Pub Date : 2024-08-10DOI: 10.1080/19393555.2024.2387347
Heather Holden, Victor Munro, Lina Tsakiris, Alex Wilner
{"title":"“The pull to do nothing would be strong”: limitations & opportunities in reporting insider threats","authors":"Heather Holden, Victor Munro, Lina Tsakiris, Alex Wilner","doi":"10.1080/19393555.2024.2387347","DOIUrl":"https://doi.org/10.1080/19393555.2024.2387347","url":null,"abstract":"","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"17 9","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-08-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141920990","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-05-15DOI: 10.1080/19393555.2024.2347243
Shail Saharan, Vishal Gupta
{"title":"Prevention of DDoS attacks: a comprehensive review and future directions","authors":"Shail Saharan, Vishal Gupta","doi":"10.1080/19393555.2024.2347243","DOIUrl":"https://doi.org/10.1080/19393555.2024.2347243","url":null,"abstract":"","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"28 9","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-05-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140974230","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-05-06DOI: 10.1080/19393555.2024.2347682
N.G. Nageswari Amma, T. Jayaraj, N. G. B. Amma
{"title":"Towards improving the security of wireless networks using secured session keys","authors":"N.G. Nageswari Amma, T. Jayaraj, N. G. B. Amma","doi":"10.1080/19393555.2024.2347682","DOIUrl":"https://doi.org/10.1080/19393555.2024.2347682","url":null,"abstract":"","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"360 20","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-05-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141006668","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-05-01DOI: 10.1080/19393555.2024.2347255
Mila Malekolkalami, Leila Jabbari, Hassan Mantegh
{"title":"Evaluating the status of information security management in faculty libraries: a case study of Allameh Tabatabai University","authors":"Mila Malekolkalami, Leila Jabbari, Hassan Mantegh","doi":"10.1080/19393555.2024.2347255","DOIUrl":"https://doi.org/10.1080/19393555.2024.2347255","url":null,"abstract":"","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"240 2","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141056168","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-12-30DOI: 10.1080/19393555.2023.2292996
Chinnaraj Govindasamy, Arokiasamy Antonidoss
{"title":"Privacy preservation of inventory management using adaptive key generation with Hyperledger blockchain technology","authors":"Chinnaraj Govindasamy, Arokiasamy Antonidoss","doi":"10.1080/19393555.2023.2292996","DOIUrl":"https://doi.org/10.1080/19393555.2023.2292996","url":null,"abstract":"","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":" 10","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139138256","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-11-10DOI: 10.1080/19393555.2023.2279535
S. Asha Varma, K. Ganesh Reddy
ABSTRACTCloud computing makes it easier for users to access resources from anywhere at any time. This is for as long as they have access to the internet connectivity by employing a “pay-as-you-use” model. Despite its merits, cloud computing faces shortcomings, notably the escalating security concerns linked with it. Distributed Denial of Service (DDoS) attack is a primary and biggest concert to the availability of the services offered by cloud. DDoS attacks use numerous machines to flood consumers with packets with high data overhead, flooding the network with unwanted traffic. Due to the obsolete datasets, many deep learning (DL) models are processing-intensive or may not successfully address new DDoS threats. This paper seeks to address this issue by proposing FEwDN, an AI-based DDoS detection framework that employs a hybrid approach, integrating machine learning and deep learning algorithms. The framework optimizes feature selection via ensemble techniques, enhancing accuracy by leveraging deep neural networks for traffic classification. The proposed framework is experimented on the CICDDoS2019 dataset and demonstrates superior performance over benchmark techniques across multiple metrics. The FEwDN outperforms well with other models against various performance metrics. This research strengthens cloud security and DDoS detection in modern clouds.KEYWORDS: Cloud computingDDoS attacksdeep learning techniquesmachine learning Disclosure statementNo potential conflict of interest was reported by the authors.
{"title":"An AI Based IDS Framework For Detecting DDoS Attacks In Cloud Environment","authors":"S. Asha Varma, K. Ganesh Reddy","doi":"10.1080/19393555.2023.2279535","DOIUrl":"https://doi.org/10.1080/19393555.2023.2279535","url":null,"abstract":"ABSTRACTCloud computing makes it easier for users to access resources from anywhere at any time. This is for as long as they have access to the internet connectivity by employing a “pay-as-you-use” model. Despite its merits, cloud computing faces shortcomings, notably the escalating security concerns linked with it. Distributed Denial of Service (DDoS) attack is a primary and biggest concert to the availability of the services offered by cloud. DDoS attacks use numerous machines to flood consumers with packets with high data overhead, flooding the network with unwanted traffic. Due to the obsolete datasets, many deep learning (DL) models are processing-intensive or may not successfully address new DDoS threats. This paper seeks to address this issue by proposing FEwDN, an AI-based DDoS detection framework that employs a hybrid approach, integrating machine learning and deep learning algorithms. The framework optimizes feature selection via ensemble techniques, enhancing accuracy by leveraging deep neural networks for traffic classification. The proposed framework is experimented on the CICDDoS2019 dataset and demonstrates superior performance over benchmark techniques across multiple metrics. The FEwDN outperforms well with other models against various performance metrics. This research strengthens cloud security and DDoS detection in modern clouds.KEYWORDS: Cloud computingDDoS attacksdeep learning techniquesmachine learning Disclosure statementNo potential conflict of interest was reported by the authors.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"57 2","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135092868","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-10-16DOI: 10.1080/19393555.2023.2268608
Salifu Yusif, Abdul Hafeez-Baig, Charles Anachanser
ABSTRACTThis study aims to uncover the challenges of Internet governing bodies to inform a trajectory for better cybersecurity governance and policy formulation. Using a systematic literature review approach, we found that the struggle for dominancy/power for the Internet continues to overshadow the calls for multi-stakeholder/multilateralism given 35 (47.3%) of the total (74) reviewed papers focused on varied issues and overlaps. The power-driven nature of the numerous Internet governing bodies against 14 (20%) of the total included studies calling for some form of the global representative body, including public health, if the quest for “.health” was to be successful. Another 23(21) (34%) were concerned over the implications of the problem of Internet governance on cybersecurity in general. The study also found that as the Internet and its governance issues offload the privacy and security burden and supervision concerns characterized the telecommunications are heightened in the context of social awareness in cyberspace, cybersecurity has become necessary with businesses and the government spending much time and resources to combat cyber-attacks, majority of which are inter-jurisdictional.KEYWORDS: CybersecuritycyberspaceInternetInternet governancemulti-stakeholder/multilateral Disclosure statementNo potential conflict of interest was reported by the author(s).Notes1. Repeated papers – papers that had more than one theme.
{"title":"Internet governance and cyber-security: a systematic literature review","authors":"Salifu Yusif, Abdul Hafeez-Baig, Charles Anachanser","doi":"10.1080/19393555.2023.2268608","DOIUrl":"https://doi.org/10.1080/19393555.2023.2268608","url":null,"abstract":"ABSTRACTThis study aims to uncover the challenges of Internet governing bodies to inform a trajectory for better cybersecurity governance and policy formulation. Using a systematic literature review approach, we found that the struggle for dominancy/power for the Internet continues to overshadow the calls for multi-stakeholder/multilateralism given 35 (47.3%) of the total (74) reviewed papers focused on varied issues and overlaps. The power-driven nature of the numerous Internet governing bodies against 14 (20%) of the total included studies calling for some form of the global representative body, including public health, if the quest for “.health” was to be successful. Another 23(21) (34%) were concerned over the implications of the problem of Internet governance on cybersecurity in general. The study also found that as the Internet and its governance issues offload the privacy and security burden and supervision concerns characterized the telecommunications are heightened in the context of social awareness in cyberspace, cybersecurity has become necessary with businesses and the government spending much time and resources to combat cyber-attacks, majority of which are inter-jurisdictional.KEYWORDS: CybersecuritycyberspaceInternetInternet governancemulti-stakeholder/multilateral Disclosure statementNo potential conflict of interest was reported by the author(s).Notes1. Repeated papers – papers that had more than one theme.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136143089","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-10-06DOI: 10.1080/19393555.2023.2260800
Mojtaba Goodarzi, Ziba Eslami, Nasrollah Pakniat
ABSTRACTIn Eurocrypt’96, the concept of Designated Verifier Signature was proposed. Such signatures can only be verified by a single designated verifier specified during signature creation. However, there exist situations in which the signer, as well as the designated verifier, should be equipped with the ability to check the validity of the signature. At the same time, either of them should be able to help third parties to verify the signature. This is achieved by Directed Signature Schemes. In this paper, we consider directed signatures in the certificateless cryptography setting and propose an efficient pairing-free certificateless directed signature (CLDS) scheme. Then, we prove that the proposed CLDS scheme meets the needed security requirements in the random oracle model and under the assumption of the hardness of discrete logarithm and Gap Diffie-Hellman problems. We also compare the proposed scheme with the related ones to indicate the overall superiority of the proposed CLDS scheme.KEYWORDS: Certificateless cryptographydesignated verifierdigital signaturedirected signaturepairing-free Disclosure statementNo potential conflict of interest was reported by the author(s).
{"title":"Certificateless directed signature scheme without bilinear pairing","authors":"Mojtaba Goodarzi, Ziba Eslami, Nasrollah Pakniat","doi":"10.1080/19393555.2023.2260800","DOIUrl":"https://doi.org/10.1080/19393555.2023.2260800","url":null,"abstract":"ABSTRACTIn Eurocrypt’96, the concept of Designated Verifier Signature was proposed. Such signatures can only be verified by a single designated verifier specified during signature creation. However, there exist situations in which the signer, as well as the designated verifier, should be equipped with the ability to check the validity of the signature. At the same time, either of them should be able to help third parties to verify the signature. This is achieved by Directed Signature Schemes. In this paper, we consider directed signatures in the certificateless cryptography setting and propose an efficient pairing-free certificateless directed signature (CLDS) scheme. Then, we prove that the proposed CLDS scheme meets the needed security requirements in the random oracle model and under the assumption of the hardness of discrete logarithm and Gap Diffie-Hellman problems. We also compare the proposed scheme with the related ones to indicate the overall superiority of the proposed CLDS scheme.KEYWORDS: Certificateless cryptographydesignated verifierdigital signaturedirected signaturepairing-free Disclosure statementNo potential conflict of interest was reported by the author(s).","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"115 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-10-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135351180","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-10-03DOI: 10.1080/19393555.2023.2260818
Alec Wells, Aminu Bello Usman
Biometric technology has various applications in smart healthcare systems, including patient authentication, health monitoring, telemedicine, clinical decision support, and personalized care. In addition, medical records contain sensitive and personal information, making them vulnerable to unauthorized access and theft. Because biometric data is distinct and unchangeable, unlike passwords or PINs, using biometric technologies in smart healthcare systems creates privacy problems. This creates privacy concerns as this information is highly sensitive and can be used to identify an individual, making it a valuable target for malicious actors. Subsequently, the storage and use of biometric data in smart healthcare systems must be handled with care to ensure that individuals’ privacy rights are protected. Privacy by design is a concept that emphasizes the importance of incorporating privacy considerations into the design and development of products, services, and systems. In this paper, we presented different forms of biometric factors and technologies and their applications in the smart healthcare system to enhance security and privacy in relation to principles of privacy by design. In addition, the study analyzed a variety of attacks and techniques that can be utilized to compromise biometric technology in a smart healthcare system and presented some open research questions.
{"title":"Privacy and biometrics for smart healthcare systems: attacks, and techniques","authors":"Alec Wells, Aminu Bello Usman","doi":"10.1080/19393555.2023.2260818","DOIUrl":"https://doi.org/10.1080/19393555.2023.2260818","url":null,"abstract":"Biometric technology has various applications in smart healthcare systems, including patient authentication, health monitoring, telemedicine, clinical decision support, and personalized care. In addition, medical records contain sensitive and personal information, making them vulnerable to unauthorized access and theft. Because biometric data is distinct and unchangeable, unlike passwords or PINs, using biometric technologies in smart healthcare systems creates privacy problems. This creates privacy concerns as this information is highly sensitive and can be used to identify an individual, making it a valuable target for malicious actors. Subsequently, the storage and use of biometric data in smart healthcare systems must be handled with care to ensure that individuals’ privacy rights are protected. Privacy by design is a concept that emphasizes the importance of incorporating privacy considerations into the design and development of products, services, and systems. In this paper, we presented different forms of biometric factors and technologies and their applications in the smart healthcare system to enhance security and privacy in relation to principles of privacy by design. In addition, the study analyzed a variety of attacks and techniques that can be utilized to compromise biometric technology in a smart healthcare system and presented some open research questions.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135743606","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-07-28DOI: 10.1080/19393555.2023.2240343
Kazi Zakia Sultana, Vaibhav Anu, Tai-Yin Chong
{"title":"Using software metrics for predicting vulnerable classes in java and python based systems","authors":"Kazi Zakia Sultana, Vaibhav Anu, Tai-Yin Chong","doi":"10.1080/19393555.2023.2240343","DOIUrl":"https://doi.org/10.1080/19393555.2023.2240343","url":null,"abstract":"","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133780123","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: