTPS. In Proceedings of the 2016 IEEE Trustcom/BigDataSE/ISPA, Tianjin, China, 23–26 August 2016; pp. 527–534. [CrossRef] [26] Chen, Z.; Guo, S.; Duan, R.; Wang, S. Security Analysis on Mutual Authentication against Man-in-the-Middle Attack. In Proceedings of the First International Conference on Information Science and Engineering, Nanjing, China, 26–28 December 2009; pp. 1855– 1858. [CrossRef] [27] Conti, M.; Dragoni, N.; Lesyk, V. A Survey of Man In The Middle Attacks. IEEE Commun. Surv. Tutor. 2016, 18, 2027–2051. [CrossRef] [28] Glass, S.M.; Muthukkumarasamy, V.; Portmann, M. Detecting Man-in-the-Middle and Wormhole Attacks in Wireless Mesh Networks. In Proceedings of the International Conference on Advanced Information Networking and Applications, Bradford, UK, 26–29 May 2009; pp. 530–538. [29] Kaplanis, C. Detection and Prevention of Man in the Middle Attacks in Wi-Fi Technology. Master’s Thesis, Aalborg University, Aalborg, Denmark, 2015.
  • 29. MINING PATTERNS OF SEQUENTIAL MALICIOUS APIS TO DETECT MALWARE Abdurrahman Pektaş1 , Elif Nurdan Pektaş2 and Tankut Acarman1 1 Department of Computer Engineering, Galatasaray University, İstanbul, Turkey 2 Siemens Turkey, Yakack Caddesi No: 111, 34870 Kartal, Istanbul, Turkey ABSTRACT In the era of information technology and connected world, detecting malware has been a major security concern for individuals, companies and even for states. The New generation of malware samples upgraded with advanced protection mechanism such as packing, and obfuscation frustrate anti-virus solutions. API call analysis is used to identify suspicious malicious behavior thanks to its description capability of a software functionality. In this paper, we propose an effective and efficient malware detection method that uses sequential pattern mining algorithm to discover representative and discriminative API call patterns. Then, we apply three machine learning algorithms to classify malware samples. Based on the experimental results, the proposed method assures favorable results with 0.999 F-measure on a dataset including 8152 malware samples belonging to 16 families and 523 benign samples. KEYWORDS Android, Malware, Frequent Sequence Mining, Behavioural Pattern, API Calls, Dynamic Analysis For More Details : http://aircconline.com/ijnsa/V10N4/10418ijnsa01.pdf Volume Link : http://airccse.org/journal/jnsa18_current.html
  • 30. REFERENCES [1] Statcounter: Operating system market share worldwide, (2018). http://gs.statcounter.com/os- marketshare#monthly-201801-201801-bar. [Online; accessed 7-October-2017]. [2] Ilsun You & Kangbin Yim (2010) “Malware obfuscation techniques: A brief survey”, Broadband, Wireless Computing, Communication and Applications (BWCCA), 2010 International Conference on, pp297– 300. [3] 2016 Symantec Security Report, Internet: https://www.symantec.com/content/dam/symantec/docs/reports/istr-21-2016-en.pdf, 29.06.2018. [4] Abdurrahman Pektas & Tankut Acarman (2018) “Malware classification based on api calls and behavior analysis”, IET Information Security, Vol. 12, No.2, pp 107-117. [5] Abdurrahman Pektas & Tankut Acarman (2014) “A dynamic malware analyzer against virtual machine aware malicious software”, Security and Communication Networks, Vol. 7, No.12, pp2245–2257. [6] Nizar R Mabroukeh & Christie I Ezeife (2010)“A taxonomy of sequential pattern mining algorithms”, ACM Computing Surveys (CSUR), Vol. 43, No.1:3 [7] Philippe Fournier-Viger & Jerry Chun-Wei Lin & Rage Uday Kiran & Yun Sing Koh & Rincy Thomas (2017) “A survey of sequential pattern mining”, Data Science and Pattern Recognition, Vol.1, No.1, pp54–77. [8] Yong Qiao & Jie He & Yuexiang Yang & Lin Ji (2013) “Analyzing malware by abstracting the frequent itemsets in api call sequences”,Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on, pp.265–270. [9] Youngjoon Ki & Eunjin Kim & Huy Kang Kim (2015) “A novel approach to detect malware based on api call sequence analysis”, International Journal of Distributed Sensor Networks, Vol. 11, No.6,pp:95-10. [10] In Kyeom Cho & Eul Gyu Im (2015), “Extracting representative api patterns of malware families using multiple sequence alignments”, In Proceedings of the 2015 Conference on research in adaptive and convergent systems, pp.308–313. [11] Winfried Just (2001) “Computational complexity of multiple sequence alignment with sp-score”, Journal of computational biology, Vol. 8, No. 6. pp. 615–623. [12] Lusheng Wang & Tao Jiang (1994), “On the complexity of multiple sequence alignment”, Journal of computational biology, Vol. 1, No.4, p.337–348.
  • 31. [13] Yujie Fan &Yanfang Ye & Lifei Chen (2016), “Malicious sequential pattern mining for automatic malware detection”, Expert Systems with Applications, Vol.52, pp.16–25. [14] Iltaek Kwon & Eul Gyu Im (2017), “Extracting the representative api call patterns of malware families using recurrent neural network”, In Proceedings of the International Conference on Research in Adaptive and Convergent Systems, pp.202–207. [15] Canfora, G., Mercaldo, F., & Visaggio, C. A. (2016). An hmm and structural entropy based detector for android malware: An empirical study. Computers & Security, 61, 1-18. [16] Salehi, Z., Sami, A., & Ghiasi, M. (2017). MAAR: Robust features to detect malicious activity based on API calls, their arguments and return values. Engineering Applications of Artificial Intelligence, 59, 93-102. [17] Shijo, P. V., & Salim, A. (2015). Integrated static and dynamic analysis for malware detection. Procedia Computer Science, 46, 804-811. [18] Cuckoo Sandbox, Internet: https://cuckoosandbox.org/, 29.06.2018. [19] Virustotal, Internet: https://www.virustotal.com/, 29.06.2018. [20] Payam Refaeilzadeh & Lei Tang & Huan Liu (2009) “Cross-validation”, In Encyclopedia of database systems, pp.532–538, Springer. [21] A. Barthels, Behavior-based Malware Detection, Faculty of Informatics, The Technical University of Munich, Master Thesis, 2009. [22] Chand, C., Thakkar, A., & Ganatra, A. (2012). Sequential pattern mining: Survey and current research challenges. International Journal of Soft Computing and Engineering, 2(1), 185-193. [23] Parikh, M., Chaudhari, B., & Chand, C. (2013). A comparative study of sequential pattern mining algorithms. International Journal of Application or Innovation in Engineering & Management (IJAIEM), 2(2). [24] Mooney, C. H., & Roddick, J. F. (2013). Sequential pattern mining--approaches and algorithms. ACM Computing Surveys (CSUR), 45(2), 19. [25] Ramakrishnan Srikant & Rakesh Agrawal (1996), “Mining sequential patterns: Generalizations and performance improvements”, In International Conference on Extending Database Technology, pp.1–17, Springer. [26] Jay Ayres & Jason Flannick & Johannes Gehrke & Tomi Yiu (2002) “Sequential pattern mining using a bitmap representation”, In Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining, pp.429–435.
  • 32. [27] Mohammed J Zaki. Spade (2001) “An efficient algorithm for mining frequent sequences. Machine learning”, Vol.42, No.1-2, pp.31–60. [28] Philippe Fournier-Viger &Antonio Gomariz & Ted Gueniche &Azadeh Soltani & Cheng- Wei Wu & Vincent S Tseng (2014) “Spmf: a java open-source pattern mining library”, The Journal of Machine Learning Research, Vol.15, No.1, pp.3389–3393. [29] SPMF library, Internet: http://www.philippe-fournier-viger.com/spmf/, 29.06.2018. [30] Philippe Fournier-Viger & Antonio Gomariz & Manuel Campos & Rincy Thomas (2014) “Fast vertical mining of sequential patterns using co-occurrence information”, In Pacific- Asia Conference on Knowledge Discovery and Data Mining, pp.40–52, Springer. [31] Gandotra, E., Bansal, D., & Sofat, S. (2014). Malware analysis and classification: A survey. Journal of Information Security, 5(02), 56. [32] Leo Breiman (2001) “Random forests”, Machine learning, Vol.45, No.1, pp.5–32. [33] Padraig Cunningham & Sarah Jane Delany (2007) “k-nearest neighbour classifiers”, Multiple Classifier Systems, Vol.34, pp.1–17. [34] Marti A. Hearst & Susan T Dumais & Edgar Osuna & John Platt & Bernhard Scholkopf (1998), “Support vector machines”, IEEE Intelligent Systems and their applications, Vol. 13, No.4, pp.18–28. [35] Fabian Pedregosa & Gaël Varoquaux &Alexandre Gramfort & Vincent Michel & Bertrand Thirion & Olivier Grisel & Mathieu Blondel & Peter Prettenhofer & Ron Weiss &Vincent Dubourg (2011) “Scikit-learn: Machine learning in python”, Journal of machine learning research, Vol. 12, pp.2825–2830. [36] Hossin, M., & Sulaiman, M. N. (2015). A review on evaluation metrics for data classification evaluations. International Journal of Data Mining & Knowledge Management Process, 5(2), 1. [37] Yiming Yang (1999) “An evaluation of statistical approaches to text categorization”, Information retrieval, Vol.1, No. 1-2, pp.69–90. [38] Thomas G Dietterich (1998), “Approximate statistical tests for comparing supervised classification learning algorithms”, Neural computation, Vol.10, No.7, pp.1895–1923.
  • 33. AUTHORS Abdurrahman Pektaş received his B.Sc. and M Sc. at Galatasaray University and his PhD at the University of Joseph Fourier, all in computer engineering, in 2009, 2012 and 2015, respectively. He is a senior researcher at Galatasaray University. His research interests are analysis, detection and classification of malicious software, machine learning and security analysis tool development. Elif Nurdan Pektaş received his B.Sc. and M Sc. at Galatasaray University all in computer engineering, in 2010, and 2014, respectively. She is leading software developer at Siemens Turkey. Her research interests are developing IoT based applications, deep learning, cloud based application and automated testing. Tankut Acarman received his Ph.D. degree in Electrical and Computer engineering from the Ohio State University in 2002. He is professor and head of computer engineering department at Galatasaray University in Istanbul, Turkey. His research interests lie along all aspects of autonomous s ystems, intelligent vehicle technologies and security. He is the co-author of the book entitled “Autonomous Ground.
  • 34. HYBRIDIZATION OF DCT BASED STEGANOGRAPHY AND RANDOM GRIDS Pratarshi Saha1 , Sandeep Gurung2 and Kunal Krishanu Ghose3 1,2 Department of Computer Science & Engineering, Sikkim Manipal Institute of Technology, Majhitar, Sikkim, India 3 QualComm, Sandiego, CA, USA ABSTRACT With the increasing popularity of information technology in communication network, security has become an inseparable but vital issue for providing for confidentiality, data security, entity authentication and data origin authentication. Steganography is the scheme of hiding data into a cover media to provide confidentiality and secrecy without risking suspicion of an intruder. Visual cryptography is a new technique which provides information security using simple algorithm unlike the complex, computationally intensive algorithms used in other techniques like traditional cryptography. This technique allows visual information to be encrypted in such a way that their decryption can be performed by the Human Visual System (HVS), without any complex cryptographic algorithms. To provide a better secured system that ensures high data capacity and information security, a multilevel security system can be thought for which can be built by incorporating the principles of steganography and visual cryptography. KEYWORDS Data Security, DCT based Steganography, Random Grids, Visual Cryptography, Hybrid For More Details : http://airccse.org/journal/nsa/5413nsa13.pdf Volume Link : http://airccse.org/journal/jnsa13_current.html
  • 35. REFERENCES [1] Ahmad Movahedian Attar, Isfahan University of Technology, Omid Taheri, Isfahan University of Technology, Saeid Sadri, Isfahan University of Technology, Mohammad Javad Omidi, Isfahan University of Technology,” Data Hiding in Halftone Images Using Error Diffusion Half toning Method with Adaptive Thresholding”, 2006,pp. 2. [2] Adi Shamir and Moni Naor, “Visual Cryptography”, 1964, pp. 1-2, 3-5. [3] Hardik Patel and Preeti Dave, “Steganography Technique based on DCT Coefficients”, Jan – Feb 2012, International Journal of Engineering Research and Applications, Vol 2, Issue 1,pp 713-717, www.ijera.com. [4] Jonathan Weir and Wei Qi Yan Queen’s University Belfast, Belfast, BT7 1NN,UK,A, 2010, “Comprehensive Study of Visual Cryptography”, pp. 70. [5] Kafri, O., Keren, E., “Encryption of pictures and shapes by Random Grids.” Optics,Letters, 1987, 377–379. [6] Shyong Jian Shyu , Department of Computer Science and Information Engineering, Ming Chuan University, 5 Der Ming Rd, Gawi Shan, Taoyuan 333,Taiwan, ROC. “Image Encryption by Random Grids”, 2006, The Journal of Pattern Recognition Society, www.sciencedirect.com. [7] Tzung-Her Chen, Kai-Hsiang Tsao Department of Computer Science and Information Engineering, National Chiayi University, 300 University Rd., Chiayi City60004, Taiwan, “Threshold Visual Secret Sharing using Random Grids”,2011, pp. 1198. AUTHORS First Author:- Pratarshi Saha is a Final year student in the Department of Computer Science and Engineering at Sikkim Manipal Institute of Technology, Mazitar, Sikkim, India. He subject of interests are Computer and Information Security, Design and Analysis of Algorithms and Computer Networks. Second Author:- Sandeep Gurung received his M. Tech degree in Computer Science and Engineering from the Sikkim Manipal University in 2009 and is currently pursuing his Ph.D. degree in Computer Science and Engineering. He is a Assistant Professor in the Department of Computer Science at Sikkim Manipal Institute of Technology, Mazitar, Sikkim, India. His research interests include Computer Networks, Cryptography, Distributed Systems and Soft Computing.
  • 36. Third Author:- Kunal Krishanu Ghose did his MS (Engg.) in Electrical and Communication Engineering with specialization Wireless Sensor Network from University at Buffalo, NY, USA in 2009 and B. Tech (ECE) from NIT Durgapur, INDIA in 2006. After completion of B. Tech, he joined as a System Engineer in Aricent (Hughes Software System), Chennai for a year in 2007. Presently, he is working in Qualcomm Inc., Sandiego, CA, USA as a Sr. Engineer in Architecture Performance Department, looking after the Quad core processor technology. His areas of research interest are Mobile Network, Communications, and Cryptography.
  • 37. PERFORMANCE EVALUATION OF MACHINE LEARNING TECHNIQUES FOR DOS DETECTION IN WIRELESS SENSOR NETWORK Lama Alsulaiman and Saad Al-Ahmadi Department of Computer Science, King Saud University, Riyadh, Saudi Arabia ABSTRACT The nature of Wireless Sensor Networks (WSN) and the widespread of using WSN introduce many security threats and attacks. An effective Intrusion Detection System (IDS) should be used to detect attacks. Detecting such an attack is challenging, especially the detection of Denial of Service (DoS) attacks. Machine learning classification techniques have been used as an approach for DoS detection. This paper conducted an experiment using Waikato Environment for Knowledge Analysis (WEKA)to evaluate the efficiency of five machine learning algorithms for detecting flooding, grayhole, blackhole, and scheduling at DoS attacks in WSNs. The evaluation is based on a dataset, called WSN-DS. The results showed that the random forest classifier outperforms the other classifiers with an accuracy of 99.72%. KEYWORDS Wireless Sensor Networks, Machine Learning, Denial of Service For More Details : https://aircconline.com/ijnsa/V13N2/13221ijnsa02.pdf Volume Link : http://airccse.org/journal/jnsa21_current.html
  • 38. REFERENCES [1] N. A. A. Aziz and K. A. Aziz, “Managing disaster with wireless sensor networks,” in International Conference on Advanced Communication Technology, ICACT, 2011, pp. 202–207. [2] I. Almomani, B. Al-Kasasbeh, and M. Al-Akhras, “WSN-DS: A Dataset for Intrusion Detection Systems in Wireless Sensor Networks,” J. Sensors, vol. 2016, 2016, doi: 10.1155/2016/4731953. [3] M. A. Alsheikh, S. Lin, D. Niyato, and H. P. Tan, “Machine learning in wireless sensor networks: Algorithms, strategies, and applications,” IEEE Commun. Surv. Tutorials, 2014, doi: 10.1109/COMST.2014.2320099. [4] S. Gunduz, B. Arslan, and M. Demirci, “A review of machine learning solutions to denial- of-services attacks in wireless sensor networks,” in Proceedings - 2015 IEEE 14th International Conference on Machine Learning and Applications, ICMLA 2015, 2016, pp. 150–155, doi: 10.1109/ICMLA.2015.202. [5] M. C. Belavagi and B. Muniyal, “Performance Evaluation of Supervised Machine Learning Algorithms for Intrusion Detection,” in Procedia Computer Science, 2016, vol. 89, pp. 117– 123, doi: 10.1016/j.procs.2016.06.016. [6] G. Pachauri and S. Sharma, “Anomaly Detection in Medical Wireless Sensor Networks using Machine Learning Algorithms,” in Procedia Computer Science, 2015, vol. 70, pp. 325–333, doi: 10.1016/j.procs.2015.10.026. [7] L. Almon, M. Riecker, and M. Hollick, “Lightweight Detection of Denial-of-Service Attacks on Wireless Sensor Networks Revisited,” in Proceedings - Conference on Local Computer Networks, LCN, 2017, vol. 2017-October, pp. 444–452, doi: 10.1109/LCN.2017.110. [8] P. Nancy, S. Muthurajkumar, S. Ganapathy, S. V. N. Santhosh Kumar, M. Selvi, and K. Arputharaj, “Intrusion detection using dynamic feature selection and fuzzy temporal decision tree classification for wireless sensor networks,” IET Commun., 2020, doi: 10.1049/iet-com.2019.0172. [9] V. T. Alaparthy and S. D. Morgera, “A Multi-Level Intrusion Detection System for Wireless Sensor Networks Based on Immune Theory,” IEEE Access, 2018, doi: 10.1109/ACCESS.2018.2866962. [10] R. Vinayakumar, M. Alazab, K. P. Soman, P. Poornachandran, A. Al-Nemrat, and S. Venkatraman, “Deep Learning Approach for Intelligent Intrusion Detection System,” IEEE Access, 2019, doi: 10.1109/ACCESS.2019.2895334.
  • 39. [11] B. Riyaz and S. Ganapathy, “A deep learning approach for effective intrusion detection in wireless networks using CNN,” Soft Comput., vol. 24, no. 22, pp. 17265–17278, 2020, doi: 10.1007/s00500-020-05017-0. [12] C. Ioannou, V. Vassiliou, and C. Sergiou, “An Intrusion Detection System for Wireless Sensor Networks,” 2017, doi: 10.1109/ICT.2017.7998271. [13] O. A. Osanaiye, A. S. Alfa, and G. P. Hancke, “Denial of Service Defence for Resource Availability in Wireless Sensor Networks,” IEEE Access. 2018, doi: 10.1109/ACCESS.2018.2793841. [14] I. H. Witten, E. Frank, M. A. Hall, and C. J. Pal, Data Mining: Practical Machine Learning Tools and Techniques. 2016. [15] A. D. Wood and J. A. Stankovic, “Denial of service in sensor networks,” Computer (Long. Beach. Calif)., vol. 35, no. 10, pp. 54–62, 2002, doi: 10.1109/MC.2002.1039518. [16] G. Holmes, A. Donkin, and I. H. Witten, “WEKA: A machine learning workbench,” 1994, doi: 10.1109/anziis.1994.396988. AUTHORS Lama Alsulaiman received her bachelor's degree in Computer Science from Imam Muhammad ibn Saud Islamic University. She is currently pursuing the masterdegree in the Computer Science program at King Saud University. Her research interests are mainly in the field of Computer Networks, Networks Security, Software-Defined Networks. Saad Al-Ahmadi received the MS and Ph.D. degree in computer science from King Saud University, Saudi Arabia. He is an Associate Professor in the Department of Computer Science, King Saud University. Also, he serves as a part-time consultant in many public and private organizations. His current research interests include Cybersecurity, IoT, machine learning for healthcare, and future generation networks.
  • 40. APPLYING THE HEALTH BELIEF MODEL TO CARDIAC IMPLANTED MEDICAL DEVICE PATIENTS George W. Jackson1 and Shawon Rahman2 1 College of Business and Technology, Capella University, Minneapolis, USA 2 Professor, Dept.of Computer Science & Engineering, University of Hawaii-Hilo, 200W.KawiliStreet, Hilo, HI96720, USA ABSTRACT Wireless Implanted Medical Devices (WIMD) are helping millions of users experience a better quality of life. Because of their many benefits, these devices are experiencing dramatic growth in usage, application, and complexity. However, this rapid growth has precipitated an equally rapid growth of cybersecurity risks and threats. While it is apparent from the literature WIMD cybersecurity is a shared responsibility among manufacturers, healthcare providers, and patients; what explained what role patients should play in WIMD cybersecurity and how patients should be empowered to assume this role. The health belief model (HBM) was applied as the theoretical framework for a multiple case study which examined the question: How are the cybersecurity risks and threats related to wireless implanted medical devices being communicated to patients who have or will have these devices implanted in their bodies? The subjects of this multiple case study were sixteen cardiac device specialists in the U.S., each possessing at least one year of experience working directly with cardiac implanted medical device (CIMD) patients, who actively used cardiac device home monitoring systems. The HBM provides a systematic framework suitable for the proposed research. Because of its six-decade history of validity and its extraordinary versatility, the health belief model, more efficiently than any other model considered, provides a context for understanding and interpreting the results of this study. Thus, the theoretical contribution of this research is to apply the HBM in a setting where it has never been applied before, WIMD patient cybersecurity awareness. This analysis (using a multiple case study) will demonstrate how the HBM can assist the health practitioners, regulators, manufacturers, security practitioners, and the research community in better understanding the factors, which support WIMD patient cybersecurity awareness and subsequent adherence to cybersecurity best practices. KEYWORDS Health Belief Model, Healthcare Cybersecurity, Cardiac Implanted Device, Wireless Implanted Medical Devices, WIMD, WIMD cybersecurity For More Details : http://aircconline.com/ijnsa/V13N2/13221ijnsa03.pdf Volume Link : http://airccse.org/journal/jnsa21_current.html
  • 41. REFERENCES [1] Lee, S. Hyun. & Kim Mi Na, (2008) “This is my paper”, ABC Transactions on ECE, Vol. 10,No. 5, pp120-122. [2] Gizem, Aksahya & Ayese, Ozcan (2009) Communications & Networks, Network Books, ABC Publishers. [3] Williams, C. K., Wynn, D., Madupalli, R., Karahanna, E., & Duncan, B. K. (2014). Explaining users' security behaviors with the security belief model. Journal of Organizational and End User Computing, 26(3), 23-46. [4] Ng, B. Y., Kankanhalli, A., & Xu, Y. C. (2009). Studying users' computer security behavior: A health belief perspective. Decision Support Systems, 46(4), 815-825. [5] Jung, E. E., Ho, E. Y., Chung, H., & Sinclair, M. (2015). Perceived risk and self-efficacy regarding internet security in a marginalized community. Proceedings of the 33rd Annual ACM Conference Extended Abstracts on Human Factors in Computing Systems, ACM, 1085-1090. [6] Davinson, N., & Sillence, E. (2014). Using the health belief model to explore users' perceptions of ‘being safe and secure’ in the world of technology-mediated financial transactions. International Journal of Human-Computer Studies, 72(2), 154-168. [7] Khan, B., Alghathbar, K. S., Nabi, S. I., & Khan, M. K. (2011). The effectiveness of information security awareness methods based on psychological theories. African Journal of Business Management, 5(26), 10862-10868. [8] Marton, C., & Chun, W. C. (2012). A review of theoretical models of health information seeking on the web. Journal of Documentation, 68(3), 330-352. [9] Herath, T., & Rao, H. R. (2009). Protection motivation and deterrence: A framework for security policy compliance in organizations. European Journal of Information Systems, 18(2), 106-125. [10] Armitage, C. J., & Conner, M. (2000). Social cognition models and health behaviour: A structured review. Psychology and health, 15(2), 173-189. [11] Camara, C., Peris-Lopez, P., & Tapiador, J.E. (2015). Security and privacy issues in implantable medical devices: A comprehensive survey. Journal of Biomedical Informatics, 55, 272-289. [12] Denning, T., Borning, A., Friedman, B., Gill, B. T., Kohno, T., & Maisel, W. H. (2010). Patients, pacemakers, and implantable defibrillators: Human values and security for wireless implantable medical devices. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, 917-926.
  • 42. [13] Fu, K. (2009). Inside risks: Reducing risks of implantable medical devices. Communications of the ACM, 52(6), 25-27. [14] Fu, K., & Blum, J. (2013). Controlling for cybersecurity risks of medical device software. Communications of the ACM, 56(10), 35-37 [15] Kotz, D. (2011). A threat taxonomy for mHealth privacy. Proceedings of Third International Conference on Communication Systems and Network (COMSNETS), 1-6. [16] Leavitt, N. (2010). Researchers fight to keep implanted medical devices safe from hackers. Computer, 43(8), 11-14. [17] Ray, A., Jones, P., & Zhang, Y. (2013). Medical device security-A new frontier. Biomedical Instrumentation & Technology, 47(1), 72-72. [18] Sametinger, J., Rozenblit, J., Lysecky, R., & Ott, P. (2015). Security Challenges for Medical Devices. Communications of the ACM, 58(4), 74-82. [19] Williams, P. A., & Woodward, A. J. (2015). Cybersecurity vulnerabilities in medical devices: a complex environment and multifaceted problem. Medical Devices: Evidence and Research, 8, 305–316. [20] Middaugh, D. J. (2016). Do security flaws put your patients' health at risk? MedSurg Nursing, 25(2), 131-133. [21] Boulos, P., Sargolzaei, A., Ziaei, A., & Sargolzaei, S. (2016). Pacemakers: A Survey on Development History, Cyber-Security Threats, and Countermeasures. [22] Perakslis, E. D. (2014). Cybersecurity in health care. New England Journal of Medicine, 371(5), 395-397. [23] Lyon, D. (2016). Making Trade-Offs for Safe, Effective, and Secure Patient Care. Journal of Diabetes Science and Technology, [24] Sansurooah, K. (2015). Security risks of medical devices in wireless environments. [25] Appari, A., & Johnson, M. E. (2010). Information security and privacy in healthcare: Current state of research. International Journal of Internet and management, 6(4), 279-314. [26] Armstrong, D. G., Kleidermacher, D. N., Klonoff, D. C., & Slepian, M. J. (2015). Cyber security regulation of wireless devices for performance and assurance in the age of “medjacking”. Journal of Diabetes Science and Technology, 1-4. [27] Garfinkel, S. L. (2012). The cybersecurity risk. Communications of the ACM, 55(6), 29-32.
  • 43. [28] Klonoff, D. C. (2015). Cybersecurity for connected diabetes devices. Journal of diabetes science and technology. [29] Rushanan, M., Rubin, A. D., Kune, D. F., & Swanson, C. M. (2014). SoK: Security and privacy in implantable medical devices and body area networks. Proceedings of IEEE Security and Privacy 2014 Symposium, 524-539. [30] Wirth, A. (2011). Cybercrimes pose growing threat to medical devices. Biomedical Instrumentation & Technology, 45(1), 26-34. [31] Hansen, J. A., & Hansen, N. M. (2010). A taxonomy of vulnerabilities in implantable medical devices. In Proceedings of the Second Annual Workshop On Security and Privacy in Medical and Home-Care Systems, 13-20/ [32] Murphy, S. (2015). Is cyber security possible in healthcare? National Cybersecurity Institute Journal,1(3)49-63. [33] Gupta, S. (2012). Implantable Medical Devices-Cyber Risks and Mitigation Approaches. In Proceedings of the Cybersecurity in Cyber-Physical Workshop, The National Institute of Standards and Technology (NIST), US. [34] Ellouze, N., Rekhis, S., Boudriga, N., & Allouche, M. (2017). Cardiac Implantable Medical Devices forensics: Postmortem analysis of lethal attacks scenarios. Digital Investigation, 21, 11- 30. [35] Halperin, D., Heydt-Benjamin, T. S., Fu, K., Kohno, T., & Maisel, W. H. (2008). Security and privacy for implantable medical devices. IEEE pervasive computing, 7(1), 30-39. [36] Burleson, W., Clark, S. S., Ransford, B., & Fu, K. (2012, June). Design challenges for secure implantable medical devices. In Proceedings of the 49th Annual Design Automation Conference (pp. 12-17). ACM. [37] Rostami, M., Burleson, W., Koushanfar, F., & Juels, A. (2013, May). Balancing security and utility in medical devices? In Proceedings of the 50th Annual Design Automation Conference (p. 13). ACM. [38] Faizi, Salman and Rahman, Shawon;” Securing Cloud Computing Through IT Governance”; International Journal of Information Technology in Industry (ITII), vol. 7, no.1, 2019, Pages: 1-14 [39] Jackson, George and Rahman, Shawon; “Exploring Challenges and Opportunities in Cybersecurity Risk and Threat Communications related to the Medical Internet of Things (MIoT)”, International Journal of Network Security & Its Applications (IJNSA), Vol. 11, No.4, July 2019.
  • 44. [40] Loukaka, Alain and Rahman, Shawon; “Discovering New Cyber Protection Approaches From a Security Professional Prospective”; International Journal of Computer Networks & Communications (IJCNC) Vol.9, No.4, July 2017 [41] Al-Mamun, Abdullah, Rahman, Shawon and et al;“ Security Analysis of AES and Enhancing its Security by Modifying S-Box with an Additional Byte ”; International Journal of Computer Networks & Communications (IJCNC), Vol.9, No.2, March 2017 [42] Opala, Omondi John; Rahman, Shawon; and Alelaiwi, Abdulhameed; “The Influence of Information Security on the Adoption of Cloud computing: An Exploratory Analysis”, International Journal of Computer Networks & Communications (IJCNC), Vol.7, No.4, July 2015 [43] Faizi, Salman and Rahman, Shawon; “Secured Cloud for Enterprise Computing”; 34th International Conference on Computers and Their Applications (CATA-2019), March 18-20, 2019, Waikiki Beach Marriott Resort & Spa, Honolulu, Hawaii, USA [44] Faizi, Salman and Rahman, Shawon; “Choosing the Best-fit Lifecycle Framework while Addressing Functionality and Security Issues”; 34th International Conference on Computers and Their Applications (CATA-2019), March 18-20, 2019, Waikiki Beach Marriott Resort & Spa, Honolulu, Hawaii, USA [45] Schneider, Marvin and Rahman, Shawon “Protection Motivation Theory Factors that Influence Undergraduates to Adopt Smartphone Security Measures ”; International Journal of Information Technology in Industry (ITII), Vol 9, No 1 (2021) AUTHORS Dr. George W. Jackson, Jr. has earned a Ph.D. in Information Technology, Information Assurance, and Cybersecurity degree from Capella University. He has nearly 30 years of experience in Information Technology, Information Security, and IT Project Management. A seasoned business and technology expert possessing an MBA and IT Management and professional certifications in Project Management, Information Security, and Healthcare Information Security and Privacy. Dr. Shawon S. M. Rahman is a Professor of Computer Science at the University of Hawaii-Hilo and a part-time faculty of Information Technology, Information Assurance and Security Program at the Capella University. Dr. Rahman’s research interests include software engineering education, information assurance and security, digital forensics, web accessibility, cloud computing, and software testing and quality assurance. He has published over 125 peer reviewed articles in various international journals, conferences, and books. He is an active member of many professional organizations including IEEE, ACM, ASEE, ASQ, and UPE.