In recent years, it has been observed that disclosure of information leads to the risk. Without restrict the accessibility of information providing security is difficult. So, there is a demand of time to fill the gap between security and accessibility of information. In fact, security tools should be usable for improving the security as well as the accessibility of information. Though security and accessibility are not related directly, but some of their factors indirectly affect each other. Attributes play an important role in connecting the gap among security and accessibility. In this paper, finds the main attributes of security and accessibility that impact directly and indirectly each other such as confidentiality, integrity and availability and severity. The significance of every attribute in terms of their weight is important for their effect on the overall security during the big data security life cycle process. To calculate proposed work, researchers used the Fuzzy Analytic Hierarchy Process (Fuzzy AHP).
{"title":"Information Security Assessment in Big Data Environment using Fuzzy Logic","authors":"Kanika Sharma, A. Shankar, Prabhishek Singh","doi":"10.54216/jcim.050103","DOIUrl":"https://doi.org/10.54216/jcim.050103","url":null,"abstract":"In recent years, it has been observed that disclosure of information leads to the risk. Without restrict the accessibility of information providing security is difficult. So, there is a demand of time to fill the gap between security and accessibility of information. In fact, security tools should be usable for improving the security as well as the accessibility of information. Though security and accessibility are not related directly, but some of their factors indirectly affect each other. Attributes play an important role in connecting the gap among security and accessibility. In this paper, finds the main attributes of security and accessibility that impact directly and indirectly each other such as confidentiality, integrity and availability and severity. The significance of every attribute in terms of their weight is important for their effect on the overall security during the big data security life cycle process. To calculate proposed work, researchers used the Fuzzy Analytic Hierarchy Process (Fuzzy AHP).","PeriodicalId":169383,"journal":{"name":"Journal of Cybersecurity and Information Management","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131939234","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Gurpreet Singh, Divyanshi Kaushik, Hritik Handa, Gagandeep Kaur, Sunil K. Chawla, Ahmed A. Elngar
Due to emerging technological developments, major enhancements are taking place in the area of a secure and quick transaction. BioPay being a secure payment method is a one-step ahead. In the proposed methodology, there is no involvement of any credit or debit card or any other account information like OTP or CVV; it solely depends upon some unique identifying characteristic of a human known as biometrics. This work proposes a novel method that allows users to complete transactions quickly and securely using face and finger recognition. The transaction initiates with scanning face features and matching it with the database which in turn retrieves all the information associated with that customer account. After that, the system will scan the fingerprints of the subject and verify the transaction. This methodology can be implemented in ATMs and smartphones resulting in enhanced security and flexibility for payment purposes.
{"title":"BioPay: A Secure Payment Gateway through Biometrics","authors":"Gurpreet Singh, Divyanshi Kaushik, Hritik Handa, Gagandeep Kaur, Sunil K. Chawla, Ahmed A. Elngar","doi":"10.54216/jcim.070202","DOIUrl":"https://doi.org/10.54216/jcim.070202","url":null,"abstract":"Due to emerging technological developments, major enhancements are taking place in the area of a secure and quick transaction. BioPay being a secure payment method is a one-step ahead. In the proposed methodology, there is no involvement of any credit or debit card or any other account information like OTP or CVV; it solely depends upon some unique identifying characteristic of a human known as biometrics. This work proposes a novel method that allows users to complete transactions quickly and securely using face and finger recognition. The transaction initiates with scanning face features and matching it with the database which in turn retrieves all the information associated with that customer account. After that, the system will scan the fingerprints of the subject and verify the transaction. This methodology can be implemented in ATMs and smartphones resulting in enhanced security and flexibility for payment purposes.","PeriodicalId":169383,"journal":{"name":"Journal of Cybersecurity and Information Management","volume":"70 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126558658","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The transmission and storage of digital data raises serious security concerns as information technology evolves at a breakneck pace. To ensure the safety of the transferred data, security methods must be put in place. Encrypting an image is a method of protecting sensitive data by converting it into an unrecognizable format. The procedure includes access control, privacy, validation, and copyright protection. Cryptography, steganography, and watermarking are three distinct methods to prevent unauthorized access to digital data. Of these three methods, cryptography has emerged as one of the most important ways to ensure complete safety. Therefore, a secure and efficient cipher algorithm is required for trustworthy communication. In this work, we offer a practical Secured Asymmetric Image Cipher (SAIC) Algorithm for encrypting images with a secret key of arbitrary length. At first, the KG algorithm creates two unique keys. Both the encryption and decryption processes require a key. The experimental results reveal that the encrypted image lacks the original image's independence (NPCR 99.89%, UACI 36.89%). The suggested approach has a high encryption rate, can be implemented easily, and is computationally secure. The reproduced data validates the safety and practicability of the proposed architecture.
{"title":"An Improved Analysis of Secured Permutation and Substitution based Image Encryption","authors":"V. Goel, Amit Goyal","doi":"10.54216/jcim.120103","DOIUrl":"https://doi.org/10.54216/jcim.120103","url":null,"abstract":"The transmission and storage of digital data raises serious security concerns as information technology evolves at a breakneck pace. To ensure the safety of the transferred data, security methods must be put in place. Encrypting an image is a method of protecting sensitive data by converting it into an unrecognizable format. The procedure includes access control, privacy, validation, and copyright protection. Cryptography, steganography, and watermarking are three distinct methods to prevent unauthorized access to digital data. Of these three methods, cryptography has emerged as one of the most important ways to ensure complete safety. Therefore, a secure and efficient cipher algorithm is required for trustworthy communication. In this work, we offer a practical Secured Asymmetric Image Cipher (SAIC) Algorithm for encrypting images with a secret key of arbitrary length. At first, the KG algorithm creates two unique keys. Both the encryption and decryption processes require a key. The experimental results reveal that the encrypted image lacks the original image's independence (NPCR 99.89%, UACI 36.89%). The suggested approach has a high encryption rate, can be implemented easily, and is computationally secure. The reproduced data validates the safety and practicability of the proposed architecture.","PeriodicalId":169383,"journal":{"name":"Journal of Cybersecurity and Information Management","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115928728","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A. Admin, Harikrishna Chavhan2, Vikas Chumber3, Vikrant Sharma4
Before Internet of things, visit or meet a doctor is based on the appointments, by tele and text communication and also interaction with patient and doctors are limited. IoMT enables medical devices remote monitoring, unleash the possibility for patients to keep safe and healthy, also made easy for physicians to deliver excellent care for patients. The capability of IoT or IoMT in infectious disease control a network of interconnected systems and Artificial intelligence, Data analytics and using omnipresent connectivity in all these networks based upon real time data can help to provide an early warning system to restraint the spread of Pandemic like situation (Covid-19 corona virus, Ebola virus, Hanta Virus etc.) and it also help in healthcare monitoring and treatment services.
{"title":"A Study of Internet of Medical Things (IoMT) Used in Pandemic Covid-19 For Healthcare Monitoring Services","authors":"A. Admin, Harikrishna Chavhan2, Vikas Chumber3, Vikrant Sharma4","doi":"10.54216/jcim.050201","DOIUrl":"https://doi.org/10.54216/jcim.050201","url":null,"abstract":"Before Internet of things, visit or meet a doctor is based on the appointments, by tele and text communication and also interaction with patient and doctors are limited. IoMT enables medical devices remote monitoring, unleash the possibility for patients to keep safe and healthy, also made easy for physicians to deliver excellent care for patients. The capability of IoT or IoMT in infectious disease control a network of interconnected systems and Artificial intelligence, Data analytics and using omnipresent connectivity in all these networks based upon real time data can help to provide an early warning system to restraint the spread of Pandemic like situation (Covid-19 corona virus, Ebola virus, Hanta Virus etc.) and it also help in healthcare monitoring and treatment services.","PeriodicalId":169383,"journal":{"name":"Journal of Cybersecurity and Information Management","volume":"447 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115280371","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Keeping a proper level of task dependency throughout the scheduling process is critical to achieving the aim of decreasing the make-span rate in Internet of Health Things (IoHT) projects. We provide a smart model strategy for effective task scheduling in the IoHT environment for e-healthcare systems by merging hybrid moth flame optimisation (HMFO) with cloud computing. The HMFO algorithm guarantees that all available resources are distributed evenly, resulting in improved quality of service (QoS). We study the Google cluster dataset to learn about the scheduling behaviours of cloud-based jobs in order to train our model. After training, an HMFO model may be used to plan activities in real time. To assess the success of our strategy, we run simulations in the CloudSim environment, taking into account crucial parameters such as resource utilisation, reaction time, and energy consumption. According to a comparative analysis, our hybrid HMFO system surpasses the alternatives in terms of reaction time, average run duration, and cost savings. Our method has proven to be effective due to the favourable effects it has had on response rates, prices, and run times. Combining IoT and cloud computing has the potential to improve healthcare delivery in a variety of ways. One unique strategy we offer for scheduling IOHT jobs is to combine a deep neural network (DNN) algorithm with the MFO technique. Job scheduling in electronic healthcare systems can be optimised with the help of our hybrid MFO-DNN algorithm by taking into account a variety of different objectives, the most important of which are lowering response times while improving resource utilisation and maintaining consistent load balances. The MFO approach searches the search space and provides early solutions, while the DNN algorithm refines and improves those first findings. In comprehensive simulations conducted in a real-world hospital setting, the hybrid MFO-DNN technique outperformed existing scheduling algorithms in terms of reaction time, resource utilisation, and load balancing. The simulated healthcare environments were as true to life as was feasible. The suggested technique has been demonstrated to be both dependable and scalable, making it appropriate for use in large-scale IOHT deployments. This study considerably enhances the state of the art in IOHT task scheduling in E healthcare systems by developing a hybrid optimisation technique that takes advantage of the strengths of both MFO and DNN. The findings indicate that this strategy has the potential to improve the quality and efficiency of healthcare delivery, which helps patients receive care that is both effective and timely.
{"title":"Improved Method for Enhanced Quality of Service in IoHT Task Dependency Optimization","authors":"R. Doewes, Preeti Saini","doi":"10.54216/jcim.120202","DOIUrl":"https://doi.org/10.54216/jcim.120202","url":null,"abstract":"Keeping a proper level of task dependency throughout the scheduling process is critical to achieving the aim of decreasing the make-span rate in Internet of Health Things (IoHT) projects. We provide a smart model strategy for effective task scheduling in the IoHT environment for e-healthcare systems by merging hybrid moth flame optimisation (HMFO) with cloud computing. The HMFO algorithm guarantees that all available resources are distributed evenly, resulting in improved quality of service (QoS). We study the Google cluster dataset to learn about the scheduling behaviours of cloud-based jobs in order to train our model. After training, an HMFO model may be used to plan activities in real time. To assess the success of our strategy, we run simulations in the CloudSim environment, taking into account crucial parameters such as resource utilisation, reaction time, and energy consumption. According to a comparative analysis, our hybrid HMFO system surpasses the alternatives in terms of reaction time, average run duration, and cost savings. Our method has proven to be effective due to the favourable effects it has had on response rates, prices, and run times. Combining IoT and cloud computing has the potential to improve healthcare delivery in a variety of ways. One unique strategy we offer for scheduling IOHT jobs is to combine a deep neural network (DNN) algorithm with the MFO technique. Job scheduling in electronic healthcare systems can be optimised with the help of our hybrid MFO-DNN algorithm by taking into account a variety of different objectives, the most important of which are lowering response times while improving resource utilisation and maintaining consistent load balances. The MFO approach searches the search space and provides early solutions, while the DNN algorithm refines and improves those first findings. In comprehensive simulations conducted in a real-world hospital setting, the hybrid MFO-DNN technique outperformed existing scheduling algorithms in terms of reaction time, resource utilisation, and load balancing. The simulated healthcare environments were as true to life as was feasible. The suggested technique has been demonstrated to be both dependable and scalable, making it appropriate for use in large-scale IOHT deployments. This study considerably enhances the state of the art in IOHT task scheduling in E healthcare systems by developing a hybrid optimisation technique that takes advantage of the strengths of both MFO and DNN. The findings indicate that this strategy has the potential to improve the quality and efficiency of healthcare delivery, which helps patients receive care that is both effective and timely.","PeriodicalId":169383,"journal":{"name":"Journal of Cybersecurity and Information Management","volume":"87 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115293881","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Medical data has attracted much interest; a quick, lossless, and secure cryptosystem is required for saving and transferring images over open networks while maintaining the image's details. This paper shows how to protect medical images with an encryption method based on hybrid chaotic maps. The proposed hybrid method is constructed to deal with problems like confusion and diffusion with a large key space. The technique uses a mix of different chaos maps for a specific set of control settings. There is a complete explanation of how encryption and decryption operations work. The security analysis results showed that the suggested cryptosystem is safe from statistical, brute force, and differential attacks. Compared to already known methods, the estimated times for encryption and decryption make it likely that the proposed scheme can be applied in real-time applications.
{"title":"An Enhanced Hybrid Chaotic Technique for Protecting Medical Images","authors":"M. Eid, Shaimaa A. Hussien","doi":"10.54216/jcim.100104","DOIUrl":"https://doi.org/10.54216/jcim.100104","url":null,"abstract":"Medical data has attracted much interest; a quick, lossless, and secure cryptosystem is required for saving and transferring images over open networks while maintaining the image's details. This paper shows how to protect medical images with an encryption method based on hybrid chaotic maps. The proposed hybrid method is constructed to deal with problems like confusion and diffusion with a large key space. The technique uses a mix of different chaos maps for a specific set of control settings. There is a complete explanation of how encryption and decryption operations work. The security analysis results showed that the suggested cryptosystem is safe from statistical, brute force, and differential attacks. Compared to already known methods, the estimated times for encryption and decryption make it likely that the proposed scheme can be applied in real-time applications.","PeriodicalId":169383,"journal":{"name":"Journal of Cybersecurity and Information Management","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129092385","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
JSON Web Token (JWT) is a compact and self-contained mechanism, digitally authenticated and trusted, for transmitting data between various parties. They are mainly used for implementing stateless authentication mechanisms. The Open Authorization (OAuth 2.0) implementations are using JWTs for their access tokens. OAuth 2.0 and JWT are used token frameworks or standards for authorizing access to REST APIs because of their statelessness and the signature implementation. The most important cryptographic algorithms were tested namely a symmetric algorithm HS256 (HMAC with SHA-256) and an asymmetric algorithm RS256 (RSA Signature with SHA-256) used to construct JWT for signing token based on several parameters of the speed of generating tokens, the size of tokens, time data transfer tokens and security of tokens against attacks.In this research,we propose an approach used for handling cryptographic key management for signing RS256 tokens to ensure the security of the application's architecture. JWT offer a variety of options to manage keys, the server always needs to verify the validity of the key before trusting it for verify that a JWT implementation is secure.The experimental results show It's better to use the RS256 signature method for handling cryptographic key management for signing tokens to manage a secure JWT Implementation
{"title":"Managing a Secure JSON Web Token Implementation By Handling Cryptographic Key Management for JWT Signature in REST API: : A survey","authors":"A. Admin","doi":"10.54216/jcim.060101","DOIUrl":"https://doi.org/10.54216/jcim.060101","url":null,"abstract":"JSON Web Token (JWT) is a compact and self-contained mechanism, digitally authenticated and trusted, for transmitting data between various parties. They are mainly used for implementing stateless authentication mechanisms. The Open Authorization (OAuth 2.0) implementations are using JWTs for their access tokens. OAuth 2.0 and JWT are used token frameworks or standards for authorizing access to REST APIs because of their statelessness and the signature implementation. The most important cryptographic algorithms were tested namely a symmetric algorithm HS256 (HMAC with SHA-256) and an asymmetric algorithm RS256 (RSA Signature with SHA-256) used to construct JWT for signing token based on several parameters of the speed of generating tokens, the size of tokens, time data transfer tokens and security of tokens against attacks.In this research,we propose an approach used for handling cryptographic key management for signing RS256 tokens to ensure the security of the application's architecture. JWT offer a variety of options to manage keys, the server always needs to verify the validity of the key before trusting it for verify that a JWT implementation is secure.The experimental results show It's better to use the RS256 signature method for handling cryptographic key management for signing tokens to manage a secure JWT Implementation","PeriodicalId":169383,"journal":{"name":"Journal of Cybersecurity and Information Management","volume":"77 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121685661","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A wireless sensor network (WSN) encompasses a massive set of sensors with limited abilities for gathering sensitive data. Since security is a significant issue in WSN, there is a possibility of different types of attacks. In Distributed Denial of Service (DDOS) attack, the malicious node can adapt to several attacks, namely flooding, black hole, warm hole, etc., to interrupt the working of the WSN. The recently developed deep learning (DL) models can effectively detect DDoS attacks in the network. Therefore, this article proposes a heuristic feature selection with a Deep Learning-based DDoS (HFSDL-DDoS) attack detection model in WSN. The proposed HFSDL-DDoS technique intends to identify and categorize the occurrence of DDoS attacks in WSN. In addition, the HFSDL-DDoS technique involves the immune clonal genetic algorithm (ICGA) based feature selection (FS) approach to improve the detection performance. Moreover, a fruit fly algorithm (FFA) with bidirectional long, short-term memory (BiLSTM) based classification model is employed. The experimental analysis of the HFSDL-DDoS technique is performed, and the results are examined interms of several performance measures. The resultant experimental results pointed out the betterment of the HFSDL-DDoS technique over the other techniques.
{"title":"Mitigating DDoS Attacks in Wireless Sensor Networks using Heuristic Feature Selection with Deep Learning Model","authors":"A. R. W. Sait, I. Pustokhina, M. Ilayaraja","doi":"10.54216/jcim.000106","DOIUrl":"https://doi.org/10.54216/jcim.000106","url":null,"abstract":"A wireless sensor network (WSN) encompasses a massive set of sensors with limited abilities for gathering sensitive data. Since security is a significant issue in WSN, there is a possibility of different types of attacks. In Distributed Denial of Service (DDOS) attack, the malicious node can adapt to several attacks, namely flooding, black hole, warm hole, etc., to interrupt the working of the WSN. The recently developed deep learning (DL) models can effectively detect DDoS attacks in the network. Therefore, this article proposes a heuristic feature selection with a Deep Learning-based DDoS (HFSDL-DDoS) attack detection model in WSN. The proposed HFSDL-DDoS technique intends to identify and categorize the occurrence of DDoS attacks in WSN. In addition, the HFSDL-DDoS technique involves the immune clonal genetic algorithm (ICGA) based feature selection (FS) approach to improve the detection performance. Moreover, a fruit fly algorithm (FFA) with bidirectional long, short-term memory (BiLSTM) based classification model is employed. The experimental analysis of the HFSDL-DDoS technique is performed, and the results are examined interms of several performance measures. The resultant experimental results pointed out the betterment of the HFSDL-DDoS technique over the other techniques.","PeriodicalId":169383,"journal":{"name":"Journal of Cybersecurity and Information Management","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122042867","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Faisal A. Garba, Rosemary M. Dima, A. B. Isa, A. Bello, A. Aliyu, F. U. Yarima, S. A. Ibrahim
There is a general assumption that one must purchase costly antivirus software products to defend one’s computer system. However, if one is using the Windows Operating System, the question that arises is whether one needs to purchase antivirus software or not. The Windows operating system has a market share of 31.15% behind Android with a market share of 41.56% worldwide amongst all the operating systems. This makes Windows a prime target for hacking due to its large user base. Windows 11 a recent upgrade to the Windows operating system has claimed to have taken its security to the next level. There is a need to evaluate the capability of the Windows 11 default security against antivirus evasion tools. This research investigated the capability of Windows 11 default security by evaluating it against 6 free and open-source antivirus evasion tools: TheFatRat, Venom, Paygen, Defeat Defender, Inflate and Defender Disabler. The criteria for the selection of the antivirus evasion tools were free and open source and recently updated. A research lab was set up using Oracle VirtualBox where two guest machines were installed: a Windows 11 victim machine and the Kali Linux attacking machine. The antivirus evasion tools were installed on the Kali Linux machine one at a time to generate a malware and pass it to the victim machine. Apache web server was used in holding the malicious sample for the Windows 11 victim machine to download. A score of 2 was awarded to an antivirus evasion tool that successfully evaded the Windows 11 security and created a reverse connection with the attacking machine. From the research results: TheFatRat had a 25% evasion score, Venom had 20% while the rest had a 0% evasion score. None of the payloads generated with the antivirus evasion tools was able to create a connection with the Kali Linux attacking machine. The research results imply that the default Windows 11 security is good enough to stand on its own. A third-party antivirus solution will only supplement the already good protection capability of Windows 11.
{"title":"Re-Evaluating the Necessity of Third-Party Antivirus Software on Windows Operating System","authors":"Faisal A. Garba, Rosemary M. Dima, A. B. Isa, A. Bello, A. Aliyu, F. U. Yarima, S. A. Ibrahim","doi":"10.54216/jcim.090105","DOIUrl":"https://doi.org/10.54216/jcim.090105","url":null,"abstract":"There is a general assumption that one must purchase costly antivirus software products to defend one’s computer system. However, if one is using the Windows Operating System, the question that arises is whether one needs to purchase antivirus software or not. The Windows operating system has a market share of 31.15% behind Android with a market share of 41.56% worldwide amongst all the operating systems. This makes Windows a prime target for hacking due to its large user base. Windows 11 a recent upgrade to the Windows operating system has claimed to have taken its security to the next level. There is a need to evaluate the capability of the Windows 11 default security against antivirus evasion tools. This research investigated the capability of Windows 11 default security by evaluating it against 6 free and open-source antivirus evasion tools: TheFatRat, Venom, Paygen, Defeat Defender, Inflate and Defender Disabler. The criteria for the selection of the antivirus evasion tools were free and open source and recently updated. A research lab was set up using Oracle VirtualBox where two guest machines were installed: a Windows 11 victim machine and the Kali Linux attacking machine. The antivirus evasion tools were installed on the Kali Linux machine one at a time to generate a malware and pass it to the victim machine. Apache web server was used in holding the malicious sample for the Windows 11 victim machine to download. A score of 2 was awarded to an antivirus evasion tool that successfully evaded the Windows 11 security and created a reverse connection with the attacking machine. From the research results: TheFatRat had a 25% evasion score, Venom had 20% while the rest had a 0% evasion score. None of the payloads generated with the antivirus evasion tools was able to create a connection with the Kali Linux attacking machine. The research results imply that the default Windows 11 security is good enough to stand on its own. A third-party antivirus solution will only supplement the already good protection capability of Windows 11.","PeriodicalId":169383,"journal":{"name":"Journal of Cybersecurity and Information Management","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130346710","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Wireless sensor networks (WSN) have been implemented in nearly every field of use because they offer a solution to practical problems that can also be affordably implemented. The sensor nodes have limited computing resources, weak batteries, and limited storage space. The environmental or physical data collected by these nodes is transmitted straight to the BS. The data transfer cost is raised due to the direct data transmission. In addition, the lifetime of sensor networks is shortened because of the rise in energy required for data exchange. As a result, data aggregation is utilized in WSN to lessen the burden of transmission costs and lengthen the useful life of the sensor networks. Each sensor node's transmission is encrypted with cipher text generated by the Paillier homomorphic cryptosystem. In addition, the Bilinear aggregate signature method is used to create a digital signature at each sensor node. The cluster head BS is where the aggregation takes place once the cipher text and signature have been combined. Before deciding whether to accept or reject the message, the BS checks the aggregate signature. The homomorphic cryptosystem saves power because it does not perform intermediate-level or cluster-head decryption. Data integrity, authenticity, and confidentiality are all maintained while using less power with this technology. The Intel laboratory dataset is used in the implementation. When compared to current systems, the proposed SDA method requires less time and energy to calculate.
{"title":"An Upgraded Data Security Based on Homomorphic Encryption and Aggregate Signature Method in Wireless Sensor Network","authors":"Raju Ranjan, Vinay Kumar Ahlawat","doi":"10.54216/jcim.120102","DOIUrl":"https://doi.org/10.54216/jcim.120102","url":null,"abstract":"Wireless sensor networks (WSN) have been implemented in nearly every field of use because they offer a solution to practical problems that can also be affordably implemented. The sensor nodes have limited computing resources, weak batteries, and limited storage space. The environmental or physical data collected by these nodes is transmitted straight to the BS. The data transfer cost is raised due to the direct data transmission. In addition, the lifetime of sensor networks is shortened because of the rise in energy required for data exchange. As a result, data aggregation is utilized in WSN to lessen the burden of transmission costs and lengthen the useful life of the sensor networks. Each sensor node's transmission is encrypted with cipher text generated by the Paillier homomorphic cryptosystem. In addition, the Bilinear aggregate signature method is used to create a digital signature at each sensor node. The cluster head BS is where the aggregation takes place once the cipher text and signature have been combined. Before deciding whether to accept or reject the message, the BS checks the aggregate signature. The homomorphic cryptosystem saves power because it does not perform intermediate-level or cluster-head decryption. Data integrity, authenticity, and confidentiality are all maintained while using less power with this technology. The Intel laboratory dataset is used in the implementation. When compared to current systems, the proposed SDA method requires less time and energy to calculate.","PeriodicalId":169383,"journal":{"name":"Journal of Cybersecurity and Information Management","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132121616","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: