Information Security Journal: A Global Perspective最新文献_第7页

A primer on insider threats in cybersecurity 网络安全内部威胁入门

Information Security Journal: A Global Perspective Pub Date : 2021-09-07 DOI: 10.1080/19393555.2021.1971802

Sunitha Prabhu, Nik Thompson

引用次数: 6

An intelligent and lightweight intrusion detection mechanism for RPL routing attacks by applying automata model 应用自动机模型，提出了一种针对RPL路由攻击的智能轻量级入侵检测机制

Information Security Journal: A Global Perspective Pub Date : 2021-09-07 DOI: 10.1080/19393555.2021.1971803

D. Gothawal, S. Nagaraj

{"title":"An intelligent and lightweight intrusion detection mechanism for RPL routing attacks by applying automata model","authors":"D. Gothawal, S. Nagaraj","doi":"10.1080/19393555.2021.1971803","DOIUrl":"https://doi.org/10.1080/19393555.2021.1971803","url":null,"abstract":"ABSTRACT Routing Protocol for Low power and Lossy network (RPL) offers a set of mechanisms to attain efficient communication over resource-limited heterogeneous IoT environments. RPL attacks downgrade the network performance by disrupting the optimal protocol structure. So it is crucial to develop lightweight security solutions to detect such attacks and maximize the RPL performance. This paper designs an intelligent and lightweight IDS model named RPL Attacks based on Intrusion Detection for Efficient Routing (RAIDER) to reinforce security of RPL routing mechanism. RAIDER addresses the lack of security over RPL by analyzing the impacts of four RPL attacks using simulation, incorporates an automata theory with the IDS nodes to scrutinize the node behavior and to diminish the impact of such attacks. The IDS nodes monitor the network and periodically transplant the observed information as different states based on the finite automata theory. RAIDAR takes attack decisions based on the state transitions pre-estimated threshold of context-aware attack decision-making model and detects RPL attacks. RAIDER improves the RPL routing performance with minimum energy consumption. The Contiki Cooja-based simulation results demonstrate the efficiency of the RAIDER in terms of the packet delivery ratio, energy consumption, delay, overhead, attack detection accuracy, and network lifetime.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"2013 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125464808","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 1

Jack pandemus – Cyber incident and emergency response during a pandemic 大流行期间的网络事件和紧急响应

Information Security Journal: A Global Perspective Pub Date : 2021-09-03 DOI: 10.1080/19393555.2021.1980159

Erik B. Korn, Douglas M. Fletcher, Erica M. Mitchell, Aryn A. Pyke, Steven M. Whitham

{"title":"Jack pandemus – Cyber incident and emergency response during a pandemic","authors":"Erik B. Korn, Douglas M. Fletcher, Erica M. Mitchell, Aryn A. Pyke, Steven M. Whitham","doi":"10.1080/19393555.2021.1980159","DOIUrl":"https://doi.org/10.1080/19393555.2021.1980159","url":null,"abstract":"ABSTRACT COVID-19 quickly gave rise to a newly expansive space wrought with unforeseen vulnerabilities. Cyber threat actors swiftly identified this space and immediately began seizing targets of opportunity amid chaotic conditions. Recognizing this emerging challenge, our goal was to find a mechanism that would support better understanding of holistic cyber incident response in the context of emergency management amid pandemic circumstances. Therefore, we conducted Jack Pandemus, a distributed event that simulated concurrent cyber and emergency incident response challenges. This event first occurred with Charleston, South Carolina followed by Savannah, Georgia. Each iteration included public and private sector entities whose positions corresponded with real-world cyber incident and/or emergency response. Jack Pandemus introduced a cascading multisector cyber incident under pandemic conditions with a focus on identifying cross-sector gaps, dependencies, constraints, strengths, and lessons learned. Jack Pandemus ultimately revealed: that physical pandemic stressors can significantly impact cyber incident response; that emergency response remains primarily focused on pandemic impacts despite concurrent cyber consequences; that locally shared resources are quickly exhausted during a multisector crisis; that significant confusion remains between public and private sectors regarding how and when to request additional support; and that cybersecurity is not treated as an operational problem despite considerable cascading potential.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124321968","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 3

Color image encryption using RSA cryptosystem with a chaotic map in Hartley domain 采用Hartley域混沌映射的RSA密码系统进行彩色图像加密

Information Security Journal: A Global Perspective Pub Date : 2021-08-24 DOI: 10.1080/19393555.2021.1963018

Umar Hussain Mir, Deep Singh, Parveiz Nazir Lone

引用次数: 10

A multi-stage chaotic encryption technique for medical image 医学图像的多阶段混沌加密技术

Information Security Journal: A Global Perspective Pub Date : 2021-08-18 DOI: 10.1080/19393555.2021.1934197

Md. Siddiqur Rahman Tanveer, K. R. Alam, Y. Morimoto

引用次数: 4

PAC: Privacy preserving proxy re-encryption for access control in public cloud PAC:用于公共云访问控制的隐私保护代理重新加密

Information Security Journal: A Global Perspective Pub Date : 2021-08-15 DOI: 10.1080/19393555.2021.1959679

Payal Chaudhari, M. Das

{"title":"PAC: Privacy preserving proxy re-encryption for access control in public cloud","authors":"Payal Chaudhari, M. Das","doi":"10.1080/19393555.2021.1959679","DOIUrl":"https://doi.org/10.1080/19393555.2021.1959679","url":null,"abstract":"ABSTRACT Proxy re-encryption is an essential prerequisite that facilitates a foreign entity (e.g., cloud server) to enforce the access of provisions of a document extended by one user to another user. While performing this task it is essential that the foreign entity does not learn any information about the actual document inside the encrypted envelop. In this paper, we present a scheme on Privacy-preserving Proxy Re-encryption for Access Control in Public Cloud, termed as PAC, that provides the proxy re-encryption of attribute-based encrypted data with receiver privacy. The proposed PAC scheme enables a proxy server to perform the re-encryption operation without learning anything about the data or the access policy. The PAC provides data confidentiality, and preserves receiver privacy. We show the PAC scheme adaptively secure against indistinguishability of ciphertext policy and chosen-plaintext attack (IND-CP-CPA) under the 2-Decisional Bilinear Diffie-Hellman Inversion assumption. The scheme is implemented on Google cloud instance and the experimental results show that the PAC scheme is storage and computation-efficient when compared to other related schemes.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-08-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127593656","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 2

A new DCT based robust image watermarking scheme using cellular automata 一种新的基于元胞自动机的DCT鲁棒图像水印方案

Information Security Journal: A Global Perspective Pub Date : 2021-08-09 DOI: 10.1080/19393555.2021.1956023

Manasi Jana, Biswapati Jana

{"title":"A new DCT based robust image watermarking scheme using cellular automata","authors":"Manasi Jana, Biswapati Jana","doi":"10.1080/19393555.2021.1956023","DOIUrl":"https://doi.org/10.1080/19393555.2021.1956023","url":null,"abstract":"ABSTRACT Modern research in image watermarking focuses not only on security but also increasing the payload without having any detectable signature within the media. In this paper, a new Discrete Cosine Transform (DCT)-based image watermarking scheme has been proposed using Cellular Automata (CA). Here, a color cover image is split into three color channels: Red, Green and Blue. Then, DCT is applied on 8 x 8 non-overlapping blocks of each channel followed by a ZigZag scanning. Before embedding, the watermark is encrypted by applying CA rule-15 to make it more secure and robust. The encrypted watermark logo is embedded through DCT coefficients modification using CA rule-340 and mapping table. The proposed scheme is compared with existing state-of-the-art algorithms with respect to embedding capacity, imperceptibility and robustness. Results of the simulation show good imperceptibility measured in terms of Peak Signal-to-Noise Ratio (PSNR) with an average value of 54 dB and simultaneously having high payload of 1.48 bpp. Experimental results under different standard attacks show the superiority of the proposed algorithm as compared with other schemes in the field of image watermarking.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-08-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128589387","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 8

Public attitudes towards privacy in COVID-19 times in the Republic of Ireland: A pilot study 2019冠状病毒病时期爱尔兰共和国公众对隐私的态度:一项试点研究

Information Security Journal: A Global Perspective Pub Date : 2021-08-08 DOI: 10.1080/19393555.2021.1956650

Malika Bendechache, P. Lohar, G. Xie, Rob Brennan, R. Trestian, Edoardo Celeste, K. Kapanova, E. Jayasekera, Irina Tal

{"title":"Public attitudes towards privacy in COVID-19 times in the Republic of Ireland: A pilot study","authors":"Malika Bendechache, P. Lohar, G. Xie, Rob Brennan, R. Trestian, Edoardo Celeste, K. Kapanova, E. Jayasekera, Irina Tal","doi":"10.1080/19393555.2021.1956650","DOIUrl":"https://doi.org/10.1080/19393555.2021.1956650","url":null,"abstract":"ABSTRACT This research focuses on designing methods aimed at assessing Irish public attitudes regarding privacy in COVID-19 times and their influence on the adoption of COVID-19 spread control technology such as the COVID tracker app. The success of such technologies is dependent on their adoption rate and privacy concerns may be a factor delaying or preventing thus adoption. An online questionnaire was built to collect: demographic data, participant’s general privacy profile using the Privacy Segmentation Index (PSI) which classifies individuals into 3 groups (privacy fundamentalists, pragmatists, and unconcerned), and the attitudes toward privacy in COVID-19 times. The questionnaire was shared via websites and social networks. The data was collected between 27/08/2020 to 27/9/2020. We received and analyzed 258 responses. The initial pilot study found that almost 73% of the respondents were pragmatists or unconcerned about privacy when it came to sharing their private data. Comparable results were obtained with other privacy studies that have employed PSI. The pilot indicates a huge increase, from 12% pre-pandemic to 61% during the pandemic, of people willing to share their data. The questionnaire developed following this study is further used in a national survey on privacy in COVID-19 times.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-08-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125646766","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 1

BYOD security issues: a systematic literature review BYOD安全问题:系统的文献综述

Information Security Journal: A Global Perspective Pub Date : 2021-07-22 DOI: 10.1080/19393555.2021.1923873

Melva M. Ratchford, O. El-Gayar, C. Noteboom, Yong Wang

{"title":"BYOD security issues: a systematic literature review","authors":"Melva M. Ratchford, O. El-Gayar, C. Noteboom, Yong Wang","doi":"10.1080/19393555.2021.1923873","DOIUrl":"https://doi.org/10.1080/19393555.2021.1923873","url":null,"abstract":"ABSTRACT Organizations are exposed to new security risks when they allow employees’ personal mobile devices to access the network and the corporate data (a phenomenon called ‘Bring Your Own Device’ or BYOD). They are confronted with inherent security issues that need to be addressed in order to protect the organization and its information. What are the security issues and considerations associated with BYOD environments? With this in mind, the objective of this paper is to present a systematic literature review of scholarly literature (2010–2019) with respect to BYOD security, and to suggest a classification scheme that depicts a holistic approach to securing BYOD environments. The results of this review include the analysis of 38 scholarly articles, where 22 security issues were identified. Based on the proposed classification scheme, the analysis of the findings shows that 86% of the articles identified security issues and considerations associated with the IT domain, 51% identified security issues related to the Management domain, 45% related to the Users domain, and 19% related to the Mobile Device domain. The results also show that BYOD security issues corresponding to policies are among the most frequently addressed concerns, followed by network security, data protection, user’s attitude/behavior and governance.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"66 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128080174","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 8

A new image encryption scheme based on a hyperchaotic system & multi specific S-boxes 一种基于超混沌系统和多特定s盒的图像加密新方案

Information Security Journal: A Global Perspective Pub Date : 2021-07-02 DOI: 10.1080/19393555.2021.1943572

A. H. Brahim, A. Ali-Pacha, N. Hadj-Said

{"title":"A new image encryption scheme based on a hyperchaotic system & multi specific S-boxes","authors":"A. H. Brahim, A. Ali-Pacha, N. Hadj-Said","doi":"10.1080/19393555.2021.1943572","DOIUrl":"https://doi.org/10.1080/19393555.2021.1943572","url":null,"abstract":"ABSTRACT This paper studies a new image encryption scheme based on a hyperchaotic system & multi-specific S-boxes. First, the hyperchaotic system generates a sequence that is used to create a specific S-box. The S-box is obtained by sorting the values of the sequence of hyperchaotics of increasing sort, and then taking their index as a new sequence to create the S-box. The number of specific S-boxes needed to encrypt the image depends on the rows of the plain image. Second, each row of the plain image is substituted by a different S-box to obtain the rows of the pre-encrypted image. Third, to increase the level of security, each specific S-box is considered as a column of the mask matrix. Then, a permutation is applied to the mask matrix, which used the last sequence of the hyperchaotic to permuted the rows of the mask matrix to obtain the permuted mask matrix. Finally, the XOR operation is applied between the permuted mask matrix and the pre-encrypted image to obtain the final cipher image. Experimental and analysis results show that the proposed algorithm has a good performance in terms of security, high sensitivity, as well as low time complexity.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114835769","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 14