Journal of Applied Security Research最新文献

{"title":"Public-Private Partnerships: Exploring Perceptions and Efficacy of Community Security Patrols","authors":"S. Holmes, R. Wolf, Thomas Baker","doi":"10.1080/19361610.2022.2086782","DOIUrl":"https://doi.org/10.1080/19361610.2022.2086782","url":null,"abstract":"","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":" ","pages":""},"PeriodicalIF":1.3,"publicationDate":"2022-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45245557","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Security Enhancement of Third Parties Is Needed in Global Supply Chain Management","authors":"Y. Takefuji","doi":"10.1080/19361610.2022.2086785","DOIUrl":"https://doi.org/10.1080/19361610.2022.2086785","url":null,"abstract":"Abstract Incident reports show the high risk of losing trust in global supply chain management. Under the covid-19 pandemic, cloud-based global supply chains have been vulnerable to malicious attacks. The goal of this paper is to show the high risk caused by third-party access in the current global supply chains and how to mitigate it. Based on the incident reports, global supply chain leaders are unaware of the risks of third-party access. The current global supply chains must be transformed into robust and resilient systems against malicious attacks. This paper shows methods on how to mitigate the high-security risk. HIGHLIGHTS Incident reports show the high risk of losing trust in global supply chain management against malicious attacks. The high risk caused by third-party access in the current global supply chains will be illustrated. Global supply chain leaders are unaware of the risks of third-party access. The global supply chains must be transformed into robust systems. This paper shows methods on how to mitigate the high-security risk in third-party logistics. The lower the risk, the lower the chance of losing trust. The more a leader is aware of the high risks, the less likely he or she is to lose trust.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"18 1","pages":"766 - 773"},"PeriodicalIF":1.3,"publicationDate":"2022-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43688960","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Modified Deterministic Approach for Size Invariant Visual Secret Sharing with Improved Quality of Recovered Secret","authors":"R. Chaturvedi, Sudeep D. Thepade, Swati Ahirrao","doi":"10.1080/19361610.2022.2080470","DOIUrl":"https://doi.org/10.1080/19361610.2022.2080470","url":null,"abstract":"Abstract In the digital world, securing data is very significant. Digital data can focus either on content secrecy or the quality of recovered secret content. Visual Secret Sharing (VSS) becomes vital when content secrecy is essential over quality. VSS encrypts the secret into “n” share. The individual share cannot reveal any information; the secret gets revealed only when a predefined number of shares come together. Earlier attempted probabilistic and random grid approaches of size invariant VSS compromise in quality of recovered secret. Paper presents a method as a modified deterministic approach for size invariant VSS with improved quality of recovered secret; giving minimum Mean Squared Error (MSE), maximum Peak Signal to Noise Ratio (PSNR), and Structural Similarity Index (SSIM) close to “1” as compared to other existing methods.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"18 1","pages":"700 - 717"},"PeriodicalIF":1.3,"publicationDate":"2022-06-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45034632","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Application and Criminalization of the Artificial Intelligence in Business: Recommendation to Counter the Regulatory Challenges","authors":"A. Mahmud","doi":"10.1080/19361610.2022.2079939","DOIUrl":"https://doi.org/10.1080/19361610.2022.2079939","url":null,"abstract":"Abstract Artificial Intelligence (AI) is playing a significant role in our social and daily life for technological development. The efficient integration of AI into business organizations or firms is improving performance and efficiency on a significant scale. Nowadays, artificial intelligence (AI) is assisting criminal activities or committing crimes through autonomous activity related to business, e-commerce, and market manipulation. AI could be used to aid criminal activity or, in certain situations, a mistake has resulted in criminal activity and most of the fields lack strong legislative safeguards due to the regulatory challenges imposed by the special nature of AI-Crime (AIC). The paper has examined the application and criminalization of AI in business and firm management. As we will have to strengthen the legislation for managing, preventing, and punishing AI-based business-related crimes, the last segment of the paper has suggested recommendations to counter the regulatory challenges.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"18 1","pages":"689 - 699"},"PeriodicalIF":1.3,"publicationDate":"2022-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"46004240","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Understanding the Users’ Intention to Use the Three-Factor Authentication for Preserving the Privacy of Patient Data","authors":"Niranjan Gandhi, Kanchan Patil","doi":"10.1080/19361610.2022.2060025","DOIUrl":"https://doi.org/10.1080/19361610.2022.2060025","url":null,"abstract":"Abstract Digital health is the foundation for the future growth of healthcare. The healthcare industry is leveraging digital transformation to empower the association between physicians and patients and ameliorate health results. Researchers and experts in health informatics are eager to see how new technologies can be used in the healthcare domain to enable real-time health monitoring, such as remote access to users' health data, tracking and alerts, and real-time reporting, allowing doctors to better care for their patients. By improving the security, privacy, and interoperability of health records, as well as easing Health Information Exchanges (HIE), the adoption of healthcare technologies can be encouraged. This can be accomplished through the use of a three-factor authentication architecture, which not only increases information assurance at a cheap rate but also defends patients' privacy in dispersed systems. Hence, using Technology Acceptance Model (TAM), this paper reflects patients’ and health professionals’ intention to use and implement the three-factor authentication in the master component of information technology in health: Electronic Health Records (EHR) systems. User authentication is an important component that possibly is incorporated in Electronic Health Records (EHRs) to shield patient information and restrict access to the medical server by unauthorized individuals. This research aimed to discover the relationship between perceived usefulness, perceived ease of use, perceived risk, trust, security and privacy, Information Integrity, and computer self-efficacy and the intention to use three-factor authentication for EHR systems. Respondents were requested to fill the questionnaire on their health data using google forms and partial least squares structural equation modeling was used to analyze around 193 responses. Results stipulated that intention to use was directly influenced mainly by perceived usefulness, perceived ease of use, perceived risk, trust, and information integrity. Age, gender, and knowledge of data security and privacy were used to conduct a moderation analysis, which revealed significant variations between the groups in terms of the effectiveness of certain associations and the average responses between the variables. This will aid the researchers in identifying the latest trends and recognizing areas in the authentication system that need improvement.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"18 1","pages":"597 - 626"},"PeriodicalIF":1.3,"publicationDate":"2022-05-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"46904550","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Improving Classification Performance for Malware Detection Using Genetic Programming Feature Selection Techniques","authors":"Heba Harahsheh, M. Alshraideh, S. Al-Sharaeh, R. Al-Sayyed","doi":"10.1080/19361610.2022.2067459","DOIUrl":"https://doi.org/10.1080/19361610.2022.2067459","url":null,"abstract":"Abstract Malware is the term used to describe any malicious software or code that is harmful to systems. From day to day, new malicious programs appear. To classify malware according to its characteristics, machine learning is now being used; this is because most new malware contains patterns that are similar to old ones. This paper proposes two feature selection methods based on Genetic Programming (GP) for predicting malware; the first is called Genetic Programming-Mean (GPM), and the second is called Genetic Programming-Mean Plus (GPMP). The results of these two methods were compared with three state-of-the-art popular feature selection techniques: filter-based, wrapper-based, and Chi-square. In this work, we compare the two proposed methods (GPM and GPMP) with these three widely used feature selection techniques. The results demonstrate that the proposed techniques beat these state-of-the-art ones in terms of accuracy and F-score. The results also revealed that the proposed methods employed less computation time and hence an enhanced performance when compared with filter-based, and wrapper-based feature selection. The proposed methods were evaluated using four datasets. Two classifiers were used to evaluate the proposed feature selection methods: Random Forest and Decision Tree. When a Random Forest classifier is used, our results showed that it outperformed the Decision Tree classifier in indicators, such as F1-score, recall, and precision. The analysis of results using Random Forest and Decision Tree proves that the proposed method is highly efficient.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"18 1","pages":"627 - 647"},"PeriodicalIF":1.3,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44410983","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"New Signature Scheme Based on Elliptic Curve and Factoring Problems Using Chaotic Map","authors":"N. Tahat, S. Shatnawi","doi":"10.1080/19361610.2022.2041157","DOIUrl":"https://doi.org/10.1080/19361610.2022.2041157","url":null,"abstract":"Abstract In this paper, we present the new signature scheme based on elliptic curve (EC) and factoring (FAC) problems using chaotic maps (CMs). The newly developed scheme requires only minimal and low-complexity computations, which makes it very efficient. We compare our scheme with the other schemes with respect to signature generation cost, signature size, and verification cost and show that our scheme is superior to the other schemes. To the best of our knowledge, this is the first time a signature scheme based on EC and FAC problems using CMs has been proposed.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"18 1","pages":"588 - 596"},"PeriodicalIF":1.3,"publicationDate":"2022-03-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45707981","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Statement of Retraction: A Survey on Malware Detection and Classification","authors":"Rupali Komatwara, M. Kokare, A. Souri","doi":"10.1080/19361610.2022.2039530","DOIUrl":"https://doi.org/10.1080/19361610.2022.2039530","url":null,"abstract":"Alireza Souri & Rahil Hosseini (2018). A state-of-the-art survey of malware detection approaches using data mining techniques. Human-centric Computing and Information Sciences, 8. Lakshmanan Nataraj, Gregorie Jacob & B. S. Manjunath (2010). Detecting Packed Executables Based on Raw Binary Data. Technical Report, Vision Research Lab, University of California Santa Barbara. Lakshmanan Nataraj (2011). Malware Images: Visualization and Automatic Classification. Proceedings of the 8th International Symposium on Visualization for Cyber Security. Lakshmanan Nataraj (2015). A Signal Processing Approach to Malware Analysis. Ph.D. thesis, University of California Santa Barbara.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"18 1","pages":"663 - 663"},"PeriodicalIF":1.3,"publicationDate":"2022-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45807993","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Comprehensive Comparison of Security Measurement Models","authors":"M. Khaleghi, M. Aref, M. Rasti","doi":"10.1080/19361610.2021.1981089","DOIUrl":"https://doi.org/10.1080/19361610.2021.1981089","url":null,"abstract":"Abstract Security measurement models (SMMs) and their corresponding derived metrics form the main pillars of a systematic security measurement. Providing a desirable SMM is very challenging and has been investigated over the past two decades, so that numerous SMMs have been proposed and several surveys on SMMs have been performed. However, to the best of our knowledge, neither a systematic taxonomy nor a comprehensive comparison has yet been proposed for SMMs. This paper focuses on the comprehensive comparison of SMMs relying on a feature-based approach. The plurality and diversity of the compared SMMs enable us to deduce all the open issues.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"18 1","pages":"333 - 401"},"PeriodicalIF":1.3,"publicationDate":"2022-02-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43201293","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Queen of Cuba","authors":"A. R. Pereira","doi":"10.1080/19361610.2022.2034476","DOIUrl":"https://doi.org/10.1080/19361610.2022.2034476","url":null,"abstract":"Abstract Ana Montes, a senior intelligence analyst, spied on the Defense Intelligence Agency for Cubans. Highly specialized in Latin American military intelligence, she was known as “Queen of Cuba.” Her traumatic childhood made her susceptible to recruitment and her motivation was ideological. Using classic espionage techniques, mainly memorization, she managed to spy for 16 years until she was discovered. The findings of an American spy in Cuba, a bad relationship with coworkers, and the lack of a support agent led to her exposure. Ana was sentenced to 25 years in prison and five to probation. Her case indicates 10 conclusions about espionage.","PeriodicalId":44585,"journal":{"name":"Journal of Applied Security Research","volume":"18 1","pages":"576 - 587"},"PeriodicalIF":1.3,"publicationDate":"2022-02-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48649583","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}